@better-auth/core 1.4.11-beta.2 → 1.4.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/.turbo/turbo-build.log +4 -4
  2. package/dist/api/index.d.mts +1 -1
  3. package/dist/context/index.d.mts +1 -1
  4. package/dist/db/adapter/index.d.mts +1 -1
  5. package/dist/db/index.d.mts +1 -1
  6. package/dist/{index-eRGNbXt_.d.mts → index-BHaoMSKV.d.mts} +19 -4
  7. package/dist/index.d.mts +1 -1
  8. package/dist/oauth2/index.d.mts +1 -1
  9. package/dist/social-providers/index.d.mts +1 -1
  10. package/package.json +2 -2
  11. package/src/types/init-options.ts +19 -4
package/.turbo/turbo-build.log CHANGED
@@ -1,5 +1,5 @@
1
1
 
2
- > @better-auth/core@1.4.11-beta.2 build /home/runner/work/better-auth/better-auth/packages/core
2
+ > @better-auth/core@1.4.11 build /home/runner/work/better-auth/better-auth/packages/core
3
3
  > tsdown
4
4
 
5
5
  ℹ tsdown v0.17.2 powered by rolldown v1.0.0-beta.53
@@ -37,7 +37,7 @@
37
37
  ℹ dist/api/index.d.mts  0.26 kB │ gzip: 0.14 kB
38
38
  ℹ dist/async_hooks/index.d.mts  0.24 kB │ gzip: 0.16 kB
39
39
  ℹ dist/async_hooks/pure.index.d.mts  0.22 kB │ gzip: 0.16 kB
40
- ℹ dist/index-eRGNbXt_.d.mts 227.31 kB │ gzip: 35.80 kB
40
+ ℹ dist/index-BHaoMSKV.d.mts 227.72 kB │ gzip: 35.92 kB
41
41
  ℹ dist/index-BRBu0-5h.d.mts  3.31 kB │ gzip: 1.11 kB
42
- ℹ 32 files, total: 410.48 kB
43
- ✔ Build complete in 5228ms
42
+ ℹ 32 files, total: 410.89 kB
43
+ ✔ Build complete in 5410ms
package/dist/api/index.d.mts CHANGED
@@ -1,2 +1,2 @@
1
- import { a as optionsMiddleware, i as createAuthMiddleware, n as AuthMiddleware, r as createAuthEndpoint, t as AuthEndpoint } from "../index-eRGNbXt_.mjs";
1
+ import { a as optionsMiddleware, i as createAuthMiddleware, n as AuthMiddleware, r as createAuthEndpoint, t as AuthEndpoint } from "../index-BHaoMSKV.mjs";
2
2
  export { AuthEndpoint, AuthMiddleware, createAuthEndpoint, createAuthMiddleware, optionsMiddleware };
package/dist/context/index.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { Xn as DBAdapter, f as AuthContext, tr as DBTransactionAdapter } from "../index-eRGNbXt_.mjs";
1
+ import { Xn as DBAdapter, f as AuthContext, tr as DBTransactionAdapter } from "../index-BHaoMSKV.mjs";
2
2
  import { AsyncLocalStorage } from "@better-auth/core/async_hooks";
3
3
  import { EndpointContext, InputContext } from "better-call";
4
4
 
package/dist/db/adapter/index.d.mts CHANGED
@@ -1,2 +1,2 @@
1
- import { $n as DBAdapterInstance, Cr as initGetIdField, Dr as initGetDefaultFieldName, Er as initGetDefaultModelName, Jn as CleanedWhere, Qn as DBAdapterFactoryConfig, Sr as initGetModelName, Tr as initGetFieldAttributes, Xn as DBAdapter, Yn as CustomAdapter, Zn as DBAdapterDebugLogOption, ar as deepmerge, cr as createAdapter, dr as AdapterFactoryConfig, er as DBAdapterSchemaCreation, fr as AdapterFactoryCustomizeAdapterCreator, gr as CreateCustomAdapter, hr as CreateAdapterOptions, ir as Where, lr as createAdapterFactory, mr as AdapterTestDebugLogs, nr as JoinConfig, or as withApplyDefault, pr as AdapterFactoryOptions, rr as JoinOption, sr as AdapterFactory, tr as DBTransactionAdapter, ur as AdapterConfig, wr as initGetFieldName } from "../../index-eRGNbXt_.mjs";
