…agement

Refactor internal authentication system by renaming the control module to account,
making it easier to understand that this handles user account credentials and
tokens. Simplify database schema management by removing the centralized schema
exports and letting each module manage its own tables directly.

Allow users to authenticate via browser-based OAuth device flow
with opencode login command. Includes login, logout, switch account,
and workspaces list commands for managing multiple accounts.

…l workspace access

Enable users to authenticate with multiple accounts and switch between
them, accessing workspaces from each account separately.

…mands

Switch from boolean active flag to workspace_id tracking so users can select which workspace context to operate in. Login now automatically selects the first available workspace and stores it on the account record.

Logout command now actually removes account records and supports targeting specific accounts by email. Switch command provides an interactive picker to change active workspace. Workspaces command lists all available workspaces across accounts.

Configuration now loads workspace-specific settings from the server when an active workspace is selected, enabling per-workspace customization of opencode behavior.

…estoring legacy ControlAccountTable alongside new AccountTable structure

Align env var name with opencontrol server's default CONSOLE_TOKEN_ENV.

Single source of truth for current selection: account_state now owns
both active_account_id and active_org_id. Simplifies use() to a
single setState call and removes org state from the account table.

Also uses db() wrapper consistently in persistAccount and caps
orgsByAccount concurrency.

# ------------------------ >8 ------------------------
# Do not modify or remove the line above.
# Everything below it will be ignored.
#
# Conflicts:
#	bun.lock

Wrap Account.config() in try/catch during config initialization so
unreachable servers don't crash unrelated code paths like tool registry.

Commands still work when invoked directly but won't confuse
regular users who don't need multi-account management yet.

File deletion is unreliable on Windows due to SQLite file locking.
Truncating via SQL avoids filesystem operations entirely and gives
each test a clean slate without cross-test state leakage.

- Remove unused AccountRepoError import from service.ts
- Replace Bun.sleep with setTimeout in providers.ts
- Parallelize Account.config() + Account.token() in config startup

Restore --provider/-p and --method/-m flags, trailing slash
normalization, and Claude Max hint removal that were lost when
auth.ts was renamed to providers.ts before these features landed
on dev.

drizzle-kit's jiti loader cannot resolve tsconfig @/ path aliases.
Switch all .sql.ts files to relative imports and add the missing
snapshot for the move_org_to_state custom migration.