Coordinator Auth

The authentication and authorization service for COORDINATOR.

The COORDINATOR authentication system is built on Better Auth, a framework-agnostic, universal authentication and authorization framework for TypeScript. It provides comprehensive authentication capabilities with a sophisticated multi-tenant organizational structure.

Key Features

• Multi-tenant Architecture: Organizations → Teams → Users hierarchy
• Multiple Authentication Methods: Email/password, 2FA, passkeys, phone OTP, email OTP
• Role-Based Access Control: Owner, Admin, and Member roles at organization and team levels
• Invitation System: Email-based invitations with role assignment
• Subscription Management: Stripe integration for billing and subscription management
• Cross-Subdomain Support: Cookie-based session management across .getcoordinator.ai domains
• Backend Integration: Automatic synchronization with Go backend service

Core Sections

• Architecture - System design, technology stack, and core components
• Database Schema - Entity models, relationships, and constraints
• API Endpoints - Authentication endpoints and usage

Technology Stack

• Framework: Better Auth v1.4.7
• Database: PostgreSQL (via Neon Serverless)
• ORM: Drizzle ORM
• Server: Hono framework with Node.js
• Email: Resend
• Payment: Stripe
• Logging: Winston with Loki

Quick Start

The authentication system manages three core organizational levels:

1. Organization - Top-level entity representing a sports team or organization
2. Team - Sub-groups within organizations for granular access control
3. User - Individual accounts with role-based permissions

All authentication endpoints are available under /api/auth/* and support standard REST operations with JWT-based session management.