@better-auth/core 1.3.26 → 1.3.28

package/dist/shared/core.DkdZ1o38.d.ts

@@ -0,0 +1,181 @@
+import { L as LiteralString } from './core.CajxAutx.js';
+
+interface OAuth2Tokens {
+    tokenType?: string;
+    accessToken?: string;
+    refreshToken?: string;
+    accessTokenExpiresAt?: Date;
+    refreshTokenExpiresAt?: Date;
+    scopes?: string[];
+    idToken?: string;
+}
+type OAuth2UserInfo = {
+    id: string | number;
+    name?: string;
+    email?: string | null;
+    image?: string;
+    emailVerified: boolean;
+};
+interface OAuthProvider<T extends Record<string, any> = Record<string, any>, O extends Record<string, any> = Partial<ProviderOptions>> {
+    id: LiteralString;
+    createAuthorizationURL: (data: {
+        state: string;
+        codeVerifier: string;
+        scopes?: string[];
+        redirectURI: string;
+        display?: string;
+        loginHint?: string;
+    }) => Promise<URL> | URL;
+    name: string;
+    validateAuthorizationCode: (data: {
+        code: string;
+        redirectURI: string;
+        codeVerifier?: string;
+        deviceId?: string;
+    }) => Promise<OAuth2Tokens>;
+    getUserInfo: (token: OAuth2Tokens & {
+        /**
+         * The user object from the provider
+         * This is only available for some providers like Apple
+         */
+        user?: {
+            name?: {
+                firstName?: string;
+                lastName?: string;
+            };
+            email?: string;
+        };
+    }) => Promise<{
+        user: OAuth2UserInfo;
+        data: T;
+    } | null>;
+    /**
+     * Custom function to refresh a token
+     */
+    refreshAccessToken?: (refreshToken: string) => Promise<OAuth2Tokens>;
+    revokeToken?: (token: string) => Promise<void>;
+    /**
+     * Verify the id token
+     * @param token - The id token
+     * @param nonce - The nonce
+     * @returns True if the id token is valid, false otherwise
+     */
+    verifyIdToken?: (token: string, nonce?: string) => Promise<boolean>;
+    /**
+     * Disable implicit sign up for new users. When set to true for the provider,
+     * sign-in need to be called with with requestSignUp as true to create new users.
+     */
+    disableImplicitSignUp?: boolean;
+    /**
+     * Disable sign up for new users.
+     */
+    disableSignUp?: boolean;
+    /**
+     * Options for the provider
+     */
+    options?: O;
+}
+type ProviderOptions<Profile extends Record<string, any> = any> = {
+    /**
+     * The client ID of your application.
+     *
+     * This is usually a string but can be any type depending on the provider.
+     */
+    clientId?: unknown;
+    /**
+     * The client secret of your application
+     */
+    clientSecret?: string;
+    /**
+     * The scopes you want to request from the provider
+     */
+    scope?: string[];
+    /**
+     * Remove default scopes of the provider
+     */
+    disableDefaultScope?: boolean;
+    /**
+     * The redirect URL for your application. This is where the provider will
+     * redirect the user after the sign in process. Make sure this URL is
+     * whitelisted in the provider's dashboard.
+     */
+    redirectURI?: string;
+    /**
+     * The client key of your application
+     * Tiktok Social Provider uses this field instead of clientId
+     */
+    clientKey?: string;
+    /**
+     * Disable provider from allowing users to sign in
+     * with this provider with an id token sent from the
+     * client.
+     */
+    disableIdTokenSignIn?: boolean;
+    /**
+     * verifyIdToken function to verify the id token
+     */
+    verifyIdToken?: (token: string, nonce?: string) => Promise<boolean>;
+    /**
+     * Custom function to get user info from the provider
+     */
+    getUserInfo?: (token: OAuth2Tokens) => Promise<{
+        user: {
+            id: string;
+            name?: string;
+            email?: string | null;
+            image?: string;
+            emailVerified: boolean;
+            [key: string]: any;
+        };
+        data: any;
+    }>;
+    /**
+     * Custom function to refresh a token
+     */
+    refreshAccessToken?: (refreshToken: string) => Promise<OAuth2Tokens>;
+    /**
+     * Custom function to map the provider profile to a
+     * user.
+     */
+    mapProfileToUser?: (profile: Profile) => {
+        id?: string;
+        name?: string;
+        email?: string | null;
+        image?: string;
+        emailVerified?: boolean;
+        [key: string]: any;
+    } | Promise<{
+        id?: string;
+        name?: string;
+        email?: string | null;
+        image?: string;
+        emailVerified?: boolean;
+        [key: string]: any;
+    }>;
+    /**
+     * Disable implicit sign up for new users. When set to true for the provider,
+     * sign-in need to be called with with requestSignUp as true to create new users.
+     */
+    disableImplicitSignUp?: boolean;
+    /**
+     * Disable sign up for new users.
+     */
+    disableSignUp?: boolean;
+    /**
+     * The prompt to use for the authorization code request
+     */
+    prompt?: "select_account" | "consent" | "login" | "none" | "select_account consent";
+    /**
+     * The response mode to use for the authorization code request
+     */
+    responseMode?: "query" | "form_post";
+    /**
+     * If enabled, the user info will be overridden with the provider user info
+     * This is useful if you want to use the provider user info to update the user info
+     *
+     * @default false
+     */
+    overrideUserInfoOnSignIn?: boolean;
+};
+
+export type { OAuth2Tokens as O, ProviderOptions as P, OAuthProvider as a, OAuth2UserInfo as b };

