feat: implement Iteration 0 foundation (backend + Flutter client)

Backend (Go):
- Project structure with chi router, pgxpool, goose migrations
- JWT auth (access/refresh tokens) with Firebase token verification
- NoopTokenVerifier for local dev without Firebase credentials
- PostgreSQL user repository with atomic profile updates (transactions)
- Mifflin-St Jeor calorie calculation based on profile data
- REST API: POST /auth/login, /auth/refresh, /auth/logout, GET/PUT /profile, GET /health
- Middleware: auth, CORS (localhost wildcard), logging, recovery, request_id
- Unit tests (51 passing) and integration tests (testcontainers)
- Docker Compose setup with postgres healthcheck and graceful shutdown

Flutter client:
- Riverpod state management with GoRouter navigation
- Firebase Auth (email/password + Google sign-in with web popup support)
- Platform-aware API URLs (web/Android/iOS)
- Dio HTTP client with JWT auth interceptor and concurrent refresh handling
- Secure token storage
- Screens: Login, Register, Home (tabs: Menu, Recipes, Products, Profile)
- Unit tests (17 passing)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

client/lib/core/auth/auth_provider.dart

@@ -0,0 +1,160 @@
+import 'package:flutter/foundation.dart';
+import 'package:flutter_riverpod/flutter_riverpod.dart';
+
+import '../../shared/models/user.dart';
+import '../api/api_client.dart';
+import '../config/app_config.dart';
+import 'auth_service.dart';
+import 'secure_storage.dart';
+import 'package:firebase_auth/firebase_auth.dart' as fb;
+
+enum AuthStatus { unknown, authenticated, unauthenticated }
+
+class AuthState {
+  final AuthStatus status;
+  final User? user;
+  final bool isLoading;
+  final String? error;
+
+  const AuthState({
+    this.status = AuthStatus.unknown,
+    this.user,
+    this.isLoading = false,
+    this.error,
+  });
+
+  AuthState copyWith({
+    AuthStatus? status,
+    User? user,
+    bool? isLoading,
+    String? error,
+  }) {
+    return AuthState(
+      status: status ?? this.status,
+      user: user ?? this.user,
+      isLoading: isLoading ?? this.isLoading,
+      error: error,
+    );
+  }
+}
+
+class AuthNotifier extends StateNotifier<AuthState> {
+  final AuthService? _authService;
+
+  AuthNotifier(AuthService authService) : _authService = authService, super(const AuthState()) {
+    _checkAuth();
+  }
+
+  @visibleForTesting
+  AuthNotifier.test(super.initialState)
+      : _authService = null;
+
+  Future<void> _checkAuth() async {
+    final isAuth = await _authService!.isAuthenticated();
+    state = state.copyWith(
+      status: isAuth ? AuthStatus.authenticated : AuthStatus.unauthenticated,
+    );
+  }
+
+  Future<void> signInWithEmail(String email, String password) async {
+    state = state.copyWith(isLoading: true, error: null);
+    try {
+      final user = await _authService!.signInWithEmail(email, password);
+      state = AuthState(
+        status: AuthStatus.authenticated,
+        user: user,
+      );
+    } catch (e) {
+      state = state.copyWith(
+        isLoading: false,
+        error: _mapError(e),
+      );
+    }
+  }
+
+  Future<void> signInWithGoogle() async {
+    state = state.copyWith(isLoading: true, error: null);
+    try {
+      final user = await _authService!.signInWithGoogle();
+      state = AuthState(
+        status: AuthStatus.authenticated,
+        user: user,
+      );
+    } catch (e) {
+      state = state.copyWith(
+        isLoading: false,
+        error: _mapError(e),
+      );
+    }
+  }
+
+  Future<void> register(String email, String password, String name) async {
+    state = state.copyWith(isLoading: true, error: null);
+    try {
+      final user =
+          await _authService!.registerWithEmail(email, password, name);
+      state = AuthState(
+        status: AuthStatus.authenticated,
+        user: user,
+      );
+    } catch (e) {
+      state = state.copyWith(
+        isLoading: false,
+        error: _mapError(e),
+      );
+    }
+  }
+
+  Future<void> signOut() async {
+    await _authService!.signOut();
+    state = const AuthState(status: AuthStatus.unauthenticated);
+  }
+
+  String _mapError(dynamic e) {
+    if (e is fb.FirebaseAuthException) {
+      switch (e.code) {
+        case 'wrong-password':
+        case 'user-not-found':
+          return 'Неверный email или пароль';
+        case 'email-already-in-use':
+          return 'Email уже зарегистрирован';
+        case 'weak-password':
+          return 'Пароль слишком простой';
+        case 'invalid-email':
+          return 'Некорректный email';
+        default:
+          return 'Ошибка авторизации: ${e.message}';
+      }
+    }
+    return 'Произошла ошибка. Попробуйте позже.';
+  }
+}
+
+final appConfigProvider = Provider<AppConfig>((ref) {
+  return AppConfig.development;
+});
+
+final secureStorageProvider = Provider<SecureStorageService>((ref) {
+  return SecureStorageService();
+});
+
+final apiClientProvider = Provider<ApiClient>((ref) {
+  final config = ref.read(appConfigProvider);
+  final storage = ref.read(secureStorageProvider);
+  return ApiClient(
+    baseUrl: config.apiBaseUrl,
+    storage: storage,
+  );
+});
+
+final authServiceProvider = Provider<AuthService>((ref) {
+  return AuthService(
+    firebaseAuth: fb.FirebaseAuth.instance,
+    apiClient: ref.read(apiClientProvider),
+    storage: ref.read(secureStorageProvider),
+  );
+});
+
+final authProvider = StateNotifierProvider<AuthNotifier, AuthState>((ref) {
+  return AuthNotifier(ref.read(authServiceProvider));
+});