@better-auth/core 1.4.0-beta.6 → 1.4.0-beta.7

package/dist/index.d.ts

@@ -1,2 +1,115 @@
+import { L as LiteralUnion, M as Models } from './shared/core.CnvFgghY.js';
+export { a as LiteralString } from './shared/core.CnvFgghY.js';
+import { CookieOptions } from 'better-call';
+import 'zod';
 
-export { };
+type GenerateIdFn = (options: {
+    model: LiteralUnion<Models, string>;
+    size?: number;
+}) => string | false;
+type BetterAuthAdvancedOptions = {
+    /**
+     * Ip address configuration
+     */
+    ipAddress?: {
+        /**
+         * List of headers to use for ip address
+         *
+         * Ip address is used for rate limiting and session tracking
+         *
+         * @example ["x-client-ip", "x-forwarded-for", "cf-connecting-ip"]
+         *
+         * @default
+         * @link https://github.com/better-auth/better-auth/blob/main/packages/better-auth/src/utils/get-request-ip.ts#L8
+         */
+        ipAddressHeaders?: string[];
+        /**
+         * Disable ip tracking
+         *
+         * ⚠︎ This is a security risk and it may expose your application to abuse
+         */
+        disableIpTracking?: boolean;
+    };
+    /**
+     * Use secure cookies
+     *
+     * @default false
+     */
+    useSecureCookies?: boolean;
+    /**
+     * Disable trusted origins check
+     *
+     * ⚠︎ This is a security risk and it may expose your application to CSRF attacks
+     */
+    disableCSRFCheck?: boolean;
+    /**
+     * Configure cookies to be cross subdomains
+     */
+    crossSubDomainCookies?: {
+        /**
+         * Enable cross subdomain cookies
+         */
+        enabled: boolean;
+        /**
+         * Additional cookies to be shared across subdomains
+         */
+        additionalCookies?: string[];
+        /**
+         * The domain to use for the cookies
+         *
+         * By default, the domain will be the root
+         * domain from the base URL.
+         */
+        domain?: string;
+    };
+    cookies?: {
+        [key: string]: {
+            name?: string;
+            attributes?: CookieOptions;
+        };
+    };
+    defaultCookieAttributes?: CookieOptions;
+    /**
+     * Prefix for cookies. If a cookie name is provided
+     * in cookies config, this will be overridden.
+     *
+     * @default
+     * ```txt
+     * "appName" -> which defaults to "better-auth"
+     * ```
+     */
+    cookiePrefix?: string;
+    /**
+     * Database configuration.
+     */
+    database?: {
+        /**
+         * The default number of records to return from the database
+         * when using the `findMany` adapter method.
+         *
+         * @default 100
+         */
+        defaultFindManyLimit?: number;
+        /**
+         * If your database auto increments number ids, set this to `true`.
+         *
+         * Note: If enabled, we will not handle ID generation (including if you use `generateId`), and it would be expected that your database will provide the ID automatically.
+         *
+         * @default false
+         */
+        useNumberId?: boolean;
+        /**
+         * Custom generateId function.
+         *
+         * If not provided, random ids will be generated.
+         * If set to false, the database's auto generated id will be used.
+         */
+        generateId?: GenerateIdFn | false;
+    };
+};
+
+interface BetterAuthMutators<O, C> {
+}
+
+export { LiteralUnion };
+export type { BetterAuthAdvancedOptions, BetterAuthMutators, GenerateIdFn };

