npm - @better-auth/core - Versions diffs - 1.4.12-beta.2 → 1.4.13 - Mend

@better-auth/core 1.4.12-beta.2 → 1.4.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (185) hide show

package/.turbo/turbo-build.log +172 -35
package/dist/api/index.d.mts +178 -1
package/dist/api/index.mjs +2 -1
package/dist/context/endpoint-context.d.mts +19 -0
package/dist/context/endpoint-context.mjs +31 -0
package/dist/context/global.d.mts +7 -0
package/dist/context/global.mjs +37 -0
package/dist/context/index.d.mts +5 -53
package/dist/context/index.mjs +5 -2
package/dist/context/request-state.d.mts +27 -0
package/dist/context/request-state.mjs +49 -0
package/dist/context/transaction.d.mts +16 -0
package/dist/context/transaction.mjs +52 -0
package/dist/db/adapter/factory.d.mts +27 -0
package/dist/db/adapter/factory.mjs +738 -0
package/dist/db/adapter/get-default-field-name.d.mts +18 -0
package/dist/db/adapter/get-default-field-name.mjs +38 -0
package/dist/db/adapter/get-default-model-name.d.mts +12 -0
package/dist/db/adapter/get-default-model-name.mjs +32 -0
package/dist/db/adapter/get-field-attributes.d.mts +29 -0
package/dist/db/adapter/get-field-attributes.mjs +39 -0
package/dist/db/adapter/get-field-name.d.mts +18 -0
package/dist/db/adapter/get-field-name.mjs +33 -0
package/dist/db/adapter/get-id-field.d.mts +39 -0
package/dist/db/adapter/get-id-field.mjs +68 -0
package/dist/db/adapter/get-model-name.d.mts +12 -0
package/dist/db/adapter/get-model-name.mjs +23 -0
package/dist/db/adapter/index.d.mts +513 -1
package/dist/db/adapter/index.mjs +8 -970
package/dist/db/adapter/types.d.mts +139 -0
package/dist/db/adapter/utils.d.mts +7 -0
package/dist/db/adapter/utils.mjs +38 -0
package/dist/db/get-tables.d.mts +8 -0
package/dist/{get-tables-CMc_Emww.mjs → db/get-tables.mjs} +1 -1
package/dist/db/index.d.mts +10 -2
package/dist/db/index.mjs +7 -60
package/dist/db/plugin.d.mts +12 -0
package/dist/db/schema/account.d.mts +26 -0
package/dist/db/schema/account.mjs +19 -0
package/dist/db/schema/rate-limit.d.mts +14 -0
package/dist/db/schema/rate-limit.mjs +11 -0
package/dist/db/schema/session.d.mts +21 -0
package/dist/db/schema/session.mjs +14 -0
package/dist/db/schema/shared.d.mts +10 -0
package/dist/db/schema/shared.mjs +11 -0
package/dist/db/schema/user.d.mts +20 -0
package/dist/db/schema/user.mjs +13 -0
package/dist/db/schema/verification.d.mts +19 -0
package/dist/db/schema/verification.mjs +12 -0
package/dist/db/type.d.mts +143 -0
package/dist/env/color-depth.d.mts +4 -0
package/dist/env/color-depth.mjs +88 -0
package/dist/env/env-impl.d.mts +32 -0
package/dist/env/env-impl.mjs +82 -0
package/dist/env/index.d.mts +4 -2
package/dist/env/index.mjs +3 -1
package/dist/{index-BRBu0-5h.d.mts → env/logger.d.mts} +1 -35
package/dist/env/logger.mjs +81 -0
package/dist/error/codes.d.mts +48 -0
package/dist/{error-DP1xOn7P.mjs → error/codes.mjs} +3 -14
package/dist/error/index.d.mts +5 -48
package/dist/error/index.mjs +12 -3
package/dist/index.d.mts +8 -2
package/dist/oauth2/client-credentials-token.d.mts +36 -0
package/dist/oauth2/client-credentials-token.mjs +54 -0
package/dist/oauth2/create-authorization-url.d.mts +45 -0
package/dist/oauth2/create-authorization-url.mjs +42 -0
package/dist/oauth2/index.d.mts +8 -2
package/dist/oauth2/index.mjs +6 -2
package/dist/oauth2/oauth-provider.d.mts +194 -0
package/dist/oauth2/refresh-access-token.d.mts +36 -0
package/dist/oauth2/refresh-access-token.mjs +58 -0
package/dist/oauth2/utils.d.mts +7 -0
package/dist/oauth2/utils.mjs +27 -0
package/dist/oauth2/validate-authorization-code.d.mts +55 -0
package/dist/oauth2/validate-authorization-code.mjs +71 -0
package/dist/oauth2/verify.d.mts +49 -0
package/dist/oauth2/verify.mjs +95 -0
package/dist/social-providers/apple.d.mts +119 -0
package/dist/social-providers/apple.mjs +102 -0
package/dist/social-providers/atlassian.d.mts +72 -0
package/dist/social-providers/atlassian.mjs +83 -0
package/dist/social-providers/cognito.d.mts +87 -0
package/dist/social-providers/cognito.mjs +166 -0
package/dist/social-providers/discord.d.mts +126 -0
package/dist/social-providers/discord.mjs +64 -0
package/dist/social-providers/dropbox.d.mts +71 -0
package/dist/social-providers/dropbox.mjs +75 -0
package/dist/social-providers/facebook.d.mts +81 -0
package/dist/social-providers/facebook.mjs +120 -0
