feat: 实现密码重置功能与用户搜索API，优化注册登录流程

- 新增忘记密码页面与重置密码确认流程（前端+后端）
- 修复注册验证码页登录跳转路由
- 新增用户搜索API（按邮箱查询）
- 简化infra脚本，统一为app.sh
- 补充密码重置与用户API测试覆盖
- 更新runtime文档与AGENTS配置

backend/src/v1/users/repository.py

@@ -3,7 +3,7 @@ from __future__ import annotations
 from typing import TYPE_CHECKING, Protocol
 from uuid import UUID
 
-from sqlalchemy import select
+from sqlalchemy import select, or_
 from sqlalchemy.exc import SQLAlchemyError
 
 from core.db.base_repository import BaseRepository
@@ -33,6 +33,10 @@ class UserRepository(Protocol):
         """Update user by user ID. Returns updated user or None if not found."""
         ...
 
+    async def search_users(self, query: str, limit: int = 20) -> list[Profile]:
+        """Search users by username (ilike) or email (exact match)."""
+        ...
+
 
 class SQLAlchemyUserRepository(BaseRepository[Profile]):
     """SQLAlchemy implementation of UserRepository.
@@ -77,5 +81,24 @@ class SQLAlchemyUserRepository(BaseRepository[Profile]):
         try:
             return await self.update_by_id(user_id, update_data)
         except SQLAlchemyError:
-            logger.exception("User update failed", user_id=str(user_id))
+            logger.exception("User update failed", user=str(user_id))
+            raise
+
+    async def search_users(self, query: str, limit: int = 20) -> list[Profile]:
+        try:
+            stmt = (
+                select(Profile)
+                .where(Profile.deleted_at.is_(None))
+                .where(
+                    or_(
+                        Profile.username.ilike(f"%{query}%"),
+                    )
+                )
+                .order_by(Profile.created_at.asc())
+                .limit(limit)
+            )
+            result = await self._session.execute(stmt)
+            return list(result.scalars().all())
+        except SQLAlchemyError:
+            logger.exception("User search failed", query=query)
             raise