fix: trusted host check and NEXTAUTH_URL

[bryan-robitaille]

Summary | Résumé

Removes any remaining reference to NEXTAUTH_URL in the codebase as we can implicitly trust that the Elastic Load Balancer safely sets the Host header and ignores any header provided in the original request.

Confirmed here: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#host-header-preservation

It would also appear that Auth.js guidance is now that the trusted_host should always be set to true: https://authjs.dev/reference/core#trusthost

[github-actions[bot]]

:test_tube: Review environment

https://fldpvdocupnmzvo2sxro3lzsl40gcgdw.lambda-url.ca-central-1.on.aws/