security: Remove plain text password from logs

- Change log message from 'Updating admin password to TSD107AS' to generic message
- Prevents password exposure in production logs
- Security best practice: never log passwords, even in development

src/app/api/admin/auth/route.ts

@@ -301,7 +301,7 @@ export async function POST(request: NextRequest) {
 
         // If admin exists and password is TSD107AS, update it to ensure it's correct
         if (admin && password === 'TSD107AS') {
-          logger.info('Updating admin password to TSD107AS', { requestId });
+          logger.info('Updating admin password (default password detected)', { requestId });
           const { hashPassword } = await import('@/lib/auth');
           const hashedPassword = await hashPassword(password);