package/dist/social-providers/figma.d.mts +63 -0
package/dist/social-providers/figma.mjs +84 -0
package/dist/social-providers/github.d.mts +104 -0
package/dist/social-providers/github.mjs +80 -0
package/dist/social-providers/gitlab.d.mts +125 -0
package/dist/social-providers/gitlab.mjs +82 -0
package/dist/social-providers/google.d.mts +99 -0
package/dist/social-providers/google.mjs +109 -0
package/dist/social-providers/huggingface.d.mts +85 -0
package/dist/social-providers/huggingface.mjs +75 -0
package/dist/social-providers/index.d.mts +1723 -1
package/dist/social-providers/index.mjs +33 -2570
package/dist/social-providers/kakao.d.mts +163 -0
package/dist/social-providers/kakao.mjs +72 -0
package/dist/social-providers/kick.d.mts +75 -0
package/dist/social-providers/kick.mjs +71 -0
package/dist/social-providers/line.d.mts +107 -0
package/dist/social-providers/line.mjs +113 -0
package/dist/social-providers/linear.d.mts +70 -0
package/dist/social-providers/linear.mjs +88 -0
package/dist/social-providers/linkedin.d.mts +69 -0
package/dist/social-providers/linkedin.mjs +76 -0
package/dist/social-providers/microsoft-entra-id.d.mts +174 -0
package/dist/social-providers/microsoft-entra-id.mjs +106 -0
package/dist/social-providers/naver.d.mts +104 -0
package/dist/social-providers/naver.mjs +67 -0
package/dist/social-providers/notion.d.mts +66 -0
package/dist/social-providers/notion.mjs +75 -0
package/dist/social-providers/paybin.d.mts +73 -0
package/dist/social-providers/paybin.mjs +85 -0
package/dist/social-providers/paypal.d.mts +131 -0
package/dist/social-providers/paypal.mjs +144 -0
package/dist/social-providers/polar.d.mts +76 -0
package/dist/social-providers/polar.mjs +73 -0
package/dist/social-providers/reddit.d.mts +64 -0
package/dist/social-providers/reddit.mjs +83 -0
package/dist/social-providers/roblox.d.mts +72 -0
package/dist/social-providers/roblox.mjs +59 -0
package/dist/social-providers/salesforce.d.mts +81 -0
package/dist/social-providers/salesforce.mjs +91 -0
package/dist/social-providers/slack.d.mts +85 -0
package/dist/social-providers/slack.mjs +68 -0
package/dist/social-providers/spotify.d.mts +65 -0
package/dist/social-providers/spotify.mjs +71 -0
package/dist/social-providers/tiktok.d.mts +171 -0
package/dist/social-providers/tiktok.mjs +62 -0
package/dist/social-providers/twitch.d.mts +81 -0
package/dist/social-providers/twitch.mjs +78 -0
package/dist/social-providers/twitter.d.mts +140 -0
package/dist/social-providers/twitter.mjs +87 -0
package/dist/social-providers/vercel.d.mts +64 -0
package/dist/social-providers/vercel.mjs +61 -0
package/dist/social-providers/vk.d.mts +72 -0
package/dist/social-providers/vk.mjs +83 -0
package/dist/social-providers/zoom.d.mts +173 -0
package/dist/social-providers/zoom.mjs +72 -0
package/dist/types/context.d.mts +215 -0
package/dist/types/cookie.d.mts +15 -0
package/dist/types/helper.d.mts +8 -0
package/dist/types/index.d.mts +8 -0
package/dist/types/init-options.d.mts +1266 -0
package/dist/types/plugin-client.d.mts +103 -0
package/dist/types/plugin.d.mts +121 -0
package/dist/utils/deprecate.d.mts +10 -0
package/dist/utils/deprecate.mjs +17 -0
package/dist/utils/error-codes.d.mts +9 -0
package/dist/utils/error-codes.mjs +7 -0
package/dist/utils/id.d.mts +4 -0
package/dist/utils/id.mjs +9 -0
package/dist/utils/index.d.mts +5 -26
package/dist/utils/index.mjs +5 -2
package/dist/utils/json.d.mts +4 -0
package/dist/utils/json.mjs +25 -0
package/dist/utils/string.d.mts +4 -0
package/dist/utils/string.mjs +7 -0
package/package.json +1 -1
package/src/context/endpoint-context.ts +7 -15
package/src/context/global.ts +57 -0
package/src/context/index.ts +1 -0
package/src/context/request-state.ts +7 -12
package/src/context/transaction.ts +7 -16
package/src/db/adapter/factory.ts +13 -13
package/src/db/adapter/get-default-model-name.ts +1 -1
package/src/db/adapter/get-id-field.ts +2 -2
package/src/error/index.ts +2 -3
package/src/social-providers/gitlab.ts +1 -1
package/src/types/context.ts +137 -131
package/src/types/cookie.ts +6 -4
package/src/types/index.ts +2 -1
package/tsdown.config.ts +9 -0
package/dist/context-BGZ8V6DD.mjs +0 -126
package/dist/env-DbssmzoK.mjs +0 -245
package/dist/index-zgYuzZ7O.d.mts +0 -8020
package/dist/oauth2-COJkghlT.mjs +0 -326
package/dist/utils-U2L7n92V.mjs +0 -59

