Add LoginSecurityPolicy model, login_sessions table, and repository layer #9709
Description
Implement the data and service layers for login session concurrency management.
Scope
- LoginSecurityPolicy Pydantic model (max_concurrent_logins: int | None, default None = unlimited)
- PydanticColumn users.login_security_policy (JSONB)
- login_sessions table: id (UUID PK), user_uuid (FK), session_token (unique), client_ip, created_at, expired_at (nullable), reason (enum: logout/evicted/expired)
- Alembic migration for both schema changes
- LoginSessionRepository with cache_source (Valkey Sorted Set) + db_source (login_sessions table) following existing cache-first fallback pattern (suppress_with_log)
- Service layer: create/expire/evict session, check concurrency limit
References
- PydanticColumn pattern: models/base.py
- Repository cache pattern: repositories/resource_preset/
JIRA Issue: BA-4905