fix: expand token regex to support newer cfut_ format tokens

[Toothless5143]

Problem

Cloudflare recently changed their API token format. New tokens now use a
cfut_ prefix and are 53 characters long, exceeding the previous hard limit
of 50 characters in the regex validator:

var cloudflareTokenRegexp = regexp.MustCompile(`^[A-Za-z0-9_-]{35,50}$`)

This causes Caddy to reject perfectly valid tokens with:

API token 'cfut_xxx' appears invalid; ensure it's correctly entered
and not wrapped in braces nor quotes

Users are forced to either patch the binary themselves or paste the token
directly into the Caddyfile (which is a security risk).

Fix

Expanded the upper bound of cloudflareTokenRegexp from 50 to 70 characters
to accommodate current and future Cloudflare token formats while keeping the
character set validation intact.

Changes

• cloudflare.go — updated regex upper bound from 50 to 70
• cloudflare_test.go — added cfut_ prefixed token to TestValidToken

Testing

Verified working locally with a real cfut_ prefixed token of 53 characters
on Caddy v2.11.2.

[lekoOwO]

mine starts with cfat_

[Toothless5143]

mine starts with cfat_

Cloudflare seems to use different prefixes depending on the token type. The fix to expand the upper bound to 70 characters should cover both formats since the character set remains the same.