@better-auth/core 1.4.12-beta.2 → 1.4.13

package/dist/types/plugin-client.d.mts

@@ -0,0 +1,103 @@
+import { LiteralString } from "./helper.mjs";
+import { BetterAuthPlugin } from "./plugin.mjs";
+import { BetterAuthOptions } from "./init-options.mjs";
+import { BetterFetch, BetterFetchOption, BetterFetchPlugin } from "@better-fetch/fetch";
+import { Atom, WritableAtom } from "nanostores";
+
+//#region src/types/plugin-client.d.ts
+interface ClientStore {
+  notify: (signal: string) => void;
+  listen: (signal: string, listener: () => void) => void;
+  atoms: Record<string, WritableAtom<any>>;
+}
+type ClientAtomListener = {
+  matcher: (path: string) => boolean;
+  signal: "$sessionSignal" | Omit<string, "$sessionSignal">;
+};
+/**
+ * Better-Fetch options but with additional options for the auth-client.
+ */
+type ClientFetchOption<Body = any, Query extends Record<string, any> = any, Params extends Record<string, any> | Array<string> | undefined = any, Res = any> = BetterFetchOption<Body, Query, Params, Res> & {
+  /**
+   * Certain endpoints, upon successful response, will trigger atom signals and thus rerendering all hooks related to that atom.
+   *
+   * This option is useful when you want to skip hook rerenders.
+   */
+  disableSignal?: boolean | undefined;
+};
+interface RevalidateOptions {
+  /**
+   * A time interval (in seconds) after which the session will be re-fetched.
+   * If set to `0` (default), the session is not polled.
+   *
+   * This helps prevent session expiry during idle periods by periodically
+   * refreshing the session.
+   *
+   * @default 0
+   */
+  refetchInterval?: number | undefined;
+  /**
+   * Automatically refetch the session when the user switches back to the window/tab.
+   * This option activates this behavior if set to `true` (default).
+   *
+   * Prevents expired sessions when users switch tabs and come back later.
+   *
+   * @default true
+   */
+  refetchOnWindowFocus?: boolean | undefined;
+  /**
+   * Set to `false` to stop polling when the device has no internet access
+   * (determined by `navigator.onLine`).
+   *
+   * @default false
+   * @see https://developer.mozilla.org/en-US/docs/Web/API/NavigatorOnLine/onLine
+   */
+  refetchWhenOffline?: boolean | undefined;
+}
+interface BetterAuthClientOptions {
+  fetchOptions?: ClientFetchOption | undefined;
+  plugins?: BetterAuthClientPlugin[] | undefined;
+  baseURL?: string | undefined;
+  basePath?: string | undefined;
+  disableDefaultFetchPlugins?: boolean | undefined;
+  $InferAuth?: BetterAuthOptions | undefined;
+  sessionOptions?: RevalidateOptions | undefined;
+}
+interface BetterAuthClientPlugin {
+  id: LiteralString;
+  /**
+   * only used for type inference. don't pass the
+   * actual plugin
+   */
+  $InferServerPlugin?: BetterAuthPlugin | undefined;
+  /**
+   * Custom actions
+   */
+  getActions?: ($fetch: BetterFetch, $store: ClientStore,
+  /**
+   * better-auth client options
+   */
+  options: BetterAuthClientOptions | undefined) => Record<string, any>;
+  /**
+   * State atoms that'll be resolved by each framework
+   * auth store.
+   */
+  getAtoms?: (($fetch: BetterFetch) => Record<string, Atom<any>>) | undefined;
+  /**
+   * specify path methods for server plugin inferred
+   * endpoints to force a specific method.
+   */
+  pathMethods?: Record<string, "POST" | "GET"> | undefined;
+  /**
+   * Better fetch plugins
+   */
+  fetchPlugins?: BetterFetchPlugin[] | undefined;
+  /**
+   * a list of recaller based on a matcher function.
+   * The signal name needs to match a signal in this
+   * plugin or any plugin the user might have added.
+   */
+  atomListeners?: ClientAtomListener[] | undefined;
+}
+//#endregion
+export { BetterAuthClientOptions, BetterAuthClientPlugin, ClientAtomListener, ClientFetchOption, ClientStore };

