feat(auth): implement core service layer (password, JWT, auth, user CRUD)

- error.rs: AuthError with proper HTTP status mapping
- service/password.rs: Argon2 hash/verify with tests
- service/token_service.rs: JWT sign/validate, token DB storage with SHA-256 hash
- service/auth_service.rs: login/refresh/logout flows with event publishing
- service/user_service.rs: user CRUD with soft delete and tenant isolation
- Added sha2 dependency to workspace for token hashing

Cargo.toml

@@ -59,6 +59,9 @@ jsonwebtoken = "9"
 # Password hashing
 argon2 = "0.5"
 
+# Cryptographic hashing (token storage)
+sha2 = "0.10"
+
 # API docs
 utoipa = { version = "5", features = ["axum_extras", "uuid", "chrono"] }
 # utoipa-swagger-ui 需要下载 GitHub 资源，网络受限时暂不使用