Enhance member deletion and implement template-based email system

- Add Keycloak user deletion to member removal process
- Implement Handlebars email templates for verification, password reset, and dues reminders
- Improve JWT secret configuration with multiple fallbacks
- Add getMemberById function and enhance error handling
- Update Dockerfile to include email templates in production build

server/api/members/[id].delete.ts

@@ -1,5 +1,6 @@
-import { deleteMember, handleNocoDbError } from '~/server/utils/nocodb';
+import { deleteMember, handleNocoDbError, getMemberById } from '~/server/utils/nocodb';
 import { createSessionManager } from '~/server/utils/session';
+import { deleteKeycloakUser } from '~/server/utils/keycloak-admin';
 
 export default defineEventHandler(async (event) => {
   const id = getRouterParam(event, 'id');
@@ -38,10 +39,47 @@ export default defineEventHandler(async (event) => {
 
     console.log('[api/members/[id].delete] Authorized user:', session.user.email, 'Tier:', userTier);
 
+    // First, get the member data to check for Keycloak ID
+    let member;
+    try {
+      member = await getMemberById(id);
+      console.log('[api/members/[id].delete] Retrieved member for deletion:', member.first_name, member.last_name);
+      
+      if (member.keycloak_id) {
+        console.log('[api/members/[id].delete] Member has Keycloak ID:', member.keycloak_id);
+      } else {
+        console.log('[api/members/[id].delete] Member has no Keycloak ID - NocoDB only deletion');
+      }
+    } catch (memberError: any) {
+      console.error('[api/members/[id].delete] Failed to retrieve member data:', memberError);
+      // Continue with deletion attempt even if we can't get member data
+    }
+
+    // If member has a Keycloak account, try to delete it first
+    if (member?.keycloak_id) {
+      try {
+        console.log('[api/members/[id].delete] Attempting Keycloak user deletion...');
+        await deleteKeycloakUser(member.keycloak_id);
+        console.log('[api/members/[id].delete] ✅ Keycloak user deleted successfully');
+      } catch (keycloakError: any) {
+        console.error('[api/members/[id].delete] ⚠️ Failed to delete Keycloak user:', keycloakError);
+        console.error('[api/members/[id].delete] Continuing with member deletion despite Keycloak failure');
+        // Don't throw here - we want to continue with NocoDB deletion
+        // This prevents orphaned NocoDB records if Keycloak is temporarily unavailable
+      }
+    }
+
     // Delete member from NocoDB
     const result = await deleteMember(id);
 
-    console.log('[api/members/[id].delete] ✅ Member deleted successfully:', id);
+    console.log('[api/members/[id].delete] ✅ Member deleted successfully from NocoDB:', id);
+    
+    // Log completion status
+    if (member?.keycloak_id) {
+      console.log('[api/members/[id].delete] ✅ Enhanced deletion completed (NocoDB + Keycloak cleanup)');
+    } else {
+      console.log('[api/members/[id].delete] ✅ Standard deletion completed (NocoDB only)');
+    }
 
     return {
       success: true,