good forst commit

apps/web/app/_lib/auth-context.tsx

@@ -0,0 +1,74 @@
+'use client';
+
+import { createContext, useCallback, useContext, useEffect, useState } from 'react';
+
+export interface AuthAdmin {
+  id: string;
+  email: string;
+  name?: string | null;
+  role: 'OWNER' | 'ADMIN' | 'VIEWER';
+  tenantId: string;
+  tenantSlug: string;
+  tenantName?: string;
+}
+
+interface AuthState {
+  admin: AuthAdmin | null;
+  loading: boolean;
+  error: string | null;
+  refresh: () => Promise<void>;
+  logout: () => Promise<void>;
+}
+
+const AuthContext = createContext<AuthState | null>(null);
+
+export function AuthProvider({ children }: { children: React.ReactNode }) {
+  const [admin, setAdmin] = useState<AuthAdmin | null>(null);
+  const [loading, setLoading] = useState(true);
+  const [error, setError] = useState<string | null>(null);
+
+  const refresh = useCallback(async () => {
+    setLoading(true);
+    setError(null);
+    try {
+      const res = await fetch('/api/auth/me', { credentials: 'include' });
+      if (res.status === 401) {
+        setAdmin(null);
+        return;
+      }
+      if (!res.ok) {
+        setError('Unable to verify session');
+        setAdmin(null);
+        return;
+      }
+      const data = await res.json();
+      setAdmin(data.admin ?? null);
+    } catch (e) {
+      setError(e instanceof Error ? e.message : 'Network error');
+      setAdmin(null);
+    } finally {
+      setLoading(false);
+    }
+  }, []);
+
+  const logout = useCallback(async () => {
+    await fetch('/api/auth/logout', { method: 'POST', credentials: 'include' });
+    setAdmin(null);
+  }, []);
+
+  useEffect(() => {
+    void refresh();
+  }, [refresh]);
+
+  return (
+    <AuthContext.Provider value={{ admin, loading, error, refresh, logout }}>
+      {children}
+    </AuthContext.Provider>
+  );
+}
+
+export function useAuth(): AuthState {
+  const ctx = useContext(AuthContext);
+  if (!ctx) throw new Error('useAuth must be used within <AuthProvider>');
+  return ctx;
+}