@better-auth/core 1.5.0-beta.9 → 1.5.0

package/src/db/get-tables.ts

@@ -32,16 +32,21 @@ export const getAuthTables = (
 			fields: {
 				key: {
 					type: "string",
+					unique: true,
+					required: true,
 					fieldName: options.rateLimit?.fields?.key || "key",
 				},
 				count: {
 					type: "number",
+					required: true,
 					fieldName: options.rateLimit?.fields?.count || "count",
 				},
 				lastRequest: {
 					type: "number",
 					bigint: true,
+					required: true,
 					fieldName: options.rateLimit?.fields?.lastRequest || "lastRequest",
+					defaultValue: () => Date.now(),
 				},
 			},
 		},
@@ -50,6 +55,46 @@ export const getAuthTables = (
 	const { user, session, account, verification, ...pluginTables } =
 		pluginSchema;
 
+	const verificationTable = {
+		verification: {
+			modelName: options.verification?.modelName || "verification",
+			fields: {
+				identifier: {
+					type: "string",
+					required: true,
+					fieldName: options.verification?.fields?.identifier || "identifier",
+					index: true,
+				},
+				value: {
+					type: "string",
+					required: true,
+					fieldName: options.verification?.fields?.value || "value",
+				},
+				expiresAt: {
+					type: "date",
+					required: true,
+					fieldName: options.verification?.fields?.expiresAt || "expiresAt",
+				},
+				createdAt: {
+					type: "date",
+					required: true,
+					defaultValue: () => new Date(),
+					fieldName: options.verification?.fields?.createdAt || "createdAt",
+				},
+				updatedAt: {
+					type: "date",
+					required: true,
+					defaultValue: () => new Date(),
+					onUpdate: () => new Date(),
+					fieldName: options.verification?.fields?.updatedAt || "updatedAt",
+				},
+				...verification?.fields,
+				...options.verification?.additionalFields,
+			},
+			order: 4,
+		},
+	} satisfies BetterAuthDBSchema;
+
 	const sessionTable = {
 		session: {
 			modelName: options.session?.modelName || "session",
@@ -242,43 +287,9 @@ export const getAuthTables = (
 			},
 			order: 3,
 		},
-		verification: {
-			modelName: options.verification?.modelName || "verification",
-			fields: {
-				identifier: {
-					type: "string",
-					required: true,
-					fieldName: options.verification?.fields?.identifier || "identifier",
-					index: true,
-				},
-				value: {
-					type: "string",
-					required: true,
-					fieldName: options.verification?.fields?.value || "value",
-				},
-				expiresAt: {
-					type: "date",
-					required: true,
-					fieldName: options.verification?.fields?.expiresAt || "expiresAt",
-				},
-				createdAt: {
-					type: "date",
-					required: true,
-					defaultValue: () => new Date(),
-					fieldName: options.verification?.fields?.createdAt || "createdAt",
-				},
-				updatedAt: {
-					type: "date",
-					required: true,
-					defaultValue: () => new Date(),
-					onUpdate: () => new Date(),
-					fieldName: options.verification?.fields?.updatedAt || "updatedAt",
-				},
-				...verification?.fields,
-				...options.verification?.additionalFields,
-			},
-			order: 4,
-		},
+		...(!options.secondaryStorage || options.verification?.storeInDatabase
+			? verificationTable
+			: {}),
 		...pluginTables,
 		...(shouldAddRateLimitTable ? rateLimitTable : {}),
 	} satisfies BetterAuthDBSchema;

