feat: 完成B端认证系统和商户管理模块测试补全

主要变更：
- 新增B端认证系统（后台+H5）：登录、登出、Token刷新、密码修改
- 完善商户管理和商户账号管理功能
- 补全单元测试（ShopService: 72.5%, ShopAccountService: 79.8%）
- 新增集成测试（商户管理+商户账号管理）
- 归档OpenSpec提案（add-shop-account-management, implement-b-end-auth-system）
- 完善文档（使用指南、API文档、认证架构说明）

测试统计：
- 13个测试套件，37个测试用例，100%通过率
- 平均覆盖率76.2%，达标

OpenSpec验证：通过（strict模式）

internal/handler/h5/auth.go

@@ -0,0 +1,143 @@
+package h5
+
+import (
+	"github.com/break/junhong_cmp_fiber/internal/model"
+	"github.com/break/junhong_cmp_fiber/internal/service/auth"
+	"github.com/break/junhong_cmp_fiber/pkg/errors"
+	"github.com/break/junhong_cmp_fiber/pkg/middleware"
+	"github.com/break/junhong_cmp_fiber/pkg/response"
+	"github.com/go-playground/validator/v10"
+	"github.com/gofiber/fiber/v2"
+)
+
+// AuthHandler H5认证处理器
+type AuthHandler struct {
+	authService *auth.Service
+	validator   *validator.Validate
+}
+
+// NewAuthHandler 创建H5认证处理器
+func NewAuthHandler(authService *auth.Service, validator *validator.Validate) *AuthHandler {
+	return &AuthHandler{
+		authService: authService,
+		validator:   validator,
+	}
+}
+
+// Login H5登录
+func (h *AuthHandler) Login(c *fiber.Ctx) error {
+	var req model.LoginRequest
+	if err := c.BodyParser(&req); err != nil {
+		return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
+	}
+
+	if err := h.validator.Struct(&req); err != nil {
+		return errors.New(errors.CodeInvalidParam, "参数验证失败: "+err.Error())
+	}
+
+	clientIP := c.IP()
+	ctx := c.UserContext()
+
+	resp, err := h.authService.Login(ctx, &req, clientIP)
+	if err != nil {
+		return err
+	}
+
+	return response.Success(c, resp)
+}
+
+// Logout H5登出
+func (h *AuthHandler) Logout(c *fiber.Ctx) error {
+	auth := c.Get("Authorization")
+	accessToken := ""
+	if len(auth) > 7 && auth[:7] == "Bearer " {
+		accessToken = auth[7:]
+	}
+
+	refreshToken := ""
+	var req model.RefreshTokenRequest
+	if err := c.BodyParser(&req); err == nil {
+		refreshToken = req.RefreshToken
+	}
+
+	ctx := c.UserContext()
+
+	if err := h.authService.Logout(ctx, accessToken, refreshToken); err != nil {
+		return err
+	}
+
+	return response.Success(c, nil)
+}
+
+// RefreshToken 刷新访问令牌
+func (h *AuthHandler) RefreshToken(c *fiber.Ctx) error {
+	var req model.RefreshTokenRequest
+	if err := c.BodyParser(&req); err != nil {
+		return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
+	}
+
+	if err := h.validator.Struct(&req); err != nil {
+		return errors.New(errors.CodeInvalidParam, "参数验证失败: "+err.Error())
+	}
+
+	ctx := c.UserContext()
+
+	newAccessToken, err := h.authService.RefreshToken(ctx, req.RefreshToken)
+	if err != nil {
+		return err
+	}
+
+	resp := &model.RefreshTokenResponse{
+		AccessToken: newAccessToken,
+		ExpiresIn:   86400,
+	}
+
+	return response.Success(c, resp)
+}
+
+// GetMe 获取当前用户信息
+func (h *AuthHandler) GetMe(c *fiber.Ctx) error {
+	userID := middleware.GetUserIDFromContext(c.UserContext())
+	if userID == 0 {
+		return errors.New(errors.CodeUnauthorized, "未授权访问")
+	}
+
+	ctx := c.UserContext()
+
+	userInfo, permissions, err := h.authService.GetCurrentUser(ctx, userID)
+	if err != nil {
+		return err
+	}
+
+	data := map[string]interface{}{
+		"user":        userInfo,
+		"permissions": permissions,
+	}
+
+	return response.Success(c, data)
+}
+
+// ChangePassword 修改密码
+func (h *AuthHandler) ChangePassword(c *fiber.Ctx) error {
+	userID := middleware.GetUserIDFromContext(c.UserContext())
+	if userID == 0 {
+		return errors.New(errors.CodeUnauthorized, "未授权访问")
+	}
+
+	var req model.ChangePasswordRequest
+	if err := c.BodyParser(&req); err != nil {
+		return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
+	}
+
+	if err := h.validator.Struct(&req); err != nil {
+		return errors.New(errors.CodeInvalidParam, "参数验证失败: "+err.Error())
+	}
+
+	ctx := c.UserContext()
+
+	if err := h.authService.ChangePassword(ctx, userID, req.OldPassword, req.NewPassword); err != nil {
+		return err
+	}
+
+	return response.Success(c, nil)
+}