npm - @better-auth/core - Versions diffs - 1.5.0-beta.16 → 1.5.0-beta.17 - Mend

@better-auth/core 1.5.0-beta.16 → 1.5.0-beta.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/context/global.mjs +1 -1
package/dist/db/adapter/factory.mjs +1 -1
package/dist/index.d.mts +2 -2
package/dist/types/index.d.mts +1 -1
package/dist/types/init-options.d.mts +77 -7
package/package.json +1 -1
package/src/types/index.ts +2 -0
package/src/types/init-options.ts +80 -4

package/dist/context/global.mjs CHANGED Viewed

@@ -2,7 +2,7 @@
 const symbol = Symbol.for("better-auth:global");
 let bind = null;
 const __context = {};
-const __betterAuthVersion = "1.5.0-beta.16";
+const __betterAuthVersion = "1.5.0-beta.17";
 /**
 * We store context instance in the globalThis.
 *

package/dist/db/adapter/factory.mjs CHANGED Viewed

@@ -1,7 +1,7 @@
+import { getAuthTables } from "../get-tables.mjs";
 import { getColorDepth } from "../../env/color-depth.mjs";
 import { TTY_COLORS, createLogger } from "../../env/logger.mjs";
 import "../../env/index.mjs";
-import { getAuthTables } from "../get-tables.mjs";
 import { BetterAuthError } from "../../error/index.mjs";
 import { safeJSONParse } from "../../utils/json.mjs";
 import { initGetDefaultModelName } from "./get-default-model-name.mjs";

package/dist/index.d.mts CHANGED Viewed

@@ -1,8 +1,8 @@
 import { Awaitable, AwaitableFunction, LiteralString, LiteralUnion, Prettify, Primitive, UnionToIntersection } from "./types/helper.mjs";
 import { BetterAuthPlugin, BetterAuthPluginErrorCodePart, HookEndpointContext } from "./types/plugin.mjs";
-import { BetterAuthAdvancedOptions, BetterAuthDBOptions, BetterAuthOptions, BetterAuthRateLimitOptions, BetterAuthRateLimitRule, BetterAuthRateLimitStorage, GenerateIdFn, StoreIdentifierOption } from "./types/init-options.mjs";
+import { BaseURLConfig, BetterAuthAdvancedOptions, BetterAuthDBOptions, BetterAuthOptions, BetterAuthRateLimitOptions, BetterAuthRateLimitRule, BetterAuthRateLimitStorage, DynamicBaseURLConfig, GenerateIdFn, StoreIdentifierOption } from "./types/init-options.mjs";
 import { BetterAuthCookie, BetterAuthCookies } from "./types/cookie.mjs";
 import { AuthContext, BetterAuthPluginRegistry, BetterAuthPluginRegistryIdentifier, GenericEndpointContext, InfoContext, InternalAdapter, PluginContext } from "./types/context.mjs";
 import { BetterAuthClientOptions, BetterAuthClientPlugin, ClientAtomListener, ClientFetchOption, ClientStore } from "./types/plugin-client.mjs";
 import { StandardSchemaV1 } from "./types/index.mjs";
-export { AuthContext, Awaitable, AwaitableFunction, BetterAuthAdvancedOptions, BetterAuthClientOptions, BetterAuthClientPlugin, BetterAuthCookie, BetterAuthCookies, BetterAuthDBOptions, BetterAuthOptions, BetterAuthPlugin, BetterAuthPluginErrorCodePart, BetterAuthPluginRegistry, BetterAuthPluginRegistryIdentifier, BetterAuthRateLimitOptions, BetterAuthRateLimitRule, BetterAuthRateLimitStorage, ClientAtomListener, ClientFetchOption, ClientStore, GenerateIdFn, GenericEndpointContext, HookEndpointContext, InfoContext, InternalAdapter, LiteralString, LiteralUnion, PluginContext, Prettify, Primitive, StandardSchemaV1, StoreIdentifierOption, UnionToIntersection };
+export { AuthContext, Awaitable, AwaitableFunction, BaseURLConfig, BetterAuthAdvancedOptions, BetterAuthClientOptions, BetterAuthClientPlugin, BetterAuthCookie, BetterAuthCookies, BetterAuthDBOptions, BetterAuthOptions, BetterAuthPlugin, BetterAuthPluginErrorCodePart, BetterAuthPluginRegistry, BetterAuthPluginRegistryIdentifier, BetterAuthRateLimitOptions, BetterAuthRateLimitRule, BetterAuthRateLimitStorage, ClientAtomListener, ClientFetchOption, ClientStore, DynamicBaseURLConfig, GenerateIdFn, GenericEndpointContext, HookEndpointContext, InfoContext, InternalAdapter, LiteralString, LiteralUnion, PluginContext, Prettify, Primitive, StandardSchemaV1, StoreIdentifierOption, UnionToIntersection };

