feat: FASE 1 - Backend Core (modelli, auth, API)

Implementazione completa del backend FastAPI:
- Modelli SQLAlchemy: User, Recipe, RecipeVersion, RecipeTask,
  RecipeSubtask, Measurement, AccessLog, SystemSetting, RecipeVersionAudit
- Schemas Pydantic v2 per tutti i CRUD + statistiche SPC
- Middleware: API Key auth (X-API-Key) con role checking + access logging
- Router: auth, users, recipes, tasks, measurements, files, settings
- Services: auth (bcrypt+secrets), recipe (copy-on-write versioning),
  measurement (auto pass/fail con UTL/UWL/LWL/LTL)
- Alembic env.py con import modelli attivi
- Fix architect review: no double-commit, recipe_id subquery filter,
  user_id in access logs, type annotations corrette

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

server/migrations/env.py

@@ -24,13 +24,13 @@ from database import Base
 # Override alembic.ini URL with .env settings (keep in sync)
 config.set_main_option("sqlalchemy.url", settings.database_url)
 
-# Import all models here so they register with Base.metadata
-# from models.user import User
-# from models.recipe import Recipe, RecipeVersion
-# from models.task import RecipeTask, RecipeSubtask
-# from models.measurement import Measurement
-# from models.access_log import AccessLog
-# from models.setting import SystemSetting
+# Import all models so they register with Base.metadata
+from models.user import User  # noqa: F401
+from models.recipe import Recipe, RecipeVersion  # noqa: F401
+from models.task import RecipeTask, RecipeSubtask  # noqa: F401
+from models.measurement import Measurement  # noqa: F401
+from models.access_log import AccessLog  # noqa: F401
+from models.setting import SystemSetting, RecipeVersionAudit  # noqa: F401
 
 target_metadata = Base.metadata