add User persistence: model, migration, eloquent + fake repo

UserModel maps users table (id, email unique, password_hash,
is_admin bool default false). EloquentUserRepository implements
UserRepository: create from CreateUserDto, find by id,
findByEmail. toDomain() materializes a User entity wrapping email
in EmailAddress vo. FakeUserRepository: in-memory map keyed by
auto-incrementing id, returns defensive copies on read (per
youngstartup pattern). composer stan script now passes
--no-progress for cleaner ci output.

backend/app/User/EloquentUserRepository.php

@@ -0,0 +1,43 @@
+<?php
+
+namespace App\User;
+
+use App\Shared\ValueObject\EmailAddress;
+
+class EloquentUserRepository implements UserRepository
+{
+    public function create(CreateUserDto $dto): User
+    {
+        $model = UserModel::create([
+            'email' => $dto->email->value(),
+            'password_hash' => $dto->passwordHash,
+            'is_admin' => $dto->isAdmin,
+        ]);
+
+        return $this->toDomain($model);
+    }
+
+    public function find(int $id): ?User
+    {
+        $model = UserModel::find($id);
+
+        return $model === null ? null : $this->toDomain($model);
+    }
+
+    public function findByEmail(EmailAddress $email): ?User
+    {
+        $model = UserModel::where('email', $email->value())->first();
+
+        return $model === null ? null : $this->toDomain($model);
+    }
+
+    private function toDomain(UserModel $model): User
+    {
+        return new User(
+            id: $model->id,
+            email: new EmailAddress($model->email),
+            passwordHash: $model->password_hash,
+            isAdmin: $model->is_admin,
+        );
+    }
+}

backend/app/User/UserModel.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace App\User;
+
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Model;
+
+/**
+ * @property int $id
+ * @property string $email
+ * @property string $password_hash
+ * @property bool $is_admin
+ *
+ * @method static Builder<static>|UserModel newModelQuery()
+ * @method static Builder<static>|UserModel newQuery()
+ * @method static Builder<static>|UserModel query()
+ * @method static Builder<static>|UserModel whereId($value)
+ * @method static Builder<static>|UserModel whereEmail($value)
+ * @method static Builder<static>|UserModel whereIsAdmin($value)
+ *
+ * @mixin \Eloquent
+ */
+class UserModel extends Model
+{
+    protected $table = 'users';
+
+    public $timestamps = false;
+
+    protected $fillable = [
+        'email',
+        'password_hash',
+        'is_admin',
+    ];
+
+    protected $casts = [
+        'is_admin' => 'boolean',
+    ];
+}

backend/composer.json

@@ -49,7 +49,7 @@
             "npx concurrently -c \"#93c5fd,#c4b5fd,#fb7185\" \"php artisan serve\" \"php artisan queue:listen --tries=1\" \"php artisan pail --timeout=0\" --names=server,queue,logs --kill-others"
         ],
 
-        "stan": "phpstan analyse",
+        "stan": "phpstan analyse --no-progress",
         "cs:fix": "php-cs-fixer fix",
         "cs:check": "php-cs-fixer check --diff -vvv",
 

backend/database/migrations/2026_05_06_000000_create_users_table.php

@@ -0,0 +1,23 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    public function up(): void
+    {
+        Schema::create('users', function (Blueprint $table) {
+            $table->id();
+            $table->string('email')->unique();
+            $table->string('password_hash');
+            $table->boolean('is_admin')->default(false);
+        });
+    }
+
+    public function down(): void
+    {
+        Schema::dropIfExists('users');
+    }
+};

backend/tests/Fakes/FakeUserRepository.php

@@ -0,0 +1,66 @@
+<?php
+
+namespace Tests\Fakes;
+
+use App\Shared\ValueObject\EmailAddress;
+use App\User\CreateUserDto;
+use App\User\User;
+use App\User\UserRepository;
+
+class FakeUserRepository implements UserRepository
+{
+    /**
+     * @var User[]
+     */
+    private array $existingUsers = [];
+
+    public function create(CreateUserDto $dto): User
+    {
+        $id = $this->getNextId();
+        $user = new User(
+            id: $id,
+            email: $dto->email,
+            passwordHash: $dto->passwordHash,
+            isAdmin: $dto->isAdmin,
+        );
+        $this->existingUsers[$id] = $user;
+
+        return $user;
+    }
+
+    public function find(int $id): ?User
+    {
+        $user = $this->existingUsers[$id] ?? null;
+        if ($user === null) {
+            return null;
+        }
+
+        return new User(
+            id: $user->getId(),
+            email: $user->getEmail(),
+            passwordHash: $user->getPasswordHash(),
+            isAdmin: $user->isAdmin(),
+        );
+    }
+
+    public function findByEmail(EmailAddress $email): ?User
+    {
+        foreach ($this->existingUsers as $user) {
+            if ($user->getEmail()->equals($email)) {
+                return new User(
+                    id: $user->getId(),
+                    email: $user->getEmail(),
+                    passwordHash: $user->getPasswordHash(),
+                    isAdmin: $user->isAdmin(),
+                );
+            }
+        }
+
+        return null;
+    }
+
+    private function getNextId(): int
+    {
+        return count($this->existingUsers) + 1;
+    }
+}