Supabase Auth foundation
Cookie-based sessions for loaders and actions
Google OAuth now starts and completes on the server, with the Supabase session persisted through the existing cookie bridge.
Auth state is expected to flow through the Worker request boundary, not direct browser-to-Postgres access.
Public runtime values are loaded from `context.cloudflare.env`; no business logic is implemented yet.
Sign in with Google
Authentication is initiated via a route action so the Worker owns the OAuth redirect and cookie persistence.
Supabase URL: https://syycflladrbupfxrrfkg.supabase.co
Supabase anon key: Configured
Turnstile site key: Configured