wire repository and utility bindings

AppServiceProvider binds Clock -> SystemClock, TokenGenerator ->
RandomTokenGenerator, PasswordHasher -> BcryptPasswordHasher.
new RepositoryServiceProvider binds UserRepository ->
EloquentUserRepository, SessionRepository ->
EloquentSessionRepository. bootstrap/providers.php registers
both. verified container resolves: app(Clock::class) returns
SystemClock. migrations create users + sessions tables with
proper unique/foreign-key/index constraints (sqlite roundtrip
confirmed).

backend/app/Providers/AppServiceProvider.php

@@ -2,21 +2,23 @@
 
 namespace App\Providers;
 
+use App\Auth\BcryptPasswordHasher;
+use App\Auth\Clock;
+use App\Auth\PasswordHasher;
+use App\Auth\RandomTokenGenerator;
+use App\Auth\SystemClock;
+use App\Auth\TokenGenerator;
 use Illuminate\Support\ServiceProvider;
 
 class AppServiceProvider extends ServiceProvider
 {
-    /**
-     * Register any application services.
-     */
     public function register(): void
     {
-        //
+        $this->app->bind(Clock::class, SystemClock::class);
+        $this->app->bind(TokenGenerator::class, RandomTokenGenerator::class);
+        $this->app->bind(PasswordHasher::class, BcryptPasswordHasher::class);
     }
 
-    /**
-     * Bootstrap any application services.
-     */
     public function boot(): void
     {
         //

backend/app/Providers/RepositoryServiceProvider.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Providers;
+
+use App\Auth\EloquentSessionRepository;
+use App\Auth\SessionRepository;
+use App\User\EloquentUserRepository;
+use App\User\UserRepository;
+use Illuminate\Support\ServiceProvider;
+
+class RepositoryServiceProvider extends ServiceProvider
+{
+    public function register(): void
+    {
+        $this->app->bind(
+            UserRepository::class,
+            EloquentUserRepository::class,
+        );
+        $this->app->bind(
+            SessionRepository::class,
+            EloquentSessionRepository::class,
+        );
+    }
+}