@better-auth/expo 1.4.0-beta.11 → 1.4.0-beta.13

package/dist/client.cjs

@@ -84,12 +84,88 @@ function getCookie(cookie) {
 function getOrigin(scheme) {
 	return expo_linking.createURL("", { scheme });
 }
+/**
+* Compare if session cookies have actually changed by comparing their values.
+* Ignores expiry timestamps that naturally change on each request.
+*
+* @param prevCookie - Previous cookie JSON string
+* @param newCookie - New cookie JSON string
+* @returns true if session cookies have changed, false otherwise
+*/
+function hasSessionCookieChanged(prevCookie, newCookie) {
+	if (!prevCookie) return true;
+	try {
+		const prev = JSON.parse(prevCookie);
+		const next = JSON.parse(newCookie);
+		const sessionKeys = /* @__PURE__ */ new Set();
+		Object.keys(prev).forEach((key) => {
+			if (key.includes("session_token") || key.includes("session_data")) sessionKeys.add(key);
+		});
+		Object.keys(next).forEach((key) => {
+			if (key.includes("session_token") || key.includes("session_data")) sessionKeys.add(key);
+		});
+		for (const key of sessionKeys) if (prev[key]?.value !== next[key]?.value) return true;
+		return false;
+	} catch {
+		return true;
+	}
+}
+/**
+* Check if the Set-Cookie header contains session-related better-auth cookies.
+* Only triggers session updates when session_token or session_data cookies are present.
+* This prevents infinite refetching when non-session cookies (like third-party cookies) change.
+*
+* Supports multiple cookie naming patterns:
+* - Default: "better-auth.session_token", "__Secure-better-auth.session_token"
+* - Custom prefix: "myapp.session_token", "__Secure-myapp.session_token"
+* - Custom full names: "my_custom_session_token", "custom_session_data"
+* - No prefix (cookiePrefix=""): "session_token", "my_session_token", etc.
+*
+* @param setCookieHeader - The Set-Cookie header value
+* @param cookiePrefix - The cookie prefix to check for. Can be empty string for custom cookie names.
+* @returns true if the header contains session-related cookies, false otherwise
+*/
+function hasBetterAuthCookies(setCookieHeader, cookiePrefix) {
+	const cookies = parseSetCookieHeader(setCookieHeader);
+	const sessionCookieSuffixes = ["session_token", "session_data"];
+	for (const name of cookies.keys()) {
+		const nameWithoutSecure = name.startsWith("__Secure-") ? name.slice(9) : name;
+		for (const suffix of sessionCookieSuffixes) if (cookiePrefix) {
+			if (nameWithoutSecure === `${cookiePrefix}.${suffix}`) return true;
+		} else if (nameWithoutSecure.endsWith(suffix)) return true;
+	}
+	return false;
+}
+/**
+* Expo secure store does not support colons in the keys.
+* This function replaces colons with underscores.
+*
+* @see https://github.com/better-auth/better-auth/issues/5426
+*
+* @param name cookie name to be saved in the storage
+* @returns normalized cookie name
+*/
+function normalizeCookieName(name) {
+	return name.replace(/:/g, "_");
+}
+function storageAdapter(storage) {
+	return {
+		getItem: (name) => {
+			return storage.getItem(normalizeCookieName(name));
+		},
+		setItem: (name, value) => {
+			return storage.setItem(normalizeCookieName(name), value);
+		}
+	};
+}
 const expoClient = (opts) => {
 	let store = null;
-	const cookieName = `${opts?.storagePrefix || "better-auth"}_cookie`;
-	const localCacheName = `${opts?.storagePrefix || "better-auth"}_session_data`;
-	const storage = opts?.storage;
+	const storagePrefix = opts?.storagePrefix || "better-auth";
+	const cookieName = `${storagePrefix}_cookie`;
+	const localCacheName = `${storagePrefix}_session_data`;
+	const storage = storageAdapter(opts?.storage);
 	const isWeb = react_native.Platform.OS === "web";
+	const cookiePrefix = opts?.cookiePrefix || "better-auth";
 	const rawScheme = opts?.scheme || expo_constants.default.expoConfig?.scheme || expo_constants.default.platform?.scheme;
 	const scheme = Array.isArray(rawScheme) ? rawScheme[0] : rawScheme;
 	if (!scheme && !isWeb) throw new Error("Scheme not found in app.json. Please provide a scheme in the options.");
@@ -108,10 +184,14 @@ const expoClient = (opts) => {
 				if (isWeb) return;
 				const setCookie = context.response.headers.get("set-cookie");
 				if (setCookie) {
-					const prevCookie = await storage.getItem(cookieName);
-					const toSetCookie = getSetCookie(setCookie || "", prevCookie ?? void 0);
-					await storage.setItem(cookieName, toSetCookie);
-					store?.notify("$sessionSignal");
+					if (hasBetterAuthCookies(setCookie, cookiePrefix)) {
+						const prevCookie = await storage.getItem(cookieName);
+						const toSetCookie = getSetCookie(setCookie || "", prevCookie ?? void 0);
+						if (hasSessionCookieChanged(prevCookie, toSetCookie)) {
+							await storage.setItem(cookieName, toSetCookie);
+							store?.notify("$sessionSignal");
+						} else await storage.setItem(cookieName, toSetCookie);
+					}
 				}
 				if (context.request.url.toString().includes("/get-session") && !opts?.disableCache) {
 					const data = context.data;
@@ -191,4 +271,7 @@ const expoClient = (opts) => {
 exports.expoClient = expoClient;
 exports.getCookie = getCookie;
 exports.getSetCookie = getSetCookie;
-exports.parseSetCookieHeader = parseSetCookieHeader;
+exports.hasBetterAuthCookies = hasBetterAuthCookies;
+exports.normalizeCookieName = normalizeCookieName;
+exports.parseSetCookieHeader = parseSetCookieHeader;
+exports.storageAdapter = storageAdapter;

package/dist/client.d.cts

@@ -1,6 +1,6 @@
 import * as _better_fetch_fetch0 from "@better-fetch/fetch";
 import { BetterFetchOption } from "@better-fetch/fetch";
-import * as better_auth_types0 from "better-auth/types";
+import { ClientStore } from "@better-auth/core";
 
