@better-auth/cli 1.3.8-beta.2 → 1.3.8-beta.4

package/dist/index.mjs

@@ -4,10 +4,9 @@ import { parse } from 'dotenv';
 import semver from 'semver';
 import prettier, { format } from 'prettier';
 import * as z from 'zod/v4';
-import fs$2, { existsSync } from 'fs';
+import fs, { existsSync } from 'fs';
 import path from 'path';
 import fs$1 from 'fs/promises';
-import fs from 'fs-extra';
 import chalk from 'chalk';
 import { intro, log, outro, confirm, isCancel, cancel, spinner, text, select, multiselect } from '@clack/prompts';
 import { exec } from 'child_process';
@@ -20,15 +19,15 @@ import { loadConfig } from 'c12';
 import babelPresetTypeScript from '@babel/preset-typescript';
 import babelPresetReact from '@babel/preset-react';
 import { produceSchema } from '@mrleebo/prisma-ast';
+import { createAuthClient } from 'better-auth/client';
+import { deviceAuthorizationClient } from 'better-auth/client/plugins';
+import open from 'open';
+import os from 'os';
 import 'dotenv/config';
 
 function getPackageInfo(cwd) {
   const packageJsonPath = cwd ? path.join(cwd, "package.json") : path.join("package.json");
-  try {
-    return fs.readJSONSync(packageJsonPath);
-  } catch (error) {
-    throw error;
-  }
+  return JSON.parse(fs.readFileSync(packageJsonPath, "utf-8"));
 }
 
 function installDependencies({
@@ -1690,9 +1689,9 @@ function getSvelteKitPathAliases(cwd) {
   const svelteConfigPath = path.join(cwd, "svelte.config.js");
   const svelteConfigTsPath = path.join(cwd, "svelte.config.ts");
   let isSvelteKitProject = false;
-  if (fs$2.existsSync(packageJsonPath)) {
+  if (fs.existsSync(packageJsonPath)) {
     try {
-      const packageJson = JSON.parse(fs$2.readFileSync(packageJsonPath, "utf-8"));
+      const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, "utf-8"));
       const deps = {
         ...packageJson.dependencies,
         ...packageJson.devDependencies
@@ -1702,19 +1701,19 @@ function getSvelteKitPathAliases(cwd) {
     }
   }
   if (!isSvelteKitProject) {
-    isSvelteKitProject = fs$2.existsSync(svelteConfigPath) || fs$2.existsSync(svelteConfigTsPath);
+    isSvelteKitProject = fs.existsSync(svelteConfigPath) || fs.existsSync(svelteConfigTsPath);
   }
   if (!isSvelteKitProject) {
     return aliases;
   }
   const libPaths = [path.join(cwd, "src", "lib"), path.join(cwd, "lib")];
   for (const libPath of libPaths) {
-    if (fs$2.existsSync(libPath)) {
+    if (fs.existsSync(libPath)) {
       aliases["$lib"] = libPath;
       const commonSubPaths = ["server", "utils", "components", "stores"];
       for (const subPath of commonSubPaths) {
         const subDir = path.join(libPath, subPath);
-        if (fs$2.existsSync(subDir)) {
+        if (fs.existsSync(subDir)) {
           aliases[`$lib/${subPath}`] = subDir;
         }
       }
@@ -1733,9 +1732,9 @@ function getSvelteConfigAliases(cwd) {
     path.join(cwd, "svelte.config.ts")
   ];
   for (const configPath of configPaths) {
-    if (fs$2.existsSync(configPath)) {
+    if (fs.existsSync(configPath)) {
       try {
