afuhflynn · afuhflynn · Jan 5, 2026 · coderabbitai · Jan 5, 2026 · coderabbitai
diff --git a/app/(dashboard)/settings/page.tsx b/app/(dashboard)/settings/page.tsx
@@ -24,8 +24,10 @@ export default function SettingsPage() {
           {/* Settings Navigation Sidebar */}
           <div className="lg:col-span-1">
             <SettingsSidebar
+              // @ts-ignore
               activeSection={params.settings_tab}
               setActiveSection={(v) =>
+                // @ts-ignore
                 setParams({ ...params, settings_tab: v })
               }
             />
@@ -34,6 +36,7 @@ export default function SettingsPage() {
           {/* Main Content Area */}
           <div className="lg:col-span-3">
             <SettingsContent
+              // @ts-ignore
               activeSection={params.settings_tab}
               hasChanges={hasChanges}
               setHasChanges={setHasChanges}

diff --git a/app/api/settings/profile/route.ts b/app/api/settings/profile/route.ts
@@ -19,6 +19,7 @@ export async function GET() {
         image: true,
         showEmail: true,
         showLocation: true,
+        username: true,
       },
     });
 
@@ -31,7 +32,7 @@ export async function GET() {
     console.error("Profile GET error:", error);
     return NextResponse.json(
       { error: "Failed to fetch profile" },
-      { status: 500 },
+      { status: 500 }
     );
   }
 }
@@ -71,7 +72,7 @@ export async function PUT(request: NextRequest) {
     console.error("Profile PUT error:", error);
     return NextResponse.json(
       { error: "Failed to update profile" },
-      { status: 500 },
+      { status: 500 }
     );
   }
 }
diff --git a/app/api/settings/sessions/[sessionId]/route.ts b/app/api/settings/sessions/[sessionId]/route.ts
@@ -1,22 +1,48 @@
 import { NextRequest, NextResponse } from "next/server";
-import { requireAuth } from "@/lib/auth-utils";
+import { auth } from "@/lib/auth";
+import { headers } from "next/headers";
+import { prisma } from "@/lib/prisma";
 
 export async function DELETE(
   request: NextRequest,
-  { params }: { params: { sessionId: string } },
+  { params }: { params: Promise<{ sessionId: string }> }
 ) {
   try {
-    const session = await requireAuth();
+    const session = await auth.api.getSession({ headers: await headers() });
 
-    // For demo purposes, just return success
-    // In production, you'd revoke the specific session
+    if (!session) {
+      return NextResponse.json(
+        { error: "Unauthorized", success: false },
+        { status: 401 }
+      );
+    }
+    const currentToken = session.session.token;
+    const { sessionId } = await params;
+    const sessionToRevoke = await prisma.session.findUnique({
+      where: { id: sessionId },
+    });
+
+    // Prevent revoking current session
+    if (sessionToRevoke?.token === currentToken) {
+      return NextResponse.json(
+        { error: "Cannot revoke current session" },
+        { status: 400 }
+      );
+    }
+
+    await prisma.session.delete({
+      where: {
+        id: sessionId,
+        userId: session.user.id,
+      },
+    });
 
     return NextResponse.json({ message: "Session revoked successfully" });
   } catch (error) {
     console.error("Session revoke error:", error);
     return NextResponse.json(
       { error: "Failed to revoke session" },
-      { status: 500 },
+      { status: 500 }
     );
   }
 }
diff --git a/app/api/settings/sessions/route.ts b/app/api/settings/sessions/route.ts
@@ -2,6 +2,8 @@ import { NextRequest, NextResponse } from "next/server";
 import { requireAuth } from "@/lib/auth-utils";
 import { prisma } from "@/lib/prisma";
 import { UAParser } from "ua-parser-js";
+import { auth } from "@/lib/auth";
+import { headers } from "next/headers";
 
 // Helper function to parse user agent and get device info
 function parseUserAgent(userAgent: string) {
@@ -59,10 +61,15 @@ function getTimeAgo(date: Date) {
 
 export async function GET(request: NextRequest) {
   try {
-    const session = await requireAuth();
+    const session = await auth.api.getSession({ headers: await headers() });
 
-    // Get current session token from cookie
-    const currentToken = request.cookies.get("session")?.value;
+    if (!session) {
+      return NextResponse.json(
+        { error: "Unauthorized", success: false },
+        { status: 401 }
+      );
+    }
+    const currentToken = session.session.token;
 
     // Fetch all sessions for the user
     const sessions = await prisma.session.findMany({
@@ -96,8 +103,15 @@ export async function GET(request: NextRequest) {
 
 export async function DELETE(request: NextRequest) {
   try {
-    const session = await requireAuth();
-    const currentToken = request.cookies.get("session")?.value;
+    const session = await auth.api.getSession({ headers: await headers() });
+
+    if (!session) {
+      return NextResponse.json(
+        { error: "Unauthorized", success: false },
+        { status: 401 }
+      );
+    }
+    const currentToken = session.session.token;
 
     const { searchParams } = new URL(request.url);
     const sessionId = searchParams.get("sessionId");