Changelog — Auth.js admin + user roles

TL;DR

Shipped Auth.js v5 in ~/Project/lumendev-core: Google + Credentials, JWT sessions, admin/user roles, public landing with guarded /admin and POST /api/bookings.

Change

• Auth split: auth.config.ts + auth.ts, middleware, User model, /sign-in, /daftar, register API
• ADMIN_EMAILS env allowlist; registration locked to user role

Reason

Unblock Rumah Singgah booking (userId + role gates) and admin dashboard backlog.

Impact

• p0-auth-admin-user-roles → done (prod Google OAuth URI TBD at deploy)
• Next: p0-rumah-singgah-booking, p0-admin-bookings-content, p0-public-landing-pages-id

Links

• [[Projects/lumendev-museum-ibu-marsinah/context/authjs-implementation|Auth file map]]
• Git: feat: Auth.js with admin/user roles and selective middleware