import { auth } from '@/auth' import { NextResponse } from 'next/server' export async function requireAuth() { const session = await auth() if (!session?.user?.id) { return { session: null, error: NextResponse.json({ error: 'Unauthorized' }, { status: 401 }) } } return { session, error: null } } export async function requireAdmin() { const result = await requireAuth() if (result.error) return result if ((result.session!.user as any).role !== 'ADMIN') { return { session: null, error: NextResponse.json({ error: 'Forbidden' }, { status: 403 }) } } return result }