Add utils package with Web Crypto password hashing

- Create @reviq/utils package with PBKDF2-SHA256 password hashing
  compatible with Cloudflare Workers (uses crypto.subtle)
- Update api-server and CLI to use new utils package for consistent
  password hashing format across the codebase
- Add pino logging to api-server for better request debugging
- Make login request tokens cryptographically secure base58 strings
  instead of database IDs
- Add migration to make login_requests.token non-nullable with unique
  constraint
- Fix RPCLink URL construction for client-side API calls
- Add db:codegen script to root package.json

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

packages/db-schema/src/types.ts

@@ -10,7 +10,11 @@ export type Generated<T> =
     ? ColumnType<S, I | undefined, U>
     : ColumnType<T, T | undefined, T>;
 
-export type Int8 = ColumnType<string, bigint | number | string>;
+export type Int8 = ColumnType<
+  string,
+  bigint | number | string,
+  bigint | number | string
+>;
 
 export type Json = JsonValue;
 
@@ -28,7 +32,7 @@ export type OrgRole = "admin" | "member" | "owner";
 
 export type PasskeyDeviceType = "multiDevice" | "singleDevice";
 
-export type Timestamp = ColumnType<Date, Date | string>;
+export type Timestamp = ColumnType<Date, Date | string, Date | string>;
 
 export interface ApiTokens {
   created_at: Generated<Timestamp>;
@@ -59,7 +63,7 @@ export interface LoginRequests {
   id: Generated<Int8>;
   ip_address: string | null;
   region: string | null;
-  token: string | null;
+  token: string;
   user_agent: string | null;
   user_id: number;
 }