Added a few new features.

src/lib/auth.ts

@@ -17,16 +17,35 @@ export const auth = betterAuth({
   // Secret for signing tokens
   secret: process.env.BETTER_AUTH_SECRET,
 
-  // Base URL configuration
-  baseURL: process.env.BETTER_AUTH_URL || "http://localhost:4321",
+  // Base URL configuration - ensure it's a valid URL
+  baseURL: (() => {
+    const url = process.env.BETTER_AUTH_URL || "http://localhost:4321";
+    try {
+      // Validate URL format
+      new URL(url);
+      return url;
+    } catch {
+      console.warn(`Invalid BETTER_AUTH_URL: ${url}, falling back to localhost`);
+      return "http://localhost:4321";
+    }
+  })(),
   basePath: "/api/auth", // Specify the base path for auth endpoints
   
-  // Trusted origins for OAuth flows
-  trustedOrigins: [
-    "http://localhost:4321",
-    "http://localhost:8080", // Keycloak
-    process.env.BETTER_AUTH_URL || "http://localhost:4321"
-  ].filter(Boolean),
+  // Trusted origins for OAuth flows - parse from environment if set
+  trustedOrigins: (() => {
+    const origins = [
+      "http://localhost:4321",
+      "http://localhost:8080", // Keycloak
+      process.env.BETTER_AUTH_URL || "http://localhost:4321"
+    ];
+    
+    // Add trusted origins from environment if set
+    if (process.env.BETTER_AUTH_TRUSTED_ORIGINS) {
+      origins.push(...process.env.BETTER_AUTH_TRUSTED_ORIGINS.split(',').map(o => o.trim()));
+    }
+    
+    return origins.filter(Boolean);
+  })(),
 
   // Authentication methods
   emailAndPassword: {