fix: read cloudflare-style envs

server/authjs-handler.ts

@@ -8,14 +8,13 @@ import {
 import GoogleProvider from "@auth/core/providers/google";
 import type { Session } from "@auth/core/types";
 // TODO: stop using universal-middleware and directly integrate server middlewares instead and/or use vike-server https://vike.dev/server. (Bati generates boilerplates that use universal-middleware https://github.com/magne4000/universal-middleware to make Bati's internal logic easier. This is temporary and will be removed soon.)
-import type {
+import {
-  Get,
+  type Get,
-  UniversalHandler,
+  type UniversalHandler,
-  UniversalMiddleware,
+  type UniversalMiddleware,
+  env as getEnv,
 } from "@universal-middleware/core";
-import { env } from "./env.js";
 import { getDbClient } from "../database/index.js";
-import { JWT } from "@auth/core/jwt";
 
 if (!globalThis.crypto) {
   /**
@@ -30,7 +29,8 @@ if (!globalThis.crypto) {
   });
 }
 
-const authjsConfig = {
+const authjsConfig = (env: Record<string, string>) =>
+  ({
     basePath: "/api/auth",
     // trustHost: Boolean(
     //   env.AUTH_TRUST_HOST ?? env.VERCEL ?? env.NODE_ENV !== "production"
@@ -136,7 +136,7 @@ const authjsConfig = {
         };
       },
     },
-} satisfies Omit<AuthConfig, "raw">;
+  } satisfies Omit<AuthConfig, "raw">);
 
 /**
  * Retrieve Auth.js session from Request
@@ -174,11 +174,15 @@ export async function getSession(
  * @link {@see https://authjs.dev/getting-started/session-management/get-session}
  **/
 export const authjsSessionMiddleware: Get<[], UniversalMiddleware> =
-  () => async (request, context) => {
+  () => async (request, context, runtime) => {
+    const env = getEnv(runtime);
     try {
       return {
         ...context,
-        session: await getSession(request, authjsConfig),
+        session: await getSession(
+          request,
+          authjsConfig(env as Record<string, string>)
+        ),
       };
     } catch (error) {
       console.debug("authjsSessionMiddleware:", error);
@@ -193,6 +197,7 @@ export const authjsSessionMiddleware: Get<[], UniversalMiddleware> =
  * Auth.js route
  * @link {@see https://authjs.dev/getting-started/installation}
  **/
-export const authjsHandler = (() => async (request) => {
+export const authjsHandler = (() => async (request, context, runtime) => {
-  return Auth(request, authjsConfig);
+  const env = getEnv(runtime);
+  return Auth(request, authjsConfig(env as Record<string, string>));
 }) satisfies Get<[], UniversalHandler>;

server/trpc-handler.ts

@@ -27,7 +27,7 @@ export const trpcHandler = ((endpoint) => (request, context, runtime) => {
       );
       const jwt = await getToken({
         req,
-        secret: processEnv.AUTHJS_SECRET,
+        secret: (env.AUTHJS_SECRET || processEnv.AUTHJS_SECRET) as string,
         /** Needed to specify cookie name because for some reason in production
          * it wasn't reading the correct cookie but in development it was. It
          * was not straightforward to fix the name of the cookie in