#127 - harden SES email feature: auth, plain-text, logging

[piersolh]

Description

NOTE: emails still go to spam because I am using my personal email as the SES email. we need to use a verified email to stop getting hit with gmail's spam filter.

Re-enables auth on the email endpoints, adds plain-text alternatives and per-recipient bulk failure logging for deliverability, guards template variable replacement, and stops referencing images locally.

Changes Made

• Backend changes
• Frontend changes
• Database schema changes
• Configuration updates
• Other

Details:

• Re-enable @UseGuards(AuthGuard('jwt')) on all bulk-send and template-management endpoints (send-email, template GET/POST, subscribers, bulk-send)
• Attach a text/plain alternative to every email (multipart/alternative) via a lightweight htmlToPlainText util
• Bulk sends now go one email per recipient: one bad address no longer aborts the campaign, each failure is logged individually, recipients aren't exposed via a shared To, and the response surfaces a failed count.
• Wrap donation-response template variable replacement in try/catch for more safety
• Signature only renders https://-hosted images (local PNG import removed) so images resolve in recipients' inboxes.

Testing & Verification

• Unit tests pass
• Manual testing completed
• [] No breaking changes

Verification Steps:

• sent email(s) to self

Future Improvements/Notes

• Unsubscribe link still outstanding. A proper unsubscribe needs (1) a footer link in buildFullHTML, (2) a public GET /emails/unsubscribe endpoint flipping isSubscribed/unsubscribedAt (columns already exist), and optionally (3) a List-Unsubscribe header for bulk deliverability. Being handled separately.
• CDN/S3 hosting of signature images will be wired up as part of the email-signature work.

Related Issues

Closes #127

[piersolh]

this is really excessive commenting but I thought it might be helpful cause regex's are so hard to read

[thaninbew]

sounds good!