@better-auth/expo 1.5.0-beta.1 → 1.5.0-beta.10

package/LICENSE.md

@@ -1,17 +1,20 @@
 The MIT License (MIT)
 Copyright (c) 2024 - present, Bereket Engida
 
-Permission is hereby granted, free of charge, to any person obtaining a copy of this software
-and associated documentation files (the "Software"), to deal in the Software without restriction,
-including without limitation the rights to use, copy, modify, merge, publish, distribute,
-sublicense, and/or sell copies of the Software, and to permit persons to whom the Software
-is furnished to do so, subject to the following conditions:
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the “Software”), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
 
-The above copyright notice and this permission notice shall be included in all copies or
-substantial portions of the Software.
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
-BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
-DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.

package/README.md

@@ -1,6 +1,8 @@
 # Better Auth Expo Plugin
 
-This plugin integrates Better Auth with Expo, allowing you to easily add authentication to your Expo (React Native) applications. It supports both Expo native and web apps.
+This plugin integrates Better Auth with Expo, allowing you to easily add
+authentication to your Expo (React Native) applications.
+It supports both Expo native and web apps.
 
 ## Installation
 
@@ -20,7 +22,8 @@ pnpm add better-auth @better-auth/expo
 bun add better-auth @better-auth/expo
 ```
 
-You will also need to install `expo-secure-store` for secure session and cookie storage in your Expo app:
+You will also need to install `expo-secure-store` for secure session and cookie
+storage in your Expo app:
 
 ```bash
 npm install expo-secure-store
@@ -36,24 +39,26 @@ bun add expo-secure-store
 
 ### Configure the Better Auth Backend
 
-Ensure you have a Better Auth backend set up. You can follow the main [Installation Guide](https://www.better-auth.com/docs/installation).
+Ensure you have a Better Auth backend set up.
+You can follow the main [Installation Guide][].
 
-Then, add the Expo plugin to your Better Auth server configuration (e.g., in your `auth.ts` or `lib/auth.ts` file):
+Then, add the Expo plugin to your Better Auth server configuration (e.g., in
+your `auth.ts` or `lib/auth.ts` file):
 
 ```typescript
 // lib/auth.ts
-import { betterAuth } from "better-auth";
-import { expo } from "@better-auth/expo"; // Import the server plugin
+import { betterAuth } from 'better-auth';
+import { expo } from '@better-auth/expo'; // Import the server plugin
 
 export const auth = betterAuth({
-    // ...your other Better Auth options
-    baseURL: "http://localhost:8081", // The base URL of your application server where the routes are mounted.
-    plugins: [expo()], // Add the Expo server plugin
-    emailAndPassword: { 
-        enabled: true,
-    },
-    // Add other configurations like trustedOrigins
-    trustedOrigins: ["myapp://"] // Replace "myapp" with your app's scheme
+  // ...your other Better Auth options
+  baseURL: 'http://localhost:8081', // The base URL of your application server where the routes are mounted.
+  plugins: [expo()], // Add the Expo server plugin
+  emailAndPassword: {
+    enabled: true,
+  },
+  // Add other configurations like trustedOrigins
+  trustedOrigins: ['myapp://'], // Replace "myapp" with your app's scheme
 });
 ```
 
@@ -63,33 +68,39 @@ In your Expo app, initialize the client (e.g., in `lib/auth-client.ts`):
 
 ```typescript
 // lib/auth-client.ts
-import { createAuthClient } from "better-auth/react";
-import { expoClient } from "@better-auth/expo/client"; // Import the client plugin
-import * as SecureStore from "expo-secure-store";
+import { createAuthClient } from 'better-auth/react';
+import { expoClient } from '@better-auth/expo/client'; // Import the client plugin
+import * as SecureStore from 'expo-secure-store';
 
 export const authClient = createAuthClient({
-    baseURL: "http://localhost:8081", // Your Better Auth backend URL
-    plugins: [
-        expoClient({
-            scheme: "myapp", // Your app's scheme (defined in app.json)
-            storagePrefix: "myapp", // A prefix for storage keys
-            storage: SecureStore, // Pass SecureStore for token storage
-        })
-    ]
+  baseURL: 'http://localhost:8081', // Your Better Auth backend URL
+  plugins: [
+    expoClient({
+      scheme: 'myapp', // Your app's scheme (defined in app.json)
+      storagePrefix: 'myapp', // A prefix for storage keys
+      storage: SecureStore, // Pass SecureStore for token storage
+    }),
+  ],
 });
 
 // You can also export specific methods if you prefer:
 // export const { signIn, signUp, useSession } = authClient;
 ```
-Make sure your app's scheme (e.g., "myapp") is defined in your `app.json`.
+
+Make sure your app’s scheme (e.g., “myapp”) is defined in your `app.json`.
 
 ## Documentation
 
-For more detailed information and advanced configurations, please refer to the documentation:
+For more detailed information and advanced configurations, please refer to the
+documentation:
 
-- **Main Better Auth Installation:** [https://www.better-auth.com/docs/installation](https://www.better-auth.com/docs/installation)
-- **Expo Integration Guide:** [https://www.better-auth.com/docs/integrations/expo](https://www.better-auth.com/docs/integrations/expo)
+* **Main Better Auth Installation:** [Installation Guide][]
+* **Expo Integration Guide:** [Expo Integration Guide][]
 
 ## License
 
 MIT
+
+[expo integration guide]: https://www.better-auth.com/docs/integrations/expo
+
+[installation guide]: https://www.better-auth.com/docs/installation

package/dist/client.d.mts

@@ -1,4 +1,6 @@
+import { parseSetCookieHeader } from "better-auth/cookies";
 import { FocusManager, OnlineManager } from "better-auth/client";
+import * as expo_web_browser0 from "expo-web-browser";
 import * as _better_fetch_fetch0 from "@better-fetch/fetch";
 import { ClientFetchOption, ClientStore } from "@better-auth/core";
 
