Move allauth + auth UI to legacy/

allauth/ (44 files) is a django-allauth React UI — a separate concern
from the Mizan protocol. Moved to legacy/ pending extraction into a
standalone mizan-django-allauth package.

Also moved to legacy/:
- client/AuthContext.tsx — generic auth state from /me endpoint
- client/RouterContext.tsx — framework-agnostic router adapter
- client/routing.tsx — UserRoute/StaffRoute/AnonymousRoute guards
- client/nextjs.tsx — Next.js router adapter for auth

These are auth UI infrastructure, not Mizan protocol. The Mizan core
only needs JWT for auth header selection (jwt/ stays — MizanProvider
depends on useJWT() to decide between Bearer and session auth).

Cleaned up re-exports in client/react.ts and vitest aliases.

33 React tests pass.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

legacy/allauth/components/index.ts

@@ -0,0 +1,41 @@
+// Main UI component
+export { AllauthUI } from './AllauthUI'
+export type { AllauthUIView, AllauthUIMode } from './AllauthUI'
+
+// Core components
+export { AuthCard } from './AuthCard'
+export { AuthFormPage } from './AuthFormPage'
+export { AuthDjangoForm } from './AuthDjangoForm'
+export { ProviderList } from './ProviderList'
+export { PasskeyLogin } from './PasskeyLogin'
+export { default as useAuthForm, AuthField } from './AuthForm'
+
+// Django-initiated flow handler (email verification, password reset links, OAuth)
+export { AllauthRouter } from './AllauthRouter'
+
+// Settings components
+export {
+    AuthSettings,
+    ProfileSection,
+    EmailsSection,
+    PasswordSection,
+    PasskeysSection,
+    ConnectionsSection,
+    MFASection,
+    SessionsSection,
+    SettingsSection,
+    SettingsItem,
+    SettingsList,
+    Badge,
+    Button,
+} from './settings'
+
+// Individual auth views (for granular control)
+export {
+    LoginView,
+    SignupView,
+    MFAChooserView,
+    MFAWebAuthnView,
+    MFATOTPView,
+    MFARecoveryCodesView,
+} from './views'