wip: test

2025-11-21 12:11:29 +10:00 · 2025-01-05 15:44:16 +11:00
parent 866b036484
commit 071ce70292
20 changed files with 903 additions and 349 deletions
--- a/apps/remix/app/lib/auth.server.ts
+++ b/apps/remix/app/lib/auth.server.ts
@ -0,0 +1,112 @@
+import { compare, hash } from '@node-rs/bcrypt';
+import { betterAuth } from 'better-auth';
+import { prismaAdapter } from 'better-auth/adapters/prisma';
+import { twoFactor } from 'better-auth/plugins';
+
+import { getAuthenticatorOptions } from '@documenso/lib/utils/authenticator';
+import { prisma } from '@documenso/prisma';
+
+import { passkeyPlugin } from './auth/passkey-plugin';
+
+// todo: import from @documenso/lib/constants/auth
+export const SALT_ROUNDS = 12;
+
+const passkeyOptions = getAuthenticatorOptions();
+
+export const auth = betterAuth({
+  appName: 'Documenso',
+  plugins: [
+    twoFactor({
+      issuer: 'Documenso',
+      skipVerificationOnEnable: true,
+      // totpOptions: {
+
+      // },
+      schema: {
+        twoFactor: {
+          modelName: 'TwoFactor',
+          fields: {
+            userId: 'userId',
+            secret: 'secret',
+            backupCodes: 'backupCodes',
+          },
+        },
+      },
+      // todo: add options
+    }),
+    passkeyPlugin(),
+    // passkey({
+    //   rpID: passkeyOptions.rpId,
+    //   rpName: passkeyOptions.rpName,
+    //   origin: passkeyOptions.origin,
+    //   schema: {
+    //     passkey: {
+    //       fields: {
+    //         publicKey: 'credentialPublicKey',
+    //         credentialID: 'credentialId',
+    //         deviceType: 'credentialDeviceType',
+    //         backedUp: 'credentialBackedUp',
+    //         // transports: '',
+    //       },
+    //     },
+    //   },
+    // }),
+  ],
+  secret: 'secret', // todo
+  database: prismaAdapter(prisma, {
+    provider: 'postgresql',
+  }),
+  databaseHooks: {
+    account: {
+      create: {
+        before: (session) => {
+          return {
+            data: {
+              ...session,
+              accountId: session.accountId.toString(),
+            },
+          };
+        },
+      },
+    },
+  },
+  session: {
+    fields: {
+      token: 'sessionToken',
+      expiresAt: 'expires',
+    },
+  },
+  user: {
+    fields: {
+      emailVerified: 'isEmailVerified',
+    },
+  },
+  account: {
+    fields: {
+      providerId: 'provider',
+      accountId: 'providerAccountId',
+      refreshToken: 'refresh_token',
+      accessToken: 'access_token',
+      idToken: 'id_token',
+    },
+  },
+  advanced: {
+    generateId: false,
+  },
+  socialProviders: {
+    google: {
+      clientId: '',
+      clientSecret: '',
+    },
+  },
+  emailAndPassword: {
+    enabled: true,
+    requireEmailVerification: false,
+    // maxPasswordLength: 128,
+    // minPasswordLength: 8,
+    password: {
+      hash: async (password) => hash(password, SALT_ROUNDS),
+      verify: async ({ hash, password }) => compare(password, hash),
+    },
+  },
+});