feat: add email verification check to unsubscribe page

Security Enhancement:
- Server-side validation of email status before allowing unsubscribe
- Only allow unsubscribing from verified emails
- Show "Action Not Allowed" message for unverified/unsubscribed emails
- Extract and validate share-id on server side
- Return 404 for invalid share-ids or missing tenant emails

Implementation:
- Convert page.tsx to async server component
- Fetch location and check tenantEmailStatus
- Pass isVerified prop to client component
- Add bilingual "not-allowed" translations

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

web-app/app/[locale]/email/unsubscribe/[id]/EmailUnsubscribePage.tsx

@@ -7,9 +7,10 @@ import { CheckCircleIcon } from '@heroicons/react/24/outline';
 
 interface EmailUnsubscribePageProps {
     shareId: string;
+    isVerified: boolean;
 }
 
-export default function EmailUnsubscribePage({ shareId }: EmailUnsubscribePageProps) {
+export default function EmailUnsubscribePage({ shareId, isVerified }: EmailUnsubscribePageProps) {
     const t = useTranslations('email-unsubscribe-page');
     const [isUnsubscribing, setIsUnsubscribing] = useState(false);
     const [isUnsubscribed, setIsUnsubscribed] = useState(false);
@@ -61,6 +62,17 @@ export default function EmailUnsubscribePage({ shareId }: EmailUnsubscribePagePr
         );
     }
 
+    if (!isVerified) {
+        return (
+            <div className="card bg-base-100 shadow-xl max-w-2xl mx-auto mt-8">
+                <div className="card-body">
+                    <h2 className="card-title text-warning">{t('not-allowed.title')}</h2>
+                    <p>{t('not-allowed.message')}</p>
+                </div>
+            </div>
+        );
+    }
+
     return (
         <div className="card bg-base-100 shadow-xl max-w-2xl mx-auto mt-8">
             <div className="card-body">