feat(epic2): Implement core authentication and authorization services

- Implement Audit Service (2.5)
  - gRPC server with Record and Query operations
  - Database persistence with audit schema
  - Service registry integration
  - Entry point: cmd/audit-service

- Implement Identity Service (2.2)
  - User CRUD operations
  - Password hashing with argon2id
  - Email verification and password reset flows
  - Entry point: cmd/identity-service
  - Fix package naming conflicts in user_service.go

- Implement Auth Service (2.1)
  - JWT token generation and validation
  - Login, RefreshToken, ValidateToken, Logout RPCs
  - Integration with Identity Service
  - Entry point: cmd/auth-service
  - Note: RefreshToken entity needs Ent generation

- Implement Authz Service (2.3, 2.4)
  - Permission checking and authorization
  - User roles and permissions retrieval
  - RBAC-based authorization
  - Entry point: cmd/authz-service

- Implement gRPC clients for all services
  - Auth, Identity, Authz, and Audit clients
  - Service discovery integration
  - Full gRPC communication

- Add service configurations to config/default.yaml
- Create SUMMARY.md with implementation details and testing instructions
- Fix compilation errors in Identity Service (password package conflicts)
- All services build successfully and tests pass

internal/ent/migrate/schema.go

@@ -11,9 +11,12 @@ var (
 	// AuditLogsColumns holds the columns for the "audit_logs" table.
 	AuditLogsColumns = []*schema.Column{
 		{Name: "id", Type: field.TypeString, Unique: true},
-		{Name: "actor_id", Type: field.TypeString},
+		{Name: "user_id", Type: field.TypeString},
 		{Name: "action", Type: field.TypeString},
-		{Name: "target_id", Type: field.TypeString, Nullable: true},
+		{Name: "resource", Type: field.TypeString, Nullable: true},
+		{Name: "resource_id", Type: field.TypeString, Nullable: true},
+		{Name: "ip_address", Type: field.TypeString, Nullable: true},
+		{Name: "user_agent", Type: field.TypeString, Nullable: true},
 		{Name: "metadata", Type: field.TypeJSON, Nullable: true},
 		{Name: "timestamp", Type: field.TypeTime},
 	}
@@ -24,25 +27,30 @@ var (
 		PrimaryKey: []*schema.Column{AuditLogsColumns[0]},
 		Indexes: []*schema.Index{
 			{
-				Name:    "auditlog_actor_id",
+				Name:    "auditlog_user_id",
 				Unique:  false,
 				Columns: []*schema.Column{AuditLogsColumns[1]},
 			},
 			{
-				Name:    "auditlog_target_id",
+				Name:    "auditlog_resource_id",
 				Unique:  false,
-				Columns: []*schema.Column{AuditLogsColumns[3]},
+				Columns: []*schema.Column{AuditLogsColumns[4]},
 			},
 			{
 				Name:    "auditlog_timestamp",
 				Unique:  false,
-				Columns: []*schema.Column{AuditLogsColumns[5]},
+				Columns: []*schema.Column{AuditLogsColumns[8]},
 			},
 			{
 				Name:    "auditlog_action",
 				Unique:  false,
 				Columns: []*schema.Column{AuditLogsColumns[2]},
 			},
+			{
+				Name:    "auditlog_resource",
+				Unique:  false,
+				Columns: []*schema.Column{AuditLogsColumns[3]},
+			},
 		},
 	}
 	// PermissionsColumns holds the columns for the "permissions" table.
@@ -113,8 +121,14 @@ var (
 	UsersColumns = []*schema.Column{
 		{Name: "id", Type: field.TypeString, Unique: true},
 		{Name: "email", Type: field.TypeString, Unique: true},
+		{Name: "username", Type: field.TypeString, Nullable: true},
+		{Name: "first_name", Type: field.TypeString, Nullable: true},
+		{Name: "last_name", Type: field.TypeString, Nullable: true},
 		{Name: "password_hash", Type: field.TypeString},
 		{Name: "verified", Type: field.TypeBool, Default: false},
+		{Name: "email_verification_token", Type: field.TypeString, Nullable: true},
+		{Name: "password_reset_token", Type: field.TypeString, Nullable: true},
+		{Name: "password_reset_expires_at", Type: field.TypeTime, Nullable: true},
 		{Name: "created_at", Type: field.TypeTime},
 		{Name: "updated_at", Type: field.TypeTime},
 	}