@intranefr/superbackend 1.5.2 → 1.6.3

package/src/middleware.js

@@ -23,7 +23,10 @@ const mongoose = require("mongoose");
 const cors = require("cors");
 const fs = require("fs");
 const ejs = require("ejs");
-const { basicAuth } = require("./middleware/auth");
+const session = require("express-session");
+const MongoStore = require("connect-mongo");
+const { adminSessionAuth } = require("./middleware/auth");
+const { requireModuleAccess } = require("./middleware/rbac");
 const endpointRegistry = require("./admin/endpointRegistry");
 const {
   createFeatureFlagsEjsMiddleware,
@@ -40,6 +43,7 @@ const {
   requestIdMiddleware,
 } = require("./middleware/errorCapture");
 const rateLimiter = require("./services/rateLimiter.service");
+const pluginsService = require("./services/plugins.service");
 
 let errorCaptureInitialized = false;
 
@@ -81,6 +85,10 @@ async function isConsoleManagerEnabled() {
  * @param {string} options.jwtSecret - JWT secret for authentication
  * @param {Object} options.dbConnection - Existing Mongoose connection
  * @param {boolean} options.skipBodyParser - Skip adding body parser middleware (default: false)
+ * @param {Object} options.telegram - Telegram configuration
+ * @param {boolean} options.telegram.enabled - Whether to enable Telegram bots (default: true)
+ * @param {Object} options.cron - Cron scheduler configuration
+ * @param {boolean} options.cron.enabled - Whether to enable cron scheduler (default: true)
  * @returns {express.Router} Configured Express router
  */
 function createMiddleware(options = {}) {
@@ -88,6 +96,66 @@ function createMiddleware(options = {}) {
   const adminPath = options.adminPath || "/admin";
   const pagesPrefix = options.pagesPrefix || "/";
 
+  const bootstrapPluginsRuntime = async () => {
+    try {
+      const superbackend = globalThis.superbackend || globalThis.saasbackend || {};
+      await pluginsService.bootstrap({
+        context: {
+          services: superbackend.services || {},
+          helpers: superbackend.helpers || {},
+        },
+      });
+      const pluginServices = pluginsService.getExposedServices();
+      const pluginHelpers = pluginsService.getExposedHelpers();
+      if (superbackend.services && typeof superbackend.services === "object") {
+        superbackend.services.pluginsRuntime = pluginServices;
+      }
+      if (superbackend.helpers && typeof superbackend.helpers === "object") {
+        superbackend.helpers.pluginsRuntime = pluginHelpers;
+      }
+    } catch (error) {
+      console.error("Failed to bootstrap plugins runtime:", error);
+    }
+  };
+
+  // Debug: Log received options
+  console.log("[Middleware Debug] Received options:", {
+    telegramEnabled: options.telegram?.enabled,
+    cronEnabled: options.cron?.enabled
+  });
+
+  router.get(`${adminPath}/plugins-system`, requireModuleAccessWithIframe('plugins', 'read'), (req, res) => {
+    const templatePath = path.join(
+      __dirname,
+      "..",
+      "views",
+      "admin-plugins-system.ejs",
+    );
+    fs.readFile(templatePath, "utf8", (err, template) => {
+      if (err) {
+        console.error("Error reading template:", err);
+        return res.status(500).send("Error loading page");
+      }
+      try {
+        const html = ejs.render(
+          template,
+          {
+            baseUrl: req.baseUrl,
+            adminPath,
+            isIframe: req.isIframe || false
+          },
+          {
+            filename: templatePath,
+          },
+        );
+        res.send(html);
+      } catch (renderErr) {
+        console.error("Error rendering template:", renderErr);
+        res.status(500).send("Error rendering page");
+      }
+    });
+  });
+
   const normalizeBasePath = (value) => {
     const v = String(value || "").trim();
     if (!v) return "/files";
@@ -161,18 +229,35 @@ function createMiddleware(options = {}) {
       maxPoolSize: 10,
     };
 
+const telegramService = require("./services/telegram.service");
+
     // Return a promise that resolves when connection is established
     const connectionPromise = mongoose
       .connect(mongoUri, connectionOptions)
       .then(async () => {
         console.log("✅ Middleware: Connected to MongoDB");
-        // Start cron scheduler after DB connection
-        await cronScheduler.start();
-        await healthChecksScheduler.start();
-        await healthChecksBootstrap.bootstrap();
-        await blogCronsBootstrap.bootstrap();
-        await require("./services/experimentsCronsBootstrap.service").bootstrap();
         
+        // Start cron scheduler after DB connection (only if enabled)
+        if (options.cron?.enabled !== false) {
+          await cronScheduler.start();
+          await healthChecksScheduler.start();
+          await healthChecksBootstrap.bootstrap();
+          await blogCronsBootstrap.bootstrap();
+          await require("./services/experimentsCronsBootstrap.service").bootstrap();
+        } else {
+          console.log("🔍 Cron scheduler disabled - cron.enabled:", options.cron?.enabled);
+        }
+        
+        // Initialize Telegram bots (check telegram config)
+        const telegramEnabled = options.telegram?.enabled !== false;
+        if (telegramEnabled) {
+          await telegramService.init();
+        } else {
+          console.log("🔍 Telegram bots disabled - telegram.enabled:", options.telegram?.enabled);
+        }
+
+        await bootstrapPluginsRuntime();
+
         // Console manager is already initialized early in the middleware
         console.log("[Console Manager] MongoDB connection established");
         
@@ -183,7 +268,7 @@ function createMiddleware(options = {}) {
         return false;
       });
 
