@ascendkit/nextjs 0.2.7 → 0.3.1

package/dist/index.d.ts

@@ -1,4 +1,4 @@
-export { AscendKitAuth, createAscendKitAuthRuntime, createAscendKitAdapter, createAccessTokenHandler, Analytics, } from "./server";
+export { AscendKitAuth, createAscendKitAuthRuntime, createAuthRouteHandlers, createAscendKitAdapter, createAccessTokenHandler, Analytics, } from "./server";
 export type { AscendKitAuthOptions, AscendKitSession, AscendKitUser, BrandingConfig } from "./shared/types";
 export { AscendKitProvider, useAscendKitContext, useAscendKit, useAuthModal, useAccessToken, useSessions, useUser, useAnalytics, verifyEmail } from "./client";
 export { Login, SignUp, EmailVerification, ForgotPassword, ResetPassword, SocialButton, AscendKitAuthCard, AuthModal, SignInButton, SignUpButton, AscendKitUserButton, type AscendKitUserButtonProps, BrandingBadge, } from "./components";

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EACL,aAAa,EACb,0BAA0B,EAC1B,sBAAsB,EACtB,wBAAwB,EACxB,SAAS,GACV,MAAM,UAAU,CAAC;AAClB,YAAY,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAG5G,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,YAAY,EAAE,YAAY,EAAE,cAAc,EAAE,WAAW,EAAE,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAG/J,OAAO,EACL,KAAK,EACL,MAAM,EACN,iBAAiB,EACjB,cAAc,EACd,aAAa,EACb,YAAY,EACZ,iBAAiB,EACjB,SAAS,EACT,YAAY,EACZ,YAAY,EACZ,mBAAmB,EACnB,KAAK,wBAAwB,EAC7B,aAAa,GACd,MAAM,cAAc,CAAC;AAGtB,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EACL,aAAa,EACb,0BAA0B,EAC1B,uBAAuB,EACvB,sBAAsB,EACtB,wBAAwB,EACxB,SAAS,GACV,MAAM,UAAU,CAAC;AAClB,YAAY,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAG5G,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,YAAY,EAAE,YAAY,EAAE,cAAc,EAAE,WAAW,EAAE,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAG/J,OAAO,EACL,KAAK,EACL,MAAM,EACN,iBAAiB,EACjB,cAAc,EACd,aAAa,EACb,YAAY,EACZ,iBAAiB,EACjB,SAAS,EACT,YAAY,EACZ,YAAY,EACZ,mBAAmB,EACnB,KAAK,wBAAwB,EAC7B,aAAa,GACd,MAAM,cAAc,CAAC;AAGtB,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC"}

package/dist/index.js

@@ -1,5 +1,5 @@
 // Server
-export { AscendKitAuth, createAscendKitAuthRuntime, createAscendKitAdapter, createAccessTokenHandler, Analytics, } from "./server";
+export { AscendKitAuth, createAscendKitAuthRuntime, createAuthRouteHandlers, createAscendKitAdapter, createAccessTokenHandler, Analytics, } from "./server";
 // Client
 export { AscendKitProvider, useAscendKitContext, useAscendKit, useAuthModal, useAccessToken, useSessions, useUser, useAnalytics, verifyEmail } from "./client";
 // Components

package/dist/server/access-token.d.ts

@@ -8,7 +8,7 @@ interface AccessTokenHandlerOptions {
     apiUrl?: string;
 }
 /**
- * Create a Next.js route handler that exchanges a Better Auth session
+ * Create a Next.js route handler that exchanges an AscendKit auth session
  * for a short-lived RS256 access token.
  *
  * The access token can be verified by any backend using AscendKit's JWKS

package/dist/server/access-token.js

@@ -1,6 +1,6 @@
 import { DEFAULT_API_URL } from "../shared/constants";
 /**
- * Create a Next.js route handler that exchanges a Better Auth session
+ * Create a Next.js route handler that exchanges an AscendKit auth session
  * for a short-lived RS256 access token.
  *
  * The access token can be verified by any backend using AscendKit's JWKS
@@ -36,7 +36,7 @@ export function createAccessTokenHandler(options) {
                     error: "Server misconfiguration: missing AscendKit public key in createAccessTokenHandler",
                 }, { status: 500 });
             }
-            // Read session via Better Auth (handles cookies internally)
+            // Read session via the AscendKit auth runtime (handles cookies internally)
             let session;
             try {
                 session = await authRuntime.getSession(req.headers);

