add sessions for admin access

docs/TODO.md

@@ -2,21 +2,25 @@
 
 ## Authentication & Authorization
 
-- [ ] **Authentication system**
-  - [ ] Sessions controller and views (login/logout)
+- [x] **Authentication system**
+  - [x] Sessions controller and views (login/logout)
+  - [x] Email/password authentication with session management
+  - [x] Login redirects (admin vs regular users)
+  - [x] Logout functionality
   - [ ] Password reset flow
   - [ ] Rate limiting on login attempts
   - [ ] Session management (remember me, session timeout)
 - [ ] **Invitation system**
-  - [ ] Invitations controller and mailer
-  - [ ] Invitation token generation and validation
-  - [ ] Registration via invitation link
-  - [ ] Token expiry (14 days)
-- [ ] **Authorization & roles**
-  - [ ] Role-based access control middleware
-  - [ ] Contributor permissions enforcement
-  - [ ] Reviewer permissions enforcement
-  - [ ] Admin permissions enforcement
+  - [x] Invitations controller (create, list, cancel)
+  - [x] Invitation token generation
+  - [ ] Registration via invitation link (acceptance flow)
+  - [ ] Token expiry validation (14 days)
+  - [ ] Invitation mailer
+- [x] **Authorization & roles**
+  - [x] Role-based access control middleware (Admin::BaseController)
+  - [x] Admin permissions enforcement
+  - [ ] Contributor permissions enforcement (for entry editing)
+  - [ ] Reviewer permissions enforcement (for review queue)
 
 ## Core Features
 
@@ -122,6 +126,11 @@
 
 ## Completed
 
+- [x] **Authentication system** (login/logout with session management)
+- [x] **Admin layout design** updated to match entries page style
+- [x] **Dynamic navigation** (Admin button for logged-in admins, Sign In for guests)
+- [x] **Authorization middleware** (Admin::BaseController with role checks)
+- [x] **Invitation token generation** (secure token creation for new users)
 - [x] **Search input loses focus on filter change**
 - [x] **Mismatched enum syntax** in models
 - [x] **Replace hardcoded LANGUAGE_COLUMNS** with dynamic query