Two root causes fixed:
1. VITE_API_URL was empty in .env.production, so Better-Auth's client
had no baseURL and could not correctly route the OAuth callback.
2. OAuth callbackURL was window.location.origin (root path), causing
Better-Auth to redirect to / instead of /admin after login — since
unauthenticated users at / are redirected to /login, this created a
loop that appeared as 'session not persisting.'
With VITE_API_URL=https://uat.groombook.dev and callbackURL=/admin,
the callback lands on /admin which renders the admin layout and
correctly establishes the session cookie.
Co-authored-by: Chris Farhood <chris@farhood.org>
Co-authored-by: Paperclip <noreply@paperclip.ing>
Prevents localhost:3000 from being baked into the production bundle.
Vite automatically loads .env.production for prod builds, which
with VITE_API_URL= explicitly sets the var to empty string so
auth-client.ts uses relative URLs (?? "" fallback).
Co-Authored-By: Paperclip <noreply@paperclip.ing>
groombook-engineer[bot]