export const auth = betterAuth({
  database: drizzleAdapter(db, {
    provider: 'pg',
    usePlural: true,
    schema: {
      jwkss,
      users,
      accounts,
      sessions,
      verifications,
      organizations,
      members,
      invitations,
      apikeys,
      workspaces,
    },
  }),

  advanced: {
    generateId: false,
    useSecureCookies: process.env.NODE_ENV !== 'development',
  },

  trustedOrigins: configureTrustedOrigins(),

  plugins: [
    organization({
      invitationExpiresIn: INVITATION_EXPIRY_IN_DAYS * DAY_IN_MS,
      async sendInvitationEmail(data) {
        await sendOrganizationInvitation({
          email: data.email,
          invitedByName: data.inviter.user.name,
          invitedByEmail: data.inviter.user.email,
          organizationName: data.organization.name,
          invitationId: data.id,
        })
      },
      organizationCreation: {
        afterCreate: async ({ organization, user }) => {
          const metronomeCustomer = await createMetronomeCustomer({
            organizationId: organization.id,
            organizationSlug: organization.slug,
          })

          if (metronomeCustomer.success && metronomeCustomer.data) {
            await createMetronomeContract({
              customerId: metronomeCustomer.data?.data.id,
            })
          }

          await track({
            distinctId: user.id,
            event: 'organization_created',
            properties: {
              organization_id: organization.id,
              organization_name: organization.name,
              $set: { ...user },
            },
          })
        },
      },
    }),
    workspace(),
    apiKey({
      enableMetadata: true,
      rateLimit: {
        enabled: false, // rely on expiration time
      },
      startingCharactersConfig: {
        shouldStore: true,
        charactersLength: 12,
      },
    }),
    jwt({
      jwks: {
        keyPairConfig: {
          alg: 'EdDSA',
          crv: 'Ed25519',
        },
      },
      jwt: {
        expirationTime: '1m',
        definePayload: ({ user }) => ({
          userId: user?.id,
        }),
      },
    }),
    bearer(),
    // add proxy for preview urls / dev environments
    ...(process.env.VERCEL_ENV !== 'production' && process.env.HOST_DOMAIN
      ? [oAuthProxy()]
      : []),
  ],
  socialProviders: {
    google: {
      clientId: process.env.GOOGLE_CLIENT_ID as string,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
      ...(process.env.HOST_DOMAIN
        ? {
            redirectURI: `${process.env.HOST_DOMAIN}/api/auth/callback/google`,
          }
        : {}),
    },
    github: {
      clientId: process.env.BETTER_AUTH_GITHUB_CLIENT_ID as string,
      clientSecret: process.env.BETTER_AUTH_GITHUB_CLIENT_SECRET as string,
      ...(process.env.HOST_DOMAIN
        ? {
            redirectURI: `${process.env.HOST_DOMAIN}/api/auth/callback/github`,
          }
        : {}),
    },
  },

  session: {
    additionalFields: {
      activeWorkspaceId: {
        type: 'string',
        nullable: true,
      },
    },
    cookieCache: {
      enabled: true,
      maxAge: 5 * 60,
    },
  },

  databaseHooks: {
    user: {
      create: {
        after: async (user) => {
		…
        },
      },
    },
    session: {
      create: {
        before: async (session) => {
          const organization = await getActiveOrganization(session.userId)

          if (organization?.id) {
            return {
              data: {
                ...session,
                activeOrganizationId: organization.id,
              },
            }
          }

          return {
            data: {
              ...session,
            },
          }
        },
      },
    },
  },
})