-    router.get(`${adminPath}/health-checks`, basicAuth, (req, res) => {
+    router.get(`${adminPath}/health-checks`, requireModuleAccessWithIframe('health-checks', 'read'), (req, res) => {
       const templatePath = path.join(
         __dirname,
         "..",
@@ -201,6 +286,7 @@ function createMiddleware(options = {}) {
             {
               baseUrl: req.baseUrl,
               adminPath,
+              isIframe: req.isIframe || false
             },
             {
               filename: templatePath,
@@ -214,7 +300,39 @@ function createMiddleware(options = {}) {
       });
     });
 
-    router.get(`${adminPath}/console-manager`, basicAuth, (req, res) => {
+    router.get(`${adminPath}/data-cleanup`, requireModuleAccessWithIframe('data-cleanup', 'read'), (req, res) => {
+      const templatePath = path.join(
+        __dirname,
+        "..",
+        "views",
+        "admin-data-cleanup.ejs",
+      );
+      fs.readFile(templatePath, "utf8", (err, template) => {
+        if (err) {
+          console.error("Error reading template:", err);
+          return res.status(500).send("Error loading page");
+        }
+        try {
+          const html = ejs.render(
+            template,
+            {
+              baseUrl: req.baseUrl,
+              adminPath,
+              isIframe: req.isIframe || false
+            },
+            {
+              filename: templatePath,
+            },
+          );
+          res.send(html);
+        } catch (renderErr) {
+          console.error("Error rendering template:", renderErr);
+          res.status(500).send("Error rendering page");
+        }
+      });
+    });
+
+    router.get(`${adminPath}/console-manager`, requireModuleAccessWithIframe('console-manager', 'read'), (req, res) => {
       const templatePath = path.join(
         __dirname,
         "..",
@@ -232,6 +350,7 @@ function createMiddleware(options = {}) {
             {
               baseUrl: req.baseUrl,
               adminPath,
+              isIframe: req.isIframe || false
             },
             {
               filename: templatePath,
@@ -249,25 +368,44 @@ function createMiddleware(options = {}) {
     router.connectionPromise = connectionPromise;
   } else if (mongoose.connection.readyState === 1) {
     console.log("✅ Middleware: Using existing MongoDB connection");
-    // Start cron scheduler for existing connection
-    cronScheduler.start().catch((err) => {
-      console.error("Failed to start cron scheduler:", err);
-    });
-    healthChecksScheduler.start().catch((err) => {
-      console.error("Failed to start health checks scheduler:", err);
-    });
-    healthChecksBootstrap.bootstrap().catch((err) => {
-      console.error("Failed to bootstrap health checks:", err);
-    });
-    blogCronsBootstrap.bootstrap().catch((err) => {
-      console.error("Failed to bootstrap blog crons:", err);
-    });
+    
+    // Start cron scheduler for existing connection (only if enabled)
+    if (options.cron?.enabled !== false) {
+      cronScheduler.start().catch((err) => {
+        console.error("Failed to start cron scheduler:", err);
+      });
+      healthChecksScheduler.start().catch((err) => {
+        console.error("Failed to start health checks scheduler:", err);
+      });
+      healthChecksBootstrap.bootstrap().catch((err) => {
+        console.error("Failed to bootstrap health checks:", err);
+      });
+      blogCronsBootstrap.bootstrap().catch((err) => {
+        console.error("Failed to bootstrap blog crons:", err);
+      });
 
-    require("./services/experimentsCronsBootstrap.service")
-      .bootstrap()
-      .catch((err) => {
-        console.error("Failed to bootstrap experiments crons:", err);
+      require("./services/experimentsCronsBootstrap.service")
+        .bootstrap()
+        .catch((err) => {
+          console.error("Failed to bootstrap experiments crons:", err);
+        });
+    } else {
+      console.log("🔍 Cron scheduler disabled - cron.enabled:", options.cron?.enabled, "(existing connection)");
+    }
+    
+    // Initialize Telegram bots for existing connection (check telegram config)
+    const telegramEnabled = options.telegram?.enabled !== false;
+    if (telegramEnabled) {
+      telegramService.init().catch(err => {
+        console.error("Failed to initialize Telegram service (existing connection):", err);
       });
+    } else {
+      console.log("🔍 Telegram bots disabled - telegram.enabled:", options.telegram?.enabled, "(existing connection)");
+    }
+
+    bootstrapPluginsRuntime().catch((err) => {
+      console.error("Failed to bootstrap plugins runtime (existing connection):", err);
+    });
     
     // Initialize console manager AFTER database is already connected
     if (process.env.NODE_ENV !== "test" && !process.env.JEST_WORKER_ID) {
@@ -362,10 +500,34 @@ function createMiddleware(options = {}) {
     router.use(express.urlencoded({ extended: true }));
   }
 
+  // Session middleware for admin authentication
+  const sessionMiddleware = session({
+    secret: process.env.SESSION_SECRET || 'superbackend-session-secret-fallback',
+    resave: false,
+    saveUninitialized: false,
+    cookie: {
+      secure: process.env.NODE_ENV === 'production',
+      httpOnly: true,
+      maxAge: 24 * 60 * 60 * 1000, // 24 hours
+      sameSite: 'lax'
+    },
+    store: MongoStore.create({
+      mongoUrl: options.mongodbUri || process.env.MONGODB_URI,
+      collectionName: 'admin_sessions',
+      ttl: 24 * 60 * 60 // 24 hours in seconds
+    }),
+    name: 'superbackend.admin.session'
+  });
+
+  router.use(sessionMiddleware);
+
   router.use(requestIdMiddleware);
 
   router.use("/api", rateLimiter.limit("globalApiLimiter"));
 