package/dist/server/ascendkit-auth.d.ts

@@ -1,14 +1,14 @@
 import type { AscendKitAuthOptions, AuthConfig } from "../shared/types";
 import type { BetterAuthPlugin } from "better-auth";
 /**
- * Pre-configured Better Auth setup for AscendKit.
+ * Pre-configured auth setup for AscendKit.
  *
  * NOTE: This helper builds a static auth instance. For runtime hot-reload
  * behavior (no server restarts when auth settings change), use
  * createAscendKitAuthRuntime() instead.
  *
  * Fetches auth config (enabled providers, OAuth credentials, features)
- * from the AscendKit backend and returns a fully configured Better Auth instance.
+ * from the AscendKit backend and returns a fully configured auth instance.
  * Email callbacks route through AscendKit's content service + SES for delivery.
  *
  * Usage:
@@ -26,15 +26,22 @@ import type { BetterAuthPlugin } from "better-auth";
  * ```ts
  * // app/api/auth/[...all]/route.ts
  * import { auth } from "@/lib/auth";
- * import { toNextJsHandler } from "@ascendkit/nextjs/server";
- * export const { GET, POST } = toNextJsHandler(auth.handler);
+ * import { createAuthRouteHandlers } from "@ascendkit/nextjs/server";
+ * export const { GET, POST } = createAuthRouteHandlers(auth);
  * ```
  */
 export declare function AscendKitAuth(options?: AscendKitAuthOptions): Promise<import("better-auth").Auth<{
+    baseURL: string | {
+        allowedHosts: string[];
+        fallback?: string;
+    } | undefined;
     database: import("better-auth/adapters").AdapterFactory<import("better-auth").BetterAuthOptions>;
     emailAndPassword: {
         enabled: false;
     };
+    advanced: {
+        trustedProxyHeaders: boolean | undefined;
+    };
 }> | import("better-auth").Auth<{
     plugins?: BetterAuthPlugin[] | undefined;
     socialProviders: Record<string, {
@@ -48,6 +55,9 @@ export declare function AscendKitAuth(options?: AscendKitAuthOptions): Promise<i
             maxAge: number;
         };
     };
+    advanced: {
+        trustedProxyHeaders: boolean | undefined;
+    };
     emailVerification?: {
         sendVerificationEmail: (data: {
             user: {
@@ -58,6 +68,10 @@ export declare function AscendKitAuth(options?: AscendKitAuthOptions): Promise<i
         }) => Promise<void>;
         sendOnSignUp: boolean;
     } | undefined;
+    baseURL: string | {
+        allowedHosts: string[];
+        fallback?: string;
+    } | undefined;
     database: import("better-auth/adapters").AdapterFactory<import("better-auth").BetterAuthOptions>;
     emailAndPassword: {
         sendResetPassword?: ((data: {
@@ -71,17 +85,27 @@ export declare function AscendKitAuth(options?: AscendKitAuthOptions): Promise<i
         enabled: boolean;
     };
 }>>;
-export declare function createDisabledAuth(publicKey: string, apiUrl: string, secretKey?: string): import("better-auth").Auth<{
+export declare function createDisabledAuth(publicKey: string, apiUrl: string, secretKey?: string, options?: Pick<AscendKitAuthOptions, "appBaseUrl" | "allowedHosts" | "trustedProxyHeaders">): import("better-auth").Auth<{
+    baseURL: string | {
+        allowedHosts: string[];
+        fallback?: string;
+    } | undefined;
     database: import("better-auth/adapters").AdapterFactory<import("better-auth").BetterAuthOptions>;
     emailAndPassword: {
         enabled: false;
     };
+    advanced: {
+        trustedProxyHeaders: boolean | undefined;
+    };
 }>;
 export declare function buildAscendKitAuthFromConfig(args: {
     publicKey: string;
     secretKey?: string;
     apiUrl: string;
     config: AuthConfig;
+    appBaseUrl?: string;
+    allowedHosts?: string[];
+    trustedProxyHeaders?: boolean;
     waitlistRedirectPath?: string;
     rejectedRedirectPath?: string;
 }): Promise<import("better-auth").Auth<{
@@ -97,6 +121,9 @@ export declare function buildAscendKitAuthFromConfig(args: {
             maxAge: number;
         };
     };
+    advanced: {
+        trustedProxyHeaders: boolean | undefined;
+    };
     emailVerification?: {
         sendVerificationEmail: (data: {
             user: {
@@ -107,6 +134,10 @@ export declare function buildAscendKitAuthFromConfig(args: {
         }) => Promise<void>;
         sendOnSignUp: boolean;
     } | undefined;
+    baseURL: string | {
+        allowedHosts: string[];
+        fallback?: string;
+    } | undefined;
     database: import("better-auth/adapters").AdapterFactory<import("better-auth").BetterAuthOptions>;
     emailAndPassword: {
         sendResetPassword?: ((data: {

