@better-auth/core 1.5.0-beta.4 → 1.5.0-beta.5

package/dist/types/plugin-client.d.mts

@@ -0,0 +1,110 @@
+import { LiteralString } from "./helper.mjs";
+import { BetterAuthPlugin } from "./plugin.mjs";
+import { BetterAuthOptions } from "./init-options.mjs";
+import { BetterFetch, BetterFetchOption, BetterFetchPlugin } from "@better-fetch/fetch";
+import { Atom, WritableAtom } from "nanostores";
+
+//#region src/types/plugin-client.d.ts
+interface ClientStore {
+  notify: (signal: string) => void;
+  listen: (signal: string, listener: () => void) => void;
+  atoms: Record<string, WritableAtom<any>>;
+}
+type ClientAtomListener = {
+  matcher: (path: string) => boolean;
+  signal: "$sessionSignal" | Omit<string, "$sessionSignal">;
+};
+/**
+ * Better-Fetch options but with additional options for the auth-client.
+ */
+type ClientFetchOption<Body = any, Query extends Record<string, any> = any, Params extends Record<string, any> | Array<string> | undefined = any, Res = any> = BetterFetchOption<Body, Query, Params, Res> & {
+  /**
+   * Certain endpoints, upon successful response, will trigger atom signals and thus rerendering all hooks related to that atom.
+   *
+   * This option is useful when you want to skip hook rerenders.
+   */
+  disableSignal?: boolean | undefined;
+};
+interface RevalidateOptions {
+  /**
+   * A time interval (in seconds) after which the session will be re-fetched.
+   * If set to `0` (default), the session is not polled.
+   *
+   * This helps prevent session expiry during idle periods by periodically
+   * refreshing the session.
+   *
+   * @default 0
+   */
+  refetchInterval?: number | undefined;
+  /**
+   * Automatically refetch the session when the user switches back to the window/tab.
+   * This option activates this behavior if set to `true` (default).
+   *
+   * Prevents expired sessions when users switch tabs and come back later.
+   *
+   * @default true
+   */
+  refetchOnWindowFocus?: boolean | undefined;
+  /**
+   * Set to `false` to stop polling when the device has no internet access
+   * (determined by `navigator.onLine`).
+   *
+   * @default false
+   * @see https://developer.mozilla.org/en-US/docs/Web/API/NavigatorOnLine/onLine
+   */
+  refetchWhenOffline?: boolean | undefined;
+}
+interface BetterAuthClientOptions {
+  fetchOptions?: ClientFetchOption | undefined;
+  plugins?: BetterAuthClientPlugin[] | undefined;
+  baseURL?: string | undefined;
+  basePath?: string | undefined;
+  disableDefaultFetchPlugins?: boolean | undefined;
+  $InferAuth?: BetterAuthOptions | undefined;
+  sessionOptions?: RevalidateOptions | undefined;
+}
+interface BetterAuthClientPlugin {
+  id: LiteralString;
+  /**
+   * only used for type inference. don't pass the
+   * actual plugin
+   */
+  $InferServerPlugin?: BetterAuthPlugin | undefined;
+  /**
+   * Custom actions
+   */
+  getActions?: ($fetch: BetterFetch, $store: ClientStore,
+  /**
+   * better-auth client options
+   */
+  options: BetterAuthClientOptions | undefined) => Record<string, any>;
+  /**
+   * State atoms that'll be resolved by each framework
+   * auth store.
+   */
+  getAtoms?: (($fetch: BetterFetch) => Record<string, Atom<any>>) | undefined;
+  /**
+   * specify path methods for server plugin inferred
+   * endpoints to force a specific method.
+   */
+  pathMethods?: Record<string, "POST" | "GET"> | undefined;
+  /**
+   * Better fetch plugins
+   */
+  fetchPlugins?: BetterFetchPlugin[] | undefined;
+  /**
+   * a list of recaller based on a matcher function.
+   * The signal name needs to match a signal in this
+   * plugin or any plugin the user might have added.
+   */
+  atomListeners?: ClientAtomListener[] | undefined;
+  /**
+   * The error codes returned by the plugin
+   */
+  $ERROR_CODES?: Record<string, {
+    code: string;
+    message: string;
+  }>;
+}
+//#endregion
+export { BetterAuthClientOptions, BetterAuthClientPlugin, ClientAtomListener, ClientFetchOption, ClientStore };

