4594ebef84
Add complete user invitation system to enable multi-user tenants. Changes: - Created Invitation domain entity with 7-day expiration - Implemented InviteUserCommand with security validation - Implemented AcceptInvitationCommand (creates user + assigns role) - Implemented GetPendingInvitationsQuery - Implemented CancelInvitationCommand - Added TenantInvitationsController with tenant-scoped endpoints - Added public invitation acceptance endpoint to AuthController - Created database migration for invitations table - Registered InvitationRepository in DI container - Created domain event handlers for audit trail Security Features: - Cannot invite as TenantOwner or AIAgent roles - Cross-tenant validation on all endpoints - Secure token generation and hashing - RequireTenantAdmin policy for invite/list - RequireTenantOwner policy for cancel This UNBLOCKS 3 skipped Day 6 tests (RemoveUserFromTenant). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>