implement better-auth auth with postgres and route protection

app/api/portfolio/insights/generate/route.ts

@@ -1,9 +1,16 @@
 import { asErrorMessage, jsonError } from '@/lib/server/http';
+import { requireAuthenticatedSession } from '@/lib/server/auth-session';
 import { enqueueTask } from '@/lib/server/tasks';
 
 export async function POST() {
+  const { session, response } = await requireAuthenticatedSession();
+  if (response) {
+    return response;
+  }
+
   try {
     const task = await enqueueTask({
+      userId: session.user.id,
       taskType: 'portfolio_insights',
       payload: {},
       priority: 70

app/api/portfolio/insights/latest/route.ts

@@ -1,8 +1,16 @@
+import { requireAuthenticatedSession } from '@/lib/server/auth-session';
 import { getStoreSnapshot } from '@/lib/server/store';
 
 export async function GET() {
+  const { session, response } = await requireAuthenticatedSession();
+  if (response) {
+    return response;
+  }
+
+  const userId = session.user.id;
   const snapshot = await getStoreSnapshot();
   const insight = snapshot.insights
+    .filter((entry) => entry.user_id === userId)
     .slice()
     .sort((a, b) => Date.parse(b.created_at) - Date.parse(a.created_at))[0] ?? null;