security improvements

server/api/auth/logout.post.ts

@@ -1,6 +1,16 @@
-import { clearAuthCookie } from '~/server/utils/auth'
+import { clearAuthCookie, getAuthCookie } from '~/server/utils/auth'
+import { deleteSession } from '~/server/utils/database'
 
 export default defineEventHandler(async (event) => {
+  // Get session token from cookie
+  const sessionToken = getAuthCookie(event)
+  
+  // Delete session from database if it exists
+  if (sessionToken) {
+    deleteSession(sessionToken)
+  }
+  
+  // Clear the cookie
   clearAuthCookie(event)
   
   return {