Merge pull request #66 from HrushiBorhade/step-5/better-auth

feat: Better Auth + GitHub OAuth + DAL + admin plugin

Author: HrushiBorhade

.gitignore

@@ -9,3 +9,6 @@ dist/
 .claude/
 .code-indexer/
 .superpowers/
+.vercel
+.env*.local
+.playwright-mcp/

apps/web/package.json

@@ -15,12 +15,15 @@
     "@codeindexer/db": "workspace:*",
     "@phosphor-icons/react": "^2.1.10",
     "@tanstack/react-query": "^5.80.6",
+    "better-auth": "^1.5.5",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
     "next": "16.2.0",
+    "next-themes": "^0.4.6",
     "radix-ui": "^1.4.3",
     "react": "19.2.4",
     "react-dom": "19.2.4",
+    "server-only": "^0.0.1",
     "sonner": "^2.0.7",
     "tailwind-merge": "^3.5.0",
     "zustand": "^5.0.5"

apps/web/src/app/api/auth/[...all]/route.ts

@@ -0,0 +1,4 @@
+import { auth } from '@/lib/auth';
+import { toNextJsHandler } from 'better-auth/next-js';
+
+export const { POST, GET } = toNextJsHandler(auth);

apps/web/src/app/dashboard/page.tsx

@@ -0,0 +1,18 @@
+import { getSession } from '@/lib/dal';
+import { SignOutButton } from '@/components/sign-out-button';
+
+export default async function DashboardPage() {
+  const session = await getSession();
+
+  return (
+    <div className="p-8">
+      <div className="flex items-center justify-between">
+        <div>
+          <h1 className="text-2xl font-bold">Dashboard</h1>
+          <p className="mt-1 text-muted-foreground">Welcome, {session.user.name}</p>
+        </div>
+        <SignOutButton />
+      </div>
+    </div>
+  );
+}

apps/web/src/app/layout.tsx

@@ -1,6 +1,8 @@
 import type { Metadata } from 'next';
 import { Geist, JetBrains_Mono } from 'next/font/google';
 import { cn } from '@/lib/utils';
+import { Providers } from '@/components/providers';
+import { ThemeToggle } from '@/components/theme-toggle';
 import './globals.css';
 
 const geistSans = Geist({
@@ -26,9 +28,15 @@ export default function RootLayout({
   return (
     <html
       lang="en"
+      suppressHydrationWarning
       className={cn('h-full antialiased', geistSans.variable, jetbrainsMono.variable)}
     >
-      <body className="flex min-h-full flex-col">{children}</body>
+      <body className="flex min-h-full flex-col">
+        <Providers>
+          <ThemeToggle />
+          {children}
+        </Providers>
+      </body>
     </html>
   );
 }

apps/web/src/app/login/page.tsx

@@ -0,0 +1,40 @@
+'use client';
+
+import { useState } from 'react';
+import { GithubLogo } from '@phosphor-icons/react';
+import { Button } from '@/components/ui/button';
+import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card';
+import { authClient } from '@/lib/auth-client';
+
+export default function LoginPage() {
+  const [loading, setLoading] = useState(false);
+
+  async function handleGitHubSignIn() {
+    setLoading(true);
+    try {
+      await authClient.signIn.social({
+        provider: 'github',
+        callbackURL: '/dashboard',
+      });
+    } catch {
+      setLoading(false);
+    }
+  }
+
+  return (
+    <div className="flex min-h-screen items-center justify-center p-4">
+      <Card className="w-full max-w-sm">
+        <CardHeader className="text-center">
+          <CardTitle className="text-2xl">Sign in to CodeIndexer</CardTitle>
+          <CardDescription>Connect your GitHub account to get started</CardDescription>
+        </CardHeader>
+        <CardContent>
+          <Button className="w-full" size="lg" onClick={handleGitHubSignIn} disabled={loading}>
+            <GithubLogo weight="bold" />
+            {loading ? 'Redirecting...' : 'Continue with GitHub'}
+          </Button>
+        </CardContent>
+      </Card>
+    </div>
+  );
+}

