fix: align auth_service with transaction management pattern

Change register_user() to use db.flush() instead of db.commit()
and remove db.rollback() to follow the established architecture:
- Services use flush() for database operations
- Endpoints handle transaction commit
- Exception handlers manage rollback

This resolves SVC-006 architecture violation.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

app/services/auth_service.py

@@ -74,8 +74,7 @@ class AuthService:
             )
 
             db.add(new_user)
-            db.commit()
-            db.refresh(new_user)
+            db.flush()
 
             logger.info(f"New user registered: {new_user.username}")
             return new_user
@@ -83,7 +82,6 @@ class AuthService:
         except UserAlreadyExistsException:
             raise  # Re-raise custom exceptions
         except Exception as e:
-            db.rollback()
             logger.error(f"Error registering user: {str(e)}")
             raise ValidationException("Registration failed")