package/dist/types/plugin.d.mts

@@ -0,0 +1,124 @@
+import { BetterAuthPluginDBSchema } from "../db/plugin.mjs";
+import "../db/index.mjs";
+import { Awaitable, LiteralString } from "./helper.mjs";
+import { BetterAuthOptions } from "./init-options.mjs";
+import { AuthContext } from "./context.mjs";
+import { AuthMiddleware } from "../api/index.mjs";
+import { Endpoint, EndpointContext, InputContext, Middleware } from "better-call";
+import { Migration } from "kysely";
+
+//#region src/types/plugin.d.ts
+type DeepPartial<T> = T extends Function ? T : T extends object ? { [K in keyof T]?: DeepPartial<T[K]> } : T;
+type HookEndpointContext = Partial<EndpointContext<string, any> & Omit<InputContext<string, any>, "method">> & {
+  path?: string;
+  context: AuthContext & {
+    returned?: unknown | undefined;
+    responseHeaders?: Headers | undefined;
+  };
+  headers?: Headers | undefined;
+};
+type BetterAuthPlugin = {
+  id: LiteralString;
+  /**
+   * The init function is called when the plugin is initialized.
+   * You can return a new context or modify the existing context.
+   */
+  init?: ((ctx: AuthContext) => Awaitable<{
+    context?: DeepPartial<Omit<AuthContext, "options">>;
+    options?: Partial<BetterAuthOptions>;
+  }> | void | Promise<void>) | undefined;
+  endpoints?: {
+    [key: string]: Endpoint;
+  } | undefined;
+  middlewares?: {
+    path: string;
+    middleware: Middleware;
+  }[] | undefined;
+  onRequest?: ((request: Request, ctx: AuthContext) => Promise<{
+    response: Response;
+  } | {
+    request: Request;
+  } | void>) | undefined;
+  onResponse?: ((response: Response, ctx: AuthContext) => Promise<{
+    response: Response;
+  } | void>) | undefined;
+  hooks?: {
+    before?: {
+      matcher: (context: HookEndpointContext) => boolean;
+      handler: AuthMiddleware;
+    }[];
+    after?: {
+      matcher: (context: HookEndpointContext) => boolean;
+      handler: AuthMiddleware;
+    }[];
+  } | undefined;
+  /**
+   * Schema the plugin needs
+   *
+   * This will also be used to migrate the database. If the fields are dynamic from the plugins
+   * configuration each time the configuration is changed a new migration will be created.
+   *
+   * NOTE: If you want to create migrations manually using
+   * migrations option or any other way you
+   * can disable migration per table basis.
+   *
+   * @example
+   * ```ts
+   * schema: {
+   * 	user: {
+   * 		fields: {
+   * 			email: {
+   * 				 type: "string",
+   * 			},
+   * 			emailVerified: {
+   * 				type: "boolean",
+   * 				defaultValue: false,
+   * 			},
+   * 		},
+   * 	}
+   * } as AuthPluginSchema
+   * ```
+   */
+  schema?: BetterAuthPluginDBSchema | undefined;
+  /**
+   * The migrations of the plugin. If you define schema that will automatically create
+   * migrations for you.
+   *
+   * ⚠️ Only uses this if you dont't want to use the schema option and you disabled migrations for
+   * the tables.
+   */
+  migrations?: Record<string, Migration> | undefined;
+  /**
+   * The options of the plugin
+   */
+  options?: Record<string, any> | undefined;
+  /**
+   * types to be inferred
+   */
+  $Infer?: Record<string, any> | undefined;
+  /**
+   * The rate limit rules to apply to specific paths.
+   */
+  rateLimit?: {
+    window: number;
+    max: number;
+    pathMatcher: (path: string) => boolean;
+  }[] | undefined;
+  /**
+   * The error codes returned by the plugin
+   */
+  $ERROR_CODES?: Record<string, {
+    code: string;
+    message: string;
+  }> | undefined;
+  /**
+   * All database operations that are performed by the plugin
+   *
+   * This will override the default database operations
+   */
+  adapter?: {
+    [key: string]: (...args: any[]) => Awaitable<any>;
+  };
+};
+//#endregion
+export { BetterAuthPlugin, HookEndpointContext };

package/dist/utils/deprecate.d.mts

@@ -0,0 +1,10 @@
+import { InternalLogger } from "../env/logger.mjs";
+
+//#region src/utils/deprecate.d.ts
+
+/**
+ * Wraps a function to log a deprecation warning at once.
+ */
+declare function deprecate<T extends (...args: any[]) => any>(fn: T, message: string, logger?: InternalLogger): T;
+//#endregion
+export { deprecate };

