M2-T11: serve React SPA from FastAPI and remove Jinja pages

- app/main.py serves the SPA build (SPA_DIST_DIR, default frontend/dist):
  mounts /assets and a GET catch-all returning index.html for client routes;
  catch-all 404s on /api/*, never swallows /docs, /openapi.json, /static, assets,
  ingestion/ticktick/status; skips SPA serving when dist absent (backend-only CI)
- delete app/api/routes/pages.py, app/api/routes/auth.py, app/templates/
  (all replaced by /api/* + SPA; auth service layer kept)
- remove/replace Jinja page tests (JSON coverage already in test_api_*);
  add tests/test_spa_hosting.py for the fallback contract
- regenerate openapi/ (Jinja paths gone) and frontend schema.d.ts

openapi/openapi.yaml

@@ -18,156 +18,6 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/StatusResponse'
-  /login:
-    get:
-      tags:
-      - auth
-      summary: Login Page
-      operationId: login_page_login_get
-      responses:
-        '200':
-          description: Successful Response
-          content:
-            text/html:
-              schema:
-                type: string
-    post:
-      tags:
-      - auth
-      summary: Login Submit
-      operationId: login_submit_login_post
-      requestBody:
-        content:
-          application/x-www-form-urlencoded:
-            schema:
-              $ref: '#/components/schemas/Body_login_submit_login_post'
-        required: true
-      responses:
-        '200':
-          description: Successful Response
-          content:
-            text/html:
-              schema:
-                type: string
-        '422':
-          description: Validation Error
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/HTTPValidationError'
-  /config/change-password:
-    post:
-      tags:
-      - auth
-      summary: Change Password Submit
-      operationId: change_password_submit_config_change_password_post
-      requestBody:
-        content:
-          application/x-www-form-urlencoded:
-            schema:
-              $ref: '#/components/schemas/Body_change_password_submit_config_change_password_post'
-        required: true
-      responses:
-        '200':
-          description: Successful Response
-          content:
-            text/html:
-              schema:
-                type: string
-        '422':
-          description: Validation Error
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/HTTPValidationError'
-  /logout:
-    post:
-      tags:
-      - auth
-      summary: Logout
-      operationId: logout_logout_post
-      requestBody:
-        content:
-          application/x-www-form-urlencoded:
-            schema:
-              $ref: '#/components/schemas/Body_logout_logout_post'
-        required: true
-      responses:
-        '200':
-          description: Successful Response
-          content:
-            application/json:
-              schema: {}
-        '422':
-          description: Validation Error
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/HTTPValidationError'
-  /:
-    get:
-      tags:
-      - pages
-      summary: Home
-      operationId: home__get
-      responses:
-        '200':
-          description: Successful Response
-          content:
-            text/html:
-              schema:
-                type: string
-  /admin:
-    get:
-      tags:
-      - pages
-      summary: Admin Redirect
-      operationId: admin_redirect_admin_get
-      responses:
-        '200':
-          description: Successful Response
-          content:
-            text/html:
-              schema:
-                type: string
-  /config:
-    get:
-      tags:
-      - pages
-      summary: Config Page
-      operationId: config_page_config_get
-      responses:
-        '200':
-          description: Successful Response
-          content:
-            text/html:
-              schema:
-                type: string
-    post:
-      tags:
-      - pages
-      summary: Config Submit
-      operationId: config_submit_config_post
-      responses:
-        '200':
-          description: Successful Response
-          content:
-            text/html:
-              schema:
-                type: string
-  /config/smtp/test:
-    post:
-      tags:
-      - pages
-      summary: Smtp Test Submit
-      operationId: smtp_test_submit_config_smtp_test_post
-      responses:
-        '200':
-          description: Successful Response
-          content:
-            text/html:
-              schema:
-                type: string
   /api/config:
     get:
       tags:
@@ -812,53 +662,6 @@ paths:
               schema: {}
 components:
   schemas:
-    Body_change_password_submit_config_change_password_post:
-      properties:
-        current_password:
-          type: string
-          title: Current Password
-        new_password:
-          type: string
-          title: New Password
-        confirm_password:
-          type: string
-          title: Confirm Password
-        csrf_token:
-          type: string
-          title: Csrf Token
-      type: object
-      required:
-      - current_password
-      - new_password
-      - confirm_password
-      - csrf_token
-      title: Body_change_password_submit_config_change_password_post
-    Body_login_submit_login_post:
-      properties:
-        username:
-          type: string
-          title: Username
-        password:
-          type: string
-          title: Password
-        csrf_token:
-          type: string
-          title: Csrf Token
-      type: object
-      required:
-      - username
-      - password
-      - csrf_token
-      title: Body_login_submit_login_post
-    Body_logout_logout_post:
-      properties:
-        csrf_token:
-          type: string
-          title: Csrf Token
-      type: object
-      required:
-      - csrf_token
-      title: Body_logout_logout_post
     ConfigField:
       properties:
         env_name: