Add GET /api/auth/signin for session checking

FamilyProvider calls GET /api/auth/signin to check if user is authenticated after page load.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

src/app/api/auth/signin/route.ts

@@ -2,6 +2,58 @@ import { NextResponse } from "next/server";
 import { sql } from "@/db";
 import { cookies } from "next/headers";
 
+export const dynamic = "force-dynamic";
+
+// GET - check current session
+export async function GET(request: Request) {
+  try {
+    const cookieStore = await cookies();
+    const sessionToken = cookieStore.get("tia_session")?.value;
+
+    if (!sessionToken) {
+      return NextResponse.json({ authenticated: false });
+    }
+
+    // Verify session
+    const sessions = await sql`
+      SELECT s.user_id, s.expires, u.email, fm.family_id as family_id
+      FROM sessions s
+      JOIN users u ON u.id = s.user_id
+      LEFT JOIN family_members fm ON fm.user_id = u.id
+      WHERE s.session_token = ${sessionToken}
+      AND s.expires > NOW()
+      LIMIT 1
+    `;
+
+    if (!sessions || sessions.length === 0) {
+      return NextResponse.json({ authenticated: false });
+    }
+
+    const session = sessions[0];
+    let family = null;
+
+    if (session.family_id) {
+      const families = await sql`
+        SELECT id, name, tier, max_children, max_members
+        FROM families WHERE id = ${session.family_id}
+      `;
+      family = families?.[0];
+    }
+
+    return NextResponse.json({
+      authenticated: true,
+      userId: session.user_id,
+      email: session.email,
+      familyId: session.family_id,
+      familyName: family?.name,
+      tier: family?.tier,
+    });
+  } catch (error) {
+    console.error("Session check error:", error);
+    return NextResponse.json({ authenticated: false });
+  }
+}
+
 // Simple hash function (for development - in production use bcrypt)
 function hashPassword(password: string): string {
   // Simple hash for now - should use bcrypt in production