feat: production launch — email audit, team invites, security headers, router fixes

- Fix loyalty & monitoring router bugs (_get_router → named routers)
- Implement team invitation email with send_template + seed templates (en/fr/de)
- Add SecurityHeadersMiddleware (nosniff, HSTS, referrer-policy, permissions-policy)
- Build email audit admin page: service, schemas, API, page route, menu, i18n, HTML, JS
- Clean stale TODO in platform-menu-config.js
- Add 67 tests (unit + integration) covering all new functionality

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

app/modules/messaging/routes/pages/admin.py

@@ -108,3 +108,26 @@ async def admin_email_templates_page(
         "messaging/admin/email-templates.html",
         get_admin_context(request, db, current_user),
     )
+
+
+# ============================================================================
+# EMAIL LOGS (AUDIT) ROUTES
+# ============================================================================
+
+
+@router.get("/email-logs", response_class=HTMLResponse, include_in_schema=False)
+async def admin_email_logs_page(
+    request: Request,
+    current_user: User = Depends(
+        require_menu_access("email-logs", FrontendType.ADMIN)
+    ),
+    db: Session = Depends(get_db),
+):
+    """
+    Render email logs audit page.
+    Shows all emails sent through the platform with filtering and detail view.
+    """
+    return templates.TemplateResponse(
+        "messaging/admin/email-logs.html",
+        get_admin_context(request, db, current_user),
+    )