Implement login functionality and enhance authentication flow: Add Login and OTP components for user authentication, integrate better-auth for session management, and update routing with authentication middleware. Refactor drizzle configuration and update dependencies in package.json and pnpm-lock.yaml for improved compatibility.

Author: Rykuno

.pnpm-store/v10/projects/9e1b7cceca46cdd071268608ba856edf

@@ -0,0 +1 @@
+../../..

apps/api/drizzle.config.ts

@@ -4,7 +4,7 @@ import { defineConfig } from 'drizzle-kit';
 
 export default defineConfig({
   dialect: 'postgresql',
-  schema: './src/databases/database.schema.ts',
+  schema: './src/databases/drizzle.schema.ts',
   out: './src/databases/migrations',
   dbCredentials: {
     url: process.env['DATABASE_URL']!,

apps/api/src/auth/better-auth.provider.ts

@@ -26,7 +26,6 @@ export const BetterAuthProvider = {
     authConfig: AuthConfig,
   ) => {
     return betterAuth({
-      experimental: { joins: true },
       database: drizzleAdapter(txHost.tx, {
         provider: 'pg',
         schema: {
@@ -38,6 +37,7 @@ export const BetterAuthProvider = {
         },
       }),
       advanced: {
+        cookiePrefix: appConfig.name,
         database: {
           generateId: false,
         },

apps/web/package.json

@@ -16,6 +16,7 @@
     "@fontsource-variable/jetbrains-mono": "^5.2.8",
     "@tailwindcss/vite": "^4.0.6",
     "@tanstack/react-devtools": "^0.7.0",
+    "@tanstack/react-form": "^1.27.7",
     "@tanstack/react-query": "^5.90.16",
     "@tanstack/react-router": "^1.132.0",
     "@tanstack/react-router-devtools": "^1.132.0",
@@ -26,6 +27,7 @@
     "better-auth": "^1.4.10",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
+    "input-otp": "^1.4.2",
     "lucide-react": "^0.562.0",
     "nitro": "latest",
     "openapi-fetch": "^0.15.0",
@@ -35,7 +37,8 @@
     "tailwind-merge": "^3.4.0",
     "tailwindcss": "^4.0.6",
     "tw-animate-css": "^1.4.0",
-    "vite-tsconfig-paths": "^5.1.4"
+    "vite-tsconfig-paths": "^5.1.4",
+    "zod": "^4.3.4"
   },
   "devDependencies": {
     "@tanstack/devtools-vite": "^0.3.11",

apps/web/src/components/container.tsx

@@ -0,0 +1,13 @@
+import { cn } from '@/lib/utils'
+
+interface ContainerProps extends React.HTMLAttributes<HTMLDivElement> {
+  children: React.ReactNode
+}
+
+export function Container({ children, className, ...props }: ContainerProps) {
+  return (
+    <div {...props} className={cn('container mx-auto px-4 md:px-6', className)}>
+      {children}
+    </div>
+  )
+}

apps/web/src/components/login-form.tsx

@@ -0,0 +1,84 @@
+import { cn } from '@/lib/utils'
+import { Button } from '@/components/ui/button'
+import {
+  Card,
+  CardContent,
+  CardDescription,
+  CardHeader,
+  CardTitle,
+} from '@/components/ui/card'
+import {
+  Field,
+  FieldError,
+  FieldGroup,
+  FieldLabel,
+} from '@/components/ui/field'
+import { Input } from '@/components/ui/input'
+import { useMutation } from '@tanstack/react-query'
+import { useForm } from '@tanstack/react-form'
+import { z } from 'zod'
+import { api } from '@/lib/api'
+
+const emailSchema = z.object({
+  email: z.email('Please enter a valid email address'),
+})
+
+interface LoginFormProps extends React.ComponentProps<'div'> {
+  onOtpSent: (email: string) => void
+}
+
+export function LoginForm({ className, onOtpSent, ...props }: LoginFormProps) {
+  const sendOtpMutation = useMutation({
+    mutationFn: async (email: string) => api.auth.sendSignInOtp(email),
+    onSuccess: (_data, email) => {
+      onOtpSent(email)
+    },
+  })
+
+  const form = useForm({
+    defaultValues: { email: '' },
+    validators: {
+      onBlur: emailSchema,
+    },
+    onSubmit: async ({ value }) => sendOtpMutation.mutateAsync(value.email),
+  })
+
+  return (
+    <div className={cn('flex flex-col gap-6', className)} {...props}>
+      <Card>
+        <CardHeader>
+          <CardTitle>Login to your account</CardTitle>
+          <CardDescription>
+            Enter your email below to login to your account
+          </CardDescription>
+        </CardHeader>
+        <CardContent>
+          <FieldGroup>
+            <form.Field name="email">
+              {(field) => (
+                <Field data-invalid={field.state.meta.errors.length > 0}>
+                  <FieldLabel htmlFor={field.name}>Email</FieldLabel>
+                  <Input
+                    id={field.name}
+                    type="email"
+                    value={field.state.value}
+                    onChange={(e) => field.handleChange(e.target.value)}
+                    onBlur={field.handleBlur}
+                    autoComplete="email"
+                  />
+                  <FieldError />
+                </Field>
+              )}
+            </form.Field>
+            <Button
+              onClick={() => form.handleSubmit()}
+              disabled={sendOtpMutation.isPending || !form.state.canSubmit}
+            >
+              {sendOtpMutation.isPending ? 'Sending...' : 'Sign in'}
+            </Button>
+          </FieldGroup>
+        </CardContent>
+      </Card>
+    </div>
+  )
+}

