import { createKV } from "./create-kv.js";
export const sessionsKV = createKV("sessions");
export const usersKV = createKV("users");
export async function assertOwner(sessionId) {
    const session = await sessionsKV.getItem(sessionId);
    if (!session)
        throw new Error("Invalid session");
    if (new Date(session.expiresAt) < new Date())
        throw new Error("Session expired");
    const user = await usersKV.getItem(session.userId);
    if (!user || user.role !== "owner")
        throw new Error("Forbidden");
}