feat(api): mount Better-Auth handler at /api/auth/** (GRO-118)

- Import toNodeHandler from better-auth/node and auth from ./lib/auth.js - Mount Better-Auth HTTP handler before auth middleware block - Handles OAuth callbacks, sign-in/sign-out, session management - Supports GET/POST/PUT/PATCH/DELETE/OPTIONS methods Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-27 20:37:06 +00:00
parent 7bc4285cdc
commit 7e53ac1227
1 changed files with 11 additions and 0 deletions
@@ -2,6 +2,8 @@ import { serve } from "@hono/node-server";
 import { Hono } from "hono";
 import { logger } from "hono/logger";
 import { cors } from "hono/cors";
+import { toNodeHandler } from "better-auth/node";
+import { auth } from "./lib/auth.js";
 import { clientsRouter } from "./routes/clients.js";
 import { petsRouter } from "./routes/pets.js";
 import { servicesRouter } from "./routes/services.js";
@@ -65,6 +67,15 @@ app.get("/api/branding", async (c) => {

 // Public iCal calendar feed — token auth in URL, no auth middleware required
 app.route("/api/calendar", calendarRouter);
+
+// Better-Auth handler — public, handles OAuth callbacks, session management
+// Mounted BEFORE auth middleware so it's accessible without authentication
+app.on(["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"], "/api/auth/**", (c) => {
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  const { incoming, outgoing } = c.env as any;
+  return toNodeHandler(auth)(incoming, outgoing);
+});
+
 // Protected API routes
 const api = app.basePath("/api");
 api.use("*", authMiddleware);