This release migrates the authentication system from Auth.js to better-auth, providing a more robust and feature-rich authentication solution.
Key Changes:
- Migrated to better-auth v1.3.34
- Updated environment variable from JWT_SECRET to AUTH_SECRET
- Enhanced authentication middleware with JWT support
- Added comprehensive auth endpoints (login, logout, status, profile, admin)
- Improved security with HTTP-only cookies and Bearer token support
- Role-based access control examples
New Features:
- better-auth integration through @morojs/moro
- Cookie-based and Bearer token authentication
- JWT token management with configurable expiry
- Enhanced authentication middleware
Dependencies:
- better-auth: ^1.3.34
- bcryptjs: ^2.4.3
- jsonwebtoken: ^9.0.2
Breaking Changes:
- AUTH_SECRET environment variable replaces JWT_SECRET