@better-auth/core 1.3.26 → 1.3.27

package/dist/db/index.d.ts

@@ -1,111 +1,96 @@
-import { ZodType } from 'zod';
+import { D as DBFieldAttribute, b as DBFieldAttributeConfig, c as DBFieldType, d as DBPrimitive, B as BetterAuthDBSchema } from '../shared/core.CnvFgghY.js';
+import * as z from 'zod';
 
-type LiteralString = "" | (string & Record<never, never>);
-
-type DBFieldType = "string" | "number" | "boolean" | "date" | "json" | `${"string" | "number"}[]` | Array<LiteralString>;
-type DBPrimitive = string | number | boolean | Date | null | undefined | string[] | number[];
-type DBFieldAttributeConfig = {
-    /**
-     * If the field should be required on a new record.
-     * @default true
-     */
-    required?: boolean;
-    /**
-     * If the value should be returned on a response body.
-     * @default true
-     */
-    returned?: boolean;
-    /**
-     * If a value should be provided when creating a new record.
-     * @default true
-     */
-    input?: boolean;
-    /**
-     * Default value for the field
-     *
-     * Note: This will not create a default value on the database level. It will only
-     * be used when creating a new record.
-     */
-    defaultValue?: DBPrimitive | (() => DBPrimitive);
-    /**
-     * Update value for the field
-     *
-     * Note: This will create an onUpdate trigger on the database level for supported adapters.
-     * It will be called when updating a record.
-     */
-    onUpdate?: () => DBPrimitive;
-    /**
-     * transform the value before storing it.
-     */
-    transform?: {
-        input?: (value: DBPrimitive) => DBPrimitive | Promise<DBPrimitive>;
-        output?: (value: DBPrimitive) => DBPrimitive | Promise<DBPrimitive>;
-    };
-    /**
-     * Reference to another model.
-     */
-    references?: {
-        /**
-         * The model to reference.
-         */
-        model: string;
-        /**
-         * The field on the referenced model.
-         */
-        field: string;
-        /**
-         * The action to perform when the reference is deleted.
-         * @default "cascade"
-         */
-        onDelete?: "no action" | "restrict" | "cascade" | "set null" | "set default";
-    };
-    unique?: boolean;
-    /**
-     * If the field should be a bigint on the database instead of integer.
-     */
-    bigint?: boolean;
-    /**
-     * A zod schema to validate the value.
-     */
-    validator?: {
-        input?: ZodType;
-        output?: ZodType;
+type BetterAuthPluginDBSchema = {
+    [table in string]: {
+        fields: {
+            [field in string]: DBFieldAttribute;
+        };
+        disableMigration?: boolean;
+        modelName?: string;
     };
-    /**
-     * The name of the field on the database.
-     */
-    fieldName?: string;
-    /**
-     * If the field should be sortable.
-     *
-     * applicable only for `text` type.
-     * It's useful to mark fields varchar instead of text.
-     */
-    sortable?: boolean;
 };
-type DBFieldAttribute<T extends DBFieldType = DBFieldType> = {
-    type: T;
-} & DBFieldAttributeConfig;
-type BetterAuthDBSchema = Record<string, {
-    /**
-     * The name of the table in the database
-     */
-    modelName: string;
-    /**
-     * The fields of the table
-     */
-    fields: Record<string, DBFieldAttribute>;
-    /**
-     * Whether to disable migrations for this table
-     * @default false
-     */
-    disableMigrations?: boolean;
-    /**
-     * The order of the table
-     */
-    order?: number;
-}>;
 
+declare const coreSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+}, z.core.$strip>;
+
+declare const userSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    email: z.ZodPipe<z.ZodString, z.ZodTransform<string, string>>;
+    emailVerified: z.ZodDefault<z.ZodBoolean>;
+    name: z.ZodString;
+    image: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * User schema type used by better-auth, note that it's possible that user could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type User = z.infer<typeof userSchema>;
+
+declare const accountSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    providerId: z.ZodString;
+    accountId: z.ZodString;
+    userId: z.ZodCoercedString<unknown>;
+    accessToken: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    refreshToken: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    idToken: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    accessTokenExpiresAt: z.ZodOptional<z.ZodNullable<z.ZodDate>>;
+    refreshTokenExpiresAt: z.ZodOptional<z.ZodNullable<z.ZodDate>>;
+    scope: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    password: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * Account schema type used by better-auth, note that it's possible that account could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type Account = z.infer<typeof accountSchema>;
+
+declare const sessionSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    userId: z.ZodCoercedString<unknown>;
+    expiresAt: z.ZodDate;
+    token: z.ZodString;
+    ipAddress: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    userAgent: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * Session schema type used by better-auth, note that it's possible that session could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type Session = z.infer<typeof sessionSchema>;
+
+declare const verificationSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    value: z.ZodString;
+    expiresAt: z.ZodDate;
+    identifier: z.ZodString;
+}, z.core.$strip>;
+/**
+ * Verification schema type used by better-auth, note that it's possible that verification could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type Verification = z.infer<typeof verificationSchema>;
+
+/**
+ * @deprecated Backport for 1.3.x, we will remove this in 1.4.x
+ */
+type AuthPluginSchema = BetterAuthPluginDBSchema;
 /**
  * @deprecated Backport for 1.3.x, we will remove this in 1.4.x
  */
@@ -127,4 +112,5 @@ type Primitive = DBPrimitive;
  */
 type BetterAuthDbSchema = BetterAuthDBSchema;
 
