@alexasomba/better-auth-paystack 0.0.4

package/dist/index.mjs

@@ -0,0 +1,896 @@
+import { defu } from "defu";
+import { createEndpoint, createMiddleware } from "better-call";
+import { HIDE_METADATA, logger } from "better-auth";
+import { APIError, getSessionFromCtx, originCheck, sessionMiddleware } from "better-auth/api";
+import * as z from "zod/v4";
+import { mergeSchema } from "better-auth/db";
+
+//#region node_modules/.pnpm/@better-auth+core@1.4.7_@better-auth+utils@0.3.0_@better-fetch+fetch@1.1.21_better-call_3563929c6579aa89e38f28ea99bd09aa/node_modules/@better-auth/core/dist/env-DbssmzoK.mjs
+const _envShim = Object.create(null);
+const _getEnv = (useShim) => globalThis.process?.env || globalThis.Deno?.env.toObject() || globalThis.__env__ || (useShim ? _envShim : globalThis);
+const env = new Proxy(_envShim, {
+	get(_, prop) {
+		return _getEnv()[prop] ?? _envShim[prop];
+	},
+	has(_, prop) {
+		return prop in _getEnv() || prop in _envShim;
+	},
+	set(_, prop, value) {
+		const env$1 = _getEnv(true);
+		env$1[prop] = value;
+		return true;
+	},
+	deleteProperty(_, prop) {
+		if (!prop) return false;
+		const env$1 = _getEnv(true);
+		delete env$1[prop];
+		return true;
+	},
+	ownKeys() {
+		const env$1 = _getEnv(true);
+		return Object.keys(env$1);
+	}
+});
+const nodeENV = typeof process !== "undefined" && process.env && process.env.NODE_ENV || "";
+/**
+* Get environment variable with fallback
+*/
+function getEnvVar(key, fallback) {
+	if (typeof process !== "undefined" && process.env) return process.env[key] ?? fallback;
+	if (typeof Deno !== "undefined") return Deno.env.get(key) ?? fallback;
+	if (typeof Bun !== "undefined") return Bun.env[key] ?? fallback;
+	return fallback;
+}
+/**
+* Common environment variables used in Better Auth
+*/
+const ENV = Object.freeze({
+	get BETTER_AUTH_SECRET() {
+		return getEnvVar("BETTER_AUTH_SECRET");
+	},
+	get AUTH_SECRET() {
+		return getEnvVar("AUTH_SECRET");
+	},
+	get BETTER_AUTH_TELEMETRY() {
+		return getEnvVar("BETTER_AUTH_TELEMETRY");
+	},
+	get BETTER_AUTH_TELEMETRY_ID() {
+		return getEnvVar("BETTER_AUTH_TELEMETRY_ID");
+	},
+	get NODE_ENV() {
+		return getEnvVar("NODE_ENV", "development");
+	},
+	get PACKAGE_VERSION() {
+		return getEnvVar("PACKAGE_VERSION", "0.0.0");
+	},
+	get BETTER_AUTH_TELEMETRY_ENDPOINT() {
+		return getEnvVar("BETTER_AUTH_TELEMETRY_ENDPOINT", "https://telemetry.better-auth.com/v1/track");
+	}
+});
+const COLORS_2 = 1;
+const COLORS_16 = 4;
+const COLORS_256 = 8;
+const COLORS_16m = 24;
+const TERM_ENVS = {
+	eterm: COLORS_16,
+	cons25: COLORS_16,
+	console: COLORS_16,
+	cygwin: COLORS_16,
+	dtterm: COLORS_16,
+	gnome: COLORS_16,
+	hurd: COLORS_16,
+	jfbterm: COLORS_16,
+	konsole: COLORS_16,
+	kterm: COLORS_16,
+	mlterm: COLORS_16,
+	mosh: COLORS_16m,
+	putty: COLORS_16,
+	st: COLORS_16,
+	"rxvt-unicode-24bit": COLORS_16m,
+	terminator: COLORS_16m,
+	"xterm-kitty": COLORS_16m
+};
+const CI_ENVS_MAP = new Map(Object.entries({
+	APPVEYOR: COLORS_256,
+	BUILDKITE: COLORS_256,
+	CIRCLECI: COLORS_16m,
+	DRONE: COLORS_256,
+	GITEA_ACTIONS: COLORS_16m,
+	GITHUB_ACTIONS: COLORS_16m,
+	GITLAB_CI: COLORS_256,
+	TRAVIS: COLORS_256
+}));
+const TERM_ENVS_REG_EXP = [
+	/ansi/,
+	/color/,
+	/linux/,
+	/direct/,
+	/^con[0-9]*x[0-9]/,
+	/^rxvt/,
+	/^screen/,
+	/^xterm/,
+	/^vt100/,
+	/^vt220/
+];
+function getColorDepth() {
+	if (getEnvVar("FORCE_COLOR") !== void 0) switch (getEnvVar("FORCE_COLOR")) {
+		case "":
+		case "1":
+		case "true": return COLORS_16;
+		case "2": return COLORS_256;
+		case "3": return COLORS_16m;
+		default: return COLORS_2;
+	}
+	if (getEnvVar("NODE_DISABLE_COLORS") !== void 0 && getEnvVar("NODE_DISABLE_COLORS") !== "" || getEnvVar("NO_COLOR") !== void 0 && getEnvVar("NO_COLOR") !== "" || getEnvVar("TERM") === "dumb") return COLORS_2;
+	if (getEnvVar("TMUX")) return COLORS_16m;
+	if ("TF_BUILD" in env && "AGENT_NAME" in env) return COLORS_16;
+	if ("CI" in env) {
+		for (const { 0: envName, 1: colors } of CI_ENVS_MAP) if (envName in env) return colors;
+		if (getEnvVar("CI_NAME") === "codeship") return COLORS_256;
+		return COLORS_2;
+	}
+	if ("TEAMCITY_VERSION" in env) return /^(9\.(0*[1-9]\d*)\.|\d{2,}\.)/.exec(getEnvVar("TEAMCITY_VERSION")) !== null ? COLORS_16 : COLORS_2;
+	switch (getEnvVar("TERM_PROGRAM")) {
