From 1f2a73cb44648a09ac19896fbfddb85dee503ab7 Mon Sep 17 00:00:00 2001
From: "groombook-engineer[bot]"
 <3141748+groombook-engineer[bot]@users.noreply.github.com>
Date: Fri, 3 Apr 2026 11:37:27 +0000
Subject: [PATCH] fix(GRO-424): add try/catch around reinitAuth() calls

reinitAuth() can throw if BETTER_AUTH_SECRET is missing, causing
an unhandled rejection that returns an HTML error page instead of
JSON. Wrap both PUT and DELETE handlers in try/catch to return a
proper JSON error response.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
---
 apps/api/src/routes/authProvider.ts | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/apps/api/src/routes/authProvider.ts b/apps/api/src/routes/authProvider.ts
index bbf8dc4..edd4d21 100644
--- a/apps/api/src/routes/authProvider.ts
+++ b/apps/api/src/routes/authProvider.ts
@@ -88,7 +88,12 @@ authProviderRouter.put(
 
     if (!row) return c.json({ error: "Failed to create auth provider config" }, 500);
 
-    await reinitAuth();
+    try {
+      await reinitAuth();
+    } catch (err) {
+      const message = err instanceof Error ? err.message : "Unknown error";
+      return c.json({ error: `Failed to reinitialize auth: ${message}` }, 500);
+    }
 
     return c.json({
       id: row.id,
@@ -145,7 +150,12 @@ authProviderRouter.delete(
   async (c) => {
     const db = getDb();
     await db.delete(authProviderConfig);
-    await reinitAuth();
+    try {
+      await reinitAuth();
+    } catch (err) {
+      const message = err instanceof Error ? err.message : "Unknown error";
+      return c.json({ error: `Failed to reinitialize auth: ${message}` }, 500);
+    }
     return c.json({ ok: true });
   }
 );