feat: remove register, add evo webhooks, admin view-as user

- Remove /register route and nav links (users created via Evotor webhook)
- Fix evotor_webhooks.py: use phone=None instead of phone="" to avoid unique constraint
- Add admin "view as user" feature: POST /admin/users/{id}/view-as sets viewed_user_id
  in session; POST /admin/view-as/stop clears it
- catalog, vk_catalog, sync, connections GET routes use get_viewed_user() so admins
  see another user's data while browsing
- Orange banner shown at top when admin is viewing as another user

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

web/auth/session.py

@@ -3,7 +3,7 @@ from fastapi.responses import RedirectResponse
 from sqlalchemy.orm import Session
 from starlette.requests import Request
 
-from web.models.user import User, UserStatusEnum
+from web.models.user import User, UserRoleEnum, UserStatusEnum
 
 
 def get_session_user_id(request: Request) -> int | None:
@@ -21,5 +21,22 @@ def get_current_user(request: Request, db: Session) -> User:
     return user
 
 
+def get_viewed_user(request: Request, db: Session) -> tuple[User, User]:
+    """Return (real_user, viewed_user).
+
+    Admins/system users can view another user's data by having
+    `viewed_user_id` set in the session (via /admin/users/{id}/view-as).
+    For regular users, both values are the same.
+    """
+    real_user = get_current_user(request, db)
+    is_admin = real_user.role in (UserRoleEnum.admin, UserRoleEnum.system)
+    viewed_id = request.session.get("viewed_user_id") if is_admin else None
+    if viewed_id:
+        viewed = db.get(User, viewed_id)
+        if viewed:
+            return real_user, viewed
+    return real_user, real_user
+
+
 def login_redirect() -> RedirectResponse:
     return RedirectResponse("/login", status_code=303)