feat(auth): add better-auth core wiring for admin and db
This commit is contained in:
33
docs/product-engineering/auth-baseline.md
Normal file
33
docs/product-engineering/auth-baseline.md
Normal file
@@ -0,0 +1,33 @@
|
||||
# Better Auth Baseline
|
||||
|
||||
## Scope
|
||||
|
||||
This baseline activates Better Auth for the admin app with email/password login and Prisma-backed sessions.
|
||||
|
||||
Implemented in MVP0:
|
||||
|
||||
- Shared auth package: `@cms/auth`
|
||||
- Admin auth API routes: `apps/admin/src/app/api/auth/[...all]/route.ts`
|
||||
- Admin login page: `/login`
|
||||
- Prisma auth models (`user`, `session`, `account`, `verification`)
|
||||
- Registration toggle via `CMS_ADMIN_REGISTRATION_ENABLED`
|
||||
|
||||
## Environment
|
||||
|
||||
Required variables:
|
||||
|
||||
- `BETTER_AUTH_SECRET`
|
||||
- `BETTER_AUTH_URL`
|
||||
- `CMS_ADMIN_ORIGIN`
|
||||
- `CMS_WEB_ORIGIN`
|
||||
- `DATABASE_URL`
|
||||
|
||||
Optional:
|
||||
|
||||
- `CMS_ADMIN_REGISTRATION_ENABLED`
|
||||
- `CMS_DEV_ROLE` (development-only middleware bypass)
|
||||
|
||||
## Notes
|
||||
|
||||
- Owner bootstrap, hidden support user, and owner invariant are tracked as upcoming MVP0 tasks in `TODO.md`.
|
||||
- Email verification and forgot/reset password pipelines are tracked for MVP2.
|
||||
Reference in New Issue
Block a user