@better-auth/core 1.4.5 → 1.4.6-beta.3

package/src/db/get-tables.ts

@@ -0,0 +1,276 @@
+import type { BetterAuthOptions } from "../types";
+import type { BetterAuthDBSchema, DBFieldAttribute } from "./type";
+
+export const getAuthTables = (
+	options: BetterAuthOptions,
+): BetterAuthDBSchema => {
+	const pluginSchema = (options.plugins ?? []).reduce(
+		(acc, plugin) => {
+			const schema = plugin.schema;
+			if (!schema) return acc;
+			for (const [key, value] of Object.entries(schema)) {
+				acc[key] = {
+					fields: {
+						...acc[key]?.fields,
+						...value.fields,
+					},
+					modelName: value.modelName || key,
+				};
+			}
+			return acc;
+		},
+		{} as Record<
+			string,
+			{ fields: Record<string, DBFieldAttribute>; modelName: string }
+		>,
+	);
+
+	const shouldAddRateLimitTable = options.rateLimit?.storage === "database";
+	const rateLimitTable = {
+		rateLimit: {
+			modelName: options.rateLimit?.modelName || "rateLimit",
+			fields: {
+				key: {
+					type: "string",
+					fieldName: options.rateLimit?.fields?.key || "key",
+				},
+				count: {
+					type: "number",
+					fieldName: options.rateLimit?.fields?.count || "count",
+				},
+				lastRequest: {
+					type: "number",
+					bigint: true,
+					fieldName: options.rateLimit?.fields?.lastRequest || "lastRequest",
+				},
+			},
+		},
+	} satisfies BetterAuthDBSchema;
+
+	const { user, session, account, ...pluginTables } = pluginSchema;
+
+	const sessionTable = {
+		session: {
+			modelName: options.session?.modelName || "session",
+			fields: {
+				expiresAt: {
+					type: "date",
+					required: true,
+					fieldName: options.session?.fields?.expiresAt || "expiresAt",
+				},
+				token: {
+					type: "string",
+					required: true,
+					fieldName: options.session?.fields?.token || "token",
+					unique: true,
+				},
+				createdAt: {
+					type: "date",
+					required: true,
+					fieldName: options.session?.fields?.createdAt || "createdAt",
+					defaultValue: () => new Date(),
+				},
+				updatedAt: {
+					type: "date",
+					required: true,
+					fieldName: options.session?.fields?.updatedAt || "updatedAt",
+					onUpdate: () => new Date(),
+				},
+				ipAddress: {
+					type: "string",
+					required: false,
+					fieldName: options.session?.fields?.ipAddress || "ipAddress",
+				},
+				userAgent: {
+					type: "string",
+					required: false,
+					fieldName: options.session?.fields?.userAgent || "userAgent",
+				},
+				userId: {
+					type: "string",
+					fieldName: options.session?.fields?.userId || "userId",
+					references: {
+						model: options.user?.modelName || "user",
+						field: "id",
+						onDelete: "cascade",
+					},
+					required: true,
+					index: true,
+				},
+				...session?.fields,
+				...options.session?.additionalFields,
+			},
+			order: 2,
+		},
+	} satisfies BetterAuthDBSchema;
+
+	return {
+		user: {
+			modelName: options.user?.modelName || "user",
+			fields: {
+				name: {
+					type: "string",
+					required: true,
+					fieldName: options.user?.fields?.name || "name",
+					sortable: true,
+				},
+				email: {
+					type: "string",
+					unique: true,
+					required: true,
+					fieldName: options.user?.fields?.email || "email",
+					sortable: true,
+				},
+				emailVerified: {
+					type: "boolean",
+					defaultValue: false,
+					required: true,
+					fieldName: options.user?.fields?.emailVerified || "emailVerified",
+					input: false,
+				},
+				image: {
+					type: "string",
+					required: false,
+					fieldName: options.user?.fields?.image || "image",
+				},
+				createdAt: {
+					type: "date",
+					defaultValue: () => new Date(),
+					required: true,
+					fieldName: options.user?.fields?.createdAt || "createdAt",
+				},
+				updatedAt: {
+					type: "date",
+					defaultValue: () => new Date(),
+					onUpdate: () => new Date(),
+					required: true,
+					fieldName: options.user?.fields?.updatedAt || "updatedAt",
+				},
+				...user?.fields,
+				...options.user?.additionalFields,
+			},
+			order: 1,
+		},
+		//only add session table if it's not stored in secondary storage
+		...(!options.secondaryStorage || options.session?.storeSessionInDatabase
+			? sessionTable
+			: {}),
+		account: {
+			modelName: options.account?.modelName || "account",
+			fields: {
+				accountId: {
+					type: "string",
+					required: true,
+					fieldName: options.account?.fields?.accountId || "accountId",
+				},
+				providerId: {
+					type: "string",
+					required: true,
+					fieldName: options.account?.fields?.providerId || "providerId",
+				},
+				userId: {
+					type: "string",
+					references: {
+						model: options.user?.modelName || "user",
+						field: "id",
+						onDelete: "cascade",
+					},
+					required: true,
+					fieldName: options.account?.fields?.userId || "userId",
+					index: true,
+				},
+				accessToken: {
+					type: "string",
+					required: false,
+					fieldName: options.account?.fields?.accessToken || "accessToken",
+				},
+				refreshToken: {
+					type: "string",
+					required: false,
+					fieldName: options.account?.fields?.refreshToken || "refreshToken",
+				},
+				idToken: {
+					type: "string",
+					required: false,
+					fieldName: options.account?.fields?.idToken || "idToken",
+				},
+				accessTokenExpiresAt: {
+					type: "date",
+					required: false,
+					fieldName:
+						options.account?.fields?.accessTokenExpiresAt ||
+						"accessTokenExpiresAt",
+				},
+				refreshTokenExpiresAt: {
+					type: "date",
+					required: false,
+					fieldName:
+						options.account?.fields?.refreshTokenExpiresAt ||
+						"refreshTokenExpiresAt",
+				},
+				scope: {
+					type: "string",
+					required: false,
+					fieldName: options.account?.fields?.scope || "scope",
+				},
+				password: {
+					type: "string",
+					required: false,
+					fieldName: options.account?.fields?.password || "password",
+				},
+				createdAt: {
+					type: "date",
+					required: true,
+					fieldName: options.account?.fields?.createdAt || "createdAt",
+					defaultValue: () => new Date(),
+				},
+				updatedAt: {
+					type: "date",
+					required: true,
+					fieldName: options.account?.fields?.updatedAt || "updatedAt",
+					onUpdate: () => new Date(),
+				},
+				...account?.fields,
+				...options.account?.additionalFields,
+			},
+			order: 3,
+		},
+		verification: {
+			modelName: options.verification?.modelName || "verification",
+			fields: {
+				identifier: {
+					type: "string",
+					required: true,
+					fieldName: options.verification?.fields?.identifier || "identifier",
+					index: true,
+				},
+				value: {
+					type: "string",
+					required: true,
+					fieldName: options.verification?.fields?.value || "value",
+				},
+				expiresAt: {
+					type: "date",
+					required: true,
+					fieldName: options.verification?.fields?.expiresAt || "expiresAt",
+				},
+				createdAt: {
+					type: "date",
+					required: true,
+					defaultValue: () => new Date(),
+					fieldName: options.verification?.fields?.createdAt || "createdAt",
+				},
+				updatedAt: {
+					type: "date",
+					required: true,
+					defaultValue: () => new Date(),
+					onUpdate: () => new Date(),
+					fieldName: options.verification?.fields?.updatedAt || "updatedAt",
+				},
+			},
+			order: 4,
+		},
+		...pluginTables,
+		...(shouldAddRateLimitTable ? rateLimitTable : {}),
+	} satisfies BetterAuthDBSchema;
+};

