Refactor authentication routes to use '/auth' prefix in API calls

frontend/vue-app/src/components/profile/UserProfile.vue

@@ -263,7 +263,7 @@ async function resetPassword() {
   resetting.value = true
   errorMsg.value = ''
   try {
-    const res = await fetch('/api/request-password-reset', {
+    const res = await fetch('/api/auth/request-password-reset', {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
       body: JSON.stringify({ email: initialData.value.email }),
@@ -295,7 +295,6 @@ function closeDeleteWarning() {
 }
 
 async function confirmDeleteAccount() {
-  console.log('Confirming delete account with email:', confirmEmail.value)
   if (!isEmailValid(confirmEmail.value)) return
 
   deletingAccount.value = true
@@ -332,8 +331,15 @@ async function confirmDeleteAccount() {
 
 function handleDeleteSuccess() {
   showDeleteSuccess.value = false
-  logoutUser()
-  router.push('/auth/login')
+  // Call logout API to clear server cookies
+  fetch('/api/auth/logout', {
+    method: 'POST',
+    credentials: 'include',
+  }).finally(() => {
+    // Clear client-side auth and redirect, regardless of logout response
+    logoutUser()
+    router.push('/auth/login')
+  })
 }
 
 function closeDeleteError() {