Replace GOOGLE_REDIRECT_URI

Author: Choollol

.github/workflows/deploy_production.yml

@@ -19,11 +19,10 @@ env:
     ANTEATER_API_KEY: ${{ secrets.ANTEATER_API_KEY }}
     OIDC_CLIENT_ID: ${{ secrets.OIDC_CLIENT_ID }}
     OIDC_ISSUER_URL: ${{ secrets.OIDC_ISSUER_URL }}
-    GOOGLE_REDIRECT_URI: ${{ secrets.GOOGLE_REDIRECT_URI }}
     NEXT_PUBLIC_PUBLIC_POSTHOG_KEY: ${{ secrets.NEXT_PUBLIC_PUBLIC_POSTHOG_KEY }}
     PLANNER_CLIENT_API_KEY: ${{ secrets.PLANNER_CLIENT_API_KEY }}
-    BETTER_AUTH_SECRET: ${{ secrets.BETTER_AUTH_SECRET }}
     BETTER_AUTH_URL: ${{ secrets.BETTER_AUTH_URL }}
+    BETTER_AUTH_SECRET: ${{ secrets.BETTER_AUTH_SECRET }}
 
 jobs:
     deploy-production:

.github/workflows/deploy_staging.yml

@@ -21,11 +21,10 @@ env:
     ANTEATER_API_KEY: ${{ secrets.ANTEATER_API_KEY }}
     OIDC_CLIENT_ID: ${{ secrets.OIDC_CLIENT_ID }}
     OIDC_ISSUER_URL: ${{ secrets.OIDC_ISSUER_URL }}
-    GOOGLE_REDIRECT_URI: ${{ secrets.GOOGLE_REDIRECT_URI }}
     NEXT_PUBLIC_PUBLIC_POSTHOG_KEY: ${{ secrets.NEXT_PUBLIC_PUBLIC_POSTHOG_KEY }}
     PLANNER_CLIENT_API_KEY: ${{ secrets.PLANNER_CLIENT_API_KEY }}
-    BETTER_AUTH_SECRET: ${{ secrets.BETTER_AUTH_SECRET }}
     BETTER_AUTH_URL: ${{ secrets.BETTER_AUTH_URL }}
+    BETTER_AUTH_SECRET: ${{ secrets.BETTER_AUTH_SECRET }}
 
 jobs:
     deploy-staging:

.github/workflows/deploy_staging_shared.yml

@@ -17,11 +17,10 @@ env:
     ANTEATER_API_KEY: ${{ secrets.ANTEATER_API_KEY }}
     OIDC_CLIENT_ID: ${{ secrets.OIDC_CLIENT_ID }}
     OIDC_ISSUER_URL: ${{ secrets.OIDC_ISSUER_URL }}
-    GOOGLE_REDIRECT_URI: ${{ secrets.GOOGLE_REDIRECT_URI }}
     PLANNER_CLIENT_API_KEY: ${{ secrets.PLANNER_CLIENT_API_KEY }}
     NEXT_PUBLIC_PUBLIC_POSTHOG_KEY: ${{ secrets.NEXT_PUBLIC_PUBLIC_POSTHOG_KEY }}
-    BETTER_AUTH_SECRET: ${{ secrets.BETTER_AUTH_SECRET }}
     BETTER_AUTH_URL: ${{ secrets.BETTER_AUTH_URL }}
+    BETTER_AUTH_SECRET: ${{ secrets.BETTER_AUTH_SECRET }}
 
 jobs:
     deploy-staging-shared:

.github/workflows/destroy_staging.yml

@@ -19,10 +19,9 @@ env:
     ANTEATER_API_KEY: ${{ secrets.ANTEATER_API_KEY }}
     OIDC_CLIENT_ID: ${{ secrets.OIDC_CLIENT_ID }}
     OIDC_ISSUER_URL: ${{ secrets.OIDC_ISSUER_URL }}
-    GOOGLE_REDIRECT_URI: ${{ secrets.GOOGLE_REDIRECT_URI }}
     PLANNER_CLIENT_API_KEY: ${{ secrets.PLANNER_CLIENT_API_KEY }}
-    BETTER_AUTH_SECRET: ${{ secrets.BETTER_AUTH_SECRET }}
     BETTER_AUTH_URL: ${{ secrets.BETTER_AUTH_URL }}
+    BETTER_AUTH_SECRET: ${{ secrets.BETTER_AUTH_SECRET }}
 
 jobs:
     delete-staging:

README.md

@@ -4,10 +4,10 @@
 
 AntAlmanac is a schedule planner website for classes at UC Irvine. These are some of its features:
 
--   **_Search bar_** to easily find classes by department (e.g COMPSCI), section code (e.g. 36040), and keywords (e.g. artificial intelligence).
--   **_Integrated calendar_** to preview class times.
--   **_Quick links_** to professor reviews, prerequisites, grade distributions, and past enrollment data.
--   **_Interactive map_** with markers for your class locations.
+- **_Search bar_** to easily find classes by department (e.g COMPSCI), section code (e.g. 36040), and keywords (e.g. artificial intelligence).
+- **_Integrated calendar_** to preview class times.
+- **_Quick links_** to professor reviews, prerequisites, grade distributions, and past enrollment data.
+- **_Interactive map_** with markers for your class locations.
 
 ![project screenshot](https://github.com/user-attachments/assets/e1f8d3ce-8188-41ab-817a-850e51e6bd1a)
 
@@ -18,26 +18,26 @@ A summary of the libraries we use are listed below.
 
 ### Frontend
 
--   [Next.js](https://nextjs.org) - React framework with server-side rendering.
--   [MUI](https://mui.com) - React UI library.
--   [React Big Calendar](https://github.com/jquense/react-big-calendar) - React calendar component.
--   [Recharts](https://recharts.org/en-US) - React chart component.
--   [Leaflet](https://leafletjs.com) - Interactive JS maps.
--   [Zustand](https://docs.pmnd.rs/zustand/getting-started/introduction) - State management.
+- [Next.js](https://nextjs.org) - React framework with server-side rendering.
+- [MUI](https://mui.com) - React UI library.
+- [React Big Calendar](https://github.com/jquense/react-big-calendar) - React calendar component.
+- [Recharts](https://recharts.org/en-US) - React chart component.
+- [Leaflet](https://leafletjs.com) - Interactive JS maps.
+- [Zustand](https://docs.pmnd.rs/zustand/getting-started/introduction) - State management.
 
 ### Backend
 
--   [tRPC](https://trpc.io) - type-safe API access layer for the AntAlmanac API.
--   [Anteater API](https://docs.icssc.club/docs/about/anteaterapi) - API maintained by ICSSC for retrieving UCI data.
--   [Drizzle ORM](https://orm.drizzle.team/) - [high-performance](https://orm.drizzle.team/benchmarks) type-safe SQL-like access layer compatible with all major SQL dialects.
--   [PostgreSQL](https://www.postgresql.org) - Relational database for storing user data and schedules.
+- [tRPC](https://trpc.io) - type-safe API access layer for the AntAlmanac API.
+- [Anteater API](https://docs.icssc.club/docs/about/anteaterapi) - API maintained by ICSSC for retrieving UCI data.
+- [Drizzle ORM](https://orm.drizzle.team/) - [high-performance](https://orm.drizzle.team/benchmarks) type-safe SQL-like access layer compatible with all major SQL dialects.
+- [PostgreSQL](https://www.postgresql.org) - Relational database for storing user data and schedules.
 
 ### Tooling
 
--   [SST](https://sst.dev) - Infrastructure as code framework for AWS deployment.
--   [Docker](https://www.docker.com) - Containerization for local database development.
--   [Vitest](https://vitest.dev) - Test runner.
--   [TypeScript](https://www.typescriptlang.org) - JavaScript with type-checking.
+- [SST](https://sst.dev) - Infrastructure as code framework for AWS deployment.
+- [Docker](https://www.docker.com) - Containerization for local database development.
+- [Vitest](https://vitest.dev) - Test runner.
+- [TypeScript](https://www.typescriptlang.org) - JavaScript with type-checking.
 
 ## History
 
@@ -98,7 +98,6 @@ If you ever need help, feel free to ask around on our [Discord server](https://d
    This is best done with a version manager that allows you to easily switch between
    Node.js versions based on the requirements of different projects.
    Try using any of the following.
-
     - [nvm](https://github.com/nvm-sh/nvm) - Node-Version-Manager.
     - [fnm](https://github.com/Schniz/fnm) - Fast-Node-Manager.
     - [nvm-windows](https://github.com/coreybutler/nvm-windows)
@@ -165,26 +164,26 @@ If you ever need help, feel free to ask around on our [Discord server](https://d
 
 ### Additional Commands
 
--   **Database Studio**: Open Drizzle Studio to view and manage your local database.
+- **Database Studio**: Open Drizzle Studio to view and manage your local database.
 