package/dist/server/ascendkit-auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ascendkit-auth.d.ts","sourceRoot":"","sources":["../../src/server/ascendkit-auth.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,oBAAoB,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAExE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEpD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,wBAAsB,aAAa,CAAC,OAAO,GAAE,oBAAyB;;;;;;;;;;;;;;;;;;;sCA0G1B;YAAE,IAAI,EAAE;gBAAE,IAAI,EAAE,MAAM,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAA;aAAE,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE;;;;;oCARxD;YAAE,IAAI,EAAE;gBAAE,IAAI,EAAE,MAAM,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAA;aAAE,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE;;;;IA5E/F;AAED,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM;;;;;GAMvF;AAED,wBAAsB,4BAA4B,CAAC,IAAI,EAAE;IACvD,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,UAAU,CAAC;IACnB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B;;;;;;;;;;;;;;sCAmE2C;YAAE,IAAI,EAAE;gBAAE,IAAI,EAAE,MAAM,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAA;aAAE,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE;;;;;oCARxD;YAAE,IAAI,EAAE;gBAAE,IAAI,EAAE,MAAM,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAA;aAAE,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE;;;;IAwB/F"}
+{"version":3,"file":"ascendkit-auth.d.ts","sourceRoot":"","sources":["../../src/server/ascendkit-auth.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,oBAAoB,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAExE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAGpD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,wBAAsB,aAAa,CAAC,OAAO,GAAE,oBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;sCAiI1B;YAAE,IAAI,EAAE;gBAAE,IAAI,EAAE,MAAM,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAA;aAAE,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE;;;;;;;;;oCARxD;YAAE,IAAI,EAAE;gBAAE,IAAI,EAAE,MAAM,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAA;aAAE,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE;;;;IAhG/F;AAED,wBAAgB,kBAAkB,CAChC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,CAAC,EAAE,MAAM,EAClB,OAAO,GAAE,IAAI,CAAC,oBAAoB,EAAE,YAAY,GAAG,cAAc,GAAG,qBAAqB,CAAM;;;;;;;;;;;;GAWhG;AAED,wBAAsB,4BAA4B,CAAC,IAAI,EAAE;IACvD,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,UAAU,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B;;;;;;;;;;;;;;;;;sCA2E2C;YAAE,IAAI,EAAE;gBAAE,IAAI,EAAE,MAAM,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAA;aAAE,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE;;;;;;;;;oCARxD;YAAE,IAAI,EAAE;gBAAE,IAAI,EAAE,MAAM,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAA;aAAE,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE;;;;IA2B/F"}

