Add audit logging for CRUD operations

- Extend audit.service.js with logging functions for projects, todos, companies, time tracking, and auth
- Create audit.controller.js for fetching recent audit logs with user info
- Create audit.routes.js with GET /api/audit-logs endpoint
- Add audit logging to project, todo, company, time-tracking, and auth controllers
- Log create/delete operations for projects, todos, companies
- Log timer start/stop for time tracking
- Log login/logout events

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

src/controllers/auth.controller.js

@@ -3,6 +3,8 @@ import {
   logLoginAttempt,
   logPasswordChange,
   logEmailLink,
+  logLogin,
+  logLogout,
 } from '../services/audit.service.js';
 
 /**
@@ -24,6 +26,7 @@ export const login = async (req, res, next) => {
 
     // Log successful login
     await logLoginAttempt(username, true, ipAddress, userAgent);
+    await logLogin(result.user.id, username, ipAddress, userAgent);
 
     // Nastav cookie s access tokenom (httpOnly, secure)
     res.cookie('accessToken', result.tokens.accessToken, {
@@ -143,6 +146,13 @@ export const skipEmail = async (req, res, next) => {
  */
 export const logout = async (req, res, next) => {
   try {
+    const userId = req.userId;
+    const ipAddress = req.ip || req.connection.remoteAddress;
+    const userAgent = req.headers['user-agent'];
+
+    // Log logout event
+    await logLogout(userId, ipAddress, userAgent);
+
     const result = await authService.logout();
 
     // Vymaž cookies