Handle GET /preview/login?role=…. Fail-closed: 404 unless both locks pass; 403 for a role not in the allow-list; else mint the seeded demo session and 302 to the app. Never throws on a hostile request.
GET /preview/login?role=…
Handle
GET /preview/login?role=…. Fail-closed: 404 unless both locks pass; 403 for a role not in the allow-list; else mint the seeded demo session and 302 to the app. Never throws on a hostile request.