+		case "iTerm.app":
+			if (!getEnvVar("TERM_PROGRAM_VERSION") || /^[0-2]\./.exec(getEnvVar("TERM_PROGRAM_VERSION")) !== null) return COLORS_256;
+			return COLORS_16m;
+		case "HyperTerm":
+		case "MacTerm": return COLORS_16m;
+		case "Apple_Terminal": return COLORS_256;
+	}
+	if (getEnvVar("COLORTERM") === "truecolor" || getEnvVar("COLORTERM") === "24bit") return COLORS_16m;
+	if (getEnvVar("TERM")) {
+		if (/truecolor/.exec(getEnvVar("TERM")) !== null) return COLORS_16m;
+		if (/^xterm-256/.exec(getEnvVar("TERM")) !== null) return COLORS_256;
+		const termEnv = getEnvVar("TERM").toLowerCase();
+		if (TERM_ENVS[termEnv]) return TERM_ENVS[termEnv];
+		if (TERM_ENVS_REG_EXP.some((term) => term.exec(termEnv) !== null)) return COLORS_16;
+	}
+	if (getEnvVar("COLORTERM")) return COLORS_16;
+	return COLORS_2;
+}
+const TTY_COLORS = {
+	reset: "\x1B[0m",
+	bright: "\x1B[1m",
+	dim: "\x1B[2m",
+	undim: "\x1B[22m",
+	underscore: "\x1B[4m",
+	blink: "\x1B[5m",
+	reverse: "\x1B[7m",
+	hidden: "\x1B[8m",
+	fg: {
+		black: "\x1B[30m",
+		red: "\x1B[31m",
+		green: "\x1B[32m",
+		yellow: "\x1B[33m",
+		blue: "\x1B[34m",
+		magenta: "\x1B[35m",
+		cyan: "\x1B[36m",
+		white: "\x1B[37m"
+	},
+	bg: {
+		black: "\x1B[40m",
+		red: "\x1B[41m",
+		green: "\x1B[42m",
+		yellow: "\x1B[43m",
+		blue: "\x1B[44m",
+		magenta: "\x1B[45m",
+		cyan: "\x1B[46m",
+		white: "\x1B[47m"
+	}
+};
+const levels = [
+	"debug",
+	"info",
+	"success",
+	"warn",
+	"error"
+];
+function shouldPublishLog(currentLogLevel, logLevel) {
+	return levels.indexOf(logLevel) >= levels.indexOf(currentLogLevel);
+}
+const levelColors = {
+	info: TTY_COLORS.fg.blue,
+	success: TTY_COLORS.fg.green,
+	warn: TTY_COLORS.fg.yellow,
+	error: TTY_COLORS.fg.red,
+	debug: TTY_COLORS.fg.magenta
+};
+const formatMessage = (level, message, colorsEnabled) => {
+	const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+	if (colorsEnabled) return `${TTY_COLORS.dim}${timestamp}${TTY_COLORS.reset} ${levelColors[level]}${level.toUpperCase()}${TTY_COLORS.reset} ${TTY_COLORS.bright}[Better Auth]:${TTY_COLORS.reset} ${message}`;
+	return `${timestamp} ${level.toUpperCase()} [Better Auth]: ${message}`;
+};
+const createLogger = (options) => {
+	const enabled = options?.disabled !== true;
+	const logLevel = options?.level ?? "error";
+	const colorsEnabled = options?.disableColors !== void 0 ? !options.disableColors : getColorDepth() !== 1;
+	const LogFunc = (level, message, args = []) => {
+		if (!enabled || !shouldPublishLog(logLevel, level)) return;
+		const formattedMessage = formatMessage(level, message, colorsEnabled);
+		if (!options || typeof options.log !== "function") {
+			if (level === "error") console.error(formattedMessage, ...args);
+			else if (level === "warn") console.warn(formattedMessage, ...args);
+			else console.log(formattedMessage, ...args);
+			return;
+		}
+		options.log(level === "success" ? "info" : level, message, ...args);
+	};
+	return {
+		...Object.fromEntries(levels.map((level) => [level, (...[message, ...args]) => LogFunc(level, message, args)])),
+		get level() {
+			return logLevel;
+		}
+	};
+};
+const logger$1 = createLogger();
+
+//#endregion
+//#region node_modules/.pnpm/@better-auth+core@1.4.7_@better-auth+utils@0.3.0_@better-fetch+fetch@1.1.21_better-call_3563929c6579aa89e38f28ea99bd09aa/node_modules/@better-auth/core/dist/utils-NloIXYE0.mjs
+function defineErrorCodes(codes) {
+	return codes;
+}
+
+//#endregion
+//#region node_modules/.pnpm/@better-auth+core@1.4.7_@better-auth+utils@0.3.0_@better-fetch+fetch@1.1.21_better-call_3563929c6579aa89e38f28ea99bd09aa/node_modules/@better-auth/core/dist/async_hooks/index.mjs
+const AsyncLocalStoragePromise = import(
+	/* @vite-ignore */
+	/* webpackIgnore: true */
+	"node:async_hooks"
+).then((mod) => mod.AsyncLocalStorage).catch((err) => {
+	if ("AsyncLocalStorage" in globalThis) return globalThis.AsyncLocalStorage;
+	if (typeof window !== "undefined") return null;
+	console.warn("[better-auth] Warning: AsyncLocalStorage is not available in this environment. Some features may not work as expected.");
+	console.warn("[better-auth] Please read more about this warning at https://better-auth.com/docs/installation#mount-handler");
