refactor: migrate modules from re-exports to canonical implementations

Move actual code implementations into module directories:
- orders: 5 services, 4 models, order/invoice schemas
- inventory: 3 services, 2 models, 30+ schemas
- customers: 3 services, 2 models, customer schemas
- messaging: 3 services, 2 models, message/notification schemas
- monitoring: background_tasks_service
- marketplace: 5+ services including letzshop submodule
- dev_tools: code_quality_service, test_runner_service
- billing: billing_service
- contracts: definition.py

Legacy files in app/services/, models/database/, models/schema/
now re-export from canonical module locations for backwards
compatibility. Architecture validator passes with 0 errors.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

app/modules/customers/models/__init__.py

@@ -2,14 +2,23 @@
 """
 Customers module database models.
 
-Re-exports customer-related models from their source locations.
+This is the canonical location for customer models. Module models are
+automatically discovered and registered with SQLAlchemy's Base.metadata
+at startup.
+
+Usage:
+    from app.modules.customers.models import (
+        Customer,
+        CustomerAddress,
+        PasswordResetToken,
+    )
 """
 
-from models.database.customer import (
+from app.modules.customers.models.customer import (
     Customer,
     CustomerAddress,
 )
-from models.database.password_reset_token import PasswordResetToken
+from app.modules.customers.models.password_reset_token import PasswordResetToken
 
 __all__ = [
     "Customer",

app/modules/customers/models/customer.py

@@ -0,0 +1,93 @@
+# app/modules/customers/models/customer.py
+"""
+Customer database models.
+
+Provides Customer and CustomerAddress models for vendor-scoped
+customer management.
+"""
+
+from sqlalchemy import (
+    JSON,
+    Boolean,
+    Column,
+    DateTime,
+    ForeignKey,
+    Integer,
+    Numeric,
+    String,
+)
+from sqlalchemy.orm import relationship
+
+from app.core.database import Base
+from models.database.base import TimestampMixin
+
+
+class Customer(Base, TimestampMixin):
+    """Customer model with vendor isolation."""
+
+    __tablename__ = "customers"
+
+    id = Column(Integer, primary_key=True, index=True)
+    vendor_id = Column(Integer, ForeignKey("vendors.id"), nullable=False)
+    email = Column(
+        String(255), nullable=False, index=True
+    )  # Unique within vendor scope
+    hashed_password = Column(String(255), nullable=False)
+    first_name = Column(String(100))
+    last_name = Column(String(100))
+    phone = Column(String(50))
+    customer_number = Column(
+        String(100), nullable=False, index=True
+    )  # Vendor-specific ID
+    preferences = Column(JSON, default=dict)
+    marketing_consent = Column(Boolean, default=False)
+    last_order_date = Column(DateTime)
+    total_orders = Column(Integer, default=0)
+    total_spent = Column(Numeric(10, 2), default=0)
+    is_active = Column(Boolean, default=True, nullable=False)
+
+    # Language preference (NULL = use vendor storefront_language default)
+    # Supported: en, fr, de, lb
+    preferred_language = Column(String(5), nullable=True)
+
+    # Relationships
+    vendor = relationship("Vendor", back_populates="customers")
+    addresses = relationship("CustomerAddress", back_populates="customer")
+    orders = relationship("Order", back_populates="customer")
+
+    def __repr__(self):
+        return f"<Customer(id={self.id}, vendor_id={self.vendor_id}, email='{self.email}')>"
+
+    @property
+    def full_name(self):
+        if self.first_name and self.last_name:
+            return f"{self.first_name} {self.last_name}"
+        return self.email
+
+
+class CustomerAddress(Base, TimestampMixin):
+    """Customer address model for shipping and billing addresses."""
+
+    __tablename__ = "customer_addresses"
+
+    id = Column(Integer, primary_key=True, index=True)
+    vendor_id = Column(Integer, ForeignKey("vendors.id"), nullable=False)
+    customer_id = Column(Integer, ForeignKey("customers.id"), nullable=False)
+    address_type = Column(String(50), nullable=False)  # 'billing', 'shipping'
+    first_name = Column(String(100), nullable=False)
+    last_name = Column(String(100), nullable=False)
+    company = Column(String(200))
+    address_line_1 = Column(String(255), nullable=False)
+    address_line_2 = Column(String(255))
+    city = Column(String(100), nullable=False)
+    postal_code = Column(String(20), nullable=False)
+    country_name = Column(String(100), nullable=False)
+    country_iso = Column(String(5), nullable=False)
+    is_default = Column(Boolean, default=False)
+
+    # Relationships
+    vendor = relationship("Vendor")
+    customer = relationship("Customer", back_populates="addresses")
+
+    def __repr__(self):
+        return f"<CustomerAddress(id={self.id}, customer_id={self.customer_id}, type='{self.address_type}')>"

