@better-auth/cli 1.3.7 → 1.3.8-beta.10

package/dist/index.mjs

@@ -4,13 +4,12 @@ import { parse } from 'dotenv';
 import semver from 'semver';
 import prettier, { format } from 'prettier';
 import * as z from 'zod/v4';
-import fs$2, { existsSync } from 'fs';
+import fs, { existsSync, readFileSync } from 'fs';
 import path from 'path';
 import fs$1 from 'fs/promises';
-import fs from 'fs-extra';
 import chalk from 'chalk';
 import { intro, log, outro, confirm, isCancel, cancel, spinner, text, select, multiselect } from '@clack/prompts';
-import { exec } from 'child_process';
+import { exec, execSync } from 'child_process';
 import { logger, BetterAuthError, createTelemetry, getTelemetryAuthConfig, capitalizeFirstLetter } from 'better-auth';
 import Crypto from 'crypto';
 import yoctoSpinner from 'yocto-spinner';
@@ -20,15 +19,15 @@ import { loadConfig } from 'c12';
 import babelPresetTypeScript from '@babel/preset-typescript';
 import babelPresetReact from '@babel/preset-react';
 import { produceSchema } from '@mrleebo/prisma-ast';
+import { createAuthClient } from 'better-auth/client';
+import { deviceAuthorizationClient } from 'better-auth/client/plugins';
+import open from 'open';
+import os from 'os';
 import 'dotenv/config';
 
 function getPackageInfo(cwd) {
   const packageJsonPath = cwd ? path.join(cwd, "package.json") : path.join("package.json");
-  try {
-    return fs.readJSONSync(packageJsonPath);
-  } catch (error) {
-    throw error;
-  }
+  return JSON.parse(fs.readFileSync(packageJsonPath, "utf-8"));
 }
 
 function installDependencies({
@@ -177,22 +176,15 @@ async function generateAuthConfig({
           insert_content: `${opts.pluginFunctionName}(${opts.pluginContents}),`
         });
       } else {
-        let has_found_comma = false;
-        const str = opts.config.slice(start_of_plugins.index, end_of_plugins.index).split("").reverse();
-        for (let index = 0; index < str.length; index++) {
-          const char = str[index];
-          if (char === ",") {
-            has_found_comma = true;
-          }
-          if (char === ")") {
-            break;
-          }
-        }
+        const pluginArrayContent = opts.config.slice(start_of_plugins.index, end_of_plugins.index).trim();
+        const isPluginArrayEmpty = pluginArrayContent === "";
+        const isPluginArrayEndsWithComma = pluginArrayContent.endsWith(",");
+        const needsComma = !isPluginArrayEmpty && !isPluginArrayEndsWithComma;
         new_content = insertContent({
           line: end_of_plugins.line,
           character: end_of_plugins.character,
           content: opts.config,
-          insert_content: `${!has_found_comma ? "," : ""}${opts.pluginFunctionName}(${opts.pluginContents})`
+          insert_content: `${needsComma ? "," : ""}${opts.pluginFunctionName}(${opts.pluginContents})`
         });
       }
       try {
@@ -203,7 +195,7 @@ async function generateAuthConfig({
           `Failed to generate new auth config during plugin addition phase.`
         );
       }
-      return { code: await new_content, dependencies: [], envs: [] };
+      return { code: new_content, dependencies: [], envs: [] };
     },
     add_import: async (opts) => {
       let importString = "";
@@ -1070,7 +1062,7 @@ async function initAction(opts) {
       process.exit(0);
     }
     if (packageManagerPreference === void 0) {
-      packageManagerPreference = await getPackageManager();
+      packageManagerPreference = await getPackageManager$1();
     }
     if (shouldInstallBetterAuthDep) {
       s2.start(
@@ -1110,7 +1102,7 @@ async function initAction(opts) {
     }
     if (shouldInstallBetterAuthDep) {
       if (packageManagerPreference === void 0) {
-        packageManagerPreference = await getPackageManager();
+        packageManagerPreference = await getPackageManager$1();
       }
       const s2 = spinner({ indicator: "dots" });
       s2.start(
@@ -1273,7 +1265,7 @@ async function initAction(opts) {
         const { dependencies, envs, generatedCode } = await generateAuthConfig({
           current_user_config,
           format: format$1,
-          //@ts-ignore
+          //@ts-expect-error
           s,
           plugins: add_plugins,
           database
@@ -1338,7 +1330,7 @@ async function initAction(opts) {
           if (shouldInstallDeps) {
             const s2 = spinner({ indicator: "dots" });
             if (packageManagerPreference === void 0) {
-              packageManagerPreference = await getPackageManager();
+              packageManagerPreference = await getPackageManager$1();
             }
             s2.start(
               `Installing dependencies using ${chalk.bold(
