Implement CLI commands and admin API endpoints

- Add bootstrap command with direct DB access for initial setup
- Implement auth login/logout/status CLI commands
- Implement user create/confirm-email CLI commands
- Implement org create/list/add-site CLI commands
- Add admin.orgs.* and admin.users.* API endpoints
- Add password hashing utility with scrypt
- Add token hashing and authentication utility
- Add superuser runtime checks for admin endpoints
- Wrap multi-step operations in transactions
- Fix config file permissions (0o600) for security
- Remove token display from status command
- Add return statements to void handlers
- Add reviq CLI command to devenv

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

apps/api-server/src/context.ts

@@ -34,7 +34,8 @@ export interface SessionUser {
  * Session information
  */
 export interface Session {
-  id: number;
+  /** Session ID (stored as bigint in DB, returned as string) */
+  id: string;
   trustedMode: boolean;
   createdAt: Date;
 }
@@ -58,3 +59,12 @@ export interface LoginRequestContext extends APIContext {
   /** User associated with the login request */
   user: SessionUser;
 }
+
+/**
+ * Superuser context for admin procedures
+ * Requires user to have is_superuser = true
+ */
+export interface SuperuserContext extends AuthenticatedContext {
+  /** User with superuser privileges */
+  user: SessionUser & { isSuperuser: true };
+}