docs: remove admin SPA references and update production URLs

The admin SPA (apps/admin/) has been retired. Its functionality now
lives in apps/app/ under /platform/* routes for super_admin users.
Updated all documentation to reflect: 2 SPAs instead of 3, removed
FRONTEND_ADMIN_URL/port 5173 references, changed production URL from
app.crewli.app to crewli.app. Retired admin-specific security audit
findings (A13-2, A13-4, A13-5, A13-7) and APPS-01 backlog item.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

dev-docs/SETUP.md

@@ -82,7 +82,7 @@ Requirements:
 - Use the command: composer create-project laravel/laravel api
 - After creation, install Sanctum: composer require laravel/sanctum
 - Configure for API-only (we don't need web routes)
-- Set up CORS for localhost:5173, localhost:5174, localhost:5175
+- Set up CORS for localhost:5174, localhost:5175
 - Use MySQL with these credentials:
   - Host: 127.0.0.1
   - Database: crewli
@@ -111,33 +111,26 @@ DB_DATABASE=crewli
 DB_USERNAME=crewli
 DB_PASSWORD=secret
 
-FRONTEND_ADMIN_URL=http://localhost:5173
 FRONTEND_APP_URL=http://localhost:5174
 FRONTEND_PORTAL_URL=http://localhost:5175
-SANCTUM_STATEFUL_DOMAINS=localhost:5173,localhost:5174,localhost:5175
+SANCTUM_STATEFUL_DOMAINS=localhost:5174,localhost:5175
 SESSION_DOMAIN=localhost
 ```
 
-**Production (domain `crewli.app`):** set `APP_URL=https://api.crewli.app`, point `FRONTEND_ADMIN_URL` / `FRONTEND_APP_URL` / `FRONTEND_PORTAL_URL` to `https://admin.crewli.app`, `https://app.crewli.app`, and `https://portal.crewli.app`, and `SANCTUM_STATEFUL_DOMAINS=admin.crewli.app,app.crewli.app,portal.crewli.app` (hostnames only). Each SPA build should use `VITE_API_URL=https://api.crewli.app/api/v1`. Full template: `api/.env.example`. The product uses **`crewli.app`** only; **`crewli.nl`** is for a future public marketing site, not this API or SPAs.
+**Production (domain `crewli.app`):** set `APP_URL=https://api.crewli.app`, point `FRONTEND_APP_URL` / `FRONTEND_PORTAL_URL` to `https://crewli.app` and `https://portal.crewli.app`, and `SANCTUM_STATEFUL_DOMAINS=crewli.app,portal.crewli.app` (hostnames only). Each SPA build should use `VITE_API_URL=https://api.crewli.app/api/v1`. Full template: `api/.env.example`. The product uses **`crewli.app`** only; **`crewli.nl`** is for a future public marketing site, not this API or SPAs.
 
 ---
 
 ## Step 3: Vuexy frontends (this repo)
 
-This monorepo already contains three SPAs under `apps/`:
+This monorepo already contains two SPAs under `apps/`:
 
 | Directory | Role | Typical Vuexy source |
 |-----------|------|----------------------|
-| `apps/admin/` | Super Admin | full-version (TypeScript) |
-| `apps/app/` | Organizer (main product) | full-version or customized starter |
+| `apps/app/` | Organizer + Platform Admin (main product) | full-version (TypeScript) |
 | `apps/portal/` | External portal (volunteers, token links) | stripped starter / custom layout |
 
-If you ever need to re-copy from a Vuexy ZIP, use the paths above — not legacy `apps/band` or `apps/customers`.
-
-```bash
-# Example only — adjust to your Vuexy download path
-cp -r ~/Downloads/vuexy/typescript-version/full-version/* apps/admin/
-```
+Super admin functionality lives in `apps/app/` under `/platform/*` routes, accessible to `super_admin` users.
 
 ---
 
@@ -146,19 +139,12 @@ cp -r ~/Downloads/vuexy/typescript-version/full-version/* apps/admin/
 ### Install Dependencies
 
 ```bash
-cd apps/admin && pnpm install
-cd ../app && pnpm install
+cd apps/app && pnpm install
 cd ../portal && pnpm install
 ```
 
 ### Create Environment Files
 
-**apps/admin/.env.local**
-```env
-VITE_API_URL=http://localhost:8000/api/v1
-VITE_APP_NAME="Crewli Admin"
-```
-
 **apps/app/.env.local**
 ```env
 VITE_API_URL=http://localhost:8000/api/v1
@@ -173,13 +159,13 @@ VITE_APP_NAME="Crewli Portal"
 
 ### Dev server ports
 
-From the repo root, `make admin`, `make app`, and `make portal` start Vite on **5173**, **5174**, and **5175** respectively. If you run `pnpm dev` manually, configure the same ports in each app’s `vite.config.ts` under `server.port`.
+From the repo root, `make app` and `make portal` start Vite on **5174** and **5175** respectively. If you run `pnpm dev` manually, configure the same ports in each app’s `vite.config.ts` under `server.port`.
 
 ---
 
 ## Step 5: API client in SPAs
 
-`apps/admin/src/lib/api-client.ts`, `apps/app/src/lib/api-client.ts`, and `apps/portal/src/lib/api-client.ts` share the same pattern: `VITE_API_URL` base, Bearer token from the `accessToken` cookie, 401 → clear cookies and redirect to `/login`. Build new composables on `apiClient`; keep Vuexy `useApi` for template demos only.
+`apps/app/src/lib/api-client.ts` and `apps/portal/src/lib/api-client.ts` share the same pattern: `VITE_API_URL` base, Bearer token from the `accessToken` cookie, 401 → clear cookies and redirect to `/login`. Build new composables on `apiClient`; keep Vuexy `useApi` for template demos only.
 
 ---
 
@@ -214,13 +200,10 @@ make services
 # Tab 2: Laravel API
 make api
 
-# Tab 3: Admin SPA (optional)
-make admin
-
-# Tab 4: Organizer SPA (optional)
+# Tab 3: Organizer SPA (optional)
 make app
 
-# Tab 5: Portal SPA (optional)
+# Tab 4: Portal SPA (optional)
 make portal
 ```
 
@@ -267,7 +250,7 @@ Check `api/config/cors.php` allows your frontend origins.
 
 ### Vuexy TypeScript Errors
 ```bash
-cd apps/admin
+cd apps/app
 pnpm install
 pnpm type-check
 ```
@@ -278,7 +261,7 @@ pnpm type-check
 
 1. Services running (Docker)
 2. Laravel API configured and migrated
-3. SPAs installed (`apps/admin`, `apps/app`, `apps/portal`)
+3. SPAs installed (`apps/app`, `apps/portal`)
 4. Environment files for API + each SPA
 5. Authentication and organisation switching
 6. Events, sections, time slots, shifts