+	console.warn("[better-auth] If you are using Cloudflare Workers, please see: https://developers.cloudflare.com/workers/configuration/compatibility-flags/#nodejs-compatibility-flag");
+	throw err;
+});
+async function getAsyncLocalStorage() {
+	const mod = await AsyncLocalStoragePromise;
+	if (mod === null) throw new Error("getAsyncLocalStorage is only available in server code");
+	else return mod;
+}
+
+//#endregion
+//#region node_modules/.pnpm/@better-auth+core@1.4.7_@better-auth+utils@0.3.0_@better-fetch+fetch@1.1.21_better-call_3563929c6579aa89e38f28ea99bd09aa/node_modules/@better-auth/core/dist/context-DblZrIwO.mjs
+let currentContextAsyncStorage = null;
+const ensureAsyncStorage$2 = async () => {
+	if (!currentContextAsyncStorage) currentContextAsyncStorage = new (await (getAsyncLocalStorage()))();
+	return currentContextAsyncStorage;
+};
+async function runWithEndpointContext(context, fn) {
+	return (await ensureAsyncStorage$2()).run(context, fn);
+}
+
+//#endregion
+//#region node_modules/.pnpm/@better-auth+core@1.4.7_@better-auth+utils@0.3.0_@better-fetch+fetch@1.1.21_better-call_3563929c6579aa89e38f28ea99bd09aa/node_modules/@better-auth/core/dist/api/index.mjs
+const optionsMiddleware = createMiddleware(async () => {
+	/**
+	* This will be passed on the instance of
+	* the context. Used to infer the type
+	* here.
+	*/
+	return {};
+});
+const createAuthMiddleware = createMiddleware.create({ use: [optionsMiddleware, createMiddleware(async () => {
+	return {};
+})] });
+const use = [optionsMiddleware];
+function createAuthEndpoint(pathOrOptions, handlerOrOptions, handlerOrNever) {
+	const path = typeof pathOrOptions === "string" ? pathOrOptions : void 0;
+	const options = typeof handlerOrOptions === "object" ? handlerOrOptions : pathOrOptions;
+	const handler = typeof handlerOrOptions === "function" ? handlerOrOptions : handlerOrNever;
+	if (path) return createEndpoint(path, {
+		...options,
+		use: [...options?.use || [], ...use]
+	}, async (ctx) => runWithEndpointContext(ctx, () => handler(ctx)));
+	return createEndpoint({
+		...options,
+		use: [...options?.use || [], ...use]
+	}, async (ctx) => runWithEndpointContext(ctx, () => handler(ctx)));
+}
+
+//#endregion
+//#region src/utils.ts
+async function getPlans(subscriptionOptions) {
+	if (subscriptionOptions?.enabled) return typeof subscriptionOptions.plans === "function" ? await subscriptionOptions.plans() : subscriptionOptions.plans;
+	throw new Error("Subscriptions are not enabled in the Paystack options.");
+}
+async function getPlanByName(options, name) {
+	return await getPlans(options.subscription).then((plans) => plans?.find((plan) => plan.name.toLowerCase() === name.toLowerCase()));
+}
+
+//#endregion
+//#region src/middleware.ts
+const referenceMiddleware = (subscriptionOptions, action) => createAuthMiddleware(async (ctx) => {
+	const session = ctx.context.session;
+	if (!session) throw new APIError("UNAUTHORIZED");
+	const referenceId = ctx.body?.referenceId || ctx.query?.referenceId || session.user.id;
+	if (referenceId !== session.user.id && !subscriptionOptions.authorizeReference) {
+		logger.error(`Passing referenceId into a subscription action isn't allowed if subscription.authorizeReference isn't defined in your paystack plugin config.`);
+		throw new APIError("BAD_REQUEST", { message: "Passing referenceId isn't allowed without subscription.authorizeReference." });
+	}
+	if (referenceId !== session.user.id && subscriptionOptions.authorizeReference) {
+		if (!await subscriptionOptions.authorizeReference({
+			user: session.user,
+			session,
+			referenceId,
+			action
+		}, ctx)) throw new APIError("UNAUTHORIZED");
+	}
+	return { context: { referenceId } };
+});
+
+//#endregion
+//#region src/paystack-sdk.ts
+function isOpenApiFetchResponse(value) {
+	return value && typeof value === "object" && ("data" in value || "error" in value || "response" in value);
+}
+function unwrapSdkResult(result) {
+	if (isOpenApiFetchResponse(result)) {
+		if (result.error) throw result.error;
+		return result.data;
+	}
+	return result?.data ?? result;
+}
+function getPaystackOps(paystackClient) {
+	return {
+		customerCreate: async (params) => {
+			if (paystackClient?.customer_create) return paystackClient.customer_create({ body: params });
+			return paystackClient?.customer?.create?.(params);