package/dist/shared/core.CnvFgghY.d.cts

@@ -0,0 +1,117 @@
+import { ZodType } from 'zod';
+
+type Primitive = string | number | symbol | bigint | boolean | null | undefined;
+type LiteralString = "" | (string & Record<never, never>);
+type LiteralUnion<LiteralType, BaseType extends Primitive> = LiteralType | (BaseType & Record<never, never>);
+
+declare module "../index" {
+    interface BetterAuthMutators<O, C> {
+        "better-auth/db": {};
+    }
+}
+type Models = "user" | "account" | "session" | "verification" | "rate-limit" | "organization" | "member" | "invitation" | "jwks" | "passkey" | "two-factor";
+type DBFieldType = "string" | "number" | "boolean" | "date" | "json" | `${"string" | "number"}[]` | Array<LiteralString>;
+type DBPrimitive = string | number | boolean | Date | null | undefined | string[] | number[];
+type DBFieldAttributeConfig = {
+    /**
+     * If the field should be required on a new record.
+     * @default true
+     */
+    required?: boolean;
+    /**
+     * If the value should be returned on a response body.
+     * @default true
+     */
+    returned?: boolean;
+    /**
+     * If a value should be provided when creating a new record.
+     * @default true
+     */
+    input?: boolean;
+    /**
+     * Default value for the field
+     *
+     * Note: This will not create a default value on the database level. It will only
+     * be used when creating a new record.
+     */
+    defaultValue?: DBPrimitive | (() => DBPrimitive);
+    /**
+     * Update value for the field
+     *
+     * Note: This will create an onUpdate trigger on the database level for supported adapters.
+     * It will be called when updating a record.
+     */
+    onUpdate?: () => DBPrimitive;
+    /**
+     * transform the value before storing it.
+     */
+    transform?: {
+        input?: (value: DBPrimitive) => DBPrimitive | Promise<DBPrimitive>;
+        output?: (value: DBPrimitive) => DBPrimitive | Promise<DBPrimitive>;
+    };
+    /**
+     * Reference to another model.
+     */
+    references?: {
+        /**
+         * The model to reference.
+         */
+        model: string;
+        /**
+         * The field on the referenced model.
+         */
+        field: string;
+        /**
+         * The action to perform when the reference is deleted.
+         * @default "cascade"
+         */
+        onDelete?: "no action" | "restrict" | "cascade" | "set null" | "set default";
+    };
+    unique?: boolean;
+    /**
+     * If the field should be a bigint on the database instead of integer.
+     */
+    bigint?: boolean;
+    /**
+     * A zod schema to validate the value.
+     */
+    validator?: {
+        input?: ZodType;
+        output?: ZodType;
+    };
+    /**
+     * The name of the field on the database.
+     */
+    fieldName?: string;
+    /**
+     * If the field should be sortable.
+     *
+     * applicable only for `text` type.
+     * It's useful to mark fields varchar instead of text.
+     */
+    sortable?: boolean;
+};
+type DBFieldAttribute<T extends DBFieldType = DBFieldType> = {
+    type: T;
+} & DBFieldAttributeConfig;
+type BetterAuthDBSchema = Record<string, {
+    /**
+     * The name of the table in the database
+     */
+    modelName: string;
+    /**
+     * The fields of the table
+     */
+    fields: Record<string, DBFieldAttribute>;
+    /**
+     * Whether to disable migrations for this table
+     * @default false
+     */
+    disableMigrations?: boolean;
+    /**
+     * The order of the table
+     */
+    order?: number;
+}>;
+
+export type { BetterAuthDBSchema as B, DBFieldAttribute as D, LiteralUnion as L, Models as M, LiteralString as a, DBFieldAttributeConfig as b, DBFieldType as c, DBPrimitive as d };

