// app/api/auth/logout/route.ts
import { NextRequest, NextResponse } from "next/server";

export const runtime = "nodejs";

const secure = process.env.NODE_ENV === "production";

export async function POST(_req: NextRequest) {
    const res = NextResponse.json({ ok: true });

    res.cookies.set({
        name: "ma_at",
        value: "",
        httpOnly: true,
        sameSite: "lax",
        secure,
        path: "/",
        expires: new Date(0), // expire immediately
                    maxAge: 0,
    });

    return res;
}

// Optional: support GET if you ever link to /api/auth/logout directly
export async function GET(_req: NextRequest) {
    return POST(_req);
}