Fix country not shown in ban list due to geo rate limiting

list_bans() was calling geo_service.lookup() once per IP on the
page (e.g. 100 sequential HTTP requests), hitting the ip-api.com
free-tier single-IP limit of 45 req/min.  IPs beyond the ~45th
were added to the in-process negative cache (5 min TTL) and showed
as no country until the TTL expired.  The map endpoint never had
this problem because it used lookup_batch (100 IPs per POST).

Add http_session and app_db params to list_bans().  When
http_session is provided (production path), the entire page is
resolved in one lookup_batch() call instead of N individual ones.
The legacy geo_enricher callback is kept for test compatibility.
Update the dashboard router to use the batch path directly.

Adds 3 tests covering the batch geo path, failure resilience, and
http_session priority over geo_enricher.

backend/tests/test_services/test_ban_service.py

@@ -290,6 +290,104 @@ class TestListBansGeoEnrichment:
             assert item.country_code is None
 
 
+# ---------------------------------------------------------------------------
+# list_bans — batch geo enrichment via http_session
+# ---------------------------------------------------------------------------
+
+
+class TestListBansBatchGeoEnrichment:
+    """Verify that list_bans uses lookup_batch when http_session is provided."""
+
+    async def test_batch_geo_applied_via_http_session(
+        self, f2b_db_path: str
+    ) -> None:
+        """Geo fields are populated via lookup_batch when http_session is given."""
+        from app.services.geo_service import GeoInfo
+        from unittest.mock import MagicMock
+
+        fake_session = MagicMock()
+        fake_geo_map = {
+            "1.2.3.4": GeoInfo(country_code="DE", country_name="Germany", asn="AS3320", org="Deutsche Telekom"),
+            "5.6.7.8": GeoInfo(country_code="US", country_name="United States", asn="AS15169", org="Google"),
+        }
+
+        with patch(
+            "app.services.ban_service._get_fail2ban_db_path",
+            new=AsyncMock(return_value=f2b_db_path),
+        ), patch(
+            "app.services.geo_service.lookup_batch",
+            new=AsyncMock(return_value=fake_geo_map),
+        ):
+            result = await ban_service.list_bans(
+                "/fake/sock", "24h", http_session=fake_session
+            )
+
+        assert result.total == 2
+        de_item = next(i for i in result.items if i.ip == "1.2.3.4")
+        us_item = next(i for i in result.items if i.ip == "5.6.7.8")
+        assert de_item.country_code == "DE"
+        assert de_item.country_name == "Germany"
+        assert us_item.country_code == "US"
+        assert us_item.country_name == "United States"
+
+    async def test_batch_failure_does_not_break_results(
+        self, f2b_db_path: str
+    ) -> None:
+        """A lookup_batch failure still returns items with null geo fields."""
+        from unittest.mock import MagicMock
+
+        fake_session = MagicMock()
+
+        with patch(
+            "app.services.ban_service._get_fail2ban_db_path",
+            new=AsyncMock(return_value=f2b_db_path),
+        ), patch(
+            "app.services.geo_service.lookup_batch",
+            new=AsyncMock(side_effect=RuntimeError("batch geo down")),
+        ):
+            result = await ban_service.list_bans(
+                "/fake/sock", "24h", http_session=fake_session
+            )
+
+        assert result.total == 2
+        for item in result.items:
+            assert item.country_code is None
+
+    async def test_http_session_takes_priority_over_geo_enricher(
+        self, f2b_db_path: str
+    ) -> None:
+        """When both http_session and geo_enricher are provided, batch wins."""
+        from app.services.geo_service import GeoInfo
+        from unittest.mock import MagicMock
+
+        fake_session = MagicMock()
+        fake_geo_map = {
+            "1.2.3.4": GeoInfo(country_code="DE", country_name="Germany", asn=None, org=None),
+            "5.6.7.8": GeoInfo(country_code="DE", country_name="Germany", asn=None, org=None),
+        }
+
+        async def enricher_should_not_be_called(ip: str) -> GeoInfo:
+            raise AssertionError(f"geo_enricher was called for {ip!r} — should not happen")
+
+        with patch(
+            "app.services.ban_service._get_fail2ban_db_path",
+            new=AsyncMock(return_value=f2b_db_path),
+        ), patch(
+            "app.services.geo_service.lookup_batch",
+            new=AsyncMock(return_value=fake_geo_map),
+        ):
+            result = await ban_service.list_bans(
+                "/fake/sock",
+                "24h",
+                http_session=fake_session,
+                geo_enricher=enricher_should_not_be_called,
+            )
+
+        assert result.total == 2
+        for item in result.items:
+            assert item.country_code == "DE"
+
+
 # ---------------------------------------------------------------------------
 # list_bans — pagination
 # ---------------------------------------------------------------------------