package/dist/utils/deprecate.mjs

@@ -0,0 +1,17 @@
+//#region src/utils/deprecate.ts
+/**
+* Wraps a function to log a deprecation warning at once.
+*/
+function deprecate(fn, message, logger) {
+	let warned = false;
+	return function(...args) {
+		if (!warned) {
+			(logger?.warn ?? console.warn)(`[Deprecation] ${message}`);
+			warned = true;
+		}
+		return fn.apply(this, args);
+	};
+}
+
+//#endregion
+export { deprecate };

package/dist/utils/{index.d.mts → error-codes.d.mts}

@@ -1,12 +1,3 @@
-import { t as InternalLogger } from "../index-BRBu0-5h.mjs";
-
-//#region src/utils/deprecate.d.ts
-
-/**
- * Wraps a function to log a deprecation warning at once.
- */
-declare function deprecate<T extends (...args: any[]) => any>(fn: T, message: string, logger?: InternalLogger): T;
-//#endregion
 //#region src/utils/error-codes.d.ts
 type UpperLetter = "A" | "B" | "C" | "D" | "E" | "F" | "G" | "H" | "I" | "J" | "K" | "L" | "M" | "N" | "O" | "P" | "Q" | "R" | "S" | "T" | "U" | "V" | "W" | "X" | "Y" | "Z";
 type SpecialCharacter = "_";
@@ -18,13 +9,4 @@ declare function defineErrorCodes<const T extends Record<string, string>>(codes:
   message: T[K];
 } };
 //#endregion
-//#region src/utils/id.d.ts
-declare const generateId: (size?: number) => string;
-//#endregion
-//#region src/utils/json.d.ts
-declare function safeJSONParse<T>(data: unknown): T | null;
-//#endregion
-//#region src/utils/string.d.ts
-declare function capitalizeFirstLetter(str: string): string;
-//#endregion
-export { capitalizeFirstLetter, defineErrorCodes, deprecate, generateId, safeJSONParse };
+export { defineErrorCodes };

package/dist/utils/error-codes.mjs

@@ -0,0 +1,11 @@
+//#region src/utils/error-codes.ts
+function defineErrorCodes(codes) {
+	return Object.fromEntries(Object.entries(codes).map(([key, value]) => [key, {
+		code: key,
+		message: value,
+		toString: () => value
+	}]));
+}
+
+//#endregion
+export { defineErrorCodes };

package/dist/utils/id.d.mts

@@ -0,0 +1,4 @@
+//#region src/utils/id.d.ts
+declare const generateId: (size?: number) => string;
+//#endregion
+export { generateId };

package/dist/utils/id.mjs

@@ -0,0 +1,9 @@
+import { createRandomStringGenerator } from "@better-auth/utils/random";
+
+//#region src/utils/id.ts
+const generateId = (size) => {
+	return createRandomStringGenerator("a-z", "A-Z", "0-9")(size || 32);
+};
+
+//#endregion
+export { generateId };

package/dist/utils/json.d.mts

@@ -0,0 +1,4 @@
+//#region src/utils/json.d.ts
+declare function safeJSONParse<T>(data: unknown): T | null;
+//#endregion
+export { safeJSONParse };

package/dist/utils/json.mjs

@@ -0,0 +1,25 @@
+import { logger } from "../env/logger.mjs";
+import "../env/index.mjs";
+
+//#region src/utils/json.ts
+function safeJSONParse(data) {
+	function reviver(_, value) {
+		if (typeof value === "string") {
+			if (/^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(?:\.\d+)?Z$/.test(value)) {
+				const date = new Date(value);
+				if (!isNaN(date.getTime())) return date;
+			}
+		}
+		return value;
+	}
+	try {
+		if (typeof data !== "string") return data;
+		return JSON.parse(data, reviver);
+	} catch (e) {
+		logger.error("Error parsing JSON", { error: e });
+		return null;
+	}
+}
+
+//#endregion
+export { safeJSONParse };

package/dist/utils/string.d.mts

@@ -0,0 +1,4 @@
+//#region src/utils/string.d.ts
+declare function capitalizeFirstLetter(str: string): string;
+//#endregion
+export { capitalizeFirstLetter };

