import { Module } from '@nestjs/common'; import { AuthModule } from '../auth/auth.module'; import { RedisModule } from '../redis/redis.module'; import { AdminAuditController } from './admin-audit.controller'; import { AdminAuthController } from './admin-auth.controller'; import { AdminController } from './admin.controller'; import { AdminRoleGuard } from './admin-role.guard'; import { AdminUsersController } from './admin-users.controller'; import { AdminUsersReader } from './admin-users-reader.service'; import { AuditReader } from './audit-reader.service'; import { AuditStatsReader } from './audit-stats.service'; /** * `AdminModule` — root of the `/api/admin/*` surface per ADR-0020. * * v1 ships: * - `GET /api/admin/me` (self-test, guarded by `@RequireAdmin`). * - `/api/admin/auth/{login,callback,me,logout}` — the distinct * admin auth flow that establishes the `__Host-portal_admin_session` * per ADR-0020 §"Sessions — distinct from `portal-shell`". * * Imports `AuthModule` to consume `AuthService`, `SessionEstablisher`, * and `ENTRA_CONFIG` — the auth flow itself is shared with the * user-portal `AuthController`; what differs is the redirect URIs * passed in (admin-specific) and the session that gets populated * (resolved by the path-routed session middleware in `main.ts`). * * The functional admin modules (audit log viewer, CMS, menu * management, user list) land as separate sub-modules consumed from * here in upcoming PRs. * * `AuditWriter` (required by `AdminRoleGuard`) is provided globally * by `AuditModule`, so no extra import is needed for it. */ @Module({ imports: [AuthModule, RedisModule], controllers: [AdminController, AdminAuthController, AdminAuditController, AdminUsersController], providers: [AdminRoleGuard, AuditReader, AuditStatsReader, AdminUsersReader], }) export class AdminModule {}