@@ -1587,7 +1579,7 @@ async function getLatestNpmVersion(packageName) {
     throw error?.message;
   }
 }
-async function getPackageManager() {
+async function getPackageManager$1() {
   const { hasBun, hasPnpm } = await checkPackageManagers();
   if (!hasBun && !hasPnpm) return "npm";
   const packageManagerOptions = [];
@@ -1690,9 +1682,9 @@ function getSvelteKitPathAliases(cwd) {
   const svelteConfigPath = path.join(cwd, "svelte.config.js");
   const svelteConfigTsPath = path.join(cwd, "svelte.config.ts");
   let isSvelteKitProject = false;
-  if (fs$2.existsSync(packageJsonPath)) {
+  if (fs.existsSync(packageJsonPath)) {
     try {
-      const packageJson = JSON.parse(fs$2.readFileSync(packageJsonPath, "utf-8"));
+      const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, "utf-8"));
       const deps = {
         ...packageJson.dependencies,
         ...packageJson.devDependencies
@@ -1702,19 +1694,19 @@ function getSvelteKitPathAliases(cwd) {
     }
   }
   if (!isSvelteKitProject) {
-    isSvelteKitProject = fs$2.existsSync(svelteConfigPath) || fs$2.existsSync(svelteConfigTsPath);
+    isSvelteKitProject = fs.existsSync(svelteConfigPath) || fs.existsSync(svelteConfigTsPath);
   }
   if (!isSvelteKitProject) {
     return aliases;
   }
   const libPaths = [path.join(cwd, "src", "lib"), path.join(cwd, "lib")];
   for (const libPath of libPaths) {
-    if (fs$2.existsSync(libPath)) {
+    if (fs.existsSync(libPath)) {
       aliases["$lib"] = libPath;
       const commonSubPaths = ["server", "utils", "components", "stores"];
       for (const subPath of commonSubPaths) {
         const subDir = path.join(libPath, subPath);
-        if (fs$2.existsSync(subDir)) {
+        if (fs.existsSync(subDir)) {
           aliases[`$lib/${subPath}`] = subDir;
         }
       }
@@ -1733,9 +1725,9 @@ function getSvelteConfigAliases(cwd) {
     path.join(cwd, "svelte.config.ts")
   ];
   for (const configPath of configPaths) {
-    if (fs$2.existsSync(configPath)) {
+    if (fs.existsSync(configPath)) {
       try {
-        const content = fs$2.readFileSync(configPath, "utf-8");
+        const content = fs.readFileSync(configPath, "utf-8");
         const aliasMatch = content.match(/alias\s*:\s*\{([^}]+)\}/);
         if (aliasMatch && aliasMatch[1]) {
           const aliasContent = aliasMatch[1];
@@ -1871,9 +1863,9 @@ function resolveReferencePath(configDir, refPath) {
   if (refPath.endsWith(".json")) {
     return resolvedPath;
   }
-  if (fs$2.existsSync(resolvedPath)) {
+  if (fs.existsSync(resolvedPath)) {
     try {
-      const stats = fs$2.statSync(resolvedPath);
+      const stats = fs.statSync(resolvedPath);
       if (stats.isFile()) {
         return resolvedPath;
       }
@@ -1887,7 +1879,7 @@ function getPathAliasesRecursive(tsconfigPath, visited = /* @__PURE__ */ new Set
     return {};
   }
   visited.add(tsconfigPath);
-  if (!fs$2.existsSync(tsconfigPath)) {
+  if (!fs.existsSync(tsconfigPath)) {
     logger.warn(`Referenced tsconfig not found: ${tsconfigPath}`);
     return {};
   }
@@ -1924,7 +1916,7 @@ function getPathAliasesRecursive(tsconfigPath, visited = /* @__PURE__ */ new Set
 }
 function getPathAliases(cwd) {
   const tsConfigPath = path.join(cwd, "tsconfig.json");
-  if (!fs$2.existsSync(tsConfigPath)) {
+  if (!fs.existsSync(tsConfigPath)) {
     return null;
   }
   try {
@@ -1957,6 +1949,9 @@ const jitiOptions = (cwd) => {
     alias
   };
 };
+const isDefaultExport = (object) => {
+  return typeof object === "object" && object !== null && !Array.isArray(object) && Object.keys(object).length > 0 && "options" in object;
+};
 async function getConfig({
   cwd,
   configPath,
@@ -1972,7 +1967,7 @@ async function getConfig({
         dotenv: true,
         jitiOptions: jitiOptions(cwd)
       });
-      if (!config.auth && !config.default) {
+      if (!("auth" in config) && !isDefaultExport(config)) {
         if (shouldThrowOnError) {
           throw new Error(
             `Couldn't read your auth config in ${resolvedPath}. Make sure to default export your auth instance or to export as a variable named auth.`
@@ -1983,7 +1978,7 @@ async function getConfig({
         );
         process.exit(1);
       }
-      configFile = config.auth?.options || config.default?.options || null;
+      configFile = "auth" in config ? config.auth?.options : config.options;
     }
     if (!configFile) {
       for (const possiblePath of possiblePaths) {
@@ -2326,7 +2321,7 @@ const generateDrizzleSchema = async ({
 					${Object.keys(fields).map((field) => {
       const attr = fields[field];
       let type = getType(field, attr);