1
+ import { $n as DBAdapterInstance, Cr as initGetIdField, Dr as initGetDefaultFieldName, Er as initGetDefaultModelName, Jn as CleanedWhere, Qn as DBAdapterFactoryConfig, Sr as initGetModelName, Tr as initGetFieldAttributes, Xn as DBAdapter, Yn as CustomAdapter, Zn as DBAdapterDebugLogOption, ar as deepmerge, cr as createAdapter, dr as AdapterFactoryConfig, er as DBAdapterSchemaCreation, fr as AdapterFactoryCustomizeAdapterCreator, gr as CreateCustomAdapter, hr as CreateAdapterOptions, ir as Where, lr as createAdapterFactory, mr as AdapterTestDebugLogs, nr as JoinConfig, or as withApplyDefault, pr as AdapterFactoryOptions, rr as JoinOption, sr as AdapterFactory, tr as DBTransactionAdapter, ur as AdapterConfig, wr as initGetFieldName } from "../../index-BHaoMSKV.mjs";
2
2
  export { AdapterConfig, AdapterFactory, AdapterFactoryConfig, AdapterFactoryCustomizeAdapterCreator, AdapterFactoryOptions, AdapterTestDebugLogs, CleanedWhere, CreateAdapterOptions, CreateCustomAdapter, CustomAdapter, DBAdapter, DBAdapterDebugLogOption, DBAdapterFactoryConfig, DBAdapterInstance, DBAdapterSchemaCreation, DBTransactionAdapter, JoinConfig, JoinOption, Where, createAdapter, createAdapterFactory, deepmerge, initGetDefaultFieldName, initGetDefaultModelName, initGetFieldAttributes, initGetFieldName, initGetIdField, initGetModelName, withApplyDefault };
package/dist/db/index.d.mts CHANGED
@@ -1,2 +1,2 @@
1
- import { Ar as User, Br as getAuthTables, Fr as RateLimit, Gr as DBFieldType, Hr as BetterAuthDBSchema, Ir as rateLimitSchema, Jr as SecondaryStorage, Kr as DBPrimitive, Lr as Account, Mr as coreSchema, Nr as Session, Or as Verification, Pr as sessionSchema, Rr as accountSchema, Ur as DBFieldAttribute, Vr as BaseModelNames, Wr as DBFieldAttributeConfig, jr as userSchema, kr as verificationSchema, qr as ModelNames, zr as BetterAuthPluginDBSchema } from "../index-eRGNbXt_.mjs";
1
+ import { Ar as User, Br as getAuthTables, Fr as RateLimit, Gr as DBFieldType, Hr as BetterAuthDBSchema, Ir as rateLimitSchema, Jr as SecondaryStorage, Kr as DBPrimitive, Lr as Account, Mr as coreSchema, Nr as Session, Or as Verification, Pr as sessionSchema, Rr as accountSchema, Ur as DBFieldAttribute, Vr as BaseModelNames, Wr as DBFieldAttributeConfig, jr as userSchema, kr as verificationSchema, qr as ModelNames, zr as BetterAuthPluginDBSchema } from "../index-BHaoMSKV.mjs";
2
2
  export { Account, BaseModelNames, BetterAuthDBSchema, BetterAuthPluginDBSchema, DBFieldAttribute, DBFieldAttributeConfig, DBFieldType, DBPrimitive, ModelNames, RateLimit, SecondaryStorage, Session, User, Verification, accountSchema, coreSchema, getAuthTables, rateLimitSchema, sessionSchema, userSchema, verificationSchema };
package/dist/{index-eRGNbXt_.d.mts → index-BHaoMSKV.d.mts} RENAMED
@@ -6412,17 +6412,32 @@ type BetterAuthAdvancedOptions = {
6412
6412
  */
6413
6413
  useSecureCookies?: boolean | undefined;
6414
6414
  /**
6415
- * Disable trusted origins check
6415
+ * Disable all CSRF protection.