 //#region src/client.d.ts
 interface CookieAttributes {
@@ -20,14 +20,58 @@ interface ExpoClientOptions {
     setItem: (key: string, value: string) => any;
     getItem: (key: string) => string | null;
   };
+  /**
+   * Prefix for local storage keys (e.g., "my-app_cookie", "my-app_session_data")
+   * @default "better-auth"
+   */
   storagePrefix?: string;
+  /**
+   * Prefix for server cookie names to filter (e.g., "better-auth.session_token")
+   * This is used to identify which cookies belong to better-auth to prevent
+   * infinite refetching when third-party cookies are set.
+   * @default "better-auth"
+   */
+  cookiePrefix?: string;
   disableCache?: boolean;
 }
 declare function getSetCookie(header: string, prevCookie?: string): string;
 declare function getCookie(cookie: string): string;
+/**
+ * Check if the Set-Cookie header contains session-related better-auth cookies.
+ * Only triggers session updates when session_token or session_data cookies are present.
+ * This prevents infinite refetching when non-session cookies (like third-party cookies) change.
+ *
+ * Supports multiple cookie naming patterns:
+ * - Default: "better-auth.session_token", "__Secure-better-auth.session_token"
+ * - Custom prefix: "myapp.session_token", "__Secure-myapp.session_token"
+ * - Custom full names: "my_custom_session_token", "custom_session_data"
+ * - No prefix (cookiePrefix=""): "session_token", "my_session_token", etc.
+ *
+ * @param setCookieHeader - The Set-Cookie header value
+ * @param cookiePrefix - The cookie prefix to check for. Can be empty string for custom cookie names.
+ * @returns true if the header contains session-related cookies, false otherwise
+ */
+declare function hasBetterAuthCookies(setCookieHeader: string, cookiePrefix: string): boolean;
+/**
+ * Expo secure store does not support colons in the keys.
+ * This function replaces colons with underscores.
+ *
+ * @see https://github.com/better-auth/better-auth/issues/5426
+ *
+ * @param name cookie name to be saved in the storage
+ * @returns normalized cookie name
+ */
+declare function normalizeCookieName(name: string): string;
+declare function storageAdapter(storage: {
+  getItem: (name: string) => string | null;
+  setItem: (name: string, value: string) => void;
+}): {
+  getItem: (name: string) => string | null;
+  setItem: (name: string, value: string) => void;
+};
 declare const expoClient: (opts: ExpoClientOptions) => {
   id: "expo";
-  getActions(_: _better_fetch_fetch0.BetterFetch, $store: better_auth_types0.ClientStore): {
+  getActions(_: _better_fetch_fetch0.BetterFetch, $store: ClientStore): {
     /**
      * Get the stored cookie.
      *
@@ -52,19 +96,19 @@ declare const expoClient: (opts: ExpoClientOptions) => {
       onSuccess(context: _better_fetch_fetch0.SuccessContext<any>): Promise<void>;
     };
     init(url: string, options: {
-      cache?: RequestCache | undefined;
-      credentials?: RequestCredentials | undefined;
+      method?: string | undefined;
       headers?: (HeadersInit & (HeadersInit | {
         accept: "application/json" | "text/plain" | "application/octet-stream";
         "content-type": "application/json" | "text/plain" | "application/x-www-form-urlencoded" | "multipart/form-data" | "application/octet-stream";
         authorization: "Bearer" | "Basic";
       })) | undefined;
+      redirect?: RequestRedirect | undefined;
+      cache?: RequestCache | undefined;
+      credentials?: RequestCredentials | undefined;
       integrity?: string | undefined;
       keepalive?: boolean | undefined;
-      method?: string | undefined;
       mode?: RequestMode | undefined;
       priority?: RequestPriority | undefined;
-      redirect?: RequestRedirect | undefined;
       referrer?: string | undefined;
       referrerPolicy?: ReferrerPolicy | undefined;
       signal?: (AbortSignal | null) | undefined;
@@ -111,4 +155,4 @@ declare const expoClient: (opts: ExpoClientOptions) => {
   }[];
 };
 //#endregion
-export { expoClient, getCookie, getSetCookie, parseSetCookieHeader };
+export { expoClient, getCookie, getSetCookie, hasBetterAuthCookies, normalizeCookieName, parseSetCookieHeader, storageAdapter };

package/dist/client.d.ts

@@ -1,6 +1,6 @@
 import * as _better_fetch_fetch0 from "@better-fetch/fetch";
 import { BetterFetchOption } from "@better-fetch/fetch";
-import * as better_auth_types0 from "better-auth/types";
+import { ClientStore } from "@better-auth/core";
 