package/src/db/index.ts

@@ -1,11 +1,27 @@
 export { getAuthTables } from "./get-tables";
 export type { BetterAuthPluginDBSchema } from "./plugin";
-export { type Account, accountSchema } from "./schema/account";
-export { type RateLimit, rateLimitSchema } from "./schema/rate-limit";
-export { type Session, sessionSchema } from "./schema/session";
+export {
+	type Account,
+	accountSchema,
+	type BaseAccount,
+} from "./schema/account";
+export {
+	type BaseRateLimit,
+	type RateLimit,
+	rateLimitSchema,
+} from "./schema/rate-limit";
+export {
+	type BaseSession,
+	type Session,
+	sessionSchema,
+} from "./schema/session";
 export { coreSchema } from "./schema/shared";
-export { type User, userSchema } from "./schema/user";
-export { type Verification, verificationSchema } from "./schema/verification";
+export { type BaseUser, type User, userSchema } from "./schema/user";
+export {
+	type BaseVerification,
+	type Verification,
+	verificationSchema,
+} from "./schema/verification";
 export type {
 	BaseModelNames,
 	BetterAuthDBSchema,
@@ -13,6 +29,15 @@ export type {
 	DBFieldAttributeConfig,
 	DBFieldType,
 	DBPrimitive,
+	InferDBFieldInput,
+	InferDBFieldOutput,
+	InferDBFieldsFromOptions,
+	InferDBFieldsFromOptionsInput,
+	InferDBFieldsFromPlugins,
+	InferDBFieldsFromPluginsInput,
+	InferDBFieldsInput,
+	InferDBFieldsOutput,
+	InferDBValueType,
 	ModelNames,
 	SecondaryStorage,
 } from "./type";

package/src/db/schema/account.ts

@@ -1,4 +1,10 @@
 import * as z from "zod";
+import type { Prettify } from "../../types";
+import type { BetterAuthOptions } from "../../types/init-options";
+import type {
+	InferDBFieldsFromOptions,
+	InferDBFieldsFromPlugins,
+} from "../type";
 import { coreSchema } from "./shared";
 
 export const accountSchema = coreSchema.extend({
@@ -26,9 +32,16 @@ export const accountSchema = coreSchema.extend({
 	password: z.string().nullish(),
 });
 
+export type BaseAccount = z.infer<typeof accountSchema>;
+
 /**
  * Account schema type used by better-auth, note that it's possible that account could have additional fields
- *
- * todo: we should use generics to extend this type with additional fields from plugins and options in the future
  */
-export type Account = z.infer<typeof accountSchema>;
+export type Account<
+	DBOptions extends BetterAuthOptions["account"] = BetterAuthOptions["account"],
+	Plugins extends BetterAuthOptions["plugins"] = BetterAuthOptions["plugins"],
+> = Prettify<
+	BaseAccount &
+		InferDBFieldsFromOptions<DBOptions> &
+		InferDBFieldsFromPlugins<"account", Plugins>
+>;

package/src/db/schema/rate-limit.ts

@@ -1,4 +1,9 @@
 import * as z from "zod";
+import type { BetterAuthOptions, Prettify } from "../../types";
+import type {
+	InferDBFieldsFromOptions,
+	InferDBFieldsFromPlugins,
+} from "../type";
 
 export const rateLimitSchema = z.object({
 	/**
@@ -15,7 +20,17 @@ export const rateLimitSchema = z.object({
 	lastRequest: z.number(),
 });
 
+export type BaseRateLimit = z.infer<typeof rateLimitSchema>;
+
 /**
  * Rate limit schema type used by better-auth for rate limiting
  */
-export type RateLimit = z.infer<typeof rateLimitSchema>;
+export type RateLimit<
+	DBOptions extends
+		BetterAuthOptions["rateLimit"] = BetterAuthOptions["rateLimit"],
+	Plugins extends BetterAuthOptions["plugins"] = BetterAuthOptions["plugins"],
+> = Prettify<
+	BaseRateLimit &
+		InferDBFieldsFromOptions<DBOptions> &
+		InferDBFieldsFromPlugins<"rateLimit", Plugins>
+>;

package/src/db/schema/session.ts

@@ -1,4 +1,9 @@
 import * as z from "zod";
+import type { BetterAuthOptions, Prettify } from "../../types";
+import type {
+	InferDBFieldsFromOptions,
+	InferDBFieldsFromPlugins,
+} from "../type";
 import { coreSchema } from "./shared";
 
 export const sessionSchema = coreSchema.extend({
@@ -9,9 +14,16 @@ export const sessionSchema = coreSchema.extend({
 	userAgent: z.string().nullish(),
 });
 
