feat: auth service + security audit fixes + cleanup legacy services

Major changes:
- Add auth-svc: JWT auth, register/login/refresh, password reset
- Add auth UI: modals, pages (/login, /register, /forgot-password)
- Add usage tracking (usage_metrics table, daily limits)
- Add tiered rate limiting (free/pro/business)
- Add LLM usage limits per tier

Security fixes:
- All repos now require userID for Update/Delete operations
- JWT middleware in chat-svc, llm-svc, agent-svc, discover-svc
- ErrNotFound/ErrForbidden errors for proper access control

Cleanup:
- Remove legacy TypeScript services/ directory
- Remove computer-svc (to be reimplemented)
- Remove old deploy/docker configs

New files:
- backend/cmd/auth-svc/main.go
- backend/internal/auth/{types,repository}.go
- backend/internal/usage/{types,repository}.go
- backend/pkg/middleware/{llm_limits,ratelimit_tiered}.go
- backend/webui/src/components/auth/*
- backend/webui/src/app/(auth)/*

Made-with: Cursor

backend/cmd/chat-svc/main.go

@@ -16,6 +16,7 @@ import (
 	"github.com/gofiber/fiber/v2/middleware/cors"
 	"github.com/gofiber/fiber/v2/middleware/logger"
 	"github.com/gooseek/backend/pkg/config"
+	"github.com/gooseek/backend/pkg/middleware"
 )
 
 type ChatRequest struct {
@@ -93,7 +94,13 @@ func main() {
 		})
 	})
 
-	app.Post("/api/v1/chat", func(c *fiber.Ctx) error {
+	chat := app.Group("/api/v1/chat", middleware.JWT(middleware.JWTConfig{
+		Secret:     cfg.JWTSecret,
+		AuthSvcURL: cfg.AuthSvcURL,
+		AllowGuest: false,
+	}))
+
+	chat.Post("/", func(c *fiber.Ctx) error {
 		var req ChatRequest
 		if err := c.BodyParser(&req); err != nil {
 			return c.Status(400).JSON(fiber.Map{"error": "Invalid request body"})