-export type { BetterAuthDBSchema, BetterAuthDbSchema, DBFieldAttribute, DBFieldAttributeConfig, DBFieldType, DBPrimitive, FieldAttribute, FieldAttributeConfig, FieldType, Primitive };
+export { BetterAuthDBSchema, DBFieldAttribute, DBFieldAttributeConfig, DBFieldType, DBPrimitive, accountSchema, coreSchema, sessionSchema, userSchema, verificationSchema };
+export type { Account, AuthPluginSchema, BetterAuthDbSchema, BetterAuthPluginDBSchema, FieldAttribute, FieldAttributeConfig, FieldType, Primitive, Session, User, Verification };

package/dist/db/index.mjs

@@ -1 +1,55 @@
+import * as z from 'zod';
 
+const coreSchema = z.object({
+  id: z.string(),
+  createdAt: z.date().default(() => /* @__PURE__ */ new Date()),
+  updatedAt: z.date().default(() => /* @__PURE__ */ new Date())
+});
+
+const userSchema = coreSchema.extend({
+  email: z.string().transform((val) => val.toLowerCase()),
+  emailVerified: z.boolean().default(false),
+  name: z.string(),
+  image: z.string().nullish()
+});
+
+const accountSchema = coreSchema.extend({
+  providerId: z.string(),
+  accountId: z.string(),
+  userId: z.coerce.string(),
+  accessToken: z.string().nullish(),
+  refreshToken: z.string().nullish(),
+  idToken: z.string().nullish(),
+  /**
+   * Access token expires at
+   */
+  accessTokenExpiresAt: z.date().nullish(),
+  /**
+   * Refresh token expires at
+   */
+  refreshTokenExpiresAt: z.date().nullish(),
+  /**
+   * The scopes that the user has authorized
+   */
+  scope: z.string().nullish(),
+  /**
+   * Password is only stored in the credential provider
+   */
+  password: z.string().nullish()
+});
+
+const sessionSchema = coreSchema.extend({
+  userId: z.coerce.string(),
+  expiresAt: z.date(),
+  token: z.string(),
+  ipAddress: z.string().nullish(),
+  userAgent: z.string().nullish()
+});
+
+const verificationSchema = coreSchema.extend({
+  value: z.string(),
+  expiresAt: z.date(),
+  identifier: z.string()
+});
+
+export { accountSchema, coreSchema, sessionSchema, userSchema, verificationSchema };

package/dist/index.d.cts

@@ -1,2 +1,124 @@
+import { L as LiteralUnion, M as Models } from './shared/core.CnvFgghY.cjs';
+export { a as LiteralString } from './shared/core.CnvFgghY.cjs';
+import { CookieOptions } from 'better-call';
+import 'zod';
 
