fix(api): return correct hashed token for email_change_new in adminGenerateLink

[Jualhosting]

Summary

This PR fixes a bug in \�dminGenerateLink\ where generating an action link for type \email_change_new\ returns a \hashed_token\ property derived from the user's old/current email instead of the new email.

Details

When an admin generates an email change link for \email_change_new\ via the \�dminGenerateLink\ handler:

1. The token hash stored in the database (\user.EmailChangeTokenNew) is correctly computed using the new email address (\params.NewEmail) and OTP.
2. However, the \HashedToken\ returned in the API JSON response was always assigned \hashedToken, which is computed using the old/current email address (\params.Email) and OTP.

Because of this discrepancy, client applications and SDKs (such as \�dmin.generateLink) receive a hashed token that is incompatible with the one persisted in the database, causing verification or link validation to fail during the change confirmation step.

Fix

• Dynamically set the returned \HashedToken\ in \GenerateLinkResponse\ to \user.EmailChangeTokenNew\ when \params.Type\ is \mail.EmailChangeNewVerification.
• Updated the unit tests in \internal/api/mail_test.go\ to assert this correct, unified behavior.

Assistance Disclosure

Just a quick heads-up: I used Antigravity (a Gemini-based AI coding assistant) to help track down and patch this hashed token bug. I've thoroughly reviewed and tested the fix to make sure everything is correct.