6416
+ *
6417
+ * When enabled, this disables:
6418
+ * - Origin header validation when cookies are present
6419
+ * - Fetch Metadata checks (Sec-Fetch-Site, Sec-Fetch-Mode, Sec-Fetch-Dest)
6420
+ * - Cross-site navigation blocking for first-login scenarios
6416
6421
  *
6417
6422
  * ⚠︎ This is a security risk and it may expose your application to
6418
6423
  * CSRF attacks
6424
+ *
6425
+ * @default false
6419
6426
  */
6420
6427
  disableCSRFCheck?: boolean | undefined;
6421
6428
  /**
6422
- * Disable origin check
6429
+ * Disable URL validation against trustedOrigins.
6423
6430
  *
6424
- * ⚠︎ This may allow requests from any origin to be processed by
6425
- * Better Auth. And could lead to security vulnerabilities.
6431
+ * When enabled, this disables validation of:
6432
+ * - callbackURL
6433
+ * - redirectTo
6434
+ * - errorCallbackURL
6435
+ * - newUserCallbackURL
6436
+ *
6437
+ * ⚠︎ This may allow open redirects and could lead to security
6438
+ * vulnerabilities.
6439
+ *
6440
+ * @default false
6426
6441
  */
6427
6442
  disableOriginCheck?: boolean | undefined;
6428
6443
  /**
package/dist/index.d.mts CHANGED
@@ -1,2 +1,2 @@
1
- import { An as BetterAuthCookies, _ as BetterAuthOptions, _r as Awaitable, b as BetterAuthPlugin, br as Prettify, c as BetterAuthClientPlugin, d as ClientStore, f as AuthContext, g as BetterAuthAdvancedOptions, h as PluginContext, l as ClientAtomListener, m as InternalAdapter, o as StandardSchemaV1, p as GenericEndpointContext, s as BetterAuthClientOptions, u as ClientFetchOption, v as BetterAuthRateLimitOptions, vr as LiteralString, x as HookEndpointContext, xr as Primitive, y as GenerateIdFn, yr as LiteralUnion } from "./index-eRGNbXt_.mjs";
1
+ import { An as BetterAuthCookies, _ as BetterAuthOptions, _r as Awaitable, b as BetterAuthPlugin, br as Prettify, c as BetterAuthClientPlugin, d as ClientStore, f as AuthContext, g as BetterAuthAdvancedOptions, h as PluginContext, l as ClientAtomListener, m as InternalAdapter, o as StandardSchemaV1, p as GenericEndpointContext, s as BetterAuthClientOptions, u as ClientFetchOption, v as BetterAuthRateLimitOptions, vr as LiteralString, x as HookEndpointContext, xr as Primitive, y as GenerateIdFn, yr as LiteralUnion } from "./index-BHaoMSKV.mjs";
2
2
  export { AuthContext, Awaitable, BetterAuthAdvancedOptions, BetterAuthClientOptions, BetterAuthClientPlugin, BetterAuthCookies, BetterAuthOptions, BetterAuthPlugin, BetterAuthRateLimitOptions, ClientAtomListener, ClientFetchOption, ClientStore, GenerateIdFn, GenericEndpointContext, HookEndpointContext, InternalAdapter, LiteralString, LiteralUnion, PluginContext, Prettify, Primitive, StandardSchemaV1 };
package/dist/oauth2/index.d.mts CHANGED
@@ -1,2 +1,2 @@
1
- import { Bn as refreshAccessToken, Fn as validateAuthorizationCode, Gn as OAuth2UserInfo, Hn as clientCredentialsToken, In as validateToken, Kn as OAuthProvider, Ln as generateCodeChallenge, Mn as verifyAccessToken, Nn as verifyJwsAccessToken, Pn as createAuthorizationCodeRequest, Rn as getOAuth2Tokens, Un as createClientCredentialsTokenRequest, Vn as createAuthorizationURL, Wn as OAuth2Tokens, jn as getJwks, qn as ProviderOptions, zn as createRefreshAccessTokenRequest } from "../index-eRGNbXt_.mjs";
