docs: add consolidated dev URL reference and migrate /shop to /storefront

- Add Development URL Quick Reference section to url-routing overview
  with all login URLs, entry points, and full examples
- Replace /shop/ path segments with /storefront/ across 50 docs files
- Update file references: shop_pages.py → storefront_pages.py,
  templates/shop/ → templates/storefront/, api/v1/shop/ → api/v1/storefront/
- Preserve domain references (orion.shop) and /store/ staff dashboard paths
- Archive docs left unchanged (historical)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

docs/api/rbac.md

@@ -86,7 +86,7 @@ The application operates in three isolated contexts:
 |---------|--------|----------------|------------|
 | **Admin** | `/admin/*` | `admin_token` cookie | `super_admin`, `platform_admin` |
 | **Store** | `/store/*` | `store_token` cookie | `merchant_owner`, `store_member` |
-| **Shop** | `/shop/account/*` | `customer_token` cookie | Customers |
+| **Storefront** | `/storefront/account/*` | `customer_token` cookie | Customers |
 
 **Important:** These contexts are security boundaries. Admin users cannot access store routes, store users cannot access admin routes, and customers are entirely separate.
 
@@ -802,7 +802,7 @@ role = Role(
 ┌─────────────┐
 │   Client    │
 │             │
-│ 🍪 customer_token (path=/shop)    │
+│ 🍪 customer_token (path=/storefront)    │
 │ 💾 localStorage.token              │
 └─────────────┘
 ```
@@ -838,7 +838,7 @@ response.set_cookie(
 response.set_cookie(
     key="customer_token",
     value=jwt_token,
-    path="/shop",  # Only sent to /shop/* routes
+    path="/storefront",  # Only sent to /storefront/* routes
     httponly=True,
     secure=True,
     samesite="lax"