RHL-003-feat(auth): implement logout endpoint to destroy session and clear auth cookie

app/api/auth/logout/route.js

@@ -0,0 +1,29 @@
+import { destroySession } from "@/lib/auth/session";
+
+/**
+ * GET /api/auth/logout
+ *
+ * Destroys the current session by clearing the auth cookie.
+ * Always returns { ok: true } on success.
+ */
+export async function GET() {
+	try {
+		destroySession();
+
+		return new Response(JSON.stringify({ ok: true }), {
+			status: 200,
+			headers: {
+				"Content-Type": "application/json",
+			},
+		});
+	} catch (error) {
+		console.error("Logout error:", error);
+
+		return new Response(JSON.stringify({ error: "Internal server error" }), {
+			status: 500,
+			headers: {
+				"Content-Type": "application/json",
+			},
+		});
+	}
+}