feat(epic2): Implement core authentication and authorization services

- Implement Audit Service (2.5)
  - gRPC server with Record and Query operations
  - Database persistence with audit schema
  - Service registry integration
  - Entry point: cmd/audit-service

- Implement Identity Service (2.2)
  - User CRUD operations
  - Password hashing with argon2id
  - Email verification and password reset flows
  - Entry point: cmd/identity-service
  - Fix package naming conflicts in user_service.go

- Implement Auth Service (2.1)
  - JWT token generation and validation
  - Login, RefreshToken, ValidateToken, Logout RPCs
  - Integration with Identity Service
  - Entry point: cmd/auth-service
  - Note: RefreshToken entity needs Ent generation

- Implement Authz Service (2.3, 2.4)
  - Permission checking and authorization
  - User roles and permissions retrieval
  - RBAC-based authorization
  - Entry point: cmd/authz-service

- Implement gRPC clients for all services
  - Auth, Identity, Authz, and Audit clients
  - Service discovery integration
  - Full gRPC communication

- Add service configurations to config/default.yaml
- Create SUMMARY.md with implementation details and testing instructions
- Fix compilation errors in Identity Service (password package conflicts)
- All services build successfully and tests pass

internal/ent/schema/user.go

@@ -22,10 +22,24 @@ func (User) Fields() []ent.Field {
 		field.String("email").
 			Unique().
 			NotEmpty(),
+		field.String("username").
+			Optional(),
+		field.String("first_name").
+			Optional(),
+		field.String("last_name").
+			Optional(),
 		field.String("password_hash").
 			NotEmpty(),
 		field.Bool("verified").
 			Default(false),
+		field.String("email_verification_token").
+			Optional().
+			Sensitive(),
+		field.String("password_reset_token").
+			Optional().
+			Sensitive(),
+		field.Time("password_reset_expires_at").
+			Optional(),
 		field.Time("created_at").
 			Default(time.Now).
 			Immutable(),