fix: make FrontendType mandatory in require_module_access

The require_module_access dependency was using path-based detection to
determine admin vs vendor authentication, which failed for API routes
(/api/v1/admin/*) because it only checked for /admin/*.

Changes:
- Make frontend_type parameter mandatory (was optional with fallback)
- Remove path-based detection logic from require_module_access
- Update all 33 module route files to pass explicit FrontendType:
  - 15 admin routes use FrontendType.ADMIN
  - 18 vendor routes use FrontendType.VENDOR

This ensures authentication method is explicitly declared at route
definition time, making it independent of URL structure and future-proof
for API version changes.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

app/modules/payments/routes/api/admin.py

@@ -13,10 +13,11 @@ import logging
 from fastapi import APIRouter, Depends
 
 from app.api.deps import require_module_access
+from app.modules.enums import FrontendType
 
 admin_router = APIRouter(
     prefix="/payments",
-    dependencies=[Depends(require_module_access("payments"))],
+    dependencies=[Depends(require_module_access("payments", FrontendType.ADMIN))],
 )
 logger = logging.getLogger(__name__)
 

app/modules/payments/routes/api/vendor.py

@@ -21,6 +21,7 @@ from sqlalchemy.orm import Session
 
 from app.api.deps import get_current_vendor_api, require_module_access
 from app.core.database import get_db
+from app.modules.enums import FrontendType
 from app.modules.tenancy.services.vendor_service import vendor_service
 from models.schema.auth import UserContext
 from app.modules.payments.schemas import (
@@ -39,7 +40,7 @@ from app.modules.payments.schemas import (
 
 vendor_router = APIRouter(
     prefix="/payments",
-    dependencies=[Depends(require_module_access("payments"))],
+    dependencies=[Depends(require_module_access("payments", FrontendType.VENDOR))],
 )
 logger = logging.getLogger(__name__)