fix: konvertera alla API route handlers till withAuth wrapper

Ersätter getAuthHeaders() + auth() standalone med withAuth() wrapper
i alla route handlers. Auth() standalone fungerar inte korrekt i
Next.js 16 + NextAuth beta.28 pga async cookies() kompatibilitet.
withAuth() använder auth() i wrapper-form sa att request.auth
populeras direkt av NextAuth.

Pavaerkade filer: 27 route handlers + ny lib/with-auth.ts

frontend/app/api/user-products/[productId]/route.ts

@@ -1,17 +1,13 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { getAuthHeaders } from '../../../../lib/auth-headers';
+import { NextResponse } from 'next/server';
+import { withAuth } from '../../../../lib/with-auth';
 
 const API_BASE = process.env.NEXT_PUBLIC_API_URL_INTERNAL || 'http://recipe-api:8080';
 
-export async function DELETE(
-  _request: NextRequest,
-  { params }: { params: Promise<{ productId: string }> },
-) {
-  const { productId } = await params;
-  const authHeaders = await getAuthHeaders();
+export const DELETE = withAuth(async (_request, session, context) => {
+  const { productId } = await context.params;
   const res = await fetch(`${API_BASE}/api/user-products/${productId}`, {
     method: 'DELETE',
-    headers: { ...authHeaders },
+    headers: { Authorization: `Bearer ${session.accessToken}` },
   });
   return new NextResponse(null, { status: res.status });
-}
+});