Authentication Feature

What It Does

Provides user authentication and session management for Jubiloop using Better Auth. Users can sign up, sign in, and maintain secure sessions with organization/workspace support built-in.

Key Capabilities

• User Registration: Create accounts with email/password
• Sign In/Out: Session-based authentication with secure cookies
• Session Management: Redis-backed sessions with configurable expiry
• Organization Support: Multi-tenant workspaces with role-based access
• Team Management: Sub-groups within organizations
• Invitation System: Invite users to organizations
• Cross-subdomain Support: Sessions work across app.jubiloop.com, api.jubiloop.com

User Experience

1. Sign Up: User provides name, email, password → account created → session established
2. Sign In: User enters email/password → session created → redirected to app
3. Organization Context: Users can switch between multiple organization workspaces
4. Team Collaboration: Users can be assigned to teams within organizations
5. Session Persistence: Sessions last 7 days, with automatic renewal on activity

Technical Foundation

• Better Auth: Modern authentication library with organization support
• Redis: Session storage for scalability and performance
• PostgreSQL: User, organization, and membership data
• Argon2: Secure password hashing
• Secure Cookies: HTTP-only cookies with cross-subdomain support