package/dist/server/ascendkit-auth.js

@@ -5,15 +5,16 @@ import { buildSocialProviders } from "./social-providers";
 import { createEmailSender } from "./email-sender";
 import { ascendkitOAuthProxyPlugin } from "./oauth-proxy-plugin";
 import { DEFAULT_API_URL } from "../shared/constants";
+import { resolveAscendKitBaseUrlConfig } from "./base-url";
 /**
- * Pre-configured Better Auth setup for AscendKit.
+ * Pre-configured auth setup for AscendKit.
  *
  * NOTE: This helper builds a static auth instance. For runtime hot-reload
  * behavior (no server restarts when auth settings change), use
  * createAscendKitAuthRuntime() instead.
  *
  * Fetches auth config (enabled providers, OAuth credentials, features)
- * from the AscendKit backend and returns a fully configured Better Auth instance.
+ * from the AscendKit backend and returns a fully configured auth instance.
  * Email callbacks route through AscendKit's content service + SES for delivery.
  *
  * Usage:
@@ -31,8 +32,8 @@ import { DEFAULT_API_URL } from "../shared/constants";
  * ```ts
  * // app/api/auth/[...all]/route.ts
  * import { auth } from "@/lib/auth";
- * import { toNextJsHandler } from "@ascendkit/nextjs/server";
- * export const { GET, POST } = toNextJsHandler(auth.handler);
+ * import { createAuthRouteHandlers } from "@ascendkit/nextjs/server";
+ * export const { GET, POST } = createAuthRouteHandlers(auth);
  * ```
  */
 export async function AscendKitAuth(options = {}) {
@@ -46,26 +47,33 @@ export async function AscendKitAuth(options = {}) {
     catch (err) {
         console.error("[AscendKit] Failed to fetch auth config:", err instanceof Error ? err.message : err);
         console.error("[AscendKit] Auth routes will operate with no providers until config is available.");
-        return createDisabledAuth(publicKey, apiUrl, secretKey);
+        return createDisabledAuth(publicKey, apiUrl, secretKey, options);
     }
     return buildAscendKitAuthFromConfig({
         publicKey,
         secretKey,
         apiUrl,
         config,
+        appBaseUrl: options.appBaseUrl,
+        allowedHosts: options.allowedHosts,
+        trustedProxyHeaders: options.trustedProxyHeaders,
         waitlistRedirectPath: options.waitlistRedirectPath,
         rejectedRedirectPath: options.rejectedRedirectPath,
     });
 }
-export function createDisabledAuth(publicKey, apiUrl, secretKey) {
+export function createDisabledAuth(publicKey, apiUrl, secretKey, options = {}) {
     const adapter = createAscendKitAdapter(publicKey, apiUrl, secretKey);
     return betterAuth({
+        baseURL: resolveAscendKitBaseUrlConfig(options),
         database: adapter,
         emailAndPassword: { enabled: false },
+        advanced: {
+            trustedProxyHeaders: options.trustedProxyHeaders,
+        },
     });
 }
 export async function buildAscendKitAuthFromConfig(args) {
-    const { publicKey, secretKey, apiUrl, config, waitlistRedirectPath, rejectedRedirectPath, } = args;
+    const { publicKey, secretKey, apiUrl, config, appBaseUrl, allowedHosts, trustedProxyHeaders, waitlistRedirectPath, rejectedRedirectPath, } = args;
     const adapter = createAscendKitAdapter(publicKey, apiUrl, secretKey);
     const proxyProviders = Object.entries(config.oauth)
         .filter(([, creds]) => creds.flowType === "proxy")
@@ -102,6 +110,11 @@ export async function buildAscendKitAuthFromConfig(args) {
     const sessionMaxAge = parseSessionDuration(config.sessionDuration);
     const credentialsEnabled = config.providers.includes("credentials") && !magicLinkEnabled;
     return betterAuth({
+        baseURL: resolveAscendKitBaseUrlConfig({
+            appBaseUrl,
+            allowedHosts,
+            trustedProxyHeaders,
+        }),
         database: adapter,
         emailAndPassword: {
             enabled: credentialsEnabled,
@@ -130,6 +143,9 @@ export async function buildAscendKitAuthFromConfig(args) {
                 maxAge: 5 * 60, // 5 minutes — auth'd requests skip the adapter
             },
         },
+        advanced: {
+            trustedProxyHeaders,
+        },
         ...(plugins.length > 0 && { plugins }),
     });
 }

package/dist/server/auth-runtime.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth-runtime.d.ts","sourceRoot":"","sources":["../../src/server/auth-runtime.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAM5D,KAAK,kBAAkB,GAAG,UAAU,CAAC,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;AAC7D,KAAK,aAAa,GAAG,OAAO,CAAC,UAAU,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;AAOlF,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;IACjD,UAAU,EAAE,CAAC,OAAO,EAAE,WAAW,KAAK,OAAO,CAAC,aAAa,CAAC,CAAC;IAC7D,OAAO,EAAE,MAAM,OAAO,CAAC,kBAAkB,CAAC,CAAC;CAC5C;AA8BD,wBAAgB,0BAA0B,CAAC,OAAO,GAAE,oBAAyB,GAAG,oBAAoB,CA2HnG"}
+{"version":3,"file":"auth-runtime.d.ts","sourceRoot":"","sources":["../../src/server/auth-runtime.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAM5D,KAAK,kBAAkB,GAAG,UAAU,CAAC,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;AAC7D,KAAK,aAAa,GAAG,OAAO,CAAC,UAAU,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;AAOlF,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;IACjD,UAAU,EAAE,CAAC,OAAO,EAAE,WAAW,KAAK,OAAO,CAAC,aAAa,CAAC,CAAC;IAC7D,OAAO,EAAE,MAAM,OAAO,CAAC,kBAAkB,CAAC,CAAC;CAC5C;AA8BD,wBAAgB,0BAA0B,CAAC,OAAO,GAAE,oBAAyB,GAAG,oBAAoB,CA8HnG"}

