// pages/api/auth/logout.ts
import type { NextApiRequest, NextApiResponse } from "next";

export default function handler(req: NextApiRequest, res: NextApiResponse) {
  const isProd = process.env.NODE_ENV === "production";
  res.setHeader(
    "Set-Cookie",
    [
      "token=", // empty token
      "HttpOnly",
      "Path=/",
      "SameSite=Strict",
      "Max-Age=0", // expire immediately
      isProd ? "Secure" : "",
    ]
      .filter(Boolean)
      .join("; ")
  );
  return res.status(200).json({ message: "Logged out" });
}