Replace supertokens with our own authentication

[n1ru4l]

We want to remove Supertokens from Hive Console.

The main reasons:

• hard/impossible to upgrade
  • chore: upgrade supertokens-auth-react to 41.x #5896
  • chore: upgrade supertokens-node to 17.x.x #5894
• no account linking in OSS version
• we maintain some code for supporting multi-tenant OIDC login, which feels like quite a mess

In Feburary 2025 @kamilkisiela evaluated and started working on replacing supertokens with better-auth, but due to other priorities he abandoned the project.

Basically the replacement needs to support everything we have today:

• Sign in/up via Email (with email verification and forgot password etc.)
• Sign up via GitHub
• Sign up via organization OIDC provider
• The transition should be seamless so users do not have to sign-in again

It makes sense to re-use the existing supertoken pg tables and at the same cleanup the tables (there are a lot of tables created that are actually unused). In addition to that we also need to create a db migration that seeds the tables, for users that start using hive console self-hosted after we remove the super tokens service.

In the next step we could then introduce account linking.

---

Resources/ Prior work:

• https://github.com/better-auth/better-auth
• https://github.com/graphql-hive/console/tree/kamil-better-auth