port-nimara-client-portal/server/api/auth/session.ts

export default defineEventHandler(async (event) => {
  try {
    const sessionCookie = getCookie(event, 'nuxt-oidc-auth')
    
    if (!sessionCookie) {
      return { user: null, authenticated: false }
    }

    const sessionData = JSON.parse(sessionCookie)
    
    // Check if session is still valid
    if (sessionData.expiresAt && Date.now() > sessionData.expiresAt) {
      // Session expired, clear cookie
      deleteCookie(event, 'nuxt-oidc-auth')
      return { user: null, authenticated: false }
    }

    return {
      user: {
        id: sessionData.user.sub,
        email: sessionData.user.email,
        username: sessionData.user.preferred_username,
        name: sessionData.user.name || sessionData.user.preferred_username
      },
      authenticated: true
    }
  } catch (error) {
    console.error('[OIDC] Session check error:', error)
    // Clear invalid session
    deleteCookie(event, 'nuxt-oidc-auth')
    return { user: null, authenticated: false }
  }
})