feat(frontend): invite-based registration UI

- Add /register route with invite code prefill, password show/hide
- Add /login?registered=1 success banner
- Add /admin/invites page: list, create, revoke, copy link
- Add Einladungen nav section to admin sidebar (ADMIN_USER perm)
- Add invite error codes to errors.ts
- Add 48 i18n keys across de/en/es
- Update hooks.server.ts to allow public access to invite/register API

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

frontend/src/routes/admin/+layout.server.ts

@@ -1,4 +1,5 @@
 import { error } from '@sveltejs/kit';
+import { env } from '$env/dynamic/private';
 import { createApiClient } from '$lib/api.server';
 import { getErrorMessage } from '$lib/errors';
 import type { components } from '$lib/generated/api';
@@ -23,6 +24,7 @@ export async function load({ fetch, locals }) {
 	if (!hasAnyAdminPerm(user)) throw error(403, getErrorMessage('FORBIDDEN'));
 
 	const api = createApiClient(fetch);
+	const canManageUsers = hasPerm(user, 'ADMIN_USER');
 
 	// TODO: replace with a dedicated /api/admin/stats endpoint that returns counts only,
 	// so the System page does not load full entity lists it does not render.
@@ -45,11 +47,22 @@ export async function load({ fetch, locals }) {
 		throw error(tagsResult.response.status, getErrorMessage(code));
 	}
 
+	let inviteCount = 0;
+	if (canManageUsers) {
+		const apiUrl = env.API_INTERNAL_URL || 'http://localhost:8080';
+		const inviteRes = await fetch(`${apiUrl}/api/invites`);
+		if (inviteRes.ok) {
+			const invites = await inviteRes.json();
+			inviteCount = Array.isArray(invites) ? invites.length : 0;
+		}
+	}
+
 	return {
 		userCount: (usersResult.data ?? []).length,
 		groupCount: (groupsResult.data ?? []).length,
 		tagCount: (tagsResult.data ?? []).length,
-		canManageUsers: hasPerm(user, 'ADMIN_USER'),
+		inviteCount,
+		canManageUsers,
 		canManageTags: hasPerm(user, 'ADMIN_TAG'),
 		canManagePermissions: hasPerm(user, 'ADMIN_PERMISSION'),
 		canRunMaintenance: hasPerm(user, 'ADMIN')