feat(auth): add auth middleware for request context injection

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

server/middleware/auth.ts

@@ -0,0 +1,15 @@
+import { verifyAccessToken } from "../service/auth/lib/jwt";
+
+export default defineEventHandler(async (event) => {
+  const accessToken = getHeader(event, "authorization")?.replace("Bearer ", "");
+  if (!accessToken) return;
+
+  const payload = await verifyAccessToken(accessToken);
+  if (payload) {
+    event.context.user = {
+      userId: payload.userId,
+      sessionId: payload.sessionId,
+      role: payload.role,
+    };
+  }
+});