owltide/server/api/auth/session.delete.ts

/*
	SPDX-FileCopyrightText: © 2025 Hornwitser <code@hornwitser.no>
	SPDX-License-Identifier: AGPL-3.0-or-later
*/
import { readUsers } from "~/server/database";
import { cancelSessionStreams } from "~/server/streams";

export default defineEventHandler(async (event) => {
	const session = await getServerSession(event, true);
	if (session) {
		const users = await readUsers();
		const account = users.find(user => user.id === session.accountId);
		if (account?.type === "anonymous") {
			throw createError({
				status: 409,
				message: "Cannot log out of an anonymous account",
			});
		}
	}

	if (session) {
		cancelSessionStreams(session.id);
	}
	await clearServerSession(event);
})