     ```bash
     pnpm db:studio
     ```
 
--   **Generate Database Migrations**: After modifying the database schema, generate a new migration.
+- **Generate Database Migrations**: After modifying the database schema, generate a new migration.
 
     ```bash
     pnpm db:generate
     ```
 
--   **Run Tests**: Execute the test suite.
+- **Run Tests**: Execute the test suite.
     ```bash
     pnpm test
     ```
 
 ### Notes
 
--   For more detailed information, see the [frontend README](/apps/antalmanac/README.md).
+- For more detailed information, see the [frontend README](/apps/antalmanac/README.md).
 
 ## Testing
 
@@ -196,8 +195,8 @@ AntAlmanac is deployed to AWS using [SST (Serverless Stack)](https://sst.dev). T
 
 ### Deployment Environments
 
--   **Production**: Deployed to `sst.antalmanac.com`
--   **Staging**: Deployed to `staging-{PR_NUMBER}.antalmanac.com` for pull request previews
+- **Production**: Deployed to `sst.antalmanac.com`
+- **Staging**: Deployed to `staging-{PR_NUMBER}.antalmanac.com` for pull request previews
 
 ### Deploying to Production
 
@@ -219,13 +218,14 @@ This command runs `sst deploy --stage production` which:
 
 The following environment variables are required for deployment and should be configured in your AWS environment or CI/CD pipeline:
 
--   `DB_URL` - Database connection string 
--   `MAPBOX_ACCESS_TOKEN` - Mapbox API token for map features
--   `NEXT_PUBLIC_TILES_ENDPOINT` - Endpoint for map tiles
--   `ANTEATER_API_KEY` - API key for Anteater API
--   `OIDC_CLIENT_ID` - OAuth client ID for Google authentication
--   `OIDC_ISSUER_URL` - OAuth issuer URL
--   `GOOGLE_REDIRECT_URI` - OAuth redirect URI (automatically set based on stage)
+- `DB_URL` - Database connection string
+- `MAPBOX_ACCESS_TOKEN` - Mapbox API token for map features
+- `NEXT_PUBLIC_TILES_ENDPOINT` - Endpoint for map tiles
+- `ANTEATER_API_KEY` - API key for Anteater API
+- `OIDC_CLIENT_ID` - OAuth client ID for Google authentication
+- `OIDC_ISSUER_URL` - OAuth issuer URL
+- `BETTER_AUTH_URL` - URL used for OAuth (automatically set based on stage)
+- `BETTER_AUTH_SECRET` - OAuth secret key, you can generate one [here](https://better-auth.com/docs/installation#set-environment-variables)
 
 # Troubleshooting
 
@@ -237,9 +237,9 @@ into a globally accessible location like `/bin`, which needs admin permissions t
 The best way to resolve this is to install Node via any version manager to properly handle
 these sorts of permissions. Here are the different version managers again.
 
--   [nvm](https://github.com/nvm-sh/nvm) - Node-Version-Manager.
--   [fnm](https://github.com/Schniz/fnm) - Fast-Node-Manager.
--   [nvm-windows](https://github.com/coreybutler/nvm-windows)
+- [nvm](https://github.com/nvm-sh/nvm) - Node-Version-Manager.
+- [fnm](https://github.com/Schniz/fnm) - Fast-Node-Manager.
+- [nvm-windows](https://github.com/coreybutler/nvm-windows)
 
 A more convenient, but less secure way to resolve this is to run the command with admin privileges, e.g with `sudo`.
 

