# MystBin ! - auth/config.ts import { db } from "~/server/db"; import { account, rateLimit, session, user, verification, } from "~/server/db/schema"; import { api } from "~/trpc/server"; import { type BetterAuthOptions } from "better-auth"; import { drizzleAdapter } from "better-auth/adapters/drizzle"; import { nextCookies } from "better-auth/next-js"; export const authConfig = { appName: "kapil-jewels", advanced: { generateId: false, }, database: drizzleAdapter(db, { provider: "pg", schema: { user, account, session, verification, rateLimit, }, }), emailVerification: { expiresIn: 60 * 10, sendOnSignUp: true, async sendVerificationEmail({ url, user: { email } }) { await api.resend.verify({ email, url }); }, }, emailAndPassword: { enabled: true, autoSignIn: false, requireEmailVerification: true, resetPasswordTokenExpiresIn: 60 * 10, async sendResetPassword(data) { await api.resend.resetPassword({ email: data.user.email, url: data.url }); }, }, rateLimit: { enabled: true, storage: "database", window: 60, max: 2, }, session: { expiresIn: 30 * 24 * 60 * 60, updateAge: 15 * 24 * 60 * 60, cookieCache: { enabled: true, maxAge: 60 * 10, }, }, plugins: [nextCookies()], } satisfies BetterAuthOptions; # MystBin ! - auth/index.ts import { betterAuth } from "better-auth"; import { cache } from "react"; import { authConfig } from "./config"; const { handler, api: { getSession: uncachedGetSession, signInEmail, signOut, signUpEmail, changePassword, setPassword, resetPassword, forgetPassword, }, } = betterAuth(authConfig); const getSession = cache(uncachedGetSession); export { handler, getSession, changePassword, setPassword, resetPassword, forgetPassword, signInEmail, signOut, signUpEmail, }; # MystBin ! - server/api/trpc.ts /** * YOU PROBABLY DON'T NEED TO EDIT THIS FILE, UNLESS: * 1. You want to modify request context (see Part 1). * 2. You want to create a new middleware or type of procedure (see Part 3). * * TL;DR - This is where all the tRPC server stuff is created and plugged in. The pieces you will * need to use are documented accordingly near the end. */ import { initTRPC, TRPCError } from "@trpc/server"; import { getSession } from "~/server/auth"; import { db } from "~/server/db"; import superjson from "superjson"; import { ZodError } from "zod"; /** * 1. CONTEXT * * This section defines the "contexts" that are available in the backend API. * * These allow you to access things when processing a request, like the database, the session, etc. * * This helper generates the "internals" for a tRPC context. The API handler and RSC clients each * wrap this and provides the required context. * * @see https://trpc.io/docs/server/context */ export const createTRPCContext = async (opts: { headers: Headers }) => { const session = await getSession({ headers: opts.headers, }); return { db, session, ...opts, }; }; /** * 2. INITIALIZATION * * This is where the tRPC API is initialized, connecting the context and transformer. We also parse * ZodErrors so that you get typesafety on the frontend if your procedure fails due to validation * errors on the backend. */ const t = initTRPC.context().create({ transformer: superjson, errorFormatter({ shape, error }) { return { ...shape, data: { ...shape.data, zodError: error.cause instanceof ZodError ? error.cause.flatten() : null, }, }; }, }); /** * Create a server-side caller. * * @see https://trpc.io/docs/server/server-side-calls */ export const createCallerFactory = t.createCallerFactory; /** * 3. ROUTER & PROCEDURE (THE IMPORTANT BIT) * * These are the pieces you use to build your tRPC API. You should import these a lot in the * "/src/server/api/routers" directory. */ /** * This is how you create new routers and sub-routers in your tRPC API. * * @see https://trpc.io/docs/router */ export const createTRPCRouter = t.router; /** * Middleware for timing procedure execution and adding an artificial delay in development. * * You can remove this if you don't like it, but it can help catch unwanted waterfalls by simulating * network latency that would occur in production but not in local development. */ const timingMiddleware = t.middleware(async ({ next, path }) => { const start = Date.now(); if (t._config.isDev) { // artificial delay in dev const waitMs = Math.floor(Math.random() * 400) + 100; await new Promise((resolve) => setTimeout(resolve, waitMs)); } const result = await next(); const end = Date.now(); console.log(`[TRPC] ${path} took ${end - start}ms to execute`); return result; }); /** * Public (unauthenticated) procedure * * This is the base piece you use to build new queries and mutations on your tRPC API. It does not * guarantee that a user querying is authorized, but you can still access user session data if they * are logged in. */ export const publicProcedure = t.procedure.use(timingMiddleware); /** * Protected (authenticated) procedure * * If you want a query or mutation to ONLY be accessible to logged in users, use this. It verifies * the session is valid and guarantees `ctx.session.user` is not null. * * @see https://trpc.io/docs/procedures */ export const protectedProcedure = t.procedure .use(timingMiddleware) .use(({ ctx, next }) => { if (!ctx.session?.user) { throw new TRPCError({ code: "UNAUTHORIZED" }); } return next({ ctx: { // infers the `session` as non-nullable session: { ...ctx.session, user: ctx.session.user }, }, }); }); # MystBin ! - api/routers/resend.ts import { ResetPasswordMail } from "~/app/_components/mails/reset-password"; import { VerifyMail } from "~/app/_components/mails/verify"; import { env } from "~/env"; import { Resend } from "resend"; import { z } from "zod"; import { createTRPCRouter, publicProcedure } from "../trpc"; const resend = new Resend(env.RESEND_API_KEY); const from = `Kapil Jewels `; export const resendRouter = createTRPCRouter({ resetPassword: publicProcedure .input(z.object({ email: z.string().email(), url: z.string().url() })) .mutation(async ({ input: { email: to, url } }) => { await resend.emails.send({ from, to, subject: "Reset your password", react: ResetPasswordMail({ url }), }); }), verify: publicProcedure .input(z.object({ email: z.string().email(), url: z.string() })) .mutation(async ({ input: { email: to, url } }) => { await resend.emails.send({ from, to, subject: "Verify your email", react: VerifyMail({ url }), }); }), });