 //#region src/client.d.ts
 interface CookieAttributes {
@@ -20,14 +20,58 @@ interface ExpoClientOptions {
     setItem: (key: string, value: string) => any;
     getItem: (key: string) => string | null;
   };
+  /**
+   * Prefix for local storage keys (e.g., "my-app_cookie", "my-app_session_data")
+   * @default "better-auth"
+   */
   storagePrefix?: string;
+  /**
+   * Prefix for server cookie names to filter (e.g., "better-auth.session_token")
+   * This is used to identify which cookies belong to better-auth to prevent
+   * infinite refetching when third-party cookies are set.
+   * @default "better-auth"
+   */
+  cookiePrefix?: string;
   disableCache?: boolean;
 }
 declare function getSetCookie(header: string, prevCookie?: string): string;
 declare function getCookie(cookie: string): string;
+/**
+ * Check if the Set-Cookie header contains session-related better-auth cookies.
+ * Only triggers session updates when session_token or session_data cookies are present.
+ * This prevents infinite refetching when non-session cookies (like third-party cookies) change.
+ *
+ * Supports multiple cookie naming patterns:
+ * - Default: "better-auth.session_token", "__Secure-better-auth.session_token"
+ * - Custom prefix: "myapp.session_token", "__Secure-myapp.session_token"
+ * - Custom full names: "my_custom_session_token", "custom_session_data"
+ * - No prefix (cookiePrefix=""): "session_token", "my_session_token", etc.
+ *
+ * @param setCookieHeader - The Set-Cookie header value
+ * @param cookiePrefix - The cookie prefix to check for. Can be empty string for custom cookie names.
+ * @returns true if the header contains session-related cookies, false otherwise
+ */
+declare function hasBetterAuthCookies(setCookieHeader: string, cookiePrefix: string): boolean;
+/**
+ * Expo secure store does not support colons in the keys.
+ * This function replaces colons with underscores.
+ *
+ * @see https://github.com/better-auth/better-auth/issues/5426
+ *
+ * @param name cookie name to be saved in the storage
+ * @returns normalized cookie name
+ */
+declare function normalizeCookieName(name: string): string;
+declare function storageAdapter(storage: {
+  getItem: (name: string) => string | null;
+  setItem: (name: string, value: string) => void;
+}): {
+  getItem: (name: string) => string | null;
+  setItem: (name: string, value: string) => void;
+};
 declare const expoClient: (opts: ExpoClientOptions) => {
   id: "expo";
-  getActions(_: _better_fetch_fetch0.BetterFetch, $store: better_auth_types0.ClientStore): {
+  getActions(_: _better_fetch_fetch0.BetterFetch, $store: ClientStore): {
     /**
      * Get the stored cookie.
      *
@@ -52,19 +96,19 @@ declare const expoClient: (opts: ExpoClientOptions) => {
       onSuccess(context: _better_fetch_fetch0.SuccessContext<any>): Promise<void>;
     };
     init(url: string, options: {
-      cache?: RequestCache | undefined;
-      credentials?: RequestCredentials | undefined;
+      method?: string | undefined;
       headers?: (HeadersInit & (HeadersInit | {
         accept: "application/json" | "text/plain" | "application/octet-stream";
         "content-type": "application/json" | "text/plain" | "application/x-www-form-urlencoded" | "multipart/form-data" | "application/octet-stream";
         authorization: "Bearer" | "Basic";
       })) | undefined;
+      redirect?: RequestRedirect | undefined;
+      cache?: RequestCache | undefined;
+      credentials?: RequestCredentials | undefined;
       integrity?: string | undefined;
       keepalive?: boolean | undefined;
-      method?: string | undefined;
       mode?: RequestMode | undefined;
       priority?: RequestPriority | undefined;
-      redirect?: RequestRedirect | undefined;
       referrer?: string | undefined;
       referrerPolicy?: ReferrerPolicy | undefined;
       signal?: (AbortSignal | null) | undefined;
@@ -111,4 +155,4 @@ declare const expoClient: (opts: ExpoClientOptions) => {
   }[];
 };
 //#endregion
-export { expoClient, getCookie, getSetCookie, parseSetCookieHeader };
+export { expoClient, getCookie, getSetCookie, hasBetterAuthCookies, normalizeCookieName, parseSetCookieHeader, storageAdapter };

