feat: enhance canvas functionality with proximity edge handling and improved authentication logging

- Introduced temporary edge styling for proximity connections in the canvas.
- Updated edge synchronization logic to filter out temporary edges during data processing.
- Enhanced authentication logging to provide detailed user identity information when authentication fails.
- Added a new utility function for sanitizing edge handle IDs to ensure compatibility with React Flow.
- Implemented a node handle mapping for proximity connections to streamline edge management.

convex/auth.config.ts

@@ -1,6 +1,21 @@
-import { getAuthConfigProvider } from "@convex-dev/better-auth/auth-config";
 import type { AuthConfig } from "convex/server";
 
+const issuer = (process.env.CONVEX_SITE_URL ?? process.env.SITE_URL ?? "").replace(/\/$/, "");
+
+if (!issuer) {
+  throw new Error(
+    "Missing CONVEX_SITE_URL (or SITE_URL) for Better Auth JWT issuer in convex/auth.config.ts",
+  );
+}
+
 export default {
-  providers: [getAuthConfigProvider()],
+  providers: [
+    {
+      type: "customJwt",
+      issuer,
+      applicationID: "convex",
+      algorithm: "RS256",
+      jwks: `${issuer}/api/auth/convex/jwks`,
+    },
+  ],
 } satisfies AuthConfig;

convex/helpers.ts

@@ -17,7 +17,12 @@ export async function requireAuth(
 ): Promise<AuthUser> {
   const user = await authComponent.safeGetAuthUser(ctx);
   if (!user) {
-    console.error("[requireAuth] safeGetAuthUser returned null");
+    const identity = await ctx.auth.getUserIdentity();
+    console.error("[requireAuth] safeGetAuthUser returned null", {
+      hasIdentity: Boolean(identity),
+      identityIssuer: identity?.issuer ?? null,
+      identitySubject: identity?.subject ?? null,
+    });
     throw new Error("Unauthenticated");
   }
   const userId = user.userId ?? String(user._id);