better_auth 0.1.1 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a2ba3cc27f9b1ebc6cb35de7a95a10351c30f5523de796c82b7c90773d663381
-  data.tar.gz: 81b03e1d625d242adc6255806b7651cebee65f59179110aae7df85b7beab426f
+  metadata.gz: df93cdae06059d52fa2c3d35c5b173aba9025d5ac46bda0b93a7a8abc5045f40
+  data.tar.gz: adec802dade2610da15329266c91dcd46aecb8642165c29e364ce7db2829d217
 SHA512:
-  metadata.gz: 61a29dc835cd5758628b358153888cc78eb721795cd286e55210c920766129826d08b5bbdf2fe9a049df56b3d6a9d4bd8f33c82b067bde77c812c87738af94e2
-  data.tar.gz: 18d543129a8577e9974ce0887db187e837ff2b9175cce97efd33a6afba615f1d34272fb193a0008694c63c998b12740ed6c2490ecb765ad9b24f131be389a250
+  metadata.gz: f46ac8a5cf79a859a417e2cbe60f000c290d014975fb3ce910c49b6c1cd455b2123e436a42a323dd530b38096a4ebc18a1f206c97f0ef6624378c9eb051d37e3
+  data.tar.gz: '0469ddcdcad97a7b1b58e3ddc0ef8d54c7469a1e0411546367f829291ab5664fc0b4685d460d8d328fe6ef67543908060d33eb961a638121930154ca31a4cfaf'

data/CHANGELOG.md

@@ -7,6 +7,29 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.3.0] - 2026-04-29
+
+### Added
+
+- Added upstream-parity social provider support, including provider-specific authorization, token, profile, refresh, and revocation behavior for the expanded provider set.
+- Added OAuth/OIDC protocol hardening for authorization, callback, discovery, metadata, token, and userinfo flows.
+- Added upstream v1.6.9 parity coverage for schema generation, adapter behavior, plugin hooks, session handling, and account/user route edge cases.
+
+### Changed
+
+- Extracted MongoDB adapter support behind the external `better_auth-mongo-adapter` shim while preserving compatibility for existing adapter configuration.
+- Updated auth routes, router behavior, rate limiting, password and email-verification flows, and schema metadata to match upstream semantics more closely.
+
+### Fixed
+
+- Fixed social provider edge cases, magic-link expiration behavior, adapter value coercion, and callback/session handling across Rack integrations.
+
+## [0.1.1] - 2026-03-22
+
+### Fixed
+
+- Fixed gemspec files list to use `Dir.glob` instead of `git ls-files` for better CI compatibility
+
 ### Added
 
 - Initial project setup

data/README.md

@@ -60,11 +60,96 @@ gem install better_auth
 ```ruby
 require 'better_auth'
 
-# Configure Better Auth
-BetterAuth.configure do |config|
-  config.secret_key = ENV['BETTER_AUTH_SECRET']
-  config.database_url = ENV['DATABASE_URL']
-end
+auth = BetterAuth.auth(
+  secret: ENV.fetch("BETTER_AUTH_SECRET"),
+  database: :memory
+)
+```
+
+### Password Hashing
+
+Better Auth Ruby uses upstream-compatible `scrypt` password hashes by default through Ruby's `OpenSSL::KDF.scrypt`, so no extra password-hashing gem is required for the default setup.
+
+```ruby
+auth = BetterAuth.auth(
+  secret: ENV.fetch("BETTER_AUTH_SECRET"),
+  password_hasher: :scrypt # default
+)
+```
+
+Applications that prefer Ruby's familiar BCrypt ecosystem can opt in by adding `gem "bcrypt"` and configuring:
+
+```ruby
+auth = BetterAuth.auth(
+  secret: ENV.fetch("BETTER_AUTH_SECRET"),
+  password_hasher: :bcrypt
+)
+```
+
+Custom Better Auth-style password callbacks are still supported through `email_and_password[:password][:hash]` and `[:verify]`.
+
+### Database Adapters
+
+The core gem ships framework-agnostic adapters for memory, PostgreSQL, MySQL, SQLite, and MSSQL. Driver gems are loaded only when their adapter is instantiated. MongoDB support lives in the external `better_auth-mongo-adapter` package so apps that do not use MongoDB do not install the Mongo driver.
+
+```ruby
+auth = BetterAuth.auth(
+  secret: ENV.fetch("BETTER_AUTH_SECRET"),
+  database: BetterAuth::Adapters::SQLite.new(path: "storage/auth.sqlite3")
+)
+```
+
+```ruby
+require "better_auth/mongo_adapter"
+
+auth = BetterAuth.auth(
+  secret: ENV.fetch("BETTER_AUTH_SECRET"),
+  database: BetterAuth::Adapters::MongoDB.new(
+    database: mongo_client.database,
+    client: mongo_client,
+    transaction: false
+  )
+)
+```
+
+```ruby
+auth = BetterAuth.auth(
+  secret: ENV.fetch("BETTER_AUTH_SECRET"),
+  database: BetterAuth::Adapters::MSSQL.new(url: ENV.fetch("DATABASE_URL"))
+)
+```
+
+### Social Providers
+
+```ruby
+require "better_auth"
+
+auth = BetterAuth.auth(
+  secret: ENV.fetch("BETTER_AUTH_SECRET"),
+  social_providers: {
+    google: BetterAuth::SocialProviders.google(
+      client_id: ENV.fetch("GOOGLE_CLIENT_ID"),
+      client_secret: ENV.fetch("GOOGLE_CLIENT_SECRET")
+    ),
+    github: BetterAuth::SocialProviders.github(
+      client_id: ENV.fetch("GITHUB_CLIENT_ID"),
+      client_secret: ENV.fetch("GITHUB_CLIENT_SECRET")
+    )
+  }
+)
+```
+
+### JavaScript Client
+
+Ruby Better Auth exposes the same HTTP route surface. Frontend apps should use the upstream Better Auth JavaScript client and point it at the Ruby server:
+
+```ts
+import { createAuthClient } from "better-auth/client";
+
+export const authClient = createAuthClient({
+  baseURL: "http://localhost:3000",
+  basePath: "/api/auth",
+});
 ```
 