package/src/db/index.ts

@@ -49,3 +49,5 @@ export type Primitive = DBPrimitive;
  * @deprecated Backport for 1.3.x, we will remove this in 1.4.x
  */
 export type BetterAuthDbSchema = BetterAuthDBSchema;
+
+export { getAuthTables } from "./get-tables";

package/src/db/test/get-tables.test.ts

@@ -0,0 +1,62 @@
+import { describe, expect, it } from "vitest";
+import { getAuthTables } from "../get-tables";
+
+describe("getAuthTables", () => {
+	it("should use correct field name for refreshTokenExpiresAt", () => {
+		const tables = getAuthTables({
+			account: {
+				fields: {
+					refreshTokenExpiresAt: "custom_refresh_token_expires_at",
+				},
+			},
+		});
+
+		const accountTable = tables.account;
+		const refreshTokenExpiresAtField =
+			accountTable!.fields.refreshTokenExpiresAt!;
+
+		expect(refreshTokenExpiresAtField.fieldName).toBe(
+			"custom_refresh_token_expires_at",
+		);
+	});
+
+	it("should not use accessTokenExpiresAt field name for refreshTokenExpiresAt", () => {
+		const tables = getAuthTables({
+			account: {
+				fields: {
+					accessTokenExpiresAt: "custom_access_token_expires_at",
+					refreshTokenExpiresAt: "custom_refresh_token_expires_at",
+				},
+			},
+		});
+
+		const accountTable = tables.account;
+		const refreshTokenExpiresAtField =
+			accountTable!.fields.refreshTokenExpiresAt!;
+		const accessTokenExpiresAtField =
+			accountTable!.fields.accessTokenExpiresAt!;
+
+		expect(refreshTokenExpiresAtField.fieldName).toBe(
+			"custom_refresh_token_expires_at",
+		);
+		expect(accessTokenExpiresAtField.fieldName).toBe(
+			"custom_access_token_expires_at",
+		);
+		expect(refreshTokenExpiresAtField.fieldName).not.toBe(
+			accessTokenExpiresAtField.fieldName,
+		);
+	});
+
+	it("should use default field names when no custom names provided", () => {
+		const tables = getAuthTables({});
+
+		const accountTable = tables.account;
+		const refreshTokenExpiresAtField =
+			accountTable!.fields.refreshTokenExpiresAt!;
+		const accessTokenExpiresAtField =
+			accountTable!.fields.accessTokenExpiresAt!;
+
+		expect(refreshTokenExpiresAtField.fieldName).toBe("refreshTokenExpiresAt");
+		expect(accessTokenExpiresAtField.fieldName).toBe("accessTokenExpiresAt");
+	});
+});