+  // Serve public static files with /public prefix (for admin UI components)
+  router.use("/public", express.static(path.join(__dirname, "..", "public")));
+
   // Serve public static files (e.g. /og/og-default.png)
   router.use(express.static(path.join(__dirname, "..", "public")));
 
@@ -443,7 +605,7 @@ function createMiddleware(options = {}) {
     require("./routes/waitingListAdmin.routes"),
   );
   router.use("/api/admin/orgs", require("./routes/orgAdmin.routes"));
-  router.use("/api/admin/users", require("./routes/userAdmin.routes"));
+  router.use("/api/admin/users", requireModuleAccessWithIframe('users', 'read'), require("./routes/userAdmin.routes"));
   router.use("/api/admin/rbac", require("./routes/adminRbac.routes"));
   router.use(
     "/api/admin/notifications",
@@ -455,11 +617,111 @@ function createMiddleware(options = {}) {
   const adminStatsController = require("./controllers/adminStats.controller");
   router.get(
     "/api/admin/stats/overview",
-    basicAuth,
+    adminSessionAuth,
     adminStatsController.getOverviewStats,
   );
 
-  router.get(`${adminPath}/stats/dashboard-home`, basicAuth, (req, res) => {
+  // Middleware to check if request is from authenticated parent iframe
+function checkIframeAuth(req, res, next) {
+  const referer = req.get('Referer');
+  const origin = req.get('Origin');
+  const adminPath = req.adminPath || '/admin';
+  
+  // Check for iframe token parameter (more reliable than referer)
+  const iframeToken = req.query.iframe_token;
+  if (iframeToken && iframeToken === 'authenticated') {
+    req.isIframe = true;
+    return next();
+  }
+  
+  // Fallback to referer/origin check
+  const isValidReferer = referer && referer.includes(adminPath);
+  const isValidOrigin = origin && origin.includes(req.hostname);
+  
+  if (isValidReferer || isValidOrigin) {
+    req.isIframe = true;
+    return next();
+  }
+  
+  // If not from iframe, require normal authentication
+  return adminSessionAuth(req, res, next);
+}
+
+// Combined middleware for iframe authentication + module access
+function requireModuleAccessWithIframe(moduleId, action = 'read') {
+  return async (req, res, next) => {
+    try {
+      // Check for iframe authentication first
+      const referer = req.get('Referer');
+      const origin = req.get('Origin');
+      const adminPath = req.adminPath || '/admin';
+      const iframeToken = req.query.iframe_token;
+      
+      const isValidIframe = (iframeToken && iframeToken === 'authenticated') ||
+                          (referer && referer.includes(adminPath)) ||
+                          (origin && origin.includes(req.hostname));
+      
+      if (isValidIframe) {
+        req.isIframe = true;
+        // For iframe requests, we'll allow access but mark it as iframe context
+        return next();
+      }
+      
+      // Check for basic auth superadmin bypass
+      if (isBasicAuthSuperAdmin(req)) {
+        return next();
+      }
+
+      // Get user ID from session
+      const userId = req.session?.authData?.userId;
+      if (!userId) {
+        return res.redirect(`${req.adminPath || '/admin'}/login`);
+      }
+
+      // Check RBAC permission for specific module
+      const hasAccess = await rbacService.checkRight({
+        userId,
+        orgId: null, // Global admin permissions
+        right: `admin_panel__${moduleId}:${action}`
+      });
+
+      if (!hasAccess.allowed) {
+        // For API routes, return JSON error
+        if (req.path.startsWith('/api/')) {
+          return res.status(403).json({
+            error: 'Access denied',
+            reason: hasAccess.reason,
+            required: `admin_panel__${moduleId}:${action}`,
+            moduleId,
+            action
+          });
+        }
+
+        // For page routes, render 403 page
+        return res.status(403).render('admin-403', {
+          moduleId,
+          action,
+          required: `admin_panel__${moduleId}:${action}`,
+          reason: hasAccess.reason,
+          user: req.session.authData,
+          adminPath: req.adminPath || '/admin'
+        });
+      }
+
+      next();
+    } catch (error) {
+      console.error('Module access check error:', error);
+      
+      if (req.path.startsWith('/api/')) {
+        return res.status(500).json({ error: 'Access check failed' });
+      } else {
+        return res.status(500).send('Access check failed');
+      }
+    }
+  };
+}
+
+router.get(`${adminPath}/stats/dashboard-home`, checkIframeAuth, (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -474,7 +736,11 @@ function createMiddleware(options = {}) {
       try {
         const html = ejs.render(
           template,
-          { baseUrl: req.baseUrl, adminPath },
+          { 
+            baseUrl: req.baseUrl, 
+            adminPath,
+            isIframe: req.isIframe || false
+          },
           { filename: templatePath },
         );
         res.send(html);
@@ -485,7 +751,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/experiments`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/experiments`, requireModuleAccessWithIframe('experiments', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -503,6 +769,7 @@ function createMiddleware(options = {}) {
           {
             baseUrl: req.baseUrl,
             adminPath,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -516,7 +783,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/rbac`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/rbac`, requireModuleAccessWithIframe('rbac', 'read'), (req, res) => {
     const templatePath = path.join(__dirname, "..", "views", "admin-rbac.ejs");
     fs.readFile(templatePath, "utf8", (err, template) => {
       if (err) {
@@ -529,6 +796,7 @@ function createMiddleware(options = {}) {
           {
