Added Better Auth

src/pages/api/auth/[...all].ts

@@ -0,0 +1,10 @@
+import { auth } from "@/lib/auth";
+import type { APIRoute } from "astro";
+
+export const ALL: APIRoute = async (ctx) => {
+  // If you want to use rate limiting, make sure to set the 'x-forwarded-for' header
+  // to the request headers from the context
+  // ctx.request.headers.set("x-forwarded-for", ctx.clientAddress);
+  
+  return auth.handler(ctx.request);
+};

src/pages/api/auth/check-users.ts

@@ -0,0 +1,30 @@
+import type { APIRoute } from "astro";
+import { db, users } from "@/lib/db";
+import { sql } from "drizzle-orm";
+
+export const GET: APIRoute = async () => {
+  try {
+    const userCountResult = await db
+      .select({ count: sql<number>`count(*)` })
+      .from(users);
+    
+    const userCount = userCountResult[0].count;
+
+    if (userCount === 0) {
+      return new Response(JSON.stringify({ error: "No users found" }), {
+        status: 404,
+        headers: { "Content-Type": "application/json" },
+      });
+    }
+
+    return new Response(JSON.stringify({ userCount }), {
+      status: 200,
+      headers: { "Content-Type": "application/json" },
+    });
+  } catch (error) {
+    return new Response(JSON.stringify({ error: "Internal server error" }), {
+      status: 500,
+      headers: { "Content-Type": "application/json" },
+    });
+  }
+};

src/pages/api/auth/legacy-backup/README.md

@@ -0,0 +1,13 @@
+# Legacy Auth Routes Backup
+
+These files are the original authentication routes before migrating to Better Auth.
+They are kept here as a reference during the migration process.
+
+## Migration Notes
+
+- `index.ts` - Handled user session validation and getting current user
+- `login.ts` - Handled user login with email/password
+- `logout.ts` - Handled user logout and session cleanup
+- `register.ts` - Handled new user registration
+
+All these endpoints are now handled by Better Auth through the catch-all route `[...all].ts`.

src/pages/api/organizations/[id].ts

@@ -2,36 +2,17 @@ import type { APIRoute } from "astro";
 import { db, organizations } from "@/lib/db";
 import { eq, and } from "drizzle-orm";
 import { createSecureErrorResponse } from "@/lib/utils";
-import jwt from "jsonwebtoken";
+import { requireAuth } from "@/lib/utils/auth-helpers";
 
-const JWT_SECRET = process.env.JWT_SECRET || "your-secret-key";
-
-export const PATCH: APIRoute = async ({ request, params, cookies }) => {
+export const PATCH: APIRoute = async (context) => {
   try {
-    // Get token from Authorization header or cookies
-    const authHeader = request.headers.get("Authorization");
-    const token = authHeader?.split(" ")[1] || cookies.get("token")?.value;
+    // Check authentication
+    const { user, response } = await requireAuth(context);
+    if (response) return response;
 
-    if (!token) {
-      return new Response(JSON.stringify({ error: "Unauthorized" }), {
-        status: 401,
-        headers: { "Content-Type": "application/json" },
-      });
-    }
+    const userId = user!.id;
 
-    // Verify token and get user ID
-    let userId: string;
-    try {
-      const decoded = jwt.verify(token, JWT_SECRET) as { id: string };
-      userId = decoded.id;
-    } catch (error) {
-      return new Response(JSON.stringify({ error: "Invalid token" }), {
-        status: 401,
-        headers: { "Content-Type": "application/json" },
-      });
-    }
-
-    const orgId = params.id;
+    const orgId = context.params.id;
     if (!orgId) {
       return new Response(JSON.stringify({ error: "Organization ID is required" }), {
         status: 400,
@@ -39,7 +20,7 @@ export const PATCH: APIRoute = async ({ request, params, cookies }) => {
       });
     }
 
-    const body = await request.json();
+    const body = await context.request.json();
     const { destinationOrg } = body;
 
     // Validate that the organization belongs to the user

src/pages/api/repositories/[id].ts

@@ -2,36 +2,17 @@ import type { APIRoute } from "astro";
 import { db, repositories } from "@/lib/db";
 import { eq, and } from "drizzle-orm";
 import { createSecureErrorResponse } from "@/lib/utils";
-import jwt from "jsonwebtoken";
+import { requireAuth } from "@/lib/utils/auth-helpers";
 
-const JWT_SECRET = process.env.JWT_SECRET || "your-secret-key";
-
-export const PATCH: APIRoute = async ({ request, params, cookies }) => {
+export const PATCH: APIRoute = async (context) => {
   try {
-    // Get token from Authorization header or cookies
-    const authHeader = request.headers.get("Authorization");
-    const token = authHeader?.split(" ")[1] || cookies.get("token")?.value;
+    // Check authentication
+    const { user, response } = await requireAuth(context);
+    if (response) return response;
 
-    if (!token) {
-      return new Response(JSON.stringify({ error: "Unauthorized" }), {
-        status: 401,
-        headers: { "Content-Type": "application/json" },
-      });
-    }
+    const userId = user!.id;
 
-    // Verify token and get user ID
-    let userId: string;
-    try {
-      const decoded = jwt.verify(token, JWT_SECRET) as { id: string };
-      userId = decoded.id;
-    } catch (error) {
-      return new Response(JSON.stringify({ error: "Invalid token" }), {
-        status: 401,
-        headers: { "Content-Type": "application/json" },
-      });
-    }
-
-    const repoId = params.id;
+    const repoId = context.params.id;
     if (!repoId) {
       return new Response(JSON.stringify({ error: "Repository ID is required" }), {
         status: 400,
@@ -39,7 +20,7 @@ export const PATCH: APIRoute = async ({ request, params, cookies }) => {
       });
     }
 
-    const body = await request.json();
+    const body = await context.request.json();
     const { destinationOrg } = body;
 
     // Validate that the repository belongs to the user