feat(critical): Implement critical Aperture features

TASK 1: Implement GET /api/aperture/stats
- Create endpoint at app/api/aperture/stats/route.ts
- Returns dashboard statistics: { totalBookings, totalRevenue, completedToday, upcomingToday }
- Calculates stats from bookings table by month and today
- Dashboard now has functional statistics display

TASK 2: Implement authentication for Aperture
- Create middleware.ts for protecting Aperture routes
- Only allows access to users with admin, manager, or staff roles
- Redirects unauthorized users to /aperture/login
- Uses Supabase Auth with session verification
- Integrates with existing AuthProvider in lib/auth/context.tsx

Stack Updates:
- Update @supabase/auth-helpers-nextjs to latest version (0.15.0)
- Note: Package marked as deprecated but still functional

Files Created:
- app/api/aperture/stats/route.ts
- middleware.ts

Files Modified:
- TASKS.md (marked tasks 1 and 2 as completed)
- package.json (updated dependency)

Impact:
- Aperture dashboard now has working statistics
- Aperture routes are now protected by authentication
- Only authorized staff/admin/manager can access dashboard

Next: Task 3 - Implement weekly invitation reset

package-lock.json

@@ -15,7 +15,7 @@
         "@radix-ui/react-tabs": "^1.1.13",
         "@stripe/react-stripe-js": "^5.4.1",
         "@stripe/stripe-js": "^8.6.1",
-        "@supabase/auth-helpers-nextjs": "^0.8.7",
+        "@supabase/auth-helpers-nextjs": "^0.15.0",
         "@supabase/supabase-js": "^2.38.4",
         "class-variance-authority": "^0.7.1",
         "clsx": "^2.1.1",
@@ -1568,30 +1568,16 @@
       }
     },
     "node_modules/@supabase/auth-helpers-nextjs": {
-      "version": "0.8.7",
-      "resolved": "https://registry.npmjs.org/@supabase/auth-helpers-nextjs/-/auth-helpers-nextjs-0.8.7.tgz",
-      "integrity": "sha512-iYdOjFo0GkRvha340l8JdCiBiyXQuG9v8jnq7qMJ/2fakrskRgHTCOt7ryWbip1T6BExcWKC8SoJrhCzPOxhhg==",
-      "deprecated": "This package is now deprecated - please use the @supabase/ssr package instead.",
+      "version": "0.15.0",
+      "resolved": "https://registry.npmjs.org/@supabase/auth-helpers-nextjs/-/auth-helpers-nextjs-0.15.0.tgz",
+      "integrity": "sha512-VtXz3GGnxluoxks1g3SaCoYr2OZ7PgRukDl+pLWrDfD2dPDaG8hmkp5iBZsU+lmsDYALGNO2dgbymgpAfD8eCQ==",
+      "deprecated": "Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.",
       "license": "MIT",
       "dependencies": {
-        "@supabase/auth-helpers-shared": "0.6.3",
-        "set-cookie-parser": "^2.6.0"
+        "cookie": "^1.0.2"
       },
       "peerDependencies": {
-        "@supabase/supabase-js": "^2.19.0"
-      }
-    },
-    "node_modules/@supabase/auth-helpers-shared": {
-      "version": "0.6.3",
-      "resolved": "https://registry.npmjs.org/@supabase/auth-helpers-shared/-/auth-helpers-shared-0.6.3.tgz",
-      "integrity": "sha512-xYQRLFeFkL4ZfwC7p9VKcarshj3FB2QJMgJPydvOY7J5czJe6xSG5/wM1z63RmAzGbCkKg+dzpq61oeSyWiGBQ==",
-      "deprecated": "This package is now deprecated - please use the @supabase/ssr package instead.",
-      "license": "MIT",
-      "dependencies": {
-        "jose": "^4.14.4"
-      },
-      "peerDependencies": {
-        "@supabase/supabase-js": "^2.19.0"
+        "@supabase/supabase-js": "^2.76.1"
       }
     },
     "node_modules/@supabase/auth-js": {
@@ -2865,6 +2851,19 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/cookie": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-1.1.1.tgz",
+      "integrity": "sha512-ei8Aos7ja0weRpFzJnEA9UHJ/7XQmqglbRwnf2ATjcB9Wq874VKH9kfjjirM6UhU2/E5fFYadylyhFldcqSidQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=18"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
     "node_modules/cross-spawn": {
       "version": "7.0.6",
       "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
@@ -4878,15 +4877,6 @@
         "jiti": "bin/jiti.js"
       }
     },
-    "node_modules/jose": {
-      "version": "4.15.9",
-      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.9.tgz",
-      "integrity": "sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==",
-      "license": "MIT",
-      "funding": {
-        "url": "https://github.com/sponsors/panva"
-      }
-    },
     "node_modules/js-tokens": {
       "version": "4.0.0",
       "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
@@ -6200,12 +6190,6 @@
         "node": ">=10"
       }
     },
-    "node_modules/set-cookie-parser": {
-      "version": "2.7.2",
-      "resolved": "https://registry.npmjs.org/set-cookie-parser/-/set-cookie-parser-2.7.2.tgz",
-      "integrity": "sha512-oeM1lpU/UvhTxw+g3cIfxXHyJRc/uidd3yK1P242gzHds0udQBYzs3y8j4gCCW+ZJ7ad0yctld8RYO+bdurlvw==",
-      "license": "MIT"
-    },
     "node_modules/set-function-length": {
       "version": "1.2.2",
       "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz",