Implement frontend session routing flow

- Validate and prepare access links in apps/frontend
- Add session, ended, and unauthorized routes with polling
- Copy full public access URLs from the admin links page

apps/frontend/src/routes/unauthorized/+page.svelte

@@ -0,0 +1,21 @@
+<script lang="ts">
+    import { browser } from "$app/environment";
+
+    const reasonMap: Record<string, string> = {
+        missing_token: "Missing access token",
+        invalid: "Invalid access link",
+    };
+
+    const reason = browser
+        ? (new URLSearchParams(window.location.search).get("reason") ?? "invalid")
+        : "invalid";
+</script>
+
+<main class="bg-background text-foreground flex min-h-screen items-center justify-center px-6">
+    <section class="w-full max-w-sm rounded-xl border border-border bg-card p-6 text-center">
+        <h1 class="text-xl font-semibold">Access denied</h1>
+        <p class="mt-3 text-sm text-muted-foreground">
+            {reasonMap[reason] || "This session link is not valid."}
+        </p>
+    </section>
+</main>