docs: add Google Sign‑in UI gate and implementation task

[tsg21]

Motivation

• Introduce a frontend-first Google sign-in gate so users must authenticate before accessing the lobby/games list while backend bearer-token validation is staged for later work.
• Capture the transitional identity model (GIS sign-in → map Google email to X-Player) to keep existing API contracts stable during rollout.
• Provide a clear, testable task plan for the frontend implementation so work can proceed in small, verifiable steps.

Description

• Updated docs/prd/60-ui-overview.md to add an "Access and Sign-in Gate" section that mandates Google sign-in before lobby access, describes route-guard behaviour, loading/error states, and the temporary X-Player mapping.
• Updated docs/prd/50-api.md to document the transitional backend auth model that continues to accept X-Player while noting a future migration to Authorization: Bearer <token>.
• Updated docs/prd/06-technical-platform.md to describe the staged rollout (UI sign-in first, backend token validation later) and reiterate that username maps to authenticated email.
• Added a new task file tasks/2026-04-20-google-auth-ui-gate.md with a five-step implementation plan, per-step unit/integration test expectations, and explicit scope that backend authorisation is out of scope for this change.

Testing

• No automated tests were executed because this is a documentation-only change.
• Recommended follow-up verification for the frontend implementation: run npm run lint, npm run typecheck, and npm test in frontend/, and uv run pytest in backend/ when code changes are added.
• Repository operations and file edits were committed successfully (git commit completed).

---

Codex Task