apps/web/src/components/providers.tsx

@@ -0,0 +1,21 @@
+'use client';
+
+import { ThemeProvider } from 'next-themes';
+import { Toaster } from 'sonner';
+import type { ReactNode } from 'react';
+import { useSessionSync } from '@/hooks/use-session-sync';
+
+function SessionSync() {
+  useSessionSync();
+  return null;
+}
+
+export function Providers({ children }: { children: ReactNode }) {
+  return (
+    <ThemeProvider attribute="class" defaultTheme="dark" enableSystem disableTransitionOnChange>
+      <SessionSync />
+      {children}
+      <Toaster />
+    </ThemeProvider>
+  );
+}

apps/web/src/components/sign-out-button.tsx

@@ -0,0 +1,32 @@
+'use client';
+
+import { useState } from 'react';
+import { SignOut } from '@phosphor-icons/react';
+import { useRouter } from 'next/navigation';
+import { Button } from '@/components/ui/button';
+import { authClient } from '@/lib/auth-client';
+
+export function SignOutButton() {
+  const router = useRouter();
+  const [loading, setLoading] = useState(false);
+
+  async function handleSignOut() {
+    setLoading(true);
+    try {
+      await authClient.signOut();
+      const bc = new BroadcastChannel('codeindexer-session');
+      bc.postMessage({ type: 'signed-out' });
+      bc.close();
+      router.push('/login');
+    } catch {
+      setLoading(false);
+    }
+  }
+
+  return (
+    <Button variant="outline" size="sm" onClick={handleSignOut} disabled={loading}>
+      <SignOut weight="bold" />
+      {loading ? 'Signing out...' : 'Sign out'}
+    </Button>
+  );
+}

apps/web/src/components/theme-toggle.tsx

@@ -0,0 +1,22 @@
+'use client';
+
+import { Moon, Sun } from '@phosphor-icons/react';
+import { useTheme } from 'next-themes';
+import { Button } from '@/components/ui/button';
+
+export function ThemeToggle() {
+  const { theme, setTheme } = useTheme();
+
+  return (
+    <Button
+      variant="ghost"
+      size="icon"
+      className="fixed right-4 top-4 z-50"
+      onClick={() => setTheme(theme === 'dark' ? 'light' : 'dark')}
+    >
+      <Sun className="size-5 scale-100 rotate-0 transition-all dark:scale-0 dark:-rotate-90" />
+      <Moon className="absolute size-5 scale-0 rotate-90 transition-all dark:scale-100 dark:rotate-0" />
+      <span className="sr-only">Toggle theme</span>
+    </Button>
+  );
+}

apps/web/src/hooks/use-session-sync.ts

@@ -0,0 +1,64 @@
+'use client';
+
+import { useEffect, useCallback } from 'react';
+import { useRouter } from 'next/navigation';
+import { authClient } from '@/lib/auth-client';
+import { useTabLeader } from './use-tab-leader';
+
+type SessionMessage =
+  | { type: 'session-update'; user: { name: string; email: string; image?: string } }
+  | { type: 'signed-out' };
+
+/**
+ * Cross-tab session synchronization using the Leader Election pattern.
+ *
+ * Leader tab: polls session periodically, broadcasts state to followers.
+ * Follower tabs: listen for broadcasts, react to sign-out/session changes.
+ * All tabs: redirect to /login on sign-out broadcast.
+ */
+export function useSessionSync() {
+  const router = useRouter();
+
+  const onMessage = useCallback(
+    (data: unknown) => {
+      const msg = data as SessionMessage;
+      if (msg.type === 'signed-out') {
+        router.push('/login');
+      } else if (msg.type === 'session-update') {
+        // Could update local state/cache here if needed
+        router.refresh();
+      }
+    },
+    [router],
+  );
+
+  const { isLeader, broadcast } = useTabLeader({
+    channel: 'codeindexer-session',
+    onMessage,
+  });
+
+  // Leader polls session every 4 minutes (cookie cache is 5 min)
+  useEffect(() => {
+    if (!isLeader) return;
+
+    const interval = setInterval(
+      async () => {
+        const { data: session } = await authClient.getSession();
+        if (!session) {
+          broadcast({ type: 'signed-out' });
+          router.push('/login');
+        } else {
+          broadcast({
+            type: 'session-update',
+            user: { name: session.user.name, email: session.user.email, image: session.user.image },
+          });
+        }
+      },
+      4 * 60 * 1000,
+    ); // 4 minutes
+
+    return () => clearInterval(interval);
+  }, [isLeader, broadcast, router]);
+
+  return { isLeader, broadcast };
+}