             baseUrl: req.baseUrl,
             adminPath,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -542,7 +810,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/terminals`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/terminals`, requireModuleAccessWithIframe('terminals', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -561,6 +829,7 @@ function createMiddleware(options = {}) {
             baseUrl: req.baseUrl,
             adminPath,
             endpointRegistry,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -574,7 +843,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/scripts`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/scripts`, requireModuleAccessWithIframe('scripts', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -593,6 +862,7 @@ function createMiddleware(options = {}) {
             baseUrl: req.baseUrl,
             adminPath,
             endpointRegistry,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -606,7 +876,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/crons`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/crons`, requireModuleAccessWithIframe('crons', 'read'), (req, res) => {
     const templatePath = path.join(__dirname, "..", "views", "admin-crons.ejs");
     fs.readFile(templatePath, "utf8", (err, template) => {
       if (err) {
@@ -619,6 +889,7 @@ function createMiddleware(options = {}) {
           {
             baseUrl: req.baseUrl,
             adminPath,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -632,7 +903,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/cache`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/cache`, requireModuleAccessWithIframe('cache', 'read'), (req, res) => {
     const templatePath = path.join(__dirname, "..", "views", "admin-cache.ejs");
     fs.readFile(templatePath, "utf8", (err, template) => {
       if (err) {
@@ -645,6 +916,7 @@ function createMiddleware(options = {}) {
           {
             baseUrl: req.baseUrl,
             adminPath,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -658,36 +930,101 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/db-browser`, basicAuth, (req, res) => {
-    const templatePath = path.join(
-      __dirname,
-      "..",
-      "views",
-      "admin-db-browser.ejs",
-    );
-    fs.readFile(templatePath, "utf8", (err, template) => {
-      if (err) {
-        console.error("Error reading template:", err);
-        return res.status(500).send("Error loading page");
-      }
-      try {
-        const html = ejs.render(
-          template,
-          {
-            baseUrl: req.baseUrl,
-            adminPath,
-          },
-          {
-            filename: templatePath,
-          },
-        );
-        res.send(html);
-      } catch (renderErr) {
-        console.error("Error rendering template:", renderErr);
-        res.status(500).send("Error rendering page");
-      }
+    router.get(`${adminPath}/db-browser`, requireModuleAccessWithIframe('db-browser', 'read'), (req, res) => {
+      const templatePath = path.join(
+        __dirname,
+        "..",
+        "views",
+        "admin-db-browser.ejs",
+      );
+      fs.readFile(templatePath, "utf8", (err, template) => {
+        if (err) {
+          console.error("Error reading template:", err);
+          return res.status(500).send("Error loading page");
+        }
+        try {
+          const html = ejs.render(
+            template,
+            {
+              baseUrl: req.baseUrl,
+              adminPath,
+              isIframe: req.isIframe || false
+            },
+            {
+              filename: templatePath,
+            },
+          );
+          res.send(html);
+        } catch (renderErr) {
+          console.error("Error rendering template:", renderErr);
+          res.status(500).send("Error rendering page");
+        }
+      });
+    });
+
+    router.get(`${adminPath}/telegram`, requireModuleAccessWithIframe('telegram', 'read'), (req, res) => {
+      const templatePath = path.join(
+        __dirname,
+        "..",
+        "views",
+        "admin-telegram.ejs",
+      );
+      fs.readFile(templatePath, "utf8", (err, template) => {
+        if (err) {
+          console.error("Error reading template:", err);
+          return res.status(500).send("Error loading page");
+        }
+        try {
+          const html = ejs.render(
+            template,
+            {
+              baseUrl: req.baseUrl,
+              adminPath,
+              isIframe: req.isIframe || false
+            },
+            {
+              filename: templatePath,
+            },
+          );
+          res.send(html);
+        } catch (renderErr) {
+          console.error("Error rendering template:", renderErr);
+          res.status(500).send("Error rendering page");
+        }
+      });
+    });
+
+    router.get(`${adminPath}/agents`, requireModuleAccessWithIframe('agents', 'read'), (req, res) => {
+      const templatePath = path.join(
+        __dirname,
+        "..",
+        "views",
+        "admin-agents.ejs",
+      );
+      fs.readFile(templatePath, "utf8", (err, template) => {
+        if (err) {
+          console.error("Error reading template:", err);
+          return res.status(500).send("Error loading page");
+        }
+        try {
+          const html = ejs.render(
+            template,
+            {
+              baseUrl: req.baseUrl,
+              adminPath,
+              isIframe: req.isIframe || false
+            },
+            {
+              filename: templatePath,
+            },
+          );
+          res.send(html);
+        } catch (renderErr) {
+          console.error("Error rendering template:", renderErr);
+          res.status(500).send("Error rendering page");
+        }
+      });
     });
-  });
 
