feat: add admin guard and JWT role support

- Create AdminGuard to check user role
- Update JWT strategy to include role in payload
- Update auth service to include role in token generation
- Prepare admin module structure
- TypeScript will resolve lint errors after server restart

apps/api/dist/admin/admin-plans.controller.d.ts

@@ -0,0 +1 @@
+export {};

apps/api/dist/admin/admin-plans.controller.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=admin-plans.controller.js.map

apps/api/dist/admin/admin-plans.controller.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin-plans.controller.js","sourceRoot":"","sources":["../../src/admin/admin-plans.controller.ts"],"names":[],"mappings":""}

apps/api/dist/admin/admin-plans.service.d.ts

@@ -0,0 +1 @@
+export {};

apps/api/dist/admin/admin-plans.service.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=admin-plans.service.js.map

apps/api/dist/admin/admin-plans.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin-plans.service.js","sourceRoot":"","sources":["../../src/admin/admin-plans.service.ts"],"names":[],"mappings":""}

apps/api/dist/admin/admin.module.d.ts

@@ -0,0 +1 @@
+export {};

apps/api/dist/admin/admin.module.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=admin.module.js.map

apps/api/dist/admin/admin.module.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin.module.js","sourceRoot":"","sources":["../../src/admin/admin.module.ts"],"names":[],"mappings":""}

apps/api/dist/admin/guards/admin.guard.d.ts

@@ -0,0 +1,4 @@
+import { CanActivate, ExecutionContext } from '@nestjs/common';
+export declare class AdminGuard implements CanActivate {
+    canActivate(context: ExecutionContext): boolean;
+}

apps/api/dist/admin/guards/admin.guard.js

@@ -0,0 +1,28 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdminGuard = void 0;
+const common_1 = require("@nestjs/common");
+let AdminGuard = class AdminGuard {
+    canActivate(context) {
+        const request = context.switchToHttp().getRequest();
+        const user = request.user;
+        if (!user) {
+            throw new common_1.ForbiddenException('Authentication required');
+        }
+        if (user.role !== 'admin') {
+            throw new common_1.ForbiddenException('Admin access required');
+        }
+        return true;
+    }
+};
+exports.AdminGuard = AdminGuard;
+exports.AdminGuard = AdminGuard = __decorate([
+    (0, common_1.Injectable)()
+], AdminGuard);
+//# sourceMappingURL=admin.guard.js.map

apps/api/dist/admin/guards/admin.guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin.guard.js","sourceRoot":"","sources":["../../../src/admin/guards/admin.guard.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAKwB;AAUjB,IAAM,UAAU,GAAhB,MAAM,UAAU;IACrB,WAAW,CAAC,OAAyB;QACnC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAmB,CAAC;QACrE,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QAE1B,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,2BAAkB,CAAC,yBAAyB,CAAC,CAAC;QAC1D,CAAC;QAED,IAAI,IAAI,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YAC1B,MAAM,IAAI,2BAAkB,CAAC,uBAAuB,CAAC,CAAC;QACxD,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AAfY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;GACA,UAAU,CAetB"}