package/dist/server/auth-runtime.js

@@ -52,14 +52,14 @@ export function createAscendKitAuthRuntime(options = {}) {
                     }
                     console.info("[AscendKit runtime] config_refresh_outcome=hit_304");
                     if (!currentAuth) {
-                        currentAuth = createDisabledAuth(publicKey, apiUrl, secretKey);
+                        currentAuth = createDisabledAuth(publicKey, apiUrl, secretKey, options);
                     }
                     return;
                 }
                 if (!result.config) {
                     console.warn("[AscendKit runtime] config_refresh_outcome=cold_fail reason=missing_config");
                     if (!currentAuth) {
-                        currentAuth = createDisabledAuth(publicKey, apiUrl, secretKey);
+                        currentAuth = createDisabledAuth(publicKey, apiUrl, secretKey, options);
                     }
                     return;
                 }
@@ -68,6 +68,9 @@ export function createAscendKitAuthRuntime(options = {}) {
                     secretKey,
                     apiUrl,
                     config: result.config,
+                    appBaseUrl: options.appBaseUrl,
+                    allowedHosts: options.allowedHosts,
+                    trustedProxyHeaders: options.trustedProxyHeaders,
                     waitlistRedirectPath: options.waitlistRedirectPath,
                     rejectedRedirectPath: options.rejectedRedirectPath,
                 });
@@ -84,7 +87,7 @@ export function createAscendKitAuthRuntime(options = {}) {
             catch (err) {
                 console.warn("[AscendKit runtime] config_refresh_outcome=fallback_last_known_good", err instanceof Error ? err.message : err);
                 if (!currentAuth) {
-                    currentAuth = createDisabledAuth(publicKey, apiUrl, secretKey);
+                    currentAuth = createDisabledAuth(publicKey, apiUrl, secretKey, options);
                 }
             }
         })();
@@ -97,7 +100,7 @@ export function createAscendKitAuthRuntime(options = {}) {
     async function getAuth() {
         await refreshAuth();
         if (!currentAuth) {
-            currentAuth = createDisabledAuth(publicKey, apiUrl, secretKey);
+            currentAuth = createDisabledAuth(publicKey, apiUrl, secretKey, options);
         }
         return currentAuth;
     }

package/dist/server/base-url.d.ts

@@ -0,0 +1,8 @@
+import type { AscendKitAuthOptions } from "../shared/types";
+type BaseUrlConfig = string | {
+    allowedHosts: string[];
+    fallback?: string;
+} | undefined;
+export declare function resolveAscendKitBaseUrlConfig(options: AscendKitAuthOptions): BaseUrlConfig;
+export {};
+//# sourceMappingURL=base-url.d.ts.map

package/dist/server/base-url.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"base-url.d.ts","sourceRoot":"","sources":["../../src/server/base-url.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAE5D,KAAK,aAAa,GACd,MAAM,GACN;IACA,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,GACC,SAAS,CAAC;AAqFd,wBAAgB,6BAA6B,CAAC,OAAO,EAAE,oBAAoB,GAAG,aAAa,CA6B1F"}

