fix(auth): migrate from next-auth to better-auth

.env.example

@@ -1,5 +1,6 @@
 # Generate a random secret: https://generate-secret.vercel.app/32 or `openssl rand -base64 32`
-AUTH_SECRET=****
+BETTER_AUTH_SECRET=****
+BETTER_AUTH_URL=****
 
 # The following keys below are automatically created and
 # added to your environment when you deploy on Vercel

app/(auth)/actions.ts

@@ -1,10 +1,7 @@
 "use server";
 
 import { z } from "zod";
-
-import { createUser, getUser } from "@/lib/db/queries";
-
-import { signIn } from "./auth";
+import { auth } from "@/lib/auth";
 
 const authFormSchema = z.object({
   email: z.string().email(),
@@ -25,10 +22,11 @@ export const login = async (
       password: formData.get("password"),
     });
 
-    await signIn("credentials", {
-      email: validatedData.email,
-      password: validatedData.password,
-      redirect: false,
+    await auth.api.signInEmail({
+      body: {
+        email: validatedData.email,
+        password: validatedData.password,
+      },
     });
 
     return { status: "success" };
@@ -61,24 +59,29 @@ export const register = async (
       password: formData.get("password"),
     });
 
-    const [user] = await getUser(validatedData.email);
+    const result = await auth.api.signUpEmail({
+      body: {
+        email: validatedData.email,
+        password: validatedData.password,
+        name: validatedData.email,
+      },
+    });
 
-    if (user) {
-      return { status: "user_exists" } as RegisterActionState;
+    if (!result) {
+      return { status: "failed" };
     }
-    await createUser(validatedData.email, validatedData.password);
-    await signIn("credentials", {
-      email: validatedData.email,
-      password: validatedData.password,
-      redirect: false,
-    });
 
     return { status: "success" };
   } catch (error) {
     if (error instanceof z.ZodError) {
       return { status: "invalid_data" };
     }
 
+    const message = error instanceof Error ? error.message : "";
+    if (message.includes("already exists") || message.includes("UNIQUE")) {
+      return { status: "user_exists" };
+    }
+
     return { status: "failed" };
   }
 };

app/(auth)/login/page.tsx

@@ -2,12 +2,12 @@
 
 import Link from "next/link";
 import { useRouter } from "next/navigation";
-import { useSession } from "next-auth/react";
 import { useActionState, useEffect, useState } from "react";
 
 import { AuthForm } from "@/components/auth-form";
 import { SubmitButton } from "@/components/submit-button";
 import { toast } from "@/components/toast";
+import { useSession } from "@/lib/client";
 import { type LoginActionState, login } from "../actions";
 
 export default function Page() {
@@ -23,9 +23,9 @@ export default function Page() {
     }
   );
 
-  const { update: updateSession } = useSession();
+  const { refetch } = useSession();
 
-  // biome-ignore lint/correctness/useExhaustiveDependencies: router and updateSession are stable refs
+  // biome-ignore lint/correctness/useExhaustiveDependencies: router and refetch are stable refs
   useEffect(() => {
     if (state.status === "failed") {
       toast({
@@ -39,7 +39,7 @@ export default function Page() {
       });
     } else if (state.status === "success") {
       setIsSuccessful(true);
-      updateSession();
+      refetch();
       router.refresh();
     }
   }, [state.status]);

app/(auth)/register/page.tsx

@@ -2,11 +2,11 @@
 
 import Link from "next/link";
 import { useRouter } from "next/navigation";
-import { useSession } from "next-auth/react";
 import { useActionState, useEffect, useState } from "react";
 import { AuthForm } from "@/components/auth-form";
 import { SubmitButton } from "@/components/submit-button";
 import { toast } from "@/components/toast";
+import { useSession } from "@/lib/client";
 import { type RegisterActionState, register } from "../actions";
 
 export default function Page() {
@@ -22,9 +22,9 @@ export default function Page() {
     }
   );
 
-  const { update: updateSession } = useSession();
+  const { refetch } = useSession();
 