apps/web/src/components/login.tsx

@@ -0,0 +1,14 @@
+import { useState } from 'react'
+import { LoginForm } from './login-form'
+import { Container } from './container'
+import { OTPForm } from './otp-form'
+
+export function Login() {
+  const [email, setEmail] = useState('')
+
+  return (
+    <Container>
+      {email ? <OTPForm email={email} /> : <LoginForm onOtpSent={setEmail} />}
+    </Container>
+  )
+}

apps/web/src/components/otp-form.tsx

@@ -0,0 +1,117 @@
+import { Button } from '@/components/ui/button'
+import {
+  Card,
+  CardContent,
+  CardDescription,
+  CardHeader,
+  CardTitle,
+} from '@/components/ui/card'
+import {
+  Field,
+  FieldDescription,
+  FieldError,
+  FieldGroup,
+  FieldLabel,
+} from '@/components/ui/field'
+import {
+  InputOTP,
+  InputOTPGroup,
+  InputOTPSlot,
+} from '@/components/ui/input-otp'
+import { api } from '@/lib/api'
+import { useMutation, useQueryClient } from '@tanstack/react-query'
+import { useForm } from '@tanstack/react-form'
+import { z } from 'zod'
+import { useNavigate, useRouter } from '@tanstack/react-router'
+import { router } from 'better-auth/api'
+
+const otpSchema = z.string().length(6, 'Please enter the 6-digit code')
+
+interface OTPFormProps extends React.ComponentProps<typeof Card> {
+  email: string
+}
+
+export function OTPForm({ email, ...props }: OTPFormProps) {
+  const navigate = useNavigate()
+  const queryClient = useQueryClient()
+  const router = useRouter()
+
+  const verifyOtpMutation = useMutation({
+    mutationFn: async (otp: string) => api.auth.signInWithOtp(email, otp),
+    onSuccess: async () => {
+      await queryClient.invalidateQueries()
+      router.invalidate()
+      navigate({ to: '/' })
+    },
+  })
+
+  const form = useForm({
+    defaultValues: { otp: '' },
+    onSubmit: async ({ value }) => verifyOtpMutation.mutateAsync(value.otp),
+  })
+
+  return (
+    <Card {...props}>
+      <CardHeader>
+        <CardTitle>Enter verification code</CardTitle>
+        <CardDescription>We sent a 6-digit code to {email}.</CardDescription>
+      </CardHeader>
+      <CardContent>
+        <FieldGroup>
+          <form.Field
+            name="otp"
+            validators={{
+              onBlur: ({ value }) => {
+                const result = otpSchema.safeParse(value)
+                return result.success
+                  ? undefined
+                  : result.error.issues[0]?.message
+              },
+            }}
+          >
+            {(field) => (
+              <Field data-invalid={field.state.meta.errors.length > 0}>
+                <FieldLabel htmlFor={field.name}>Verification code</FieldLabel>
+                <InputOTP
+                  maxLength={6}
+                  id={field.name}
+                  value={field.state.value}
+                  onChange={(value) => field.handleChange(value)}
+                  onBlur={field.handleBlur}
+                >
+                  <InputOTPGroup className="gap-2.5 *:data-[slot=input-otp-slot]:rounded-md *:data-[slot=input-otp-slot]:border">
+                    <InputOTPSlot index={0} />
+                    <InputOTPSlot index={1} />
+                    <InputOTPSlot index={2} />
+                    <InputOTPSlot index={3} />
+                    <InputOTPSlot index={4} />
+                    <InputOTPSlot index={5} />
+                  </InputOTPGroup>
+                </InputOTP>
+                <FieldError
+                  errors={field.state.meta.errors.map((e) => ({
+                    message: typeof e === 'string' ? e : undefined,
+                  }))}
+                />
+                <FieldDescription>
+                  Enter the 6-digit code sent to your email.
+                </FieldDescription>
+              </Field>
+            )}
+          </form.Field>
+          <FieldGroup>
+            <Button
+              onClick={() => form.handleSubmit()}
+              disabled={verifyOtpMutation.isPending || !form.state.canSubmit}
+            >
+              {verifyOtpMutation.isPending ? 'Verifying...' : 'Verify'}
+            </Button>
+            <FieldDescription className="text-center">
+              Didn&apos;t receive the code? <a href="#">Resend</a>
+            </FieldDescription>
+          </FieldGroup>
+        </FieldGroup>
+      </CardContent>
+    </Card>
+  )
+}

