feat(phase-9): implement MVP polishing and closure

T-032: User management admin panel - backend users router with CRUD, frontend UsersPage with modals

T-033: Audit log viewer - backend audit router with filters/pagination, frontend AuditLogPage

T-034: Global error handling - ErrorBoundary, LoadingSpinner, ErrorMessage, Toast components

T-035: Backend tests - pytest setup with SQLite, tests for health/auth/techniques/tests

T-036: Documentation - Updated README with testing section, created docs/API.md

frontend/src/api/users.ts

@@ -0,0 +1,43 @@
+import client from "./client";
+
+export interface UserOut {
+  id: string;
+  username: string;
+  email: string | null;
+  role: string;
+  is_active: boolean;
+  created_at: string | null;
+  last_login: string | null;
+}
+
+export interface UserCreatePayload {
+  username: string;
+  email?: string;
+  password: string;
+  role: string;
+}
+
+export interface UserUpdatePayload {
+  email?: string;
+  role?: string;
+  is_active?: boolean;
+  password?: string;
+}
+
+/** Fetch all users (admin only). */
+export async function getUsers(): Promise<UserOut[]> {
+  const { data } = await client.get<UserOut[]>("/users");
+  return data;
+}
+
+/** Create a new user (admin only). */
+export async function createUser(payload: UserCreatePayload): Promise<UserOut> {
+  const { data } = await client.post<UserOut>("/users", payload);
+  return data;
+}
+
+/** Update a user (admin only). */
+export async function updateUser(userId: string, payload: UserUpdatePayload): Promise<UserOut> {
+  const { data } = await client.patch<UserOut>(`/users/${userId}`, payload);
+  return data;
+}