fix: member status visibility, team creation improvements, join approval flow

- Fix other members' status not visible due to users collection viewRule restriction
- Fix empty status treated as 'away' instead of 'idle' in membersByStatus
- Auto-set creator to 'in_team' status when creating team session
- Filter current user from idle members invite list
- Fix group store isGroupOwner using pb.authStore instead of localStorage
- Add nginx no-cache headers for index.html
- Add join_requests collection migration and join approval flow
- Update groups collection rules and add requireApproval field
- Add Memory types for Phase 2 planning

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

backend/pb_migrations/1776443448_created_join_requests.js

@@ -0,0 +1,90 @@
+/// <reference path="../pb_data/types.d.ts" />
+migrate((db) => {
+  const collection = new Collection({
+    "id": "ezklls35klxregi",
+    "created": "2026-04-17 16:30:48.222Z",
+    "updated": "2026-04-17 16:30:48.222Z",
+    "name": "join_requests",
+    "type": "base",
+    "system": false,
+    "schema": [
+      {
+        "system": false,
+        "id": "sf_group",
+        "name": "group",
+        "type": "relation",
+        "required": true,
+        "presentable": false,
+        "unique": false,
+        "options": {
+          "collectionId": "es63bkyiblpnxdf",
+          "cascadeDelete": true,
+          "minSelect": null,
+          "maxSelect": 1,
+          "displayFields": null
+        }
+      },
+      {
+        "system": false,
+        "id": "sf_user",
+        "name": "user",
+        "type": "relation",
+        "required": true,
+        "presentable": false,
+        "unique": false,
+        "options": {
+          "collectionId": "_pb_users_auth_",
+          "cascadeDelete": true,
+          "minSelect": null,
+          "maxSelect": 1,
+          "displayFields": null
+        }
+      },
+      {
+        "system": false,
+        "id": "sf_status",
+        "name": "status",
+        "type": "select",
+        "required": true,
+        "presentable": false,
+        "unique": false,
+        "options": {
+          "maxSelect": 1,
+          "values": [
+            "pending",
+            "approved",
+            "rejected"
+          ]
+        }
+      },
+      {
+        "system": false,
+        "id": "sf_reason",
+        "name": "rejectReason",
+        "type": "text",
+        "required": false,
+        "presentable": false,
+        "unique": false,
+        "options": {
+          "min": null,
+          "max": 200,
+          "pattern": ""
+        }
+      }
+    ],
+    "indexes": [],
+    "listRule": "@request.auth.id != \"\"",
+    "viewRule": "@request.auth.id != \"\"",
+    "createRule": "@request.auth.id != \"\"",
+    "updateRule": "group.owner = @request.auth.id",
+    "deleteRule": "group.owner = @request.auth.id",
+    "options": {}
+  });
+
+  return Dao(db).saveCollection(collection);
+}, (db) => {
+  const dao = new Dao(db);
+  const collection = dao.findCollectionByNameOrId("ezklls35klxregi");
+
+  return dao.deleteCollection(collection);
+})