feat: Migrate from NextAuth to Better Auth

Backend changes: - Add better-auth and pg packages - Create Better Auth instance with PostgreSQL adapter - Add Better Auth route handler at /api/auth/* - Create migration script for Better Auth database schema - Update main index to use Better Auth routes instead of custom auth - Configure email/password and OAuth (GitHub/Google) providers Frontend changes: - Add better-auth client - Create Better Auth client instance configuration - Update lib/auth.ts to use Better Auth session - Rewrite sign-in page with Better Auth methods - Rewrite sign-up page with Better Auth methods - Remove NextAuth route handler Documentation: - Add comprehensive migration guide with setup instructions - Document environment variables and API endpoints - Include testing checklist and rollback plan Benefits: - Unified authentication for both Elysia backend and Next.js frontend - Database-backed sessions (more secure than JWT) - Better TypeScript support - Extensible plugin system for future features - Active development and frequent updates
2026-02-20 04:13:26 +00:00
parent 73282c71af
commit f8356e0945
12 changed files with 583 additions and 154 deletions
--- a/frontend/app/api/auth/[...nextauth]/route.ts
+++ b/frontend/app/api/auth/[...nextauth]/route.ts
@@ -1,67 +0,0 @@
-import NextAuth from 'next-auth'
-import GitHub from 'next-auth/providers/github'
-import Google from 'next-auth/providers/google'
-import Credentials from 'next-auth/providers/credentials'
-import type { NextAuthConfig } from 'next-auth'
-
-export const config: NextAuthConfig = {
-  providers: [
-    GitHub({
-      clientId: process.env.GITHUB_ID,
-      clientSecret: process.env.GITHUB_SECRET,
-    }),
-    Google({
-      clientId: process.env.GOOGLE_ID,
-      clientSecret: process.env.GOOGLE_SECRET,
-    }),
-    Credentials({
-      name: 'Credentials',
-      credentials: {
-        email: { label: "Email", type: "email" },
-        password: { label: "Password", type: "password" }
-      },
-      async authorize(credentials) {
-        // Call backend API to verify credentials
-        const res = await fetch(`${process.env.NEXT_PUBLIC_API_URL}/api/auth/login`, {
-          method: 'POST',
-          headers: { 'Content-Type': 'application/json' },
-          body: JSON.stringify(credentials)
-        })
-
-        const user = await res.json()
-        if (res.ok && user) {
-          return user
-        }
-        return null
-      }
-    })
-  ],
-  pages: {
-    signIn: '/auth/signin',
-  },
-  callbacks: {
-    async jwt({ token, user }) {
-      if (user) {
-        token.id = user.id
-        token.email = user.email
-        token.name = user.name
-      }
-      return token
-    },
-    async session({ session, token }) {
-      if (session.user) {
-        session.user.id = token.id as string
-        session.user.email = token.email as string
-      }
-      return session
-    }
-  },
-  session: {
-    strategy: 'jwt',
-    maxAge: 30 * 24 * 60 * 60, // 30 days
-  }
-}
-
-export const { handlers, auth, signIn, signOut } = NextAuth(config)
-
-export { handlers as GET, handlers as POST }