fix(auth): use UUID id generation for BetterAuth DB models

apps/api/src/auth/auth.config.spec.ts

@@ -524,6 +524,21 @@ describe("auth.config", () => {
       expect(config.session.updateAge).toBe(7200);
     });
 
+    it("should configure BetterAuth database ID generation as UUID", () => {
+      const mockPrisma = {} as PrismaClient;
+      createAuth(mockPrisma);
+
+      expect(mockBetterAuth).toHaveBeenCalledOnce();
+      const config = mockBetterAuth.mock.calls[0][0] as {
+        advanced: {
+          database: {
+            generateId: string;
+          };
+        };
+      };
+      expect(config.advanced.database.generateId).toBe("uuid");
+    });
+
     it("should set httpOnly cookie attribute to true", () => {
       const mockPrisma = {} as PrismaClient;
       createAuth(mockPrisma);

apps/api/src/auth/auth.config.ts

@@ -1,4 +1,3 @@
-import { randomUUID } from "node:crypto";
 import { betterAuth } from "better-auth";
 import { prismaAdapter } from "better-auth/adapters/prisma";
 import { genericOAuth } from "better-auth/plugins";
@@ -260,7 +259,10 @@ export function createAuth(prisma: PrismaClient) {
       updateAge: 60 * 60 * 2, // 2 hours — minimum session age before BetterAuth refreshes the expiry on next request
     },
     advanced: {
-      generateId: () => randomUUID(),
+      database: {
+        // BetterAuth's default ID generator emits opaque strings; our auth tables use UUID PKs.
+        generateId: "uuid",
+      },
       defaultCookieAttributes: {
         httpOnly: true,
         secure: process.env.NODE_ENV === "production",