atinux · victorfds · May 19, 2025 · May 19, 2025 · May 19, 2025
diff --git a/README.md b/README.md
@@ -116,7 +116,7 @@ interface UserSessionComposable {
 ```
 
 > [!IMPORTANT]
-> Nuxt Auth Utils uses the `/api/_auth/session` route for session management. Ensure your API route middleware doesn't interfere with this path.
+> Nuxt Auth Utils uses the `/session/_auth/session` route for session management. Ensure your API route middleware doesn't interfere with this path.
 
 ## Server Utils
 
@@ -556,7 +556,7 @@ We leverage hooks to let you extend the session data with your own data or log w
 ```ts
 // server/plugins/session.ts
 export default defineNitroPlugin(() => {
-  // Called when the session is fetched during SSR for the Vue composable (/api/_auth/session)
+  // Called when the session is fetched during SSR for the Vue composable (/session/_auth/session)
   // Or when we call useUserSession().fetch()
   sessionHooks.hook('fetch', async (session, event) => {
     // extend User Session by calling your database

diff --git a/src/module.ts b/src/module.ts
@@ -111,13 +111,13 @@ export default defineNuxtModule<ModuleOptions>({
 
     addServerImportsDir(resolver.resolve('./runtime/server/utils'))
     addServerHandler({
-      handler: resolver.resolve('./runtime/server/api/session.delete'),
-      route: '/api/_auth/session',
+      handler: resolver.resolve('./runtime/server/session/session.delete'),
+      route: '/session/_auth/session',
       method: 'delete',
     })
     addServerHandler({
-      handler: resolver.resolve('./runtime/server/api/session.get'),
-      route: '/api/_auth/session',
+      handler: resolver.resolve('./runtime/server/session/session.get'),
+      route: '/session/_auth/session',
       method: 'get',
     })
     // Set node:crypto as unenv external

diff --git a/src/runtime/app/composables/session.ts b/src/runtime/app/composables/session.ts
@@ -12,7 +12,7 @@ export function useUserSession(): UserSessionComposable {
   const authReadyState = useState('nuxt-auth-ready', () => false)
 
   const clear = async () => {
-    await useRequestFetch()('/api/_auth/session', {
+    await useRequestFetch()('/session/_auth/session', {
       method: 'DELETE',
       onResponse({ response: { headers } }) {
         // Forward the Set-Cookie header to the main server event
@@ -27,7 +27,7 @@ export function useUserSession(): UserSessionComposable {
   }
 
   const fetch = async () => {
-    sessionState.value = await useRequestFetch()<UserSession>('/api/_auth/session', {
+    sessionState.value = await useRequestFetch()<UserSession>('/session/_auth/session', {
       headers: {
         accept: 'application/json',
       },

diff --git a/src/runtime/server/api/session.delete.ts → src/runtime/server/session/session.delete.ts b/src/runtime/server/api/session.delete.ts → src/runtime/server/session/session.delete.ts
diff --git a/src/runtime/server/api/session.get.ts → src/runtime/server/session/session.get.ts b/src/runtime/server/api/session.get.ts → src/runtime/server/session/session.get.ts
diff --git a/test/basic.test.ts b/test/basic.test.ts
@@ -23,7 +23,7 @@ describe('ssr', async () => {
 
   it('returns an empty session', async () => {
     // Get response to a server-rendered page with `$fetch`.
-    const session = await $fetch('/api/_auth/session')
+    const session = await $fetch('/session/_auth/session')
     // Session should be an object with an `id` property
     expect(session).toBeInstanceOf(Object)
     expect(session).toHaveProperty('id')