diff --git a/server/utils/auth.ts b/server/utils/auth.ts
index 6216258..1306a08 100644
--- a/server/utils/auth.ts
+++ b/server/utils/auth.ts
@@ -15,12 +15,19 @@ export const isAuthenticated = async (event: any): Promise<boolean> => {
   // Check Directus token authentication
   try {
     const directusToken = getCookie(event, 'directus_token');
+    console.log('[auth] Checking Directus token:', directusToken ? 'present' : 'not found');
+    
     if (directusToken) {
       // Validate Directus token is not expired
       const directusExpiry = getCookie(event, 'directus_token_expired_at');
+      console.log('[auth] Directus expiry cookie:', directusExpiry ? directusExpiry : 'not found');
+      
       if (directusExpiry) {
         const expiryTime = parseInt(directusExpiry);
-        if (Date.now() < expiryTime) {
+        const currentTime = Date.now();
+        console.log('[auth] Directus expiry check:', { currentTime, expiryTime, isValid: currentTime < expiryTime });
+        
+        if (currentTime < expiryTime) {
           console.log('[auth] Authenticated via Directus token');
           return true;
         } else {
@@ -39,8 +46,11 @@ export const isAuthenticated = async (event: any): Promise<boolean> => {
   // Check OIDC session authentication
   try {
     const oidcSession = getCookie(event, 'nuxt-oidc-auth');
+    console.log('[auth] Checking OIDC session:', oidcSession ? 'present' : 'not found');
+    
     if (oidcSession) {
       // Note: OIDC session might be encrypted, we'll validate it properly in session endpoint
+      console.log('[auth] OIDC session found, type:', oidcSession.startsWith('Fe26.2**') ? 'encrypted' : 'plain');
       console.log('[auth] Authenticated via OIDC session');
       return true;
     }