feat: add Better Auth authentication system #33
Conversation
- Install Better Auth with Prisma adapter for PostgreSQL - Add User, Session, Account, Verification models to database schema - Create auth API controller with catch-all Better Auth handler - Add authentication guard and middleware for protected routes - Create login/signup UI with email/password forms - Add auth provider for route protection and session management - Configure Next.js proxy to route /api requests to backend - Set up CORS configuration for cross-origin auth requests 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]>
- Add Better Auth dependency to backend package.json - Create auth module with controller, guard, and service - Add Prisma migration for Better Auth schema - Update app module to include auth module - Add auth guard to tasks controller for route protection - Configure global /api prefix and enhanced CORS settings 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]>
- Fix auth controller to properly convert Express requests to Web API requests - Add cookie name synchronization between frontend and backend - Configure Better Auth with correct baseURL including /api prefix - Add fetchOptions with credentials: 'include' for cross-origin cookie handling - Update CORS configuration to expose Set-Cookie headers - Use NestJS route pattern '*path' instead of deprecated '*' 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]>
- Configure auth client to call backend directly at localhost:9991 - Add credentials: 'include' for cross-origin cookie handling - Minor login page refinements 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]>
| @Controller('auth') | ||
| export class AuthController { | ||
| @All('*path') | ||
| async handleAuth(@Req() request: Request, @Res() response: Response) { |
There was a problem hiding this comment.
I don't like this but struggled to get the auth handler to work.
| cookieName: 'better-auth.session', // Match frontend cookie name | ||
| }, | ||
| secret: process.env.BETTER_AUTH_SECRET || 'fallback-secret-change-in-production', | ||
| baseURL: process.env.BETTER_AUTH_URL || 'http://localhost:9991/api/auth', |
There was a problem hiding this comment.
backend base url
There was a problem hiding this comment.
both secret and baseURL should be read from your env, you don't have to provide them unless you need the fallback. Also you don't need to pass /api/auth the origin is enough since base path defaults to /api/auth
| }, | ||
| secret: process.env.BETTER_AUTH_SECRET || 'fallback-secret-change-in-production', | ||
| baseURL: process.env.BETTER_AUTH_URL || 'http://localhost:9991/api/auth', | ||
| trustedOrigins: [ |
There was a problem hiding this comment.
do we need both of these?
| @@ -13,11 +13,17 @@ async function bootstrap() { | |||
| try { | |||
| const app = await NestFactory.create(AppModule); | |||
|
|
|||
| // Set global prefix for all routes | |||
| app.setGlobalPrefix('api'); | |||
There was a problem hiding this comment.
I'm not sure how the the current /api routes are working I sorta needed this but feels wrong
| async rewrites() { | ||
| return [ | ||
| { | ||
| source: '/api/:path*', |
There was a problem hiding this comment.
Added this proxy, do we need it?
| import { createAuthClient } from 'better-auth/react'; | ||
|
|
||
| export const authClient = createAuthClient({ | ||
| baseURL: 'http://localhost:9991/api/auth', |
There was a problem hiding this comment.
Backend base url which makes me think we don't need the next proxy
There was a problem hiding this comment.
yes, we don't. and also you don't need to pass /api/auth only the base url without the path is enough
| session: { | ||
| expiresIn: 60 * 60 * 24 * 7, // 7 days | ||
| updateAge: 60 * 60 * 24, // 24 hours (update session if it's older than this) | ||
| cookieName: 'better-auth.session', // Match frontend cookie name |
There was a problem hiding this comment.
this config isn't needed. This is the default, you probably should remove it.
| 'http://localhost:9991', // Backend URL | ||
| ], | ||
| advanced: { | ||
| crossSubDomainCookies: { |
There was a problem hiding this comment.
this is the default behavior, you don't need to pass this config.
|
|
||
| export const authClient = createAuthClient({ | ||
| baseURL: 'http://localhost:9991/api/auth', | ||
| session: { |
There was a problem hiding this comment.
This is invalid config, you can remove it
| cookieName: 'better-auth.session', | ||
| }, | ||
| fetchOptions: { | ||
| credentials: 'include', // Include cookies in cross-origin requests |
|
Is it possible to have the auth optionally configured with a environment variable? |
Uh oh!
There was an error while loading. Please reload this page.