   router.use("/api/admin", require("./routes/admin.routes"));
   router.use("/api/admin/settings", require("./routes/globalSettings.routes"));
@@ -699,6 +1036,10 @@ function createMiddleware(options = {}) {
     "/api/admin/json-configs",
     require("./routes/adminJsonConfigs.routes"),
   );
+  router.use(
+    "/api/admin/markdowns",
+    require("./routes/adminMarkdowns.routes"),
+  );
   router.use(
     "/api/admin/rate-limits",
     require("./routes/adminRateLimits.routes"),
@@ -725,6 +1066,10 @@ function createMiddleware(options = {}) {
     "/api/admin/db-browser",
     require("./routes/adminDbBrowser.routes"),
   );
+  router.use(
+    "/api/admin/data-cleanup",
+    require("./routes/adminDataCleanup.routes"),
+  );
   router.use("/api/admin/terminals", require("./routes/adminTerminals.routes"));
   router.use("/api/admin/experiments", require("./routes/adminExperiments.routes"));
   router.use("/api/admin/assets", require("./routes/adminAssets.routes"));
@@ -739,15 +1084,19 @@ function createMiddleware(options = {}) {
   router.use("/api/admin/migration", require("./routes/adminMigration.routes"));
   router.use(
     "/api/admin/errors",
-    basicAuth,
+    adminSessionAuth,
     require("./routes/adminErrors.routes"),
   );
   router.use(
     "/api/admin/audit",
-    basicAuth,
+    requireModuleAccessWithIframe('audit', 'read'),
     require("./routes/adminAudit.routes"),
   );
   router.use("/api/admin/llm", require("./routes/adminLlm.routes"));
+  router.use("/api/admin/telegram", require("./routes/adminTelegram.routes"));
+  router.use("/api/admin/agents", require("./routes/adminAgents.routes"));
+  router.use("/api/admin/registries", require("./routes/adminRegistry.routes"));
+  router.use("/api/admin/plugins", require("./routes/adminPlugins.routes"));
   router.use(
     "/api/admin/ejs-virtual",
     require("./routes/adminEjsVirtual.routes"),
@@ -756,12 +1105,13 @@ function createMiddleware(options = {}) {
   router.use("/api/admin", require("./routes/adminBlog.routes"));
   router.use("/api/admin", require("./routes/adminBlogAi.routes"));
   router.use("/api/admin", require("./routes/adminBlogAutomation.routes"));
-  router.use("/api/admin/workflows", basicAuth, require("./routes/workflows.routes"));
+  router.use("/api/admin/workflows", adminSessionAuth, require("./routes/workflows.routes"));
   router.use("/w", require("./routes/workflowWebhook.routes"));
   router.use("/api/webhooks", require("./routes/webhook.routes"));
   router.use("/api/settings", require("./routes/globalSettings.routes"));
   router.use("/api/feature-flags", require("./routes/featureFlags.routes"));
   router.use("/api/json-configs", require("./routes/jsonConfigs.routes"));
+  router.use("/api/markdowns", require("./routes/markdowns.routes"));
   router.use("/api/assets", require("./routes/assets.routes"));
   router.use("/api/i18n", require("./routes/i18n.routes"));
   router.use("/api/headless", require("./routes/headless.routes"));
@@ -773,6 +1123,7 @@ function createMiddleware(options = {}) {
   router.use("/api/error-tracking", require("./routes/errorTracking.routes"));
   router.use("/api/ui-components", require("./routes/uiComponentsPublic.routes"));
   router.use("/api/rbac", require("./routes/rbac.routes"));
+  router.use("/registry", require("./routes/registry.routes"));
   router.use("/api/file-manager", require("./routes/fileManager.routes"));
   router.use("/api/experiments", require("./routes/experiments.routes"));
 
@@ -794,8 +1145,14 @@ function createMiddleware(options = {}) {
   // Public assets proxy
   router.use("/public/assets", require("./routes/publicAssets.routes"));
 
-  // Admin dashboard (polished view)
-  router.get(adminPath, basicAuth, (req, res) => {
+  // Admin login routes (no authentication required)
+  router.use(`${adminPath}`, (req, res, next) => {
+    req.adminPath = adminPath;
+    next();
+  }, require("./routes/adminLogin.routes"));
+
+  // Admin dashboard (redirect to login if not authenticated)
+  router.get(adminPath, adminSessionAuth, (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -810,7 +1167,7 @@ function createMiddleware(options = {}) {
       try {
         const html = ejs.render(
           template,
-          { baseUrl: req.baseUrl, adminPath },
+          { baseUrl: req.baseUrl, adminPath, isIframe: req.isIframe || false },
           { filename: templatePath },
         );
         res.send(html);
@@ -821,8 +1178,8 @@ function createMiddleware(options = {}) {
     });
   });
 
-  // Admin technical API test page (protected by basic auth)
-  router.get(`${adminPath}/api/test`, basicAuth, (req, res) => {
+  // Admin technical API test page (protected by session auth)
+  router.get(`${adminPath}/api/test`, adminSessionAuth, (req, res) => {
     const templatePath = path.join(__dirname, "..", "views", "admin-test.ejs");
     fs.readFile(templatePath, "utf8", (err, template) => {
       if (err) {
@@ -836,6 +1193,7 @@ function createMiddleware(options = {}) {
             baseUrl: req.baseUrl,
             adminPath,
             endpointRegistry,
+            isIframe: req.isIframe || false,
           },
           {
             filename: templatePath,
@@ -849,7 +1207,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/migration`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/migration`, requireModuleAccessWithIframe('migration', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -867,7 +1225,7 @@ function createMiddleware(options = {}) {
           {
             baseUrl: req.baseUrl,
             adminPath,
-            endpointRegistry,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -882,7 +1240,7 @@ function createMiddleware(options = {}) {
   });
 
