manifest
Version:
Self-hosted Manifest LLM router with embedded server, SQLite database, and dashboard
121 lines • 5.23 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.auth = void 0;
const better_auth_1 = require("better-auth");
const render_1 = require("@react-email/render");
const verify_email_1 = require("../notifications/emails/verify-email");
const reset_password_1 = require("../notifications/emails/reset-password");
const send_email_1 = require("../notifications/services/email-providers/send-email");
const local_mode_constants_1 = require("../common/constants/local-mode.constants");
const isLocalMode = process.env['MANIFEST_MODE'] === 'local';
const port = process.env['PORT'] ?? '3001';
const isDev = (process.env['NODE_ENV'] ?? '') !== 'production';
const hasEmailProvider = !!(process.env['MAILGUN_API_KEY'] && process.env['MAILGUN_DOMAIN']);
function createDatabaseConnection() {
if (isLocalMode) {
return null;
}
const { Pool } = require('pg');
const databaseUrl = process.env['DATABASE_URL'] ?? 'postgresql://myuser:mypassword@localhost:5432/mydatabase';
return new Pool({ connectionString: databaseUrl });
}
const database = createDatabaseConnection();
const betterAuthSecret = process.env['BETTER_AUTH_SECRET'] ?? '';
const nodeEnv = process.env['NODE_ENV'] ?? '';
if (!isLocalMode && nodeEnv !== 'test' && (!betterAuthSecret || betterAuthSecret.length < 32)) {
throw new Error('BETTER_AUTH_SECRET must be set to a value of at least 32 characters');
}
function buildTrustedOrigins() {
const origins = [];
if (process.env['BETTER_AUTH_URL']) {
origins.push(process.env['BETTER_AUTH_URL']);
}
if (process.env['CORS_ORIGIN']) {
origins.push(process.env['CORS_ORIGIN']);
}
if (isDev || isLocalMode) {
origins.push(`http://localhost:3000`, `http://localhost:${port}`);
}
if (isLocalMode) {
origins.push(`http://127.0.0.1:${port}`, `http://127.0.0.1:3000`);
}
if (process.env['FRONTEND_PORT']) {
origins.push(`http://localhost:${process.env['FRONTEND_PORT']}`);
}
return origins;
}
const authInstance = isLocalMode
? null
: (0, better_auth_1.betterAuth)({
database: database,
baseURL: process.env['BETTER_AUTH_URL'] ?? `http://localhost:${port}`,
basePath: '/api/auth',
secret: betterAuthSecret || (0, local_mode_constants_1.getLocalAuthSecret)(),
logger: { level: 'debug' },
telemetry: { enabled: false },
account: {
accountLinking: {
enabled: true,
trustedProviders: ['google', 'github', 'discord'],
},
},
emailAndPassword: {
enabled: true,
minPasswordLength: 8,
requireEmailVerification: !isDev && !isLocalMode && hasEmailProvider,
sendResetPassword: async ({ user, url }) => {
const element = (0, reset_password_1.ResetPasswordEmail)({
userName: user.name,
resetUrl: url,
});
const html = await (0, render_1.render)(element);
const text = await (0, render_1.render)(element, { plainText: true });
void (0, send_email_1.sendEmail)({
to: user.email,
subject: 'Reset your password',
html,
text,
});
},
},
emailVerification: {
sendOnSignUp: !isLocalMode && hasEmailProvider,
autoSignInAfterVerification: true,
sendVerificationEmail: async ({ user, url }) => {
const element = (0, verify_email_1.VerifyEmailEmail)({
userName: user.name,
verificationUrl: url,
});
const html = await (0, render_1.render)(element);
const text = await (0, render_1.render)(element, { plainText: true });
void (0, send_email_1.sendEmail)({
to: user.email,
subject: 'Verify your email address',
html,
text,
});
},
},
socialProviders: {
google: {
clientId: process.env['GOOGLE_CLIENT_ID'] ?? '',
clientSecret: process.env['GOOGLE_CLIENT_SECRET'] ?? '',
enabled: !!(process.env['GOOGLE_CLIENT_ID'] && process.env['GOOGLE_CLIENT_SECRET']),
},
github: {
clientId: process.env['GITHUB_CLIENT_ID'] ?? '',
clientSecret: process.env['GITHUB_CLIENT_SECRET'] ?? '',
enabled: !!(process.env['GITHUB_CLIENT_ID'] && process.env['GITHUB_CLIENT_SECRET']),
scope: ['user:email'],
},
discord: {
clientId: process.env['DISCORD_CLIENT_ID'] ?? '',
clientSecret: process.env['DISCORD_CLIENT_SECRET'] ?? '',
enabled: !!(process.env['DISCORD_CLIENT_ID'] && process.env['DISCORD_CLIENT_SECRET']),
scope: ['identify', 'email'],
},
},
trustedOrigins: buildTrustedOrigins(),
});
exports.auth = authInstance;
//# sourceMappingURL=auth.instance.js.map