-      if (attr.defaultValue) {
+      if (attr.defaultValue !== null && typeof attr.defaultValue !== "undefined") {
         if (typeof attr.defaultValue === "function") {
           type += `.$defaultFn(${attr.defaultValue})`;
         } else if (typeof attr.defaultValue === "string") {
@@ -2335,8 +2330,13 @@ const generateDrizzleSchema = async ({
           type += `.default(${attr.defaultValue})`;
         }
       }
+      if (attr.onUpdate && attr.type === "date") {
+        if (typeof attr.onUpdate === "function") {
+          type += `.$onUpdate(${attr.onUpdate})`;
+        }
+      }
       return `${field}: ${type}${attr.required ? ".notNull()" : ""}${attr.unique ? ".unique()" : ""}${attr.references ? `.references(()=> ${getModelName(
-        attr.references.model,
+        tables[attr.references.model]?.modelName || attr.references.model,
         adapter.options
       )}.${attr.references.field}, { onDelete: '${attr.references.onDelete || "cascade"}' })` : ""}`;
     }).join(",\n ")}
@@ -2789,6 +2789,630 @@ const generate = new Command("generate").option(
   "the path to the configuration file. defaults to the first configuration file found."
 ).option("--output <output>", "the file to output to the generated schema").option("-y, --yes", "automatically answer yes to all prompts", false).option("--y", "(deprecated) same as --yes", false).action(generateAction);
 
+const DEMO_URL = "https://demo.better-auth.com";
+const CLIENT_ID = "better-auth-cli";
+const CONFIG_DIR = path.join(os.homedir(), ".better-auth");
+const TOKEN_FILE = path.join(CONFIG_DIR, "token.json");
+async function loginAction(opts) {
+  const options = z.object({
+    serverUrl: z.string().optional(),
+    clientId: z.string().optional()
+  }).parse(opts);
+  const serverUrl = options.serverUrl || DEMO_URL;
+  const clientId = options.clientId || CLIENT_ID;
+  intro(chalk.bold("\u{1F510} Better Auth CLI Login (Demo)"));
+  console.log(
+    chalk.yellow(
+      "\u26A0\uFE0F  This is a demo feature for testing device authorization flow."
+    )
+  );
+  console.log(
+    chalk.gray(
+      "   It connects to the Better Auth demo server for testing purposes.\n"
+    )
+  );
+  const existingToken = await getStoredToken();
+  if (existingToken) {
+    const shouldReauth = await confirm({
+      message: "You're already logged in. Do you want to log in again?",
+      initialValue: false
+    });
+    if (isCancel(shouldReauth) || !shouldReauth) {
+      cancel("Login cancelled");
+      process.exit(0);
+    }
+  }
+  const authClient = createAuthClient({
+    baseURL: serverUrl,
+    plugins: [deviceAuthorizationClient()]
+  });
+  const spinner = yoctoSpinner({ text: "Requesting device authorization..." });
+  spinner.start();
+  try {
+    const { data, error } = await authClient.device.code({
+      client_id: clientId,
+      scope: "openid profile email"
+    });
+    spinner.stop();
+    if (error || !data) {
+      logger.error(
+        `Failed to request device authorization: ${error?.error_description || "Unknown error"}`
+      );
+      process.exit(1);
+    }
+    const {
+      device_code,
+      user_code,
+      verification_uri,
+      verification_uri_complete,
+      interval = 5,
+      expires_in
+    } = data;
+    console.log("");
+    console.log(chalk.cyan("\u{1F4F1} Device Authorization Required"));
+    console.log("");
+    console.log(`Please visit: ${chalk.underline.blue(verification_uri)}`);
+    console.log(`Enter code: ${chalk.bold.green(user_code)}`);
+    console.log("");
+    const shouldOpen = await confirm({
+      message: "Open browser automatically?",
+      initialValue: true
+    });
+    if (!isCancel(shouldOpen) && shouldOpen) {
+      const urlToOpen = verification_uri_complete || verification_uri;
+      await open(urlToOpen);
+    }
+    console.log(
+      chalk.gray(
+        `Waiting for authorization (expires in ${Math.floor(expires_in / 60)} minutes)...`
+      )
+    );
+    const token = await pollForToken(
+      authClient,
+      device_code,
+      clientId,
+      interval
+    );
+    if (token) {
+      await storeToken(token);
+      const { data: session } = await authClient.getSession({
+        fetchOptions: {
+          headers: {
+            Authorization: `Bearer ${token.access_token}`
+          }
+        }
+      });
+      outro(
+        chalk.green(
+          `\u2705 Demo login successful! Logged in as ${session?.user?.name || session?.user?.email || "User"}`
+        )
+      );
+      console.log(
+        chalk.gray(
+          "\n\u{1F4DD} Note: This was a demo authentication for testing purposes."