   // Admin LLM/AI page (protected by basic auth)
-  router.get(`${adminPath}/admin-llm`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/admin-llm`, requireModuleAccessWithIframe('admin-llm', 'read'), (req, res) => {
     const templatePath = path.join(__dirname, "..", "views", "admin-llm.ejs");
     fs.readFile(templatePath, "utf8", (err, template) => {
       if (err) {
@@ -895,6 +1253,7 @@ function createMiddleware(options = {}) {
           {
             baseUrl: req.baseUrl,
             adminPath,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -908,7 +1267,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/workflows/:id`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/workflows/:id`, adminSessionAuth, (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -923,7 +1282,7 @@ function createMiddleware(options = {}) {
       try {
         const html = ejs.render(
           template,
-          { baseUrl: req.baseUrl, adminPath },
+          { baseUrl: req.baseUrl, adminPath, isIframe: req.isIframe || false },
           { filename: templatePath },
         );
         res.send(html);
@@ -934,7 +1293,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/pages`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/pages`, requireModuleAccessWithIframe('pages', 'read'), (req, res) => {
     const templatePath = path.join(__dirname, "..", "views", "admin-pages.ejs");
     fs.readFile(templatePath, "utf8", (err, template) => {
       if (err) {
@@ -947,6 +1306,7 @@ function createMiddleware(options = {}) {
           {
             baseUrl: req.baseUrl,
             adminPath,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -960,7 +1320,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/blog`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/blog`, requireModuleAccessWithIframe('blog', 'read'), (req, res) => {
     const templatePath = path.join(__dirname, "..", "views", "admin-blog.ejs");
     fs.readFile(templatePath, "utf8", (err, template) => {
       if (err) {
@@ -970,7 +1330,7 @@ function createMiddleware(options = {}) {
       try {
         const html = ejs.render(
           template,
-          { baseUrl: req.baseUrl, adminPath },
+          { baseUrl: req.baseUrl, adminPath, isIframe: req.isIframe || false },
           { filename: templatePath },
         );
         res.send(html);
@@ -981,7 +1341,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/blog-automation`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/blog-automation`, requireModuleAccessWithIframe('blog-automation', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -996,7 +1356,7 @@ function createMiddleware(options = {}) {
       try {
         const html = ejs.render(
           template,
-          { baseUrl: req.baseUrl, adminPath },
+          { baseUrl: req.baseUrl, adminPath, isIframe: req.isIframe || false },
           { filename: templatePath },
         );
         res.send(html);
@@ -1007,7 +1367,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/blog/new`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/blog/new`, requireModuleAccessWithIframe('blog', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1022,7 +1382,7 @@ function createMiddleware(options = {}) {
       try {
         const html = ejs.render(
           template,
-          { baseUrl: req.baseUrl, adminPath, postId: "", mode: "new" },
+          { baseUrl: req.baseUrl, adminPath, postId: "", mode: "new", isIframe: req.isIframe || false },
           { filename: templatePath },
         );
         res.send(html);
@@ -1033,7 +1393,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/blog/edit/:id`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/blog/edit/:id`, requireModuleAccessWithIframe('blog', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1053,6 +1413,7 @@ function createMiddleware(options = {}) {
             adminPath,
             postId: String(req.params.id || ""),
             mode: "edit",
+            isIframe: req.isIframe || false,
           },
           { filename: templatePath },
         );
@@ -1064,38 +1425,39 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/file-manager`, basicAuth, (req, res) => {
-    const templatePath = path.join(
-      __dirname,
-      "..",
-      "views",
-      "admin-file-manager.ejs",
-    );
-    fs.readFile(templatePath, "utf8", (err, template) => {
-      if (err) {
-        console.error("Error reading template:", err);
-        return res.status(500).send("Error loading page");
-      }
-      try {
-        const html = ejs.render(
-          template,
-          {
-            baseUrl: req.baseUrl,
-            adminPath,
-          },
-          {
-            filename: templatePath,
-          },
-        );
-        res.send(html);
-      } catch (renderErr) {
-        console.error("Error rendering template:", renderErr);
-        res.status(500).send("Error rendering page");
-      }
+router.get(`${adminPath}/file-manager`, requireModuleAccessWithIframe('file-manager', 'read'), (req, res) => {
+  const templatePath = path.join(
+    __dirname,
+    "..",
+    "views",
+    "admin-file-manager.ejs",
+  );
+  fs.readFile(templatePath, "utf8", (err, template) => {
+    if (err) {
+      console.error("Error reading template:", err);
+      return res.status(500).send("Error loading page");
+    }
+    try {
+      const html = ejs.render(
+        template,
+        {
+          baseUrl: req.baseUrl,
+          adminPath,
+          isIframe: req.isIframe || false
+        },
+        {
+          filename: templatePath,
+        },
+      );
+      res.send(html);
+    } catch (renderErr) {
+      console.error("Error rendering template:", renderErr);
+      res.status(500).send("Error rendering page");
+    }
     });
   });
 
-  router.get(`${adminPath}/ejs-virtual`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/ejs-virtual`, requireModuleAccessWithIframe('ejs-virtual', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1113,6 +1475,7 @@ function createMiddleware(options = {}) {
           {
             baseUrl: req.baseUrl,
             adminPath,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -1126,7 +1489,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/seo-config`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/seo-config`, requireModuleAccessWithIframe('seo-config', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1145,6 +1508,7 @@ function createMiddleware(options = {}) {
             baseUrl: req.baseUrl,
             adminPath,
             endpointRegistry,
+            isIframe: req.isIframe || false,
           },
           {
             filename: templatePath,
@@ -1158,7 +1522,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/i18n`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/i18n`, requireModuleAccessWithIframe('i18n', 'read'), (req, res) => {
     const templatePath = path.join(__dirname, "..", "views", "admin-i18n.ejs");
     fs.readFile(templatePath, "utf8", (err, template) => {
       if (err) {
@@ -1168,7 +1532,7 @@ function createMiddleware(options = {}) {
       try {
         const html = ejs.render(
           template,
-          { baseUrl: req.baseUrl, adminPath },
+          { baseUrl: req.baseUrl, adminPath, isIframe: req.isIframe || false },
           { filename: templatePath },
         );
         res.send(html);
@@ -1179,7 +1543,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/i18n/locales`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/i18n/locales`, requireModuleAccessWithIframe('i18n', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1194,7 +1558,7 @@ function createMiddleware(options = {}) {
       try {
         const html = ejs.render(
           template,
-          { baseUrl: req.baseUrl, adminPath },
+          { baseUrl: req.baseUrl, adminPath, isIframe: req.isIframe || false },
           { filename: templatePath },
         );
         res.send(html);
@@ -1206,7 +1570,7 @@ function createMiddleware(options = {}) {
   });
 
