// /var/www/sandbox/src/routes/api/auth/logout/+server.ts
import { redirect, type RequestHandler } from '@sveltejs/kit';

export const POST: RequestHandler = async ({ cookies }) => {
  const { destroySession, SESSION_COOKIE } = await import('$lib/server/auth');
  const cookie = cookies.get(SESSION_COOKIE);
  if (cookie) {
    const dotIdx = cookie.lastIndexOf('.');
    const sessionId = dotIdx > 0 ? cookie.slice(0, dotIdx) : cookie;
    destroySession(sessionId);
  }
  cookies.delete(SESSION_COOKIE, { path: '/' });
  throw redirect(302, '/login');
};