fix: konvertera alla API route handlers till withAuth wrapper

Ersätter getAuthHeaders() + auth() standalone med withAuth() wrapper
i alla route handlers. Auth() standalone fungerar inte korrekt i
Next.js 16 + NextAuth beta.28 pga async cookies() kompatibilitet.
withAuth() använder auth() i wrapper-form sa att request.auth
populeras direkt av NextAuth.

Pavaerkade filer: 27 route handlers + ny lib/with-auth.ts

frontend/app/api/meal-plan-proxy/inventory-compare/route.ts

@@ -1,20 +1,16 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { getAuthHeaders } from '../../../../lib/auth-headers';
+import { NextResponse } from 'next/server';
+import { withAuth } from '../../../../lib/with-auth';
 
 const API_BASE = process.env.NEXT_PUBLIC_API_URL_INTERNAL || 'http://recipe-api:8080';
 
-export async function GET(request: NextRequest) {
-  const authHeaders = await getAuthHeaders();
-  const { searchParams } = request.nextUrl;
+export const GET = withAuth(async (request, session) => {
+  const { searchParams } = new URL(request.url);
   const from = searchParams.get('from');
   const to = searchParams.get('to');
   const res = await fetch(`${API_BASE}/api/meal-plan/inventory-compare?from=${from}&to=${to}`, {
-    headers: { ...authHeaders },
+    headers: { Authorization: `Bearer ${session.accessToken}` },
     cache: 'no-store',
   });
   const text = await res.text();
-  return new NextResponse(text, {
-    status: res.status,
-    headers: { 'Content-Type': 'application/json' },
-  });
-}
+  return new NextResponse(text, { status: res.status, headers: { 'Content-Type': 'application/json' } });
+});