const requireAdmin = (req, res, next) => { if (req.session && req.session.isAdmin) return next(); if (req.path === '/login') return next(); res.redirect('/admin/login'); }; const requireAdminApi = (req, res, next) => { if (req.session && req.session.isAdmin) return next(); res.status(401).json({ error: 'Non autorisé' }); }; module.exports = { requireAdmin, requireAdminApi };