-export { };
+type GenerateIdFn = (options: {
+    model: LiteralUnion<Models, string>;
+    size?: number;
+}) => string | false;
+type BetterAuthAdvancedOptions = {
+    /**
+     * Ip address configuration
+     */
+    ipAddress?: {
+        /**
+         * List of headers to use for ip address
+         *
+         * Ip address is used for rate limiting and session tracking
+         *
+         * @example ["x-client-ip", "x-forwarded-for", "cf-connecting-ip"]
+         *
+         * @default
+         * @link https://github.com/better-auth/better-auth/blob/main/packages/better-auth/src/utils/get-request-ip.ts#L8
+         */
+        ipAddressHeaders?: string[];
+        /**
+         * Disable ip tracking
+         *
+         * ⚠︎ This is a security risk and it may expose your application to abuse
+         */
+        disableIpTracking?: boolean;
+    };
+    /**
+     * Use secure cookies
+     *
+     * @default false
+     */
+    useSecureCookies?: boolean;
+    /**
+     * Disable trusted origins check
+     *
+     * ⚠︎ This is a security risk and it may expose your application to CSRF attacks
+     */
+    disableCSRFCheck?: boolean;
+    /**
+     * Configure cookies to be cross subdomains
+     */
+    crossSubDomainCookies?: {
+        /**
+         * Enable cross subdomain cookies
+         */
+        enabled: boolean;
+        /**
+         * Additional cookies to be shared across subdomains
+         */
+        additionalCookies?: string[];
+        /**
+         * The domain to use for the cookies
+         *
+         * By default, the domain will be the root
+         * domain from the base URL.
+         */
+        domain?: string;
+    };
+    cookies?: {
+        [key: string]: {
+            name?: string;
+            attributes?: CookieOptions;
+        };
+    };
+    defaultCookieAttributes?: CookieOptions;
+    /**
+     * Prefix for cookies. If a cookie name is provided
+     * in cookies config, this will be overridden.
+     *
+     * @default
+     * ```txt
+     * "appName" -> which defaults to "better-auth"
+     * ```
+     */
+    cookiePrefix?: string;
+    /**
+     * Database configuration.
+     */
+    database?: {
+        /**
+         * The default number of records to return from the database
+         * when using the `findMany` adapter method.
+         *
+         * @default 100
+         */
+        defaultFindManyLimit?: number;
+        /**
+         * If your database auto increments number ids, set this to `true`.
+         *
+         * Note: If enabled, we will not handle ID generation (including if you use `generateId`), and it would be expected that your database will provide the ID automatically.
+         *
+         * @default false
+         */
+        useNumberId?: boolean;
+        /**
+         * Custom generateId function.
+         *
+         * If not provided, random ids will be generated.
+         * If set to false, the database's auto generated id will be used.
+         */
+        generateId?: GenerateIdFn | false;
+    };
+    /**
+     * Custom generateId function.
+     *
+     * If not provided, random ids will be generated.
+     * If set to false, the database's auto generated id will be used.
+     *
+     * @deprecated Please use `database.generateId` instead. This will be potentially removed in future releases.
+     */
+    generateId?: GenerateIdFn | false;
+};
+
+interface BetterAuthMutators<O, C> {
+}
+
+export { LiteralUnion };
+export type { BetterAuthAdvancedOptions, BetterAuthMutators, GenerateIdFn };

package/dist/index.d.mts

@@ -1,2 +1,124 @@
+import { L as LiteralUnion, M as Models } from './shared/core.CnvFgghY.mjs';
+export { a as LiteralString } from './shared/core.CnvFgghY.mjs';
+import { CookieOptions } from 'better-call';
+import 'zod';
 
-export { };
+type GenerateIdFn = (options: {
+    model: LiteralUnion<Models, string>;
+    size?: number;
+}) => string | false;
+type BetterAuthAdvancedOptions = {
+    /**
+     * Ip address configuration
+     */
+    ipAddress?: {
+        /**
+         * List of headers to use for ip address
+         *
+         * Ip address is used for rate limiting and session tracking
+         *
+         * @example ["x-client-ip", "x-forwarded-for", "cf-connecting-ip"]
+         *
+         * @default
+         * @link https://github.com/better-auth/better-auth/blob/main/packages/better-auth/src/utils/get-request-ip.ts#L8
+         */
+        ipAddressHeaders?: string[];
+        /**
+         * Disable ip tracking
+         *
+         * ⚠︎ This is a security risk and it may expose your application to abuse
+         */
+        disableIpTracking?: boolean;
+    };
+    /**
+     * Use secure cookies
+     *
+     * @default false
+     */
+    useSecureCookies?: boolean;
+    /**
+     * Disable trusted origins check
+     *
+     * ⚠︎ This is a security risk and it may expose your application to CSRF attacks
+     */
+    disableCSRFCheck?: boolean;
+    /**
+     * Configure cookies to be cross subdomains
+     */
+    crossSubDomainCookies?: {
+        /**
+         * Enable cross subdomain cookies
+         */
+        enabled: boolean;
+        /**
+         * Additional cookies to be shared across subdomains
+         */
+        additionalCookies?: string[];
+        /**
+         * The domain to use for the cookies
+         *
+         * By default, the domain will be the root
+         * domain from the base URL.
+         */
+        domain?: string;
+    };
+    cookies?: {
+        [key: string]: {
+            name?: string;
+            attributes?: CookieOptions;
+        };
+    };
+    defaultCookieAttributes?: CookieOptions;
+    /**
+     * Prefix for cookies. If a cookie name is provided
+     * in cookies config, this will be overridden.
+     *
+     * @default
+     * ```txt
+     * "appName" -> which defaults to "better-auth"
+     * ```
+     */
+    cookiePrefix?: string;
+    /**
+     * Database configuration.
+     */
+    database?: {
+        /**
+         * The default number of records to return from the database
+         * when using the `findMany` adapter method.
+         *
+         * @default 100
+         */
+        defaultFindManyLimit?: number;
+        /**
+         * If your database auto increments number ids, set this to `true`.
+         *
+         * Note: If enabled, we will not handle ID generation (including if you use `generateId`), and it would be expected that your database will provide the ID automatically.
+         *
+         * @default false
+         */
+        useNumberId?: boolean;
+        /**
+         * Custom generateId function.
+         *
+         * If not provided, random ids will be generated.
+         * If set to false, the database's auto generated id will be used.
+         */
+        generateId?: GenerateIdFn | false;
+    };
+    /**
+     * Custom generateId function.
+     *
+     * If not provided, random ids will be generated.
+     * If set to false, the database's auto generated id will be used.
+     *
+     * @deprecated Please use `database.generateId` instead. This will be potentially removed in future releases.
+     */
+    generateId?: GenerateIdFn | false;
+};
+
+interface BetterAuthMutators<O, C> {
+}
+
+export { LiteralUnion };
+export type { BetterAuthAdvancedOptions, BetterAuthMutators, GenerateIdFn };

