fix: use auth over getSession

Replaces `getSession` with `auth` given that `getSession` is
now deprecated.

Refer to: sveltejs/kit#5883 for context.

The following PR also serves as context for the same
milestone: sveltejs/kit#5946

docs/docs/getting-started/providers/oauth-tutorial.mdx

@@ -245,14 +245,14 @@ or https://generate-secret.vercel.app/32 to generate a random value for it.
 
 ### Exposing the session via page store
 
-Auth.js provides us a getSession, function to access the session data and status, to call from the `event.locals` variable. We can now just call it and add it to our `$page` store.
+Auth.js provides us a `auth`, function to access the session data and status, to call from the `event.locals` variable. We can now just call it and add it to our `$page` store.
 
 ```ts
 import type { LayoutServerLoad } from "./$types"
 
 export const load: LayoutServerLoad = async (event) => {
   return {
-    session: await event.locals.getSession(),
+    session: await event.locals.auth(),
   }
 }
 ```
@@ -279,14 +279,14 @@ You can use the `$page.data.session` variable from anywhere on your page. Learn
 
 ### Protecting API Routes
 
-To protect your API Routes (blocking unauthorized access to resources), you can use `locals.getSessions()` just like in the layouts file to know whether a session exists or not:
+To protect your API Routes (blocking unauthorized access to resources), you can use `locals.auth()` just like in the layouts file to know whether a session exists or not:
 
 ```ts title="routes/api/movies/+server.ts"
 import { json, error } from "@sveltejs/kit"
 import type { RequestEvent } from "./$types"
 
 export async function GET({ locals }: RequestEvent) {
-  const session = await locals.getSession()
+  const session = await locals.auth()
   if (!session?.user) {
     throw error(401, "You must sign in to view movies.")
   }