-        const content = fs$2.readFileSync(configPath, "utf-8");
+        const content = fs.readFileSync(configPath, "utf-8");
         const aliasMatch = content.match(/alias\s*:\s*\{([^}]+)\}/);
         if (aliasMatch && aliasMatch[1]) {
           const aliasContent = aliasMatch[1];
@@ -1871,9 +1870,9 @@ function resolveReferencePath(configDir, refPath) {
   if (refPath.endsWith(".json")) {
     return resolvedPath;
   }
-  if (fs$2.existsSync(resolvedPath)) {
+  if (fs.existsSync(resolvedPath)) {
     try {
-      const stats = fs$2.statSync(resolvedPath);
+      const stats = fs.statSync(resolvedPath);
       if (stats.isFile()) {
         return resolvedPath;
       }
@@ -1887,7 +1886,7 @@ function getPathAliasesRecursive(tsconfigPath, visited = /* @__PURE__ */ new Set
     return {};
   }
   visited.add(tsconfigPath);
-  if (!fs$2.existsSync(tsconfigPath)) {
+  if (!fs.existsSync(tsconfigPath)) {
     logger.warn(`Referenced tsconfig not found: ${tsconfigPath}`);
     return {};
   }
@@ -1924,7 +1923,7 @@ function getPathAliasesRecursive(tsconfigPath, visited = /* @__PURE__ */ new Set
 }
 function getPathAliases(cwd) {
   const tsConfigPath = path.join(cwd, "tsconfig.json");
-  if (!fs$2.existsSync(tsConfigPath)) {
+  if (!fs.existsSync(tsConfigPath)) {
     return null;
   }
   try {
@@ -2338,8 +2337,13 @@ const generateDrizzleSchema = async ({
           type += `.default(${attr.defaultValue})`;
         }
       }
+      if (attr.onUpdate && attr.type === "date") {
+        if (typeof attr.onUpdate === "function") {
+          type += `.$onUpdate(${attr.onUpdate})`;
+        }
+      }
       return `${field}: ${type}${attr.required ? ".notNull()" : ""}${attr.unique ? ".unique()" : ""}${attr.references ? `.references(()=> ${getModelName(
-        attr.references.model,
+        tables[attr.references.model]?.modelName || attr.references.model,
         adapter.options
       )}.${attr.references.field}, { onDelete: '${attr.references.onDelete || "cascade"}' })` : ""}`;
     }).join(",\n ")}
@@ -2792,6 +2796,213 @@ const generate = new Command("generate").option(
   "the path to the configuration file. defaults to the first configuration file found."
 ).option("--output <output>", "the file to output to the generated schema").option("-y, --yes", "automatically answer yes to all prompts", false).option("--y", "(deprecated) same as --yes", false).action(generateAction);
 
+const DEMO_URL = "https://demo.better-auth.com";
+const CLIENT_ID = "better-auth-cli";
+const CONFIG_DIR = path.join(os.homedir(), ".better-auth");
+const TOKEN_FILE = path.join(CONFIG_DIR, "token.json");
+async function loginAction(opts) {
+  const options = z.object({
+    serverUrl: z.string().optional(),
+    clientId: z.string().optional()
+  }).parse(opts);
+  const serverUrl = options.serverUrl || DEMO_URL;
+  const clientId = options.clientId || CLIENT_ID;
+  intro(chalk.bold("\u{1F510} Better Auth CLI Login (Demo)"));
+  console.log(
+    chalk.yellow(
+      "\u26A0\uFE0F  This is a demo feature for testing device authorization flow."
