docs: add implementation plan, ADRs, and task tracking system

- Add comprehensive 8-phase implementation plan (docs/plan.md)
- Add 28 Architecture Decision Records (docs/adr/) covering all phases
- Add task tracking system with 283+ task files (docs/stories/)
- Add task generator script for automated task file creation
- Add reference playbooks and requirements documentation

This commit establishes the complete planning foundation for the Go
Platform implementation, documenting all architectural decisions and
providing detailed task breakdown for Phases 0-8.

docs/stories/phase2/2.1.1-install-githubcomgolang-jwtjwtv5.md

@@ -0,0 +1,40 @@
+# Task 2.1.1: Install `github.com/golang-jwt/jwt/v5`
+
+## Metadata
+- **Task ID**: 2.1.1
+- **Title**: Install `github.com/golang-jwt/jwt/v5`
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.1
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Install `github.com/golang-jwt/jwt/v5`
+
+## Requirements
+- Install `github.com/golang-jwt/jwt/v5`
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.1.1 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.1.2-create-pkgauthauthgo-interfaces.md

@@ -0,0 +1,56 @@
+# Task 2.1.2: Create `pkg/auth/auth.go` interfaces:
+
+## Metadata
+- **Task ID**: 2.1.2
+- **Title**: Create `pkg/auth/auth.go` interfaces:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.1
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Create `pkg/auth/auth.go` interfaces:
+
+## Requirements
+- Create `pkg/auth/auth.go` interfaces:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.1.2 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+
+
+## Code Reference
+
+```go
+type Authenticator interface {
+      GenerateToken(userID string, roles []string, tenantID string) (string, error)
+      VerifyToken(token string) (*TokenClaims, error)
+  }
+  
+  type TokenClaims struct {
+      UserID   string
+      Roles    []string
+      TenantID string
+      ExpiresAt time.Time
+  }
+```

docs/stories/phase2/2.1.3-implement-internalauthjwt_authgo.md

@@ -0,0 +1,40 @@
+# Task 2.1.3: Implement `internal/auth/jwt_auth.go`:
+
+## Metadata
+- **Task ID**: 2.1.3
+- **Title**: Implement `internal/auth/jwt_auth.go`:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.1
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Implement `internal/auth/jwt_auth.go`:
+
+## Requirements
+- Implement `internal/auth/jwt_auth.go`:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.1.3 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.1.4-create-internalauthmiddlewarego.md

@@ -0,0 +1,40 @@
+# Task 2.1.4: Create `internal/auth/middleware.go`:
+
+## Metadata
+- **Task ID**: 2.1.4
+- **Title**: Create `internal/auth/middleware.go`:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.1
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Create `internal/auth/middleware.go`:
+
+## Requirements
+- Create `internal/auth/middleware.go`:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.1.4 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.1.5-add-login-endpoint-post-apiv1authlogin.md

@@ -0,0 +1,40 @@
+# Task 2.1.5: Add login endpoint: `POST /api/v1/auth/login`
+
+## Metadata
+- **Task ID**: 2.1.5
+- **Title**: Add login endpoint: `POST /api/v1/auth/login`
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.1
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Add login endpoint: `POST /api/v1/auth/login`
+
+## Requirements
+- Add login endpoint: `POST /api/v1/auth/login`
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.1.5 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.1.6-add-refresh-endpoint-post-apiv1authrefresh.md

@@ -0,0 +1,40 @@
+# Task 2.1.6: Add refresh endpoint: `POST /api/v1/auth/refresh`
+
+## Metadata
+- **Task ID**: 2.1.6
+- **Title**: Add refresh endpoint: `POST /api/v1/auth/refresh`
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.1
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Add refresh endpoint: `POST /api/v1/auth/refresh`
+
+## Requirements
+- Add refresh endpoint: `POST /api/v1/auth/refresh`
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.1.6 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.2.1-create-pkgidentityidentitygo-interfaces.md

@@ -0,0 +1,59 @@
+# Task 2.2.1: Create `pkg/identity/identity.go` interfaces:
+
+## Metadata
+- **Task ID**: 2.2.1
+- **Title**: Create `pkg/identity/identity.go` interfaces:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.2
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Create `pkg/identity/identity.go` interfaces:
+
+## Requirements
+- Create `pkg/identity/identity.go` interfaces:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.2.1 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+
+
+## Code Reference
+
+```go
+type UserRepository interface {
+      FindByID(ctx context.Context, id string) (*User, error)
+      FindByEmail(ctx context.Context, email string) (*User, error)
+      Create(ctx context.Context, u *User) error
+      Update(ctx context.Context, u *User) error
+      Delete(ctx context.Context, id string) error
+  }
+  
+  type UserService interface {
+      Register(ctx context.Context, email, password string) (*User, error)
+      VerifyEmail(ctx context.Context, token string) error
+      ResetPassword(ctx context.Context, email string) error
+      ChangePassword(ctx context.Context, userID, oldPassword, newPassword string) error
+  }
+```