1
+ import { Bn as refreshAccessToken, Fn as validateAuthorizationCode, Gn as OAuth2UserInfo, Hn as clientCredentialsToken, In as validateToken, Kn as OAuthProvider, Ln as generateCodeChallenge, Mn as verifyAccessToken, Nn as verifyJwsAccessToken, Pn as createAuthorizationCodeRequest, Rn as getOAuth2Tokens, Un as createClientCredentialsTokenRequest, Vn as createAuthorizationURL, Wn as OAuth2Tokens, jn as getJwks, qn as ProviderOptions, zn as createRefreshAccessTokenRequest } from "../index-BHaoMSKV.mjs";
2
2
  export { OAuth2Tokens, OAuth2UserInfo, OAuthProvider, ProviderOptions, clientCredentialsToken, createAuthorizationCodeRequest, createAuthorizationURL, createClientCredentialsTokenRequest, createRefreshAccessTokenRequest, generateCodeChallenge, getJwks, getOAuth2Tokens, refreshAccessToken, validateAuthorizationCode, validateToken, verifyAccessToken, verifyJwsAccessToken };
package/dist/social-providers/index.d.mts CHANGED
@@ -1,2 +1,2 @@
1
- import { $ as notion, $t as GoogleOptions, A as vercel, At as LinearUser, B as paybin, Bt as twitter, C as SocialProviderList, Cn as AtlassianProfile, Ct as GitlabProfile, D as socialProviders, Dn as AppleProfile, Dt as linkedin, E as socialProviderList, En as AppleOptions, Et as LinkedInProfile, F as PayPalProfile, Ft as DropboxOptions, G as NaverOptions, Gt as SpotifyProfile, H as LineOptions, Ht as TwitchProfile, I as PayPalTokenResponse, It as DropboxProfile, J as KakaoOptions, Jt as SlackProfile, K as NaverProfile, Kt as spotify, L as paypal, Lt as dropbox, M as PolarProfile, Mt as KickOptions, N as polar, Nt as KickProfile, O as VercelOptions, On as apple, Ot as LinearOptions, P as PayPalOptions, Pt as kick, Q as NotionProfile, Qt as huggingface, R as PaybinOptions, Rt as TwitterOption, S as SocialProvider, Sn as AtlassianOptions, St as GitlabOptions, T as SocialProviders, Tn as AppleNonConformUser, Tt as LinkedInOptions, U as LineUserInfo, Ut as twitch, V as LineIdTokenPayload, Vt as TwitchOptions, W as line, Wt as SpotifyOptions, X as kakao, Xt as HuggingFaceOptions, Y as KakaoProfile, Yt as slack, Z as NotionOptions, Zt as HuggingFaceProfile, _n as discord, _t as RedditProfile, an as microsoft, at as ZoomProfile, bn as cognito, bt as TiktokProfile, cn as github, ct as VkProfile, dn as figma, dt as SalesforceProfile, en as GoogleProfile, et as AccountStatus, fn as FacebookOptions, ft as salesforce, gn as DiscordProfile, gt as RedditOptions, hn as DiscordOptions, ht as roblox, in as MicrosoftOptions, it as ZoomOptions, j as PolarOptions, jt as linear, k as VercelProfile, kn as getApplePublicKey, kt as LinearProfile, ln as FigmaOptions, lt as vk, mn as facebook, mt as RobloxProfile, nn as google, nt as PhoneNumber, on as GithubOptions, ot as zoom, pn as FacebookProfile, pt as RobloxOptions, q as naver, qt as SlackOptions, rn as MicrosoftEntraIDProfile, rt as PronounOption, sn as GithubProfile, st as VkOption, tn as getGooglePublicKey, tt as LoginType, un as FigmaProfile, ut as SalesforceOptions, vn as CognitoOptions, vt as reddit, w as SocialProviderListEnum, wn as atlassian, wt as gitlab, xn as getCognitoPublicKey, xt as tiktok, yn as CognitoProfile, yt as TiktokOptions, z as PaybinProfile, zt as TwitterProfile } from "../index-eRGNbXt_.mjs";
