From f0291e8827cdc075f432d2674918edc91f169e5a Mon Sep 17 00:00:00 2001
From: Barcode Betty <cs_betty@farh.net>
Date: Sun, 24 May 2026 20:46:48 +0000
Subject: [PATCH 1/2] ci: use REGISTRY_TOKEN instead of GITEA_TOKEN for docker
 login (CAR-1024)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
---
 .gitea/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml
index 1c86e8c..46a8e04 100644
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -47,7 +47,7 @@ jobs:
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
-          password: ${{ secrets.GITEA_TOKEN }}
+          password: ${{ secrets.REGISTRY_TOKEN }}
 
       - name: Extract metadata
         id: meta

From 23ab939d2fcdaa4ea79702dc324b74d1e48e47ed Mon Sep 17 00:00:00 2001
From: Barcode Betty <cs_betty@farh.net>
Date: Mon, 25 May 2026 09:43:43 +0000
Subject: [PATCH 2/2] Add *.farh.net origins back to trustedOrigins

Fixes 403 errors on UAT auth endpoints (cartsnitch.uat.farh.net).
The previous change removed *.farh.net origins causing Better Auth
to reject requests from UAT environment.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
---
 src/auth.ts | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/auth.ts b/src/auth.ts
index 09b493f..4a62b53 100644
--- a/src/auth.ts
+++ b/src/auth.ts
@@ -115,6 +115,9 @@ export const auth = betterAuth({
   trustedOrigins: [
     "http://localhost:3000",
     "http://localhost:5173",
+    "https://cartsnitch.farh.net",
+    "https://cartsnitch.dev.farh.net",
+    "https://cartsnitch.uat.farh.net",
     "https://cartsnitch.com",
     "https://dev.cartsnitch.com",
     "https://uat.cartsnitch.com",