@@ -9,17 +11,6 @@ declare function setupExpoFocusManager(): FocusManager;
 declare function setupExpoOnlineManager(): OnlineManager;
 //#endregion
 //#region src/client.d.ts
-interface CookieAttributes {
-  value: string;
-  expires?: Date | undefined;
-  "max-age"?: number | undefined;
-  domain?: string | undefined;
-  path?: string | undefined;
-  secure?: boolean | undefined;
-  httpOnly?: boolean | undefined;
-  sameSite?: ("Strict" | "Lax" | "None") | undefined;
-}
-declare function parseSetCookieHeader(header: string): Map<string, CookieAttributes>;
 interface ExpoClientOptions {
   scheme?: string | undefined;
   storage: {
@@ -42,6 +33,26 @@ interface ExpoClientOptions {
    */
   cookiePrefix?: string | string[] | undefined;
   disableCache?: boolean | undefined;
+  /**
+   * Options to customize the Expo web browser behavior when opening authentication
+   * sessions. These are passed directly to `expo-web-browser`'s
+   * `Browser.openBrowserAsync`.
+   *
+   * For example, on iOS you can use `{ preferEphemeralSession: true }` to prevent
+   * the authentication session from sharing cookies with the user's default
+   * browser session:
+   *
+   * ```ts
+   * const client = createClient({
+   *   expo: {
+   *     webBrowserOptions: {
+   *       preferEphemeralSession: true,
+   *     },
+   *   },
+   * });
+   * ```
+   */
+  webBrowserOptions?: expo_web_browser0.AuthSessionOpenOptions;
 }
 declare function getSetCookie(header: string, prevCookie?: string | undefined): string;
 declare function getCookie(cookie: string): string;
@@ -112,6 +123,7 @@ declare const expoClient: (opts: ExpoClientOptions) => {
         authorization: "Bearer" | "Basic";
       })) | undefined;
       redirect?: RequestRedirect | undefined;
+      window?: null | undefined;
       cache?: RequestCache | undefined;
       credentials?: RequestCredentials | undefined;
       integrity?: string | undefined;
@@ -121,7 +133,6 @@ declare const expoClient: (opts: ExpoClientOptions) => {
       referrer?: string | undefined;
       referrerPolicy?: ReferrerPolicy | undefined;
       signal?: (AbortSignal | null) | undefined;
-      window?: null | undefined;
       onRequest?: (<T extends Record<string, any>>(context: _better_fetch_fetch0.RequestContext<T>) => Promise<_better_fetch_fetch0.RequestContext | void> | _better_fetch_fetch0.RequestContext | void) | undefined;
       onResponse?: ((context: _better_fetch_fetch0.ResponseContext) => Promise<Response | void | _better_fetch_fetch0.ResponseContext> | Response | _better_fetch_fetch0.ResponseContext | void) | undefined;
       onSuccess?: ((context: _better_fetch_fetch0.SuccessContext<any>) => Promise<void> | void) | undefined;
@@ -164,4 +175,5 @@ declare const expoClient: (opts: ExpoClientOptions) => {
   }[];
 };
 //#endregion
-export { expoClient, getCookie, getSetCookie, hasBetterAuthCookies, normalizeCookieName, parseSetCookieHeader, setupExpoFocusManager, setupExpoOnlineManager, storageAdapter };
+export { expoClient, getCookie, getSetCookie, hasBetterAuthCookies, normalizeCookieName, parseSetCookieHeader, setupExpoFocusManager, setupExpoOnlineManager, storageAdapter };
+//# sourceMappingURL=client.d.mts.map

