old4ever/local-cal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): configure trustedOrigins for CSRF protection

Browse Source 
Add trustedOrigins to better-auth config to ensure proper origin
validation behind reverse proxy.
This commit is contained in:
Dmytro Stanchiev
2026-04-06 23:18:20 -04:00
parent ece03a9124
commit 4c6f880a3f
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/auth.ts
View File

@@ -24,6 +24,7 @@ if (!process.env.AUTH_AUTHENTIK_ISSUER) {
export const auth = betterAuth({
secret: process.env.BETTER_AUTH_SECRET,
baseURL: process.env.BETTER_AUTH_URL,
trustedOrigins: [process.env.BETTER_AUTH_URL],
database: drizzleAdapter(db, {
provider: "pg",
schema,