feat: document user management system and RBAC implementation

- Update copilot-instructions.md with user model, API routes, and frontend patterns
- Update README.md with RBAC details, user management API, and security sections
- Add user management technical documentation to TECH-CHANGELOG.md
- Bump version to 2025.1.0-alpha.13 with user management changelog entries

models/models.py

@@ -28,6 +28,13 @@ class User(Base):
     password_hash = Column(String(128), nullable=False)
     role = Column(Enum(UserRole), nullable=False, default=UserRole.user)
     is_active = Column(Boolean, default=True, nullable=False)
+    last_login_at = Column(TIMESTAMP(timezone=True), nullable=True)
+    last_password_change_at = Column(TIMESTAMP(timezone=True), nullable=True)
+    last_failed_login_at = Column(TIMESTAMP(timezone=True), nullable=True)
+    failed_login_attempts = Column(Integer, nullable=False, default=0, server_default="0")
+    locked_until = Column(TIMESTAMP(timezone=True), nullable=True)
+    deactivated_at = Column(TIMESTAMP(timezone=True), nullable=True)
+    deactivated_by = Column(Integer, ForeignKey('users.id', ondelete='SET NULL'), nullable=True)
     created_at = Column(TIMESTAMP(timezone=True),
                         server_default=func.current_timestamp())
     updated_at = Column(TIMESTAMP(timezone=True), server_default=func.current_timestamp(