package/dist/types/plugin.d.mts

@@ -0,0 +1,121 @@
+import { BetterAuthPluginDBSchema } from "../db/plugin.mjs";
+import "../db/index.mjs";
+import { Awaitable, LiteralString } from "./helper.mjs";
+import { BetterAuthOptions } from "./init-options.mjs";
+import { AuthContext } from "./context.mjs";
+import { AuthMiddleware } from "../api/index.mjs";
+import { Endpoint, EndpointContext, InputContext, Middleware } from "better-call";
+import { Migration } from "kysely";
+
+//#region src/types/plugin.d.ts
+type DeepPartial<T> = T extends Function ? T : T extends object ? { [K in keyof T]?: DeepPartial<T[K]> } : T;
+type HookEndpointContext = Partial<EndpointContext<string, any> & Omit<InputContext<string, any>, "method">> & {
+  path?: string;
+  context: AuthContext & {
+    returned?: unknown | undefined;
+    responseHeaders?: Headers | undefined;
+  };
+  headers?: Headers | undefined;
+};
+type BetterAuthPlugin = {
+  id: LiteralString;
+  /**
+   * The init function is called when the plugin is initialized.
+   * You can return a new context or modify the existing context.
+   */
+  init?: ((ctx: AuthContext) => Awaitable<{
+    context?: DeepPartial<Omit<AuthContext, "options">>;
+    options?: Partial<BetterAuthOptions>;
+  }> | void | Promise<void>) | undefined;
+  endpoints?: {
+    [key: string]: Endpoint;
+  } | undefined;
+  middlewares?: {
+    path: string;
+    middleware: Middleware;
+  }[] | undefined;
+  onRequest?: ((request: Request, ctx: AuthContext) => Promise<{
+    response: Response;
+  } | {
+    request: Request;
+  } | void>) | undefined;
+  onResponse?: ((response: Response, ctx: AuthContext) => Promise<{
+    response: Response;
+  } | void>) | undefined;
+  hooks?: {
+    before?: {
+      matcher: (context: HookEndpointContext) => boolean;
+      handler: AuthMiddleware;
+    }[];
+    after?: {
+      matcher: (context: HookEndpointContext) => boolean;
+      handler: AuthMiddleware;
+    }[];
+  } | undefined;
+  /**
+   * Schema the plugin needs
+   *
+   * This will also be used to migrate the database. If the fields are dynamic from the plugins
+   * configuration each time the configuration is changed a new migration will be created.
+   *
+   * NOTE: If you want to create migrations manually using
+   * migrations option or any other way you
+   * can disable migration per table basis.
+   *
+   * @example
+   * ```ts
+   * schema: {
+   * 	user: {
+   * 		fields: {
+   * 			email: {
+   * 				 type: "string",
+   * 			},
+   * 			emailVerified: {
+   * 				type: "boolean",
+   * 				defaultValue: false,
+   * 			},
+   * 		},
+   * 	}
+   * } as AuthPluginSchema
+   * ```
+   */
+  schema?: BetterAuthPluginDBSchema | undefined;
+  /**
+   * The migrations of the plugin. If you define schema that will automatically create
+   * migrations for you.
+   *
+   * ⚠️ Only uses this if you dont't want to use the schema option and you disabled migrations for
+   * the tables.
+   */
+  migrations?: Record<string, Migration> | undefined;
+  /**
+   * The options of the plugin
+   */
+  options?: Record<string, any> | undefined;
+  /**
+   * types to be inferred
+   */
+  $Infer?: Record<string, any> | undefined;
+  /**
+   * The rate limit rules to apply to specific paths.
+   */
+  rateLimit?: {
+    window: number;
+    max: number;
+    pathMatcher: (path: string) => boolean;
+  }[] | undefined;
+  /**
+   * The error codes returned by the plugin
+   */
+  $ERROR_CODES?: Record<string, string> | undefined;
+  /**
+   * All database operations that are performed by the plugin
+   *
+   * This will override the default database operations
+   */
+  adapter?: {
+    [key: string]: (...args: any[]) => Awaitable<any>;
+  };
+};
+//#endregion
+export { BetterAuthPlugin, HookEndpointContext };

