feat(auth): implement Auth module with register, login, JWT, guards, and CQRS

- Add RefreshToken and OAuthAccount models to Prisma schema
- Implement clean architecture: domain (entities, VOs, events, repo interfaces),
  infrastructure (Prisma repos, Passport strategies, token service),
  application (CQRS command/query handlers), presentation (controller, guards, DTOs)
- Endpoints: POST /auth/register, /auth/login, /auth/refresh, GET /auth/profile,
  GET /auth/profile/agent, PATCH /auth/kyc
- JWT access + refresh token rotation with family-based revocation
- Role-based guards (BUYER, SELLER, AGENT, ADMIN)
- 16 unit tests (value objects, entity) + integration test suite
- All 80 tests passing, clean TypeScript build

Co-Authored-By: Paperclip <noreply@paperclip.ing>

apps/api/src/modules/auth/domain/events/agent-verified.event.ts

@@ -0,0 +1,11 @@
+import { type DomainEvent } from '@modules/shared/domain/domain-event';
+
+export class AgentVerifiedEvent implements DomainEvent {
+  readonly eventName = 'agent.verified';
+  readonly occurredAt = new Date();
+
+  constructor(
+    public readonly aggregateId: string,
+    public readonly userId: string,
+  ) {}
+}

apps/api/src/modules/auth/domain/events/index.ts

@@ -0,0 +1,2 @@
+export { UserRegisteredEvent } from './user-registered.event';
+export { AgentVerifiedEvent } from './agent-verified.event';

apps/api/src/modules/auth/domain/events/user-registered.event.ts

@@ -0,0 +1,13 @@
+import { type DomainEvent } from '@modules/shared/domain/domain-event';
+import { type UserRole } from '@prisma/client';
+
+export class UserRegisteredEvent implements DomainEvent {
+  readonly eventName = 'user.registered';
+  readonly occurredAt = new Date();
+
+  constructor(
+    public readonly aggregateId: string,
+    public readonly phone: string,
+    public readonly role: UserRole,
+  ) {}
+}