export default defineEventHandler(async (event) => {
  try {
    // Check which authentication method is being used
    const directusToken = getCookie(event, 'directus_token')
    const oidcSession = getCookie(event, 'nuxt-oidc-auth')
    
    // Clear Directus cookies if they exist
    if (directusToken) {
      deleteCookie(event, 'directus_token')
      deleteCookie(event, 'directus_refresh_token')
      deleteCookie(event, 'directus_token_expired_at')
      console.log('[LOGOUT] Directus session cleared')
    }
    
    // Clear OIDC session cookie if it exists
    if (oidcSession) {
      deleteCookie(event, 'nuxt-oidc-auth')
      console.log('[LOGOUT] OIDC session cleared')
    }
    
    // If user was authenticated via OIDC/Keycloak, redirect to Keycloak logout
    if (oidcSession) {
      const logoutUrl = 'https://auth.portnimara.dev/realms/client-portal/protocol/openid-connect/logout?' + 
        new URLSearchParams({
          redirect_uri: 'https://client.portnimara.dev/login'
        }).toString()
      
      await sendRedirect(event, logoutUrl)
    } else {
      // For Directus users or others, just redirect to login
      await sendRedirect(event, '/login')
    }
  } catch (error) {
    console.error('[LOGOUT] Logout error:', error)
    throw createError({
      statusCode: 500,
      statusMessage: 'Logout failed'
    })
  }
})