import { verifySession } from "@/lib/auth/session";

export async function requireAuth(req: Request): Promise<{ ok: true } | { ok: false; status: number }> {
  const cookie = req.headers.get("cookie") ?? "";
  const match = cookie.match(/(?:^|;\s*)pm_session=([^;]+)/);
  if (!match) return { ok: false, status: 401 };
  const payload = await verifySession(match[1]);
  if (!payload) return { ok: false, status: 401 };
  return { ok: true };
}