+		},
+		transactionInitialize: async (body) => {
+			if (paystackClient?.transaction_initialize) return paystackClient.transaction_initialize({ body });
+			return paystackClient?.transaction?.initialize?.(body);
+		},
+		transactionVerify: async (reference) => {
+			if (paystackClient?.transaction_verify) return paystackClient.transaction_verify({ params: { path: { reference } } });
+			return paystackClient?.transaction?.verify?.(reference);
+		},
+		subscriptionDisable: async (body) => {
+			if (paystackClient?.subscription_disable) return paystackClient.subscription_disable({ body });
+			return paystackClient?.subscription?.disable?.(body);
+		},
+		subscriptionEnable: async (body) => {
+			if (paystackClient?.subscription_enable) return paystackClient.subscription_enable({ body });
+			return paystackClient?.subscription?.enable?.(body);
+		},
+		subscriptionFetch: async (idOrCode) => {
+			if (paystackClient?.subscription_fetch) try {
+				return await paystackClient.subscription_fetch({ params: { path: { code: idOrCode } } });
+			} catch {
+				return paystackClient.subscription_fetch({ params: { path: { id_or_code: idOrCode } } });
+			}
+			return paystackClient?.subscription?.fetch?.(idOrCode);
+		},
+		subscriptionManageLink: async (code) => {
+			if (paystackClient?.subscription_manage_link) return paystackClient.subscription_manage_link({ params: { path: { code } } });
+			return paystackClient?.subscription?.manage?.link?.(code);
+		}
+	};
+}
+
+//#endregion
+//#region src/routes.ts
+const PAYSTACK_ERROR_CODES = defineErrorCodes({
+	SUBSCRIPTION_NOT_FOUND: "Subscription not found",
+	SUBSCRIPTION_PLAN_NOT_FOUND: "Subscription plan not found",
+	UNABLE_TO_CREATE_CUSTOMER: "Unable to create customer",
+	FAILED_TO_INITIALIZE_TRANSACTION: "Failed to initialize transaction",
+	FAILED_TO_VERIFY_TRANSACTION: "Failed to verify transaction",
+	FAILED_TO_DISABLE_SUBSCRIPTION: "Failed to disable subscription",
+	FAILED_TO_ENABLE_SUBSCRIPTION: "Failed to enable subscription",
+	EMAIL_VERIFICATION_REQUIRED: "Email verification is required before you can subscribe to a plan"
+});
+async function hmacSha512Hex(secret, message) {
+	const encoder = new TextEncoder();
+	const keyData = encoder.encode(secret);
+	const msgData = encoder.encode(message);
+	const subtle = globalThis.crypto?.subtle;
+	if (subtle) {
+		const key = await subtle.importKey("raw", keyData, {
+			name: "HMAC",
+			hash: "SHA-512"
+		}, false, ["sign"]);
+		const signature = await subtle.sign("HMAC", key, msgData);
+		return Array.from(new Uint8Array(signature)).map((b) => b.toString(16).padStart(2, "0")).join("");
+	}
+	const { createHmac } = await import("node:crypto");
+	return createHmac("sha512", secret).update(message).digest("hex");
+}
+const paystackWebhook = (options) => {
+	return createAuthEndpoint("/paystack/webhook", {
+		method: "POST",
+		metadata: {
+			...HIDE_METADATA,
+			openapi: { operationId: "handlePaystackWebhook" }
+		},
+		cloneRequest: true,
+		disableBody: true
+	}, async (ctx) => {
+		const payload = await (ctx.requestClone ?? ctx.request).text();
+		const signature = (ctx.headers ?? ctx.request?.headers)?.get("x-paystack-signature");
+		if (!signature) throw new APIError("UNAUTHORIZED", {
+			message: "Missing x-paystack-signature header",
+			status: 401
+		});
+		if (await hmacSha512Hex(options.paystackWebhookSecret, payload) !== signature) throw new APIError("UNAUTHORIZED", {
+			message: "Invalid Paystack webhook signature",
+			status: 401
+		});
+		const event = JSON.parse(payload);
+		if (options.subscription?.enabled) {
+			const eventName = String(event?.event ?? "");
+			const data = event?.data;
+			try {
+				if (eventName === "subscription.create") {
+					const subscriptionCode = data?.subscription_code ?? data?.subscription?.subscription_code ?? data?.code;
+					const customerCode = data?.customer?.customer_code ?? data?.customer_code ?? data?.customer?.code;
+					const planCode = data?.plan?.plan_code ?? data?.plan_code ?? data?.plan;
+					let metadata = data?.metadata;
+					if (typeof metadata === "string") try {
+						metadata = JSON.parse(metadata);
+					} catch {}
+					const referenceIdFromMetadata = typeof metadata === "object" && metadata ? metadata.referenceId : void 0;