package/dist/shared/core.Dl-70uns.d.cts

@@ -0,0 +1,84 @@
+import * as z from 'zod';
+
+declare const userSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    email: z.ZodPipe<z.ZodString, z.ZodTransform<string, string>>;
+    emailVerified: z.ZodDefault<z.ZodBoolean>;
+    name: z.ZodString;
+    image: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * User schema type used by better-auth, note that it's possible that user could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type User = z.infer<typeof userSchema>;
+
+declare const accountSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    providerId: z.ZodString;
+    accountId: z.ZodString;
+    userId: z.ZodCoercedString<unknown>;
+    accessToken: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    refreshToken: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    idToken: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    accessTokenExpiresAt: z.ZodOptional<z.ZodNullable<z.ZodDate>>;
+    refreshTokenExpiresAt: z.ZodOptional<z.ZodNullable<z.ZodDate>>;
+    scope: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    password: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * Account schema type used by better-auth, note that it's possible that account could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type Account = z.infer<typeof accountSchema>;
+
+declare const sessionSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    userId: z.ZodCoercedString<unknown>;
+    expiresAt: z.ZodDate;
+    token: z.ZodString;
+    ipAddress: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    userAgent: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * Session schema type used by better-auth, note that it's possible that session could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type Session = z.infer<typeof sessionSchema>;
+
+declare const verificationSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    value: z.ZodString;
+    expiresAt: z.ZodDate;
+    identifier: z.ZodString;
+}, z.core.$strip>;
+/**
+ * Verification schema type used by better-auth, note that it's possible that verification could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type Verification = z.infer<typeof verificationSchema>;
+
+declare const rateLimitSchema: z.ZodObject<{
+    key: z.ZodString;
+    count: z.ZodNumber;
+    lastRequest: z.ZodNumber;
+}, z.core.$strip>;
+/**
+ * Rate limit schema type used by better-auth for rate limiting
+ */
+type RateLimit = z.infer<typeof rateLimitSchema>;
+
+export { accountSchema as a, rateLimitSchema as r, sessionSchema as s, userSchema as u, verificationSchema as v };
+export type { Account as A, RateLimit as R, Session as S, User as U, Verification as V };

package/dist/shared/core.Dl-70uns.d.mts

@@ -0,0 +1,84 @@
+import * as z from 'zod';
+
+declare const userSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    email: z.ZodPipe<z.ZodString, z.ZodTransform<string, string>>;
+    emailVerified: z.ZodDefault<z.ZodBoolean>;
+    name: z.ZodString;
+    image: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * User schema type used by better-auth, note that it's possible that user could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type User = z.infer<typeof userSchema>;
+
+declare const accountSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    providerId: z.ZodString;
+    accountId: z.ZodString;
+    userId: z.ZodCoercedString<unknown>;
+    accessToken: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    refreshToken: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    idToken: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    accessTokenExpiresAt: z.ZodOptional<z.ZodNullable<z.ZodDate>>;
+    refreshTokenExpiresAt: z.ZodOptional<z.ZodNullable<z.ZodDate>>;
+    scope: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    password: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * Account schema type used by better-auth, note that it's possible that account could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type Account = z.infer<typeof accountSchema>;
+
+declare const sessionSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    userId: z.ZodCoercedString<unknown>;
+    expiresAt: z.ZodDate;
+    token: z.ZodString;
+    ipAddress: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    userAgent: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * Session schema type used by better-auth, note that it's possible that session could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type Session = z.infer<typeof sessionSchema>;
+
+declare const verificationSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    value: z.ZodString;
+    expiresAt: z.ZodDate;
+    identifier: z.ZodString;
+}, z.core.$strip>;
+/**
+ * Verification schema type used by better-auth, note that it's possible that verification could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type Verification = z.infer<typeof verificationSchema>;
+
+declare const rateLimitSchema: z.ZodObject<{
+    key: z.ZodString;
+    count: z.ZodNumber;
+    lastRequest: z.ZodNumber;
+}, z.core.$strip>;
+/**
+ * Rate limit schema type used by better-auth for rate limiting
+ */
+type RateLimit = z.infer<typeof rateLimitSchema>;
+
+export { accountSchema as a, rateLimitSchema as r, sessionSchema as s, userSchema as u, verificationSchema as v };
+export type { Account as A, RateLimit as R, Session as S, User as U, Verification as V };