   // Admin forms page (protected by basic auth)
-  router.get(`${adminPath}/forms`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/forms`, requireModuleAccessWithIframe('forms', 'read'), (req, res) => {
     const templatePath = path.join(__dirname, "..", "views", "admin-forms.ejs");
     fs.readFile(templatePath, "utf8", (err, template) => {
       if (err) {
@@ -1220,6 +1584,7 @@ function createMiddleware(options = {}) {
             baseUrl: req.baseUrl,
             adminPath,
             endpointRegistry,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -1234,7 +1599,7 @@ function createMiddleware(options = {}) {
   });
 
   // Admin feature flags page (protected by basic auth)
-  router.get(`${adminPath}/feature-flags`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/feature-flags`, requireModuleAccessWithIframe('feature-flags', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1253,6 +1618,7 @@ function createMiddleware(options = {}) {
             baseUrl: req.baseUrl,
             adminPath,
             endpointRegistry,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -1267,7 +1633,7 @@ function createMiddleware(options = {}) {
   });
 
   // Admin headless CMS page (protected by basic auth)
-  router.get(`${adminPath}/headless`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/headless`, requireModuleAccessWithIframe('headless', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1286,6 +1652,7 @@ function createMiddleware(options = {}) {
             baseUrl: req.baseUrl,
             adminPath,
             endpointRegistry,
+            isIframe: req.isIframe || false,
           },
           {
             filename: templatePath,
@@ -1300,7 +1667,7 @@ function createMiddleware(options = {}) {
   });
 
   // Admin UI Components page (protected by basic auth)
-  router.get(`${adminPath}/ui-components`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/ui-components`, requireModuleAccessWithIframe('ui-components', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1316,9 +1683,10 @@ function createMiddleware(options = {}) {
         const html = ejs.render(
           template,
           {
-            baseUrl: req.baseUrl,
+            baseUrl: req.baseUrl || '',
             adminPath,
             endpointRegistry,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -1333,7 +1701,7 @@ function createMiddleware(options = {}) {
   });
 
   // Admin JSON configs page (protected by basic auth)
-  router.get(`${adminPath}/json-configs`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/json-configs`, requireModuleAccessWithIframe('json-configs', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1352,6 +1720,41 @@ function createMiddleware(options = {}) {
             baseUrl: req.baseUrl,
             adminPath,
             endpointRegistry,
+            isIframe: req.isIframe || false,
+          },
+          {
+            filename: templatePath,
+          },
+        );
+        res.send(html);
+      } catch (renderErr) {
+        console.error("Error rendering template:", renderErr);
+        res.status(500).send("Error rendering page");
+      }
+    });
+  });
+
+  // Admin markdowns page (protected by basic auth)
+  router.get(`${adminPath}/markdowns`, requireModuleAccessWithIframe('markdowns', 'read'), (req, res) => {
+    const templatePath = path.join(
+      __dirname,
+      "..",
+      "views",
+      "admin-markdowns.ejs",
+    );
+    fs.readFile(templatePath, "utf8", (err, template) => {
+      if (err) {
+        console.error("Error reading template:", err);
+        return res.status(500).send("Error loading page");
+      }
+      try {
+        const html = ejs.render(
+          template,
+          {
+            baseUrl: req.baseUrl,
+            adminPath,
+            endpointRegistry,
+            isIframe: req.isIframe || false,
           },
           {
             filename: templatePath,
@@ -1366,7 +1769,7 @@ function createMiddleware(options = {}) {
   });
 
   // Admin assets page (protected by basic auth)
-  router.get(`${adminPath}/assets`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/assets`, requireModuleAccessWithIframe('assets', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1385,6 +1788,7 @@ function createMiddleware(options = {}) {
             baseUrl: req.baseUrl,
             adminPath,
             endpointRegistry,
+            isIframe: req.isIframe || false,
           },
           {
             filename: templatePath,
@@ -1399,7 +1803,7 @@ function createMiddleware(options = {}) {
   });
 
   // Admin waiting list page (protected by basic auth)
-  router.get(`${adminPath}/waiting-list`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/waiting-list`, requireModuleAccessWithIframe('waiting-list', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1416,6 +1820,7 @@ function createMiddleware(options = {}) {
           baseUrl: req.baseUrl,
           adminPath,
           endpointRegistry,
+          isIframe: req.isIframe || false
         });
         res.send(html);
       } catch (renderErr) {
@@ -1426,7 +1831,7 @@ function createMiddleware(options = {}) {
   });
 
   // Admin organizations page (protected by basic auth)
-  router.get(`${adminPath}/organizations`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/organizations`, requireModuleAccessWithIframe('organizations', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1445,6 +1850,7 @@ function createMiddleware(options = {}) {
             baseUrl: req.baseUrl,
             adminPath,
             endpointRegistry,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -1458,8 +1864,8 @@ function createMiddleware(options = {}) {
     });
   });
 
