feat: V2 microservices stack — backend services, gateway, JWT auth

Add full V2 architecture: identity, content, studio (.NET 10) and file,
render, notification, gateway (Go) services with vendored deps, plus DB
migrations, event/API contracts, and an init-db script.

Wire the Next.js frontend to the gateway: server-side JWT auth routes
(login/register/refresh/logout/me), gateway fetch helper, and session/
cookie/jwt helpers under src/lib.

Containerize the stack via docker-compose.v2.yml and per-service
Dockerfiles. Base images resolve through a Nexus mirror (Docker Hub) and
MCR directly; npm/NuGet pull from Nexus groups. Self-host fonts via
next/font/local to avoid Google Fonts (geo-blocked).

Add CI workflow and ignore .env.v2, *.stackdump, and .NET bin/obj.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

services/identity/FlatRender.IdentitySvc/Middleware/ExceptionMiddleware.cs

@@ -0,0 +1,49 @@
+using System.Net;
+using System.Text.Json;
+using FlatRender.IdentitySvc.Models.Responses;
+
+namespace FlatRender.IdentitySvc.Middleware;
+
+public class ExceptionMiddleware(RequestDelegate next, ILogger<ExceptionMiddleware> logger)
+{
+    private static readonly JsonSerializerOptions JsonOptions = new() { PropertyNamingPolicy = JsonNamingPolicy.SnakeCaseLower };
+
+    public async Task InvokeAsync(HttpContext context)
+    {
+        try
+        {
+            await next(context);
+        }
+        catch (Exception ex)
+        {
+            await HandleExceptionAsync(context, ex);
+        }
+    }
+
+    private async Task HandleExceptionAsync(HttpContext context, Exception ex)
+    {
+        var traceId = context.TraceIdentifier;
+
+        var (status, code, message) = ex switch
+        {
+            KeyNotFoundException => (HttpStatusCode.NotFound, "NOT_FOUND", ex.Message),
+            UnauthorizedAccessException => (HttpStatusCode.Unauthorized, "UNAUTHORIZED", ex.Message),
+            InvalidOperationException => (HttpStatusCode.BadRequest, "INVALID_OPERATION", ex.Message),
+            ArgumentException => (HttpStatusCode.BadRequest, "INVALID_ARGUMENT", ex.Message),
+            NotImplementedException => (HttpStatusCode.NotImplemented, "NOT_IMPLEMENTED", ex.Message),
+            _ => (HttpStatusCode.InternalServerError, "INTERNAL_ERROR", "An unexpected error occurred"),
+        };
+
+        if (status == HttpStatusCode.InternalServerError)
+            logger.LogError(ex, "Unhandled exception {TraceId}", traceId);
+
+        context.Response.StatusCode = (int)status;
+        context.Response.ContentType = "application/json";
+
+        var body = JsonSerializer.Serialize(
+            new { error = new ApiError(code, message, null, traceId) },
+            JsonOptions);
+
+        await context.Response.WriteAsync(body);
+    }
+}