package/dist/shared/core.Dl-70uns.d.ts

@@ -0,0 +1,84 @@
+import * as z from 'zod';
+
+declare const userSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    email: z.ZodPipe<z.ZodString, z.ZodTransform<string, string>>;
+    emailVerified: z.ZodDefault<z.ZodBoolean>;
+    name: z.ZodString;
+    image: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * User schema type used by better-auth, note that it's possible that user could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type User = z.infer<typeof userSchema>;
+
+declare const accountSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    providerId: z.ZodString;
+    accountId: z.ZodString;
+    userId: z.ZodCoercedString<unknown>;
+    accessToken: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    refreshToken: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    idToken: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    accessTokenExpiresAt: z.ZodOptional<z.ZodNullable<z.ZodDate>>;
+    refreshTokenExpiresAt: z.ZodOptional<z.ZodNullable<z.ZodDate>>;
+    scope: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    password: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * Account schema type used by better-auth, note that it's possible that account could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type Account = z.infer<typeof accountSchema>;
+
+declare const sessionSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    userId: z.ZodCoercedString<unknown>;
+    expiresAt: z.ZodDate;
+    token: z.ZodString;
+    ipAddress: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    userAgent: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * Session schema type used by better-auth, note that it's possible that session could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type Session = z.infer<typeof sessionSchema>;
+
+declare const verificationSchema: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodDefault<z.ZodDate>;
+    updatedAt: z.ZodDefault<z.ZodDate>;
+    value: z.ZodString;
+    expiresAt: z.ZodDate;
+    identifier: z.ZodString;
+}, z.core.$strip>;
+/**
+ * Verification schema type used by better-auth, note that it's possible that verification could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+type Verification = z.infer<typeof verificationSchema>;
+
+declare const rateLimitSchema: z.ZodObject<{
+    key: z.ZodString;
+    count: z.ZodNumber;
+    lastRequest: z.ZodNumber;
+}, z.core.$strip>;
+/**
+ * Rate limit schema type used by better-auth for rate limiting
+ */
+type RateLimit = z.infer<typeof rateLimitSchema>;
+
+export { accountSchema as a, rateLimitSchema as r, sessionSchema as s, userSchema as u, verificationSchema as v };
+export type { Account as A, RateLimit as R, Session as S, User as U, Verification as V };