package/dist/types/index.d.mts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { Awaitable, AwaitableFunction, LiteralString, LiteralUnion, Prettify, Primitive, UnionToIntersection } from "./helper.mjs";
 import { BetterAuthPlugin, BetterAuthPluginErrorCodePart, HookEndpointContext } from "./plugin.mjs";
-import { BetterAuthAdvancedOptions, BetterAuthDBOptions, BetterAuthOptions, BetterAuthRateLimitOptions, BetterAuthRateLimitRule, BetterAuthRateLimitStorage, GenerateIdFn, StoreIdentifierOption } from "./init-options.mjs";
+import { BaseURLConfig, BetterAuthAdvancedOptions, BetterAuthDBOptions, BetterAuthOptions, BetterAuthRateLimitOptions, BetterAuthRateLimitRule, BetterAuthRateLimitStorage, DynamicBaseURLConfig, GenerateIdFn, StoreIdentifierOption } from "./init-options.mjs";
 import { BetterAuthCookie, BetterAuthCookies } from "./cookie.mjs";
 import { AuthContext, BetterAuthPluginRegistry, BetterAuthPluginRegistryIdentifier, GenericEndpointContext, InfoContext, InternalAdapter, PluginContext } from "./context.mjs";
 import { BetterAuthClientOptions, BetterAuthClientPlugin, ClientAtomListener, ClientFetchOption, ClientStore } from "./plugin-client.mjs";