package/dist/client.js

@@ -80,12 +80,88 @@ function getCookie(cookie) {
 function getOrigin(scheme) {
 	return Linking.createURL("", { scheme });
 }
+/**
+* Compare if session cookies have actually changed by comparing their values.
+* Ignores expiry timestamps that naturally change on each request.
+*
+* @param prevCookie - Previous cookie JSON string
+* @param newCookie - New cookie JSON string
+* @returns true if session cookies have changed, false otherwise
+*/
+function hasSessionCookieChanged(prevCookie, newCookie) {
+	if (!prevCookie) return true;
+	try {
+		const prev = JSON.parse(prevCookie);
+		const next = JSON.parse(newCookie);
+		const sessionKeys = /* @__PURE__ */ new Set();
+		Object.keys(prev).forEach((key) => {
+			if (key.includes("session_token") || key.includes("session_data")) sessionKeys.add(key);
+		});
+		Object.keys(next).forEach((key) => {
+			if (key.includes("session_token") || key.includes("session_data")) sessionKeys.add(key);
+		});
+		for (const key of sessionKeys) if (prev[key]?.value !== next[key]?.value) return true;
+		return false;
+	} catch {
+		return true;
+	}
+}
+/**
+* Check if the Set-Cookie header contains session-related better-auth cookies.
+* Only triggers session updates when session_token or session_data cookies are present.
+* This prevents infinite refetching when non-session cookies (like third-party cookies) change.
+*
+* Supports multiple cookie naming patterns:
+* - Default: "better-auth.session_token", "__Secure-better-auth.session_token"
+* - Custom prefix: "myapp.session_token", "__Secure-myapp.session_token"
+* - Custom full names: "my_custom_session_token", "custom_session_data"
+* - No prefix (cookiePrefix=""): "session_token", "my_session_token", etc.
+*
+* @param setCookieHeader - The Set-Cookie header value
+* @param cookiePrefix - The cookie prefix to check for. Can be empty string for custom cookie names.
+* @returns true if the header contains session-related cookies, false otherwise
+*/
+function hasBetterAuthCookies(setCookieHeader, cookiePrefix) {
+	const cookies = parseSetCookieHeader(setCookieHeader);
+	const sessionCookieSuffixes = ["session_token", "session_data"];
+	for (const name of cookies.keys()) {
+		const nameWithoutSecure = name.startsWith("__Secure-") ? name.slice(9) : name;
+		for (const suffix of sessionCookieSuffixes) if (cookiePrefix) {
+			if (nameWithoutSecure === `${cookiePrefix}.${suffix}`) return true;
+		} else if (nameWithoutSecure.endsWith(suffix)) return true;
+	}
+	return false;
+}
+/**
+* Expo secure store does not support colons in the keys.
+* This function replaces colons with underscores.
+*
+* @see https://github.com/better-auth/better-auth/issues/5426
+*
+* @param name cookie name to be saved in the storage
+* @returns normalized cookie name
+*/
+function normalizeCookieName(name) {
+	return name.replace(/:/g, "_");
+}
+function storageAdapter(storage) {
+	return {
+		getItem: (name) => {
+			return storage.getItem(normalizeCookieName(name));
+		},
+		setItem: (name, value) => {
+			return storage.setItem(normalizeCookieName(name), value);
+		}
+	};
+}
 const expoClient = (opts) => {
 	let store = null;
-	const cookieName = `${opts?.storagePrefix || "better-auth"}_cookie`;
-	const localCacheName = `${opts?.storagePrefix || "better-auth"}_session_data`;
-	const storage = opts?.storage;
+	const storagePrefix = opts?.storagePrefix || "better-auth";
+	const cookieName = `${storagePrefix}_cookie`;
+	const localCacheName = `${storagePrefix}_session_data`;
+	const storage = storageAdapter(opts?.storage);
 	const isWeb = Platform.OS === "web";
+	const cookiePrefix = opts?.cookiePrefix || "better-auth";
 	const rawScheme = opts?.scheme || Constants.expoConfig?.scheme || Constants.platform?.scheme;
 	const scheme = Array.isArray(rawScheme) ? rawScheme[0] : rawScheme;
 	if (!scheme && !isWeb) throw new Error("Scheme not found in app.json. Please provide a scheme in the options.");
@@ -104,10 +180,14 @@ const expoClient = (opts) => {
 				if (isWeb) return;
 				const setCookie = context.response.headers.get("set-cookie");
 				if (setCookie) {
-					const prevCookie = await storage.getItem(cookieName);
-					const toSetCookie = getSetCookie(setCookie || "", prevCookie ?? void 0);
-					await storage.setItem(cookieName, toSetCookie);
-					store?.notify("$sessionSignal");
+					if (hasBetterAuthCookies(setCookie, cookiePrefix)) {
+						const prevCookie = await storage.getItem(cookieName);
+						const toSetCookie = getSetCookie(setCookie || "", prevCookie ?? void 0);
+						if (hasSessionCookieChanged(prevCookie, toSetCookie)) {
+							await storage.setItem(cookieName, toSetCookie);
+							store?.notify("$sessionSignal");
+						} else await storage.setItem(cookieName, toSetCookie);
+					}
 				}
 				if (context.request.url.toString().includes("/get-session") && !opts?.disableCache) {
 					const data = context.data;
@@ -184,4 +264,4 @@ const expoClient = (opts) => {
 };
 
 //#endregion
-export { expoClient, getCookie, getSetCookie, parseSetCookieHeader };
+export { expoClient, getCookie, getSetCookie, hasBetterAuthCookies, normalizeCookieName, parseSetCookieHeader, storageAdapter };

package/dist/index.cjs

@@ -1,8 +1,10 @@
 const require_chunk = require('./chunk-CUT6urMc.cjs');
-let better_auth_api = require("better-auth/api");
-better_auth_api = require_chunk.__toESM(better_auth_api);
+let __better_auth_core_api = require("@better-auth/core/api");
+__better_auth_core_api = require_chunk.__toESM(__better_auth_core_api);
 let zod = require("zod");
 zod = require_chunk.__toESM(zod);
+let better_call = require("better-call");
+better_call = require_chunk.__toESM(better_call);
 
