Skip to content

Commit 5ebc2c6

Browse files
authored
fix: πŸ› add better_auth_url to auth server trusted origins (#747)
* fix: πŸ› add better_auth_url to auth server trusted origins * fix: πŸ› remove posthog references to customAllergies
1 parent a46bff7 commit 5ebc2c6

2 files changed

Lines changed: 19 additions & 11 deletions

File tree

β€Žapps/next/src/components/ui/edit-preferences-content.tsxβ€Ž

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -168,11 +168,15 @@ export default function EditPreferencesContent({
168168
]);
169169

170170
posthog.capture("preferences_updated", {
171-
allergies: [...formData.allergies, ...customAllergies],
171+
// allergies: [...formData.allergies, ...customAllergies],
172+
// preferences: formData.preferences,
173+
// allergies_count: formData.allergies.length + customAllergies.length,
174+
// preferences_count: formData.preferences.length,
175+
// custom_allergies_count: customAllergies.length,
176+
allergies: formData.allergies,
172177
preferences: formData.preferences,
173-
allergies_count: formData.allergies.length + customAllergies.length,
178+
allergies_count: formData.allergies.length,
174179
preferences_count: formData.preferences.length,
175-
custom_allergies_count: customAllergies.length,
176180
});
177181

178182
if (onSaved) {

β€Žpackages/api/src/auth/index.tsβ€Ž

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -18,10 +18,19 @@ const authSecret =
1818
process.env.BETTER_AUTH_SECRET ?? process.env.NEXT_PUBLIC_BETTER_AUTH_SECRET;
1919
if (!authSecret) throw new Error("BETTER_AUTH_SECRET is not set");
2020

21+
const authBaseURL =
22+
process.env.BETTER_AUTH_URL ??
23+
process.env.NEXT_PUBLIC_BASE_URL ??
24+
"https://www.peterplate.com";
25+
26+
const trustedOrigins = Array.from(
27+
new Set(["https://www.peterplate.com", authBaseURL]),
28+
);
29+
2130
export const auth = betterAuth({
2231
debug: process.env.NODE_ENV !== "production",
2332
secret: authSecret,
24-
baseURL: process.env.NEXT_PUBLIC_BASE_URL ?? "https://www.peterplate.com",
33+
baseURL: authBaseURL,
2534
// The iOS PWA shell (WKWebView) always sends Origin: https://www.peterplate.com
2635
// because Settings.swift hardcodes rootUrl to that domain. Better Auth builds
2736
// its trusted-origins list from baseURL alone, so if NEXT_PUBLIC_BASE_URL is
@@ -30,12 +39,7 @@ export const auth = betterAuth({
3039
// WKWebView is every request, because Swift injects the app-platform cookie
3140
// via WKHTTPCookieStore. Listing the production origin explicitly makes the
3241
// iOS auth flow immune to baseURL misconfiguration.
33-
trustedOrigins: [
34-
"https://www.peterplate.com",
35-
...(process.env.NEXT_PUBLIC_BASE_URL
36-
? [process.env.NEXT_PUBLIC_BASE_URL]
37-
: []),
38-
],
42+
trustedOrigins,
3943
user: {
4044
additionalFields: {
4145
hasOnboarded: {
@@ -77,7 +81,7 @@ export const auth = betterAuth({
7781
// (b) causes Swift's ASWebAuthenticationSession.start() to silently
7882
// return false because "localhost" doesn't match the Associated
7983
// Domains entitlement (applinks:www.peterplate.com).
80-
redirectURI: `${process.env.NEXT_PUBLIC_BASE_URL ?? "https://www.peterplate.com"}/auth/native`,
84+
redirectURI: `${authBaseURL ?? "https://www.peterplate.com"}/auth/native`,
8185
scopes,
8286
pkce: true,
8387
mapProfileToUser,

0 commit comments

Comments
Β (0)