+    )
+  );
+  console.log(
+    chalk.gray(
+      "   It connects to the Better Auth demo server for testing purposes.\n"
+    )
+  );
+  const existingToken = await getStoredToken();
+  if (existingToken) {
+    const shouldReauth = await confirm({
+      message: "You're already logged in. Do you want to log in again?",
+      initialValue: false
+    });
+    if (isCancel(shouldReauth) || !shouldReauth) {
+      cancel("Login cancelled");
+      process.exit(0);
+    }
+  }
+  const authClient = createAuthClient({
+    baseURL: serverUrl,
+    plugins: [deviceAuthorizationClient()]
+  });
+  const spinner = yoctoSpinner({ text: "Requesting device authorization..." });
+  spinner.start();
+  try {
+    const { data, error } = await authClient.device.code({
+      client_id: clientId,
+      scope: "openid profile email"
+    });
+    spinner.stop();
+    if (error || !data) {
+      logger.error(
+        `Failed to request device authorization: ${error?.error_description || "Unknown error"}`
+      );
+      process.exit(1);
+    }
+    const {
+      device_code,
+      user_code,
+      verification_uri,
+      verification_uri_complete,
+      interval = 5,
+      expires_in
+    } = data;
+    console.log("");
+    console.log(chalk.cyan("\u{1F4F1} Device Authorization Required"));
+    console.log("");
+    console.log(`Please visit: ${chalk.underline.blue(verification_uri)}`);
+    console.log(`Enter code: ${chalk.bold.green(user_code)}`);
+    console.log("");
+    const shouldOpen = await confirm({
+      message: "Open browser automatically?",
+      initialValue: true
+    });
+    if (!isCancel(shouldOpen) && shouldOpen) {
+      const urlToOpen = verification_uri_complete || verification_uri;
+      await open(urlToOpen);
+    }
+    console.log(
+      chalk.gray(
+        `Waiting for authorization (expires in ${Math.floor(expires_in / 60)} minutes)...`
+      )
+    );
+    const token = await pollForToken(
+      authClient,
+      device_code,
+      clientId,
+      interval
+    );
+    if (token) {
+      await storeToken(token);
+      const { data: session } = await authClient.getSession({
+        fetchOptions: {
+          headers: {
+            Authorization: `Bearer ${token.access_token}`
+          }
+        }
+      });
+      outro(
+        chalk.green(
+          `\u2705 Demo login successful! Logged in as ${session?.user?.name || session?.user?.email || "User"}`
+        )
+      );
+      console.log(
+        chalk.gray(
+          "\n\u{1F4DD} Note: This was a demo authentication for testing purposes."
+        )
+      );
+      console.log(
+        chalk.blue(
+          "\nFor more information, visit: https://better-auth.com/docs/plugins/device-authorization"
+        )
+      );
+    }
+  } catch (err) {
+    spinner.stop();
+    logger.error(
+      `Login failed: ${err instanceof Error ? err.message : "Unknown error"}`
+    );
+    process.exit(1);
+  }
+}
+async function pollForToken(authClient, deviceCode, clientId, initialInterval) {
+  let pollingInterval = initialInterval;
+  const spinner = yoctoSpinner({ text: "", color: "cyan" });
+  let dots = 0;
+  return new Promise((resolve, reject) => {
+    const poll = async () => {
+      dots = (dots + 1) % 4;
+      spinner.text = chalk.gray(
+        `Polling for authorization${".".repeat(dots)}${" ".repeat(3 - dots)}`
+      );
+      if (!spinner.isSpinning) spinner.start();
+      try {
+        const { data, error } = await authClient.device.token({
+          grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+          device_code: deviceCode,
+          client_id: clientId,
+          fetchOptions: {
+            headers: {
+              "user-agent": `Better Auth CLI`
+            }
+          }
+        });
+        if (data?.access_token) {
+          spinner.stop();
+          resolve(data);
+          return;
+        } else if (error) {
+          switch (error.error) {
+            case "authorization_pending":
