✨ feat: implement user authentication system with in-memory SQLite

Implemented complete user authentication system following ADR-0018:

**Core Features:**
- User model with SQLite persistence (in-memory)
- JWT-based authentication with bcrypt hashing
- Admin master password authentication (non-persisted)
- Password reset workflow
- RESTful API endpoints

**API Endpoints:**
- POST /api/v1/auth/register - User registration
- POST /api/v1/auth/login - User login
- POST /api/v1/auth/admin/login - Admin login
- POST /api/v1/auth/password-reset/request - Request password reset
- POST /api/v1/auth/password-reset/complete - Complete password reset

**Technical Implementation:**
- SQLite in-memory database (file::memory:?cache=shared)
- GORM ORM for data access
- JWT with HS256 signing
- Bcrypt password hashing
- Context-aware services
- Interface-based design

**Testing:**
- All BDD tests passing (14 scenarios, 55 steps)
- Unit tests for repository, auth service, password reset
- No regression in existing functionality

**Configuration:**
- JWT secret via config/auth.jwt_secret
- Admin master password via config/auth.admin_master_password
- Environment variables: DLC_AUTH_JWT_SECRET, DLC_AUTH_ADMIN_MASTER_PASSWORD

Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai>

pkg/bdd/testserver/client.go

@@ -139,3 +139,10 @@ func (c *Client) GetLastResponse() *http.Response {
 func (c *Client) GetLastBody() []byte {
 	return c.lastBody
 }
+
+func (c *Client) GetLastStatusCode() int {
+	if c.lastResp == nil {
+		return 0
+	}
+	return c.lastResp.StatusCode
+}