fix(auth): route all nostrLoggedIn listeners through signed-event verification

The previous commit only updated auth-button + the WithNostrAuth trait,
but six Volt pages (profile, benefits, election/*, members/admin) carry
their own handleNostrLoggedIn(string $pubkey) handlers. The dispatched
payload is now an array, so Livewire's container could not resolve the
string parameter and threw BindingResolutionException on every login.

- All six per-page handlers now accept the signed event and route it
  through NostrAuth::loginWithSignedEvent() like the trait does.
- NostrAuth: add currentOrIssueChallenge() so the sidebar + navbar
  auth-button mounts share one live session challenge instead of
  overwriting each other.
- verifySignedEvent: pass a normalized stdClass to swentel's verify()
  directly, skipping an unnecessary json_encode + json_decode round-trip.
- auth-button: gate the global Escape/Tab capture so it only intercepts
  keys while the overlay is actually visible.
- Update three test files that still called handleNostrLoggedIn with a
  raw pubkey to authenticate via NostrAuth::login() instead.

resources/views/livewire/association/election/admin.blade.php

@@ -60,9 +60,9 @@ new class extends Component {
         }
     }
 
-    public function handleNostrLoggedIn(string $pubkey): void
+    public function handleNostrLoggedIn($signedEvent = null): void
     {
-        NostrAuth::login($pubkey);
+        $pubkey = NostrAuth::loginWithSignedEvent($signedEvent);
 
         $this->currentPubkey = $pubkey;
         $this->currentPleb = \App\Models\EinundzwanzigPleb::query()