+              break;
+            case "slow_down":
+              pollingInterval += 5;
+              spinner.text = chalk.yellow(
+                `Slowing down polling to ${pollingInterval}s`
+              );
+              break;
+            case "access_denied":
+              spinner.stop();
+              logger.error("Access was denied by the user");
+              process.exit(1);
+              break;
+            case "expired_token":
+              spinner.stop();
+              logger.error("The device code has expired. Please try again.");
+              process.exit(1);
+              break;
+            default:
+              spinner.stop();
+              logger.error(`Error: ${error.error_description}`);
+              process.exit(1);
+          }
+        }
+      } catch (err) {
+        spinner.stop();
+        logger.error(
+          `Network error: ${err instanceof Error ? err.message : "Unknown error"}`
+        );
+        process.exit(1);
+      }
+      setTimeout(poll, pollingInterval * 1e3);
+    };
+    setTimeout(poll, pollingInterval * 1e3);
+  });
+}
+async function storeToken(token) {
+  try {
+    await fs$1.mkdir(CONFIG_DIR, { recursive: true });
+    const tokenData = {
+      access_token: token.access_token,
+      token_type: token.token_type || "Bearer",
+      scope: token.scope,
+      created_at: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    await fs$1.writeFile(TOKEN_FILE, JSON.stringify(tokenData, null, 2), "utf-8");
+  } catch (error) {
+    logger.warn("Failed to store authentication token locally");
+  }
+}
+async function getStoredToken() {
+  try {
+    const data = await fs$1.readFile(TOKEN_FILE, "utf-8");
+    return JSON.parse(data);
+  } catch {
+    return null;
+  }
+}
+const login = new Command("login").description(
+  "Demo: Test device authorization flow with Better Auth demo server"
+).option("--server-url <url>", "The Better Auth server URL", DEMO_URL).option("--client-id <id>", "The OAuth client ID", CLIENT_ID).action(loginAction);
+
 process.on("SIGINT", () => process.exit(0));
 process.on("SIGTERM", () => process.exit(0));
 async function main() {
@@ -2801,7 +3012,7 @@ async function main() {
     packageInfo = await getPackageInfo();
   } catch (error) {
   }
-  program.addCommand(init).addCommand(migrate).addCommand(generate).addCommand(generateSecret).version(packageInfo.version || "1.1.2").description("Better Auth CLI").action(() => program.help());
+  program.addCommand(init).addCommand(migrate).addCommand(generate).addCommand(generateSecret).addCommand(login).version(packageInfo.version || "1.1.2").description("Better Auth CLI").action(() => program.help());
   program.parse();
 }
 main();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/cli",
-  "version": "1.3.8-beta.2",
+  "version": "1.3.8-beta.4",
   "description": "The CLI for Better Auth",
   "module": "dist/index.mjs",
   "repository": {
@@ -26,11 +26,9 @@
   "exports": "./dist/index.mjs",
   "bin": "./dist/index.mjs",
   "devDependencies": {
-    "@types/diff": "^7.0.1",
-    "@types/fs-extra": "^11.0.4",
+    "tsx": "^4.20.4",
     "typescript": "^5.9.2",
-    "unbuild": "^3.5.0",
-    "zod": "^4.0.0"
+    "unbuild": "^3.5.0"
   },
   "dependencies": {
     "@babel/core": "^7.0.0",
@@ -47,18 +45,16 @@
     "commander": "^12.1.0",
     "dotenv": "^16.4.7",
     "drizzle-orm": "^0.33.0",
-    "fs-extra": "^11.3.0",
     "get-tsconfig": "^4.8.1",
+    "open": "^10.1.0",
     "prettier": "^3.4.2",
     "prisma": "^5.22.0",
     "prompts": "^2.4.2",
     "semver": "^7.7.1",
     "tinyexec": "^0.3.1",
     "yocto-spinner": "^0.1.1",
-    "better-auth": "1.3.8-beta.2"
-  },
-  "peerDependencies": {
-    "zod": "3.25.0 || ^4.0.0"
+    "zod": "^4.0.0",
+    "better-auth": "1.3.8-beta.4"
   },
   "files": [
     "dist"
@@ -67,6 +63,7 @@
     "build": "unbuild",
     "stub": "unbuild --stub",
     "start": "node ./dist/index.mjs",
+    "dev": "tsx ./src/index.ts",
     "test": "vitest"
   }
 }