From e17db4e4b21c37230e60453476589f44e33909a9 Mon Sep 17 00:00:00 2001
From: Victor Ferreira da Silva <victor.ferreira@castgroup.com.br>
Date: Mon, 19 May 2025 18:32:24 -0400
Subject: [PATCH 1/3] docs: new route for session
 (server/session/_auth/session)

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 862f0133..1ab34171 100644
--- a/README.md
+++ b/README.md
@@ -116,7 +116,7 @@ interface UserSessionComposable {
 ```
 
 > [!IMPORTANT]
-> Nuxt Auth Utils uses the `/api/_auth/session` route for session management. Ensure your API route middleware doesn't interfere with this path.
+> Nuxt Auth Utils uses the `/session/_auth/session` route for session management. Ensure your API route middleware doesn't interfere with this path.
 
 ## Server Utils
 
@@ -556,7 +556,7 @@ We leverage hooks to let you extend the session data with your own data or log w
 ```ts
 // server/plugins/session.ts
 export default defineNitroPlugin(() => {
-  // Called when the session is fetched during SSR for the Vue composable (/api/_auth/session)
+  // Called when the session is fetched during SSR for the Vue composable (/session/_auth/session)
   // Or when we call useUserSession().fetch()
   sessionHooks.hook('fetch', async (session, event) => {
     // extend User Session by calling your database

From 566ebd706d72a3667f3713237729d99ed54bed67 Mon Sep 17 00:00:00 2001
From: Victor Ferreira da Silva <victor.ferreira@castgroup.com.br>
Date: Mon, 19 May 2025 18:34:21 -0400
Subject: [PATCH 2/3] test: session route /session/_auth/session ok

---
 test/basic.test.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/basic.test.ts b/test/basic.test.ts
index 39380c67..226fbe16 100644
--- a/test/basic.test.ts
+++ b/test/basic.test.ts
@@ -23,7 +23,7 @@ describe('ssr', async () => {
 
   it('returns an empty session', async () => {
     // Get response to a server-rendered page with `$fetch`.
-    const session = await $fetch('/api/_auth/session')
+    const session = await $fetch('/session/_auth/session')
     // Session should be an object with an `id` property
     expect(session).toBeInstanceOf(Object)
     expect(session).toHaveProperty('id')

From b3a131e5725b54024547da53c8275bfe0551e5ba Mon Sep 17 00:00:00 2001
From: Victor Ferreira da Silva <victor.ferreira@castgroup.com.br>
Date: Mon, 19 May 2025 18:38:13 -0400
Subject: [PATCH 3/3] refactor: move nuxt-auth-utils session fetch to
 /.nuxt-auth-utils/session to avoid polluting /api namespace

---
 src/module.ts                                         | 8 ++++----
 src/runtime/app/composables/session.ts                | 4 ++--
 src/runtime/server/{api => session}/session.delete.ts | 0
 src/runtime/server/{api => session}/session.get.ts    | 0
 4 files changed, 6 insertions(+), 6 deletions(-)
 rename src/runtime/server/{api => session}/session.delete.ts (100%)
 rename src/runtime/server/{api => session}/session.get.ts (100%)

diff --git a/src/module.ts b/src/module.ts
index 99dbd418..d07b6023 100644
--- a/src/module.ts
+++ b/src/module.ts
@@ -111,13 +111,13 @@ export default defineNuxtModule<ModuleOptions>({
 
     addServerImportsDir(resolver.resolve('./runtime/server/utils'))
     addServerHandler({
-      handler: resolver.resolve('./runtime/server/api/session.delete'),
-      route: '/api/_auth/session',
+      handler: resolver.resolve('./runtime/server/session/session.delete'),
+      route: '/session/_auth/session',
       method: 'delete',
     })
     addServerHandler({
-      handler: resolver.resolve('./runtime/server/api/session.get'),
-      route: '/api/_auth/session',
+      handler: resolver.resolve('./runtime/server/session/session.get'),
+      route: '/session/_auth/session',
       method: 'get',
     })
     // Set node:crypto as unenv external
diff --git a/src/runtime/app/composables/session.ts b/src/runtime/app/composables/session.ts
index ddb49674..5c1965c6 100644
--- a/src/runtime/app/composables/session.ts
+++ b/src/runtime/app/composables/session.ts
@@ -12,7 +12,7 @@ export function useUserSession(): UserSessionComposable {
   const authReadyState = useState('nuxt-auth-ready', () => false)
 
   const clear = async () => {
-    await useRequestFetch()('/api/_auth/session', {
+    await useRequestFetch()('/session/_auth/session', {
       method: 'DELETE',
       onResponse({ response: { headers } }) {
         // Forward the Set-Cookie header to the main server event
@@ -27,7 +27,7 @@ export function useUserSession(): UserSessionComposable {
   }
 
   const fetch = async () => {
-    sessionState.value = await useRequestFetch()<UserSession>('/api/_auth/session', {
+    sessionState.value = await useRequestFetch()<UserSession>('/session/_auth/session', {
       headers: {
         accept: 'application/json',
       },
diff --git a/src/runtime/server/api/session.delete.ts b/src/runtime/server/session/session.delete.ts
similarity index 100%
rename from src/runtime/server/api/session.delete.ts
rename to src/runtime/server/session/session.delete.ts
diff --git a/src/runtime/server/api/session.get.ts b/src/runtime/server/session/session.get.ts
similarity index 100%
rename from src/runtime/server/api/session.get.ts
rename to src/runtime/server/session/session.get.ts