Implement frontend session routing flow

- Validate and prepare access links in apps/frontend
- Add session, ended, and unauthorized routes with polling
- Copy full public access URLs from the admin links page

AGENTS.md

@@ -23,7 +23,7 @@ More rules are only to be added by the human, in case such a suggestion becomes
 
 - **Monorepo**: Turborepo + pnpm
 - **Language**: TypeScript everywhere, Node >= 24
-- **Apps**: `@apps/main` (SvelteKit), `@apps/front` (Hono), `@apps/orchestrator` (Hono)
+- **Apps**: `@apps/main` (SvelteKit), `@apps/frontend` (Hono), `@apps/orchestrator` (Hono)
 - **Packages**: `@pkg/logic`, `@pkg/db`, `@pkg/logger`, `@pkg/result`, `@pkg/keystore`, `@pkg/settings`
 - **DB**: PostgreSQL via Drizzle ORM; Redis (Valkey) via `@pkg/keystore`
 
@@ -34,11 +34,13 @@ More rules are only to be added by the human, in case such a suggestion becomes
 All domain logic lives in `@pkg/logic` under `packages/logic/domains/<domain>/` with four files: `data.ts`, `repository.ts`, `controller.ts`, `errors.ts`. Mirror this exactly when adding a domain.
 
 **Path aliases** (logic package only):
+
 - `@/*` → `./*` · `@domains/*` → `./domains/*` · `@core/*` → `./core/*`
 
 **FlowExecCtx** (`fctx`) — passed into every domain operation for tracing:
+
 ```ts
-type FlowExecCtx = { flowId: string; userId?: string; sessionId?: string; };
+type FlowExecCtx = { flowId: string; userId?: string; sessionId?: string };
 ```
 
 ---