Matiss/Final-Year-Project
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(env): centralize auth env handling and prefer BETTER_AUTH_BASE_URL

Browse Source
This commit is contained in:
Matiss Jurevics
2026-01-24 10:10:00 +00:00
parent dc324b03a3
commit a9cb97727d
4 changed files with 40 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Backend/.env.example
View File

@@ -1,6 +1,6 @@
DATABASE_URL=postgres://username:password@localhost:5432/database_name DATABASE_URL=postgres://username:password@localhost:5432/database_name
BETTER_AUTH_SECRET=replace_with_a_long_random_secret BETTER_AUTH_SECRET=replace_with_a_long_random_secret
BETTER_AUTH_URL=http://localhost:3000 BETTER_AUTH_BASE_URL=http://localhost:3000
BETTER_AUTH_TRUSTED_ORIGINS=http://localhost:5173 BETTER_AUTH_TRUSTED_ORIGINS=http://localhost:5173
PORT=3000 PORT=3000
MINIO_ENDPOINT=localhost MINIO_ENDPOINT=localhost

5
Backend/auth.ts
View File

@@ -3,6 +3,7 @@ import { drizzleAdapter } from 'better-auth/adapters/drizzle';
import { db } from './db/client'; import { db } from './db/client';
import { schema } from './db/schema'; import { schema } from './db/schema';
import { getBetterAuthBaseUrl, getRequiredEnv } from './utils/env';
import { hashPassword, verifyPassword } from './utils/password'; import { hashPassword, verifyPassword } from './utils/password';
const trustedOrigins = process.env.BETTER_AUTH_TRUSTED_ORIGINS const trustedOrigins = process.env.BETTER_AUTH_TRUSTED_ORIGINS
@@ -24,8 +25,8 @@ export const auth = betterAuth({
verify: async ({ hash, password }) => verifyPassword(password, hash), verify: async ({ hash, password }) => verifyPassword(password, hash),
}, },
}, },
secret: process.env.BETTER_AUTH_SECRET, secret: getRequiredEnv('BETTER_AUTH_SECRET'),
baseURL: process.env.BETTER_AUTH_URL, baseURL: getBetterAuthBaseUrl(),
trustedOrigins, trustedOrigins,
}); });

7
Backend/utils/device-token.ts
View File

@@ -1,4 +1,5 @@
import { createHmac, timingSafeEqual } from 'crypto'; import { createHmac, timingSafeEqual } from 'crypto';
import { getRequiredEnv } from './env';
type DeviceRole = 'camera' | 'client'; type DeviceRole = 'camera' | 'client';
@@ -9,11 +10,7 @@ export type DeviceTokenPayload = {
exp: number; exp: number;
}; };
const secret = process.env.BETTER_AUTH_SECRET; const secret = getRequiredEnv('BETTER_AUTH_SECRET');
if (!secret) {
throw new Error('BETTER_AUTH_SECRET is required for device token signing');
}
const base64UrlEncode = (input: string): string => Buffer.from(input, 'utf8').toString('base64url'); const base64UrlEncode = (input: string): string => Buffer.from(input, 'utf8').toString('base64url');
const base64UrlDecode = (input: string): string => Buffer.from(input, 'base64url').toString('utf8'); const base64UrlDecode = (input: string): string => Buffer.from(input, 'base64url').toString('utf8');

34
Backend/utils/env.ts Normal file
View File

@@ -0,0 +1,34 @@
const getEnvValue = (name: string): string | undefined => {
const value = process.env[name];
if (!value) {
return undefined;
}
const trimmed = value.trim();
return trimmed.length > 0 ? trimmed : undefined;
};
export const getFirstDefinedEnv = (...names: string[]): string | undefined => {
for (const name of names) {
const value = getEnvValue(name);
if (value) {
return value;
}
}
return undefined;
};
export const getRequiredEnv = (name: string): string => {
const value = getEnvValue(name);
if (!value) {
throw new Error(`${name} is required. Add it to your .env file.`);
}
return value;
};
export const getBetterAuthBaseUrl = (): string => {
return getFirstDefinedEnv('BETTER_AUTH_BASE_URL', 'BETTER_AUTH_URL') ?? `http://localhost:${process.env.PORT ?? '3000'}`;
};