remove default values from user constructors

Forcing every call site to be explicit about admin status and
password eliminates a class of bugs where an unintended
isAdmin=false or empty passwordHash could silently slip through.
The CreateUserTest case that asserted the isAdmin default is
dropped since the default no longer exists.

tests/Unit/Auth/UseCases/CreateSessionTest.php

@@ -36,6 +36,8 @@ class CreateSessionTest extends TestCase
         $this->user = new User(
             id: 7,
             email: new EmailAddress('test@test.com'),
+            passwordHash: 'hashed:password1',
+            isAdmin: false,
         );
     }