PoolSchedule owner access

Sign in to manage your pool routes.

The login contract is centralized behind the web session helpers so AUTH-002 can replace the local bearer-token seam without changing page-level dashboard logic.

The submitted token is stored only by the server session action in an HttpOnly cookie before redirecting to the protected dashboard.