🐛 Skip org membership lookup for anonymous invite recipients

When an organization invitation token is verified by a logged-out recipient
(e.g. an unregistered invitee opening the emailed link), profile-id is nil.
The team-invitation branch still evaluated get-org-membership eagerly, calling
nitrate with that nil profile-id. That request fails and surfaces as a generic
error, masking the clean :invalid-token response and dropping the user on the
login screen instead of the dedicated "Invite invalid" page.

Only query membership when a logged-in profile is present, so a canceled or
otherwise invalid org invite reaches the :invalid-token path as intended.

backend/src/app/rpc/commands/verify_token.clj

@@ -185,7 +185,10 @@
         registration-disabled? (not (contains? cf/flags :registration))
 
         org-invitation?        (and (contains? cf/flags :nitrate) organization-id)
-        membership             (when org-invitation?
+        ;; Membership only makes sense for a logged-in profile; querying it for
+        ;; an anonymous recipient would call nitrate with a nil profile-id and
+        ;; mask the clean :invalid-token response with a generic error.
+        membership             (when (and profile org-invitation?)
                                  (nitrate/call cfg :get-org-membership {:profile-id profile-id
                                                                         :organization-id organization-id}))]