Phase 3 testing fixes: Fastify 5, SSE→WebSocket+FCM, enums, security, session lifecycle

- Upgrade Fastify 4→5 with all plugins (@fastify/websocket 11, cors 11, sensible 6)
- Migrate all SSE endpoints to WebSocket + FCM push (mitra chat requests, customer pairing status)
- Add flutter_local_notifications for foreground push notifications with sound
- Add splash screen to both apps (hide auth loading flash)
- Introduce constants/enums across entire codebase (no raw string literals)
- Move price tiers from hardcoded array to app_config DB (data-driven, includes 1-min test tier)
- Add session ownership validation on all shared chat routes
- Add ownership checks on endSession, respondToExtension, requestExtension
- Fix session timer: auto-complete expired/stale sessions on server restart
- Add 5-min grace period for abandoned closing sessions
- Fix extension flow: proper session_resumed handling, clearExtensionRequest, closure grace timer cleanup
- Fix chat screens: ConnectChat in initState, session status check on connect
- Fix customer expired view: 5-min countdown, closure state priority over expired state
- Fix mitra extension UI: loading spinner, disable buttons, handle EXTENSION_RESOLVED error
- Fix GoRouter navigation consistency (no more Navigator.pushNamed)
- Fix goodbye view keyboard overflow (SingleChildScrollView)
- Add active session card on customer home screen with refresh on navigate back
- Fix PricingBottomSheet extension mode (RequestExtension instead of new pairing)
- Send session_resumed to both parties on extension accept

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

backend/src/routes/public/client.chat.routes.js

@@ -1,10 +1,10 @@
 import { authenticate } from '../../plugins/auth.js'
 import { getCustomerByFirebaseUid } from '../../services/customer.service.js'
-import { createPairingRequest, cancelPairingRequest, getSessionStatus } from '../../services/pairing.service.js'
+import { createPairingRequest, cancelPairingRequest } from '../../services/pairing.service.js'
 import { getActiveSessionByCustomer, endSession, getCustomerHistory } from '../../services/session.service.js'
-import { subscribe } from '../../plugins/valkey.js'
 import { getPricingForCustomer, isValidTier, isCustomerEligibleForFreeTrial, getFreeTrial } from '../../services/pricing.service.js'
 import { requestExtension } from '../../services/extension.service.js'
+import { EndedBy } from '../../constants.js'
 
 const resolveCustomer = async (request, reply) => {
   const customer = await getCustomerByFirebaseUid(request.firebaseUser.uid)
@@ -52,7 +52,7 @@ export const clientChatRoutes = async (app) => {
       })
     }
 
-    if (!isValidTier(duration_minutes, price)) {
+    if (!(await isValidTier(duration_minutes, price))) {
       return reply.code(400).send({
         success: false,
         error: { code: 'INVALID_TIER', message: 'Invalid price tier selection' },
@@ -63,43 +63,6 @@ export const clientChatRoutes = async (app) => {
     return reply.code(201).send({ success: true, data: session })
   })
 
-  app.get('/request/:sessionId/status', { preHandler: [authenticate, resolveCustomer] }, async (request, reply) => {
-    const { sessionId } = request.params
-
-    // SSE stream for real-time status updates
-    reply.raw.writeHead(200, {
-      'Content-Type': 'text/event-stream',
-      'Cache-Control': 'no-cache',
-      'Connection': 'keep-alive',
-    })
-
-    // Send current status immediately
-    const current = await getSessionStatus(sessionId)
-    if (current) {
-      reply.raw.write(`data: ${JSON.stringify(current)}\n\n`)
-    }
-
-    // If already in a terminal state, close
-    if (current && ['active', 'completed', 'cancelled', 'expired'].includes(current.status)) {
-      reply.raw.end()
-      return
-    }
-
-    // Subscribe to status updates
-    const unsubscribe = subscribe(`session:${sessionId}:status`, (data) => {
-      reply.raw.write(`data: ${JSON.stringify(data)}\n\n`)
-      if (['paired', 'expired', 'session_ended'].includes(data.type)) {
-        reply.raw.end()
-        unsubscribe()
-      }
-    })
-
-    // Clean up on client disconnect
-    request.raw.on('close', () => {
-      unsubscribe()
-    })
-  })
-
   app.post('/request/:sessionId/cancel', { preHandler: [authenticate, resolveCustomer] }, async (request, reply) => {
     const session = await cancelPairingRequest(request.params.sessionId, request.customer.id)
     return reply.send({ success: true, data: session })
@@ -111,7 +74,7 @@ export const clientChatRoutes = async (app) => {
   })
 
   app.post('/session/:sessionId/end', { preHandler: [authenticate, resolveCustomer] }, async (request, reply) => {
-    const session = await endSession(request.params.sessionId, 'customer')
+    const session = await endSession(request.params.sessionId, EndedBy.CUSTOMER, request.customer.id)
     return reply.send({ success: true, data: session })
   })