feat: add user management system with roles and permissions

- Introduce SQLite persistence via GORM (stored at <data>/.ushare.db)
- Add Role model with two built-in roles: admin (all perms) and user (upload only)
- Add three permissions: user_manage, upload, token_manage (reserved)
- Rewrite UserManager: DB-backed login with in-memory session tokens
- Auto-seed default roles and admin user on first startup
- Add AuthPermission middleware for fine-grained permission checks
- Add /api/uauth/me endpoint for current session info
- Add /api/admin/* CRUD routes for user and role management
- Add admin console page (/admin) with user table and role permissions view
- Show admin console link in share page for users with user_manage permission

🤖 Generated with [Qoder][https://qoder.com]

internal/model/user.go

@@ -1,10 +1,27 @@
 package model
 
+import "time"
+
+// User is the GORM database model for persistent user storage.
 type User struct {
-	Id       int    `json:"id"`
-	Username string `json:"username"`
-	Key      string `json:"key"`
-	Password string `json:"-"`
-	LoginAt  int64  `json:"login_at"`
-	Token    string `json:"token"`
+	ID        uint      `gorm:"primarykey" json:"id"`
+	Username  string    `gorm:"uniqueIndex;not null" json:"username"`
+	Password  string    `gorm:"not null" json:"-"`
+	RoleID    uint      `gorm:"not null" json:"role_id"`
+	Role      Role      `gorm:"foreignKey:RoleID" json:"role"`
+	Active    bool      `gorm:"default:true" json:"active"`
+	CreatedAt time.Time `json:"created_at"`
+	UpdatedAt time.Time `json:"updated_at"`
+}
+
+// Session is the in-memory representation of an authenticated user.
+// It is created on login and stored in the UserManager session map.
+type Session struct {
+	UserID      uint     `json:"user_id"`
+	Username    string   `json:"username"`
+	Role        string   `json:"role"`
+	RoleLabel   string   `json:"role_label"`
+	Permissions []string `json:"permissions"`
+	LoginAt     int64    `json:"login_at"`
+	Token       string   `json:"token"`
 }