feat(server): enable email/password auth (+ login docs)#93
Merged
Conversation
Mounts @objectstack/plugin-auth at /api/v1/auth/* (the base path the
mobile authClient already targets), so sign-in/sign-up actually work
against the local server.
- AuthPlugin with emailAndPassword enabled, identity tables on the
`default` datasource, OS_AUTH_SECRET (dev fallback), trustedOrigins for
the local web origin.
- README documents auth, that `pnpm dev` auto-provisions the SQLite
datasource that backs identity + data (serve has none by default), and
the better-sqlite3 native-build gotcha.
Verified the full chain locally: sign-up/sign-in → 200 + session cookie,
authenticated server_item create (201) + query, and the AI Assistant
answering over real data with the session ("There are 2 server items:
Widget A, Gadget B"). This confirms the mobile login + data + AI flow
end to end once a user is signed in.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Mounts
@objectstack/plugin-authat/api/v1/auth/*— the base path the mobileauthClientalready targets — so sign-in / sign-up actually work against the local server (previously every/api/v1/auth/*route 404'd).AuthPluginwithemailAndPasswordenabled, identity tables on thedefaultdatasource,OS_AUTH_SECRET(dev fallback for local),trustedOriginsfor the local web origin.pnpm devauto-provisions the SQLite datasource backing identity + data (servehas none by default), and thebetter-sqlite3native-build gotcha (pnpm rebuild better-sqlite3if the binding is missing).Verified end-to-end (local)
sign-up/sign-in→ 200 +better-auth.session_tokencookie.server_itemcreate → 201, query returns the rows.This closes the loop on the mobile login → data → AI flow: once a user is signed in, the assistant queries their real records (the app carries the session via
apiFetch).Notes
better-sqlite3binding (the recurring pnpm build-script gate), not the auth config.OS_AUTH_SECRETin any real deploy.🤖 Generated with Claude Code