@better-auth/cli 1.3.8-beta.2 → 1.3.8-beta.3

package/dist/index.mjs

@@ -20,6 +20,10 @@ import { loadConfig } from 'c12';
 import babelPresetTypeScript from '@babel/preset-typescript';
 import babelPresetReact from '@babel/preset-react';
 import { produceSchema } from '@mrleebo/prisma-ast';
+import { createAuthClient } from 'better-auth/client';
+import { deviceAuthorizationClient } from 'better-auth/client/plugins';
+import open from 'open';
+import os from 'os';
 import 'dotenv/config';
 
 function getPackageInfo(cwd) {
@@ -2792,6 +2796,208 @@ const generate = new Command("generate").option(
   "the path to the configuration file. defaults to the first configuration file found."
 ).option("--output <output>", "the file to output to the generated schema").option("-y, --yes", "automatically answer yes to all prompts", false).option("--y", "(deprecated) same as --yes", false).action(generateAction);
 
+const DEMO_URL = "https://demo.better-auth.com";
+const CLIENT_ID = "better-auth-cli";
+const CONFIG_DIR = path.join(os.homedir(), ".better-auth");
+const TOKEN_FILE = path.join(CONFIG_DIR, "token.json");
+async function loginAction(opts) {
+  const options = z.object({
+    serverUrl: z.string().optional(),
+    clientId: z.string().optional()
+  }).parse(opts);
+  const serverUrl = options.serverUrl || DEMO_URL;
+  const clientId = options.clientId || CLIENT_ID;
+  intro(chalk.bold("\u{1F510} Better Auth CLI Login (Demo)"));
+  console.log(
+    chalk.yellow(
+      "\u26A0\uFE0F  This is a demo feature for testing device authorization flow."
+    )
+  );
+  console.log(
+    chalk.gray(
+      "   It connects to the Better Auth demo server for testing purposes.\n"
+    )
+  );
+  const existingToken = await getStoredToken();
+  if (existingToken) {
+    const shouldReauth = await confirm({
+      message: "You're already logged in. Do you want to log in again?",
+      initialValue: false
+    });
+    if (isCancel(shouldReauth) || !shouldReauth) {
+      cancel("Login cancelled");
+      process.exit(0);
+    }
+  }
+  const authClient = createAuthClient({
+    baseURL: serverUrl,
+    plugins: [deviceAuthorizationClient()]
+  });
+  const spinner = yoctoSpinner({ text: "Requesting device authorization..." });
+  spinner.start();
+  try {
+    const { data, error } = await authClient.device.code({
+      client_id: clientId,
+      scope: "openid profile email"
+    });
+    spinner.stop();
+    if (error || !data) {
+      logger.error(
+        `Failed to request device authorization: ${error?.error_description || "Unknown error"}`
+      );
+      process.exit(1);
+    }
+    const {
+      device_code,
+      user_code,
+      verification_uri,
+      verification_uri_complete,
+      interval = 5,
+      expires_in
+    } = data;
+    console.log("");
+    console.log(chalk.cyan("\u{1F4F1} Device Authorization Required"));
+    console.log("");
+    console.log(`Please visit: ${chalk.underline.blue(verification_uri)}`);
+    console.log(`Enter code: ${chalk.bold.green(user_code)}`);
+    console.log("");
+    const shouldOpen = await confirm({
+      message: "Open browser automatically?",
+      initialValue: true
+    });
+    if (!isCancel(shouldOpen) && shouldOpen) {
+      const urlToOpen = verification_uri_complete || verification_uri;
+      await open(urlToOpen);
+    }
+    console.log(
+      chalk.gray(
+        `Waiting for authorization (expires in ${Math.floor(expires_in / 60)} minutes)...`
+      )
+    );
+    const token = await pollForToken(
+      authClient,
+      device_code,
+      clientId,
+      interval
+    );
+    if (token) {
+      await storeToken(token);
+      const { data: session } = await authClient.getSession({
+        fetchOptions: {
+          headers: {
+            Authorization: `Bearer ${token.access_token}`
+          }
+        }
+      });
+      outro(
+        chalk.green(
+          `\u2705 Demo login successful! Logged in as ${session?.user?.name || session?.user?.email || "User"}`
+        )
+      );
+      console.log(
+        chalk.gray(
+          "\n\u{1F4DD} Note: This was a demo authentication for testing purposes."
+        )
+      );
+    }
+  } catch (err) {
+    spinner.stop();
+    logger.error(
+      `Login failed: ${err instanceof Error ? err.message : "Unknown error"}`
+    );
+    process.exit(1);
+  }
+}
+async function pollForToken(authClient, deviceCode, clientId, initialInterval) {
+  let pollingInterval = initialInterval;
+  const spinner = yoctoSpinner({ text: "", color: "cyan" });
+  let dots = 0;
