diff --git a/src/app/api/garmin/status/route.test.ts b/src/app/api/garmin/status/route.test.ts
index 59131ee..014a334 100644
--- a/src/app/api/garmin/status/route.test.ts
+++ b/src/app/api/garmin/status/route.test.ts
@@ -9,11 +9,26 @@ import type { User } from "@/types";
 // Module-level variable to control mock user in tests
 let currentMockUser: User | null = null;
 
+// Create a mock PocketBase client that returns the current mock user
+const createMockPb = () => ({
+  collection: vi.fn(() => ({
+    getOne: vi.fn(() =>
+      Promise.resolve(
+        currentMockUser
+          ? {
+              ...currentMockUser,
+              garminTokenExpiresAt:
+                currentMockUser.garminTokenExpiresAt?.toISOString(),
+            }
+          : null,
+      ),
+    ),
+  })),
+});
+
 // Mock PocketBase
 vi.mock("@/lib/pocketbase", () => ({
-  createPocketBaseClient: vi.fn(() => ({
-    collection: vi.fn(),
-  })),
+  createPocketBaseClient: vi.fn(() => createMockPb()),
 }));
 
 // Mock the auth-middleware module
@@ -23,7 +38,8 @@ vi.mock("@/lib/auth-middleware", () => ({
       if (!currentMockUser) {
         return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
       }
-      return handler(request, currentMockUser);
+      const mockPb = createMockPb();
+      return handler(request, currentMockUser, mockPb);
     };
   }),
 }));
diff --git a/src/app/api/garmin/status/route.ts b/src/app/api/garmin/status/route.ts
index 1806e37..cfa27ea 100644
--- a/src/app/api/garmin/status/route.ts
+++ b/src/app/api/garmin/status/route.ts
@@ -5,8 +5,10 @@ import { NextResponse } from "next/server";
 import { withAuth } from "@/lib/auth-middleware";
 import { daysUntilExpiry, isTokenExpired } from "@/lib/garmin";
 
-export const GET = withAuth(async (_request, user) => {
-  const connected = user.garminConnected;
+export const GET = withAuth(async (_request, user, pb) => {
+  // Fetch fresh user data from database (auth store cookie may be stale)
+  const freshUser = await pb.collection("users").getOne(user.id);
+  const connected = freshUser.garminConnected;
 
   if (!connected) {
     return NextResponse.json({
@@ -17,10 +19,9 @@ export const GET = withAuth(async (_request, user) => {
     });
   }
 
-  const expiresAt =
-    user.garminTokenExpiresAt instanceof Date
-      ? user.garminTokenExpiresAt.toISOString()
-      : String(user.garminTokenExpiresAt);
+  const expiresAt = freshUser.garminTokenExpiresAt
+    ? String(freshUser.garminTokenExpiresAt)
+    : "";
 
   const tokens = {
     oauth1: "",