Security audit improvements: authentication, path traversal protection, file validation, rate limiting, security headers

app/api/categorize/route.ts

@@ -1,6 +1,7 @@
 'use server';
 
 import { PrismaClient } from '@prisma/client';
+import { requireAdminAuth } from '@/lib/auth';
 
 const prisma = new PrismaClient();
 
@@ -16,6 +17,10 @@ interface CategorizeResult {
 }
 
 export async function POST(request: Request) {
+    // Check authentication
+    const authError = await requireAdminAuth(request as any);
+    if (authError) return authError;
+
     try {
         if (!OPENROUTER_API_KEY) {
             return Response.json(