Local admin auth
This MVP uses a backend-issued bearer token stored in a Next.js session cookie. Use the bootstrap admin credentials configured in the backend environment.
The login flow protects prompt management, brand settings, draft generation, quality review, provider inventory, and publishing queue actions.
The default seeded admin account is controlled by `BOOTSTRAP_ADMIN_EMAIL`, `BOOTSTRAP_ADMIN_PASSWORD`, and `BOOTSTRAP_ADMIN_FULL_NAME`.
Access
Authentication is local-only in the current MVP and does not use external identity providers.