2026-05-20backend

Admin role plugin added to Better Auth

Change: better-auth/plugins/admin plugin registered in app/lib/auth.ts. An BETTER_AUTH_ADMIN_USER_IDS environment variable seeds the initial admin user IDs. Admin gate pattern established: session?.user?.role !== "admin".
Why: Need to restrict post creation and mutations to a specific user without building a full RBAC system.
Affected Modules: app/lib/auth.ts
Trade-offs:
- Pro: Minimal surface area; admin check is a single conditional on the session object.
- Con: Role is stored in the auth database; changes require an update to the user record rather than a code deploy.