feat: passwordless registration — defer account creation to approval

Removes password from the volunteer registration form. Account
creation is now deferred to the approval step:

Backend:
- Registration creates Person without User (user_id=null)
- On approval, system finds or creates User by person.email
- New accounts get a "set password" email with activation link
- Existing accounts get a portal link email
- Added registration_source column to persons (self/organizer)
- Fuzzy name matching skipped for self-registered persons
- person.email is always source of truth for account linking

Frontend:
- Registration form no longer collects password
- Email check shows info alert with login suggestion
- New wachtwoord-instellen.vue page for account activation
- PasswordRequirements.vue component (reused on reset page)
- Success page updated with activation messaging

Tests: 837 passed (all updated for new flow)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

api/app/Http/Controllers/Api/V1/VolunteerRegistrationController.php

@@ -4,12 +4,10 @@ declare(strict_types=1);
 
 namespace App\Http\Controllers\Api\V1;
 
-use App\Enums\IdentityMatchStatus;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\Api\V1\VolunteerRegistrationRequest;
 use App\Http\Resources\Api\V1\PersonResource;
 use App\Models\Event;
-use App\Models\PersonIdentityMatch;
 use App\Services\VolunteerRegistrationService;
 use Illuminate\Http\JsonResponse;
 
@@ -31,13 +29,8 @@ final class VolunteerRegistrationController extends Controller
 
         $person->load('crowdType');
 
-        $hasExistingAccount = PersonIdentityMatch::where('person_id', $person->id)
-            ->where('status', IdentityMatchStatus::PENDING)
-            ->exists();
-
         $responseData = [
             'person' => new PersonResource($person),
-            'has_existing_account' => $hasExistingAccount,
         ];
 
         if ($person->wasRecentlyCreated) {