apps/antalmanac/.env.example

@@ -4,6 +4,5 @@ ANTEATER_API_KEY=
 DB_URL="postgres://postgres:postgres@localhost:5432/antalmanac"
 OIDC_CLIENT_ID=antalmanac-dev
 OIDC_ISSUER_URL=https://auth.icssc.club
-GOOGLE_REDIRECT_URI=http://localhost:3000/auth
-BETTER_AUTH_SECRET=
 BETTER_AUTH_URL=http://localhost:3000
+BETTER_AUTH_SECRET=

apps/antalmanac/src/backend/env.ts

@@ -9,13 +9,6 @@ dotenv.config();
 export const oidcOAuthEnvSchema = z.object({
     OIDC_CLIENT_ID: z.string(),
     OIDC_ISSUER_URL: z.string(),
-    GOOGLE_REDIRECT_URI: z.string(),
-});
-
-/**
- * Environment variables required for better-auth
- */
-export const betterAuthEnvSchema = z.object({
     BETTER_AUTH_SECRET: z.string(),
     BETTER_AUTH_URL: z.string(),
 });
@@ -63,7 +56,6 @@ export const backendEnvSchema = z
     .object({})
     .merge(stagingEnvSchema)
     .merge(oidcOAuthEnvSchema)
-    .merge(betterAuthEnvSchema)
     .merge(rdsEnvSchema)
     .merge(mapboxEnvSchema)
     .merge(aapiEnvSchema)

apps/antalmanac/src/backend/routers/userData.ts

@@ -6,7 +6,7 @@ import { db } from '@packages/db';
 import { TRPCError } from '@trpc/server';
 import { z } from 'zod';
 
-const { OIDC_ISSUER_URL, GOOGLE_REDIRECT_URI } = oidcOAuthEnvSchema.parse(process.env);
+const { OIDC_ISSUER_URL, BETTER_AUTH_URL } = oidcOAuthEnvSchema.parse(process.env);
 
 const userDataRouter = router({
     getUserAndAccount: protectedProcedure.query(async ({ ctx }) => {
@@ -74,7 +74,7 @@ const userDataRouter = router({
      */
     getLogoutUrl: procedure.input(z.object({ redirectUrl: z.string().optional() })).query(async ({ input }) => {
         const oidcLogoutUrl = new URL(`${OIDC_ISSUER_URL}/logout`);
-        const redirectTo = input.redirectUrl || GOOGLE_REDIRECT_URI.replace('/auth', '');
+        const redirectTo = input.redirectUrl || BETTER_AUTH_URL;
         oidcLogoutUrl.searchParams.set('post_logout_redirect_uri', redirectTo);
         return oidcLogoutUrl.toString();
     }),

apps/antalmanac/src/lib/auth/auth.ts

@@ -1,16 +1,15 @@
 import 'server-only';
 import { getSafeAuthRedirectPath } from '$lib/auth/authUtils';
 import { AUTH_PROVIDER_ID } from '$lib/constants';
-import { oidcOAuthEnvSchema, betterAuthEnvSchema } from '$src/backend/env';
+import { oidcOAuthEnvSchema } from '$src/backend/env';
 import { db } from '@packages/db';
 import { drizzleAdapter } from 'better-auth/adapters/drizzle';
 import { createAuthMiddleware, getOAuthState } from 'better-auth/api';
 import { betterAuth } from 'better-auth/minimal';
 import { nextCookies } from 'better-auth/next-js';
 import { genericOAuth } from 'better-auth/plugins';
 
-const { OIDC_CLIENT_ID, OIDC_ISSUER_URL } = oidcOAuthEnvSchema.parse(process.env);
-const { BETTER_AUTH_URL } = betterAuthEnvSchema.parse(process.env);
+const { OIDC_CLIENT_ID, OIDC_ISSUER_URL, BETTER_AUTH_URL } = oidcOAuthEnvSchema.parse(process.env);
 
 export interface AuthAdditionalData {
     returnUrl?: string;

sst.config.ts

@@ -58,9 +58,8 @@ export default $config({
                 ANTEATER_API_KEY: process.env.ANTEATER_API_KEY,
                 OIDC_CLIENT_ID: process.env.OIDC_CLIENT_ID,
                 OIDC_ISSUER_URL: process.env.OIDC_ISSUER_URL,
-                GOOGLE_REDIRECT_URI: `https://${domain}/auth`,
+                BETTER_AUTH_URL: `https://${domain}`,
                 BETTER_AUTH_SECRET: process.env.BETTER_AUTH_SECRET,
-                BETTER_AUTH_URL: process.env.BETTER_AUTH_URL,
                 NEXT_PUBLIC_BASE_URL: domain,
                 NEXT_PUBLIC_PUBLIC_POSTHOG_KEY: process.env.NEXT_PUBLIC_PUBLIC_POSTHOG_KEY,
                 PLANNER_CLIENT_API_KEY: process.env.PLANNER_CLIENT_API_KEY,