package/dist/client.mjs

@@ -1,3 +1,5 @@
+import { safeJSONParse } from "@better-auth/core/utils/json";
+import { SECURE_COOKIE_PREFIX, parseSetCookieHeader, parseSetCookieHeader as parseSetCookieHeader$1, stripSecureCookiePrefix } from "better-auth/cookies";
 import Constants from "expo-constants";
 import * as Linking from "expo-linking";
 import { AppState, Platform } from "react-native";
@@ -7,6 +9,7 @@ import { kFocusManager, kOnlineManager } from "better-auth/client";
 var ExpoFocusManager = class {
 	listeners = /* @__PURE__ */ new Set();
 	subscription;
+	isFocused;
 	subscribe(listener) {
 		this.listeners.add(listener);
 		return () => {
@@ -14,6 +17,8 @@ var ExpoFocusManager = class {
 		};
 	}
 	setFocused(focused) {
+		if (this.isFocused === focused) return;
+		this.isFocused = focused;
 		this.listeners.forEach((listener) => listener(focused));
 	}
 	setup() {
@@ -43,6 +48,7 @@ var ExpoOnlineManager = class {
 		};
 	}
 	setOnline(online) {
+		if (this.isOnline === online) return;
 		this.isOnline = online;
 		this.listeners.forEach((listener) => listener(online));
 	}
@@ -71,52 +77,8 @@ if (Platform.OS !== "web") {
 	setupExpoFocusManager();
 	setupExpoOnlineManager();
 }
-function parseSetCookieHeader(header) {
-	const cookieMap = /* @__PURE__ */ new Map();
-	splitSetCookieHeader(header).forEach((cookie) => {
-		const [nameValue, ...attributes] = cookie.split(";").map((p) => p.trim());
-		const [name, ...valueParts] = nameValue.split("=");
-		const cookieObj = { value: valueParts.join("=") };
-		attributes.forEach((attr) => {
-			const [attrName, ...attrValueParts] = attr.split("=");
-			const attrValue = attrValueParts.join("=");
-			cookieObj[attrName.toLowerCase()] = attrValue;
-		});
-		cookieMap.set(name, cookieObj);
-	});
-	return cookieMap;
-}
-function splitSetCookieHeader(setCookie) {
-	const parts = [];
-	let buffer = "";
-	let i = 0;
-	while (i < setCookie.length) {
-		const char = setCookie[i];
-		if (char === ",") {
-			const recent = buffer.toLowerCase();
-			const hasExpires = recent.includes("expires=");
-			const hasGmt = /gmt/i.test(recent);
-			if (hasExpires && !hasGmt) {
-				buffer += char;
-				i += 1;
-				continue;
-			}
-			if (buffer.trim().length > 0) {
-				parts.push(buffer.trim());
-				buffer = "";
-			}
-			i += 1;
-			if (setCookie[i] === " ") i += 1;
-			continue;
-		}
-		buffer += char;
-		i += 1;
-	}
-	if (buffer.trim().length > 0) parts.push(buffer.trim());
-	return parts;
-}
 function getSetCookie(header, prevCookie) {
-	const parsed = parseSetCookieHeader(header);
+	const parsed = parseSetCookieHeader$1(header);
 	let toSetCookie = {};
 	parsed.forEach((cookie, key) => {
 		const expiresAt = cookie["expires"];
@@ -145,6 +107,20 @@ function getCookie(cookie) {
 		return `${acc}; ${key}=${value.value}`;
 	}, "");
 }
+function getOAuthStateValue(cookieJson, cookiePrefix) {
+	if (!cookieJson) return null;
+	const parsed = safeJSONParse(cookieJson);
+	if (!parsed) return null;
+	const prefixes = Array.isArray(cookiePrefix) ? cookiePrefix : [cookiePrefix];
+	for (const prefix of prefixes) {
+		const candidates = [`${SECURE_COOKIE_PREFIX}${prefix}.oauth_state`, `${prefix}.oauth_state`];
+		for (const name of candidates) {
+			const value = parsed?.[name]?.value;
+			if (value) return value;
+		}
+	}
+	return null;
+}
 function getOrigin(scheme) {
 	return Linking.createURL("", { scheme });
 }
@@ -190,11 +166,11 @@ function hasSessionCookieChanged(prevCookie, newCookie) {
 * @returns true if the header contains better-auth cookies, false otherwise
 */
 function hasBetterAuthCookies(setCookieHeader, cookiePrefix) {
-	const cookies = parseSetCookieHeader(setCookieHeader);
+	const cookies = parseSetCookieHeader$1(setCookieHeader);
 	const cookieSuffixes = ["session_token", "session_data"];
 	const prefixes = Array.isArray(cookiePrefix) ? cookiePrefix : [cookiePrefix];
 	for (const name of cookies.keys()) {
-		const nameWithoutSecure = name.startsWith("__Secure-") ? name.slice(9) : name;
+		const nameWithoutSecure = stripSecureCookiePrefix(name);
 		for (const prefix of prefixes) if (prefix) {
 			if (nameWithoutSecure.startsWith(prefix)) return true;
 		} else for (const suffix of cookieSuffixes) if (nameWithoutSecure.endsWith(suffix)) return true;
@@ -250,12 +226,12 @@ const expoClient = (opts) => {
 				const setCookie = context.response.headers.get("set-cookie");
 				if (setCookie) {
 					if (hasBetterAuthCookies(setCookie, cookiePrefix)) {
-						const prevCookie = await storage.getItem(cookieName);
+						const prevCookie = storage.getItem(cookieName);
 						const toSetCookie = getSetCookie(setCookie || "", prevCookie ?? void 0);
 						if (hasSessionCookieChanged(prevCookie, toSetCookie)) {
 							storage.setItem(cookieName, toSetCookie);
 							store?.notify("$sessionSignal");
-						} else await storage.setItem(cookieName, toSetCookie);
+						} else storage.setItem(cookieName, toSetCookie);
 					}
 				}
 				if (context.request.url.toString().includes("/get-session") && !opts?.disableCache) {
@@ -274,13 +250,15 @@ const expoClient = (opts) => {
 					if (Platform.OS === "android") try {
 						Browser.dismissAuthSession();
 					} catch {}
-					const proxyURL = `${context.request.baseURL}/expo-authorization-proxy?authorizationURL=${encodeURIComponent(signInURL)}`;
-					const result = await Browser.openAuthSessionAsync(proxyURL, to);
+					const oauthStateValue = getOAuthStateValue(storage.getItem(cookieName), cookiePrefix);
+					const params = new URLSearchParams({ authorizationURL: signInURL });
+					if (oauthStateValue) params.append("oauthState", oauthStateValue);
+					const proxyURL = `${context.request.baseURL}/expo-authorization-proxy?${params.toString()}`;
+					const result = await Browser.openAuthSessionAsync(proxyURL, to, opts?.webBrowserOptions);
 					if (result.type !== "success") return;
-					const url = new URL(result.url);
-					const cookie = String(url.searchParams.get("cookie"));
+					const cookie = new URL(result.url).searchParams.get("cookie");
 					if (!cookie) return;
-					const toSetCookie = getSetCookie(cookie, await storage.getItem(cookieName) ?? void 0);
+					const toSetCookie = getSetCookie(cookie, storage.getItem(cookieName) ?? void 0);
 					storage.setItem(cookieName, toSetCookie);
 					store?.notify("$sessionSignal");
 				}
@@ -301,24 +279,24 @@ const expoClient = (opts) => {
 				};
 				if (options.body?.callbackURL) {
 					if (options.body.callbackURL.startsWith("/")) {
-						const url$1 = Linking.createURL(options.body.callbackURL, { scheme });
-						options.body.callbackURL = url$1;
+						const url = Linking.createURL(options.body.callbackURL, { scheme });
+						options.body.callbackURL = url;
 					}
 				}
 				if (options.body?.newUserCallbackURL) {
 					if (options.body.newUserCallbackURL.startsWith("/")) {
-						const url$1 = Linking.createURL(options.body.newUserCallbackURL, { scheme });
-						options.body.newUserCallbackURL = url$1;
+						const url = Linking.createURL(options.body.newUserCallbackURL, { scheme });
+						options.body.newUserCallbackURL = url;
 					}
 				}
 				if (options.body?.errorCallbackURL) {
 					if (options.body.errorCallbackURL.startsWith("/")) {
-						const url$1 = Linking.createURL(options.body.errorCallbackURL, { scheme });
-						options.body.errorCallbackURL = url$1;
+						const url = Linking.createURL(options.body.errorCallbackURL, { scheme });
+						options.body.errorCallbackURL = url;
 					}
 				}
 				if (url.includes("/sign-out")) {
-					await storage.setItem(cookieName, "{}");
+					storage.setItem(cookieName, "{}");
 					store?.atoms.session?.set({
 						...store.atoms.session.get(),
 						data: null,
@@ -337,4 +315,5 @@ const expoClient = (opts) => {
 };
 