+        )
+      );
+      console.log(
+        chalk.blue(
+          "\nFor more information, visit: https://better-auth.com/docs/plugins/device-authorization"
+        )
+      );
+    }
+  } catch (err) {
+    spinner.stop();
+    logger.error(
+      `Login failed: ${err instanceof Error ? err.message : "Unknown error"}`
+    );
+    process.exit(1);
+  }
+}
+async function pollForToken(authClient, deviceCode, clientId, initialInterval) {
+  let pollingInterval = initialInterval;
+  const spinner = yoctoSpinner({ text: "", color: "cyan" });
+  let dots = 0;
+  return new Promise((resolve, reject) => {
+    const poll = async () => {
+      dots = (dots + 1) % 4;
+      spinner.text = chalk.gray(
+        `Polling for authorization${".".repeat(dots)}${" ".repeat(3 - dots)}`
+      );
+      if (!spinner.isSpinning) spinner.start();
+      try {
+        const { data, error } = await authClient.device.token({
+          grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+          device_code: deviceCode,
+          client_id: clientId,
+          fetchOptions: {
+            headers: {
+              "user-agent": `Better Auth CLI`
+            }
+          }
+        });
+        if (data?.access_token) {
+          spinner.stop();
+          resolve(data);
+          return;
+        } else if (error) {
+          switch (error.error) {
+            case "authorization_pending":
+              break;
+            case "slow_down":
+              pollingInterval += 5;
+              spinner.text = chalk.yellow(
+                `Slowing down polling to ${pollingInterval}s`
+              );
+              break;
+            case "access_denied":
+              spinner.stop();
+              logger.error("Access was denied by the user");
+              process.exit(1);
+              break;
+            case "expired_token":
+              spinner.stop();
+              logger.error("The device code has expired. Please try again.");
+              process.exit(1);
+              break;
+            default:
+              spinner.stop();
+              logger.error(`Error: ${error.error_description}`);
+              process.exit(1);
+          }
+        }
+      } catch (err) {
+        spinner.stop();
+        logger.error(
+          `Network error: ${err instanceof Error ? err.message : "Unknown error"}`
+        );
+        process.exit(1);
+      }
+      setTimeout(poll, pollingInterval * 1e3);
+    };
+    setTimeout(poll, pollingInterval * 1e3);
+  });
+}
+async function storeToken(token) {
+  try {
+    await fs$1.mkdir(CONFIG_DIR, { recursive: true });
+    const tokenData = {
+      access_token: token.access_token,
+      token_type: token.token_type || "Bearer",
+      scope: token.scope,
+      created_at: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    await fs$1.writeFile(TOKEN_FILE, JSON.stringify(tokenData, null, 2), "utf-8");
+  } catch (error) {
+    logger.warn("Failed to store authentication token locally");
+  }
+}
+async function getStoredToken() {
+  try {
+    const data = await fs$1.readFile(TOKEN_FILE, "utf-8");
+    return JSON.parse(data);
+  } catch {
+    return null;
+  }
+}
+const login = new Command("login").description(
+  "Demo: Test device authorization flow with Better Auth demo server"
+).option("--server-url <url>", "The Better Auth server URL", DEMO_URL).option("--client-id <id>", "The OAuth client ID", CLIENT_ID).action(loginAction);
+
+function getSystemInfo() {
+  const platform = os.platform();
+  const arch = os.arch();
+  const version = os.version();
+  const release = os.release();
+  const cpus = os.cpus();
+  const memory = os.totalmem();
+  const freeMemory = os.freemem();
+  return {
+    platform,
+    arch,
+    version,
+    release,
+    cpuCount: cpus.length,
+    cpuModel: cpus[0]?.model || "Unknown",
+    totalMemory: `${(memory / 1024 / 1024 / 1024).toFixed(2)} GB`,
