refactor: rename Wizamart to Orion across entire codebase

Replace all ~1,086 occurrences of Wizamart/wizamart/WIZAMART/WizaMart
with Orion/orion/ORION across 184 files. This includes database
identifiers, email addresses, domain references, R2 bucket names,
DNS prefixes, encryption salt, Celery app name, config defaults,
Docker configs, CI configs, documentation, seed data, and templates.

Renames homepage-wizamart.html template to homepage-orion.html.
Fixes duplicate file_pattern key in api.yaml architecture rule.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

docs/development/customer-authentication-implementation.md

@@ -56,9 +56,9 @@ Cookies must be set with paths that match how the store is accessed:
 
 | Access Method | Example URL | Cookie Path |
 |--------------|-------------|-------------|
-| Domain | `wizamart.com/shop/account/login` | `/shop` |
-| Subdomain | `wizamart.localhost/shop/account/login` | `/shop` |
-| Path-based | `localhost/stores/wizamart/shop/account/login` | `/stores/wizamart/shop` |
+| Domain | `orion.lu/shop/account/login` | `/shop` |
+| Subdomain | `orion.localhost/shop/account/login` | `/shop` |
+| Path-based | `localhost/stores/orion/shop/account/login` | `/stores/orion/shop` |
 
 This ensures cookies are only sent to the correct store's routes.
 
@@ -145,7 +145,7 @@ access_method = store_context.get('detection_method', 'unknown') if store_contex
 
 cookie_path = "/shop"  # Default for domain/subdomain access
 if access_method == "path":
-    # For path-based access like /stores/wizamart/shop
+    # For path-based access like /stores/orion/shop
     full_prefix = store_context.get('full_prefix', '/store/') if store_context else '/store/'
     cookie_path = f"{full_prefix}{store.subdomain}/shop"
 
@@ -300,30 +300,30 @@ The implementation properly supports all three store access methods:
 
 #### Domain-based Access
 ```
-URL: https://wizamart.com/shop/account/login
+URL: https://orion.lu/shop/account/login
 Cookie Path: /shop
-Cookie Sent To: https://wizamart.com/shop/*
+Cookie Sent To: https://orion.lu/shop/*
 ```
 
 #### Subdomain-based Access
 ```
-URL: https://wizamart.myplatform.com/shop/account/login
+URL: https://orion.myplatform.com/shop/account/login
 Cookie Path: /shop
-Cookie Sent To: https://wizamart.myplatform.com/shop/*
+Cookie Sent To: https://orion.myplatform.com/shop/*
 ```
 
 #### Path-based Access
 ```
-URL: https://myplatform.com/stores/wizamart/shop/account/login
-Cookie Path: /stores/wizamart/shop
-Cookie Sent To: https://myplatform.com/stores/wizamart/shop/*
+URL: https://myplatform.com/stores/orion/shop/account/login
+Cookie Path: /stores/orion/shop
+Cookie Sent To: https://myplatform.com/stores/orion/shop/*
 ```
 
 ## Authentication Flow
 
 ### Login Flow
 
-1. **User loads login page** → `GET /stores/wizamart/shop/account/login`
+1. **User loads login page** → `GET /stores/orion/shop/account/login`
    - Middleware detects store from path
    - Sets `detection_method = "path"` in store_context
    - Renders login template
@@ -337,7 +337,7 @@ Cookie Sent To: https://myplatform.com/stores/wizamart/shop/*
    - Sets `customer_token` cookie with correct path
    - Returns token + customer data
 
-3. **Browser redirects to dashboard** → `GET /stores/wizamart/shop/account/dashboard`
+3. **Browser redirects to dashboard** → `GET /stores/orion/shop/account/dashboard`
    - Browser sends `customer_token` cookie (path matches!)
    - Dependency `get_current_customer_from_cookie_or_header` extracts token
    - Decodes JWT, validates `type == "customer"`