 //#endregion
-export { expoClient, getCookie, getSetCookie, hasBetterAuthCookies, normalizeCookieName, parseSetCookieHeader, setupExpoFocusManager, setupExpoOnlineManager, storageAdapter };
+export { expoClient, getCookie, getSetCookie, hasBetterAuthCookies, normalizeCookieName, parseSetCookieHeader, setupExpoFocusManager, setupExpoOnlineManager, storageAdapter };
+//# sourceMappingURL=client.mjs.map

package/dist/client.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.mjs","names":["parseSetCookieHeader"],"sources":["../src/focus-manager.ts","../src/online-manager.ts","../src/client.ts"],"sourcesContent":["import type { FocusListener, FocusManager } from \"better-auth/client\";\nimport { kFocusManager } from \"better-auth/client\";\nimport type { AppStateStatus } from \"react-native\";\nimport { AppState } from \"react-native\";\n\nclass ExpoFocusManager implements FocusManager {\n\tlisteners = new Set<FocusListener>();\n\tsubscription?: ReturnType<typeof AppState.addEventListener>;\n\tisFocused: boolean | undefined;\n\n\tsubscribe(listener: FocusListener) {\n\t\tthis.listeners.add(listener);\n\t\treturn () => {\n\t\t\tthis.listeners.delete(listener);\n\t\t};\n\t}\n\n\tsetFocused(focused: boolean) {\n\t\tif (this.isFocused === focused) return;\n\t\tthis.isFocused = focused;\n\t\tthis.listeners.forEach((listener) => listener(focused));\n\t}\n\n\tsetup() {\n\t\tthis.subscription = AppState.addEventListener(\n\t\t\t\"change\",\n\t\t\t(state: AppStateStatus) => {\n\t\t\t\tthis.setFocused(state === \"active\");\n\t\t\t},\n\t\t);\n\n\t\treturn () => {\n\t\t\tthis.subscription?.remove();\n\t\t};\n\t}\n}\n\nexport function setupExpoFocusManager() {\n\tif (!(globalThis as any)[kFocusManager]) {\n\t\t(globalThis as any)[kFocusManager] = new ExpoFocusManager();\n\t}\n\treturn (globalThis as any)[kFocusManager] as FocusManager;\n}\n","import type { OnlineListener, OnlineManager } from \"better-auth/client\";\nimport { kOnlineManager } from \"better-auth/client\";\n\nclass ExpoOnlineManager implements OnlineManager {\n\tlisteners = new Set<OnlineListener>();\n\tisOnline = true;\n\tunsubscribe?: () => void;\n\n\tsubscribe(listener: OnlineListener) {\n\t\tthis.listeners.add(listener);\n\t\treturn () => {\n\t\t\tthis.listeners.delete(listener);\n\t\t};\n\t}\n\n\tsetOnline(online: boolean) {\n\t\tif (this.isOnline === online) return;\n\t\tthis.isOnline = online;\n\t\tthis.listeners.forEach((listener) => listener(online));\n\t}\n\n\tsetup() {\n\t\timport(\"expo-network\")\n\t\t\t.then(({ addNetworkStateListener }) => {\n\t\t\t\tconst subscription = addNetworkStateListener((state) => {\n\t\t\t\t\tthis.setOnline(!!state.isInternetReachable);\n\t\t\t\t});\n\t\t\t\tthis.unsubscribe = () => subscription.remove();\n\t\t\t})\n\t\t\t.catch(() => {\n\t\t\t\t// fallback to always online\n\t\t\t\tthis.setOnline(true);\n\t\t\t});\n\n\t\treturn () => {\n\t\t\tthis.unsubscribe?.();\n\t\t};\n\t}\n}\n\nexport function setupExpoOnlineManager() {\n\tif (!(globalThis as any)[kOnlineManager]) {\n\t\t(globalThis as any)[kOnlineManager] = new ExpoOnlineManager();\n\t}\n\treturn (globalThis as any)[kOnlineManager] as OnlineManager;\n}\n","import type {\n\tBetterAuthClientPlugin,\n\tClientFetchOption,\n\tClientStore,\n} from \"@better-auth/core\";\nimport { safeJSONParse } from \"@better-auth/core/utils/json\";\nimport {\n\tparseSetCookieHeader,\n\tSECURE_COOKIE_PREFIX,\n\tstripSecureCookiePrefix,\n} from \"better-auth/cookies\";\nimport Constants from \"expo-constants\";\nimport * as Linking from \"expo-linking\";\nimport { Platform } from \"react-native\";\nimport { setupExpoFocusManager } from \"./focus-manager\";\nimport { setupExpoOnlineManager } from \"./online-manager\";\n\nif (Platform.OS !== \"web\") {\n\tsetupExpoFocusManager();\n\tsetupExpoOnlineManager();\n}\n\ninterface ExpoClientOptions {\n\tscheme?: string | undefined;\n\tstorage: {\n\t\tsetItem: (key: string, value: string) => any;\n\t\tgetItem: (key: string) => string | null;\n\t};\n\t/**\n\t * Prefix for local storage keys (e.g., \"my-app_cookie\", \"my-app_session_data\")\n\t * @default \"better-auth\"\n\t */\n\tstoragePrefix?: string | undefined;\n\t/**\n\t * Prefix(es) for server cookie names to filter (e.g., \"better-auth.session_token\")\n\t * This is used to identify which cookies belong to better-auth to prevent\n\t * infinite refetching when third-party cookies are set.