export default defineEventHandler(async (event) => {
  const user = event.context.user;

  // The auth middleware has already populated event.context.user.
  // We just need to verify it's a permanent user (has an email).
  if (!user || !user.email) {
    throw createError({
      statusCode: 401,
      statusMessage: 'Unauthorized: No active session.',
    });
  }

  // Return the user data DTO, which is already available on the context.
  return {
    user: {
        id: user.id,
        email: user.email,
        nickname: user.nickname,
        avatar: user.avatar,
        coins: user.coins,
        exp: user.exp,
        dailyStreak: user.dailyStreak,
        soundOn: user.soundOn,
        confettiOn: user.confettiOn,
        createdAt: user.createdAt,
        updatedAt: user.updatedAt,
    }
  };
});