package/dist/utils/string.mjs

@@ -0,0 +1,7 @@
+//#region src/utils/string.ts
+function capitalizeFirstLetter(str) {
+	return str.charAt(0).toUpperCase() + str.slice(1);
+}
+
+//#endregion
+export { capitalizeFirstLetter };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/core",
-  "version": "1.5.0-beta.4",
+  "version": "1.5.0-beta.5",
   "description": "The most comprehensive authentication framework for TypeScript.",
   "type": "module",
   "repository": {
@@ -48,10 +48,10 @@
       "types": "./dist/error/index.d.mts",
       "default": "./dist/error/index.mjs"
     },
-    "./utils": {
-      "dev-source": "./src/utils/index.ts",
-      "types": "./dist/utils/index.d.mts",
-      "default": "./dist/utils/index.mjs"
+    "./utils/*": {
+      "dev-source": "./src/utils/*.ts",
+      "types": "./dist/utils/*.d.mts",
+      "default": "./dist/utils/*.mjs"
     },
     "./social-providers": {
       "dev-source": "./src/social-providers/index.ts",
@@ -97,6 +97,9 @@
       "utils": [
         "dist/utils/index.d.mts"
       ],
+      "utils/*": [
+        "dist/utils/*.d.mts"
+      ],
       "social-providers": [
         "dist/social-providers/index.d.mts"
       ],
@@ -118,7 +121,7 @@
     "jose": "^6.1.0",
     "kysely": "^0.28.5",
     "nanostores": "^1.0.1",
-    "tsdown": "^0.17.2"
+    "tsdown": "^0.19.0"
   },
   "dependencies": {
     "@standard-schema/spec": "^1.0.0",

package/src/db/adapter/get-id-field.ts

@@ -1,6 +1,6 @@
 import { logger } from "../../env";
 import type { BetterAuthOptions } from "../../types";
-import { generateId as defaultGenerateId } from "../../utils";
+import { generateId as defaultGenerateId } from "../../utils/id";
 import type { BetterAuthDBSchema, DBFieldAttribute } from "../type";
 import { initGetDefaultModelName } from "./get-default-model-name";
 

package/src/error/codes.ts

@@ -1,4 +1,4 @@
-import { defineErrorCodes } from "../utils";
+import { defineErrorCodes } from "../utils/error-codes";
 
 export const BASE_ERROR_CODES = defineErrorCodes({
 	USER_NOT_FOUND: "User not found",

package/src/oauth2/create-authorization-url.ts

@@ -40,7 +40,7 @@ export async function createAuthorizationURL({
 	additionalParams?: Record<string, string> | undefined;
 	scopeJoiner?: string | undefined;
 }) {
-	const url = new URL(authorizationEndpoint);
+	const url = new URL(options.authorizationEndpoint || authorizationEndpoint);
 	url.searchParams.set("response_type", responseType || "code");
 	const primaryClientId = Array.isArray(options.clientId)
 		? options.clientId[0]

package/src/oauth2/oauth-provider.ts

@@ -119,6 +119,12 @@ export type ProviderOptions<Profile extends Record<string, any> = any> = {
 	 * whitelisted in the provider's dashboard.
 	 */
 	redirectURI?: string | undefined;
+	/**
+	 * Custom authorization endpoint URL.
+	 * Use this to override the default authorization endpoint of the provider.
+	 * Useful for testing with local OAuth servers or using sandbox environments.
+	 */
+	authorizationEndpoint?: string | undefined;
 	/**
 	 * The client key of your application
 	 * Tiktok Social Provider uses this field instead of clientId

package/tsdown.config.ts

@@ -14,9 +14,11 @@ export default defineConfig({
 		"./src/oauth2/index.ts",
 		"./src/api/index.ts",
 		"./src/social-providers/index.ts",
-		"./src/utils/index.ts",
+		"./src/utils/*.ts",
+		"!./src/utils/*.test.ts",
 		"./src/error/index.ts",
 	],
 	external: ["@better-auth/core/async_hooks"],
+	unbundle: true,
 	clean: true,
 });