\n\t * Can be a single string or an array of strings to match multiple prefixes.\n\t * @default \"better-auth\"\n\t * @example \"better-auth\"\n\t * @example [\"better-auth\", \"my-app\"]\n\t */\n\tcookiePrefix?: string | string[] | undefined;\n\tdisableCache?: boolean | undefined;\n\t/**\n\t * Options to customize the Expo web browser behavior when opening authentication\n\t * sessions. These are passed directly to `expo-web-browser`'s\n\t * `Browser.openBrowserAsync`.\n\t *\n\t * For example, on iOS you can use `{ preferEphemeralSession: true }` to prevent\n\t * the authentication session from sharing cookies with the user's default\n\t * browser session:\n\t *\n\t * ```ts\n\t * const client = createClient({\n\t *   expo: {\n\t *     webBrowserOptions: {\n\t *       preferEphemeralSession: true,\n\t *     },\n\t *   },\n\t * });\n\t * ```\n\t */\n\twebBrowserOptions?: import(\"expo-web-browser\").AuthSessionOpenOptions;\n}\n\ninterface StoredCookie {\n\tvalue: string;\n\texpires: string | null;\n}\n\nexport function getSetCookie(header: string, prevCookie?: string | undefined) {\n\tconst parsed = parseSetCookieHeader(header);\n\tlet toSetCookie: Record<string, StoredCookie> = {};\n\tparsed.forEach((cookie, key) => {\n\t\tconst expiresAt = cookie[\"expires\"];\n\t\tconst maxAge = cookie[\"max-age\"];\n\t\tconst expires = maxAge\n\t\t\t? new Date(Date.now() + Number(maxAge) * 1000)\n\t\t\t: expiresAt\n\t\t\t\t? new Date(String(expiresAt))\n\t\t\t\t: null;\n\t\ttoSetCookie[key] = {\n\t\t\tvalue: cookie[\"value\"],\n\t\t\texpires: expires ? expires.toISOString() : null,\n\t\t};\n\t});\n\tif (prevCookie) {\n\t\ttry {\n\t\t\tconst prevCookieParsed = JSON.parse(prevCookie);\n\t\t\ttoSetCookie = {\n\t\t\t\t...prevCookieParsed,\n\t\t\t\t...toSetCookie,\n\t\t\t};\n\t\t} catch {\n\t\t\t//\n\t\t}\n\t}\n\treturn JSON.stringify(toSetCookie);\n}\n\nexport function getCookie(cookie: string) {\n\tlet parsed = {} as Record<string, StoredCookie>;\n\ttry {\n\t\tparsed = JSON.parse(cookie) as Record<string, StoredCookie>;\n\t} catch {}\n\tconst toSend = Object.entries(parsed).reduce((acc, [key, value]) => {\n\t\tif (value.expires && new Date(value.expires) < new Date()) {\n\t\t\treturn acc;\n\t\t}\n\t\treturn `${acc}; ${key}=${value.value}`;\n\t}, \"\");\n\treturn toSend;\n}\n\nfunction getOAuthStateValue(\n\tcookieJson: string | null,\n\tcookiePrefix: string | string[],\n): string | null {\n\tif (!cookieJson) return null;\n\n\tconst parsed = safeJSONParse<Record<string, StoredCookie>>(cookieJson);\n\tif (!parsed) return null;\n\n\tconst prefixes = Array.isArray(cookiePrefix) ? cookiePrefix : [cookiePrefix];\n\n\tfor (const prefix of prefixes) {\n\t\t// cookie strategy uses: <prefix>.oauth_state\n\t\tconst candidates = [\n\t\t\t`${SECURE_COOKIE_PREFIX}${prefix}.oauth_state`,\n\t\t\t`${prefix}.oauth_state`,\n\t\t];\n\n\t\tfor (const name of candidates) {\n\t\t\tconst value = parsed?.[name]?.value;\n\t\t\tif (value) return value;\n\t\t}\n\t}\n\n\treturn null;\n}\n\nfunction getOrigin(scheme: string) {\n\tconst schemeURI = Linking.createURL(\"\", { scheme });\n\treturn schemeURI;\n}\n\n/**\n * Compare if session cookies have actually changed by comparing their values.\n * Ignores expiry timestamps that naturally change on each request.\n *\n * @param prevCookie - Previous cookie JSON string\n * @param newCookie - New cookie JSON string\n * @returns true if session cookies have changed, false otherwise\n */\nfunction hasSessionCookieChanged(\n\tprevCookie: string | null,\n\tnewCookie: string,\n): boolean {\n\tif (!prevCookie) return true;\n\n\ttry {\n\t\tconst prev = JSON.parse(prevCookie) as Record<string, StoredCookie>;\n\t\tconst next = JSON.parse(newCookie) as Record<string, StoredCookie>;\n\n\t\t// Get all session-related cookie keys (session_token, session_data)\n\t\tconst sessionKeys = new Set<string>();\n\t\tObject.keys(prev).forEach((key) => {\n\t\t\tif (key.includes(\"session_token\") || key.includes(\"session_data\")) {\n\t\t\t\tsessionKeys.add(key);\n\t\t\t}\n\t\t});\n\t\tObject.keys(next).forEach((key) => {\n\t\t\tif (key.includes(\"session_token\") || key.includes(\"session_data\")) {\n\t\t\t\tsessionKeys.add(key);\n\t\t\t}\n\t\t});\n\n\t\t// Compare the values of session cookies (ignore expires timestamps)\n\t\tfor (const key of sessionKeys) {\n\t\t\tconst prevValue = prev[key]?.value;\n\t\t\tconst nextValue = next[key]?.value;\n\t\t\tif (prevValue !