Add user database migration, core reusable components, and layout structure

cmd/server/main.go

@@ -5,14 +5,15 @@ import (
 	"net/http"
 	"os"
 
+	"github.com/jmoiron/sqlx"
 	"github.com/joho/godotenv"
+	"golang.org/x/crypto/bcrypt"
 	"workorders/internal/api"
 	"workorders/internal/config"
 	"workorders/internal/repository"
 )
 
 func main() {
-	// Load .env if present (ignored in production containers where env is injected)
 	if _, err := os.Stat(".env"); err == nil {
 		if err := godotenv.Load(); err != nil {
 			log.Printf("warning: could not load .env: %v", err)
@@ -33,8 +34,10 @@ func main() {
 		log.Fatalf("migrations: %v", err)
 	}
 
-	log.Printf("fetching JWKS from %s", cfg.JWKSUrl)
-	api.InitJWKS(cfg.JWKSUrl)
+	log.Printf("seeding default admin...")
+	if err := seedAdmin(db, cfg.AdminPassword); err != nil {
+		log.Printf("warning: seed admin: %v", err)
+	}
 
 	r := api.NewRouter(cfg, db)
 
@@ -43,3 +46,22 @@ func main() {
 		log.Fatal(err)
 	}
 }
+
+func seedAdmin(db *sqlx.DB, password string) error {
+	var count int
+	if err := db.Get(&count, "SELECT COUNT(*) FROM users"); err != nil {
+		return err
+	}
+	if count > 0 {
+		return nil
+	}
+	hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	if err != nil {
+		return err
+	}
+	_, err = db.Exec(`
+		INSERT INTO users (username, email, display_name, password_hash, role)
+		VALUES (@p1, @p2, @p3, @p4, 'admin')`,
+		"admin", "admin@workorders.local", "Admin User", string(hash))
+	return err
+}