feat(events): add UserDeleted event for GDPR cascade

[MarkCesium]

Summary

GDPR deletion requires a cascade across services, but there is no event for it in contracts and no producer in auth. Right now users are effectively permanent — deleting a row in auth_db leaves orphaned places, devices, MQTT credentials, and telemetry.

Changes

• New module placebrain_contracts/events/auth.py:

  class UserDeleted(BaseEvent):
      user_id: UUID
      email: str
      deleted_at: datetime

• placebrain_contracts/events/topics.py — add AUTH_USER_DELETED = "auth.user.deleted".
• pyproject.toml — bump version so CI publishes to PyPI.

Blocks

• feat(gdpr): DeleteUser RPC and UserDeleted event emission auth#6

Verification

• uv pip install placebrain-contracts==<new> resolves and from placebrain_contracts.events.auth import UserDeleted works.
• from placebrain_contracts.events.topics import AUTH_USER_DELETED imports cleanly.