refactor: remove redundant role field, keep only is_admin

- Remove role column from users schema (migration 0003)
- Update auth and admin services to use is_admin only
- Remove role from JWT token payloads
- Update admin CLI to use is_admin field
- Update frontend admin page to use isAdmin boolean
- Fix security: remove console.log dumping credentials in settings

Co-Authored-By: Claude <noreply@anthropic.com>

src/backend/db/schema/index.js

@@ -9,7 +9,6 @@ import { sqliteTable, text, integer } from 'drizzle-orm/sqlite-core';
  * @property {string|null} lotwUsername
  * @property {string|null} lotwPassword
  * @property {string|null} dclApiKey
- * @property {string} role
  * @property {boolean} isAdmin
  * @property {Date} createdAt
  * @property {Date} updatedAt
@@ -23,8 +22,7 @@ export const users = sqliteTable('users', {
   lotwUsername: text('lotw_username'),
   lotwPassword: text('lotw_password'), // Encrypted
   dclApiKey: text('dcl_api_key'), // DCL API key for future use
-  role: text('role').notNull().default('user'), // 'user', 'admin'
-  isAdmin: integer('is_admin', { mode: 'boolean' }).notNull().default(false), // Simplified admin check
+  isAdmin: integer('is_admin', { mode: 'boolean' }).notNull().default(false),
   createdAt: integer('created_at', { mode: 'timestamp' }).notNull().$defaultFn(() => new Date()),
   updatedAt: integer('updated_at', { mode: 'timestamp' }).notNull().$defaultFn(() => new Date()),
 });