From 04579b075ad2976a7a91f3de9891f9170c58a131 Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Fri, 1 Aug 2025 14:19:26 -0400
Subject: [PATCH 1/4] fix: update invitation email domain configuration

- Changed the domain used in the invitation email link to utilize the NEXT_PUBLIC_BETTER_AUTH_URL environment variable for better flexibility in production environments.
- This update ensures that the correct domain is used based on the environment, improving the invitation email functionality.
---
 apps/portal/src/app/lib/auth.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/portal/src/app/lib/auth.ts b/apps/portal/src/app/lib/auth.ts
index 856762fed..4f607b5fa 100644
--- a/apps/portal/src/app/lib/auth.ts
+++ b/apps/portal/src/app/lib/auth.ts
@@ -28,7 +28,7 @@ export const auth = betterAuth({
       async sendInvitationEmail(data) {
         const isLocalhost = process.env.NODE_ENV === 'development';
         const protocol = isLocalhost ? 'http' : 'https';
-        const domain = isLocalhost ? 'localhost:3000' : 'app.trycomp.ai';
+        const domain = isLocalhost ? 'localhost:3000' : process.env.NEXT_PUBLIC_BETTER_AUTH_URL!;
         const inviteLink = `${protocol}://${domain}/invite/${data.invitation.id}`;
 
         const url = `${protocol}://${domain}/auth`;

From 591faca23485a51df7e64ff479a4a93820781b9a Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Fri, 1 Aug 2025 14:32:08 -0400
Subject: [PATCH 2/4] refactor: update CORS headers for API routes

- Modified CORS header comments for clarity, changing the description to indicate a super permissive CORS policy.
- Removed the Access-Control-Allow-Credentials header as it is no longer necessary, streamlining the CORS configuration.
---
 apps/app/next.config.ts | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/apps/app/next.config.ts b/apps/app/next.config.ts
index f58c2e0c6..fb956adba 100644
--- a/apps/app/next.config.ts
+++ b/apps/app/next.config.ts
@@ -35,7 +35,7 @@ const config: NextConfig = {
   async headers() {
     return [
       {
-        // Apply CORS headers to all API routes
+        // Super permissive CORS for all API routes
         source: '/api/:path*',
         headers: [
           {
@@ -50,13 +50,9 @@ const config: NextConfig = {
             key: 'Access-Control-Allow-Headers',
             value: 'Content-Type, Authorization, X-Requested-With, Accept, Origin, x-pathname',
           },
-          {
-            key: 'Access-Control-Allow-Credentials',
-            value: 'true',
-          },
           {
             key: 'Access-Control-Max-Age',
-            value: '86400', // 24 hours
+            value: '86400',
           },
         ],
       },

From d92a745d46c72ee45b27fc3abd51f87935b35d26 Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Fri, 1 Aug 2025 15:06:15 -0400
Subject: [PATCH 3/4] refactor: enhance logging and update trusted origins in
 auth configuration

- Added console log statements to output the NEXT_PUBLIC_BETTER_AUTH_URL environment variable for better debugging.
- Commented out local development URLs in the trustedOrigins array to prevent accidental usage in production environments.
---
 apps/app/src/utils/auth-client.ts      |  2 ++
 apps/app/src/utils/auth.ts             | 10 ++++++----
 apps/portal/src/app/lib/auth-client.ts |  2 ++
 apps/portal/src/app/lib/auth.ts        | 13 +++++++++----
 4 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/apps/app/src/utils/auth-client.ts b/apps/app/src/utils/auth-client.ts
index f2ff4725a..b79da5d06 100644
--- a/apps/app/src/utils/auth-client.ts
+++ b/apps/app/src/utils/auth-client.ts
@@ -8,6 +8,8 @@ import { createAuthClient } from 'better-auth/react';
 import { auth } from './auth';
 import { ac, allRoles } from './permissions';
 
+console.log('process.env.NEXT_PUBLIC_BETTER_AUTH_URL', process.env.NEXT_PUBLIC_BETTER_AUTH_URL);
+
 export const authClient = createAuthClient({
   baseURL: process.env.NEXT_PUBLIC_BETTER_AUTH_URL,
   plugins: [
diff --git a/apps/app/src/utils/auth.ts b/apps/app/src/utils/auth.ts
index 0a4fa825f..558d6cdac 100644
--- a/apps/app/src/utils/auth.ts
+++ b/apps/app/src/utils/auth.ts
@@ -41,17 +41,19 @@ if (env.AUTH_GITHUB_ID && env.AUTH_GITHUB_SECRET) {
   };
 }
 