package/dist/types/context.d.mts ADDED Viewed

@@ -0,0 +1,215 @@
+import { BetterAuthDBSchema, ModelNames, SecondaryStorage } from "../db/type.mjs";
+import { Account } from "../db/schema/account.mjs";
+import { Session } from "../db/schema/session.mjs";
+import { User } from "../db/schema/user.mjs";
+import { Verification } from "../db/schema/verification.mjs";
+import "../db/index.mjs";
+import { DBAdapter, Where } from "../db/adapter/index.mjs";
+import { createLogger } from "../env/logger.mjs";
+import { OAuthProvider } from "../oauth2/oauth-provider.mjs";
+import "../oauth2/index.mjs";
+import { BetterAuthCookie, BetterAuthCookies } from "./cookie.mjs";
+import { BetterAuthPlugin } from "./plugin.mjs";
+import { BetterAuthOptions, BetterAuthRateLimitOptions } from "./init-options.mjs";
+import { CookieOptions, EndpointContext } from "better-call";
+//#region src/types/context.d.ts
+type GenericEndpointContext<Options extends BetterAuthOptions = BetterAuthOptions> = EndpointContext<string, any> & {
+  context: AuthContext<Options>;
+};
+interface InternalAdapter<_Options extends BetterAuthOptions = BetterAuthOptions> {
+  createOAuthUser(user: Omit<User, "id" | "createdAt" | "updatedAt">, account: Omit<Account, "userId" | "id" | "createdAt" | "updatedAt"> & Partial<Account>): Promise<{
+    user: User;
+    account: Account;
+  }>;
+  createUser<T extends Record<string, any>>(user: Omit<User, "id" | "createdAt" | "updatedAt" | "emailVerified"> & Partial<User> & Record<string, any>): Promise<T & User>;
+  createAccount<T extends Record<string, any>>(account: Omit<Account, "id" | "createdAt" | "updatedAt"> & Partial<Account> & T): Promise<T & Account>;
+  listSessions(userId: string): Promise<Session[]>;
+  listUsers(limit?: number | undefined, offset?: number | undefined, sortBy?: {
+    field: string;
+    direction: "asc" | "desc";
+  } | undefined, where?: Where[] | undefined): Promise<User[]>;
+  countTotalUsers(where?: Where[] | undefined): Promise<number>;
+  deleteUser(userId: string): Promise<void>;
+  createSession(userId: string, dontRememberMe?: boolean | undefined, override?: (Partial<Session> & Record<string, any>) | undefined, overrideAll?: boolean | undefined): Promise<Session>;
+  findSession(token: string): Promise<{
+    session: Session & Record<string, any>;
+    user: User & Record<string, any>;
+  } | null>;
+  findSessions(sessionTokens: string[]): Promise<{
+    session: Session;
+    user: User;
+  }[]>;
+  updateSession(sessionToken: string, session: Partial<Session> & Record<string, any>): Promise<Session | null>;
+  deleteSession(token: string): Promise<void>;
+  deleteAccounts(userId: string): Promise<void>;
+  deleteAccount(accountId: string): Promise<void>;
+  deleteSessions(userIdOrSessionTokens: string | string[]): Promise<void>;
+  findOAuthUser(email: string, accountId: string, providerId: string): Promise<{
+    user: User;
+    accounts: Account[];
+  } | null>;
+  findUserByEmail(email: string, options?: {
+    includeAccounts: boolean;
+  } | undefined): Promise<{
+    user: User;
+    accounts: Account[];
+  } | null>;
+  findUserById(userId: string): Promise<User | null>;
+  linkAccount(account: Omit<Account, "id" | "createdAt" | "updatedAt"> & Partial<Account>): Promise<Account>;
+  updateUser<T extends Record<string, any>>(userId: string, data: Partial<User> & Record<string, any>): Promise<User & T>;
+  updateUserByEmail<T extends Record<string, any>>(email: string, data: Partial<User & Record<string, any>>): Promise<User & T>;
+  updatePassword(userId: string, password: string): Promise<void>;
+  findAccounts(userId: string): Promise<Account[]>;
+  findAccount(accountId: string): Promise<Account | null>;
+  findAccountByProviderId(accountId: string, providerId: string): Promise<Account | null>;
+  findAccountByUserId(userId: string): Promise<Account[]>;
+  updateAccount(id: string, data: Partial<Account>): Promise<Account>;
+  createVerificationValue(data: Omit<Verification, "createdAt" | "id" | "updatedAt"> & Partial<Verification>): Promise<Verification>;
+  findVerificationValue(identifier: string): Promise<Verification | null>;
+  deleteVerificationValue(id: string): Promise<void>;
+  deleteVerificationByIdentifier(identifier: string): Promise<void>;
+  updateVerificationValue(id: string, data: Partial<Verification>): Promise<Verification>;
+}
+type CreateCookieGetterFn = (cookieName: string, overrideAttributes?: Partial<CookieOptions> | undefined) => BetterAuthCookie;
+type CheckPasswordFn<Options extends BetterAuthOptions = BetterAuthOptions> = (userId: string, ctx: GenericEndpointContext<Options>) => Promise<boolean>;
