feat: 实现 C 端完整认证系统（client-auth-system）

实现面向个人客户的 7 个认证接口（A1-A7），覆盖资产验证、
微信公众号/小程序登录、手机号绑定/换绑、退出登录完整流程。

主要变更：
- 新增 PersonalCustomerOpenID 模型，支持多 AppID 多 OpenID 管理
- 实现有状态 JWT（JWT + Redis 双重校验），支持服务端主动失效
- 扩展微信 SDK：小程序 Code2Session + 3 个 DB 动态工厂函数
- 实现 A1 资产验证 IP 限流（30/min）和 A4 三层验证码限流
- 新增 7 个错误码（1180-1186）和 6 个 Redis Key 函数
- 注册 /api/c/v1/auth/* 下 7 个端点并更新 OpenAPI 文档
- 数据库迁移 000083：新建 tb_personal_customer_openid 表

internal/bootstrap/services.go

@@ -7,6 +7,7 @@ import (
 	assetAllocationRecordSvc "github.com/break/junhong_cmp_fiber/internal/service/asset_allocation_record"
 	authSvc "github.com/break/junhong_cmp_fiber/internal/service/auth"
 	carrierSvc "github.com/break/junhong_cmp_fiber/internal/service/carrier"
+	clientAuthSvc "github.com/break/junhong_cmp_fiber/internal/service/client_auth"
 	commissionCalculationSvc "github.com/break/junhong_cmp_fiber/internal/service/commission_calculation"
 	commissionStatsSvc "github.com/break/junhong_cmp_fiber/internal/service/commission_stats"
 	commissionWithdrawalSvc "github.com/break/junhong_cmp_fiber/internal/service/commission_withdrawal"
@@ -47,6 +48,7 @@ type services struct {
 	Role                        *roleSvc.Service
 	Permission                  *permissionSvc.Service
 	PersonalCustomer            *personalCustomerSvc.Service
+	ClientAuth                  *clientAuthSvc.Service
 	Shop                        *shopSvc.Service
 	Auth                        *authSvc.Service
 	ShopCommission              *shopCommissionSvc.Service
@@ -102,11 +104,25 @@ func initServices(s *stores, deps *Dependencies) *services {
 	wechatConfig := wechatConfigSvc.New(s.WechatConfig, s.Order, accountAudit, deps.Redis, deps.Logger)
 
 	return &services{
-		Account:                     account,
-		AccountAudit:                accountAudit,
-		Role:                        roleSvc.New(s.Role, s.Permission, s.RolePermission),
-		Permission:                  permissionSvc.New(s.Permission, s.AccountRole, s.RolePermission, account, deps.Redis),
-		PersonalCustomer:            personalCustomerSvc.NewService(s.PersonalCustomer, s.PersonalCustomerPhone, deps.VerificationService, deps.JWTManager, deps.WechatOfficialAccount, deps.Logger),
+		Account:          account,
+		AccountAudit:     accountAudit,
+		Role:             roleSvc.New(s.Role, s.Permission, s.RolePermission),
+		Permission:       permissionSvc.New(s.Permission, s.AccountRole, s.RolePermission, account, deps.Redis),
+		PersonalCustomer: personalCustomerSvc.NewService(s.PersonalCustomer, s.PersonalCustomerPhone, deps.VerificationService, deps.JWTManager, deps.WechatOfficialAccount, deps.Logger),
+		ClientAuth: clientAuthSvc.New(
+			deps.DB,
+			s.PersonalCustomerOpenID,
+			s.PersonalCustomer,
+			s.PersonalCustomerDevice,
+			s.PersonalCustomerPhone,
+			s.IotCard,
+			s.Device,
+			wechatConfig,
+			deps.VerificationService,
+			deps.JWTManager,
+			deps.Redis,
+			deps.Logger,
+		),
 		Shop:                        shopSvc.New(s.Shop, s.Account, s.ShopRole, s.Role, s.AccountRole, s.AgentWallet),
 		Auth:                        authSvc.New(s.Account, s.AccountRole, s.RolePermission, s.Permission, s.Shop, deps.TokenManager, deps.Logger),
 		ShopCommission:              shopCommissionSvc.New(s.Shop, s.Account, s.AgentWallet, s.CommissionWithdrawalRequest, s.CommissionRecord),