diff --git a/services/mana-core-auth/src/auth/better-auth.config.ts b/services/mana-core-auth/src/auth/better-auth.config.ts index c10f5e074..b0f413981 100644 --- a/services/mana-core-auth/src/auth/better-auth.config.ts +++ b/services/mana-core-auth/src/auth/better-auth.config.ts @@ -190,6 +190,21 @@ export function createBetterAuth(databaseUrl: string) { // Base URL for callbacks and redirects baseURL: process.env.BASE_URL || 'http://localhost:3001', + // Trusted origins for cross-origin requests + trustedOrigins: [ + 'https://auth.mana.how', + 'https://mana.how', + 'https://mchat.mana.how', + 'https://matrix.mana.how', + 'https://chat.mana.how', + 'https://calendar.mana.how', + 'https://contacts.mana.how', + 'https://picture.mana.how', + 'https://zitare.mana.how', + 'http://localhost:3001', + 'http://localhost:5173', + ], + // Plugins plugins: [ /** diff --git a/services/mana-core-auth/src/auth/oidc.controller.ts b/services/mana-core-auth/src/auth/oidc.controller.ts index ff37f7c1c..1c786fe66 100644 --- a/services/mana-core-auth/src/auth/oidc.controller.ts +++ b/services/mana-core-auth/src/auth/oidc.controller.ts @@ -89,7 +89,73 @@ export class OidcController { */ @Post('api/auth/sign-in/email') async signInEmail(@Req() req: Request, @Res() res: Response) { - return this.handleOidcRequest(req, res); + return this.handleBetterAuthRequest(req, res); + } + + /** + * Handle Better Auth requests by forwarding to Better Auth's handler + * This is a simpler handler that just passes through to Better Auth + */ + private async handleBetterAuthRequest(req: Request, res: Response) { + try { + const baseUrl = process.env.BASE_URL || 'http://localhost:3001'; + const url = new URL(req.originalUrl, baseUrl); + + const headers = new Headers(); + for (const [key, value] of Object.entries(req.headers)) { + if (value && typeof value === 'string') { + headers.set(key, value); + } else if (Array.isArray(value)) { + headers.set(key, value[0]); + } + } + + // Create Fetch Request + const fetchRequest = new Request(url.toString(), { + method: req.method, + headers, + body: req.method !== 'GET' && req.method !== 'HEAD' ? JSON.stringify(req.body) : undefined, + }); + + // Get Better Auth handler and call it directly + const handler = this.betterAuthService.getHandler(); + const response = await handler(fetchRequest); + + // Copy status + res.status(response.status); + + // Copy headers including Set-Cookie for session + response.headers.forEach((value: string, key: string) => { + // Handle multiple Set-Cookie headers + if (key.toLowerCase() === 'set-cookie') { + res.append(key, value); + } else { + res.setHeader(key, value); + } + }); + + // Handle redirects + if (response.status === 302 || response.status === 301) { + const location = response.headers.get('location'); + if (location) { + return res.redirect(response.status, location); + } + } + + // Return body + const body = await response.text(); + if (body) { + return res.send(body); + } + + return res.end(); + } catch (error) { + console.error('[BetterAuth] Error handling request:', error); + return res.status(HttpStatus.INTERNAL_SERVER_ERROR).json({ + error: 'server_error', + error_description: 'Internal server error', + }); + } } // ============================================ diff --git a/services/mana-core-auth/src/auth/services/better-auth.service.ts b/services/mana-core-auth/src/auth/services/better-auth.service.ts index 87676e9db..2c78d0802 100644 --- a/services/mana-core-auth/src/auth/services/better-auth.service.ts +++ b/services/mana-core-auth/src/auth/services/better-auth.service.ts @@ -99,6 +99,14 @@ export class BetterAuthService { return this.auth.api as unknown as BetterAuthAPI; } + /** + * Get the Better Auth handler for processing requests + * Used by controllers that need to forward requests to Better Auth + */ + getHandler() { + return this.auth.handler; + } + constructor( private configService: ConfigService, @Optional()