feat(api): seed a dev login account (worker@solelog.local) for testing

db:seed now also creates a ready-made dev account via better-auth (properly
hashed), idempotent, and SKIPPED when NODE_ENV=production so no known-password
account ships to prod. Credentials: worker@solelog.local / werkplaats123.
Documented in the worker README. API tests 37/37 green; verified live (sign-in
returns a bearer token; /api/me returns the user).

apps/api/test/seed.test.ts

@@ -2,7 +2,7 @@ import { describe, it, expect } from 'vitest';
 import { inArray, eq } from 'drizzle-orm';
 import { seed } from '../src/db/seed';
 import { db } from '../src/db/client';
-import { activities } from '../src/db/schema';
+import { activities, user } from '../src/db/schema';
 
 const SEED_NAMES = ['Leerrand', 'Frezen', 'Slijpen', 'Bekleden', 'Afwerken', 'Printen'];
 
@@ -31,4 +31,14 @@ describe('seed', () => {
     expect(printen).toHaveLength(1);
     expect(printen[0]?.insoleTypes).toEqual(['3D']);
   });
+
+  it('seeds the dev test account idempotently (and only once)', async () => {
+    await seed();
+    const first = await db.select().from(user).where(eq(user.email, 'worker@solelog.local'));
+    expect(first).toHaveLength(1);
+
+    await seed();
+    const second = await db.select().from(user).where(eq(user.email, 'worker@solelog.local'));
+    expect(second).toHaveLength(1);
+  });
 });