fix:use cloudflare's crypto lib for passwords

packages/auth/src/index.ts

@@ -1,3 +1,4 @@
+import { randomBytes, scryptSync } from "node:crypto";
 import { db } from "@kk/db";
 import * as schema from "@kk/db/schema/auth";
 import { env } from "@kk/env/server";
@@ -14,6 +15,22 @@ export const auth = betterAuth({
 	trustedOrigins: [env.CORS_ORIGIN],
 	emailAndPassword: {
 		enabled: true,
+		// Use Cloudflare's native scrypt via node:crypto for better performance
+		// This avoids CPU time limit errors on Cloudflare Workers
+		password: {
+			hash: async (password) => {
+				const salt = randomBytes(16).toString("hex");
+				const hash = scryptSync(password, salt, 64).toString("hex");
+				return `${salt}:${hash}`;
+			},
+			verify: async ({ hash, password }) => {
+				const [salt, key] = hash.split(":");
+				if (!salt || !key) return false;
+				const keyBuffer = Buffer.from(key, "hex");
+				const hashBuffer = scryptSync(password, salt, 64);
+				return keyBuffer.equals(hashBuffer);
+			},
+		},
 	},
 	user: {
 		additionalFields: {