 //#region src/index.ts
 const expo = (options) => {
@@ -24,9 +26,9 @@ const expo = (options) => {
 		},
 		hooks: { after: [{
 			matcher(context) {
-				return context.path?.startsWith("/callback") || context.path?.startsWith("/oauth2/callback");
+				return !!(context.path?.startsWith("/callback") || context.path?.startsWith("/oauth2/callback"));
 			},
-			handler: (0, better_auth_api.createAuthMiddleware)(async (ctx) => {
+			handler: (0, __better_auth_core_api.createAuthMiddleware)(async (ctx) => {
 				const headers = ctx.context.responseHeaders;
 				const location = headers?.get("location");
 				if (!location) return;
@@ -39,14 +41,14 @@ const expo = (options) => {
 				ctx.setHeader("location", url.toString());
 			})
 		}] },
-		endpoints: { expoAuthorizationProxy: (0, better_auth_api.createAuthEndpoint)("/expo-authorization-proxy", {
+		endpoints: { expoAuthorizationProxy: (0, __better_auth_core_api.createAuthEndpoint)("/expo-authorization-proxy", {
 			method: "GET",
 			query: zod.z.object({ authorizationURL: zod.z.string() }),
 			metadata: { isAction: false }
 		}, async (ctx) => {
 			const { authorizationURL } = ctx.query;
 			const state = new URL(authorizationURL).searchParams.get("state");
-			if (!state) throw new better_auth_api.APIError("BAD_REQUEST", { message: "Unexpected error" });
+			if (!state) throw new better_call.APIError("BAD_REQUEST", { message: "Unexpected error" });
 			const stateCookie = ctx.context.createAuthCookie("state", { maxAge: 300 * 1e3 });
 			await ctx.setSignedCookie(stateCookie.name, state, ctx.context.secret, stateCookie.attributes);
 			return ctx.redirect(ctx.query.authorizationURL);

package/dist/index.d.cts

@@ -1,4 +1,4 @@
-import * as better_auth0 from "better-auth";
+import * as _better_auth_core0 from "@better-auth/core";
 import * as better_call0 from "better-call";
 import { z } from "zod";
 
