Hash volunteer passwords

Description: This PR updates the /get_volunteers route to ensure all volunteer passwords are securely hashed. If a password is not already hashed, the system will hash it with bcrypt, update it in the database, and return the hashed value. This prevents plain-text passwords from ever being exposed.

Type of Change:

Bug Fix (replaces plain-text storage with secure hashed values)

Testing:

Tested on desktop (API response checked via Postman) Tested on mobile

Screenshots (if applicable):

Checklist:

Code follows project style guidelines

Self-review completed

No console errors

TypeScript types are correct (not applicable here, Node/Express used)