package/src/oauth2/oauth-provider.ts

@@ -150,7 +150,7 @@ export type ProviderOptions<Profile extends Record<string, any> = any> = {
 					[key: string]: any;
 				};
 				data: any;
-		  }>)
+		  } | null>)
 		| undefined;
 	/**
 	 * Custom function to refresh a token

package/src/types/context.ts

@@ -165,6 +165,16 @@ export type AuthContext<Options extends BetterAuthOptions = BetterAuthOptions> =
 		appName: string;
 		baseURL: string;
 		trustedOrigins: string[];
+		/**
+		 * Verifies whether url is a trusted origin according to the "trustedOrigins" configuration
+		 * @param url The url to verify against the "trustedOrigins" configuration
+		 * @param settings Specify supported pattern matching settings
+		 * @returns {boolean} true if the URL matches the origin pattern, false otherwise.
+		 */
+		isTrustedOrigin: (
+			url: string,
+			settings?: { allowRelativePaths: boolean },
+		) => boolean;
 		oauthConfig: {
 			/**
 			 * This is dangerous and should only be used in dev or staging environments.

package/src/types/helper.ts

@@ -4,3 +4,7 @@ export type LiteralString = "" | (string & Record<never, never>);
 export type LiteralUnion<LiteralType, BaseType extends Primitive> =
 	| LiteralType
 	| (BaseType & Record<never, never>);
+
+export type Prettify<T> = {
+	[K in keyof T]: T[K];
+} & {};

package/src/utils/id.ts

@@ -0,0 +1,5 @@
+import { createRandomStringGenerator } from "@better-auth/utils/random";
+
+export const generateId = (size?: number) => {
+	return createRandomStringGenerator("a-z", "A-Z", "0-9")(size || 32);
+};

package/src/utils/index.ts

@@ -1 +1,4 @@
 export { defineErrorCodes } from "./error-codes";
+export { generateId } from "./id";
+export { safeJSONParse } from "./json";
+export { capitalizeFirstLetter } from "./string";

package/src/utils/json.ts

@@ -0,0 +1,25 @@
+import { logger } from "../env";
+
+export function safeJSONParse<T>(data: unknown): T | null {
+	function reviver(_: string, value: any): any {
+		if (typeof value === "string") {
+			const iso8601Regex = /^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(?:\.\d+)?Z$/;
+			if (iso8601Regex.test(value)) {
+				const date = new Date(value);
+				if (!isNaN(date.getTime())) {
+					return date;
+				}
+			}
+		}
+		return value;
+	}
+	try {
+		if (typeof data !== "string") {
+			return data as T;
+		}
+		return JSON.parse(data, reviver);
+	} catch (e) {
+		logger.error("Error parsing JSON", { error: e });
+		return null;
+	}
+}

package/src/utils/string.ts

@@ -0,0 +1,3 @@
+export function capitalizeFirstLetter(str: string) {
+	return str.charAt(0).toUpperCase() + str.slice(1);
+}

package/dist/async_hooks-BfRfbd1J.mjs

@@ -1,18 +0,0 @@
-//#region src/async_hooks/index.ts
-const AsyncLocalStoragePromise = import(
-	/* @vite-ignore */
-	/* webpackIgnore: true */
-	"node:async_hooks"
-).then((mod) => mod.AsyncLocalStorage).catch((err) => {
-	if ("AsyncLocalStorage" in globalThis) return globalThis.AsyncLocalStorage;
-	console.warn("[better-auth] Warning: AsyncLocalStorage is not available in this environment. Some features may not work as expected.");
-	console.warn("[better-auth] Please read more about this warning at https://better-auth.com/docs/installation#mount-handler");
-	console.warn("[better-auth] If you are using Cloudflare Workers, please see: https://developers.cloudflare.com/workers/configuration/compatibility-flags/#nodejs-compatibility-flag");
-	throw err;
-});
-async function getAsyncLocalStorage() {
-	return AsyncLocalStoragePromise;
-}
-
-//#endregion
-export { getAsyncLocalStorage as t };

package/dist/utils-C5EN75oV.mjs

@@ -1,7 +0,0 @@
-//#region src/utils/error-codes.ts
-function defineErrorCodes(codes) {
-	return codes;
-}
-
-//#endregion
-export { defineErrorCodes as t };