+    freeMemory: `${(freeMemory / 1024 / 1024 / 1024).toFixed(2)} GB`
+  };
+}
+function getNodeInfo() {
+  return {
+    version: process.version,
+    env: process.env.NODE_ENV || "development"
+  };
+}
+function getPackageManager() {
+  const userAgent = process.env.npm_config_user_agent || "";
+  if (userAgent.includes("yarn")) {
+    return { name: "yarn", version: getVersion("yarn") };
+  }
+  if (userAgent.includes("pnpm")) {
+    return { name: "pnpm", version: getVersion("pnpm") };
+  }
+  if (userAgent.includes("bun")) {
+    return { name: "bun", version: getVersion("bun") };
+  }
+  return { name: "npm", version: getVersion("npm") };
+}
+function getVersion(command) {
+  try {
+    const output = execSync(`${command} --version`, { encoding: "utf8" });
+    return output.trim();
+  } catch {
+    return "Not installed";
+  }
+}
+function getFrameworkInfo(projectRoot) {
+  const packageJsonPath = path.join(projectRoot, "package.json");
+  if (!existsSync(packageJsonPath)) {
+    return null;
+  }
+  try {
+    const packageJson = JSON.parse(readFileSync(packageJsonPath, "utf8"));
+    const deps = {
+      ...packageJson.dependencies,
+      ...packageJson.devDependencies
+    };
+    const frameworks = {
+      next: deps["next"],
+      react: deps["react"],
+      vue: deps["vue"],
+      nuxt: deps["nuxt"],
+      svelte: deps["svelte"],
+      "@sveltejs/kit": deps["@sveltejs/kit"],
+      express: deps["express"],
+      fastify: deps["fastify"],
+      hono: deps["hono"],
+      remix: deps["@remix-run/react"],
+      astro: deps["astro"],
+      solid: deps["solid-js"],
+      qwik: deps["@builder.io/qwik"]
+    };
+    const installedFrameworks = Object.entries(frameworks).filter(([_, version]) => version).map(([name, version]) => ({ name, version }));
+    return installedFrameworks.length > 0 ? installedFrameworks : null;
+  } catch {
+    return null;
+  }
+}
+function getDatabaseInfo(projectRoot) {
+  const packageJsonPath = path.join(projectRoot, "package.json");
+  if (!existsSync(packageJsonPath)) {
+    return null;
+  }
+  try {
+    const packageJson = JSON.parse(readFileSync(packageJsonPath, "utf8"));
+    const deps = {
+      ...packageJson.dependencies,
+      ...packageJson.devDependencies
+    };
+    const databases = {
+      "better-sqlite3": deps["better-sqlite3"],
+      "@libsql/client": deps["@libsql/client"],
+      "@libsql/kysely-libsql": deps["@libsql/kysely-libsql"],
+      mysql2: deps["mysql2"],
+      pg: deps["pg"],
+      postgres: deps["postgres"],
+      "@prisma/client": deps["@prisma/client"],
+      drizzle: deps["drizzle-orm"],
+      kysely: deps["kysely"],
+      mongodb: deps["mongodb"],
+      "@neondatabase/serverless": deps["@neondatabase/serverless"],
+      "@vercel/postgres": deps["@vercel/postgres"],
+      "@planetscale/database": deps["@planetscale/database"]
+    };
+    const installedDatabases = Object.entries(databases).filter(([_, version]) => version).map(([name, version]) => ({ name, version }));
+    return installedDatabases.length > 0 ? installedDatabases : null;
+  } catch {
+    return null;
+  }
+}
+function sanitizeBetterAuthConfig(config) {
+  if (!config) return null;
+  const sanitized = JSON.parse(JSON.stringify(config));
+  const sensitiveKeys = [
+    "secret",
+    "clientSecret",
+    "clientId",
+    "authToken",
+    "apiKey",
+    "apiSecret",
+    "privateKey",
+    "publicKey",
+    "password",
+    "token",
+    "webhook",
+    "connectionString",
+    "databaseUrl",
+    "databaseURL",
+    "TURSO_AUTH_TOKEN",
+    "TURSO_DATABASE_URL",
+    "MYSQL_DATABASE_URL",
+    "DATABASE_URL",
+    "POSTGRES_URL",
+    "MONGODB_URI",
+    "stripeKey",
+    "stripeWebhookSecret"
+  ];
+  const allowedKeys = [
+    "baseURL",
+    "callbackURL",
+    "redirectURL",
+    "trustedOrigins",
+    "appName"
+  ];
