refactor: 统一认证端点并删除冗余 profile 模块

- 合并 auth 端点: /verifications/verify → /verify, /verifications/resend → /resend
- 整合密码重置到 /verify 端点 (type=recovery)
- 移除未使用的 /auth/users 端点
- 添加 redirect URL 白名单验证 (site_url + additional_redirect_urls)
- 限流改用 Redis + IP 标识，替代内存锁
- 删除 v1/profile 死代码模块
- 更新前端 auth_api 适配新端点
- 添加 supabase site_url 和 additional_redirect_urls 配置

backend/src/v1/auth/service.py

@@ -8,7 +8,6 @@ from v1.auth.schemas import (
     SessionCreateRequest,
     SessionRefreshRequest,
     SessionResponse,
-    UserByEmailResponse,
     VerificationCreateRequest,
     VerificationCreateResponse,
     VerificationResendRequest,
@@ -39,9 +38,6 @@ class AuthServiceGateway(Protocol):
     async def delete_session(self, refresh_token: str | None) -> None:
         raise NotImplementedError
 
-    async def get_user_by_email(self, email: str) -> UserByEmailResponse:
-        raise NotImplementedError
-
     async def request_password_reset(self, request: PasswordResetRequest) -> None:
         raise NotImplementedError
 
@@ -79,9 +75,6 @@ class AuthService:
     async def delete_session(self, refresh_token: str | None) -> None:
         await self._gateway.delete_session(refresh_token)
 
-    async def get_user_by_email(self, email: str) -> UserByEmailResponse:
-        return await self._gateway.get_user_by_email(email)
-
     async def request_password_reset(self, request: PasswordResetRequest) -> None:
         await self._gateway.request_password_reset(request)