== nextValue) {\n\t\t\t\treturn true;\n\t\t\t}\n\t\t}\n\n\t\treturn false;\n\t} catch {\n\t\t// If parsing fails, assume cookie changed\n\t\treturn true;\n\t}\n}\n\n/**\n * Check if the Set-Cookie header contains better-auth cookies.\n * This prevents infinite refetching when non-better-auth cookies (like third-party cookies) change.\n *\n * Supports multiple cookie naming patterns:\n * - Default: \"better-auth.session_token\", \"better-auth-passkey\", \"__Secure-better-auth.session_token\"\n * - Custom prefix: \"myapp.session_token\", \"myapp-passkey\", \"__Secure-myapp.session_token\"\n * - Custom full names: \"my_custom_session_token\", \"custom_session_data\"\n * - No prefix (cookiePrefix=\"\"): matches any cookie with known suffixes\n * - Multiple prefixes: [\"better-auth\", \"my-app\"] matches cookies starting with any of the prefixes\n *\n * @param setCookieHeader - The Set-Cookie header value\n * @param cookiePrefix - The cookie prefix(es) to check for. Can be a string, array of strings, or empty string.\n * @returns true if the header contains better-auth cookies, false otherwise\n */\nexport function hasBetterAuthCookies(\n\tsetCookieHeader: string,\n\tcookiePrefix: string | string[],\n): boolean {\n\tconst cookies = parseSetCookieHeader(setCookieHeader);\n\tconst cookieSuffixes = [\"session_token\", \"session_data\"];\n\tconst prefixes = Array.isArray(cookiePrefix) ? cookiePrefix : [cookiePrefix];\n\n\t// Check if any cookie is a better-auth cookie\n\tfor (const name of cookies.keys()) {\n\t\t// Remove __Secure- prefix if present for comparison\n\t\tconst nameWithoutSecure = stripSecureCookiePrefix(name);\n\n\t\t// Check against all provided prefixes\n\t\tfor (const prefix of prefixes) {\n\t\t\tif (prefix) {\n\t\t\t\t// When prefix is provided, check if cookie starts with the prefix\n\t\t\t\t// This matches all better-auth cookies including session cookies, passkey cookies, etc.\n\t\t\t\tif (nameWithoutSecure.startsWith(prefix)) {\n\t\t\t\t\treturn true;\n\t\t\t\t}\n\t\t\t} else {\n\t\t\t\t// When prefix is empty, check for common better-auth cookie patterns\n\t\t\t\tfor (const suffix of cookieSuffixes) {\n\t\t\t\t\tif (nameWithoutSecure.endsWith(suffix)) {\n\t\t\t\t\t\treturn true;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n\treturn false;\n}\n\n/**\n * Expo secure store does not support colons in the keys.\n * This function replaces colons with underscores.\n *\n * @see https://github.com/better-auth/better-auth/issues/5426\n *\n * @param name cookie name to be saved in the storage\n * @returns normalized cookie name\n */\nexport function normalizeCookieName(name: string) {\n\treturn name.replace(/:/g, \"_\");\n}\n\nexport function storageAdapter(storage: {\n\tgetItem: (name: string) => string | null;\n\tsetItem: (name: string, value: string) => void;\n}) {\n\treturn {\n\t\tgetItem: (name: string) => {\n\t\t\treturn storage.getItem(normalizeCookieName(name));\n\t\t},\n\t\tsetItem: (name: string, value: string) => {\n\t\t\treturn storage.setItem(normalizeCookieName(name), value);\n\t\t},\n\t};\n}\n\nexport const expoClient = (opts: ExpoClientOptions) => {\n\tlet store: ClientStore | null = null;\n\tconst storagePrefix = opts?.storagePrefix || \"better-auth\";\n\tconst cookieName = `${storagePrefix}_cookie`;\n\tconst localCacheName = `${storagePrefix}_session_data`;\n\tconst storage = storageAdapter(opts?.storage);\n\tconst isWeb = Platform.OS === \"web\";\n\tconst cookiePrefix = opts?.cookiePrefix || \"better-auth\";\n\n\tconst rawScheme =\n\t\topts?.scheme || Constants.expoConfig?.scheme || Constants.platform?.scheme;\n\tconst scheme = Array.isArray(rawScheme) ? rawScheme[0] : rawScheme;\n\n\tif (!scheme && !isWeb) {\n\t\tthrow new Error(\n\t\t\t\"Scheme not found in app.json. Please provide a scheme in the options.\",\n\t\t);\n\t}\n\treturn {\n\t\tid: \"expo\",\n\t\tgetActions(_, $store) {\n\t\t\tstore = $store;\n\t\t\treturn {\n\t\t\t\t/**\n\t\t\t\t * Get the stored cookie.\n\t\t\t\t *\n\t\t\t\t * You can use this to get the cookie stored in the device and use it in your fetch\n\t\t\t\t * requests.