-  // biome-ignore lint/correctness/useExhaustiveDependencies: router and updateSession are stable refs
+  // biome-ignore lint/correctness/useExhaustiveDependencies: router and refetch are stable refs
   useEffect(() => {
     if (state.status === "user_exists") {
       toast({ type: "error", description: "Account already exists!" });
@@ -39,7 +39,7 @@ export default function Page() {
       toast({ type: "success", description: "Account created successfully!" });
 
       setIsSuccessful(true);
-      updateSession();
+      refetch();
       router.refresh();
     }
   }, [state.status]);

app/(chat)/api/auth/[...all]/route.ts

@@ -0,0 +1,4 @@
+import { toNextJsHandler } from "better-auth/next-js";
+import { auth } from "@/lib/auth";
+
+export const { GET, POST } = toNextJsHandler(auth);

app/(chat)/api/chat/route.ts

@@ -10,7 +10,6 @@ import {
 import { checkBotId } from "botid/server";
 import { after } from "next/server";
 import { createResumableStreamContext } from "resumable-stream";
-import { auth, type UserType } from "@/app/(auth)/auth";
 import { entitlementsByUserType } from "@/lib/ai/entitlements";
 import { allowedModelIds } from "@/lib/ai/models";
 import { type RequestHints, systemPrompt } from "@/lib/ai/prompts";
@@ -19,6 +18,7 @@ import { createDocument } from "@/lib/ai/tools/create-document";
 import { getWeather } from "@/lib/ai/tools/get-weather";
 import { requestSuggestions } from "@/lib/ai/tools/request-suggestions";
 import { updateDocument } from "@/lib/ai/tools/update-document";
+import { getSession, getUserType, type UserType } from "@/lib/auth";
 import { isProductionEnvironment } from "@/lib/constants";
 import {
   createStreamId,
@@ -67,7 +67,7 @@ export async function POST(request: Request) {
 
     const [, session] = await Promise.all([
       checkBotId().catch(() => null),
-      auth(),
+      getSession(),
     ]);
 
     if (!session?.user) {
@@ -80,7 +80,7 @@ export async function POST(request: Request) {
 
     await checkIpRateLimit(ipAddress(request));
 
-    const userType: UserType = session.user.type;
+    const userType: UserType = getUserType(session.user);
 
     const messageCount = await getMessageCountByUserId({
       id: session.user.id,
@@ -295,7 +295,7 @@ export async function DELETE(request: Request) {
     return new ChatbotError("bad_request:api").toResponse();
   }
 
-  const session = await auth();
+  const session = await getSession();
 
   if (!session?.user) {
     return new ChatbotError("unauthorized:chat").toResponse();

app/(chat)/api/document/route.ts

@@ -1,5 +1,5 @@
-import { auth } from "@/app/(auth)/auth";
 import type { ArtifactKind } from "@/components/artifact";
+import { getSession } from "@/lib/auth";
 import {
   deleteDocumentsByIdAfterTimestamp,
   getDocumentsById,
@@ -18,7 +18,7 @@ export async function GET(request: Request) {
     ).toResponse();
   }
 
-  const session = await auth();
+  const session = await getSession();
 
   if (!session?.user) {
     return new ChatbotError("unauthorized:document").toResponse();
@@ -50,7 +50,7 @@ export async function POST(request: Request) {
     ).toResponse();
   }
 
-  const session = await auth();
+  const session = await getSession();
 
   if (!session?.user) {
     return new ChatbotError("not_found:document").toResponse();
@@ -103,7 +103,7 @@ export async function DELETE(request: Request) {
     ).toResponse();
   }
 
-  const session = await auth();
+  const session = await getSession();
 
   if (!session?.user) {
     return new ChatbotError("unauthorized:document").toResponse();

app/(chat)/api/files/upload/route.ts

@@ -2,7 +2,7 @@ import { put } from "@vercel/blob";
 import { NextResponse } from "next/server";
 import { z } from "zod";
 
-import { auth } from "@/app/(auth)/auth";
+import { getSession } from "@/lib/auth";
 
 // Use Blob instead of File since File is not available in Node.js environment
 const FileSchema = z.object({
@@ -18,7 +18,7 @@ const FileSchema = z.object({
 });
 
 export async function POST(request: Request) {
-  const session = await auth();
+  const session = await getSession();
 
   if (!session) {
     return NextResponse.json({ error: "Unauthorized" }, { status: 401 });