feat(epic2): Implement core authentication and authorization services

- Implement Audit Service (2.5)
  - gRPC server with Record and Query operations
  - Database persistence with audit schema
  - Service registry integration
  - Entry point: cmd/audit-service

- Implement Identity Service (2.2)
  - User CRUD operations
  - Password hashing with argon2id
  - Email verification and password reset flows
  - Entry point: cmd/identity-service
  - Fix package naming conflicts in user_service.go

- Implement Auth Service (2.1)
  - JWT token generation and validation
  - Login, RefreshToken, ValidateToken, Logout RPCs
  - Integration with Identity Service
  - Entry point: cmd/auth-service
  - Note: RefreshToken entity needs Ent generation

- Implement Authz Service (2.3, 2.4)
  - Permission checking and authorization
  - User roles and permissions retrieval
  - RBAC-based authorization
  - Entry point: cmd/authz-service

- Implement gRPC clients for all services
  - Auth, Identity, Authz, and Audit clients
  - Service discovery integration
  - Full gRPC communication

- Add service configurations to config/default.yaml
- Create SUMMARY.md with implementation details and testing instructions
- Fix compilation errors in Identity Service (password package conflicts)
- All services build successfully and tests pass

internal/ent/auditlog_create.go

@@ -20,9 +20,9 @@ type AuditLogCreate struct {
 	hooks    []Hook
 }
 
-// SetActorID sets the "actor_id" field.
-func (_c *AuditLogCreate) SetActorID(v string) *AuditLogCreate {
-	_c.mutation.SetActorID(v)
+// SetUserID sets the "user_id" field.
+func (_c *AuditLogCreate) SetUserID(v string) *AuditLogCreate {
+	_c.mutation.SetUserID(v)
 	return _c
 }
 
@@ -32,16 +32,58 @@ func (_c *AuditLogCreate) SetAction(v string) *AuditLogCreate {
 	return _c
 }
 
-// SetTargetID sets the "target_id" field.
-func (_c *AuditLogCreate) SetTargetID(v string) *AuditLogCreate {
-	_c.mutation.SetTargetID(v)
+// SetResource sets the "resource" field.
+func (_c *AuditLogCreate) SetResource(v string) *AuditLogCreate {
+	_c.mutation.SetResource(v)
 	return _c
 }
 
-// SetNillableTargetID sets the "target_id" field if the given value is not nil.
-func (_c *AuditLogCreate) SetNillableTargetID(v *string) *AuditLogCreate {
+// SetNillableResource sets the "resource" field if the given value is not nil.
+func (_c *AuditLogCreate) SetNillableResource(v *string) *AuditLogCreate {
 	if v != nil {
-		_c.SetTargetID(*v)
+		_c.SetResource(*v)
+	}
+	return _c
+}
+
+// SetResourceID sets the "resource_id" field.
+func (_c *AuditLogCreate) SetResourceID(v string) *AuditLogCreate {
+	_c.mutation.SetResourceID(v)
+	return _c
+}
+
+// SetNillableResourceID sets the "resource_id" field if the given value is not nil.
+func (_c *AuditLogCreate) SetNillableResourceID(v *string) *AuditLogCreate {
+	if v != nil {
+		_c.SetResourceID(*v)
+	}
+	return _c
+}
+
+// SetIPAddress sets the "ip_address" field.
+func (_c *AuditLogCreate) SetIPAddress(v string) *AuditLogCreate {
+	_c.mutation.SetIPAddress(v)
+	return _c
+}
+
+// SetNillableIPAddress sets the "ip_address" field if the given value is not nil.
+func (_c *AuditLogCreate) SetNillableIPAddress(v *string) *AuditLogCreate {
+	if v != nil {
+		_c.SetIPAddress(*v)
+	}
+	return _c
+}
+
+// SetUserAgent sets the "user_agent" field.
+func (_c *AuditLogCreate) SetUserAgent(v string) *AuditLogCreate {
+	_c.mutation.SetUserAgent(v)
+	return _c
+}
+
+// SetNillableUserAgent sets the "user_agent" field if the given value is not nil.
+func (_c *AuditLogCreate) SetNillableUserAgent(v *string) *AuditLogCreate {
+	if v != nil {
+		_c.SetUserAgent(*v)
 	}
 	return _c
 }
@@ -115,12 +157,12 @@ func (_c *AuditLogCreate) defaults() {
 
 // check runs all checks and user-defined validators on the builder.
 func (_c *AuditLogCreate) check() error {
-	if _, ok := _c.mutation.ActorID(); !ok {
-		return &ValidationError{Name: "actor_id", err: errors.New(`ent: missing required field "AuditLog.actor_id"`)}
+	if _, ok := _c.mutation.UserID(); !ok {
+		return &ValidationError{Name: "user_id", err: errors.New(`ent: missing required field "AuditLog.user_id"`)}
 	}
-	if v, ok := _c.mutation.ActorID(); ok {
-		if err := auditlog.ActorIDValidator(v); err != nil {
-			return &ValidationError{Name: "actor_id", err: fmt.Errorf(`ent: validator failed for field "AuditLog.actor_id": %w`, err)}
+	if v, ok := _c.mutation.UserID(); ok {
+		if err := auditlog.UserIDValidator(v); err != nil {
+			return &ValidationError{Name: "user_id", err: fmt.Errorf(`ent: validator failed for field "AuditLog.user_id": %w`, err)}
 		}
 	}
 	if _, ok := _c.mutation.Action(); !ok {
@@ -169,17 +211,29 @@ func (_c *AuditLogCreate) createSpec() (*AuditLog, *sqlgraph.CreateSpec) {
 		_node.ID = id
 		_spec.ID.Value = id
 	}
-	if value, ok := _c.mutation.ActorID(); ok {
-		_spec.SetField(auditlog.FieldActorID, field.TypeString, value)
-		_node.ActorID = value
+	if value, ok := _c.mutation.UserID(); ok {
+		_spec.SetField(auditlog.FieldUserID, field.TypeString, value)
+		_node.UserID = value
 	}
 	if value, ok := _c.mutation.Action(); ok {
 		_spec.SetField(auditlog.FieldAction, field.TypeString, value)
 		_node.Action = value
 	}
-	if value, ok := _c.mutation.TargetID(); ok {
-		_spec.SetField(auditlog.FieldTargetID, field.TypeString, value)
-		_node.TargetID = value
+	if value, ok := _c.mutation.Resource(); ok {
+		_spec.SetField(auditlog.FieldResource, field.TypeString, value)
+		_node.Resource = value
+	}
+	if value, ok := _c.mutation.ResourceID(); ok {
+		_spec.SetField(auditlog.FieldResourceID, field.TypeString, value)
+		_node.ResourceID = value
+	}
+	if value, ok := _c.mutation.IPAddress(); ok {
+		_spec.SetField(auditlog.FieldIPAddress, field.TypeString, value)
+		_node.IPAddress = value
+	}
+	if value, ok := _c.mutation.UserAgent(); ok {
+		_spec.SetField(auditlog.FieldUserAgent, field.TypeString, value)
+		_node.UserAgent = value
 	}
 	if value, ok := _c.mutation.Metadata(); ok {
 		_spec.SetField(auditlog.FieldMetadata, field.TypeJSON, value)