package/dist/index.d.ts

@@ -1,2 +1,124 @@
+import { L as LiteralUnion, M as Models } from './shared/core.CnvFgghY.js';
+export { a as LiteralString } from './shared/core.CnvFgghY.js';
+import { CookieOptions } from 'better-call';
+import 'zod';
 
-export { };
+type GenerateIdFn = (options: {
+    model: LiteralUnion<Models, string>;
+    size?: number;
+}) => string | false;
+type BetterAuthAdvancedOptions = {
+    /**
+     * Ip address configuration
+     */
+    ipAddress?: {
+        /**
+         * List of headers to use for ip address
+         *
+         * Ip address is used for rate limiting and session tracking
+         *
+         * @example ["x-client-ip", "x-forwarded-for", "cf-connecting-ip"]
+         *
+         * @default
+         * @link https://github.com/better-auth/better-auth/blob/main/packages/better-auth/src/utils/get-request-ip.ts#L8
+         */
+        ipAddressHeaders?: string[];
+        /**
+         * Disable ip tracking
+         *
+         * ⚠︎ This is a security risk and it may expose your application to abuse
+         */
+        disableIpTracking?: boolean;
+    };
+    /**
+     * Use secure cookies
+     *
+     * @default false
+     */
+    useSecureCookies?: boolean;
+    /**
+     * Disable trusted origins check
+     *
+     * ⚠︎ This is a security risk and it may expose your application to CSRF attacks
+     */
+    disableCSRFCheck?: boolean;
+    /**
+     * Configure cookies to be cross subdomains
+     */
+    crossSubDomainCookies?: {
+        /**
+         * Enable cross subdomain cookies
+         */
+        enabled: boolean;
+        /**
+         * Additional cookies to be shared across subdomains
+         */
+        additionalCookies?: string[];
+        /**
+         * The domain to use for the cookies
+         *
+         * By default, the domain will be the root
+         * domain from the base URL.
+         */
+        domain?: string;
+    };
+    cookies?: {
+        [key: string]: {
+            name?: string;
+            attributes?: CookieOptions;
+        };
+    };
+    defaultCookieAttributes?: CookieOptions;
+    /**
+     * Prefix for cookies. If a cookie name is provided
+     * in cookies config, this will be overridden.
+     *
+     * @default
+     * ```txt
+     * "appName" -> which defaults to "better-auth"
+     * ```
+     */
+    cookiePrefix?: string;
+    /**
+     * Database configuration.
+     */
+    database?: {
+        /**
+         * The default number of records to return from the database
+         * when using the `findMany` adapter method.
+         *
+         * @default 100
+         */
+        defaultFindManyLimit?: number;
+        /**
+         * If your database auto increments number ids, set this to `true`.
+         *
+         * Note: If enabled, we will not handle ID generation (including if you use `generateId`), and it would be expected that your database will provide the ID automatically.
+         *
+         * @default false
+         */
+        useNumberId?: boolean;
+        /**
+         * Custom generateId function.
+         *
+         * If not provided, random ids will be generated.
+         * If set to false, the database's auto generated id will be used.
+         */
+        generateId?: GenerateIdFn | false;
+    };
+    /**
+     * Custom generateId function.
+     *
+     * If not provided, random ids will be generated.
+     * If set to false, the database's auto generated id will be used.
+     *
+     * @deprecated Please use `database.generateId` instead. This will be potentially removed in future releases.
+     */
+    generateId?: GenerateIdFn | false;
+};
+
+interface BetterAuthMutators<O, C> {
+}
+
+export { LiteralUnion };
+export type { BetterAuthAdvancedOptions, BetterAuthMutators, GenerateIdFn };