docs/stories/phase2/2.2.2-implement-internalidentityuser_repogo-using-ent.md

@@ -0,0 +1,40 @@
+# Task 2.2.2: Implement `internal/identity/user_repo.go` using Ent:
+
+## Metadata
+- **Task ID**: 2.2.2
+- **Title**: Implement `internal/identity/user_repo.go` using Ent:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.2
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Implement `internal/identity/user_repo.go` using Ent:
+
+## Requirements
+- Implement `internal/identity/user_repo.go` using Ent:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.2.2 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.2.3-implement-internalidentityuser_servicego.md

@@ -0,0 +1,40 @@
+# Task 2.2.3: Implement `internal/identity/user_service.go`:
+
+## Metadata
+- **Task ID**: 2.2.3
+- **Title**: Implement `internal/identity/user_service.go`:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.2
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Implement `internal/identity/user_service.go`:
+
+## Requirements
+- Implement `internal/identity/user_service.go`:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.2.3 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.2.4-add-endpoints.md

@@ -0,0 +1,40 @@
+# Task 2.2.4: Add endpoints:
+
+## Metadata
+- **Task ID**: 2.2.4
+- **Title**: Add endpoints:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.2
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Add endpoints:
+
+## Requirements
+- Add endpoints:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.2.4 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.3.1-create-pkgpermpermgo.md

@@ -0,0 +1,59 @@
+# Task 2.3.1: Create `pkg/perm/perm.go`:
+
+## Metadata
+- **Task ID**: 2.3.1
+- **Title**: Create `pkg/perm/perm.go`:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.3
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Create `pkg/perm/perm.go`:
+
+## Requirements
+- Create `pkg/perm/perm.go`:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.3.1 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+
+
+## Code Reference
+
+```go
+type Permission string
+  
+  // Core permissions
+  var (
+      SystemHealthCheck Permission = "system.health.check"
+      UserCreate        Permission = "user.create"
+      UserRead          Permission = "user.read"
+      UserUpdate        Permission = "user.update"
+      UserDelete        Permission = "user.delete"
+      RoleCreate        Permission = "role.create"
+      RoleRead          Permission = "role.read"
+      RoleUpdate        Permission = "role.update"
+      RoleDelete        Permission = "role.delete"
+  )
+```

docs/stories/phase2/2.3.2-create-pkgpermresolvergo-interface.md

@@ -0,0 +1,49 @@
+# Task 2.3.2: Create `pkg/perm/resolver.go` interface:
+
+## Metadata
+- **Task ID**: 2.3.2
+- **Title**: Create `pkg/perm/resolver.go` interface:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.3
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Create `pkg/perm/resolver.go` interface:
+
+## Requirements
+- Create `pkg/perm/resolver.go` interface:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.3.2 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+
+
+## Code Reference
+
+```go
+type PermissionResolver interface {
+      HasPermission(ctx context.Context, userID string, perm Permission) (bool, error)
+      GetUserPermissions(ctx context.Context, userID string) ([]Permission, error)
+  }
+```

docs/stories/phase2/2.3.3-implement-internalpermin_memory_resolvergo.md

@@ -0,0 +1,40 @@
+# Task 2.3.3: Implement `internal/perm/in_memory_resolver.go`:
+
+## Metadata
+- **Task ID**: 2.3.3
+- **Title**: Implement `internal/perm/in_memory_resolver.go`:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.3
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Implement `internal/perm/in_memory_resolver.go`:
+
+## Requirements
+- Implement `internal/perm/in_memory_resolver.go`:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.3.3 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.3.4-create-pkgauthauthzgo-interface.md

@@ -0,0 +1,48 @@
+# Task 2.3.4: Create `pkg/auth/authz.go` interface:
+
+## Metadata
+- **Task ID**: 2.3.4
+- **Title**: Create `pkg/auth/authz.go` interface:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.3
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Create `pkg/auth/authz.go` interface:
+
+## Requirements
+- Create `pkg/auth/authz.go` interface:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.3.4 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+
+
+## Code Reference
+
+```go
+type Authorizer interface {
+      Authorize(ctx context.Context, perm Permission) error
+  }
+```

docs/stories/phase2/2.3.5-implement-internalauthrbac_authorizergo.md

@@ -0,0 +1,40 @@
+# Task 2.3.5: Implement `internal/auth/rbac_authorizer.go`:
+
+## Metadata
+- **Task ID**: 2.3.5
+- **Title**: Implement `internal/auth/rbac_authorizer.go`:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.3
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Implement `internal/auth/rbac_authorizer.go`:
+
+## Requirements
+- Implement `internal/auth/rbac_authorizer.go`:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.3.5 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.3.6-create-authorization-middleware.md

