fix #9 #10 #11: fix email_verified schema, add auth gate to compare, use real user id

src/app/api/compare/route.ts

@@ -5,6 +5,7 @@ import { db } from "@/lib/db";
 import { comparisons, comparisonItems } from "@/lib/db/schema";
 import { eq } from "drizzle-orm";
 import { createId } from "@paralleldrive/cuid2";
+import { auth } from "@/lib/auth";
 
 function serializeSSE(event: string, data: unknown): string {
   return `event: ${event}\ndata: ${JSON.stringify(data)}\n\n`;
@@ -23,6 +24,11 @@ function slugify(text: string): string {
 // const ratelimit = new Ratelimit({ redis, limiter: slidingWindow(5, "1m") })
 
 export async function POST(request: Request) {
+  const session = await auth.api.getSession({ headers: request.headers });
+  if (!session?.user) {
+    return Response.json({ error: "Authentication required" }, { status: 401 });
+  }
+
   const body: { query?: string; items?: string[]; dimensions?: string[] } =
     await request.json();
   const { query, items, dimensions } = body;
@@ -54,7 +60,7 @@ export async function POST(request: Request) {
 
   await db.insert(comparisons).values({
     id,
-    userId: "system",
+    userId: session.user.id,
     title,
     query: query ?? title,
     slug,