+					let planNameFromMetadata = typeof metadata === "object" && metadata ? metadata.plan : void 0;
+					if (typeof planNameFromMetadata === "string") planNameFromMetadata = planNameFromMetadata.toLowerCase();
+					const plans = await getPlans(options.subscription);
+					const planFromCode = planCode ? plans.find((p) => p.planCode && p.planCode === planCode) : void 0;
+					const planName = (planFromCode?.name ?? planNameFromMetadata)?.toLowerCase();
+					if (subscriptionCode) {
+						const where = [];
+						if (referenceIdFromMetadata) where.push({
+							field: "referenceId",
+							value: referenceIdFromMetadata
+						});
+						else if (customerCode) where.push({
+							field: "paystackCustomerCode",
+							value: customerCode
+						});
+						if (planName) where.push({
+							field: "plan",
+							value: planName
+						});
+						if (where.length > 0) {
+							const subscription = (await ctx.context.adapter.findMany({
+								model: "subscription",
+								where
+							}))?.[0];
+							if (subscription) {
+								await ctx.context.adapter.update({
+									model: "subscription",
+									update: {
+										paystackSubscriptionCode: subscriptionCode,
+										status: "active",
+										updatedAt: /* @__PURE__ */ new Date()
+									},
+									where: [{
+										field: "id",
+										value: subscription.id
+									}]
+								});
+								const plan = planFromCode ?? (planName ? await getPlanByName(options, planName) : void 0);
+								if (plan) await options.subscription.onSubscriptionComplete?.({
+									event,
+									subscription: {
+										...subscription,
+										paystackSubscriptionCode: subscriptionCode,
+										status: "active"
+									},
+									plan
+								}, ctx);
+							}
+						}
+					}
+				}
+				if (eventName === "subscription.disable" || eventName === "subscription.not_renew") {
+					const subscriptionCode = data?.subscription_code ?? data?.subscription?.subscription_code ?? data?.code;
+					if (subscriptionCode) await ctx.context.adapter.update({
+						model: "subscription",
+						update: {
+							status: "canceled",
+							updatedAt: /* @__PURE__ */ new Date()
+						},
+						where: [{
+							field: "paystackSubscriptionCode",
+							value: subscriptionCode
+						}]
+					});
+				}
+			} catch (e) {
+				ctx.context.logger.error("Failed to sync Paystack webhook event", e);
+			}
+		}
+		await options.onEvent?.(event);
+		return ctx.json({ received: true });
+	});
+};
+const initializeTransactionBodySchema = z.object({
+	plan: z.string(),
+	referenceId: z.string().optional(),
+	callbackURL: z.string().optional()
+});
+const initializeTransaction = (options) => {
+	const subscriptionOptions = options.subscription;
+	return createAuthEndpoint("/paystack/transaction/initialize", {
+		method: "POST",
+		body: initializeTransactionBodySchema,
+		use: subscriptionOptions?.enabled ? [
+			sessionMiddleware,
+			originCheck,
+			referenceMiddleware(subscriptionOptions, "initialize-transaction")
+		] : [sessionMiddleware, originCheck]
+	}, async (ctx) => {
+		const paystack$1 = getPaystackOps(options.paystackClient);
+		if (!subscriptionOptions?.enabled) throw new APIError("BAD_REQUEST", { message: "Subscriptions are not enabled in the Paystack options." });
+		const session = await getSessionFromCtx(ctx);
+		if (!session) throw new APIError("UNAUTHORIZED");
+		const user$1 = session.user;
+		const referenceIdFromCtx = ctx.context.referenceId;
+		const referenceId = ctx.body.referenceId || referenceIdFromCtx || session.user.id;
+		if (subscriptionOptions.requireEmailVerification && !user$1.emailVerified) throw new APIError("BAD_REQUEST", {
+			code: PAYSTACK_ERROR_CODES.EMAIL_VERIFICATION_REQUIRED,
+			message: PAYSTACK_ERROR_CODES.EMAIL_VERIFICATION_REQUIRED
+		});
+		const plan = await getPlanByName(options, ctx.body.plan);
+		if (!plan) throw new APIError("BAD_REQUEST", {
+			code: PAYSTACK_ERROR_CODES.SUBSCRIPTION_PLAN_NOT_FOUND,
+			message: PAYSTACK_ERROR_CODES.SUBSCRIPTION_PLAN_NOT_FOUND
+		});
+		if (!plan.planCode && !plan.amount) throw new APIError("BAD_REQUEST", { message: "Paystack transaction initialization requires either plan.planCode (Paystack plan code) or plan.amount (smallest unit)." });
+		let url;