package/dist/utils/deprecate.d.mts

@@ -0,0 +1,10 @@
+import { InternalLogger } from "../env/logger.mjs";
+
+//#region src/utils/deprecate.d.ts
+
+/**
+ * Wraps a function to log a deprecation warning at once.
+ */
+declare function deprecate<T extends (...args: any[]) => any>(fn: T, message: string, logger?: InternalLogger): T;
+//#endregion
+export { deprecate };

package/dist/utils/deprecate.mjs

@@ -0,0 +1,17 @@
+//#region src/utils/deprecate.ts
+/**
+* Wraps a function to log a deprecation warning at once.
+*/
+function deprecate(fn, message, logger) {
+	let warned = false;
+	return function(...args) {
+		if (!warned) {
+			(logger?.warn ?? console.warn)(`[Deprecation] ${message}`);
+			warned = true;
+		}
+		return fn.apply(this, args);
+	};
+}
+
+//#endregion
+export { deprecate };

package/dist/utils/error-codes.d.mts

@@ -0,0 +1,9 @@
+//#region src/utils/error-codes.d.ts
+type UpperLetter = "A" | "B" | "C" | "D" | "E" | "F" | "G" | "H" | "I" | "J" | "K" | "L" | "M" | "N" | "O" | "P" | "Q" | "R" | "S" | "T" | "U" | "V" | "W" | "X" | "Y" | "Z";
+type SpecialCharacter = "_";
+type IsValidUpperSnakeCase<S extends string> = S extends `${infer F}${infer R}` ? F extends UpperLetter | SpecialCharacter ? IsValidUpperSnakeCase<R> : false : true;
+type InvalidKeyError<K$1 extends string> = `Invalid error code key: "${K$1}" - must only contain uppercase letters (A-Z) and underscores (_)`;
+type ValidateErrorCodes<T> = { [K in keyof T]: K extends string ? IsValidUpperSnakeCase<K> extends false ? InvalidKeyError<K> : T[K] : T[K] };
+declare function defineErrorCodes<const T extends Record<string, string>>(codes: ValidateErrorCodes<T>): T;
+//#endregion
+export { defineErrorCodes };

package/dist/utils/error-codes.mjs

@@ -0,0 +1,7 @@
+//#region src/utils/error-codes.ts
+function defineErrorCodes(codes) {
+	return codes;
+}
+
+//#endregion
+export { defineErrorCodes };

package/dist/utils/id.d.mts

@@ -0,0 +1,4 @@
+//#region src/utils/id.d.ts
+declare const generateId: (size?: number) => string;
+//#endregion
+export { generateId };

package/dist/utils/id.mjs

@@ -0,0 +1,9 @@
+import { createRandomStringGenerator } from "@better-auth/utils/random";
+
+//#region src/utils/id.ts
+const generateId = (size) => {
+	return createRandomStringGenerator("a-z", "A-Z", "0-9")(size || 32);
+};
+
+//#endregion
+export { generateId };