package/dist/shared/core.DyEdx0m7.d.cts

@@ -0,0 +1,181 @@
+import { L as LiteralString } from './core.CajxAutx.cjs';
+
+interface OAuth2Tokens {
+    tokenType?: string;
+    accessToken?: string;
+    refreshToken?: string;
+    accessTokenExpiresAt?: Date;
+    refreshTokenExpiresAt?: Date;
+    scopes?: string[];
+    idToken?: string;
+}
+type OAuth2UserInfo = {
+    id: string | number;
+    name?: string;
+    email?: string | null;
+    image?: string;
+    emailVerified: boolean;
+};
+interface OAuthProvider<T extends Record<string, any> = Record<string, any>, O extends Record<string, any> = Partial<ProviderOptions>> {
+    id: LiteralString;
+    createAuthorizationURL: (data: {
+        state: string;
+        codeVerifier: string;
+        scopes?: string[];
+        redirectURI: string;
+        display?: string;
+        loginHint?: string;
+    }) => Promise<URL> | URL;
+    name: string;
+    validateAuthorizationCode: (data: {
+        code: string;
+        redirectURI: string;
+        codeVerifier?: string;
+        deviceId?: string;
+    }) => Promise<OAuth2Tokens>;
+    getUserInfo: (token: OAuth2Tokens & {
+        /**
+         * The user object from the provider
+         * This is only available for some providers like Apple
+         */
+        user?: {
+            name?: {
+                firstName?: string;
+                lastName?: string;
+            };
+            email?: string;
+        };
+    }) => Promise<{
+        user: OAuth2UserInfo;
+        data: T;
+    } | null>;
+    /**
+     * Custom function to refresh a token
+     */
+    refreshAccessToken?: (refreshToken: string) => Promise<OAuth2Tokens>;
+    revokeToken?: (token: string) => Promise<void>;
+    /**
+     * Verify the id token
+     * @param token - The id token
+     * @param nonce - The nonce
+     * @returns True if the id token is valid, false otherwise
+     */
+    verifyIdToken?: (token: string, nonce?: string) => Promise<boolean>;
+    /**
+     * Disable implicit sign up for new users. When set to true for the provider,
+     * sign-in need to be called with with requestSignUp as true to create new users.
+     */
+    disableImplicitSignUp?: boolean;
+    /**
+     * Disable sign up for new users.
+     */
+    disableSignUp?: boolean;
+    /**
+     * Options for the provider
+     */
+    options?: O;
+}
+type ProviderOptions<Profile extends Record<string, any> = any> = {
+    /**
+     * The client ID of your application.
+     *
+     * This is usually a string but can be any type depending on the provider.
+     */
+    clientId?: unknown;
+    /**
+     * The client secret of your application
+     */
+    clientSecret?: string;
+    /**
+     * The scopes you want to request from the provider
+     */
+    scope?: string[];
+    /**
+     * Remove default scopes of the provider
+     */
+    disableDefaultScope?: boolean;
+    /**
+     * The redirect URL for your application. This is where the provider will
+     * redirect the user after the sign in process. Make sure this URL is
+     * whitelisted in the provider's dashboard.
+     */
+    redirectURI?: string;
+    /**
+     * The client key of your application
+     * Tiktok Social Provider uses this field instead of clientId
+     */
+    clientKey?: string;
+    /**
+     * Disable provider from allowing users to sign in
+     * with this provider with an id token sent from the
+     * client.
+     */
+    disableIdTokenSignIn?: boolean;
+    /**
+     * verifyIdToken function to verify the id token
+     */
+    verifyIdToken?: (token: string, nonce?: string) => Promise<boolean>;
+    /**
+     * Custom function to get user info from the provider
+     */
+    getUserInfo?: (token: OAuth2Tokens) => Promise<{
+        user: {
+            id: string;
+            name?: string;
+            email?: string | null;
+            image?: string;
+            emailVerified: boolean;
+            [key: string]: any;
+        };
+        data: any;
+    }>;
+    /**
+     * Custom function to refresh a token
+     */
+    refreshAccessToken?: (refreshToken: string) => Promise<OAuth2Tokens>;
+    /**
+     * Custom function to map the provider profile to a
+     * user.
+     */
+    mapProfileToUser?: (profile: Profile) => {
+        id?: string;
+        name?: string;
+        email?: string | null;
+        image?: string;
+        emailVerified?: boolean;
+        [key: string]: any;
+    } | Promise<{
+        id?: string;
+        name?: string;
+        email?: string | null;
+        image?: string;
+        emailVerified?: boolean;
+        [key: string]: any;
+    }>;
+    /**
+     * Disable implicit sign up for new users. When set to true for the provider,
+     * sign-in need to be called with with requestSignUp as true to create new users.
+     */
+    disableImplicitSignUp?: boolean;
+    /**
+     * Disable sign up for new users.
+     */
+    disableSignUp?: boolean;
+    /**
+     * The prompt to use for the authorization code request
+     */
+    prompt?: "select_account" | "consent" | "login" | "none" | "select_account consent";
+    /**
+     * The response mode to use for the authorization code request
+     */
+    responseMode?: "query" | "form_post";
+    /**
+     * If enabled, the user info will be overridden with the provider user info
+     * This is useful if you want to use the provider user info to update the user info
+     *
+     * @default false
+     */
+    overrideUserInfoOnSignIn?: boolean;
+};
+
+export type { OAuth2Tokens as O, ProviderOptions as P, OAuthProvider as a, OAuth2UserInfo as b };

package/dist/shared/core.E9DfzGLz.d.mts

@@ -0,0 +1,13 @@
+import { D as DBFieldAttribute } from './core.CajxAutx.mjs';
+
+type BetterAuthPluginDBSchema = {
+    [table in string]: {
+        fields: {
+            [field in string]: DBFieldAttribute;
+        };
+        disableMigration?: boolean;
+        modelName?: string;
+    };
+};
+
+export type { BetterAuthPluginDBSchema as B };

package/dist/shared/core.HqYn20Fi.d.cts

@@ -0,0 +1,13 @@
+import { D as DBFieldAttribute } from './core.CajxAutx.cjs';
+
+type BetterAuthPluginDBSchema = {
+    [table in string]: {
+        fields: {
+            [field in string]: DBFieldAttribute;
+        };
+        disableMigration?: boolean;
+        modelName?: string;
+    };
+};
+
+export type { BetterAuthPluginDBSchema as B };