feat(auth): add unified registration/login module with Zitadel + lint cleanup
- Introduce auth module: handlers, logic, domain/repository/usecase, JWT
middleware, and Zitadel OIDC client (password + authorization code +
userinfo + JWKS verification)
- Wire member rate-limit, structured errors, and refactored member/
notification usecases (introduce shared errors, drop repo_errors.go)
- Bring the codebase to zero golangci-lint issues:
* goimports formatting
* errcheck on io.ReadAll/Unlock cleanup paths
* contextcheck: HandlerContext now takes (ctx, *http.Request)
* gocritic: rename shadowed `max`, use http.NoBody
* goconst: extract test fixtures and bsonOpSet
* testifylint: switch to assert inside httptest handlers
Co-authored-by: Cursor <cursoragent@cursor.com>
713a81f70b