+		let reference;
+		let accessCode;
+		try {
+			const metadata = JSON.stringify({
+				referenceId,
+				userId: user$1.id,
+				plan: plan.name.toLowerCase()
+			});
+			const initBody = {
+				email: user$1.email,
+				callback_url: ctx.body.callbackURL,
+				currency: plan.currency,
+				plan: plan.planCode,
+				invoice_limit: plan.invoiceLimit,
+				metadata
+			};
+			if (!plan.planCode && plan.amount) initBody.amount = String(plan.amount);
+			const initRes = unwrapSdkResult(await paystack$1.transactionInitialize(initBody));
+			const data = initRes && typeof initRes === "object" && "status" in initRes && "data" in initRes ? initRes.data : initRes?.data ?? initRes;
+			url = data?.authorization_url;
+			reference = data?.reference;
+			accessCode = data?.access_code;
+		} catch (error) {
+			ctx.context.logger.error("Failed to initialize Paystack transaction", error);
+			throw new APIError("BAD_REQUEST", {
+				code: PAYSTACK_ERROR_CODES.FAILED_TO_INITIALIZE_TRANSACTION,
+				message: error?.message || PAYSTACK_ERROR_CODES.FAILED_TO_INITIALIZE_TRANSACTION
+			});
+		}
+		const paystackCustomerCode = user$1.paystackCustomerCode;
+		await ctx.context.adapter.create({
+			model: "subscription",
+			data: {
+				plan: plan.name.toLowerCase(),
+				referenceId,
+				paystackCustomerCode,
+				paystackTransactionReference: reference,
+				status: "incomplete"
+			}
+		});
+		return ctx.json({
+			url,
+			reference,
+			accessCode,
+			redirect: true
+		});
+	});
+};
+const verifyTransaction = (options) => {
+	const verifyQuerySchema = z.object({ reference: z.string() });
+	const subscriptionOptions = options.subscription;
+	return createAuthEndpoint("/paystack/transaction/verify", {
+		method: "GET",
+		query: verifyQuerySchema,
+		use: subscriptionOptions?.enabled ? [
+			sessionMiddleware,
+			originCheck,
+			referenceMiddleware(subscriptionOptions, "verify-transaction")
+		] : [sessionMiddleware, originCheck]
+	}, async (ctx) => {
+		const paystack$1 = getPaystackOps(options.paystackClient);
+		let verifyRes;
+		try {
+			verifyRes = unwrapSdkResult(await paystack$1.transactionVerify(ctx.query.reference));
+		} catch (error) {
+			ctx.context.logger.error("Failed to verify Paystack transaction", error);
+			throw new APIError("BAD_REQUEST", {
+				code: PAYSTACK_ERROR_CODES.FAILED_TO_VERIFY_TRANSACTION,
+				message: error?.message || PAYSTACK_ERROR_CODES.FAILED_TO_VERIFY_TRANSACTION
+			});
+		}
+		const data = verifyRes && typeof verifyRes === "object" && "status" in verifyRes && "data" in verifyRes ? verifyRes.data : verifyRes?.data ?? verifyRes;
+		const status = data?.status;
+		const reference = data?.reference ?? ctx.query.reference;
+		if (status === "success") try {
+			await ctx.context.adapter.update({
+				model: "subscription",
+				update: {
+					status: "active",
+					periodStart: /* @__PURE__ */ new Date(),
+					updatedAt: /* @__PURE__ */ new Date()
+				},
+				where: [{
+					field: "paystackTransactionReference",
+					value: reference
+				}]
+			});
+		} catch (e) {
+			ctx.context.logger.error("Failed to update subscription after transaction verification", e);
+		}
+		return ctx.json({
+			status,
+			reference,
+			data
+		});
+	});
+};
+const listSubscriptions = (options) => {
+	const listQuerySchema = z.object({ referenceId: z.string().optional() });
+	const subscriptionOptions = options.subscription;
+	return createAuthEndpoint("/paystack/subscription/list-local", {
+		method: "GET",
+		query: listQuerySchema,
+		use: subscriptionOptions?.enabled ? [
+			sessionMiddleware,
+			originCheck,
+			referenceMiddleware(subscriptionOptions, "list-subscriptions")
+		] : [sessionMiddleware, originCheck]
+	}, async (ctx) => {
+		if (!subscriptionOptions?.enabled) throw new APIError("BAD_REQUEST", { message: "Subscriptions are not enabled in the Paystack options." });
+		const session = await getSessionFromCtx(ctx);
+		if (!session) throw new APIError("UNAUTHORIZED");
+		const referenceId = ctx.context.referenceId ?? ctx.query?.referenceId ?? session.user.id;
+		const res = await ctx.context.adapter.findMany({
+			model: "subscription",
+			where: [{
+				field: "referenceId",
+				value: referenceId
+			}]
+		});
+		return ctx.json({ subscriptions: res });
+	});
+};