+  function redactSensitive(obj, parentKey) {
+    if (typeof obj !== "object" || obj === null) {
+      if (parentKey && typeof obj === "string" && obj.length > 0) {
+        if (allowedKeys.some(
+          (allowed) => parentKey.toLowerCase() === allowed.toLowerCase()
+        )) {
+          return obj;
+        }
+        const lowerKey = parentKey.toLowerCase();
+        if (sensitiveKeys.some((key) => {
+          const lowerSensitiveKey = key.toLowerCase();
+          return lowerKey === lowerSensitiveKey || lowerKey.endsWith(lowerSensitiveKey);
+        })) {
+          return "[REDACTED]";
+        }
+      }
+      return obj;
+    }
+    if (Array.isArray(obj)) {
+      return obj.map((item) => redactSensitive(item, parentKey));
+    }
+    const result = {};
+    for (const [key, value] of Object.entries(obj)) {
+      if (allowedKeys.some(
+        (allowed) => key.toLowerCase() === allowed.toLowerCase()
+      )) {
+        result[key] = value;
+        continue;
+      }
+      const lowerKey = key.toLowerCase();
+      if (sensitiveKeys.some((sensitiveKey) => {
+        const lowerSensitiveKey = sensitiveKey.toLowerCase();
+        return lowerKey === lowerSensitiveKey || lowerKey.endsWith(lowerSensitiveKey);
+      })) {
+        if (typeof value === "string" && value.length > 0) {
+          result[key] = "[REDACTED]";
+        } else if (typeof value === "object" && value !== null) {
+          result[key] = redactSensitive(value, key);
+        } else {
+          result[key] = value;
+        }
+      } else {
+        result[key] = redactSensitive(value, key);
+      }
+    }
+    return result;
+  }
+  if (sanitized.database) {
+    if (typeof sanitized.database === "string") {
+      sanitized.database = "[REDACTED]";
+    } else if (sanitized.database.url) {
+      sanitized.database.url = "[REDACTED]";
+    }
+    if (sanitized.database.authToken) {
+      sanitized.database.authToken = "[REDACTED]";
+    }
+  }
+  if (sanitized.socialProviders) {
+    for (const provider in sanitized.socialProviders) {
+      if (sanitized.socialProviders[provider]) {
+        sanitized.socialProviders[provider] = redactSensitive(
+          sanitized.socialProviders[provider],
+          provider
+        );
+      }
+    }
+  }
+  if (sanitized.emailAndPassword?.sendResetPassword) {
+    sanitized.emailAndPassword.sendResetPassword = "[Function]";
+  }
+  if (sanitized.emailVerification?.sendVerificationEmail) {
+    sanitized.emailVerification.sendVerificationEmail = "[Function]";
+  }
+  if (sanitized.plugins && Array.isArray(sanitized.plugins)) {
+    sanitized.plugins = sanitized.plugins.map((plugin) => {
+      if (typeof plugin === "function") {
+        return "[Plugin Function]";
+      }
+      if (plugin && typeof plugin === "object") {
+        const pluginName = plugin.id || plugin.name || "unknown";
+        return {
+          name: pluginName,
+          config: redactSensitive(plugin.config || plugin)
+        };
+      }
+      return plugin;
+    });
+  }
+  return redactSensitive(sanitized);
+}
+async function getBetterAuthInfo(projectRoot, configPath, suppressLogs = false) {
+  try {
+    const originalLog = console.log;
+    const originalWarn = console.warn;
+    const originalError = console.error;
+    if (suppressLogs) {
+      console.log = () => {
+      };
+      console.warn = () => {
+      };
+      console.error = () => {
+      };
+    }
+    try {
+      const config = await getConfig({
+        cwd: projectRoot,
+        configPath,
+        shouldThrowOnError: false
+      });
+      const packageInfo = await getPackageInfo();
+      return {
+        version: packageInfo.version || "Unknown",
+        config: sanitizeBetterAuthConfig(config)
+      };
+    } finally {
+      if (suppressLogs) {
+        console.log = originalLog;
+        console.warn = originalWarn;
