Initial commit: Buildfor Life Budget app

Multi-company budget/project tracking tool built with SvelteKit 5,
PostgreSQL (Drizzle ORM), and Tailwind CSS v4.

Features:
- Auth: local (email/password with Argon2) + generic OIDC
- 4 roles per company: admin, manager, user, viewer
- Multi-company with per-company user membership
- Projects with budget allocation from company pool
- Expense submission with approval workflow
- Categories and tags for expense organization
- Reports with spending breakdowns (by category, project, time)
- CSV import for Actual Budget migration
- Company audit log tracking all budget and admin actions
- Remaining budget hero display on overview and budget pages
- Admin-only company creation; new users wait for invitation
- Deployment configs for systemd + nginx (bare metal/Proxmox)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

src/hooks.server.ts

@@ -0,0 +1,26 @@
+import type { Handle } from '@sveltejs/kit';
+import { validateSession, setSessionCookie } from '$lib/server/auth/index.js';
+
+export const handle: Handle = async ({ event, resolve }) => {
+	const token = event.cookies.get('session');
+
+	if (token) {
+		const { session, user } = await validateSession(token);
+		if (session) {
+			event.locals.user = user;
+			event.locals.session = session;
+			if (session.fresh) {
+				setSessionCookie(event, token, session.expiresAt);
+			}
+		} else {
+			event.locals.user = null;
+			event.locals.session = null;
+			event.cookies.delete('session', { path: '/' });
+		}
+	} else {
+		event.locals.user = null;
+		event.locals.session = null;
+	}
+
+	return resolve(event);
+};