Fix S3/SMTP connectivity and add one-click invite flow

- Fix MinIO port parsing bug: use protocol-appropriate defaults (443/80)
  instead of hardcoded 9000 fallback, enabling public URL endpoint
- Remove unused SMTP server config from NextAuth EmailProvider to prevent
  connection errors (sendVerificationRequest is fully overridden)
- Replace extra_hosts with DNS config (8.8.8.8) so container resolves
  mail.monaco-opc.com to public IP instead of host loopback
- Add invite token auth: single-click accept-invite flow replacing broken
  two-email invitation process
- Auto-send invitation emails on bulk user creation
- Update email template expiry text from 24 hours to 7 days

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

src/lib/email.ts

@@ -294,7 +294,7 @@ function getGenericInvitationTemplate(
     ${paragraph(`You've been invited to join the Monaco Ocean Protection Challenge platform as a <strong>${roleLabel}</strong>.`)}
     ${paragraph('Click the button below to set up your account and get started.')}
     ${ctaButton(url, 'Accept Invitation')}
-    ${infoBox('This link will expire in 24 hours.', 'info')}
+    ${infoBox('This link will expire in 7 days.', 'info')}
   `
 
   return {
@@ -309,7 +309,7 @@ Click the link below to set up your account and get started:
 
 ${url}
 
-This link will expire in 24 hours.
+This link will expire in 7 days.
 
 ---
 Monaco Ocean Protection Challenge