From ff071af2a00e2b2d7340c67b5efa5d8eb9198ee7 Mon Sep 17 00:00:00 2001
From: Benjamin Admin <benjaminadmin@MacBook-Pro.local>
Date: Wed, 15 Apr 2026 00:13:13 +0200
Subject: [PATCH] fix(pitch-deck): allow admin sessions to access investor
 routes

Admins in preview mode can now use /api/chat and other investor
endpoints without needing a separate investor login.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 pitch-deck/middleware.ts | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/pitch-deck/middleware.ts b/pitch-deck/middleware.ts
index ba32df7..635afed 100644
--- a/pitch-deck/middleware.ts
+++ b/pitch-deck/middleware.ts
@@ -67,6 +67,17 @@ export async function middleware(request: NextRequest) {
     }
   }
 
+  // ----- Allow admins to access investor routes (e.g. /api/chat in preview) -----
+  const adminFallback = request.cookies.get('pitch_admin_session')?.value
+  if (adminFallback && secret) {
+    try {
+      await jwtVerify(adminFallback, new TextEncoder().encode(secret), { audience: ADMIN_AUDIENCE })
+      return NextResponse.next()
+    } catch {
+      // Invalid admin token, fall through to investor auth
+    }
+  }
+
   // ----- Investor-gated routes (everything else) -----
   const token = request.cookies.get('pitch_session')?.value