refactor: extract inline tests to separate files in auth + storage adapters

crates/adapters/auth/tests/jwt.rs

@@ -0,0 +1,21 @@
+use adapters_auth::JwtTokenIssuer;
+use domain::errors::DomainError;
+use domain::ports::TokenIssuer;
+use domain::value_objects::SystemId;
+
+#[tokio::test]
+async fn issue_and_verify_roundtrip() {
+    let issuer = JwtTokenIssuer::new("test-secret-key-long-enough-32chars!!");
+    let user_id = SystemId::new();
+    let token = issuer.issue(&user_id, "user").await.unwrap();
+    let (verified_id, verified_role) = issuer.verify(&token).await.unwrap();
+    assert_eq!(verified_id, user_id);
+    assert_eq!(verified_role, "user");
+}
+
+#[tokio::test]
+async fn rejects_invalid_token() {
+    let issuer = JwtTokenIssuer::new("test-secret-key-long-enough-32chars!!");
+    let result = issuer.verify("not.a.valid.jwt").await;
+    assert!(matches!(result, Err(DomainError::Unauthorized(_))));
+}