package/dist/utils/index.d.mts

@@ -1,27 +1,6 @@
-import { t as InternalLogger } from "../index-BRBu0-5h.mjs";
-
-//#region src/utils/deprecate.d.ts
-
-/**
- * Wraps a function to log a deprecation warning at once.
- */
-declare function deprecate<T extends (...args: any[]) => any>(fn: T, message: string, logger?: InternalLogger): T;
-//#endregion
-//#region src/utils/error-codes.d.ts
-type UpperLetter = "A" | "B" | "C" | "D" | "E" | "F" | "G" | "H" | "I" | "J" | "K" | "L" | "M" | "N" | "O" | "P" | "Q" | "R" | "S" | "T" | "U" | "V" | "W" | "X" | "Y" | "Z";
-type SpecialCharacter = "_";
-type IsValidUpperSnakeCase<S extends string> = S extends `${infer F}${infer R}` ? F extends UpperLetter | SpecialCharacter ? IsValidUpperSnakeCase<R> : false : true;
-type InvalidKeyError<K$1 extends string> = `Invalid error code key: "${K$1}" - must only contain uppercase letters (A-Z) and underscores (_)`;
-type ValidateErrorCodes<T> = { [K in keyof T]: K extends string ? IsValidUpperSnakeCase<K> extends false ? InvalidKeyError<K> : T[K] : T[K] };
-declare function defineErrorCodes<const T extends Record<string, string>>(codes: ValidateErrorCodes<T>): T;
-//#endregion
-//#region src/utils/id.d.ts
-declare const generateId: (size?: number) => string;
-//#endregion
-//#region src/utils/json.d.ts
-declare function safeJSONParse<T>(data: unknown): T | null;
-//#endregion
-//#region src/utils/string.d.ts
-declare function capitalizeFirstLetter(str: string): string;
-//#endregion
+import { deprecate } from "./deprecate.mjs";
+import { defineErrorCodes } from "./error-codes.mjs";
+import { generateId } from "./id.mjs";
+import { safeJSONParse } from "./json.mjs";
+import { capitalizeFirstLetter } from "./string.mjs";
 export { capitalizeFirstLetter, defineErrorCodes, deprecate, generateId, safeJSONParse };

package/dist/utils/index.mjs

@@ -1,4 +1,7 @@
-import "../env-DbssmzoK.mjs";
-import { a as deprecate, i as defineErrorCodes, n as safeJSONParse, r as generateId, t as capitalizeFirstLetter } from "../utils-U2L7n92V.mjs";
+import { deprecate } from "./deprecate.mjs";
+import { defineErrorCodes } from "./error-codes.mjs";
+import { generateId } from "./id.mjs";
+import { safeJSONParse } from "./json.mjs";
+import { capitalizeFirstLetter } from "./string.mjs";
 
 export { capitalizeFirstLetter, defineErrorCodes, deprecate, generateId, safeJSONParse };

package/dist/utils/json.d.mts

@@ -0,0 +1,4 @@
+//#region src/utils/json.d.ts
+declare function safeJSONParse<T>(data: unknown): T | null;
+//#endregion
+export { safeJSONParse };

package/dist/utils/json.mjs

@@ -0,0 +1,25 @@
+import { logger } from "../env/logger.mjs";
+import "../env/index.mjs";
+
+//#region src/utils/json.ts
+function safeJSONParse(data) {
+	function reviver(_, value) {
+		if (typeof value === "string") {
+			if (/^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(?:\.\d+)?Z$/.test(value)) {
+				const date = new Date(value);
+				if (!isNaN(date.getTime())) return date;
+			}
+		}
+		return value;
+	}
+	try {
+		if (typeof data !== "string") return data;
+		return JSON.parse(data, reviver);
+	} catch (e) {
+		logger.error("Error parsing JSON", { error: e });
+		return null;
+	}
+}
+
+//#endregion
+export { safeJSONParse };

package/dist/utils/string.d.mts

@@ -0,0 +1,4 @@
+//#region src/utils/string.d.ts
+declare function capitalizeFirstLetter(str: string): string;
+//#endregion
+export { capitalizeFirstLetter };

