From e01a87ff2e5094ca985b9194ba75c8574b59a7da Mon Sep 17 00:00:00 2001
From: Matt <matt@letsbe.solutions>
Date: Sat, 9 May 2026 04:09:17 +0200
Subject: [PATCH] fix(auth): forward `in` checks through better-auth Proxy

better-auth's `toNextJsHandler` does `"handler" in auth` and falls back
to calling `auth(req)` if false. The default `has` trap looks at the
empty target and returns false, so without the override we hit the
fallback and crash because the target isn't callable. Add a `has` trap
that delegates to the real instance.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 src/lib/auth/index.ts | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/lib/auth/index.ts b/src/lib/auth/index.ts
index 45c4a630..2f786f06 100644
--- a/src/lib/auth/index.ts
+++ b/src/lib/auth/index.ts
@@ -124,6 +124,14 @@ export const auth = new Proxy({} as AuthInstance, {
   get(_target, prop) {
     return Reflect.get(getAuth(), prop);
   },
+  // Critical: better-auth's `toNextJsHandler` does `"handler" in auth`
+  // and falls back to calling `auth(req)` if false. The default `has`
+  // trap looks at the empty target (returning false), so without this
+  // we'd hit that fallback (and crash because the target isn't
+  // callable). Forward `in` checks to the real instance.
+  has(_target, prop) {
+    return Reflect.has(getAuth(), prop);
+  },
 });
 
 export type Session = typeof auth.$Infer.Session;