feat: add TypeScript definitions for next-auth session with accessToken and user details

_archive/frontend/app/api/admin-users/route.ts

@@ -0,0 +1,38 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { auth } from '../../../auth';
+
+const API_BASE =
+  process.env.NEXT_PUBLIC_API_URL_INTERNAL ?? 'http://recipe-api:8080';
+
+export async function GET() {
+  const session = await auth();
+  if (!session || (session.user as any)?.role !== 'admin') {
+    return NextResponse.json({ message: 'Förbjuden' }, { status: 403 });
+  }
+
+  const res = await fetch(`${API_BASE}/api/users`, {
+    headers: { Authorization: `Bearer ${session.accessToken}` },
+    cache: 'no-store',
+  });
+  const data = await res.json();
+  return NextResponse.json(data, { status: res.status });
+}
+
+export async function POST(request: NextRequest) {
+  const session = await auth();
+  if (!session || (session.user as any)?.role !== 'admin') {
+    return NextResponse.json({ message: 'Förbjuden' }, { status: 403 });
+  }
+
+  const body = await request.json();
+  const res = await fetch(`${API_BASE}/api/users`, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      Authorization: `Bearer ${session.accessToken}`,
+    },
+    body: JSON.stringify(body),
+  });
+  const data = await res.json();
+  return NextResponse.json(data, { status: res.status });
+}