Files
route-commerce/src/lib/auth.ts
T
openclaw 916ad39176
Deploy to route.crispygoat.com / deploy (push) Failing after 3m1s
feat(storage): MinIO object storage, Neon Auth, Supabase removal
- Add MinIO/S3-compatible storage client (src/lib/storage.ts) with uploadObject,
  deleteObject, presigned URL helpers, and BUCKETS constant
- Wire product images, brand logos, and water log photos to MinIO via the
  new storage client
- Migrate forgot-password to Neon Auth (remove Supabase /auth/v1/recover call)
- Migrate send-scheduled cron to direct Postgres + Resend (remove Supabase Edge
  Function proxy)
- Add logoUrl to email types (OrderReceipt, Welcome, PasswordReset) and pass
  brand_settings.logo_url from all call sites
- Update email templates to use dynamic logoUrl instead of hardcoded Supabase
  bucket URLs
- Remove hardcoded Supabase URLs from TuxedoVideoHero, TuxedoAboutPage,
  TimeTrackingFieldClient; use brand_settings props + local public/ fallback
- Download brand logos (3) and tuxedo-hero.mp4 (36MB) from Supabase bucket to
  public/ for local development
- Add MinIO env vars to .env.example (endpoint, access key, secret, buckets)
- Fix TimeTrackingFieldClient to destructure logoUrl and brandAccent props
- Fix admin/users.ts logoUrl type (null → undefined for optional string)
- Remove stale sb- cookie from wholesale-auth
- Migrate tuxedo/about page to remove supabase import and use pool query for
  wholesale_settings lookup
2026-06-09 12:23:37 -06:00

44 lines
1.7 KiB
TypeScript

import "server-only";
/**
* Neon Auth (Better Auth) — server-side configuration.
*
* This file is Node-only. It is imported by:
* - `src/app/api/auth/[...nextauth]/route.ts` (the API handler)
* - Server actions that call signIn / signOut
* - `src/lib/admin-permissions.ts` (reads getSession() for the current user)
*
* The middleware imports a separate, edge-safe instance built from
* `src/auth.config.ts`. Both instances share the same session cookie,
* so the middleware can read sessions minted here.
*
* Auth providers: configured in the Neon Auth dashboard (oauth-provider).
* Neon Auth manages its own users in the `neon_auth.user` table.
* Our `admin_users` table links to Neon Auth users by email.
*/
import { createNeonAuth } from "@neondatabase/auth/next/server";
import { getNeonAuthConfig } from "@/auth.config";
const auth = createNeonAuth({
baseUrl: getNeonAuthConfig().baseUrl,
cookies: { secret: getNeonAuthConfig().cookieSecret },
});
export const { getSession, signIn, signOut, resetPassword, requestPasswordReset } = auth;
export const { listUsers, createUser, setRole, setUserPassword, updateUser } = auth.admin;
/**
* Re-exported for the API route handler compatibility.
* `GET` and `POST` from `auth.handler()` handle all Neon Auth endpoints.
*/
const authInstance = auth.handler();
export const { GET: handlersGET, POST: handlersPOST } = authInstance;
/**
* Re-exported for middleware compatibility (edge runtime can't use Node-only auth).
* The middleware uses `neonAuthMiddleware` from `@neondatabase/auth/next/server` directly.
* This named export exists for call sites that import `auth` from this module.
*/
export { auth };