1
+ import { $ as notion, $t as GoogleOptions, A as vercel, At as LinearUser, B as paybin, Bt as twitter, C as SocialProviderList, Cn as AtlassianProfile, Ct as GitlabProfile, D as socialProviders, Dn as AppleProfile, Dt as linkedin, E as socialProviderList, En as AppleOptions, Et as LinkedInProfile, F as PayPalProfile, Ft as DropboxOptions, G as NaverOptions, Gt as SpotifyProfile, H as LineOptions, Ht as TwitchProfile, I as PayPalTokenResponse, It as DropboxProfile, J as KakaoOptions, Jt as SlackProfile, K as NaverProfile, Kt as spotify, L as paypal, Lt as dropbox, M as PolarProfile, Mt as KickOptions, N as polar, Nt as KickProfile, O as VercelOptions, On as apple, Ot as LinearOptions, P as PayPalOptions, Pt as kick, Q as NotionProfile, Qt as huggingface, R as PaybinOptions, Rt as TwitterOption, S as SocialProvider, Sn as AtlassianOptions, St as GitlabOptions, T as SocialProviders, Tn as AppleNonConformUser, Tt as LinkedInOptions, U as LineUserInfo, Ut as twitch, V as LineIdTokenPayload, Vt as TwitchOptions, W as line, Wt as SpotifyOptions, X as kakao, Xt as HuggingFaceOptions, Y as KakaoProfile, Yt as slack, Z as NotionOptions, Zt as HuggingFaceProfile, _n as discord, _t as RedditProfile, an as microsoft, at as ZoomProfile, bn as cognito, bt as TiktokProfile, cn as github, ct as VkProfile, dn as figma, dt as SalesforceProfile, en as GoogleProfile, et as AccountStatus, fn as FacebookOptions, ft as salesforce, gn as DiscordProfile, gt as RedditOptions, hn as DiscordOptions, ht as roblox, in as MicrosoftOptions, it as ZoomOptions, j as PolarOptions, jt as linear, k as VercelProfile, kn as getApplePublicKey, kt as LinearProfile, ln as FigmaOptions, lt as vk, mn as facebook, mt as RobloxProfile, nn as google, nt as PhoneNumber, on as GithubOptions, ot as zoom, pn as FacebookProfile, pt as RobloxOptions, q as naver, qt as SlackOptions, rn as MicrosoftEntraIDProfile, rt as PronounOption, sn as GithubProfile, st as VkOption, tn as getGooglePublicKey, tt as LoginType, un as FigmaProfile, ut as SalesforceOptions, vn as CognitoOptions, vt as reddit, w as SocialProviderListEnum, wn as atlassian, wt as gitlab, xn as getCognitoPublicKey, xt as tiktok, yn as CognitoProfile, yt as TiktokOptions, z as PaybinProfile, zt as TwitterProfile } from "../index-BHaoMSKV.mjs";
2
2