+const enableDisableBodySchema = z.object({
+	referenceId: z.string().optional(),
+	subscriptionCode: z.string(),
+	emailToken: z.string().optional()
+});
+function decodeBase64UrlToString(value) {
+	const normalized = value.replace(/-/g, "+").replace(/_/g, "/");
+	const padded = normalized + "===".slice((normalized.length + 3) % 4);
+	if (typeof globalThis.atob === "function") return globalThis.atob(padded);
+	return Buffer.from(padded, "base64").toString("utf8");
+}
+function tryGetEmailTokenFromSubscriptionManageLink(link) {
+	try {
+		const subscriptionToken = new URL(link).searchParams.get("subscription_token");
+		if (!subscriptionToken) return void 0;
+		const parts = subscriptionToken.split(".");
+		if (parts.length < 2) return void 0;
+		const payloadJson = decodeBase64UrlToString(parts[1]);
+		const payload = JSON.parse(payloadJson);
+		return typeof payload?.email_token === "string" ? payload.email_token : void 0;
+	} catch {
+		return;
+	}
+}
+const disablePaystackSubscription = (options) => {
+	const subscriptionOptions = options.subscription;
+	return createAuthEndpoint("/paystack/subscription/disable", {
+		method: "POST",
+		body: enableDisableBodySchema,
+		use: subscriptionOptions?.enabled ? [
+			sessionMiddleware,
+			originCheck,
+			referenceMiddleware(subscriptionOptions, "disable-subscription")
+		] : [sessionMiddleware, originCheck]
+	}, async (ctx) => {
+		const { subscriptionCode } = ctx.body;
+		const paystack$1 = getPaystackOps(options.paystackClient);
+		try {
+			let emailToken = ctx.body.emailToken;
+			if (!emailToken) try {
+				const fetchRes = unwrapSdkResult(await paystack$1.subscriptionFetch(subscriptionCode));
+				emailToken = (fetchRes && typeof fetchRes === "object" && "status" in fetchRes && "data" in fetchRes ? fetchRes.data : fetchRes?.data ?? fetchRes)?.email_token;
+			} catch {}
+			if (!emailToken) try {
+				const linkRes = unwrapSdkResult(await paystack$1.subscriptionManageLink(subscriptionCode));
+				const link = (linkRes && typeof linkRes === "object" && "status" in linkRes && "data" in linkRes ? linkRes.data : linkRes?.data ?? linkRes)?.link;
+				if (typeof link === "string") emailToken = tryGetEmailTokenFromSubscriptionManageLink(link);
+			} catch {}
+			if (!emailToken) throw new APIError("BAD_REQUEST", { message: "Missing emailToken. Provide it explicitly or ensure your server can fetch it from Paystack using the subscription code." });
+			const result = unwrapSdkResult(await paystack$1.subscriptionDisable({
+				code: subscriptionCode,
+				token: emailToken
+			}));
+			return ctx.json({ result });
+		} catch (error) {
+			ctx.context.logger.error("Failed to disable Paystack subscription", error);
+			throw new APIError("BAD_REQUEST", {
+				code: PAYSTACK_ERROR_CODES.FAILED_TO_DISABLE_SUBSCRIPTION,
+				message: error?.message || PAYSTACK_ERROR_CODES.FAILED_TO_DISABLE_SUBSCRIPTION
+			});
+		}
+	});
+};
+const enablePaystackSubscription = (options) => {
+	const subscriptionOptions = options.subscription;
+	return createAuthEndpoint("/paystack/subscription/enable", {
+		method: "POST",
+		body: enableDisableBodySchema,
+		use: subscriptionOptions?.enabled ? [
+			sessionMiddleware,
+			originCheck,
+			referenceMiddleware(subscriptionOptions, "enable-subscription")
+		] : [sessionMiddleware, originCheck]
+	}, async (ctx) => {
+		const { subscriptionCode } = ctx.body;
+		const paystack$1 = getPaystackOps(options.paystackClient);
+		try {
+			let emailToken = ctx.body.emailToken;
+			if (!emailToken) try {
+				const fetchRes = unwrapSdkResult(await paystack$1.subscriptionFetch(subscriptionCode));
+				emailToken = (fetchRes && typeof fetchRes === "object" && "status" in fetchRes && "data" in fetchRes ? fetchRes.data : fetchRes?.data ?? fetchRes)?.email_token;
+			} catch {}
+			if (!emailToken) try {
+				const linkRes = unwrapSdkResult(await paystack$1.subscriptionManageLink(subscriptionCode));
+				const link = (linkRes && typeof linkRes === "object" && "status" in linkRes && "data" in linkRes ? linkRes.data : linkRes?.data ?? linkRes)?.link;
+				if (typeof link === "string") emailToken = tryGetEmailTokenFromSubscriptionManageLink(link);
+			} catch {}
