pub async fn create_pairing_code(
app_state: Data<AppState>,
) -> Result<HttpResponse, AppError>Expand description
POST /v2/pair/code — an ALREADY-AUTHENTICATED device/owner requests a
one-time pairing code for a new device.
GATED: this route sits behind enforce_access_password_middleware (NOT on
the public whitelist), so only a local_bypass desktop, a valid device token,
or the verified password cookie can reach it. The generated code is the
short-lived credential the brand-new device then redeems at /v2/pair.