Rip out Theia, ship P5.1 attach E2E + Justine UI work-in-progress

Theia rip-out:
- Delete app/api/theia-auth/route.ts (Traefik ForwardAuth shim)
- Delete app/api/projects/[projectId]/workspace/route.ts and
  app/api/projects/prewarm/route.ts (Cloud Run Theia provisioning)
- Delete lib/cloud-run-workspace.ts and lib/coolify-workspace.ts
- Strip provisionTheiaWorkspace + theiaWorkspaceUrl/theiaAppUuid/
  theiaError from app/api/projects/create/route.ts response
- Remove Theia callbackUrl branch in app/auth/page.tsx
- Drop "Open in Theia" button + xterm/Theia PTY copy in build/page.tsx
- Drop theiaWorkspaceUrl from deployment/page.tsx Project type
- Strip Theia IDE line + theia-code-os from advisor + agent-chat
  context strings
- Scrub Theia mention from lib/auth/workspace-auth.ts comment

P5.1 (custom apex domains + DNS):
- lib/coolify.ts + lib/opensrs.ts: nameserver normalization, OpenSRS
  XML auth, Cloud DNS plumbing
- scripts/smoke-attach-e2e.ts: full prod GCP + sandbox OpenSRS +
  prod Coolify smoke covering register/zone/A/NS/PATCH/cleanup

In-progress (Justine onboarding/build, MVP setup, agent telemetry):
- New (justine)/stories, project (home) layouts, mvp-setup, run, tasks
  routes + supporting components
- Project shell + sidebar + nav refactor for the Stackless palette
- Agent session API hardening (sessions, events, stream, approve,
  retry, stop) + atlas-chat, advisor, design-surfaces refresh
- New scripts/sync-db-url-from-coolify.mjs +
  scripts/prisma-db-push.mjs + docker-compose.local-db.yml for
  local Prisma workflows
- lib/dev-bypass.ts, lib/chat-context-refs.ts, lib/prd-sections.ts
- Misc: stories CSS, debug/prisma route, modal-theme, BuildLivePlanPanel

Made-with: Cursor

app/api/projects/[projectId]/advisor/route.ts

@@ -10,8 +10,7 @@
  * and injects it as knowledge_context into the orchestrator's system prompt.
  */
 import { NextRequest } from 'next/server';
-import { getServerSession } from 'next-auth';
-import { authOptions } from '@/lib/auth/authOptions';
+import { authSession } from "@/lib/auth/session-server";
 import { query } from '@/lib/db-postgres';
 
 const AGENT_RUNNER_URL = process.env.AGENT_RUNNER_URL ?? 'https://agents.vibnai.com';
@@ -49,7 +48,6 @@ async function buildKnowledgeContext(projectId: string, email: string): Promise<
   const architecture       = d.architecture as Record<string, unknown> | null ?? null;
   const apps               = (d.apps as Array<{ name: string; domain?: string; coolifyServiceUuid?: string }>) ?? [];
   const coolifyProjectUuid = (d.coolifyProjectUuid as string) ?? '';
-  const theiaUrl           = (d.theiaWorkspaceUrl as string) ?? '';
 
   const lines: string[] = [];
 
@@ -65,14 +63,13 @@ Operating principles:
 - Be brief. No preamble, no "Great question!".
 - You decide the technical approach — never ask the founder to choose.
 - Be honest when you're uncertain or when data isn't available.
-- Do NOT spawn agents on the protected platform repos (vibn-frontend, theia-code-os, vibn-agent-runner, vibn-api, master-ai).`);
+- Do NOT spawn agents on the protected platform repos (vibn-frontend, vibn-agent-runner, vibn-api, master-ai).`);
 
   // Project identity
   lines.push(`\n## Project: ${name}`);
   if (vision) lines.push(`Vision: ${vision}`);
   if (giteaRepo) lines.push(`Gitea repo: ${giteaRepo} — use read_repo_file and list_repos to explore it`);
   if (coolifyProjectUuid) lines.push(`Coolify project UUID: ${coolifyProjectUuid} — use coolify_list_applications to find its apps`);
-  if (theiaUrl) lines.push(`Theia IDE: ${theiaUrl}`);
 
   // Architecture document
   if (architecture) {
@@ -129,7 +126,7 @@ export async function POST(
 ) {
   const { projectId } = await params;
 
-  const session = await getServerSession(authOptions);
+  const session = await authSession();
   if (!session?.user?.email) {
     return new Response('Unauthorized', { status: 401 });
   }