check user is present

A session can exist without a user, if the user was recently deleted

src/lib/server/auth/index.ts

@@ -11,7 +11,7 @@ export async function validateSession(event: ServerLoadEvent) {
 		where: { id: sessionId },
 		include: { user: true },
 	});
-	if (!session) {
+	if (!session || !session.user) {
 		redirect(300, '/login');
 	}
 	const expiry = session.expiresAt;

src/routes/+page.server.ts

@@ -1,10 +1,5 @@
 import { validateSession } from '$lib/server/auth/index.js';
 
 export async function load(event) {
-	const {
+	await validateSession(event);
-		user: { password: _, ...rest },
-	} = await validateSession(event);
-	return {
-		user: rest,
-	};
 }