@@ -11,87 +11,45 @@ interface ExpoOptions {
 }
 declare const expo: (options?: ExpoOptions) => {
   id: "expo";
-  init: (ctx: better_auth0.AuthContext<better_auth0.BetterAuthOptions>) => {
+  init: (ctx: _better_auth_core0.AuthContext) => {
     options: {
       trustedOrigins: string[];
     };
   };
-  onRequest(request: Request, ctx: better_auth0.AuthContext<better_auth0.BetterAuthOptions>): Promise<{
+  onRequest(request: Request, ctx: _better_auth_core0.AuthContext): Promise<{
     request: Request;
   } | undefined>;
   hooks: {
     after: {
-      matcher(context: better_auth0.HookEndpointContext): boolean;
+      matcher(context: _better_auth_core0.HookEndpointContext): boolean;
       handler: (inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<void>;
     }[];
   };
   endpoints: {
-    expoAuthorizationProxy: {
-      <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
-        body?: undefined;
-      } & {
-        method?: "GET" | undefined;
-      } & {
-        query: {
-          authorizationURL: string;
-        };
-      } & {
-        params?: Record<string, any>;
-      } & {
-        request?: Request;
-      } & {
-        headers?: HeadersInit;
-      } & {
-        asResponse?: boolean;
-        returnHeaders?: boolean;
-        use?: better_call0.Middleware[];
-        path?: string;
-      } & {
-        asResponse?: AsResponse | undefined;
-        returnHeaders?: ReturnHeaders | undefined;
-      }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
-        headers: Headers;
-        response: {
-          status: ("OK" | "CREATED" | "ACCEPTED" | "NO_CONTENT" | "MULTIPLE_CHOICES" | "MOVED_PERMANENTLY" | "FOUND" | "SEE_OTHER" | "NOT_MODIFIED" | "TEMPORARY_REDIRECT" | "BAD_REQUEST" | "UNAUTHORIZED" | "PAYMENT_REQUIRED" | "FORBIDDEN" | "NOT_FOUND" | "METHOD_NOT_ALLOWED" | "NOT_ACCEPTABLE" | "PROXY_AUTHENTICATION_REQUIRED" | "REQUEST_TIMEOUT" | "CONFLICT" | "GONE" | "LENGTH_REQUIRED" | "PRECONDITION_FAILED" | "PAYLOAD_TOO_LARGE" | "URI_TOO_LONG" | "UNSUPPORTED_MEDIA_TYPE" | "RANGE_NOT_SATISFIABLE" | "EXPECTATION_FAILED" | "I'M_A_TEAPOT" | "MISDIRECTED_REQUEST" | "UNPROCESSABLE_ENTITY" | "LOCKED" | "FAILED_DEPENDENCY" | "TOO_EARLY" | "UPGRADE_REQUIRED" | "PRECONDITION_REQUIRED" | "TOO_MANY_REQUESTS" | "REQUEST_HEADER_FIELDS_TOO_LARGE" | "UNAVAILABLE_FOR_LEGAL_REASONS" | "INTERNAL_SERVER_ERROR" | "NOT_IMPLEMENTED" | "BAD_GATEWAY" | "SERVICE_UNAVAILABLE" | "GATEWAY_TIMEOUT" | "HTTP_VERSION_NOT_SUPPORTED" | "VARIANT_ALSO_NEGOTIATES" | "INSUFFICIENT_STORAGE" | "LOOP_DETECTED" | "NOT_EXTENDED" | "NETWORK_AUTHENTICATION_REQUIRED") | better_call0.Status;
-          body: ({
-            message?: string;
-            code?: string;
-            cause?: unknown;
-          } & Record<string, any>) | undefined;
-          headers: HeadersInit;
-          statusCode: number;
-          name: string;
-          message: string;
-          stack?: string;
-          cause?: unknown;
-        };
-      } : {
-        status: ("OK" | "CREATED" | "ACCEPTED" | "NO_CONTENT" | "MULTIPLE_CHOICES" | "MOVED_PERMANENTLY" | "FOUND" | "SEE_OTHER" | "NOT_MODIFIED" | "TEMPORARY_REDIRECT" | "BAD_REQUEST" | "UNAUTHORIZED" | "PAYMENT_REQUIRED" | "FORBIDDEN" | "NOT_FOUND" | "METHOD_NOT_ALLOWED" | "NOT_ACCEPTABLE" | "PROXY_AUTHENTICATION_REQUIRED" | "REQUEST_TIMEOUT" | "CONFLICT" | "GONE" | "LENGTH_REQUIRED" | "PRECONDITION_FAILED" | "PAYLOAD_TOO_LARGE" | "URI_TOO_LONG" | "UNSUPPORTED_MEDIA_TYPE" | "RANGE_NOT_SATISFIABLE" | "EXPECTATION_FAILED" | "I'M_A_TEAPOT" | "MISDIRECTED_REQUEST" | "UNPROCESSABLE_ENTITY" | "LOCKED" | "FAILED_DEPENDENCY" | "TOO_EARLY" | "UPGRADE_REQUIRED" | "PRECONDITION_REQUIRED" | "TOO_MANY_REQUESTS" | "REQUEST_HEADER_FIELDS_TOO_LARGE" | "UNAVAILABLE_FOR_LEGAL_REASONS" | "INTERNAL_SERVER_ERROR" | "NOT_IMPLEMENTED" | "BAD_GATEWAY" | "SERVICE_UNAVAILABLE" | "GATEWAY_TIMEOUT" | "HTTP_VERSION_NOT_SUPPORTED" | "VARIANT_ALSO_NEGOTIATES" | "INSUFFICIENT_STORAGE" | "LOOP_DETECTED" | "NOT_EXTENDED" | "NETWORK_AUTHENTICATION_REQUIRED") | better_call0.Status;
-        body: ({
-          message?: string;
-          code?: string;
-          cause?: unknown;
-        } & Record<string, any>) | undefined;
-        headers: HeadersInit;
-        statusCode: number;
-        name: string;
-        message: string;
-        stack?: string;
-        cause?: unknown;
-      }>;
-      options: {
-        method: "GET";
-        query: z.ZodObject<{
-          authorizationURL: z.ZodString;
-        }, z.core.$strip>;
-        metadata: {
-          isAction: boolean;
-        };
-      } & {
-        use: any[];
+    expoAuthorizationProxy: better_call0.StrictEndpoint<"/expo-authorization-proxy", {
+      method: "GET";
+      query: z.ZodObject<{
+        authorizationURL: z.ZodString;
+      }, z.core.$strip>;
+      metadata: {
+        isAction: boolean;
       };
-      path: "/expo-authorization-proxy";
-    };
+    } & {
+      use: any[];
+    }, {
+      status: ("OK" | "CREATED" | "ACCEPTED" | "NO_CONTENT" | "MULTIPLE_CHOICES" | "MOVED_PERMANENTLY" | "FOUND" | "SEE_OTHER" | "NOT_MODIFIED" | "TEMPORARY_REDIRECT" | "BAD_REQUEST" | "UNAUTHORIZED" | "PAYMENT_REQUIRED" | "FORBIDDEN" | "NOT_FOUND" | "METHOD_NOT_ALLOWED" | "NOT_ACCEPTABLE" | "PROXY_AUTHENTICATION_REQUIRED" | "REQUEST_TIMEOUT" | "CONFLICT" | "GONE" | "LENGTH_REQUIRED" | "PRECONDITION_FAILED" | "PAYLOAD_TOO_LARGE" | "URI_TOO_LONG" | "UNSUPPORTED_MEDIA_TYPE" | "RANGE_NOT_SATISFIABLE" | "EXPECTATION_FAILED" | "I'M_A_TEAPOT" | "MISDIRECTED_REQUEST" | "UNPROCESSABLE_ENTITY" | "LOCKED" | "FAILED_DEPENDENCY" | "TOO_EARLY" | "UPGRADE_REQUIRED" | "PRECONDITION_REQUIRED" | "TOO_MANY_REQUESTS" | "REQUEST_HEADER_FIELDS_TOO_LARGE" | "UNAVAILABLE_FOR_LEGAL_REASONS" | "INTERNAL_SERVER_ERROR" | "NOT_IMPLEMENTED" | "BAD_GATEWAY" | "SERVICE_UNAVAILABLE" | "GATEWAY_TIMEOUT" | "HTTP_VERSION_NOT_SUPPORTED" | "VARIANT_ALSO_NEGOTIATES" | "INSUFFICIENT_STORAGE" | "LOOP_DETECTED" | "NOT_EXTENDED" | "NETWORK_AUTHENTICATION_REQUIRED") | better_call0.Status;
+      body: ({
+        message?: string;
+        code?: string;
+        cause?: unknown;
+      } & Record<string, any>) | undefined;
+      headers: HeadersInit;
+      statusCode: number;
+      name: string;
+      message: string;
+      stack?: string;
+      cause?: unknown;
+    }>;
   };
 };
 //#endregion

package/dist/index.d.ts

@@ -1,6 +1,6 @@
 import { z } from "zod";
-import * as better_auth0 from "better-auth";
 import * as better_call0 from "better-call";
+import * as _better_auth_core0 from "@better-auth/core";
 