 ### Rails Integration
@@ -72,7 +157,7 @@ end
 Add to your Gemfile:
 
 ```ruby
-gem 'better_auth', require: 'better_auth/rails'
+gem "better_auth-rails"
 ```
 
 Then in your ApplicationController:
@@ -87,7 +172,7 @@ Now you have access to `current_user` and authentication methods:
 
 ```ruby
 class PostsController < ApplicationController
-  before_action :authenticate_user!
+  before_action :require_authentication
 
   def index
     @posts = current_user.posts
@@ -97,6 +182,8 @@ end
 
 ## Development
 
+Full documentation is being adapted in the root [`docs/`](/Users/sebastiansala/projects/better-auth/docs/README.md) app. Start with the Ruby-first installation, basic usage, Rack, Rails, PostgreSQL, and MySQL pages there; pages with a Ruby port warning still contain upstream TypeScript examples for reference.
+
 ### Quick Start
 
 ```bash
@@ -132,7 +219,7 @@ make test-coverage   # Tests with coverage
 make ci              # Full CI (lint + test)
 
 # Databases for testing
-make db-up           # Start PostgreSQL, MySQL, Redis
+make db-up           # Start PostgreSQL, MySQL, MongoDB, MSSQL, Redis
 make db-down         # Stop containers
 ```
 
@@ -183,10 +270,10 @@ git push origin feat/new-feature
 
 **Automatic Release (GitHub Actions):**
 
-Release is triggered on `push` to `main` when `lib/better_auth/version.rb` changes.
+Release is triggered by package-prefixed tags so each gem can ship independently.
 
 ```bash
-# STEP 1: Update version in lib/better_auth/version.rb
+# STEP 1: Update the target package version file
 # Example: VERSION = "0.1.1"
 
 # STEP 2: Commit and push to main
@@ -194,19 +281,24 @@ git add lib/better_auth/version.rb
 git commit -m "chore: bump version to 0.1.1"
 git push origin main
 
-# STEP 3: GitHub Actions automatically:
+# STEP 3: Create the tag for the gem you want to publish
+git tag better_auth-v0.1.1
+git push origin better_auth-v0.1.1
+
+# STEP 4: GitHub Actions automatically:
 # - Runs tests
 # - Builds the gem
 # - Publishes to RubyGems (if version is new)
-# - Creates and pushes git tag (v0.1.1)
 # - Creates GitHub Release
 ```
 
+Use `better_auth-vX.Y.Z` for the core gem, `better_auth-rails-vX.Y.Z` for Rails, `better_auth-sinatra-vX.Y.Z` for Sinatra, and `better_auth-hanami-vX.Y.Z` for Hanami.
+
 **Required GitHub Configuration:**
 
-1. Go to Settings → Secrets and variables → Actions
-2. Add `RUBYGEMS_API_KEY` with your RubyGems API key
-3. The workflow `.github/workflows/release.yml` does the rest
+1. In RubyGems, configure Trusted Publishing for each gem that should publish from CI.
+2. Use this repository and workflow file: `.github/workflows/release.yml`.
+3. The workflow exchanges GitHub's OIDC token for short-lived RubyGems credentials when the matching package tag is pushed.
 
 **Dry-run options:**
 
@@ -231,8 +323,8 @@ gem build better_auth.gemspec
 gem push better_auth-*.gem
 
 # 4. Create and push the tag
-git tag -a v0.1.1 -m "Release v0.1.1"
-git push origin --tags
+git tag -a better_auth-v0.1.1 -m "Release better_auth v0.1.1"
+git push origin better_auth-v0.1.1
 ```
 
 ### Project Structure
@@ -262,6 +354,6 @@ The gem is available as open source under the terms of the [MIT License](https:/
 
 ## Security
 
-If you discover a security vulnerability within Better Auth Ruby, please send an e-mail to [security@better-auth.com](mailto:security@better-auth.com).
+If you discover a security vulnerability within Better Auth Ruby, please send an e-mail to [security@openparcel.dev](mailto:security@openparcel.dev).
 
 All reports will be promptly addressed, and you'll be credited accordingly.

data/lib/better_auth/adapters/base.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module BetterAuth
+  module Adapters
+    class Base
+      attr_reader :options
+
+      def initialize(options)
+        @options = options
+      end
+
+      def create(**)
+        raise NotImplementedError
+      end
+
+      def find_one(**)
+        raise NotImplementedError
+      end
+
+      def find_many(**)
+        raise NotImplementedError
+      end
+
+      def update(**)
+        raise NotImplementedError
+      end
+
+      def update_many(**)
+        raise NotImplementedError
+      end
+
+      def delete(**)
+        raise NotImplementedError
+      end
+
+      def delete_many(**)
+        raise NotImplementedError
+      end
+
+      def count(**)
+        raise NotImplementedError
+      end
+
+      def transaction
+        yield self
+      end
+    end
+  end
+end