fase(25-26): keyboard shortcuts, mobile responsive, enterprise SSO/audit

- Phase 25.4: N shortcut for new exploration on dashboard (react-hotkeys-hook)
- Phase 25.5: overflow-x-auto on tables, responsive padding (p-4 md:p-6)
- Phase 26: SAML/OIDC/LDAP providers (build-fixed), TOTP/MFA service
- Phase 26: KyselySSOConfigRepository + KyselyTOTPRepository
- Phase 26: SSO HTTP controller (config CRUD + MFA setup/verify/disable)
- Phase 26: Audit module index.ts + SSO module index.ts
- Phase 26: Session management endpoints (findByUserId, deleteById, list/revoke)
- Phase 26: SSO and audit routes feature-gated (auth:sso, audit:logs)
- Phase 26: Frontend SSOSection (SAML/OIDC/LDAP config + TOTP setup)
- Phase 26: Frontend SessionsSection (list/revoke active sessions)
- Phase 26: Settings navigation updated with SSO & Sessions sections

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

src/modules/auth/infrastructure/repositories/KyselySessionRepository.ts

@@ -34,10 +34,31 @@ export class KyselySessionRepository implements ISessionRepository {
     };
   }
 
+  async findByUserId(userId: string): Promise<AuthSession[]> {
+    const rows = await this.db
+      .selectFrom('auth_sessions')
+      .selectAll()
+      .where('user_id', '=', userId)
+      .where('expires_at', '>', Date.now())
+      .orderBy('created_at', 'desc')
+      .execute();
+    return rows.map((row) => ({
+      id: row.id,
+      userId: row.user_id,
+      token: row.token,
+      expiresAt: new Date(row.expires_at),
+      createdAt: new Date(row.created_at),
+    }));
+  }
+
   async deleteByToken(token: string): Promise<void> {
     await this.db.deleteFrom('auth_sessions').where('token', '=', token).execute();
   }
 
+  async deleteById(id: string): Promise<void> {
+    await this.db.deleteFrom('auth_sessions').where('id', '=', id).execute();
+  }
+
   async deleteExpired(): Promise<void> {
     await this.db
       .deleteFrom('auth_sessions')