 //#region src/index.d.ts
 interface ExpoOptions {
@@ -11,87 +11,45 @@ interface ExpoOptions {
 }
 declare const expo: (options?: ExpoOptions) => {
   id: "expo";
-  init: (ctx: better_auth0.AuthContext<better_auth0.BetterAuthOptions>) => {
+  init: (ctx: _better_auth_core0.AuthContext) => {
     options: {
       trustedOrigins: string[];
     };
   };
-  onRequest(request: Request, ctx: better_auth0.AuthContext<better_auth0.BetterAuthOptions>): Promise<{
+  onRequest(request: Request, ctx: _better_auth_core0.AuthContext): Promise<{
     request: Request;
   } | undefined>;
   hooks: {
     after: {
-      matcher(context: better_auth0.HookEndpointContext): boolean;
+      matcher(context: _better_auth_core0.HookEndpointContext): boolean;
       handler: (inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<void>;
     }[];
   };
   endpoints: {
-    expoAuthorizationProxy: {
-      <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
-        body?: undefined;
-      } & {
-        method?: "GET" | undefined;
-      } & {
-        query: {
-          authorizationURL: string;
-        };
-      } & {
-        params?: Record<string, any>;
-      } & {
-        request?: Request;
-      } & {
-        headers?: HeadersInit;
-      } & {
-        asResponse?: boolean;
-        returnHeaders?: boolean;
-        use?: better_call0.Middleware[];
-        path?: string;
-      } & {
-        asResponse?: AsResponse | undefined;
-        returnHeaders?: ReturnHeaders | undefined;
-      }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
-        headers: Headers;
-        response: {
-          status: ("OK" | "CREATED" | "ACCEPTED" | "NO_CONTENT" | "MULTIPLE_CHOICES" | "MOVED_PERMANENTLY" | "FOUND" | "SEE_OTHER" | "NOT_MODIFIED" | "TEMPORARY_REDIRECT" | "BAD_REQUEST" | "UNAUTHORIZED" | "PAYMENT_REQUIRED" | "FORBIDDEN" | "NOT_FOUND" | "METHOD_NOT_ALLOWED" | "NOT_ACCEPTABLE" | "PROXY_AUTHENTICATION_REQUIRED" | "REQUEST_TIMEOUT" | "CONFLICT" | "GONE" | "LENGTH_REQUIRED" | "PRECONDITION_FAILED" | "PAYLOAD_TOO_LARGE" | "URI_TOO_LONG" | "UNSUPPORTED_MEDIA_TYPE" | "RANGE_NOT_SATISFIABLE" | "EXPECTATION_FAILED" | "I'M_A_TEAPOT" | "MISDIRECTED_REQUEST" | "UNPROCESSABLE_ENTITY" | "LOCKED" | "FAILED_DEPENDENCY" | "TOO_EARLY" | "UPGRADE_REQUIRED" | "PRECONDITION_REQUIRED" | "TOO_MANY_REQUESTS" | "REQUEST_HEADER_FIELDS_TOO_LARGE" | "UNAVAILABLE_FOR_LEGAL_REASONS" | "INTERNAL_SERVER_ERROR" | "NOT_IMPLEMENTED" | "BAD_GATEWAY" | "SERVICE_UNAVAILABLE" | "GATEWAY_TIMEOUT" | "HTTP_VERSION_NOT_SUPPORTED" | "VARIANT_ALSO_NEGOTIATES" | "INSUFFICIENT_STORAGE" | "LOOP_DETECTED" | "NOT_EXTENDED" | "NETWORK_AUTHENTICATION_REQUIRED") | better_call0.Status;
-          body: ({
-            message?: string;
-            code?: string;
-            cause?: unknown;
-          } & Record<string, any>) | undefined;
-          headers: HeadersInit;
-          statusCode: number;
-          name: string;
-          message: string;
-          stack?: string;
-          cause?: unknown;
-        };
-      } : {
-        status: ("OK" | "CREATED" | "ACCEPTED" | "NO_CONTENT" | "MULTIPLE_CHOICES" | "MOVED_PERMANENTLY" | "FOUND" | "SEE_OTHER" | "NOT_MODIFIED" | "TEMPORARY_REDIRECT" | "BAD_REQUEST" | "UNAUTHORIZED" | "PAYMENT_REQUIRED" | "FORBIDDEN" | "NOT_FOUND" | "METHOD_NOT_ALLOWED" | "NOT_ACCEPTABLE" | "PROXY_AUTHENTICATION_REQUIRED" | "REQUEST_TIMEOUT" | "CONFLICT" | "GONE" | "LENGTH_REQUIRED" | "PRECONDITION_FAILED" | "PAYLOAD_TOO_LARGE" | "URI_TOO_LONG" | "UNSUPPORTED_MEDIA_TYPE" | "RANGE_NOT_SATISFIABLE" | "EXPECTATION_FAILED" | "I'M_A_TEAPOT" | "MISDIRECTED_REQUEST" | "UNPROCESSABLE_ENTITY" | "LOCKED" | "FAILED_DEPENDENCY" | "TOO_EARLY" | "UPGRADE_REQUIRED" | "PRECONDITION_REQUIRED" | "TOO_MANY_REQUESTS" | "REQUEST_HEADER_FIELDS_TOO_LARGE" | "UNAVAILABLE_FOR_LEGAL_REASONS" | "INTERNAL_SERVER_ERROR" | "NOT_IMPLEMENTED" | "BAD_GATEWAY" | "SERVICE_UNAVAILABLE" | "GATEWAY_TIMEOUT" | "HTTP_VERSION_NOT_SUPPORTED" | "VARIANT_ALSO_NEGOTIATES" | "INSUFFICIENT_STORAGE" | "LOOP_DETECTED" | "NOT_EXTENDED" | "NETWORK_AUTHENTICATION_REQUIRED") | better_call0.Status;
-        body: ({
-          message?: string;
-          code?: string;
-          cause?: unknown;
-        } & Record<string, any>) | undefined;
-        headers: HeadersInit;
-        statusCode: number;
-        name: string;
-        message: string;
-        stack?: string;
-        cause?: unknown;
-      }>;
-      options: {
-        method: "GET";
-        query: z.ZodObject<{
-          authorizationURL: z.ZodString;
-        }, z.core.$strip>;
-        metadata: {
-          isAction: boolean;
-        };
-      } & {
-        use: any[];
+    expoAuthorizationProxy: better_call0.StrictEndpoint<"/expo-authorization-proxy", {
+      method: "GET";
+      query: z.ZodObject<{
+        authorizationURL: z.ZodString;
+      }, z.core.$strip>;
+      metadata: {
+        isAction: boolean;
       };
-      path: "/expo-authorization-proxy";
-    };
+    } & {
+      use: any[];
+    }, {
+      status: ("OK" | "CREATED" | "ACCEPTED" | "NO_CONTENT" | "MULTIPLE_CHOICES" | "MOVED_PERMANENTLY" | "FOUND" | "SEE_OTHER" | "NOT_MODIFIED" | "TEMPORARY_REDIRECT" | "BAD_REQUEST" | "UNAUTHORIZED" | "PAYMENT_REQUIRED" | "FORBIDDEN" | "NOT_FOUND" | "METHOD_NOT_ALLOWED" | "NOT_ACCEPTABLE" | "PROXY_AUTHENTICATION_REQUIRED" | "REQUEST_TIMEOUT" | "CONFLICT" | "GONE" | "LENGTH_REQUIRED" | "PRECONDITION_FAILED" | "PAYLOAD_TOO_LARGE" | "URI_TOO_LONG" | "UNSUPPORTED_MEDIA_TYPE" | "RANGE_NOT_SATISFIABLE" | "EXPECTATION_FAILED" | "I'M_A_TEAPOT" | "MISDIRECTED_REQUEST" | "UNPROCESSABLE_ENTITY" | "LOCKED" | "FAILED_DEPENDENCY" | "TOO_EARLY" | "UPGRADE_REQUIRED" | "PRECONDITION_REQUIRED" | "TOO_MANY_REQUESTS" | "REQUEST_HEADER_FIELDS_TOO_LARGE" | "UNAVAILABLE_FOR_LEGAL_REASONS" | "INTERNAL_SERVER_ERROR" | "NOT_IMPLEMENTED" | "BAD_GATEWAY" | "SERVICE_UNAVAILABLE" | "GATEWAY_TIMEOUT" | "HTTP_VERSION_NOT_SUPPORTED" | "VARIANT_ALSO_NEGOTIATES" | "INSUFFICIENT_STORAGE" | "LOOP_DETECTED" | "NOT_EXTENDED" | "NETWORK_AUTHENTICATION_REQUIRED") | better_call0.Status;
+      body: ({
+        message?: string;
+        code?: string;
+        cause?: unknown;
+      } & Record<string, any>) | undefined;
+      headers: HeadersInit;
+      statusCode: number;
+      name: string;
+      message: string;
+      stack?: string;
+      cause?: unknown;
+    }>;
   };
 };
 //#endregion