+			if (!emailToken) throw new APIError("BAD_REQUEST", { message: "Missing emailToken. Provide it explicitly or ensure your server can fetch it from Paystack using the subscription code." });
+			const result = unwrapSdkResult(await paystack$1.subscriptionEnable({
+				code: subscriptionCode,
+				token: emailToken
+			}));
+			return ctx.json({ result });
+		} catch (error) {
+			ctx.context.logger.error("Failed to enable Paystack subscription", error);
+			throw new APIError("BAD_REQUEST", {
+				code: PAYSTACK_ERROR_CODES.FAILED_TO_ENABLE_SUBSCRIPTION,
+				message: error?.message || PAYSTACK_ERROR_CODES.FAILED_TO_ENABLE_SUBSCRIPTION
+			});
+		}
+	});
+};
+
+//#endregion
+//#region src/schema.ts
+const subscriptions = { subscription: { fields: {
+	plan: {
+		type: "string",
+		required: true
+	},
+	referenceId: {
+		type: "string",
+		required: true
+	},
+	paystackCustomerCode: {
+		type: "string",
+		required: false
+	},
+	paystackSubscriptionCode: {
+		type: "string",
+		required: false
+	},
+	paystackTransactionReference: {
+		type: "string",
+		required: false
+	},
+	status: {
+		type: "string",
+		defaultValue: "incomplete"
+	},
+	periodStart: {
+		type: "date",
+		required: false
+	},
+	periodEnd: {
+		type: "date",
+		required: false
+	},
+	trialStart: {
+		type: "date",
+		required: false
+	},
+	trialEnd: {
+		type: "date",
+		required: false
+	},
+	cancelAtPeriodEnd: {
+		type: "boolean",
+		required: false,
+		defaultValue: false
+	},
+	groupId: {
+		type: "string",
+		required: false
+	},
+	seats: {
+		type: "number",
+		required: false
+	}
+} } };
+const user = { user: { fields: { paystackCustomerCode: {
+	type: "string",
+	required: false
+} } } };
+const getSchema = (options) => {
+	let baseSchema;
+	if (options.subscription?.enabled) baseSchema = {
+		...subscriptions,
+		...user
+	};
+	else baseSchema = { ...user };
+	if (options.schema && !options.subscription?.enabled && "subscription" in options.schema) {
+		const { subscription: _subscription, ...restSchema } = options.schema;
+		return mergeSchema(baseSchema, restSchema);
+	}
+	return mergeSchema(baseSchema, options.schema);
+};
+
+//#endregion
+//#region src/index.ts
+const INTERNAL_ERROR_CODES = defineErrorCodes({ ...PAYSTACK_ERROR_CODES });
+const paystack = (options) => {
+	const baseEndpoints = { paystackWebhook: paystackWebhook(options) };
+	const subscriptionEnabledEndpoints = {
+		...baseEndpoints,
+		initializeTransaction: initializeTransaction(options),
+		verifyTransaction: verifyTransaction(options),
+		listSubscriptions: listSubscriptions(options),
+		disablePaystackSubscription: disablePaystackSubscription(options),
+		enablePaystackSubscription: enablePaystackSubscription(options)
+	};
+	return {
+		id: "paystack",
+		endpoints: options.subscription?.enabled ? subscriptionEnabledEndpoints : baseEndpoints,
+		init(ctx) {
+			return { options: { databaseHooks: { user: { create: { async after(user$1, hookCtx) {
+				if (!hookCtx || !options.createCustomerOnSignUp) return;
+				try {
+					const firstName = user$1.name?.split(" ")[0];
+					const lastName = user$1.name?.split(" ").slice(1).join(" ") || void 0;
+					const extraCreateParams = options.getCustomerCreateParams ? await options.getCustomerCreateParams(user$1, hookCtx) : {};
+					const params = defu({
+						email: user$1.email,
+						first_name: firstName,
+						last_name: lastName,
+						metadata: { userId: user$1.id }
+					}, extraCreateParams);
+					const res = unwrapSdkResult(await getPaystackOps(options.paystackClient).customerCreate(params));
+					const paystackCustomer = res && typeof res === "object" && "status" in res && "data" in res ? res.data : res?.data ?? res;
+					const customerCode = paystackCustomer?.customer_code;
+					if (!customerCode) return;
+					await hookCtx.context.internalAdapter.updateUser(user$1.id, { paystackCustomerCode: customerCode });
+					await options.onCustomerCreate?.({
+						paystackCustomer,
+						user: {
+							...user$1,
+							paystackCustomerCode: customerCode
+						}
+					}, hookCtx);
+				} catch (e) {
+					hookCtx.context.logger.error(`Failed to create Paystack customer: ${e?.message || "Unknown error"}`, e);
+				}
+			} } } } } };
+		},
+		schema: getSchema(options),
+		$ERROR_CODES: INTERNAL_ERROR_CODES
+	};
+};
+
+//#endregion
+export { paystack };
+//# sourceMappingURL=index.mjs.map