Chat fix, provider delete, Gemini support, dead code removal

Removed the unused ConversationPhaseService (write-only telemetry with zero production consumers). This included dropping the phase.update() calls in UserMessageProcessor.post_turn and updating architecture docs. All 1379 unit tests continue to pass.

Fixed two chat bugs: attached images now persist in the user chat bubble after sending, and errors like provider 429/quota no longer trigger a page reload via misclassification as auth failure. The image fix captures preview metadata before clearing the file input; the error fix scopes the redirect only to explicit auth_failed signals.

Provider deletion is now a hard delete instead of soft-deleting with is_active=0. The previous soft-delete caused a unique constraint violation when re-creating a provider with a freed name. The is_active column was removed from schema, queries, and seeders, and pre-existing soft-deleted rows are purged at startup. Duplicate-name conflicts now return 409 instead of 500.

The /providers/list-models endpoint now supports Gemini. A new _fetch_gemini_models() function uses the Gemini REST API to list generateContent models, strips the ‘models/’ prefix, and handles pagination. Previously Gemini fell through to an unsupported platform error.

• ConversationPhaseService removed — zero production readers, two phase.update() calls dropped, 1379 tests pass.

• Uploaded images are now rendered in the user’s chat bubble with themed thumbnails instead of disappearing on send.

• Backend errors (429/quota, tool errors) no longer trigger a full page reload; only explicit auth failures redirect to login.

• Provider deletion is now a physical DELETE; re-creating a provider with the same name succeeds, and duplicate-name returns 409 instead of 500.

• Gemini models are now listed via the /list-models endpoint using the Gemini REST API with pagination and key header.