package/dist/shared/core.CnvFgghY.d.mts

@@ -0,0 +1,117 @@
+import { ZodType } from 'zod';
+
+type Primitive = string | number | symbol | bigint | boolean | null | undefined;
+type LiteralString = "" | (string & Record<never, never>);
+type LiteralUnion<LiteralType, BaseType extends Primitive> = LiteralType | (BaseType & Record<never, never>);
+
+declare module "../index" {
+    interface BetterAuthMutators<O, C> {
+        "better-auth/db": {};
+    }
+}
+type Models = "user" | "account" | "session" | "verification" | "rate-limit" | "organization" | "member" | "invitation" | "jwks" | "passkey" | "two-factor";
+type DBFieldType = "string" | "number" | "boolean" | "date" | "json" | `${"string" | "number"}[]` | Array<LiteralString>;
+type DBPrimitive = string | number | boolean | Date | null | undefined | string[] | number[];
+type DBFieldAttributeConfig = {
+    /**
+     * If the field should be required on a new record.
+     * @default true
+     */
+    required?: boolean;
+    /**
+     * If the value should be returned on a response body.
+     * @default true
+     */
+    returned?: boolean;
+    /**
+     * If a value should be provided when creating a new record.
+     * @default true
+     */
+    input?: boolean;
+    /**
+     * Default value for the field
+     *
+     * Note: This will not create a default value on the database level. It will only
+     * be used when creating a new record.
+     */
+    defaultValue?: DBPrimitive | (() => DBPrimitive);
+    /**
+     * Update value for the field
+     *
+     * Note: This will create an onUpdate trigger on the database level for supported adapters.
+     * It will be called when updating a record.
+     */
+    onUpdate?: () => DBPrimitive;
+    /**
+     * transform the value before storing it.
+     */
+    transform?: {
+        input?: (value: DBPrimitive) => DBPrimitive | Promise<DBPrimitive>;
+        output?: (value: DBPrimitive) => DBPrimitive | Promise<DBPrimitive>;
+    };
+    /**
+     * Reference to another model.
+     */
+    references?: {
+        /**
+         * The model to reference.
+         */
+        model: string;
+        /**
+         * The field on the referenced model.
+         */
+        field: string;
+        /**
+         * The action to perform when the reference is deleted.
+         * @default "cascade"
+         */
+        onDelete?: "no action" | "restrict" | "cascade" | "set null" | "set default";
+    };
+    unique?: boolean;
+    /**
+     * If the field should be a bigint on the database instead of integer.
+     */
+    bigint?: boolean;
+    /**
+     * A zod schema to validate the value.
+     */
+    validator?: {
+        input?: ZodType;
+        output?: ZodType;
+    };
+    /**
+     * The name of the field on the database.
+     */
+    fieldName?: string;
+    /**
+     * If the field should be sortable.
+     *
+     * applicable only for `text` type.
+     * It's useful to mark fields varchar instead of text.
+     */
+    sortable?: boolean;
+};
+type DBFieldAttribute<T extends DBFieldType = DBFieldType> = {
+    type: T;
+} & DBFieldAttributeConfig;
+type BetterAuthDBSchema = Record<string, {
+    /**
+     * The name of the table in the database
+     */
+    modelName: string;
+    /**
+     * The fields of the table
+     */
+    fields: Record<string, DBFieldAttribute>;
+    /**
+     * Whether to disable migrations for this table
+     * @default false
+     */
+    disableMigrations?: boolean;
+    /**
+     * The order of the table
+     */
+    order?: number;
+}>;
+
+export type { BetterAuthDBSchema as B, DBFieldAttribute as D, LiteralUnion as L, Models as M, LiteralString as a, DBFieldAttributeConfig as b, DBFieldType as c, DBPrimitive as d };

