eduvhc
d23a4e511d
better-auth auto-prepends `__Secure-` to its cookie name on HTTPS origins, so the actual cookie in prod is `__Secure-better-auth. session_token`. The proxy's optimistic auth gate checked only the bare name and never matched in prod. Concrete loop reported by eduvhc 2026-05-29: signed-in user lands on `core.iedora.com`, gets redirected to `menu.iedora.com`, then to `/menu/onboarding` (no org yet), and the proxy auth gate decided "no session" (cookie name mismatch) → bounce to `core.iedora.com/ sign-in?next=...` → sign-in's `auth.api.getSession()` sees the cookie via request headers → redirects back to `next` → loop → ERR_TOO_MANY_REDIRECTS. Fix checks both names; the bare one stays in the list so dev (HTTP localhost) keeps working without a `__Secure-` prefix.
iedora
Monorepo — um container Next.js que serve três hostnames via host-based rewrites.
- Menu (
menu.iedora.com) — SaaS multi-tenant restaurant menu builder - Core (
core.iedora.com) — better-auth sign-in via@iedora/auth - House (
iedora.com) — brand landing
Deploy: Kamal + home-infra/. Ver home-infra/README.md e docs/deploy/.
Quick start
bun install
bun run dev:up # postgres + s3mock (Docker)
bun run dev:migrate # schema nas DBs locais
bun run dev # Next.js HMR em :3000
Ship it
kamal setup -d production # primeira vez
kamal deploy -d production # deploys seguintes
Docs
- AGENTS.md — stack, rules, conventions
- docs/dev.md — dev local
- docs/deploy/README.md — infra + deploy