refactor(env): unify required-env validation through useRuntimeConfig

validate-env.js now reads all four required vars (MONGODB_URI, JWT_SECRET,
RESEND_API_KEY, HELCIM_API_TOKEN) from useRuntimeConfig() instead of mixing
direct process.env reads with a JWT-only special case. Mongoose and the six
Resend instantiations follow suit. Either bare or NUXT_-prefixed env names
are accepted, so Dokploy no longer needs duplicate entries.

server/utils/magicLink.js

@@ -6,7 +6,7 @@ import { randomUUID } from 'crypto'
 import { Resend } from 'resend'
 import Member from '../models/member.js'
 
-const resend = new Resend(process.env.RESEND_API_KEY)
+const resend = new Resend(useRuntimeConfig().resendApiKey)
 
 /**
  * Issue a 15-minute magic-link JWT for `email` and email it.

server/utils/mongoose.js

@@ -7,7 +7,7 @@ export const connectDB = async () => {
     return;
   }
 
-  const MONGODB_URI = process.env.NUXT_MONGODB_URI || process.env.MONGODB_URI || 'mongodb://localhost:27017/ghostguild';
+  const MONGODB_URI = useRuntimeConfig().mongodbUri;
 
   try {
     await mongoose.connect(MONGODB_URI, {

server/utils/payments.js

@@ -2,7 +2,7 @@ import { Resend } from 'resend'
 import Payment from '../models/payment.js'
 import { paymentConfirmationEmail } from '../emails/paymentConfirmation.js'
 
-const resend = new Resend(process.env.RESEND_API_KEY)
+const resend = new Resend(useRuntimeConfig().resendApiKey)
 
 function mapStatus(helcimStatus) {
   if (helcimStatus === 'paid') return 'success'

server/utils/resend.js

@@ -1,6 +1,6 @@
 import { Resend } from "resend";
 
-const resend = new Resend(process.env.RESEND_API_KEY);
+const resend = new Resend(useRuntimeConfig().resendApiKey);
 
 /**
  * Send event registration confirmation email