-  // Admin users page (protected by basic auth)
-  router.get(`${adminPath}/users`, basicAuth, (req, res) => {
+  // Admin users page (protected by session auth)
+  router.get(`${adminPath}/users`, requireModuleAccessWithIframe('users', 'read'), (req, res) => {
     const templatePath = path.join(__dirname, "..", "views", "admin-users.ejs");
     fs.readFile(templatePath, "utf8", (err, template) => {
       if (err) {
@@ -1470,13 +1876,11 @@ function createMiddleware(options = {}) {
         const html = ejs.render(
           template,
           {
-            baseUrl: req.baseUrl,
+            baseUrl: req.baseUrl, 
             adminPath,
-            endpointRegistry,
-          },
-          {
-            filename: templatePath,
+            isIframe: req.isIframe || false
           },
+          { filename: templatePath },
         );
         res.send(html);
       } catch (renderErr) {
@@ -1486,8 +1890,8 @@ function createMiddleware(options = {}) {
     });
   });
 
-  // Admin notifications page (protected by basic auth)
-  router.get(`${adminPath}/notifications`, basicAuth, (req, res) => {
+  // Admin notifications page (protected by session auth)
+  router.get(`${adminPath}/notifications`, requireModuleAccessWithIframe('notifications', 'read'), (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1506,6 +1910,7 @@ function createMiddleware(options = {}) {
             baseUrl: req.baseUrl,
             adminPath,
             endpointRegistry,
+            isIframe: req.isIframe || false
           },
           {
             filename: templatePath,
@@ -1519,8 +1924,8 @@ function createMiddleware(options = {}) {
     });
   });
 
-  // Admin Stripe pricing page (protected by basic auth)
-  router.get(`${adminPath}/stripe-pricing`, basicAuth, (req, res) => {
+  // Admin Stripe pricing page (protected by session auth)
+  router.get(`${adminPath}/stripe-pricing`, adminSessionAuth, (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1547,39 +1952,38 @@ function createMiddleware(options = {}) {
         res.send(html);
       } catch (renderErr) {
         console.error("Error rendering template:", renderErr);
-        res.status(500).send("Error rendering page");
-      }
-    });
-  });
 
-  // Admin metrics page (protected by basic auth)
-  router.get(`${adminPath}/metrics`, basicAuth, (req, res) => {
-    const templatePath = path.join(
-      __dirname,
-      "..",
-      "views",
-      "admin-metrics.ejs",
-    );
-    fs.readFile(templatePath, "utf8", (err, template) => {
-      if (err) {
-        console.error("Error reading template:", err);
-        return res.status(500).send("Error loading page");
-      }
-      try {
-        const html = ejs.render(template, {
-          baseUrl: req.baseUrl,
-          adminPath,
-          endpointRegistry,
-        });
-        res.send(html);
-      } catch (renderErr) {
-        console.error("Error rendering template:", renderErr);
-        res.status(500).send("Error rendering page");
+// Admin metrics page (protected by session auth)
+router.get(`${adminPath}/metrics`, adminSessionAuth, (req, res) => {
+const templatePath = path.join(
+__dirname,
+"..",
+"views",
+"admin-metrics.ejs",
+);
+fs.readFile(templatePath, "utf8", (err, template) => {
+if (err) {
+console.error("Error reading template:", err);
+return res.status(500).send("Error loading page");
+}
+try {
+const html = ejs.render(template, {
+baseUrl: req.baseUrl,
+adminPath,
+endpointRegistry,
+});
+res.send(html);
+} catch (renderErr) {
+console.error("Error rendering template:", renderErr);
+res.status(500).send("Error rendering page");
+}
+});
+});
       }
     });
   });
 
-  router.get(`${adminPath}/rate-limiter`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/rate-limiter`, adminSessionAuth, (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1604,8 +2008,8 @@ function createMiddleware(options = {}) {
     });
   });
 
-  // Admin global settings page (protected by basic auth) - render manually
-  router.get(`${adminPath}/global-settings`, basicAuth, (req, res) => {
+  // Admin global settings page (protected by session auth) - render manually
+  router.get(`${adminPath}/global-settings`, adminSessionAuth, (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1627,7 +2031,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/errors`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/errors`, adminSessionAuth, (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1653,7 +2057,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/audit`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/audit`, requireModuleAccessWithIframe('audit', 'read'), (req, res) => {
     const templatePath = path.join(__dirname, "..", "views", "admin-audit.ejs");
     fs.readFile(templatePath, "utf8", (err, template) => {
       if (err) {
@@ -1663,7 +2067,11 @@ function createMiddleware(options = {}) {
       try {
         const html = ejs.render(
           template,
-          { baseUrl: req.baseUrl, adminPath },
+          { 
+            baseUrl: req.baseUrl, 
+            adminPath,
+            isIframe: req.isIframe || false
+          },
           { filename: templatePath },
         );
         res.send(html);
@@ -1674,7 +2082,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/coolify-deploy`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/coolify-deploy`, adminSessionAuth, (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",
@@ -1700,7 +2108,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/proxy`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/proxy`, adminSessionAuth, (req, res) => {
     const templatePath = path.join(__dirname, "..", "views", "admin-proxy.ejs");
     fs.readFile(templatePath, "utf8", (err, template) => {
       if (err) {
@@ -1721,7 +2129,7 @@ function createMiddleware(options = {}) {
     });
   });
 
-  router.get(`${adminPath}/webhooks`, basicAuth, (req, res) => {
+  router.get(`${adminPath}/webhooks`, adminSessionAuth, (req, res) => {
     const templatePath = path.join(
       __dirname,
       "..",