chore: update comment on middleware conditional use of auth

middleware.ts

@@ -83,16 +83,26 @@ export async function middleware(request: NextRequest) {
   const isProtectedRoute = protectedRoutes.includes(nextUrl.pathname)
   if (isProtectedRoute) {
     /**
-     * AppRouteHandlerFnContext is the context that is passed to the handler as the
+     * AppRouteHandlerFnContext is the context that is passed to the handler as
-     * second argument.
+     * the second argument. This is only done for Route handlers (route.js) and
+     * not for middleware.
      *
-     * type AppRouteHandlerFnContext = {
+     * Auth.js uses the same pattern for both Route handlers and Middleware,
-     *  params?: Record<string, string | string[]>
+     * the auth()-wrapper:
-     * }
      *
-     * We don't need it so just pass an empty object
+     *   auth((req) => { ... })
+     *
+     * But there is a difference between middleware and route handlers, route
+     * handlers get passed a context which middleware do not get. Using the
+     * same function for both works runtime because second argument is just
+     * undefined for middleware and Auth.js handles this properly. But fails in
+     * typings as the second argument doesn't exist for middleware.
+     *
+     * https://github.com/nextauthjs/next-auth/blob/3c035ec62f2f21d7cab65504ba83fb1a9a13be01/packages/next-auth/src/lib/index.ts#L265
+     * https://authjs.dev/reference/nextjs
      */
-    return authedMiddleware(request, {})
+    // @ts-expect-error: see above
+    return authedMiddleware(request)
   } else {
     return publiceMiddleware(request)
   }