Adds authentication and authorization features

[rolandboon]

• Integrates better-auth for authentication management
• Implements CASL for attribute-based access control (authorization)
• Adds createAuthMiddleware for session validation
• Adds defineRoleAbilities for secure, declarative permission definitions

---

Note

Introduces a complete authentication and authorization stack and wires it into routing and query utilities.

• New auth module: createAuthMiddleware, createBetterAuthProvider, CASL ability utilities (createAbilityFactory, defineRoleAbilities, assertCan, can, subject), and typed AuthUser/AuthSession
• Route enforcement: Adds authorize option to route() and Hono context augmentation (user, session, ability, isAuthenticated)
• CASL + Prisma integration: Replaces dynamic import with explicit registerCasl and withCaslScope(ability, action, subject) for list-query scoping
• Public API updates: Re-exports auth APIs from src/index.ts; adjusts list-query/casl exports
• Documentation: New Auth docs (Getting Started, Abilities, Middleware, OpenAPI, Testing) and sidebar updates
• Tests: New unit tests for auth utilities, middleware, route authorization, and CASL scoping
• Deps/Config: Adds peer deps better-auth, @casl/ability; updates lockfile; adds typecheck script; bumps hono
• Cleanup: Removes dev-plans/jobs.md (internal plan)

^{Written by Cursor Bugbot for commit b21dcfd. This will update automatically on new commits. Configure here.}

[codecov]

Codecov Report

❌ Patch coverage is 98.65772% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 96.98%. Comparing base (d23fc11) to head (b21dcfd).
⚠️ Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
src/list-query/casl.ts	84.61%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main      #40      +/-   ##
==========================================
+ Coverage   96.87%   96.98%   +0.10%     
==========================================
  Files          57       61       +4     
  Lines        3044     3179     +135     
  Branches      808      856      +48     
==========================================
+ Hits         2949     3083     +134     
- Misses         95       96       +1     

Files with missing lines	Coverage Δ
src/auth/abilities.ts	100.00% <100.00%> (ø)
src/auth/assert.ts	100.00% <100.00%> (ø)
src/auth/better-auth-provider.ts	100.00% <100.00%> (ø)
src/auth/middleware.ts	100.00% <100.00%> (ø)
src/http/route-helpers.ts	94.24% <100.00%> (+0.64%)	⬆️
src/list-query/casl.ts	84.61% <84.61%> (-8.25%)	⬇️

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.}