apps/web/src/components/ui/input-otp.tsx

@@ -0,0 +1,85 @@
+import * as React from "react"
+import { OTPInput, OTPInputContext } from "input-otp"
+
+import { cn } from "@/lib/utils"
+import { MinusIcon } from "lucide-react"
+
+function InputOTP({
+  className,
+  containerClassName,
+  ...props
+}: React.ComponentProps<typeof OTPInput> & {
+  containerClassName?: string
+}) {
+  return (
+    <OTPInput
+      data-slot="input-otp"
+      containerClassName={cn(
+        "cn-input-otp flex items-center has-disabled:opacity-50",
+        containerClassName
+      )}
+      spellCheck={false}
+      className={cn(
+        "disabled:cursor-not-allowed",
+        className
+      )}
+      {...props}
+    />
+  )
+}
+
+function InputOTPGroup({ className, ...props }: React.ComponentProps<"div">) {
+  return (
+    <div
+      data-slot="input-otp-group"
+      className={cn("has-aria-invalid:ring-destructive/20 dark:has-aria-invalid:ring-destructive/40 has-aria-invalid:border-destructive rounded-none has-aria-invalid:ring-1 flex items-center", className)}
+      {...props}
+    />
+  )
+}
+
+function InputOTPSlot({
+  index,
+  className,
+  ...props
+}: React.ComponentProps<"div"> & {
+  index: number
+}) {
+  const inputOTPContext = React.useContext(OTPInputContext)
+  const { char, hasFakeCaret, isActive } = inputOTPContext?.slots[index] ?? {}
+
+  return (
+    <div
+      data-slot="input-otp-slot"
+      data-active={isActive}
+      className={cn(
+        "dark:bg-input/30 border-input data-[active=true]:border-ring data-[active=true]:ring-ring/50 data-[active=true]:aria-invalid:ring-destructive/20 dark:data-[active=true]:aria-invalid:ring-destructive/40 aria-invalid:border-destructive data-[active=true]:aria-invalid:border-destructive size-8 border-y border-r text-xs transition-all outline-none first:rounded-none first:border-l last:rounded-none data-[active=true]:ring-1 relative flex items-center justify-center data-[active=true]:z-10",
+        className
+      )}
+      {...props}
+    >
+      {char}
+      {hasFakeCaret && (
+        <div className="pointer-events-none absolute inset-0 flex items-center justify-center">
+          <div className="animate-caret-blink bg-foreground h-4 w-px duration-1000 bg-foreground h-4 w-px" />
+        </div>
+      )}
+    </div>
+  )
+}
+
+function InputOTPSeparator({ ...props }: React.ComponentProps<"div">) {
+  return (
+    <div
+      data-slot="input-otp-separator"
+      className="[&_svg:not([class*='size-'])]:size-4 flex items-center"
+      role="separator"
+      {...props}
+    >
+      <MinusIcon
+      />
+    </div>
+  )
+}
+
+export { InputOTP, InputOTPGroup, InputOTPSlot, InputOTPSeparator }

apps/web/src/components/ui/spinner.tsx

@@ -0,0 +1,10 @@
+import { cn } from "@/lib/utils"
+import { Loader2Icon } from "lucide-react"
+
+function Spinner({ className, ...props }: React.ComponentProps<"svg">) {
+  return (
+    <Loader2Icon role="status" aria-label="Loading" className={cn("size-4 animate-spin", className)} {...props} />
+  )
+}
+
+export { Spinner }