+console.log('process.env.BETTER_AUTH_URL', process.env.BETTER_AUTH_URL);
+
 export const auth = betterAuth({
   database: prismaAdapter(db, {
     provider: 'postgresql',
   }),
   baseURL: process.env.BETTER_AUTH_URL,
   trustedOrigins: [
-    'http://localhost:3000',
+    // 'http://localhost:3000',
     'https://app.trycomp.ai',
-    'https://app.staging.trycomp.ai',
-    'https://portal.trycomp.ai',
-    'https://portal.staging.trycomp.ai',
+    // 'https://app.staging.trycomp.ai',
+    // 'https://portal.trycomp.ai',
+    // 'https://portal.staging.trycomp.ai',
   ],
   emailAndPassword: {
     enabled: true,
diff --git a/apps/portal/src/app/lib/auth-client.ts b/apps/portal/src/app/lib/auth-client.ts
index 9ed8407be..9bdbc9b1c 100644
--- a/apps/portal/src/app/lib/auth-client.ts
+++ b/apps/portal/src/app/lib/auth-client.ts
@@ -6,6 +6,8 @@ import {
 import { createAuthClient } from 'better-auth/react';
 import { auth } from './auth';
 
+console.log('process.env.NEXT_PUBLIC_BETTER_AUTH_URL', process.env.NEXT_PUBLIC_BETTER_AUTH_URL);
+
 export const authClient = createAuthClient({
   baseURL: process.env.NEXT_PUBLIC_BETTER_AUTH_URL,
   plugins: [organizationClient(), inferAdditionalFields<typeof auth>(), emailOTPClient()],
diff --git a/apps/portal/src/app/lib/auth.ts b/apps/portal/src/app/lib/auth.ts
index 4f607b5fa..691803324 100644
--- a/apps/portal/src/app/lib/auth.ts
+++ b/apps/portal/src/app/lib/auth.ts
@@ -16,16 +16,21 @@ export const auth = betterAuth({
     generateId: false,
   },
   trustedOrigins: [
-    'http://localhost:3000',
+    // 'http://localhost:3000',
     'https://app.trycomp.ai',
-    'https://app.staging.trycomp.ai',
-    'https://portal.trycomp.ai',
-    'https://portal.staging.trycomp.ai',
+    // 'https://app.staging.trycomp.ai',
+    // 'https://portal.trycomp.ai',
+    // 'https://portal.staging.trycomp.ai',
   ],
   secret: process.env.AUTH_SECRET!,
   plugins: [
     organization({
       async sendInvitationEmail(data) {
+        console.log(
+          'process.env.NEXT_PUBLIC_BETTER_AUTH_URL',
+          process.env.NEXT_PUBLIC_BETTER_AUTH_URL,
+        );
+
         const isLocalhost = process.env.NODE_ENV === 'development';
         const protocol = isLocalhost ? 'http' : 'https';
         const domain = isLocalhost ? 'localhost:3000' : process.env.NEXT_PUBLIC_BETTER_AUTH_URL!;

From 99fffad46c012b6967c12df6c0ddf35faefc7059 Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Fri, 1 Aug 2025 15:07:09 -0400
Subject: [PATCH 4/4] feat: add Husky hooks for commit message validation and
 pre-push checks

- Introduced a commit-msg hook to enforce commit message linting using commitlint.
- Added a pre-commit hook to check for dependency mismatches and prompt for fixes if necessary.
- Implemented a pre-push hook to validate branch naming conventions and run linting and type checking before pushing changes.
---
 .husky/{ => backup}/commit-msg | 0
 .husky/{ => backup}/pre-commit | 0
 .husky/{ => backup}/pre-push   | 0
 3 files changed, 0 insertions(+), 0 deletions(-)
 rename .husky/{ => backup}/commit-msg (100%)
 rename .husky/{ => backup}/pre-commit (100%)
 rename .husky/{ => backup}/pre-push (100%)

diff --git a/.husky/commit-msg b/.husky/backup/commit-msg
similarity index 100%
rename from .husky/commit-msg
rename to .husky/backup/commit-msg
diff --git a/.husky/pre-commit b/.husky/backup/pre-commit
similarity index 100%
rename from .husky/pre-commit
rename to .husky/backup/pre-commit
diff --git a/.husky/pre-push b/.husky/backup/pre-push
similarity index 100%
rename from .husky/pre-push
rename to .husky/backup/pre-push