+export type BaseSession = z.infer<typeof sessionSchema>;
+
 /**
  * Session schema type used by better-auth, note that it's possible that session could have additional fields
- *
- * todo: we should use generics to extend this type with additional fields from plugins and options in the future
  */
-export type Session = z.infer<typeof sessionSchema>;
+export type Session<
+	DBOptions extends BetterAuthOptions["session"] = BetterAuthOptions["session"],
+	Plugins extends BetterAuthOptions["plugins"] = BetterAuthOptions["plugins"],
+> = Prettify<
+	z.infer<typeof sessionSchema> &
+		InferDBFieldsFromOptions<DBOptions> &
+		InferDBFieldsFromPlugins<"session", Plugins>
+>;

package/src/db/schema/user.ts

@@ -1,4 +1,9 @@
 import * as z from "zod";
+import type { BetterAuthOptions, Prettify } from "../../types";
+import type {
+	InferDBFieldsFromOptions,
+	InferDBFieldsFromPlugins,
+} from "../type";
 import { coreSchema } from "./shared";
 
 export const userSchema = coreSchema.extend({
@@ -8,9 +13,16 @@ export const userSchema = coreSchema.extend({
 	image: z.string().nullish(),
 });
 
+export type BaseUser = z.infer<typeof userSchema>;
+
 /**
  * User schema type used by better-auth, note that it's possible that user could have additional fields
- *
- * todo: we should use generics to extend this type with additional fields from plugins and options in the future
  */
-export type User = z.infer<typeof userSchema>;
+export type User<
+	DBOptions extends BetterAuthOptions["user"] = BetterAuthOptions["user"],
+	Plugins extends BetterAuthOptions["plugins"] = BetterAuthOptions["plugins"],
+> = Prettify<
+	BaseUser &
+		InferDBFieldsFromOptions<DBOptions> &
+		InferDBFieldsFromPlugins<"user", Plugins>
+>;

package/src/db/schema/verification.ts

@@ -1,4 +1,9 @@
 import * as z from "zod";
+import type { BetterAuthOptions, Prettify } from "../../types";
+import type {
+	InferDBFieldsFromOptions,
+	InferDBFieldsFromPlugins,
+} from "../type";
 import { coreSchema } from "./shared";
 
 export const verificationSchema = coreSchema.extend({
@@ -7,9 +12,17 @@ export const verificationSchema = coreSchema.extend({
 	identifier: z.string(),
 });
 
+export type BaseVerification = z.infer<typeof verificationSchema>;
+
 /**
  * Verification schema type used by better-auth, note that it's possible that verification could have additional fields
- *
- * todo: we should use generics to extend this type with additional fields from plugins and options in the future
  */
-export type Verification = z.infer<typeof verificationSchema>;
+export type Verification<
+	DBOptions extends
+		BetterAuthOptions["verification"] = BetterAuthOptions["verification"],
+	Plugins extends BetterAuthOptions["plugins"] = BetterAuthOptions["plugins"],
+> = Prettify<
+	BaseVerification &
+		InferDBFieldsFromOptions<DBOptions> &
+		InferDBFieldsFromPlugins<"verification", Plugins>
+>;

package/src/db/test/get-tables.test.ts

@@ -80,4 +80,37 @@ describe("getAuthTables", () => {
 		expect(newField.fieldName).toBe("new_field");
 		expect(newField.type).toBe("string");
 	});
+
+	it("should exclude verification table when secondaryStorage is configured", () => {
+		const tables = getAuthTables({
+			secondaryStorage: {
+				get: async () => null,
+				set: async () => {},
+				delete: async () => {},
+			},
+		});
+
+		expect(tables.verification).toBeUndefined();
+	});
+
+	it("should include verification table when storeInDatabase is true", () => {
+		const tables = getAuthTables({
+			secondaryStorage: {
+				get: async () => null,
+				set: async () => {},
+				delete: async () => {},
+			},
+			verification: {
+				storeInDatabase: true,
+			},
+		});
+
+		expect(tables.verification).toBeDefined();
+	});
+
+	it("should include verification table when no secondaryStorage", () => {
+		const tables = getAuthTables({});
+
+		expect(tables.verification).toBeDefined();
+	});
 });