  export { AccountStatus, AppleNonConformUser, AppleOptions, AppleProfile, AtlassianOptions, AtlassianProfile, CognitoOptions, CognitoProfile, DiscordOptions, DiscordProfile, DropboxOptions, DropboxProfile, FacebookOptions, FacebookProfile, FigmaOptions, FigmaProfile, GithubOptions, GithubProfile, GitlabOptions, GitlabProfile, GoogleOptions, GoogleProfile, HuggingFaceOptions, HuggingFaceProfile, KakaoOptions, KakaoProfile, KickOptions, KickProfile, LineIdTokenPayload, LineOptions, LineUserInfo, LinearOptions, LinearProfile, LinearUser, LinkedInOptions, LinkedInProfile, LoginType, MicrosoftEntraIDProfile, MicrosoftOptions, NaverOptions, NaverProfile, NotionOptions, NotionProfile, PayPalOptions, PayPalProfile, PayPalTokenResponse, PaybinOptions, PaybinProfile, PhoneNumber, PolarOptions, PolarProfile, PronounOption, RedditOptions, RedditProfile, RobloxOptions, RobloxProfile, SalesforceOptions, SalesforceProfile, SlackOptions, SlackProfile, SocialProvider, SocialProviderList, SocialProviderListEnum, SocialProviders, SpotifyOptions, SpotifyProfile, TiktokOptions, TiktokProfile, TwitchOptions, TwitchProfile, TwitterOption, TwitterProfile, VercelOptions, VercelProfile, VkOption, VkProfile, ZoomOptions, ZoomProfile, apple, atlassian, cognito, discord, dropbox, facebook, figma, getApplePublicKey, getCognitoPublicKey, getGooglePublicKey, github, gitlab, google, huggingface, kakao, kick, line, linear, linkedin, microsoft, naver, notion, paybin, paypal, polar, reddit, roblox, salesforce, slack, socialProviderList, socialProviders, spotify, tiktok, twitch, twitter, vercel, vk, zoom };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@better-auth/core",
3
- "version": "1.4.11-beta.2",
3
+ "version": "1.4.11",
4
4
  "description": "The most comprehensive authentication framework for TypeScript.",
5
5
  "type": "module",
6
6
  "repository": {
@@ -139,6 +139,6 @@
139
139
  "lint:types": "attw --profile esm-only --pack .",
140
140
  "typecheck": "tsc --project tsconfig.json",
141
141
  "test": "vitest",
142
- "coverage": "vitest run --coverage"
142
+ "coverage": "vitest run --coverage --coverage.provider=istanbul"
143
143
  }
144
144
  }
package/src/types/init-options.ts CHANGED
@@ -151,17 +151,32 @@ export type BetterAuthAdvancedOptions = {
151
151
  */
152
152
  useSecureCookies?: boolean | undefined;
153
153
  /**
154
- * Disable trusted origins check
154
+ * Disable all CSRF protection.
155
+ *
156
+ * When enabled, this disables:
157
+ * - Origin header validation when cookies are present
158
+ * - Fetch Metadata checks (Sec-Fetch-Site, Sec-Fetch-Mode, Sec-Fetch-Dest)
159
+ * - Cross-site navigation blocking for first-login scenarios
155
160
  *
156
161
  * ⚠︎ This is a security risk and it may expose your application to
157
162
  * CSRF attacks
163
+ *
164
+ * @default false
158
165
  */
159
166
  disableCSRFCheck?: boolean | undefined;
160
167
  /**
161
- * Disable origin check
168
+ * Disable URL validation against trustedOrigins.
162
169
  *
163
- * ⚠︎ This may allow requests from any origin to be processed by
164
- * Better Auth. And could lead to security vulnerabilities.
170
+ * When enabled, this disables validation of:
171
+ * - callbackURL
172
+ * - redirectTo
173
+ * - errorCallbackURL
174
+ * - newUserCallbackURL
175
+ *
176
+ * ⚠︎ This may allow open redirects and could lead to security
177
+ * vulnerabilities.
178
+ *
179
+ * @default false
165
180
  */
166
181
  disableOriginCheck?: boolean | undefined;
167
182
  /**