+type PluginContext = {
+  getPlugin: <Plugin extends BetterAuthPlugin>(pluginId: Plugin["id"]) => Plugin | null;
+};
+type InfoContext = {
+  appName: string;
+  baseURL: string;
+  version: string;
+};
+type AuthContext<Options extends BetterAuthOptions = BetterAuthOptions> = PluginContext & InfoContext & {
+  options: Options;
+  trustedOrigins: string[];
+  /**
+   * Verifies whether url is a trusted origin according to the "trustedOrigins" configuration
+   * @param url The url to verify against the "trustedOrigins" configuration
+   * @param settings Specify supported pattern matching settings
+   * @returns {boolean} true if the URL matches the origin pattern, false otherwise.
+   */
+  isTrustedOrigin: (url: string, settings?: {
+    allowRelativePaths: boolean;
+  }) => boolean;
+  oauthConfig: {
+    /**
+     * This is dangerous and should only be used in dev or staging environments.
+     */
+    skipStateCookieCheck?: boolean | undefined;
+    /**
+     * Strategy for storing OAuth state
+     *
+     * - "cookie": Store state in an encrypted cookie (stateless)
+     * - "database": Store state in the database
+     *
+     * @default "cookie"
+     */
+    storeStateStrategy: "database" | "cookie";
+  };
+  /**
+   * New session that will be set after the request
+   * meaning: there is a `set-cookie` header that will set
+   * the session cookie. This is the fetched session. And it's set
+   * by `setNewSession` method.
+   */
+  newSession: {
+    session: Session & Record<string, any>;
+    user: User & Record<string, any>;
+  } | null;
+  session: {
+    session: Session & Record<string, any>;
+    user: User & Record<string, any>;
+  } | null;
+  setNewSession: (session: {
+    session: Session & Record<string, any>;
+    user: User & Record<string, any>;
+  } | null) => void;
+  socialProviders: OAuthProvider[];
+  authCookies: BetterAuthCookies;
+  logger: ReturnType<typeof createLogger>;
+  rateLimit: {
+    enabled: boolean;
+    window: number;
+    max: number;
+    storage: "memory" | "database" | "secondary-storage";
+  } & Omit<BetterAuthRateLimitOptions, "enabled" | "window" | "max" | "storage">;
+  adapter: DBAdapter<Options>;
+  internalAdapter: InternalAdapter<Options>;
+  createAuthCookie: CreateCookieGetterFn;
+  secret: string;
+  sessionConfig: {
+    updateAge: number;
+    expiresIn: number;
+    freshAge: number;
+    cookieRefreshCache: false | {
+      enabled: true;
+      updateAge: number;
+    };
+  };
+  generateId: (options: {
+    model: ModelNames;
+    size?: number | undefined;
+  }) => string | false;
+  secondaryStorage: SecondaryStorage | undefined;
+  password: {
+    hash: (password: string) => Promise<string>;
+    verify: (data: {
+      password: string;
+      hash: string;
+    }) => Promise<boolean>;
+    config: {
+      minPasswordLength: number;
+      maxPasswordLength: number;
+    };
+    checkPassword: CheckPasswordFn<Options>;
+  };
+  tables: BetterAuthDBSchema;
+  runMigrations: () => Promise<void>;
+  publishTelemetry: (event: {
+    type: string;
+    anonymousId?: string | undefined;
+    payload: Record<string, any>;
+  }) => Promise<void>;
+  /**
+   * Skip origin check for requests.
+   *
+   * - `true`: Skip for ALL requests (DANGEROUS - disables CSRF protection)
+   * - `string[]`: Skip only for specific paths (e.g., SAML callbacks)
+   * - `false`: Enable origin check (default)
+   *
+   * Paths support prefix matching (e.g., "/sso/saml2/callback" matches
+   * "/sso/saml2/callback/provider-name").
+   *
+   * @default false (true in test environments)
+   */
+  skipOriginCheck: boolean | string[];
+  /**
+   * This skips the CSRF check for all requests.
+   *
+   * This is inferred from the `options.advanced?.
+   * disableCSRFCheck` option.
+   *
+   * @default false
+   */
+  skipCSRFCheck: boolean;
+  /**
+   * Background task handler for deferred operations.
+   *
+   * This is inferred from the `options.advanced?.backgroundTasks?.handler` option.
+   * Defaults to a no-op that just runs the promise.
+   */
+  runInBackground: (promise: Promise<void>) => void;
+  /**
+   * Runs a task in the background if `runInBackground` is configured,
+   * otherwise awaits the task directly.
+   *
+   * This is useful for operations like sending emails where we want
+   * to avoid blocking the response when possible (for timing attack
+   * mitigation), but still ensure the operation completes.
+   */
+  runInBackgroundOrAwait: (promise: Promise<unknown> | Promise<void> | void | unknown) => Promise<unknown>;
+};
+//#endregion
+export { AuthContext, GenericEndpointContext, InfoContext, InternalAdapter, PluginContext };

