Currently, all API routes (read-only anyway so far) are accessible without authentication. We need to enable the authentication in order to protect the routes.
[x] Add AUTH middleware to the API routes
[x] Add the session token to all API calls from the frontend
[x] Authentication fails after first login and only works on reloading the page (getting a new token?)
Currently, all API routes (read-only anyway so far) are accessible without authentication. We need to enable the authentication in order to protect the routes.