Enhancement: Use `pydantic-settings` secrets feature for maggma credentials

[Andrew-S-Rosen]

We should think about a slightly more secure mechanism for storing database secrets both in Jobflow configuration files. This is specifically referring to maggma-based credentials.

My proposed recommendation is to use the secrets management features of pydantic-settings, as discussed here (also see this page). Of course, there's no way of avoiding storing some credential somewhere, but this seems like a slightly better approach. That way, if someone shares their config file with someone else without thinking (or even posts it on GitHub), their credentials won't be directly exposed.