fix: konvertera alla API route handlers till withAuth wrapper

Ersätter getAuthHeaders() + auth() standalone med withAuth() wrapper
i alla route handlers. Auth() standalone fungerar inte korrekt i
Next.js 16 + NextAuth beta.28 pga async cookies() kompatibilitet.
withAuth() använder auth() i wrapper-form sa att request.auth
populeras direkt av NextAuth.

Pavaerkade filer: 27 route handlers + ny lib/with-auth.ts

frontend/app/api/admin/suggest-category/[id]/route.ts

@@ -1,30 +1,15 @@
-import { auth } from '../../../../../auth';
+import { withAuth } from '../../../../../lib/with-auth';
 
 const API_BASE = process.env.NEXT_PUBLIC_API_URL_INTERNAL || 'http://recipe-api:8080';
 
-async function getAuthHeaders(): Promise<Record<string, string>> {
-  const session = await auth();
-  if (!session?.accessToken) return {};
-  return { Authorization: `Bearer ${session.accessToken}` };
-}
-
-// GET /api/admin/suggest-category/[id]
-export async function GET(
-  _req: Request,
-  { params }: { params: Promise<{ id: string }> },
-) {
+export const GET = withAuth(async (_req, session, context) => {
   try {
-    const { id } = await params;
+    const { id } = await context.params;
     const productId = Number(id);
     if (!productId) return Response.json({ error: 'Invalid id' }, { status: 400 });
 
-    const authHeaders = await getAuthHeaders();
-    if (!authHeaders.Authorization) {
-      return Response.json({ error: 'Unauthorized' }, { status: 401 });
-    }
-
     const res = await fetch(`${API_BASE}/api/products/${productId}/suggest-category`, {
-      headers: authHeaders,
+      headers: { Authorization: `Bearer ${session.accessToken}` },
     });
 
     if (!res.ok) {
@@ -41,4 +26,4 @@ export async function GET(
       { status: 500 },
     );
   }
-}
+});