Temporary MVP protection using ADMIN_AUTH_SECRET. Replace this before client-facing access or multi-user roles.
ADMIN_AUTH_SECRET