+  return new Promise((resolve, reject) => {
+    const poll = async () => {
+      dots = (dots + 1) % 4;
+      spinner.text = chalk.gray(
+        `Polling for authorization${".".repeat(dots)}${" ".repeat(3 - dots)}`
+      );
+      if (!spinner.isSpinning) spinner.start();
+      try {
+        const { data, error } = await authClient.device.token({
+          grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+          device_code: deviceCode,
+          client_id: clientId,
+          fetchOptions: {
+            headers: {
+              "user-agent": `Better Auth CLI`
+            }
+          }
+        });
+        if (data?.access_token) {
+          spinner.stop();
+          resolve(data);
+          return;
+        } else if (error) {
+          switch (error.error) {
+            case "authorization_pending":
+              break;
+            case "slow_down":
+              pollingInterval += 5;
+              spinner.text = chalk.yellow(
+                `Slowing down polling to ${pollingInterval}s`
+              );
+              break;
+            case "access_denied":
+              spinner.stop();
+              logger.error("Access was denied by the user");
+              process.exit(1);
+              break;
+            case "expired_token":
+              spinner.stop();
+              logger.error("The device code has expired. Please try again.");
+              process.exit(1);
+              break;
+            default:
+              spinner.stop();
+              logger.error(`Error: ${error.error_description}`);
+              process.exit(1);
+          }
+        }
+      } catch (err) {
+        spinner.stop();
+        logger.error(
+          `Network error: ${err instanceof Error ? err.message : "Unknown error"}`
+        );
+        process.exit(1);
+      }
+      setTimeout(poll, pollingInterval * 1e3);
+    };
+    setTimeout(poll, pollingInterval * 1e3);
+  });
+}
+async function storeToken(token) {
+  try {
+    await fs$1.mkdir(CONFIG_DIR, { recursive: true });
+    const tokenData = {
+      access_token: token.access_token,
+      token_type: token.token_type || "Bearer",
+      scope: token.scope,
+      created_at: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    await fs$1.writeFile(TOKEN_FILE, JSON.stringify(tokenData, null, 2), "utf-8");
+  } catch (error) {
+    logger.warn("Failed to store authentication token locally");
+  }
+}
+async function getStoredToken() {
+  try {
+    const data = await fs$1.readFile(TOKEN_FILE, "utf-8");
+    return JSON.parse(data);
+  } catch {
+    return null;
+  }
+}
+const login = new Command("login").description(
+  "Demo: Test device authorization flow with Better Auth demo server"
+).option("--server-url <url>", "The Better Auth server URL", DEMO_URL).option("--client-id <id>", "The OAuth client ID", CLIENT_ID).action(loginAction);
+
 process.on("SIGINT", () => process.exit(0));
 process.on("SIGTERM", () => process.exit(0));
 async function main() {
@@ -2801,7 +3007,7 @@ async function main() {
     packageInfo = await getPackageInfo();
   } catch (error) {
   }
-  program.addCommand(init).addCommand(migrate).addCommand(generate).addCommand(generateSecret).version(packageInfo.version || "1.1.2").description("Better Auth CLI").action(() => program.help());
+  program.addCommand(init).addCommand(migrate).addCommand(generate).addCommand(generateSecret).addCommand(login).version(packageInfo.version || "1.1.2").description("Better Auth CLI").action(() => program.help());
   program.parse();
 }
 main();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/cli",
-  "version": "1.3.8-beta.2",
+  "version": "1.3.8-beta.3",
   "description": "The CLI for Better Auth",
   "module": "dist/index.mjs",
   "repository": {
@@ -28,6 +28,7 @@
   "devDependencies": {
     "@types/diff": "^7.0.1",
     "@types/fs-extra": "^11.0.4",
+    "tsx": "^4.20.4",
     "typescript": "^5.9.2",
     "unbuild": "^3.5.0",
     "zod": "^4.0.0"
@@ -49,13 +50,14 @@
     "drizzle-orm": "^0.33.0",
     "fs-extra": "^11.3.0",
     "get-tsconfig": "^4.8.1",
+    "open": "^10.1.0",
     "prettier": "^3.4.2",
     "prisma": "^5.22.0",
     "prompts": "^2.4.2",
     "semver": "^7.7.1",
     "tinyexec": "^0.3.1",
     "yocto-spinner": "^0.1.1",
-    "better-auth": "1.3.8-beta.2"
+    "better-auth": "1.3.8-beta.3"
   },
   "peerDependencies": {
     "zod": "3.25.0 || ^4.0.0"
@@ -67,6 +69,7 @@
     "build": "unbuild",
     "stub": "unbuild --stub",
     "start": "node ./dist/index.mjs",
+    "dev": "tsx ./src/index.ts",
     "test": "vitest"
   }
 }