mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

fix(#410): align BetterAuth basePath and auth client with NestJS routing
All checks were successful
ci/woodpecker/push/web Pipeline was successful
Details
ci/woodpecker/push/api Pipeline was successful
Details

Browse Source 
BetterAuth defaulted basePath to /api/auth but NestJS controller routes
to /auth/* (no global prefix). The auth client also pointed at the web
frontend origin instead of the API server, and LoginButton used a
nonexistent GET /auth/signin/authentik endpoint.

- Set basePath: "/auth" in BetterAuth server config
- Point auth client baseURL to API_BASE_URL with matching basePath
- Add genericOAuthClient plugin to auth client
- Use signIn.oauth2({ providerId: "authentik" }) in LoginButton

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jason Woltje
2026-02-15 19:41:08 -06:00
parent 31ce9e920c
commit 444fa1116a
4 changed files with 27 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
apps/web/src/lib/auth-client.ts
View File

@@ -7,20 +7,16 @@
* - Automatic token refresh
*/
import { createAuthClient } from "better-auth/react";
// Note: Credentials plugin import removed - better-auth has built-in credentials support
import { genericOAuthClient } from "better-auth/client/plugins";
import { API_BASE_URL } from "./config";
/**
* Auth client instance configured for Jarvis.
* Auth client instance configured for Mosaic Stack.
*/
export const authClient = createAuthClient({
// Base URL for auth API
baseURL:
typeof window !== "undefined"
? window.location.origin
: (process.env.BETTER_AUTH_URL ?? "http://localhost:3042"),
// Plugins can be added here when needed
plugins: [],
baseURL: API_BASE_URL,
basePath: "/auth",
plugins: [genericOAuthClient()],
});
/**
@@ -36,12 +32,7 @@ export const { signIn, signOut, useSession, getSession } = authClient;
* and the default BetterAuth client expects email.
*/
export async function signInWithCredentials(username: string, password: string): Promise<unknown> {
const baseURL =
typeof window !== "undefined"
? window.location.origin
: (process.env.BETTER_AUTH_URL ?? "http://localhost:3042");
const response = await fetch(`${baseURL}/api/auth/sign-in/credentials`, {
const response = await fetch(`${API_BASE_URL}/auth/sign-in/credentials`, {
method: "POST",
headers: {
"Content-Type": "application/json",