package/dist/shared/core.CnvFgghY.d.ts

@@ -0,0 +1,117 @@
+import { ZodType } from 'zod';
+
+type Primitive = string | number | symbol | bigint | boolean | null | undefined;
+type LiteralString = "" | (string & Record<never, never>);
+type LiteralUnion<LiteralType, BaseType extends Primitive> = LiteralType | (BaseType & Record<never, never>);
+
+declare module "../index" {
+    interface BetterAuthMutators<O, C> {
+        "better-auth/db": {};
+    }
+}
+type Models = "user" | "account" | "session" | "verification" | "rate-limit" | "organization" | "member" | "invitation" | "jwks" | "passkey" | "two-factor";
+type DBFieldType = "string" | "number" | "boolean" | "date" | "json" | `${"string" | "number"}[]` | Array<LiteralString>;
+type DBPrimitive = string | number | boolean | Date | null | undefined | string[] | number[];
+type DBFieldAttributeConfig = {
+    /**
+     * If the field should be required on a new record.
+     * @default true
+     */
+    required?: boolean;
+    /**
+     * If the value should be returned on a response body.
+     * @default true
+     */
+    returned?: boolean;
+    /**
+     * If a value should be provided when creating a new record.
+     * @default true
+     */
+    input?: boolean;
+    /**
+     * Default value for the field
+     *
+     * Note: This will not create a default value on the database level. It will only
+     * be used when creating a new record.
+     */
+    defaultValue?: DBPrimitive | (() => DBPrimitive);
+    /**
+     * Update value for the field
+     *
+     * Note: This will create an onUpdate trigger on the database level for supported adapters.
+     * It will be called when updating a record.
+     */
+    onUpdate?: () => DBPrimitive;
+    /**
+     * transform the value before storing it.
+     */
+    transform?: {
+        input?: (value: DBPrimitive) => DBPrimitive | Promise<DBPrimitive>;
+        output?: (value: DBPrimitive) => DBPrimitive | Promise<DBPrimitive>;
+    };
+    /**
+     * Reference to another model.
+     */
+    references?: {
+        /**
+         * The model to reference.
+         */
+        model: string;
+        /**
+         * The field on the referenced model.
+         */
+        field: string;
+        /**
+         * The action to perform when the reference is deleted.
+         * @default "cascade"
+         */
+        onDelete?: "no action" | "restrict" | "cascade" | "set null" | "set default";
+    };
+    unique?: boolean;
+    /**
+     * If the field should be a bigint on the database instead of integer.
+     */
+    bigint?: boolean;
+    /**
+     * A zod schema to validate the value.
+     */
+    validator?: {
+        input?: ZodType;
+        output?: ZodType;
+    };
+    /**
+     * The name of the field on the database.
+     */
+    fieldName?: string;
+    /**
+     * If the field should be sortable.
+     *
+     * applicable only for `text` type.
+     * It's useful to mark fields varchar instead of text.
+     */
+    sortable?: boolean;
+};
+type DBFieldAttribute<T extends DBFieldType = DBFieldType> = {
+    type: T;
+} & DBFieldAttributeConfig;
+type BetterAuthDBSchema = Record<string, {
+    /**
+     * The name of the table in the database
+     */
+    modelName: string;
+    /**
+     * The fields of the table
+     */
+    fields: Record<string, DBFieldAttribute>;
+    /**
+     * Whether to disable migrations for this table
+     * @default false
+     */
+    disableMigrations?: boolean;
+    /**
+     * The order of the table
+     */
+    order?: number;
+}>;
+
+export type { BetterAuthDBSchema as B, DBFieldAttribute as D, LiteralUnion as L, Models as M, LiteralString as a, DBFieldAttributeConfig as b, DBFieldType as c, DBPrimitive as d };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/core",
-  "version": "1.4.0-beta.6",
+  "version": "1.4.0-beta.7",
   "description": "The most comprehensive authentication library for TypeScript.",
   "type": "module",
   "main": "./dist/index.cjs",
@@ -16,6 +16,16 @@
         "default": "./dist/index.cjs"
       }
     },
+    "./async_hooks": {
+      "import": {
+        "types": "./dist/async_hooks/index.d.ts",
+        "default": "./dist/async_hooks/index.mjs"
+      },
+      "require": {
+        "types": "./dist/async_hooks/index.d.cts",
+        "default": "./dist/async_hooks/index.cjs"
+      }
+    },
     "./db": {
       "import": {
         "types": "./dist/db/index.d.ts",
@@ -25,6 +35,16 @@
         "types": "./dist/db/index.d.cts",
         "default": "./dist/db/index.cjs"
       }
+    },
+    "./db/adapter": {
+      "import": {
+        "types": "./dist/db/adapter/index.d.ts",
+        "default": "./dist/db/adapter/index.mjs"
+      },
+      "require": {
+        "types": "./dist/db/adapter/index.d.cts",
+        "default": "./dist/db/adapter/index.cjs"
+      }
     }
   },
   "typesVersions": {
@@ -32,6 +52,9 @@
       "index": [
         "dist/index.d.ts"
       ],
+      "async_hooks": [
+        "dist/async_hooks.d.ts"
+      ],
       "db": [
         "dist/db.d.ts"
       ]

package/src/async_hooks/index.ts

@@ -0,0 +1,43 @@
+/**
+ * AsyncLocalStorage will be import directly in 1.5.x
+ */
+import type { AsyncLocalStorage } from "node:async_hooks";
+
+// We only export the type here to avoid issues in environments where AsyncLocalStorage is not available.
+export type { AsyncLocalStorage };
+
+/**
+ * Dynamically import AsyncLocalStorage to avoid issues in environments where it's not available.
+ *
+ * Right now, this is primarily for Cloudflare Workers.
+ *
+ */
+let moduleName: string = "node:async_hooks";
+
+const AsyncLocalStoragePromise: Promise<typeof AsyncLocalStorage> = import(
+	/* @vite-ignore */
+	/* webpackIgnore: true */
+	moduleName
+)
+	.then((mod) => mod.AsyncLocalStorage)
+	.catch((err) => {
+		if ("AsyncLocalStorage" in globalThis) {
+			return (globalThis as any).AsyncLocalStorage;
+		}
+		console.warn(
+			"[better-auth] Warning: AsyncLocalStorage is not available in this environment. Some features may not work as expected.",
+		);
+		console.warn(
+			"[better-auth] Please read more about this warning at https://better-auth.com/docs/installation#mount-handler",
+		);
+		console.warn(
+			"[better-auth] If you are using Cloudflare Workers, please see: https://developers.cloudflare.com/workers/configuration/compatibility-flags/#nodejs-compatibility-flag",
+		);
+		throw err;
+	});
+
+export async function getAsyncLocalStorage(): Promise<
+	typeof AsyncLocalStorage
+> {
+	return AsyncLocalStoragePromise;
+}