app/modules/customers/models/password_reset_token.py

@@ -0,0 +1,91 @@
+# app/modules/customers/models/password_reset_token.py
+"""
+Password reset token model for customer accounts.
+
+Security features:
+- Tokens are stored as SHA256 hashes, not plaintext
+- Tokens expire after 1 hour
+- Only one active token per customer (old tokens invalidated on new request)
+"""
+
+import hashlib
+import secrets
+from datetime import datetime, timedelta
+
+from sqlalchemy import Column, DateTime, ForeignKey, Integer, String
+from sqlalchemy.orm import Session, relationship
+
+from app.core.database import Base
+
+
+class PasswordResetToken(Base):
+    """Password reset token for customer accounts."""
+
+    __tablename__ = "password_reset_tokens"
+
+    # Token expiry in hours
+    TOKEN_EXPIRY_HOURS = 1
+
+    id = Column(Integer, primary_key=True, index=True)
+    customer_id = Column(
+        Integer, ForeignKey("customers.id", ondelete="CASCADE"), nullable=False
+    )
+    token_hash = Column(String(64), nullable=False, index=True)
+    expires_at = Column(DateTime, nullable=False)
+    used_at = Column(DateTime, nullable=True)
+    created_at = Column(DateTime, default=datetime.utcnow, nullable=False)
+
+    # Relationships
+    customer = relationship("Customer")
+
+    def __repr__(self):
+        return f"<PasswordResetToken(id={self.id}, customer_id={self.customer_id}, expires_at={self.expires_at})>"
+
+    @staticmethod
+    def hash_token(token: str) -> str:
+        """Hash a token using SHA256."""
+        return hashlib.sha256(token.encode()).hexdigest()
+
+    @classmethod
+    def create_for_customer(cls, db: Session, customer_id: int) -> str:
+        """Create a new password reset token for a customer.
+
+        Invalidates any existing tokens for the customer.
+        Returns the plaintext token (to be sent via email).
+        """
+        # Invalidate existing tokens for this customer
+        db.query(cls).filter(
+            cls.customer_id == customer_id,
+            cls.used_at.is_(None),
+        ).delete()
+
+        # Generate new token
+        plaintext_token = secrets.token_urlsafe(32)
+        token_hash = cls.hash_token(plaintext_token)
+
+        # Create token record
+        token = cls(
+            customer_id=customer_id,
+            token_hash=token_hash,
+            expires_at=datetime.utcnow() + timedelta(hours=cls.TOKEN_EXPIRY_HOURS),
+        )
+        db.add(token)
+        db.flush()
+
+        return plaintext_token
+
+    @classmethod
+    def find_valid_token(cls, db: Session, plaintext_token: str) -> "PasswordResetToken | None":
+        """Find a valid (not expired, not used) token."""
+        token_hash = cls.hash_token(plaintext_token)
+
+        return db.query(cls).filter(
+            cls.token_hash == token_hash,
+            cls.expires_at > datetime.utcnow(),
+            cls.used_at.is_(None),
+        ).first()
+
+    def mark_used(self, db: Session) -> None:
+        """Mark this token as used."""
+        self.used_at = datetime.utcnow()
+        db.flush()