feat: implement full backend + frontend server detail, settings, and create server pages

Backend:
- Complete FastAPI backend with 42+ REST endpoints (auth, servers, config,
  players, bans, missions, mods, games, system)
- Game adapter architecture with Arma 3 as first-class adapter
- WebSocket real-time events for status, metrics, logs, players
- Background thread system (process monitor, metrics, log tail, RCon poller)
- Fernet encryption for sensitive config fields at rest
- JWT auth with admin/viewer roles, bcrypt password hashing
- SQLite with WAL mode, parameterized queries, migration system
- APScheduler cleanup jobs for logs, metrics, events

Frontend:
- Server Detail page with 7 tabs (overview, config, players, bans,
  missions, mods, logs)
- Settings page with password change and admin user management
- Create Server wizard (4-step; known bug: silent validation failure)
- New hooks: useServerDetail, useAuth, useGames
- New components: ServerHeader, ConfigEditor, PlayerTable, BanTable,
  MissionList, ModList, LogViewer, PasswordChange, UserManager
- WebSocket onEvent callback for real-time log accumulation
- 120 unit tests passing (Vitest + React Testing Library)

Docs:
- Added .gitignore, CLAUDE.md, README.md
- Updated FRONTEND.md, ARCHITECTURE.md with current implementation state
- Added .env.example for backend configuration

Known issues:
- Create Server form: "Next" buttons don't validate before advancing,
  causing silent submit failure when fields are invalid
- Config sub-tabs need UX redesign for non-technical users

backend/core/auth/router.py

@@ -0,0 +1,77 @@
+from typing import Annotated
+
+from fastapi import APIRouter, Depends, Request
+from sqlalchemy.engine import Connection
+
+from core.auth.schemas import (
+    ChangePasswordRequest, CreateUserRequest, LoginRequest,
+)
+from core.auth.service import AuthService
+from database import get_db
+from dependencies import get_current_user, require_admin
+
+router = APIRouter(prefix="/auth", tags=["auth"])
+
+# Rate limiter will be attached after main.py is imported
+_limiter = None
+
+
+def _ok(data):
+    return {"success": True, "data": data, "error": None}
+
+
+@router.post("/login")
+def login(
+    request: Request,
+    body: LoginRequest,
+    db: Annotated[Connection, Depends(get_db)],
+):
+    return _ok(AuthService(db).login(body.username, body.password))
+
+
+@router.post("/logout")
+def logout(user: Annotated[dict, Depends(get_current_user)]):
+    # Client-side token deletion. No server-side blacklist.
+    return _ok({"message": "Logged out"})
+
+
+@router.get("/me")
+def me(user: Annotated[dict, Depends(get_current_user)]):
+    return _ok({"id": user["id"], "username": user["username"], "role": user["role"]})
+
+
+@router.put("/password")
+def change_password(
+    body: ChangePasswordRequest,
+    user: Annotated[dict, Depends(get_current_user)],
+    db: Annotated[Connection, Depends(get_db)],
+):
+    AuthService(db).change_password(user["id"], body.current_password, body.new_password)
+    return _ok({"message": "Password changed"})
+
+
+@router.get("/users")
+def list_users(
+    _admin: Annotated[dict, Depends(require_admin)],
+    db: Annotated[Connection, Depends(get_db)],
+):
+    return _ok(AuthService(db).list_users())
+
+
+@router.post("/users", status_code=201)
+def create_user(
+    body: CreateUserRequest,
+    _admin: Annotated[dict, Depends(require_admin)],
+    db: Annotated[Connection, Depends(get_db)],
+):
+    user = AuthService(db).create_user(body.username, body.password, body.role)
+    return _ok(user)
+
+
+@router.delete("/users/{user_id}", status_code=204)
+def delete_user(
+    user_id: int,
+    admin: Annotated[dict, Depends(require_admin)],
+    db: Annotated[Connection, Depends(get_db)],
+):
+    AuthService(db).delete_user(user_id, admin["id"])