package/dist/utils/string.mjs

@@ -0,0 +1,7 @@
+//#region src/utils/string.ts
+function capitalizeFirstLetter(str) {
+	return str.charAt(0).toUpperCase() + str.slice(1);
+}
+
+//#endregion
+export { capitalizeFirstLetter };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/core",
-  "version": "1.4.12-beta.2",
+  "version": "1.4.13",
   "description": "The most comprehensive authentication framework for TypeScript.",
   "type": "module",
   "repository": {

package/src/context/endpoint-context.ts

@@ -2,6 +2,7 @@ import type { AsyncLocalStorage } from "@better-auth/core/async_hooks";
 import { getAsyncLocalStorage } from "@better-auth/core/async_hooks";
 import type { EndpointContext, InputContext } from "better-call";
 import type { AuthContext } from "../types";
+import { __getBetterAuthGlobal } from "./global";
 
 export type AuthEndpointContext = Partial<
 	InputContext<string, any> & EndpointContext<string, any>
@@ -9,24 +10,15 @@ export type AuthEndpointContext = Partial<
 	context: AuthContext;
 };
 
-const symbol = Symbol.for("better-auth:endpoint-context-async-storage");
-
-let currentContextAsyncStorage: AsyncLocalStorage<AuthEndpointContext> | null =
-	null;
-
 const ensureAsyncStorage = async () => {
-	if (
-		!currentContextAsyncStorage ||
-		(globalThis as any)[symbol] === undefined
-	) {
+	const betterAuthGlobal = __getBetterAuthGlobal();
+	if (!betterAuthGlobal.context.endpointContextAsyncStorage) {
 		const AsyncLocalStorage = await getAsyncLocalStorage();
-		currentContextAsyncStorage = new AsyncLocalStorage();
-		(globalThis as any)[symbol] = currentContextAsyncStorage;
+		betterAuthGlobal.context.endpointContextAsyncStorage =
+			new AsyncLocalStorage<AuthEndpointContext>();
 	}
-	return (
-		currentContextAsyncStorage ||
-		((globalThis as any)[symbol] as AsyncLocalStorage<AuthEndpointContext>)
-	);
+	return betterAuthGlobal.context
+		.endpointContextAsyncStorage as AsyncLocalStorage<AuthEndpointContext>;
 };
 
 /**

package/src/context/global.ts

@@ -0,0 +1,57 @@
+import type { AsyncLocalStorage } from "@better-auth/core/async_hooks";
+
+interface BetterAuthGlobal {
+	/**
+	 * The version of BetterAuth.
+	 */
+	version: string;
+	/**
+	 * Used to track the number of BetterAuth instances in the same process.
+	 *
+	 * Debugging purposes only.
+	 */
+	epoch: number;
+	/**
+	 * Stores the AsyncLocalStorage instances for each context.
+	 */
+	context: Record<string, AsyncLocalStorage<unknown>>;
+}
+
+const symbol = Symbol.for("better-auth:global");
+let bind: BetterAuthGlobal | null = null;
+
+const __context: Record<string, AsyncLocalStorage<unknown>> = {};
+const __betterAuthVersion: string = import.meta.env
+	.BETTER_AUTH_VERSION as string;
+
+/**
+ * We store context instance in the globalThis.
+ *
+ * The reason we do this is that some bundlers, web framework, or package managers might
+ * create multiple copies of BetterAuth in the same process intentionally or unintentionally.
+ *
+ * For example, yarn v1, Next.js, SSR, Vite...
+ *
+ * @internal
+ */
+export function __getBetterAuthGlobal(): BetterAuthGlobal {
+	if (!(globalThis as any)[symbol]) {
+		(globalThis as any)[symbol] = {
+			version: __betterAuthVersion,
+			epoch: 1,
+			context: __context,
+		};
+		bind = (globalThis as any)[symbol] as BetterAuthGlobal;
+	}
+	bind = (globalThis as any)[symbol] as BetterAuthGlobal;
+	if (bind.version !== __betterAuthVersion) {
+		bind.version = __betterAuthVersion;
+		// Different versions of BetterAuth are loaded in the same process.
+		bind.epoch++;
+	}
+	return (globalThis as any)[symbol] as BetterAuthGlobal;
+}
+
+export function getBetterAuthVersion(): string {
+	return __getBetterAuthGlobal().version;
+}