package/src/db/adapter/index.ts

@@ -0,0 +1,24 @@
+export type DBAdapterDebugLogOption =
+	| boolean
+	| {
+			/**
+			 * Useful when you want to log only certain conditions.
+			 */
+			logCondition?: (() => boolean) | undefined;
+			create?: boolean;
+			update?: boolean;
+			updateMany?: boolean;
+			findOne?: boolean;
+			findMany?: boolean;
+			delete?: boolean;
+			deleteMany?: boolean;
+			count?: boolean;
+	  }
+	| {
+			/**
+			 * Only used for adapter tests to show debug logs if a test fails.
+			 *
+			 * @deprecated Not actually deprecated. Doing this for IDEs to show this option at the very bottom and stop end-users from using this.
+			 */
+			isRunningAdapterTests: boolean;
+	  };

package/src/db/index.ts

@@ -5,6 +5,13 @@ import type {
 	DBPrimitive,
 	BetterAuthDBSchema,
 } from "./type";
+import type { BetterAuthPluginDBSchema } from "./plugin";
+export type { BetterAuthPluginDBSchema } from "./plugin";
+export { coreSchema } from "./schema/shared";
+export { userSchema, type User } from "./schema/user";
+export { accountSchema, type Account } from "./schema/account";
+export { sessionSchema, type Session } from "./schema/session";
+export { verificationSchema, type Verification } from "./schema/verification";
 
 export type {
 	DBFieldAttribute,
@@ -14,6 +21,10 @@ export type {
 	BetterAuthDBSchema,
 };
 
+/**
+ * @deprecated Backport for 1.3.x, we will remove this in 1.4.x
+ */
+export type AuthPluginSchema = BetterAuthPluginDBSchema;
 /**
  * @deprecated Backport for 1.3.x, we will remove this in 1.4.x
  */

package/src/db/plugin.ts

@@ -0,0 +1,11 @@
+import type { DBFieldAttribute } from "./type";
+
+export type BetterAuthPluginDBSchema = {
+	[table in string]: {
+		fields: {
+			[field in string]: DBFieldAttribute;
+		};
+		disableMigration?: boolean;
+		modelName?: string;
+	};
+};

package/src/db/schema/account.ts

@@ -0,0 +1,34 @@
+import * as z from "zod";
+import { coreSchema } from "./shared";
+
+export const accountSchema = coreSchema.extend({
+	providerId: z.string(),
+	accountId: z.string(),
+	userId: z.coerce.string(),
+	accessToken: z.string().nullish(),
+	refreshToken: z.string().nullish(),
+	idToken: z.string().nullish(),
+	/**
+	 * Access token expires at
+	 */
+	accessTokenExpiresAt: z.date().nullish(),
+	/**
+	 * Refresh token expires at
+	 */
+	refreshTokenExpiresAt: z.date().nullish(),
+	/**
+	 * The scopes that the user has authorized
+	 */
+	scope: z.string().nullish(),
+	/**
+	 * Password is only stored in the credential provider
+	 */
+	password: z.string().nullish(),
+});
+
+/**
+ * Account schema type used by better-auth, note that it's possible that account could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+export type Account = z.infer<typeof accountSchema>;

package/src/db/schema/session.ts

@@ -0,0 +1,17 @@
+import * as z from "zod";
+import { coreSchema } from "./shared";
+
+export const sessionSchema = coreSchema.extend({
+	userId: z.coerce.string(),
+	expiresAt: z.date(),
+	token: z.string(),
+	ipAddress: z.string().nullish(),
+	userAgent: z.string().nullish(),
+});
+
+/**
+ * Session schema type used by better-auth, note that it's possible that session could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+export type Session = z.infer<typeof sessionSchema>;

package/src/db/schema/shared.ts

@@ -0,0 +1,7 @@
+import * as z from "zod";
+
+export const coreSchema = z.object({
+	id: z.string(),
+	createdAt: z.date().default(() => new Date()),
+	updatedAt: z.date().default(() => new Date()),
+});