+        console.error = originalError;
+      }
+    }
+  } catch (error) {
+    return {
+      version: "Unknown",
+      config: null,
+      error: error instanceof Error ? error.message : "Failed to load Better Auth config"
+    };
+  }
+}
+function formatOutput(data, indent = 0) {
+  const spaces = " ".repeat(indent);
+  if (data === null || data === void 0) {
+    return `${spaces}${chalk.gray("N/A")}`;
+  }
+  if (typeof data === "string" || typeof data === "number" || typeof data === "boolean") {
+    return `${spaces}${data}`;
+  }
+  if (Array.isArray(data)) {
+    if (data.length === 0) {
+      return `${spaces}${chalk.gray("[]")}`;
+    }
+    return data.map((item) => formatOutput(item, indent)).join("\n");
+  }
+  if (typeof data === "object") {
+    const entries = Object.entries(data);
+    if (entries.length === 0) {
+      return `${spaces}${chalk.gray("{}")}`;
+    }
+    return entries.map(([key, value]) => {
+      if (typeof value === "object" && value !== null && !Array.isArray(value)) {
+        return `${spaces}${chalk.cyan(key)}:
+${formatOutput(value, indent + 2)}`;
+      }
+      return `${spaces}${chalk.cyan(key)}: ${formatOutput(value, 0)}`;
+    }).join("\n");
+  }
+  return `${spaces}${JSON.stringify(data)}`;
+}
+const info = new Command("info").description("Display system and Better Auth configuration information").option("--cwd <cwd>", "The working directory", process.cwd()).option("--config <config>", "Path to the Better Auth configuration file").option("-j, --json", "Output as JSON").option("-c, --copy", "Copy output to clipboard (requires pbcopy/xclip)").action(async (options) => {
+  const projectRoot = path.resolve(options.cwd || process.cwd());
+  const systemInfo = getSystemInfo();
+  const nodeInfo = getNodeInfo();
+  const packageManager = getPackageManager();
+  const frameworks = getFrameworkInfo(projectRoot);
+  const databases = getDatabaseInfo(projectRoot);
+  const betterAuthInfo = await getBetterAuthInfo(
+    projectRoot,
+    options.config,
+    options.json
+  );
+  const fullInfo = {
+    system: systemInfo,
+    node: nodeInfo,
+    packageManager,
+    frameworks,
+    databases,
+    betterAuth: betterAuthInfo
+  };
+  if (options.json) {
+    const jsonOutput = JSON.stringify(fullInfo, null, 2);
+    console.log(jsonOutput);
+    if (options.copy) {
+      try {
+        const platform = os.platform();
+        if (platform === "darwin") {
+          execSync("pbcopy", { input: jsonOutput });
+          console.log(chalk.green("\n\u2713 Copied to clipboard"));
+        } else if (platform === "linux") {
+          execSync("xclip -selection clipboard", { input: jsonOutput });
+          console.log(chalk.green("\n\u2713 Copied to clipboard"));
+        } else if (platform === "win32") {
+          execSync("clip", { input: jsonOutput });
+          console.log(chalk.green("\n\u2713 Copied to clipboard"));
+        }
+      } catch {
+        console.log(chalk.yellow("\n\u26A0 Could not copy to clipboard"));
+      }
+    }
+    return;
+  }
+  console.log(chalk.bold("\n\u{1F4CA} Better Auth System Information\n"));
+  console.log(chalk.gray("=".repeat(50)));
+  console.log(chalk.bold.white("\n\u{1F5A5}\uFE0F  System Information:"));
+  console.log(formatOutput(systemInfo, 2));
+  console.log(chalk.bold.white("\n\u{1F4E6} Node.js:"));
+  console.log(formatOutput(nodeInfo, 2));
+  console.log(chalk.bold.white("\n\u{1F4E6} Package Manager:"));
+  console.log(formatOutput(packageManager, 2));
+  if (frameworks) {
+    console.log(chalk.bold.white("\n\u{1F680} Frameworks:"));
+    console.log(formatOutput(frameworks, 2));
+  }
+  if (databases) {
+    console.log(chalk.bold.white("\n\u{1F4BE} Database Clients:"));
+    console.log(formatOutput(databases, 2));
+  }
+  console.log(chalk.bold.white("\n\u{1F510} Better Auth:"));
+  if (betterAuthInfo.error) {