package/dist/types/cookie.d.mts ADDED Viewed

@@ -0,0 +1,15 @@
+import { CookieOptions } from "better-call";
+//#region src/types/cookie.d.ts
+type BetterAuthCookie = {
+  name: string;
+  attributes: CookieOptions;
+};
+type BetterAuthCookies = {
+  sessionToken: BetterAuthCookie;
+  sessionData: BetterAuthCookie;
+  accountData: BetterAuthCookie;
+  dontRememberToken: BetterAuthCookie;
+};
+//#endregion
+export { BetterAuthCookie, BetterAuthCookies };

package/dist/types/helper.d.mts ADDED Viewed

@@ -0,0 +1,8 @@
+//#region src/types/helper.d.ts
+type Primitive = string | number | symbol | bigint | boolean | null | undefined;
+type Awaitable<T> = T | Promise<T>;
+type LiteralString = "" | (string & Record<never, never>);
+type LiteralUnion<LiteralType, BaseType extends Primitive> = LiteralType | (BaseType & Record<never, never>);
+type Prettify<T> = { [K in keyof T]: T[K] } & {};
+//#endregion
+export { Awaitable, LiteralString, LiteralUnion, Prettify, Primitive };

package/dist/types/index.d.mts ADDED Viewed

@@ -0,0 +1,8 @@
+import { Awaitable, LiteralString, LiteralUnion, Prettify, Primitive } from "./helper.mjs";
+import { BetterAuthCookie, BetterAuthCookies } from "./cookie.mjs";
+import { BetterAuthPlugin, HookEndpointContext } from "./plugin.mjs";
+import { BetterAuthAdvancedOptions, BetterAuthOptions, BetterAuthRateLimitOptions, GenerateIdFn } from "./init-options.mjs";
+import { AuthContext, GenericEndpointContext, InfoContext, InternalAdapter, PluginContext } from "./context.mjs";
+import { BetterAuthClientOptions, BetterAuthClientPlugin, ClientAtomListener, ClientFetchOption, ClientStore } from "./plugin-client.mjs";
+import { StandardSchemaV1 as StandardSchemaV1$1 } from "@standard-schema/spec";
+export { type StandardSchemaV1$1 as StandardSchemaV1 };