Vendor Coordination Module

Internal workflow shell for vendor bid coordination.

Supabase auth wiring, internal-user resolution, and the seeded dev database are now in place without pulling broader role-based authorization forward too early.

Sign in with GoogleSupabase health

Current session

No active Supabase session yet.

Auth plumbing

Google OAuth sign-in, confirm callback, sign-out, and session refresh are now paired with internal-user gating for active VCM users.

Internal user gating

Internal app routes require an authenticated Google Workspace account on heritagepropertiesstl.com or hp-stl.com that resolves to an active VCM user by canonical email.

MVP Guardrails

This slice still stops short of broader role-based permissions, Google group-based role mapping, and unrestricted non-Heritage SSO.