package/dist/index.js

@@ -1,5 +1,6 @@
-import { APIError, createAuthEndpoint, createAuthMiddleware } from "better-auth/api";
+import { createAuthEndpoint, createAuthMiddleware } from "@better-auth/core/api";
 import { z } from "zod";
+import { APIError } from "better-call";
 
 //#region src/index.ts
 const expo = (options) => {
@@ -21,7 +22,7 @@ const expo = (options) => {
 		},
 		hooks: { after: [{
 			matcher(context) {
-				return context.path?.startsWith("/callback") || context.path?.startsWith("/oauth2/callback");
+				return !!(context.path?.startsWith("/callback") || context.path?.startsWith("/oauth2/callback"));
 			},
 			handler: createAuthMiddleware(async (ctx) => {
 				const headers = ctx.context.responseHeaders;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/expo",
-  "version": "1.4.0-beta.11",
+  "version": "1.4.0-beta.13",
   "type": "module",
   "description": "Better Auth integration for Expo and React Native applications.",
   "main": "dist/index.js",
@@ -13,11 +13,13 @@
   "homepage": "https://www.better-auth.com/docs/integrations/expo",
   "exports": {
     ".": {
+      "better-auth-dev-source": "./src/index.ts",
       "types": "./dist/index.d.ts",
       "import": "./dist/index.js",
       "require": "./dist/index.cjs"
     },
     "./client": {
+      "better-auth-dev-source": "./src/client.ts",
       "types": "./dist/client.d.ts",
       "import": "./dist/client.js",
       "require": "./dist/client.cjs"
@@ -54,8 +56,9 @@
     "expo-secure-store": "~14.2.3",
     "expo-web-browser": "~14.2.0",
     "react-native": "~0.80.2",
-    "tsdown": "^0.15.6",
-    "better-auth": "1.4.0-beta.11"
+    "tsdown": "^0.15.9",
+    "@better-auth/core": "1.4.0-beta.13",
+    "better-auth": "1.4.0-beta.13"
   },
   "peerDependencies": {
     "expo-constants": ">=17.0.0",
@@ -63,10 +66,11 @@
     "expo-linking": ">=7.0.0",
     "expo-secure-store": ">=14.0.0",
     "expo-web-browser": ">=14.0.0",
-    "better-auth": "1.4.0-beta.11"
+    "@better-auth/core": "1.4.0-beta.13"
   },
   "dependencies": {
     "@better-fetch/fetch": "1.1.18",
+    "better-call": "1.0.24",
     "zod": "^4.1.5"
   },
   "files": [