package/dist/context-BBNwughv.mjs

@@ -1,133 +0,0 @@
-import { getAsyncLocalStorage } from "@better-auth/core/async_hooks";
-
-//#region src/context/endpoint-context.ts
-let currentContextAsyncStorage = null;
-const ensureAsyncStorage$2 = async () => {
-	if (!currentContextAsyncStorage) currentContextAsyncStorage = new (await (getAsyncLocalStorage()))();
-	return currentContextAsyncStorage;
-};
-/**
-* This is for internal use only. Most users should use `getCurrentAuthContext` instead.
-*
-* It is exposed for advanced use cases where you need direct access to the AsyncLocalStorage instance.
-*/
-async function getCurrentAuthContextAsyncLocalStorage() {
-	return ensureAsyncStorage$2();
-}
-async function getCurrentAuthContext() {
-	const context = (await ensureAsyncStorage$2()).getStore();
-	if (!context) throw new Error("No auth context found. Please make sure you are calling this function within a `runWithEndpointContext` callback.");
-	return context;
-}
-async function runWithEndpointContext(context, fn) {
-	return (await ensureAsyncStorage$2()).run(context, fn);
-}
-
-//#endregion
-//#region src/context/request-state.ts
-let requestStateAsyncStorage = null;
-const ensureAsyncStorage$1 = async () => {
-	if (!requestStateAsyncStorage) requestStateAsyncStorage = new (await (getAsyncLocalStorage()))();
-	return requestStateAsyncStorage;
-};
-async function getRequestStateAsyncLocalStorage() {
-	return ensureAsyncStorage$1();
-}
-async function hasRequestState() {
-	return (await ensureAsyncStorage$1()).getStore() !== void 0;
-}
-async function getCurrentRequestState() {
-	const store = (await ensureAsyncStorage$1()).getStore();
-	if (!store) throw new Error("No request state found. Please make sure you are calling this function within a `runWithRequestState` callback.");
-	return store;
-}
-async function runWithRequestState(store, fn) {
-	return (await ensureAsyncStorage$1()).run(store, fn);
-}
-function defineRequestState(initFn) {
-	const ref = Object.freeze({});
-	return {
-		get ref() {
-			return ref;
-		},
-		async get() {
-			const store = await getCurrentRequestState();
-			if (!store.has(ref)) {
-				const initialValue = await initFn();
-				store.set(ref, initialValue);
-				return initialValue;
-			}
-			return store.get(ref);
-		},
-		async set(value) {
-			(await getCurrentRequestState()).set(ref, value);
-		}
-	};
-}
-
-//#endregion
-//#region src/context/transaction.ts
-let currentAdapterAsyncStorage = null;
-const ensureAsyncStorage = async () => {
-	if (!currentAdapterAsyncStorage) currentAdapterAsyncStorage = new (await (getAsyncLocalStorage()))();
-	return currentAdapterAsyncStorage;
-};
-/**
-* This is for internal use only. Most users should use `getCurrentAdapter` instead.
-*
-* It is exposed for advanced use cases where you need direct access to the AsyncLocalStorage instance.
-*/
-const getCurrentDBAdapterAsyncLocalStorage = async () => {
-	return ensureAsyncStorage();
-};
-const getCurrentAdapter = async (fallback) => {
-	return ensureAsyncStorage().then((als) => {
-		return als.getStore() || fallback;
-	}).catch(() => {
-		return fallback;
-	});
-};
-const runWithAdapter = async (adapter, fn) => {
-	let called = true;
-	return ensureAsyncStorage().then((als) => {
-		called = true;
-		return als.run(adapter, fn);
-	}).catch((err) => {
-		if (!called) return fn();
-		throw err;
-	});
-};
-const runWithTransaction = async (adapter, fn) => {
-	let called = true;
-	return ensureAsyncStorage().then((als) => {
-		called = true;
-		return adapter.transaction(async (trx) => {
-			return als.run(trx, fn);
-		});
-	}).catch((err) => {
-		if (!called) return fn();
-		throw err;
-	});
-};
-
-//#endregion
-//#region src/context/index.ts
-const glo = typeof globalThis !== "undefined" ? globalThis : typeof window !== "undefined" ? window : typeof global !== "undefined" ? global : {};
-const importIdentifier = "__ $BETTER_AUTH$ __";
-if (glo[importIdentifier] === true)
- /**
-* Dear reader of this message. Please take this seriously.
-*
-* If you see this message, make sure that you only import one version of Better Auth. In many cases,
-* your package manager installs two versions of Better Auth that are used by different packages within your project.
-*
-* This often leads to issues that are hard to debug. We often need to ensure async local storage instance,
-* If you imported different versions of Better Auth, it is impossible for us to
-* do status synchronization per request anymore - which might break the states.
-*
-*/
-console.error("Better Auth was already imported. This breaks async local storage instance and will lead to issues!");
-glo[importIdentifier] = true;
-
-//#endregion
-export { defineRequestState as a, hasRequestState as c, getCurrentAuthContextAsyncLocalStorage as d, runWithEndpointContext as f, runWithTransaction as i, runWithRequestState as l, getCurrentDBAdapterAsyncLocalStorage as n, getCurrentRequestState as o, runWithAdapter as r, getRequestStateAsyncLocalStorage as s, getCurrentAdapter as t, getCurrentAuthContext as u };