+    console.log(`  ${chalk.red("Error:")} ${betterAuthInfo.error}`);
+  } else {
+    console.log(`  ${chalk.cyan("Version")}: ${betterAuthInfo.version}`);
+    if (betterAuthInfo.config) {
+      console.log(`  ${chalk.cyan("Configuration")}:`);
+      console.log(formatOutput(betterAuthInfo.config, 4));
+    }
+  }
+  console.log(chalk.gray("\n" + "=".repeat(50)));
+  console.log(chalk.gray("\n\u{1F4A1} Tip: Use --json flag for JSON output"));
+  console.log(chalk.gray("\u{1F4A1} Use --copy flag to copy output to clipboard"));
+  console.log(
+    chalk.gray("\u{1F4A1} When reporting issues, include this information\n")
+  );
+  if (options.copy) {
+    const textOutput = `
+Better Auth System Information
+==============================
+
+System Information:
+${JSON.stringify(systemInfo, null, 2)}
+
+Node.js:
+${JSON.stringify(nodeInfo, null, 2)}
+
+Package Manager:
+${JSON.stringify(packageManager, null, 2)}
+
+Frameworks:
+${JSON.stringify(frameworks, null, 2)}
+
+Database Clients:
+${JSON.stringify(databases, null, 2)}
+
+Better Auth:
+${JSON.stringify(betterAuthInfo, null, 2)}
+`;
+    try {
+      const platform = os.platform();
+      if (platform === "darwin") {
+        execSync("pbcopy", { input: textOutput });
+        console.log(chalk.green("\u2713 Copied to clipboard"));
+      } else if (platform === "linux") {
+        execSync("xclip -selection clipboard", { input: textOutput });
+        console.log(chalk.green("\u2713 Copied to clipboard"));
+      } else if (platform === "win32") {
+        execSync("clip", { input: textOutput });
+        console.log(chalk.green("\u2713 Copied to clipboard"));
+      }
+    } catch {
+      console.log(chalk.yellow("\u26A0 Could not copy to clipboard"));
+    }
+  }
+});
+
 process.on("SIGINT", () => process.exit(0));
 process.on("SIGTERM", () => process.exit(0));
 async function main() {
@@ -2798,7 +3422,7 @@ async function main() {
     packageInfo = await getPackageInfo();
   } catch (error) {
   }
-  program.addCommand(init).addCommand(migrate).addCommand(generate).addCommand(generateSecret).version(packageInfo.version || "1.1.2").description("Better Auth CLI").action(() => program.help());
+  program.addCommand(init).addCommand(migrate).addCommand(generate).addCommand(generateSecret).addCommand(info).addCommand(login).version(packageInfo.version || "1.1.2").description("Better Auth CLI").action(() => program.help());
   program.parse();
 }
 main();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/cli",
-  "version": "1.3.7",
+  "version": "1.3.8-beta.10",
   "description": "The CLI for Better Auth",
   "module": "dist/index.mjs",
   "repository": {
@@ -26,11 +26,9 @@
   "exports": "./dist/index.mjs",
   "bin": "./dist/index.mjs",
   "devDependencies": {
-    "@types/diff": "^7.0.1",
-    "@types/fs-extra": "^11.0.4",
+    "tsx": "^4.20.4",
     "typescript": "^5.9.2",
-    "unbuild": "^3.5.0",
-    "zod": "^4.0.0"
+    "unbuild": "^3.5.0"
   },
   "dependencies": {
     "@babel/core": "^7.0.0",
@@ -42,23 +40,21 @@
     "@types/better-sqlite3": "^7.6.12",
     "@types/prompts": "^2.4.9",
     "better-sqlite3": "^11.6.0",
-    "c12": "^2.0.1",
+    "c12": "^3.2.0",
     "chalk": "^5.3.0",
     "commander": "^12.1.0",
     "dotenv": "^16.4.7",
     "drizzle-orm": "^0.33.0",
-    "fs-extra": "^11.3.0",
     "get-tsconfig": "^4.8.1",
+    "open": "^10.1.0",
     "prettier": "^3.4.2",
     "prisma": "^5.22.0",
     "prompts": "^2.4.2",
     "semver": "^7.7.1",
     "tinyexec": "^0.3.1",
     "yocto-spinner": "^0.1.1",
-    "better-auth": "1.3.7"
-  },
-  "peerDependencies": {
-    "zod": "3.25.0 || ^4.0.0"
+    "zod": "^4.0.0",
+    "better-auth": "1.3.8-beta.10"
   },
   "files": [
     "dist"
@@ -67,6 +63,7 @@
     "build": "unbuild",
     "stub": "unbuild --stub",
     "start": "node ./dist/index.mjs",
+    "dev": "tsx ./src/index.ts",
     "test": "vitest"
   }
 }