From e7af5bca4a9a618a1fe6df23860039d295ef5037 Mon Sep 17 00:00:00 2001
From: chris <chris@chrisedwards.tech>
Date: Thu, 11 Jun 2026 14:53:39 -0400
Subject: [PATCH] Fix store-status route always returning 401

The route had a redundant isAuthed() checking for 'bpb_admin' cookie,
but login sets 'admin_token'. The middleware already guards all
/api/admin/* routes, so the in-route check was just wrong.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 estore/src/app/api/admin/store-status/route.ts | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/estore/src/app/api/admin/store-status/route.ts b/estore/src/app/api/admin/store-status/route.ts
index b096a3f..4cc5291 100644
--- a/estore/src/app/api/admin/store-status/route.ts
+++ b/estore/src/app/api/admin/store-status/route.ts
@@ -1,18 +1,11 @@
 import { NextRequest, NextResponse } from 'next/server'
 import { getStoreStatus, setStoreStatus } from '@/lib/store-status'
-import { cookies } from 'next/headers'
-
-function isAuthed() {
-  return cookies().get('bpb_admin')?.value === 'true'
-}
 
 export async function GET() {
-  if (!isAuthed()) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
   return NextResponse.json(await getStoreStatus())
 }
 
 export async function PUT(req: NextRequest) {
-  if (!isAuthed()) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
   const body = await req.json()
   const status = {
     closed:  Boolean(body.closed),