FIX: Correct OIDC cookie name mismatch across all auth endpoints

**Root Cause:**
- Auth system was looking for 'keycloak-session' cookies
- But actual OIDC system uses 'nuxt-oidc-auth' cookies
- This caused authentication failures for file previews and other endpoints

**Files Updated:**
- server/utils/auth.ts: Updated to check 'nuxt-oidc-auth' cookie
- server/api/auth/session.ts: Updated cookie name references
- server/api/auth/logout.ts: Updated cookie deletion
- server/api/auth/keycloak/callback.ts: Updated cookie creation

**Result:**
- File previews should now work for authenticated users
- All authentication endpoints now use consistent cookie names
- Both x-tag headers and OIDC sessions work correctly

server/api/auth/keycloak/callback.ts

@@ -60,14 +60,14 @@ export default defineEventHandler(async (event) => {
     }
 
     // Create a simple session using a secure cookie
-    setCookie(event, 'keycloak-session', JSON.stringify(sessionData), {
+    setCookie(event, 'nuxt-oidc-auth', JSON.stringify(sessionData), {
       httpOnly: true,
       secure: true,
       sameSite: 'lax',
       maxAge: tokenResponse.expires_in
     })
 
-    console.log('[KEYCLOAK] Session cookie set, redirecting to dashboard')
+    console.log('[OIDC] Session cookie set, redirecting to dashboard')
 
     // Redirect to dashboard
     await sendRedirect(event, '/dashboard')

server/api/auth/logout.ts

@@ -1,9 +1,9 @@
 export default defineEventHandler(async (event) => {
   try {
     // Clear the session cookie
-    deleteCookie(event, 'keycloak-session')
+    deleteCookie(event, 'nuxt-oidc-auth')
     
-    console.log('[KEYCLOAK] User logged out, session cleared')
+    console.log('[OIDC] User logged out, session cleared')
     
     // Redirect to Keycloak logout to clear SSO session
     const logoutUrl = 'https://auth.portnimara.dev/realms/client-portal/protocol/openid-connect/logout?' + 
@@ -13,7 +13,7 @@ export default defineEventHandler(async (event) => {
     
     await sendRedirect(event, logoutUrl)
   } catch (error) {
-    console.error('[KEYCLOAK] Logout error:', error)
+    console.error('[OIDC] Logout error:', error)
     throw createError({
       statusCode: 500,
       statusMessage: 'Logout failed'

server/api/auth/session.ts

@@ -1,6 +1,6 @@
 export default defineEventHandler(async (event) => {
   try {
-    const sessionCookie = getCookie(event, 'keycloak-session')
+    const sessionCookie = getCookie(event, 'nuxt-oidc-auth')
     
     if (!sessionCookie) {
       return { user: null, authenticated: false }
@@ -11,7 +11,7 @@ export default defineEventHandler(async (event) => {
     // Check if session is still valid
     if (sessionData.expiresAt && Date.now() > sessionData.expiresAt) {
       // Session expired, clear cookie
-      deleteCookie(event, 'keycloak-session')
+      deleteCookie(event, 'nuxt-oidc-auth')
       return { user: null, authenticated: false }
     }
 
@@ -25,9 +25,9 @@ export default defineEventHandler(async (event) => {
       authenticated: true
     }
   } catch (error) {
-    console.error('[KEYCLOAK] Session check error:', error)
+    console.error('[OIDC] Session check error:', error)
     // Clear invalid session
-    deleteCookie(event, 'keycloak-session')
+    deleteCookie(event, 'nuxt-oidc-auth')
     return { user: null, authenticated: false }
   }
 })

server/utils/auth.ts

@@ -11,15 +11,15 @@ export const isAuthenticated = async (event: any): Promise<boolean> => {
     return true;
   }
 
-  // Check Keycloak session authentication
+  // Check OIDC session authentication
   try {
-    const keycloakSession = getCookie(event, 'keycloak-session');
-    if (keycloakSession) {
-      console.log('[auth] Authenticated via Keycloak session');
+    const oidcSession = getCookie(event, 'nuxt-oidc-auth');
+    if (oidcSession) {
+      console.log('[auth] Authenticated via OIDC session');
       return true;
     }
   } catch (error) {
-    console.log('[auth] Keycloak session check failed:', error);
+    console.log('[auth] OIDC session check failed:', error);
   }
 
   console.log('[auth] No valid authentication found');