Folder Deletion Fix and Mail App Auth Cleanup

Fixes folder deletion in the Mail/Admin Hub, which was failing with a "405 Method Not Allowed" error, and removes obsolete login code now that authentication is handled by the dedicated SSO app. The release also includes two small UI fixes in the Admin app. This change has reached the QA/testing environment.

Deleting folders was broken: the frontend called the backend folder-delete endpoint with the wrong HTTP method (DELETE), but the backend now exposes that operation as POST so it can accept a richer request body (folder IDs plus force-delete and permanent flags) for bulk deletion. The mismatch produced a 405 error and blocked the action entirely. Separately, the Mail app still carried legacy NextAuth login files and a next-auth dependency that are no longer used since login moved to the standalone SSO app, leaving dead code and an unnecessary package.

Users can again delete folders from the Mail/Admin Hub without errors. Removing the unused NextAuth code and dependency reduces the app's footprint and eliminates a stale, deprecated login path. Admin users see two minor UI improvements: a role dropdown that scrolls correctly and pagination controls that no longer overlap table content.

• apps/mail/src/services/folders.services.ts: switched deleteFolders from http.delete (body via { data }) to http.post with the request body sent directly; payload shape (folder_ids, force_delete, permanent) is unchanged.
• Removed deprecated NextAuth artifacts in the Mail app: app/actions/auth.ts, the [...nextauth] API route, auth/login and auth/redirect pages, partials/auth/login-form.tsx, lib/auth.ts, and types/next-auth.d.ts; dropped the next-auth dependency from package.json and pruned it from pnpm-lock.yaml.
• .github/workflows/docker-ecr.yml: removed the trailing slash from the dev NEXT_PUBLIC_API_URL to prevent double-slash (//api) request URLs.
• apps/admin UI fixes: data-table.tsx adds bottom padding when floating pagination is enabled; role-select.tsx adds overflow-hidden to the role popover so it scrolls.
• Note: the PR's commit history contains many select-all-rows commits, but those were reverted before this merge; the net diff is limited to the changes above.

Low risk and well scoped. The folder-delete fix depends on the backend accepting POST at the folder-delete route; if the deployed backend in QA still only accepts DELETE, deletion would fail, so verify the backend method matches. Deleting NextAuth files is safe only if no remaining code imports them or next-auth; the lockfile was updated accordingly, so a clean build/install should confirm nothing else references the removed module.

• In the Mail/Admin Hub, select one or more folders and delete them; confirm success with no 405 error and that the folders are actually removed.
• Exercise both soft and permanent/force-delete paths if exposed in the UI.
• Confirm the Mail app still loads and that unauthenticated users are redirected to the SSO login (no leftover local /auth/login route).
• In Admin, open the role dropdown and confirm it scrolls; on tables with floating pagination, confirm the controls no longer overlap the last rows.
• Smoke-test API calls to ensure URLs no longer contain a double slash (//api).