fix(#410): use toNodeHandler for BetterAuth Express compatibility

BetterAuth expects Web API Request objects (Fetch API standard) with
headers.get(), but NestJS/Express passes IncomingMessage objects with
headers[] property access. Use better-auth/node's toNodeHandler to
properly convert between Express req/res and BetterAuth's Web API handler.

Also fixes vitest SWC config to read the correct tsconfig for NestJS
decorator metadata emission, which was causing DI injection failures
in tests.

Fixes #410

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

apps/api/src/auth/auth.rate-limit.spec.ts

@@ -23,10 +23,17 @@ describe("AuthController - Rate Limiting", () => {
   let app: INestApplication;
   let loggerSpy: ReturnType<typeof vi.spyOn>;
 
+  const mockNodeHandler = vi.fn(
+    (_req: unknown, res: { statusCode: number; end: (body: string) => void }) => {
+      res.statusCode = 200;
+      res.end(JSON.stringify({}));
+      return Promise.resolve();
+    }
+  );
+
   const mockAuthService = {
-    getAuth: vi.fn().mockReturnValue({
-      handler: vi.fn().mockResolvedValue({ status: 200, body: {} }),
-    }),
+    getAuth: vi.fn(),
+    getNodeHandler: vi.fn().mockReturnValue(mockNodeHandler),
   };
 
   beforeEach(async () => {
@@ -76,7 +83,7 @@ describe("AuthController - Rate Limiting", () => {
         expect(response.status).not.toBe(HttpStatus.TOO_MANY_REQUESTS);
       }
 
-      expect(mockAuthService.getAuth).toHaveBeenCalledTimes(3);
+      expect(mockAuthService.getNodeHandler).toHaveBeenCalledTimes(3);
     });
 
     it("should return 429 when rate limit is exceeded", async () => {