WIP: admin auth

api/server/routes/admin/auth.js

@@ -0,0 +1,29 @@
+const express = require('express');
+const { adminVerifyController } = require('~/server/controllers/auth/AdminVerifyController');
+const { adminLoginController } = require('~/server/controllers/auth/AdminLoginController');
+const middleware = require('~/server/middleware');
+
+const router = express.Router();
+
+// Admin local authentication route
+router.post(
+  '/login/local',
+  middleware.logHeaders,
+  middleware.loginLimiter,
+  middleware.checkBan,
+  middleware.requireAdminAuth, // Uses local auth strategy + admin role validation
+  adminLoginController,
+);
+
+// Admin token verification endpoint
+router.get(
+  '/verify',
+  middleware.requireAdminJwtAuth, // Validates JWT + admin role
+  adminVerifyController,
+);
+
+// TODO: Future OAuth/OpenID routes will be added here
+// router.get('/auth/openid', ...);
+// router.get('/auth/openid/callback', ...);
+
+module.exports = router;

api/server/routes/index.js

@@ -1,6 +1,7 @@
 const accessPermissions = require('./accessPermissions');
 const assistants = require('./assistants');
 const categories = require('./categories');
+const adminAuth = require('./admin/auth');
 const tokenizer = require('./tokenizer');
 const endpoints = require('./endpoints');
 const staticRoute = require('./static');
@@ -32,6 +33,7 @@ module.exports = {
   mcp,
   edit,
   auth,
+  adminAuth,
   keys,
   user,
   tags,