Wire new routes; identity, summarize-url, dashboard, admin

server/admin-auth.js

@@ -6,6 +6,7 @@
 // access to the relay's /admin endpoints.
 
 import { scryptSync, timingSafeEqual, createHmac } from "crypto";
+import express from "express";
 import { getConfigSnapshot } from "./config.js";
 
 const SCRYPT_KEYLEN = 64;
@@ -60,6 +61,13 @@ export function setupAdminAuthMiddleware(app) {
     if (!req.path.startsWith(ADMIN_PREFIX)) return next();
     // /admin/login is reachable without auth.
     if (req.path === "/admin/login" || req.path === "/admin/status") return next();
+    // /admin/btcpay/callback is hit via a POST-redirect from BTCPay
+    // after the operator clicks "Approve" in their authorize page.
+    // The cookie may not flow on cross-site POST (SameSite=Lax), so
+    // we exempt this path and validate via a state token instead —
+    // /admin/btcpay/start stashes a random token in setup-context,
+    // and the callback rejects requests without a matching one.
+    if (req.path === "/admin/btcpay/callback") return next();
     const cfg = await getConfigSnapshot();
     if (!cfg.relay_admin_password_hash) {
       // No password set — admin endpoints are disabled entirely.
@@ -82,7 +90,7 @@ export function setupAdminAuthRoutes(app) {
     });
   });
 
-  app.post("/admin/login", async (req, res) => {
+  app.post("/admin/login", express.json(), async (req, res) => {
     const cfg = await getConfigSnapshot();
     if (!cfg.relay_admin_password_hash) {
       return res.status(400).json({ error: "admin_disabled" });