package/dist/server/base-url.js

@@ -0,0 +1,95 @@
+const loggedMessages = new Set();
+function logBaseUrlResolution(message) {
+    if (loggedMessages.has(message))
+        return;
+    console.info(`[AscendKit] ${message}`);
+    loggedMessages.add(message);
+}
+function normalizeOrigin(url) {
+    const candidate = url.startsWith("http://") || url.startsWith("https://")
+        ? url
+        : `https://${url}`;
+    try {
+        return new URL(candidate).origin;
+    }
+    catch {
+        return null;
+    }
+}
+function normalizeHost(host) {
+    const origin = normalizeOrigin(host);
+    if (!origin)
+        return null;
+    try {
+        return new URL(origin).host;
+    }
+    catch {
+        return null;
+    }
+}
+function parseAllowedHosts(value) {
+    if (!value)
+        return [];
+    return value
+        .split(",")
+        .map((entry) => entry.trim())
+        .filter(Boolean)
+        .map((entry) => normalizeHost(entry) ?? entry)
+        .filter(Boolean);
+}
+function unique(values) {
+    return [...new Set(values.filter((value) => Boolean(value)))];
+}
+function pickBaseUrlSource(options) {
+    if (options.appBaseUrl) {
+        return { source: "options.appBaseUrl", value: options.appBaseUrl };
+    }
+    if (process.env.ASCENDKIT_APP_URL) {
+        return { source: "ASCENDKIT_APP_URL", value: process.env.ASCENDKIT_APP_URL };
+    }
+    if (process.env.NEXT_PUBLIC_ASCENDKIT_APP_URL) {
+        return {
+            source: "NEXT_PUBLIC_ASCENDKIT_APP_URL",
+            value: process.env.NEXT_PUBLIC_ASCENDKIT_APP_URL,
+        };
+    }
+    if (process.env.APP_URL) {
+        return { source: "APP_URL", value: process.env.APP_URL };
+    }
+    if (process.env.NEXT_PUBLIC_APP_URL) {
+        return { source: "NEXT_PUBLIC_APP_URL", value: process.env.NEXT_PUBLIC_APP_URL };
+    }
+    if (process.env.VERCEL_URL) {
+        return { source: "VERCEL_URL", value: `https://${process.env.VERCEL_URL}` };
+    }
+    return null;
+}
+function pickAllowedHosts(options) {
+    if (options.allowedHosts && options.allowedHosts.length > 0) {
+        return { source: "options.allowedHosts", values: options.allowedHosts };
+    }
+    const envHosts = parseAllowedHosts(process.env.ASCENDKIT_ALLOWED_HOSTS);
+    if (envHosts.length > 0) {
+        return { source: "ASCENDKIT_ALLOWED_HOSTS", values: envHosts };
+    }
+    return null;
+}
+export function resolveAscendKitBaseUrlConfig(options) {
+    const explicitBaseUrl = pickBaseUrlSource(options);
+    if (explicitBaseUrl) {
+        const staticBaseUrl = normalizeOrigin(explicitBaseUrl.value);
+        if (staticBaseUrl) {
+            logBaseUrlResolution(`base_url_resolution source=${explicitBaseUrl.source} using=${staticBaseUrl}`);
+            return staticBaseUrl;
+        }
+        logBaseUrlResolution(`invalid ${explicitBaseUrl.source}=${explicitBaseUrl.value}, using request origin from the customer web server host`);
+    }
+    const hostConfig = pickAllowedHosts(options);
+    if (hostConfig) {
+        const allowedHosts = unique(hostConfig.values.map((entry) => normalizeHost(entry) ?? entry));
+        logBaseUrlResolution(`no appBaseUrl/ASCENDKIT_APP_URL/NEXT_PUBLIC_ASCENDKIT_APP_URL/APP_URL/NEXT_PUBLIC_APP_URL/VERCEL_URL found, using request origin constrained by ${hostConfig.source}=${allowedHosts.join(",")}`);
+        return { allowedHosts };
+    }
+    logBaseUrlResolution("no appBaseUrl/ASCENDKIT_APP_URL/NEXT_PUBLIC_ASCENDKIT_APP_URL/APP_URL/NEXT_PUBLIC_APP_URL/VERCEL_URL found, using request origin from the customer web server host");
+    return undefined;
+}

package/dist/server/index.d.ts

@@ -1,10 +1,10 @@
 export { AscendKitAuth } from "./ascendkit-auth";
 export { createAscendKitAuthRuntime } from "./auth-runtime";
+export { createAuthRouteHandlers } from "./route-handlers";
 export { createAscendKitAdapter } from "./adapter";
 export { createAccessTokenHandler } from "./access-token";
 export { Analytics } from "./analytics";
 export { verifyWebhookSignature } from "./webhooks";
-export { toNextJsHandler } from "better-auth/next-js";
 export type { AscendKitAuthOptions } from "../shared/types";
 export type { AscendKitAuthRuntime } from "./auth-runtime";
 //# sourceMappingURL=index.d.ts.map

package/dist/server/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,0BAA0B,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,sBAAsB,EAAE,MAAM,WAAW,CAAC;AACnD,OAAO,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,YAAY,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAC5D,YAAY,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,0BAA0B,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAE,sBAAsB,EAAE,MAAM,WAAW,CAAC;AACnD,OAAO,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AACpD,YAAY,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAC5D,YAAY,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC"}

package/dist/server/index.js

@@ -1,7 +1,7 @@
 export { AscendKitAuth } from "./ascendkit-auth";
 export { createAscendKitAuthRuntime } from "./auth-runtime";
+export { createAuthRouteHandlers } from "./route-handlers";
 export { createAscendKitAdapter } from "./adapter";
 export { createAccessTokenHandler } from "./access-token";
 export { Analytics } from "./analytics";
 export { verifyWebhookSignature } from "./webhooks";
-export { toNextJsHandler } from "better-auth/next-js";

package/dist/server/route-handlers.d.ts

@@ -0,0 +1,15 @@
+type AuthHandler = {
+    handler: (request: Request) => Promise<Response>;
+} | ((request: Request) => Promise<Response>);
+/**
+ * Create Next.js App Router route handlers for AscendKit auth.
+ */
+export declare function createAuthRouteHandlers(auth: AuthHandler): {
+    GET: (request: Request) => Promise<Response>;
+    POST: (request: Request) => Promise<Response>;
+    PATCH: (request: Request) => Promise<Response>;
+    PUT: (request: Request) => Promise<Response>;
+    DELETE: (request: Request) => Promise<Response>;
+};
+export {};
+//# sourceMappingURL=route-handlers.d.ts.map