package/dist/types/init-options.d.mts CHANGED Viewed

@@ -27,6 +27,49 @@ type GenerateIdFn = (options: {
   model: ModelNames;
   size?: number | undefined;
 }) => string | false;
+/**
+ * Configuration for dynamic base URL resolution.
+ * Allows Better Auth to work with multiple domains (e.g., Vercel preview deployments).
+ */
+type DynamicBaseURLConfig = {
+  /**
+   * List of allowed hostnames. Supports wildcard patterns.
+   *
+   * The derived host from the request will be validated against this list.
+   * Uses the same wildcard matching as `trustedOrigins`.
+   *
+   * @example
+   * ```ts
+   * allowedHosts: [
+   *   "myapp.com",           // Exact match
+   *   "*.vercel.app",        // Any Vercel preview
+   *   "preview-*.myapp.com"  // Pattern match
+   * ]
+   * ```
+   */
+  allowedHosts: string[];
+  /**
+   * Fallback URL to use if the derived host doesn't match any allowed host.
+   * If not set, Better Auth will throw an error when the host doesn't match.
+   *
+   * @example "https://myapp.com"
+   */
+  fallback?: string | undefined;
+  /**
+   * Protocol to use when constructing the URL.
+   * - `"https"`: Always use HTTPS (recommended for production)
+   * - `"http"`: Always use HTTP (for local development)
+   * - `"auto"`: Derive from `x-forwarded-proto` header or default to HTTPS
+   *
+   * @default "auto"
+   */
+  protocol?: "http" | "https" | "auto" | undefined;
+};
+/**
+ * Base URL configuration.
+ * Can be a static string or a dynamic config for multi-domain deployments.
+ */
+type BaseURLConfig = string | DynamicBaseURLConfig;
 interface BetterAuthRateLimitStorage {
   get: (key: string) => Promise<RateLimit | null | undefined>;
   set: (key: string, value: RateLimit, update?: boolean | undefined) => Promise<void>;
@@ -281,12 +324,27 @@ type BetterAuthOptions = {
   /**
    * Base URL for the Better Auth. This is typically the
    * root URL where your application server is hosted.
-   * If not explicitly set,
-   * the system will check the following environment variable:
    *
-   * process.env.BETTER_AUTH_URL
+   * Can be configured as:
+   * - A static string: `"https://myapp.com"`
+   * - A dynamic config with allowed hosts for multi-domain deployments
+   *
+   * If not explicitly set, the system will check environment variables:
+   * `BETTER_AUTH_URL`, `NEXT_PUBLIC_BETTER_AUTH_URL`, etc.
+   *
+   * @example
+   * ```ts
+   * // Static URL
+   * baseURL: "https://myapp.com"
+   *
+   * // Dynamic with allowed hosts (for Vercel, multi-domain, etc.)
+   * baseURL: {
+   *   allowedHosts: ["myapp.com", "*.vercel.app", "preview-*.myapp.com"],
+   *   fallback: "https://myapp.com"
+   * }
+   * ```
    */
-  baseURL?: string | undefined;
+  baseURL?: BaseURLConfig | undefined;
   /**
    * Base path for the Better Auth. This is typically
    * the path where the
@@ -398,7 +456,6 @@ type BetterAuthOptions = {
      * it contains the token as well
      * @param token the token to send the verification email to
      */
     data: {
       user: User;
       url: string;
@@ -407,7 +464,6 @@ type BetterAuthOptions = {
     /**
      * The request object
      */
     request?: Request) => Promise<void>;
     /**
      * Send a verification email automatically after sign up.
@@ -544,6 +600,20 @@ type BetterAuthOptions = {
      * @default false
      */
     revokeSessionsOnPasswordReset?: boolean;
+    /**
+     * A callback function that is triggered when a user tries to sign up
+     * with an email that already exists. Useful for notifying the existing user
+     * that someone attempted to register with their email.
+     *
+     * This is only called when `requireEmailVerification: true` or `autoSignIn: false`.
+     */
+    onExistingUserSignUp?: (
+    /**
+     * @param user the existing user from the database
+     */
+    data: {
+      user: User;
+    }, request?: Request) => Promise<void>;
   } | undefined;
   /**
    * list of social providers
@@ -1224,5 +1294,5 @@ type BetterAuthOptions = {
   };
 };
 //#endregion
-export { BetterAuthAdvancedOptions, BetterAuthDBOptions, BetterAuthOptions, BetterAuthRateLimitOptions, BetterAuthRateLimitRule, BetterAuthRateLimitStorage, GenerateIdFn, StoreIdentifierOption };
+export { BaseURLConfig, BetterAuthAdvancedOptions, BetterAuthDBOptions, BetterAuthOptions, BetterAuthRateLimitOptions, BetterAuthRateLimitRule, BetterAuthRateLimitStorage, DynamicBaseURLConfig, GenerateIdFn, StoreIdentifierOption };
 //# sourceMappingURL=init-options.d.mts.map

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/core",
-  "version": "1.5.0-beta.16",
+  "version": "1.5.0-beta.17",
   "description": "The most comprehensive authentication framework for TypeScript.",
   "type": "module",
   "repository": {

package/src/types/index.ts CHANGED Viewed

@@ -14,12 +14,14 @@ export type {
 } from "./cookie";
 export type * from "./helper";
 export type {
+	BaseURLConfig,
 	BetterAuthAdvancedOptions,
 	BetterAuthDBOptions,
 	BetterAuthOptions,
 	BetterAuthRateLimitOptions,
 	BetterAuthRateLimitRule,
 	BetterAuthRateLimitStorage,
+	DynamicBaseURLConfig,
 	GenerateIdFn,
 	StoreIdentifierOption,
 } from "./init-options";