package/src/db/type.ts

@@ -1,5 +1,10 @@
 import type { StandardSchemaV1 } from "@standard-schema/spec";
-import type { Awaitable, LiteralString } from "../types";
+import type {
+	Awaitable,
+	BetterAuthOptions,
+	LiteralString,
+	UnionToIntersection,
+} from "../types";
 
 export type BaseModelNames = "user" | "account" | "session" | "verification";
 
@@ -8,6 +13,154 @@ export type ModelNames<T extends string = LiteralString> =
 	| T
 	| "rate-limit";
 
+export type InferDBValueType<T extends DBFieldType> = T extends "string"
+	? string
+	: T extends "number"
+		? number
+		: T extends "boolean"
+			? boolean
+			: T extends "date"
+				? Date
+				: T extends "json"
+					? Record<string, any>
+					: T extends `${infer U}[]`
+						? U extends "string"
+							? string[]
+							: number[]
+						: T extends Array<any>
+							? T[number]
+							: never;
+
+export type InferDBFieldOutput<T extends DBFieldAttribute> =
+	T["returned"] extends false
+		? never
+		: T["required"] extends false
+			? InferDBValueType<T["type"]> | undefined | null
+			: InferDBValueType<T["type"]>;
+
+export type InferDBFieldInput<T extends DBFieldAttribute> = InferDBValueType<
+	T["type"]
+>;
+
+export type InferDBFieldsInput<Field> =
+	Field extends Record<infer Key, DBFieldAttribute>
+		? {
+				[key in Key as Field[key]["required"] extends false
+					? never
+					: Field[key]["defaultValue"] extends string | number | boolean | Date
+						? never
+						: Field[key]["input"] extends false
+							? never
+							: key]: InferDBFieldInput<Field[key]>;
+			} & {
+				[key in Key as Field[key]["input"] extends false ? never : key]?:
+					| InferDBFieldInput<Field[key]>
+					| undefined
+					| null;
+			}
+		: {};
+
+export type InferDBFieldsOutput<
+	Fields extends Record<string, DBFieldAttribute>,
+> =
+	Fields extends Record<infer Key, DBFieldAttribute>
+		? {
+				[key in Key as Fields[key]["returned"] extends false
+					? never
+					: Fields[key]["required"] extends false
+						? Fields[key]["defaultValue"] extends
+								| boolean
+								| string
+								| number
+								| Date
+							? key
+							: never
+						: key]: InferDBFieldOutput<Fields[key]>;
+			} & {
+				[key in Key as Fields[key]["returned"] extends false
+					? never
+					: Fields[key]["required"] extends false
+						? Fields[key]["defaultValue"] extends
+								| boolean
+								| string
+								| number
+								| Date
+							? never
+							: key
+						: never]?: InferDBFieldOutput<Fields[key]> | null;
+			}
+		: never;
+
+export type InferDBFieldsFromOptionsInput<
+	DBOptions extends
+		| BetterAuthOptions["session"]
+		| BetterAuthOptions["user"]
+		| BetterAuthOptions["verification"]
+		| BetterAuthOptions["account"]
+		| BetterAuthOptions["rateLimit"],
+> = DBOptions extends {
+	additionalFields: Record<string, DBFieldAttribute>;
+}
+	? InferDBFieldsInput<DBOptions["additionalFields"]>
+	: {};
+
+export type InferDBFieldsFromOptions<
+	DBOptions extends
+		| BetterAuthOptions["session"]
+		| BetterAuthOptions["user"]
+		| BetterAuthOptions["verification"]
+		| BetterAuthOptions["account"]
+		| BetterAuthOptions["rateLimit"],
+> = DBOptions extends {
+	additionalFields: Record<string, DBFieldAttribute>;
+}
+	? InferDBFieldsOutput<DBOptions["additionalFields"]>
+	: {};
+
+export type InferDBFieldsFromPluginsInput<
+	ModelName extends string,
+	Plugins extends unknown[] | undefined,
+> = Plugins extends []
+	? {}
+	: Plugins extends [infer P, ...infer Rest]
+		? P extends {
+				schema: {
+					[key in ModelName]: {
+						fields: infer Fields;
+					};
+				};
+			}
+			? Fields extends Record<string, DBFieldAttribute>
+				? UnionToIntersection<
+						InferDBFieldsInput<Fields> &
+							InferDBFieldsFromPluginsInput<ModelName, Rest>
+					>
+				: InferDBFieldsFromPluginsInput<ModelName, Rest>
+			: InferDBFieldsFromPluginsInput<ModelName, Rest>
+		: {};
+
+export type InferDBFieldsFromPlugins<
+	ModelName extends string,
+	Plugins extends unknown[] | undefined,
+> = Plugins extends []
+	? {}
+	: Plugins extends [infer P, ...infer Rest]
+		? P extends {
+				schema: {
+					[key in ModelName]: {
+						fields: infer Fields;
+					};
+				};
+			}
+			? Fields extends Record<string, DBFieldAttribute>
+				? UnionToIntersection<
+						InferDBFieldsOutput<Fields> &
+							InferDBFieldsFromPlugins<ModelName, Rest>
+					>
+				: InferDBFieldsFromPlugins<ModelName, Rest>
+			: InferDBFieldsFromPlugins<ModelName, Rest>
+		: {};
+
 export type DBFieldType =
 	| "string"
 	| "number"

