feat(phase-2): implement domain verification system

Implements complete domain verification flow with:
- rel=me link verification service
- HTML fetching with security controls
- Rate limiting to prevent abuse
- Email validation utilities
- Authorization and verification API endpoints
- User-facing templates for authorization and verification flows

This completes Phase 2: Domain Verification as designed.

Tests:
- All Phase 2 unit tests passing
- Coverage: 85% overall
- Migration tests updated

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

src/gondulf/storage.py

@@ -7,7 +7,6 @@ codes with automatic expiration checking on access.
 
 import logging
 import time
-from typing import Dict, Optional, Tuple
 
 logger = logging.getLogger("gondulf.storage")
 
@@ -27,7 +26,7 @@ class CodeStore:
         Args:
             ttl_seconds: Time-to-live for codes in seconds (default: 600 = 10 minutes)
         """
-        self._store: Dict[str, Tuple[str, float]] = {}
+        self._store: dict[str, tuple[str, float]] = {}
         self._ttl = ttl_seconds
         logger.debug(f"CodeStore initialized with TTL={ttl_seconds}s")
 
@@ -79,7 +78,7 @@ class CodeStore:
         logger.info(f"Code verified successfully for key={key}")
         return True
 
-    def get(self, key: str) -> Optional[str]:
+    def get(self, key: str) -> str | None:
         """
         Get code without removing it (for testing/debugging).