\n\t\t\t\t *\n\t\t\t\t * @example\n\t\t\t\t * ```ts\n\t\t\t\t * const cookie = client.getCookie();\n\t\t\t\t * fetch(\"https://api.example.com\", {\n\t\t\t\t * \theaders: {\n\t\t\t\t * \t\tcookie,\n\t\t\t\t * \t},\n\t\t\t\t * });\n\t\t\t\t */\n\t\t\t\tgetCookie: () => {\n\t\t\t\t\tconst cookie = storage.getItem(cookieName);\n\t\t\t\t\treturn getCookie(cookie || \"{}\");\n\t\t\t\t},\n\t\t\t};\n\t\t},\n\t\tfetchPlugins: [\n\t\t\t{\n\t\t\t\tid: \"expo\",\n\t\t\t\tname: \"Expo\",\n\t\t\t\thooks: {\n\t\t\t\t\tasync onSuccess(context) {\n\t\t\t\t\t\tif (isWeb) return;\n\t\t\t\t\t\tconst setCookie = context.response.headers.get(\"set-cookie\");\n\t\t\t\t\t\tif (setCookie) {\n\t\t\t\t\t\t\t// Only process and notify if the Set-Cookie header contains better-auth cookies\n\t\t\t\t\t\t\t// This prevents infinite refetching when other cookies (like Cloudflare's __cf_bm) are present\n\t\t\t\t\t\t\tif (hasBetterAuthCookies(setCookie, cookiePrefix)) {\n\t\t\t\t\t\t\t\tconst prevCookie = storage.getItem(cookieName);\n\t\t\t\t\t\t\t\tconst toSetCookie = getSetCookie(\n\t\t\t\t\t\t\t\t\tsetCookie || \"\",\n\t\t\t\t\t\t\t\t\tprevCookie ?? undefined,\n\t\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\t\t// Only notify $sessionSignal if the session cookie values actually changed\n\t\t\t\t\t\t\t\t// This prevents infinite refetching when the server sends the same cookie with updated expiry\n\t\t\t\t\t\t\t\tif (hasSessionCookieChanged(prevCookie, toSetCookie)) {\n\t\t\t\t\t\t\t\t\tstorage.setItem(cookieName, toSetCookie);\n\t\t\t\t\t\t\t\t\tstore?.notify(\"$sessionSignal\");\n\t\t\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\t\t\t// Still update the storage to refresh expiry times, but don't trigger refetch\n\t\t\t\t\t\t\t\t\tstorage.setItem(cookieName, toSetCookie);\n\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\tif (\n\t\t\t\t\t\t\tcontext.request.url.toString().includes(\"/get-session\") &&\n\t\t\t\t\t\t\t!opts?.disableCache\n\t\t\t\t\t\t) {\n\t\t\t\t\t\t\tconst data = context.data;\n\t\t\t\t\t\t\tstorage.setItem(localCacheName, JSON.stringify(data));\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\tif (\n\t\t\t\t\t\t\tcontext.data?.redirect &&\n\t\t\t\t\t\t\t(context.request.url.toString().includes(\"/sign-in\") ||\n\t\t\t\t\t\t\t\tcontext.request.url.toString().includes(\"/link-social\")) &&\n\t\t\t\t\t\t\t!context.request?.body.includes(\"idToken\") // id token is used for silent sign-in\n\t\t\t\t\t\t) {\n\t\t\t\t\t\t\tconst callbackURL = JSON.parse(context.request.body)?.callbackURL;\n\t\t\t\t\t\t\tconst to = callbackURL;\n\t\t\t\t\t\t\tconst signInURL = context.data?.url;\n\t\t\t\t\t\t\tlet Browser: typeof import(\"expo-web-browser\") | undefined =\n\t\t\t\t\t\t\t\tundefined;\n\t\t\t\t\t\t\ttry {\n\t\t\t\t\t\t\t\tBrowser = await import(\"expo-web-browser\");\n\t\t\t\t\t\t\t} catch (error) {\n\t\t\t\t\t\t\t\tthrow new Error(\n\t\t\t\t\t\t\t\t\t'\"expo-web-browser\" is not installed as a dependency!',\n\t\t\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\t\t\tcause: error,\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\t}\n\n\t\t\t\t\t\t\tif (Platform.OS === \"android\") {\n\t\t\t\t\t\t\t\ttry {\n\t\t\t\t\t\t\t\t\tBrowser.dismissAuthSession();\n\t\t\t\t\t\t\t\t} catch {}\n\t\t\t\t\t\t\t}\n\n\t\t\t\t\t\t\tconst storedCookieJson = storage.getItem(cookieName);\n\t\t\t\t\t\t\tconst oauthStateValue = getOAuthStateValue(\n\t\t\t\t\t\t\t\tstoredCookieJson,\n\t\t\t\t\t\t\t\tcookiePrefix,\n\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\tconst params = new URLSearchParams({\n\t\t\t\t\t\t\t\tauthorizationURL: signInURL,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\tif (oauthStateValue) {\n\t\t\t\t\t\t\t\tparams.append(\"oauthState\", oauthStateValue);\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\tconst proxyURL = `${context.request.baseURL}/expo-authorization-proxy?${params.toString()}`;\n\t\t\t\t\t\t\tconst result = await Browser.openAuthSessionAsync(\n\t\t\t\t\t\t\t\tproxyURL,\n\t\t\t\t\t\t\t\tto,\n\t\t\t\t\t\t\t\topts?.webBrowserOptions,\n\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\tif (result.type !