package/src/context/index.ts

@@ -4,6 +4,7 @@ export {
 	getCurrentAuthContextAsyncLocalStorage,
 	runWithEndpointContext,
 } from "./endpoint-context";
+export { getBetterAuthVersion } from "./global";
 export {
 	defineRequestState,
 	getCurrentRequestState,

package/src/context/request-state.ts

@@ -1,23 +1,18 @@
 import type { AsyncLocalStorage } from "@better-auth/core/async_hooks";
 import { getAsyncLocalStorage } from "@better-auth/core/async_hooks";
+import { __getBetterAuthGlobal } from "./global";
 
 export type RequestStateWeakMap = WeakMap<object, any>;
 
-const symbol = Symbol.for("better-auth:request-state-async-storage");
-
-let requestStateAsyncStorage: AsyncLocalStorage<RequestStateWeakMap> | null =
-	null;
-
 const ensureAsyncStorage = async () => {
-	if (!requestStateAsyncStorage || (globalThis as any)[symbol] === undefined) {
+	const betterAuthGlobal = __getBetterAuthGlobal();
+	if (!betterAuthGlobal.context.requestStateAsyncStorage) {
 		const AsyncLocalStorage = await getAsyncLocalStorage();
-		requestStateAsyncStorage = new AsyncLocalStorage();
-		(globalThis as any)[symbol] = requestStateAsyncStorage;
+		betterAuthGlobal.context.requestStateAsyncStorage =
+			new AsyncLocalStorage<RequestStateWeakMap>();
 	}
-	return (
-		requestStateAsyncStorage ||
-		((globalThis as any)[symbol] as AsyncLocalStorage<RequestStateWeakMap>)
-	);
+	return betterAuthGlobal.context
+		.requestStateAsyncStorage as AsyncLocalStorage<RequestStateWeakMap>;
 };
 
 export async function getRequestStateAsyncLocalStorage() {

package/src/context/transaction.ts

@@ -1,25 +1,16 @@
-import type { AsyncLocalStorage } from "@better-auth/core/async_hooks";
+import type { AsyncLocalStorage } from "node:async_hooks";
 import { getAsyncLocalStorage } from "@better-auth/core/async_hooks";
 import type { DBAdapter, DBTransactionAdapter } from "../db/adapter";
-
-const symbol = Symbol.for("better-auth:transaction-adapter-async-storage");
-
-let currentAdapterAsyncStorage: AsyncLocalStorage<DBTransactionAdapter> | null =
-	null;
+import { __getBetterAuthGlobal } from "./global";
 
 const ensureAsyncStorage = async () => {
-	if (
-		!currentAdapterAsyncStorage ||
-		(globalThis as any)[symbol] === undefined
-	) {
+	const betterAuthGlobal = __getBetterAuthGlobal();
+	if (!betterAuthGlobal.context.adapterAsyncStorage) {
 		const AsyncLocalStorage = await getAsyncLocalStorage();
-		currentAdapterAsyncStorage = new AsyncLocalStorage();
-		(globalThis as any)[symbol] = currentAdapterAsyncStorage;
+		betterAuthGlobal.context.adapterAsyncStorage = new AsyncLocalStorage();
 	}
-	return (
-		currentAdapterAsyncStorage ||
-		((globalThis as any)[symbol] as AsyncLocalStorage<DBTransactionAdapter>)
-	);
+	return betterAuthGlobal.context
+		.adapterAsyncStorage as AsyncLocalStorage<DBTransactionAdapter>;
 };
 
 /**