diff --git a/src/lib/server/auth/index.ts b/src/lib/server/auth/index.ts
new file mode 100644
index 0000000..3bbc2cc
--- /dev/null
+++ b/src/lib/server/auth/index.ts
@@ -0,0 +1,22 @@
+import { redirect, type ServerLoadEvent } from '@sveltejs/kit';
+import dayjs from 'dayjs';
+import { prisma } from '../prisma';
+
+export async function validateSession(event: ServerLoadEvent) {
+	const sessionId = event.cookies.get('auth_session');
+	if (!sessionId) {
+		redirect(300, '/login');
+	}
+	const session = await prisma.session.findUnique({
+		where: { id: sessionId },
+		include: { user: true },
+	});
+	if (!session) {
+		redirect(300, '/login');
+	}
+	const expiry = session.expiresAt;
+	if (dayjs(expiry).isBefore(dayjs())) {
+		redirect(300, '/login');
+	}
+	return session;
+}
\ No newline at end of file
diff --git a/src/routes/+page.server.ts b/src/routes/+page.server.ts
index 8ff2993..8b2f3fd 100644
--- a/src/routes/+page.server.ts
+++ b/src/routes/+page.server.ts
@@ -1,18 +1,10 @@
-import { prisma } from '$lib/server/prisma';
-import { redirect } from '@sveltejs/kit';
+import { validateSession } from '$lib/server/auth/index.js';
 
 export async function load(event) {
-	const sessionId = event.cookies.get('auth_session');
-	if (!sessionId) {
-		redirect(303, '/login');
-	}
-	const user = await prisma.session.findUnique({
-		where: {
-			id: sessionId,
-		},
-	});
-	if (!user) {
-		redirect(300, '/login');
-	}
-	return {};
-}
+	const {
+		user: { password: _, ...rest },
+	} = await validateSession(event);
+	return {
+		user: rest,
+	};
+}
\ No newline at end of file
diff --git a/src/routes/app/+layout.server.ts b/src/routes/app/+layout.server.ts
index dfefb8f..8b2f3fd 100644
--- a/src/routes/app/+layout.server.ts
+++ b/src/routes/app/+layout.server.ts
@@ -1,25 +1,9 @@
-import { prisma } from '$lib/server/prisma';
-import { redirect } from '@sveltejs/kit';
-import dayjs from 'dayjs';
+import { validateSession } from '$lib/server/auth/index.js';
 
 export async function load(event) {
-	const sessionId = event.cookies.get('auth_session');
-	if (!sessionId) {
-		redirect(300, '/login');
-	}
-	const session = await prisma.session.findUnique({
-		where: { id: sessionId },
-		include: { user: true },
-	});
-	if (!session) {
-		redirect(300, '/login');
-	}
-	const expiry = session.expiresAt;
-	if (dayjs(expiry).isBefore(dayjs())) {
-		redirect(300, '/login');
-	}
-
-	const { password: _, ...rest } = session.user;
+	const {
+		user: { password: _, ...rest },
+	} = await validateSession(event);
 	return {
 		user: rest,
 	};