feat(auth): configure trustedOrigins for CSRF protection

Add trustedOrigins to better-auth config to ensure proper origin validation behind reverse proxy.
2026-04-06 23:18:20 -04:00
parent ece03a9124
commit 4c6f880a3f
1 changed files with 1 additions and 0 deletions
--- a/src/auth.ts
+++ b/src/auth.ts
@@ -24,6 +24,7 @@ if (!process.env.AUTH_AUTHENTIK_ISSUER) {
 export const auth = betterAuth({
  secret: process.env.BETTER_AUTH_SECRET,
 	baseURL: process.env.BETTER_AUTH_URL,
 	trustedOrigins: [process.env.BETTER_AUTH_URL],
 	database: drizzleAdapter(db, {
 		provider: "pg",
 		schema,