fase(25-26): keyboard shortcuts, mobile responsive, enterprise SSO/audit

- Phase 25.4: N shortcut for new exploration on dashboard (react-hotkeys-hook)
- Phase 25.5: overflow-x-auto on tables, responsive padding (p-4 md:p-6)
- Phase 26: SAML/OIDC/LDAP providers (build-fixed), TOTP/MFA service
- Phase 26: KyselySSOConfigRepository + KyselyTOTPRepository
- Phase 26: SSO HTTP controller (config CRUD + MFA setup/verify/disable)
- Phase 26: Audit module index.ts + SSO module index.ts
- Phase 26: Session management endpoints (findByUserId, deleteById, list/revoke)
- Phase 26: SSO and audit routes feature-gated (auth:sso, audit:logs)
- Phase 26: Frontend SSOSection (SAML/OIDC/LDAP config + TOTP setup)
- Phase 26: Frontend SessionsSection (list/revoke active sessions)
- Phase 26: Settings navigation updated with SSO & Sessions sections

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

src/modules/sso/domain/entities/TOTPSecret.ts

@@ -0,0 +1,26 @@
+import { Entity } from '../../../../shared/domain/Entity';
+import { UniqueId } from '../../../../shared/domain/UniqueId';
+
+export interface TOTPSecretProps {
+  userId: string;
+  secret: string;
+  verified: boolean;
+  createdAt: Date;
+}
+
+export class TOTPSecret extends Entity<TOTPSecretProps> {
+  static create(props: TOTPSecretProps, id?: UniqueId): TOTPSecret {
+    return new TOTPSecret(props, id ?? UniqueId.create());
+  }
+
+  static reconstitute(props: TOTPSecretProps, id: UniqueId): TOTPSecret {
+    return new TOTPSecret(props, id);
+  }
+
+  get userId(): string { return this.props.userId; }
+  get secret(): string { return this.props.secret; }
+  get verified(): boolean { return this.props.verified; }
+  get createdAt(): Date { return this.props.createdAt; }
+
+  verify(): void { this.props.verified = true; }
+}