akanealw/caddy-proxy-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

Replace next-auth with Better Auth, migrate DB columns to camelCase

Browse Source 
- Replace next-auth v5 beta with better-auth v1.6.2 (stable releases)
- Add multi-provider OAuth support with admin UI configuration
- New oauthProviders table with encrypted secrets (AES-256-GCM)
- Env var bootstrap (OAUTH_*) syncs to DB, UI-created providers fully editable
- OAuth provider REST API: GET/POST/PUT/DELETE /api/v1/oauth-providers
- Settings page "Authentication Providers" section for admin management
- Account linking uses new accounts table (multi-provider per user)
- Username plugin for credentials sign-in (replaces email@localhost pattern)
- bcrypt password compatibility (existing hashes work)
- Database-backed sessions via Kysely adapter (bun:sqlite direct)
- Configurable rate limiting via AUTH_RATE_LIMIT_* env vars
- All DB columns migrated from snake_case to camelCase
- All TypeScript types/models migrated to camelCase properties
- Removed casing: "snake_case" from Drizzle config
- Callback URL format: {baseUrl}/api/auth/oauth2/callback/{providerId}
- package-lock.json removed and gitignored (using bun.lock)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
fuomag9
2026-04-12 21:11:48 +02:00
parent eb78b64c2f
commit 3a16d6e9b1
100 changed files with 3390 additions and 14495 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
tests/unit/api-routes/users.test.ts
View File

@@ -53,8 +53,8 @@ const sampleUser = {
name: 'Admin User',
email: 'admin@example.com',
role: 'admin',
password_hash: '$2b$10$hashedpassword',
created_at: '2026-01-01',
passwordHash: '$2b$10$hashedpassword',
createdAt: '2026-01-01',
};
beforeEach(() => {
@@ -64,7 +64,7 @@ beforeEach(() => {
});
describe('GET /api/v1/users', () => {
it('returns list of users with password_hash stripped', async () => {
it('returns list of users with passwordHash stripped', async () => {
mockListUsers.mockResolvedValue([sampleUser] as any);
const response = await listGET(createMockRequest());
@@ -72,7 +72,7 @@ describe('GET /api/v1/users', () => {
expect(response.status).toBe(200);
expect(data).toHaveLength(1);
expect(data[0]).not.toHaveProperty('password_hash');
expect(data[0]).not.toHaveProperty('passwordHash');
expect(data[0].name).toBe('Admin User');
expect(data[0].email).toBe('admin@example.com');
});
@@ -87,14 +87,14 @@ describe('GET /api/v1/users', () => {
});
describe('GET /api/v1/users/[id]', () => {
it('returns a user by id with password_hash stripped', async () => {
it('returns a user by id with passwordHash stripped', async () => {
mockGetUserById.mockResolvedValue(sampleUser as any);
const response = await getGET(createMockRequest(), { params: Promise.resolve({ id: '1' }) });
const data = await response.json();
expect(response.status).toBe(200);
expect(data).not.toHaveProperty('password_hash');
expect(data).not.toHaveProperty('passwordHash');
expect(data.name).toBe('Admin User');
});
@@ -128,7 +128,7 @@ describe('GET /api/v1/users/[id]', () => {
expect(response.status).toBe(200);
expect(data.id).toBe(5);
expect(data).not.toHaveProperty('password_hash');
expect(data).not.toHaveProperty('passwordHash');
});
});
@@ -144,7 +144,7 @@ describe('PUT /api/v1/users/[id]', () => {
expect(response.status).toBe(200);
expect(data.name).toBe('Updated Name');
expect(data).not.toHaveProperty('password_hash');
expect(data).not.toHaveProperty('passwordHash');
expect(mockUpdateUserProfile).toHaveBeenCalledWith(1, { name: 'Updated Name' });
});