@@ -0,0 +1,40 @@
+# Task 2.3.6: Create authorization middleware:
+
+## Metadata
+- **Task ID**: 2.3.6
+- **Title**: Create authorization middleware:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.3
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Create authorization middleware:
+
+## Requirements
+- Create authorization middleware:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.3.6 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.4.1-create-internalidentityrole_repogo.md

@@ -0,0 +1,40 @@
+# Task 2.4.1: Create `internal/identity/role_repo.go`:
+
+## Metadata
+- **Task ID**: 2.4.1
+- **Title**: Create `internal/identity/role_repo.go`:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.4
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Create `internal/identity/role_repo.go`:
+
+## Requirements
+- Create `internal/identity/role_repo.go`:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.4.1 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.4.2-add-endpoints.md

@@ -0,0 +1,40 @@
+# Task 2.4.2: Add endpoints:
+
+## Metadata
+- **Task ID**: 2.4.2
+- **Title**: Add endpoints:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.4
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Add endpoints:
+
+## Requirements
+- Add endpoints:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.4.2 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.5.1-create-pkgauditauditgo-interface.md

@@ -0,0 +1,55 @@
+# Task 2.5.1: Create `pkg/audit/audit.go` interface:
+
+## Metadata
+- **Task ID**: 2.5.1
+- **Title**: Create `pkg/audit/audit.go` interface:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.5
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Create `pkg/audit/audit.go` interface:
+
+## Requirements
+- Create `pkg/audit/audit.go` interface:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.5.1 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+
+
+## Code Reference
+
+```go
+type Auditor interface {
+      Record(ctx context.Context, act AuditAction) error
+  }
+  
+  type AuditAction struct {
+      ActorID  string
+      Action   string
+      TargetID string
+      Metadata map[string]any
+  }
+```

docs/stories/phase2/2.5.2-implement-internalauditent_auditorgo.md

@@ -0,0 +1,40 @@
+# Task 2.5.2: Implement `internal/audit/ent_auditor.go`:
+
+## Metadata
+- **Task ID**: 2.5.2
+- **Title**: Implement `internal/audit/ent_auditor.go`:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.5
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Implement `internal/audit/ent_auditor.go`:
+
+## Requirements
+- Implement `internal/audit/ent_auditor.go`:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.5.2 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.5.3-add-audit-middleware.md

@@ -0,0 +1,40 @@
+# Task 2.5.3: Add audit middleware:
+
+## Metadata
+- **Task ID**: 2.5.3
+- **Title**: Add audit middleware:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.5
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Add audit middleware:
+
+## Requirements
+- Add audit middleware:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.5.3 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.5.4-integrate-with-auth-endpoints.md

@@ -0,0 +1,40 @@
+# Task 2.5.4: Integrate with auth endpoints:
+
+## Metadata
+- **Task ID**: 2.5.4
+- **Title**: Integrate with auth endpoints:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.5
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Integrate with auth endpoints:
+
+## Requirements
+- Integrate with auth endpoints:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.5.4 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+

docs/stories/phase2/2.6.1-create-internalseedseedgo.md

@@ -0,0 +1,40 @@
+# Task 2.6.1: Create `internal/seed/seed.go`:
+
+## Metadata
+- **Task ID**: 2.6.1
+- **Title**: Create `internal/seed/seed.go`:
+- **Phase**: 2 - Authentication & Authorization
+- **Section**: 2.6
+- **Status**: Pending
+- **Priority**: High
+- **Estimated Time**: TBD
+- **Dependencies**: TBD
+
+## Description
+Create `internal/seed/seed.go`:
+
+## Requirements
+- Create `internal/seed/seed.go`:
+
+## Implementation Steps
+1. TODO: Add implementation steps
+2. TODO: Add implementation steps
+3. TODO: Add implementation steps
+
+## Acceptance Criteria
+- [ ] Task 2.6.1 is completed
+- [ ] All requirements are met
+- [ ] Code compiles and tests pass
+
+## Related ADRs
+- See relevant ADRs in `docs/adr/`
+
+## Implementation Notes
+- TODO: Add implementation notes
+
+## Testing
+```bash
+# TODO: Add test commands
+go test ./...
+```
+