package/dist/server/route-handlers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route-handlers.d.ts","sourceRoot":"","sources":["../../src/server/route-handlers.ts"],"names":[],"mappings":"AAEA,KAAK,WAAW,GAAG;IACjB,OAAO,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;CAClD,GAAG,CAAC,CAAC,OAAO,EAAE,OAAO,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;AAE9C;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,WAAW;;;;;;EAExD"}

package/dist/server/route-handlers.js

@@ -0,0 +1,7 @@
+import { toNextJsHandler } from "better-auth/next-js";
+/**
+ * Create Next.js App Router route handlers for AscendKit auth.
+ */
+export function createAuthRouteHandlers(auth) {
+    return toNextJsHandler(auth);
+}

package/dist/shared/http-client.d.ts

@@ -1,4 +1,5 @@
-export declare const SDK_VERSION = "0.1.0";
+import { SDK_VERSION } from "./version";
+export { SDK_VERSION };
 export interface HttpClientOptions {
     publicKey: string;
     apiUrl: string;

package/dist/shared/http-client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"http-client.d.ts","sourceRoot":"","sources":["../../src/shared/http-client.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,WAAW,UAAU,CAAC;AAEnC,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,oBAAoB,CAAC,CAAC;IACrC,WAAW,EAAE,OAAO,CAAC;IACrB,IAAI,CAAC,EAAE,CAAC,CAAC;IACT,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAgBD,MAAM,WAAW,uBAAwB,SAAQ,iBAAiB;IAChE,sFAAsF;IACtF,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,wBAAgB,gBAAgB,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,EAAE,uBAAuB;WA8BlF,CAAC,cAAc,MAAM,QAAQ,OAAO,KAAG,OAAO,CAAC,CAAC,CAAC;UASlD,CAAC,cAAc,MAAM,KAAG,OAAO,CAAC,CAAC,CAAC;qBAOvB,CAAC,cAAc,MAAM,SAAS,MAAM,KAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC;EA0BtG;AAED,MAAM,MAAM,UAAU,GAAG,UAAU,CAAC,OAAO,gBAAgB,CAAC,CAAC"}
+{"version":3,"file":"http-client.d.ts","sourceRoot":"","sources":["../../src/shared/http-client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAExC,OAAO,EAAE,WAAW,EAAE,CAAC;AAEvB,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,oBAAoB,CAAC,CAAC;IACrC,WAAW,EAAE,OAAO,CAAC;IACrB,IAAI,CAAC,EAAE,CAAC,CAAC;IACT,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAgBD,MAAM,WAAW,uBAAwB,SAAQ,iBAAiB;IAChE,sFAAsF;IACtF,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,wBAAgB,gBAAgB,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,EAAE,uBAAuB;WA8BlF,CAAC,cAAc,MAAM,QAAQ,OAAO,KAAG,OAAO,CAAC,CAAC,CAAC;UASlD,CAAC,cAAc,MAAM,KAAG,OAAO,CAAC,CAAC,CAAC;qBAOvB,CAAC,cAAc,MAAM,SAAS,MAAM,KAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC;EA0BtG;AAED,MAAM,MAAM,UAAU,GAAG,UAAU,CAAC,OAAO,gBAAgB,CAAC,CAAC"}

package/dist/shared/http-client.js

@@ -1,11 +1,12 @@
-export const SDK_VERSION = "0.1.0";
+import { SDK_VERSION } from "./version";
+export { SDK_VERSION };
 let upgradeWarned = false;
 function checkUpgradeHeader(res) {
     const upgrade = res.headers.get("X-AscendKit-Upgrade");
     if (upgrade === "recommended" && !upgradeWarned) {
         const latest = res.headers.get("X-AscendKit-Latest-Version") ?? "latest";
         console.warn(`[ascendkit] A newer SDK version (v${latest}) is available. ` +
-            `You are running v${SDK_VERSION}. Run "npm update @ascendkit/nextjs" to upgrade.`);
+            `You are running v${SDK_VERSION}. Run "npm install @ascendkit/nextjs@latest" to upgrade.`);
         upgradeWarned = true;
     }
 }

