feat: auth service + security audit fixes + cleanup legacy services

Major changes:
- Add auth-svc: JWT auth, register/login/refresh, password reset
- Add auth UI: modals, pages (/login, /register, /forgot-password)
- Add usage tracking (usage_metrics table, daily limits)
- Add tiered rate limiting (free/pro/business)
- Add LLM usage limits per tier

Security fixes:
- All repos now require userID for Update/Delete operations
- JWT middleware in chat-svc, llm-svc, agent-svc, discover-svc
- ErrNotFound/ErrForbidden errors for proper access control

Cleanup:
- Remove legacy TypeScript services/ directory
- Remove computer-svc (to be reimplemented)
- Remove old deploy/docker configs

New files:
- backend/cmd/auth-svc/main.go
- backend/internal/auth/{types,repository}.go
- backend/internal/usage/{types,repository}.go
- backend/pkg/middleware/{llm_limits,ratelimit_tiered}.go
- backend/webui/src/components/auth/*
- backend/webui/src/app/(auth)/*

Made-with: Cursor

backend/cmd/file-svc/main.go

@@ -161,7 +161,7 @@ func main() {
 				return
 			}
 
-			fileRepo.UpdateExtractedText(ctx, uploadedFile.ID, result.ExtractedText)
+			fileRepo.UpdateExtractedText(ctx, uploadedFile.ID, result.ExtractedText, uploadedFile.UserID)
 		}()
 
 		return c.Status(201).JSON(fiber.Map{
@@ -260,7 +260,7 @@ func main() {
 			return c.Status(500).JSON(fiber.Map{"error": "Analysis failed: " + err.Error()})
 		}
 
-		fileRepo.UpdateExtractedText(c.Context(), fileID, result.ExtractedText)
+		fileRepo.UpdateExtractedText(c.Context(), fileID, result.ExtractedText, userID)
 
 		return c.JSON(result)
 	})
@@ -284,7 +284,10 @@ func main() {
 
 		fileAnalyzer.DeleteFile(file.StoragePath)
 
-		if err := fileRepo.Delete(c.Context(), fileID); err != nil {
+		if err := fileRepo.Delete(c.Context(), fileID, userID); err != nil {
+			if err == db.ErrNotFound {
+				return c.Status(404).JSON(fiber.Map{"error": "File not found"})
+			}
 			return c.Status(500).JSON(fiber.Map{"error": "Failed to delete file"})
 		}