package/src/env/env-impl.ts

@@ -115,10 +115,10 @@ export const ENV = Object.freeze({
 	get PACKAGE_VERSION() {
 		return getEnvVar("PACKAGE_VERSION", "0.0.0");
 	},
-	get BETTER_AUTH_TELEMETRY_ENDPOINT() {
+	get BETTER_AUTH_TELEMETRY_ENDPOINT(): string | undefined {
 		return getEnvVar(
 			"BETTER_AUTH_TELEMETRY_ENDPOINT",
-			"https://telemetry.better-auth.com/v1/track",
+			import.meta.env.BETTER_AUTH_TELEMETRY_ENDPOINT,
 		);
 	},
 });

package/src/env/logger.ts

@@ -94,7 +94,7 @@ export type InternalLogger = {
 
 export const createLogger = (options?: Logger | undefined): InternalLogger => {
 	const enabled = options?.disabled !== true;
-	const logLevel = options?.level ?? "error";
+	const logLevel = options?.level ?? "warn";
 
 	const isDisableColorsSpecified = options?.disableColors !== undefined;
 	const colorsEnabled = isDisableColorsSpecified

package/src/error/codes.ts

@@ -1,5 +1,18 @@
 import { defineErrorCodes } from "../utils/error-codes";
 
+declare module "@better-auth/core" {
+	interface BetterAuthPluginRegistry<AuthOptions, Options> {
+		/**
+		 * This plugin does not exist, do not use it in runtime.
+		 */
+		"$internal:base": {
+			creator: () => {
+				$ERROR_CODES: typeof BASE_ERROR_CODES;
+			};
+		};
+	}
+}
+
 export const BASE_ERROR_CODES = defineErrorCodes({
 	USER_NOT_FOUND: "User not found",
 	FAILED_TO_CREATE_USER: "Failed to create user",
@@ -49,6 +62,10 @@ export const BASE_ERROR_CODES = defineErrorCodes({
 	ASYNC_VALIDATION_NOT_SUPPORTED: "Async validation is not supported",
 	VALIDATION_ERROR: "Validation Error",
 	MISSING_FIELD: "Field is required",
+	METHOD_NOT_ALLOWED_DEFER_SESSION_REQUIRED:
+		"POST method requires deferSessionRefresh to be enabled in session config",
+	BODY_MUST_BE_AN_OBJECT: "Body must be an object",
+	PASSWORD_ALREADY_SET: "User already has a password set",
 });
 
 export type APIErrorCode = keyof typeof BASE_ERROR_CODES;

package/src/oauth2/client-credentials-token.ts

@@ -1,7 +1,31 @@
 import { base64Url } from "@better-auth/utils/base64";
 import { betterFetch } from "@better-fetch/fetch";
+import type { AwaitableFunction } from "../types";
 import type { OAuth2Tokens, ProviderOptions } from "./oauth-provider";
 
