diff --git a/apps/api/src/plugins/session.ts b/apps/api/src/plugins/session.ts
index 7295bb3..6efd184 100644
--- a/apps/api/src/plugins/session.ts
+++ b/apps/api/src/plugins/session.ts
@@ -9,12 +9,14 @@ declare module 'fastify' {
   }
 }
 
-export async function requireAuth(req: FastifyRequest, reply: FastifyReply): Promise<void> {
+export async function requireAuth(
+  req: FastifyRequest,
+  reply: FastifyReply,
+): Promise<FastifyReply | void> {
   const token = req.cookies[SESSION_COOKIE];
   const session = await getSession(token);
   if (!session) {
-    reply.code(401).send({ error: 'unauthorized' });
-    return reply;
+    return reply.code(401).send({ error: 'unauthorized' });
   }
   req.user = session;
 }
diff --git a/apps/api/src/routes/oauth.ts b/apps/api/src/routes/oauth.ts
index 8c8b43b..1dc57a5 100644
--- a/apps/api/src/routes/oauth.ts
+++ b/apps/api/src/routes/oauth.ts
@@ -257,8 +257,6 @@ export async function oauthRoutes(app: FastifyInstance): Promise<void> {
       scopes_supported: ['mcp:read', 'mcp:write'],
     });
   });
-
-  void config;
 }
 
 function reqBase(req: { protocol?: string; headers: Record<string, string | string[] | undefined> }): string {