stage 1 of oauth removal, switch to sanctum pat tokens

app/Http/Controllers/TenantAdminAuthController.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class TenantAdminAuthController extends Controller
+{
+    public function __invoke(Request $request)
+    {
+        $user = Auth::user();
+
+        // Allow only tenant_admin and super_admin
+        if ($user && in_array($user->role, ['tenant_admin', 'super_admin'])) {
+            return view('admin');
+        }
+
+        // Redirect users with 'user' role to packages
+        if ($user && $user->role === 'user') {
+            return redirect('/packages');
+        }
+
+        // Redirect unauthenticated users to the dedicated admin start flow
+        if (! $user) {
+            return redirect('/event-admin/start');
+        }
+
+        // Default: redirect to regular dashboard
+        return redirect('/dashboard');
+    }
+}