From 2a782800d4b8321f1d6575527516b5a45a693920 Mon Sep 17 00:00:00 2001
From: Hernan Alvarado <hernanvid123@gmail.com>
Date: Tue, 9 Dec 2025 17:29:59 -0500
Subject: [PATCH] feat(core): add `basePath` configuration option

---
 packages/core/src/@types/index.ts   | 11 ++++++++---
 packages/core/src/index.ts          |  2 +-
 packages/core/test/instance.test.ts | 23 +++++++++++++++++++++++
 3 files changed, 32 insertions(+), 4 deletions(-)
 create mode 100644 packages/core/test/instance.test.ts

diff --git a/packages/core/src/@types/index.ts b/packages/core/src/@types/index.ts
index 247c10ac..a67f4ed0 100644
--- a/packages/core/src/@types/index.ts
+++ b/packages/core/src/@types/index.ts
@@ -1,9 +1,10 @@
 import { z } from "zod/v4"
-import type { OAuthIntegrations } from "@/oauth/index.js"
-import { OAuthAccessTokenErrorResponse, OAuthAuthorizationErrorResponse } from "@/schemas.js"
-import { SESSION_VERSION } from "@/actions/session/session.js"
 import { SerializeOptions } from "cookie"
 import { createJoseInstance } from "@/jose.js"
+import { SESSION_VERSION } from "@/actions/session/session.js"
+import { OAuthAccessTokenErrorResponse, OAuthAuthorizationErrorResponse } from "@/schemas.js"
+import type { RoutePattern } from "@aura-stack/router"
+import type { OAuthIntegrations } from "@/oauth/index.js"
 
 /**
  * Standardized user profile returned by OAuth integrations after fetching user information
@@ -131,6 +132,10 @@ export interface AuthConfig {
      * doesn't exist, it will throw an error during the initialization of the Auth module.
      */
     secret?: string
+    /**
+     * Base path for all authentication routes. Default is `/auth`.
+     */
+    basePath?: RoutePattern
 }
 
 export interface AuthConfigInternal {
diff --git a/packages/core/src/index.ts b/packages/core/src/index.ts
index 8cd82710..66024e66 100644
--- a/packages/core/src/index.ts
+++ b/packages/core/src/index.ts
@@ -9,7 +9,7 @@ import type { AuthConfig } from "@/@types/index.js"
 
 const createInternalConfig = (authConfig?: AuthConfig): RouterConfig => {
     return {
-        basePath: "/auth",
+        basePath: authConfig?.basePath ?? "/auth",
         onError: onErrorHandler,
         context: {
             oauth: createOAuthIntegrations(authConfig?.oauth),
diff --git a/packages/core/test/instance.test.ts b/packages/core/test/instance.test.ts
new file mode 100644
index 00000000..698361a0
--- /dev/null
+++ b/packages/core/test/instance.test.ts
@@ -0,0 +1,23 @@
+import { describe, test, expect } from "vitest"
+import { createAuth } from "@/index.js"
+
+describe("createAuth", () => {
+    describe("add custom basePath config", () => {
+        const auth = createAuth({
+            oauth: ["github"],
+            basePath: "/api/v1/auth",
+        })
+
+        test("valid custom path for get csrfToken", async () => {
+            const response = await auth.handlers.GET(new Request("https://example.com/api/v1/auth/csrfToken"))
+            expect(response.status).toBe(200)
+            const data = await response.json()
+            expect(data).toHaveProperty("csrfToken")
+        })
+
+        test("invalid path for get csrfToken", async () => {
+            const response = await auth.handlers.GET(new Request("https://example.com/auth/csrfToken"))
+            expect(response.status).toBe(404)
+        })
+    })
+})