From 14aaf01fa37e3e02e1d80af24293b0ebad6b41b5 Mon Sep 17 00:00:00 2001
From: Till-JS <101404291+Till-JS@users.noreply.github.com>
Date: Mon, 26 Jan 2026 15:54:35 +0100
Subject: [PATCH] fix(auth): move email verification config to correct location

Better Auth requires emailVerification config to be a separate top-level
option, not under emailAndPassword. Added sendOnSignUp: true to trigger
verification emails on registration.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 .../src/auth/better-auth.config.ts            | 38 ++++++++++---------
 1 file changed, 21 insertions(+), 17 deletions(-)

diff --git a/services/mana-core-auth/src/auth/better-auth.config.ts b/services/mana-core-auth/src/auth/better-auth.config.ts
index ede5ed104..4203eb425 100644
--- a/services/mana-core-auth/src/auth/better-auth.config.ts
+++ b/services/mana-core-auth/src/auth/better-auth.config.ts
@@ -85,29 +85,13 @@ export function createBetterAuth(databaseUrl: string) {
 			},
 		}),
 
-		// Email/password authentication with email verification and password reset
+		// Email/password authentication with password reset
 		emailAndPassword: {
 			enabled: true,
 			requireEmailVerification: true,
 			minPasswordLength: 8,
 			maxPasswordLength: 128,
 
-			/**
-			 * Email Verification
-			 *
-			 * Sends verification email when user registers.
-			 * User must verify email before they can log in.
-			 */
-			sendVerificationEmail: async ({
-				user,
-				url,
-			}: {
-				user: { email: string; name: string };
-				url: string;
-			}) => {
-				await sendVerificationEmail(user.email, url, user.name);
-			},
-
 			/**
 			 * Password Reset Configuration
 			 *
@@ -128,6 +112,26 @@ export function createBetterAuth(databaseUrl: string) {
 			},
 		},
 
+		/**
+		 * Email Verification Configuration
+		 *
+		 * Sends verification email when user registers.
+		 * User must verify email before they can log in.
+		 */
+		emailVerification: {
+			sendOnSignUp: true,
+			autoSignInAfterVerification: true,
+			sendVerificationEmail: async ({
+				user,
+				url,
+			}: {
+				user: { email: string; name: string };
+				url: string;
+			}) => {
+				await sendVerificationEmail(user.email, url, user.name);
+			},
+		},
+
 		// Session configuration
 		session: {
 			expiresIn: 60 * 60 * 24 * 7, // 7 days