fix(cli): add Origin header to auth requests

BetterAuth rejects requests without an Origin header with 403 MISSING_OR_NULL_ORIGIN. CLI fetch calls now send Origin: gatewayUrl. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-15 12:03:29 -05:00
parent 997a6d134f
commit eab6cf51f9
1 changed files with 2 additions and 2 deletions
--- a/packages/cli/src/auth.ts
+++ b/packages/cli/src/auth.ts
@@ -29,7 +29,7 @@ export async function signIn(
 ): Promise<AuthResult> {
  const res = await fetch(`${gatewayUrl}/api/auth/sign-in/email`, {
    method: 'POST',
-    headers: { 'Content-Type': 'application/json' },
+    headers: { 'Content-Type': 'application/json', Origin: gatewayUrl },
    body: JSON.stringify({ email, password }),
    redirect: 'manual',
  });
@@ -106,7 +106,7 @@ export function loadSession(gatewayUrl: string): AuthResult | null {
 export async function validateSession(gatewayUrl: string, cookie: string): Promise<boolean> {
  try {
    const res = await fetch(`${gatewayUrl}/api/auth/get-session`, {
-      headers: { Cookie: cookie },
+      headers: { Cookie: cookie, Origin: gatewayUrl },
    });
    return res.ok;
  } catch {