feat: SuperOAuth token introspection middleware + /api/profile route

backend/src/index.ts

@@ -3,6 +3,7 @@ import express from "express";
 import cors from "cors";
 import dotenv from "dotenv";
 import { AppDataSource } from "./config/data-source";
+import { requireAuth, AuthenticatedRequest } from "./middleware/auth.middleware";
 
 dotenv.config();
 
@@ -16,6 +17,12 @@ app.get("/api/health", (_req, res) => {
   res.json({ status: "ok", timestamp: new Date().toISOString() });
 });
 
+// Route protégée — valide l'intégration SuperOAuth end-to-end
+app.get("/api/profile", requireAuth, (req, res) => {
+  const { user } = req as AuthenticatedRequest;
+  res.json({ success: true, data: { user } });
+});
+
 AppDataSource.initialize()
   .then(() => {
     console.log("Database connected");