package/src/types/init-options.ts CHANGED Viewed

@@ -46,6 +46,53 @@ export type GenerateIdFn = (options: {
 	size?: number | undefined;
 }) => string | false;
+/**
+ * Configuration for dynamic base URL resolution.
+ * Allows Better Auth to work with multiple domains (e.g., Vercel preview deployments).
+ */
+export type DynamicBaseURLConfig = {
+	/**
+	 * List of allowed hostnames. Supports wildcard patterns.
+	 *
+	 * The derived host from the request will be validated against this list.
+	 * Uses the same wildcard matching as `trustedOrigins`.
+	 *
+	 * @example
+	 * ```ts
+	 * allowedHosts: [
+	 *   "myapp.com",           // Exact match
+	 *   "*.vercel.app",        // Any Vercel preview
+	 *   "preview-*.myapp.com"  // Pattern match
+	 * ]
+	 * ```
+	 */
+	allowedHosts: string[];
+	/**
+	 * Fallback URL to use if the derived host doesn't match any allowed host.
+	 * If not set, Better Auth will throw an error when the host doesn't match.
+	 *
+	 * @example "https://myapp.com"
+	 */
+	fallback?: string | undefined;
+	/**
+	 * Protocol to use when constructing the URL.
+	 * - `"https"`: Always use HTTPS (recommended for production)
+	 * - `"http"`: Always use HTTP (for local development)
+	 * - `"auto"`: Derive from `x-forwarded-proto` header or default to HTTPS
+	 *
+	 * @default "auto"
+	 */
+	protocol?: "http" | "https" | "auto" | undefined;
+};
+/**
+ * Base URL configuration.
+ * Can be a static string or a dynamic config for multi-domain deployments.
+ */
+export type BaseURLConfig = string | DynamicBaseURLConfig;
 export interface BetterAuthRateLimitStorage {
 	get: (key: string) => Promise<RateLimit | null | undefined>;
 	set: (
@@ -346,12 +393,27 @@ export type BetterAuthOptions = {
 	/**
 	 * Base URL for the Better Auth. This is typically the
 	 * root URL where your application server is hosted.
-	 * If not explicitly set,
-	 * the system will check the following environment variable:
 	 *
-	 * process.env.BETTER_AUTH_URL
+	 * Can be configured as:
+	 * - A static string: `"https://myapp.com"`
+	 * - A dynamic config with allowed hosts for multi-domain deployments
+	 *
+	 * If not explicitly set, the system will check environment variables:
+	 * `BETTER_AUTH_URL`, `NEXT_PUBLIC_BETTER_AUTH_URL`, etc.
+	 *
+	 * @example
+	 * ```ts
+	 * // Static URL
+	 * baseURL: "https://myapp.com"
+	 *
+	 * // Dynamic with allowed hosts (for Vercel, multi-domain, etc.)
+	 * baseURL: {
+	 *   allowedHosts: ["myapp.com", "*.vercel.app", "preview-*.myapp.com"],
+	 *   fallback: "https://myapp.com"
+	 * }
+	 * ```
 	 */
-	baseURL?: string | undefined;
+	baseURL?: BaseURLConfig | undefined;
 	/**
 	 * Base path for the Better Auth. This is typically
 	 * the path where the
@@ -627,6 +689,20 @@ export type BetterAuthOptions = {
 				 * @default false
 				 */
 				revokeSessionsOnPasswordReset?: boolean;
+				/**
+				 * A callback function that is triggered when a user tries to sign up
+				 * with an email that already exists. Useful for notifying the existing user
+				 * that someone attempted to register with their email.
+				 *
+				 * This is only called when `requireEmailVerification: true` or `autoSignIn: false`.
+				 */
+				onExistingUserSignUp?: (
+					/**
+					 * @param user the existing user from the database
+					 */
+					data: { user: User },
+					request?: Request,
+				) => Promise<void>;
 		  }
 		| undefined;
 	/**