refactor(stores): Phase 2a — split store defaults into domain sub-files

ae_stores.ts
- Extract auth/identity section (~80 lines) into ae_stores__auth_loc_defaults.ts
- Spread auth_loc_defaults into ae_app_local_data_defaults (zero consumer changes)

ae_events_stores.ts (both loc and sess structs)
- badges   → ae_events_stores__badges_defaults.ts
- launcher → ae_events_stores__launcher_defaults.ts
- leads    → ae_events_stores__leads_defaults.ts
- pres_mgmt → ae_events_stores__pres_mgmt_defaults.ts

Each new file exports *_loc_defaults and *_sess_defaults. The store files
now reference these by name instead of embedding inline objects. All
$ae_loc.* and $events_loc.* consumer paths are unchanged.

svelte-check: 0 errors, 0 warnings

src/lib/stores/ae_stores.ts

@@ -2,6 +2,8 @@
 // before svelte-persisted-store hydrates from it.
 import { AE_LOC_VERSION } from '$lib/stores/store_versions';
 
+import { auth_loc_defaults } from '$lib/stores/ae_stores__auth_loc_defaults';
+
 import { persisted } from 'svelte-persisted-store';
 
 import { readable, writable } from 'svelte/store';
@@ -78,73 +80,8 @@ const ae_app_local_data_defaults: key_val = {
     adv_mode: false,
     sync_local_config: true, // When true, pulls site config from the remote API on load.
 
-    account_id: ae_account_id,
-    account_code: 'not_set',
-    account_name: 'Account Name Not Set',
-    allow_access: true, // Set to key site key was used, otherwise set to true.
-    site_domain: null, // https://example.com, https://dev.example.com, etc.
-    site_access_key: null, // This is the general site access key
-    site_domain_access_key: null, // This is specific to a (sub)domain.
-    site_cfg_json: {
-        slct__event_id: null,
-        slct__event_badge_template_id: null,
-        slct__sponsorship_cfg_id: null,
-        header_image_path: null
-    },
-
-    // Per-permission-level passcodes loaded from the site record on login.
-    // null = no passcode required for that tier. Overwritten by the site API response.
-    site_access_code_kv: {
-        administrator: null,
-        trusted: null,
-        public: 'public1980',
-        authenticated: 'auth1980'
-    },
-
-    access_type: 'anonymous',
-    administrator_access: false,
-    trusted_access: false,
-    public_access: false,
-    authenticated_access: false,
-    anonymous_access: true,
-
-    user_email: null,
-    // Stored on sign-in so the original permission level can be restored if temporarily escalated.
-    user_access_type: null,
-
-    jwt: null, // JSON Web Token for authenticated API requests.
-
-    person_id: null,
-    person: {
-        id: null,
-        given_name: null,
-        full_name: null,
-        full_name_override: null, // Previously called display_name.
-        primary_email: null,
-        user_id: null,
-
-        qry_limit__people: 150,
-
-        show_content__person_page_help: false
-    },
-
-    user_id: null,
-    user: {
-        id: null,
-        username: null,
-        name: null,
-        email: null,
-        allow_auth_key: null, // Magic-link token — allows sign-in without password.
-        super: false,
-        manager: false, // Can manage accounts and users globally.
-        administrator: false, // Account-level administrator.
-        verified: false,
-        public: false,
-        person_id: null,
-        access_type: null,
-
-        qry_limit__users: 100
-    },
+    // Auth and identity section — see ae_stores__auth_loc_defaults.ts.
+    ...auth_loc_defaults,
 
     qry__enabled: 'enabled', // all, disabled, enabled
     qry__hidden: 'not_hidden', // all, hidden, not_hidden