package/dist/shared/types.d.ts

@@ -2,6 +2,21 @@ export interface AscendKitAuthOptions {
     publicKey?: string;
     secretKey?: string;
     apiUrl?: string;
+    /**
+     * Public app origin used for auth callbacks and redirects.
+     * Example: "https://app.example.com"
+     */
+    appBaseUrl?: string;
+    /**
+     * Optional allowlist of request hosts for dynamic callback resolution.
+     * Useful for preview deployments or when appBaseUrl is not fixed.
+     */
+    allowedHosts?: string[];
+    /**
+     * Whether to trust x-forwarded-* headers when resolving request origin.
+     * Enable this only when your deployment is behind a trusted proxy.
+     */
+    trustedProxyHeaders?: boolean;
     /** Optional redirect path for waitlisted users in proxy social flows. */
     waitlistRedirectPath?: string;
     /** Optional redirect path for rejected users in proxy social flows. */

package/dist/shared/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/shared/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,oBAAoB;IACnC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yEAAyE;IACzE,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,uEAAuE;IACvE,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,QAAQ,EAAE;QACR,iBAAiB,EAAE,OAAO,CAAC;QAC3B,aAAa,EAAE,OAAO,CAAC;QACvB,QAAQ,EAAE,OAAO,CAAC;QAClB,eAAe,EAAE,OAAO,CAAC;KAC1B,CAAC;IACF,eAAe,EAAE,MAAM,CAAC;IACxB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE;QACpB,QAAQ,EAAE,MAAM,CAAC;QACjB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,QAAQ,EAAE,OAAO,GAAG,QAAQ,CAAC;KAC9B,CAAC,CAAC;IACH,QAAQ,EAAE,cAAc,CAAC;CAC1B;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,aAAa,EAAE,OAAO,CAAC;IACvB,iEAAiE;IACjE,cAAc,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,UAAU,CAAC;IACrD,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,GAAG,IAAI,CAAC;IAClB,EAAE,EAAE,MAAM,GAAG,IAAI,CAAC;IAClB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;CACpB"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/shared/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,oBAAoB;IACnC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB;;;OAGG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,yEAAyE;IACzE,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,uEAAuE;IACvE,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,QAAQ,EAAE;QACR,iBAAiB,EAAE,OAAO,CAAC;QAC3B,aAAa,EAAE,OAAO,CAAC;QACvB,QAAQ,EAAE,OAAO,CAAC;QAClB,eAAe,EAAE,OAAO,CAAC;KAC1B,CAAC;IACF,eAAe,EAAE,MAAM,CAAC;IACxB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE;QACpB,QAAQ,EAAE,MAAM,CAAC;QACjB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,QAAQ,EAAE,OAAO,GAAG,QAAQ,CAAC;KAC9B,CAAC,CAAC;IACH,QAAQ,EAAE,cAAc,CAAC;CAC1B;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,aAAa,EAAE,OAAO,CAAC;IACvB,iEAAiE;IACjE,cAAc,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,UAAU,CAAC;IACrD,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,GAAG,IAAI,CAAC;IAClB,EAAE,EAAE,MAAM,GAAG,IAAI,CAAC;IAClB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;CACpB"}

package/dist/shared/version.d.ts

@@ -0,0 +1,2 @@
+export declare const SDK_VERSION = "0.3.1";
+//# sourceMappingURL=version.d.ts.map

package/dist/shared/version.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../../src/shared/version.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,WAAW,UAAU,CAAC"}

package/dist/shared/version.js

@@ -0,0 +1 @@
+export const SDK_VERSION = "0.3.1";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ascendkit/nextjs",
-  "version": "0.2.7",
+  "version": "0.3.1",
   "description": "AscendKit SDK for Next.js and React",
   "author": "ascendkit.dev",
   "license": "MIT",
@@ -37,24 +37,22 @@
     }
   },
   "scripts": {
-    "build": "tsc",
+    "build": "rm -rf dist && node ./scripts/sync-version.mjs && tsc",
     "dev": "tsc --watch",
-    "typecheck": "tsc --noEmit"
+    "typecheck": "node ./scripts/sync-version.mjs && tsc --noEmit"
   },
   "dependencies": {
-    "@daveyplate/better-auth-ui": "^3.3.15"
+    "@daveyplate/better-auth-ui": "^3.3.15",
+    "better-auth": "^1.5.5",
+    "better-call": "^1.3.2"
   },
   "peerDependencies": {
-    "better-auth": "1.5.5",
-    "better-call": "1.3.2",
     "next": ">=14",
     "react": ">=18",
     "react-dom": ">=18"
   },
   "devDependencies": {
     "@better-auth/passkey": "^1.5.5",
-    "better-auth": "^1.5.5",
-    "better-call": "1.3.2",
     "@types/node": "^25.5.0",
     "@types/react": "^19",
     "typescript": "^5"