refactor(api): introduce UserContext schema for API dependency injection

Replace direct User database model imports in API endpoints with UserContext
schema, following the architecture principle that API routes should not import
database models directly.

Changes:
- Create UserContext schema in models/schema/auth.py with from_user() factory
- Update app/api/deps.py to return UserContext from all auth dependencies
- Add _get_user_model() helper for functions needing User model access
- Update 58 API endpoint files to use UserContext instead of User
- Add noqa comments for 4 legitimate edge cases (enums, internal helpers)

Architecture validation: 0 errors (down from 61), 11 warnings remain

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

app/api/v1/admin/vendor_domains.py

@@ -18,7 +18,7 @@ from app.api.deps import get_current_admin_api
 from app.core.database import get_db
 from app.services.vendor_domain_service import vendor_domain_service
 from app.services.vendor_service import vendor_service
-from models.database.user import User
+from models.schema.auth import UserContext
 from models.schema.vendor_domain import (
     DomainDeletionResponse,
     DomainVerificationInstructions,
@@ -38,7 +38,7 @@ def add_vendor_domain(
     vendor_id: int = Path(..., description="Vendor ID", gt=0),
     domain_data: VendorDomainCreate = Body(...),
     db: Session = Depends(get_db),
-    current_admin: User = Depends(get_current_admin_api),
+    current_admin: UserContext = Depends(get_current_admin_api),
 ):
     """
     Add a custom domain to vendor (Admin only).
@@ -90,7 +90,7 @@ def add_vendor_domain(
 def list_vendor_domains(
     vendor_id: int = Path(..., description="Vendor ID", gt=0),
     db: Session = Depends(get_db),
-    current_admin: User = Depends(get_current_admin_api),
+    current_admin: UserContext = Depends(get_current_admin_api),
 ):
     """
     List all domains for a vendor (Admin only).
@@ -133,7 +133,7 @@ def list_vendor_domains(
 def get_domain_details(
     domain_id: int = Path(..., description="Domain ID", gt=0),
     db: Session = Depends(get_db),
-    current_admin: User = Depends(get_current_admin_api),
+    current_admin: UserContext = Depends(get_current_admin_api),
 ):
     """
     Get detailed information about a specific domain (Admin only).
@@ -166,7 +166,7 @@ def update_vendor_domain(
     domain_id: int = Path(..., description="Domain ID", gt=0),
     domain_update: VendorDomainUpdate = Body(...),
     db: Session = Depends(get_db),
-    current_admin: User = Depends(get_current_admin_api),
+    current_admin: UserContext = Depends(get_current_admin_api),
 ):
     """
     Update domain settings (Admin only).
@@ -209,7 +209,7 @@ def update_vendor_domain(
 def delete_vendor_domain(
     domain_id: int = Path(..., description="Domain ID", gt=0),
     db: Session = Depends(get_db),
-    current_admin: User = Depends(get_current_admin_api),
+    current_admin: UserContext = Depends(get_current_admin_api),
 ):
     """
     Delete a custom domain (Admin only).
@@ -237,7 +237,7 @@ def delete_vendor_domain(
 def verify_domain_ownership(
     domain_id: int = Path(..., description="Domain ID", gt=0),
     db: Session = Depends(get_db),
-    current_admin: User = Depends(get_current_admin_api),
+    current_admin: UserContext = Depends(get_current_admin_api),
 ):
     """
     Verify domain ownership via DNS TXT record (Admin only).
@@ -279,7 +279,7 @@ def verify_domain_ownership(
 def get_domain_verification_instructions(
     domain_id: int = Path(..., description="Domain ID", gt=0),
     db: Session = Depends(get_db),
-    current_admin: User = Depends(get_current_admin_api),
+    current_admin: UserContext = Depends(get_current_admin_api),
 ):
     """
     Get DNS verification instructions for domain (Admin only).