+export async function clientCredentialsTokenRequest({
+	options,
+	scope,
+	authentication,
+	resource,
+}: {
+	options: AwaitableFunction<ProviderOptions & { clientSecret: string }>;
+	scope?: string | undefined;
+	authentication?: ("basic" | "post") | undefined;
+	resource?: (string | string[]) | undefined;
+}) {
+	options = typeof options === "function" ? await options() : options;
+	return createClientCredentialsTokenRequest({
+		options,
+		scope,
+		authentication,
+		resource,
+	});
+}
+
+/**
+ * @deprecated use async'd clientCredentialsTokenRequest instead
+ */
 export function createClientCredentialsTokenRequest({
 	options,
 	scope,
@@ -59,13 +83,13 @@ export async function clientCredentialsToken({
 	authentication,
 	resource,
 }: {
-	options: ProviderOptions & { clientSecret: string };
+	options: AwaitableFunction<ProviderOptions & { clientSecret: string }>;
 	tokenEndpoint: string;
 	scope: string;
 	authentication?: ("basic" | "post") | undefined;
 	resource?: (string | string[]) | undefined;
 }): Promise<OAuth2Tokens> {
-	const { body, headers } = createClientCredentialsTokenRequest({
+	const { body, headers } = await clientCredentialsTokenRequest({
 		options,
 		scope,
 		authentication,

package/src/oauth2/create-authorization-url.ts

@@ -1,3 +1,4 @@
+import type { AwaitableFunction } from "../types";
 import type { ProviderOptions } from "./index";
 import { generateCodeChallenge } from "./utils";
 
@@ -22,7 +23,7 @@ export async function createAuthorizationURL({
 	scopeJoiner,
 }: {
 	id: string;
-	options: ProviderOptions;
+	options: AwaitableFunction<ProviderOptions>;
 	redirectURI: string;
 	authorizationEndpoint: string;
 	state: string;
@@ -40,6 +41,7 @@ export async function createAuthorizationURL({
 	additionalParams?: Record<string, string> | undefined;
 	scopeJoiner?: string | undefined;
 }) {
+	options = typeof options === "function" ? await options() : options;
 	const url = new URL(options.authorizationEndpoint || authorizationEndpoint);
 	url.searchParams.set("response_type", responseType || "code");
 	const primaryClientId = Array.isArray(options.clientId)

package/src/oauth2/index.ts

@@ -1,5 +1,6 @@
 export {
 	clientCredentialsToken,
+	clientCredentialsTokenRequest,
 	createClientCredentialsTokenRequest,
 } from "./client-credentials-token";
 export { createAuthorizationURL } from "./create-authorization-url";
@@ -12,9 +13,11 @@ export type {
 export {
 	createRefreshAccessTokenRequest,
 	refreshAccessToken,
+	refreshAccessTokenRequest,
 } from "./refresh-access-token";
 export { generateCodeChallenge, getOAuth2Tokens } from "./utils";
 export {
+	authorizationCodeRequest,
 	createAuthorizationCodeRequest,
 	validateAuthorizationCode,
 	validateToken,

package/src/oauth2/oauth-provider.ts

@@ -42,7 +42,7 @@ export interface OAuthProvider<
 		redirectURI: string;
 		codeVerifier?: string | undefined;
 		deviceId?: string | undefined;
-	}) => Promise<OAuth2Tokens>;
+	}) => Promise<OAuth2Tokens | null>;
 	getUserInfo: (
 		token: OAuth2Tokens & {
 			/**