== \"success\") return;\n\t\t\t\t\t\t\tconst url = new URL(result.url);\n\t\t\t\t\t\t\tconst cookie = url.searchParams.get(\"cookie\");\n\t\t\t\t\t\t\tif (!cookie) return;\n\t\t\t\t\t\t\tconst prevCookie = storage.getItem(cookieName);\n\t\t\t\t\t\t\tconst toSetCookie = getSetCookie(cookie, prevCookie ?? undefined);\n\t\t\t\t\t\t\tstorage.setItem(cookieName, toSetCookie);\n\t\t\t\t\t\t\tstore?.notify(\"$sessionSignal\");\n\t\t\t\t\t\t}\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tasync init(url, options) {\n\t\t\t\t\tif (isWeb) {\n\t\t\t\t\t\treturn {\n\t\t\t\t\t\t\turl,\n\t\t\t\t\t\t\toptions: options as ClientFetchOption,\n\t\t\t\t\t\t};\n\t\t\t\t\t}\n\t\t\t\t\toptions = options || {};\n\t\t\t\t\tconst storedCookie = storage.getItem(cookieName);\n\t\t\t\t\tconst cookie = getCookie(storedCookie || \"{}\");\n\t\t\t\t\toptions.credentials = \"omit\";\n\t\t\t\t\toptions.headers = {\n\t\t\t\t\t\t...options.headers,\n\t\t\t\t\t\tcookie,\n\t\t\t\t\t\t\"expo-origin\": getOrigin(scheme!),\n\t\t\t\t\t\t\"x-skip-oauth-proxy\": \"true\", // skip oauth proxy for expo\n\t\t\t\t\t};\n\t\t\t\t\tif (options.body?.callbackURL) {\n\t\t\t\t\t\tif (options.body.callbackURL.startsWith(\"/\")) {\n\t\t\t\t\t\t\tconst url = Linking.createURL(options.body.callbackURL, {\n\t\t\t\t\t\t\t\tscheme,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\toptions.body.callbackURL = url;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (options.body?.newUserCallbackURL) {\n\t\t\t\t\t\tif (options.body.newUserCallbackURL.startsWith(\"/\")) {\n\t\t\t\t\t\t\tconst url = Linking.createURL(options.body.newUserCallbackURL, {\n\t\t\t\t\t\t\t\tscheme,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\toptions.body.newUserCallbackURL = url;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (options.body?.errorCallbackURL) {\n\t\t\t\t\t\tif (options.body.errorCallbackURL.startsWith(\"/\")) {\n\t\t\t\t\t\t\tconst url = Linking.createURL(options.body.errorCallbackURL, {\n\t\t\t\t\t\t\t\tscheme,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\toptions.body.errorCallbackURL = url;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (url.includes(\"/sign-out\")) {\n\t\t\t\t\t\tstorage.setItem(cookieName, \"{}\");\n\t\t\t\t\t\tstore?.atoms.session?.set({\n\t\t\t\t\t\t\t...store.atoms.session.get(),\n\t\t\t\t\t\t\tdata: null,\n\t\t\t\t\t\t\terror: null,\n\t\t\t\t\t\t\tisPending: false,\n\t\t\t\t\t\t});\n\t\t\t\t\t\tstorage.setItem(localCacheName, \"{}\");\n\t\t\t\t\t}\n\t\t\t\t\treturn {\n\t\t\t\t\t\turl,\n\t\t\t\t\t\toptions: options as ClientFetchOption,\n\t\t\t\t\t};\n\t\t\t\t},\n\t\t\t},\n\t\t],\n\t} satisfies BetterAuthClientPlugin;\n};\n\nexport { parseSetCookieHeader } from \"better-auth/cookies\";\nexport * from \"./focus-manager\";\nexport * from \"./online-manager\";\n"],"mappings":";;;;;;;;AAKA,IAAM,mBAAN,MAA+C;CAC9C,4BAAY,IAAI,KAAoB;CACpC;CACA;CAEA,UAAU,UAAyB;AAClC,OAAK,UAAU,IAAI,SAAS;AAC5B,eAAa;AACZ,QAAK,UAAU,OAAO,SAAS;;;CAIjC,WAAW,SAAkB;AAC5B,MAAI,KAAK,cAAc,QAAS;AAChC,OAAK,YAAY;AACjB,OAAK,UAAU,SAAS,aAAa,SAAS,QAAQ,CAAC;;CAGxD,QAAQ;AACP,OAAK,eAAe,SAAS,iBAC5B,WACC,UAA0B;AAC1B,QAAK,WAAW,UAAU,SAAS;IAEpC;AAED,eAAa;AACZ,QAAK,cAAc,QAAQ;;;;AAK9B,SAAgB,wBAAwB;AACvC,KAAI,CAAE,WAAmB,eACxB,CAAC,WAAmB,iBAAiB,IAAI,kBAAkB;AAE5D,QAAQ,WAAmB;;;;;ACtC5B,IAAM,oBAAN,MAAiD;CAChD,4BAAY,IAAI,KAAqB;CACrC,WAAW;CACX;CAEA,UAAU,UAA0B;AACnC,OAAK,UAAU,IAAI,SAAS;AAC5B,eAAa;AACZ,QAAK,UAAU,OAAO,SAAS;;;CAIjC,UAAU,QAAiB;AAC1B,MAAI,KAAK,aAAa,OAAQ;AAC9B,OAAK,WAAW;AAChB,OAAK,UAAU,SAAS,aAAa,SAAS,OAAO,CAAC;;CAGvD,QAAQ;AACP,SAAO,gBACL,MAAM,EAAE,8BAA8B;GACtC,MAAM,eAAe,yBAAyB,UAAU;AACvD,SAAK,UAAU,CAAC,CAAC,MAAM,oBAAoB;KAC1C;AACF,QAAK,oBAAoB,aAAa,QAAQ;IAC7C,CACD,YAAY;AAEZ,QAAK,UAAU,KAAK;IACnB;AAEH,eAAa;AACZ,QAAK,eAAe;;;;AAKvB,SAAgB,yBAAyB;AACxC,KAAI,CAAE,WAAmB,gBACxB,CAAC,WAAmB,kBAAkB,IAAI,mBAAmB;AAE9D,QAAQ,WAAmB;;;;;AC3B5B,IAAI,SAAS,OAAO,OAAO;AAC1B,wBAAuB;AACvB,yBAAwB;;AAoDzB,SAAgB,aAAa,QAAgB,YAAiC;CAC7E,MAAM,SAASA,uBAAqB,OAAO;CAC3C,IAAI,cAA4C,EAAE;AAClD,QAAO,SAAS,QAAQ,QAAQ;EAC/B,MAAM,YAAY,OAAO;EACzB,MAAM,SAAS,OAAO;EACtB,MAAM,UAAU,SACb,IAAI,KAAK,KAAK,KAAK,GAAG,OAAO,OAAO,GAAG,IAAK,GAC5C,YACC,IAAI,KAAK,OAAO,UAAU,CAAC,GAC3B;AACJ,cAAY,OAAO;GAClB,OAAO,OAAO;GACd,SAAS,UAAU,QAAQ,aAAa,GAAG;GAC3C;GACA;AACF,KAAI,WACH,KAAI;AAEH,gBAAc;GACb,GAFwB,KAAK,MAAM,WAAW;GAG9C,GAAG;GACH;SACM;AAIT,QAAO,KAAK,UAAU,YAAY;;AAGnC,SAAgB,UAAU,QAAgB;CACzC,IAAI,SAAS,EAAE;AACf,KAAI;AACH,WAAS,KAAK,MAAM,OAAO;SACpB;AAOR,QANe,OAAO,QAAQ,OAAO,CAAC,QAAQ,KAAK,CAAC,KAAK,WAAW;AACnE,MAAI,MAAM,WAAW,IAAI,KAAK,MAAM,QAAQ,mBAAG,IAAI,MAAM,CACxD,QAAO;AAER,SAAO,GAAG,IAAI,IAAI,IAAI,GAAG,MAAM;IAC7B,GAAG;;AAIP,SAAS,mBACR,YACA,cACgB;AAChB,KAAI,CAAC,WAAY,QAAO;CAExB,MAAM,SAAS,cAA4C,WAAW;AACtE,KAAI,CAAC,OAAQ,QAAO;CAEpB,MAAM,WAAW,MAAM,QAAQ,aAAa,GAAG,eAAe,CAAC,aAAa;AAE5E,MAAK,MAAM,UAAU,UAAU;EAE9B,MAAM,aAAa,CAClB,GAAG,uBAAuB,OAAO,eACjC,GAAG,OAAO,cACV;AAED,OAAK,MAAM,QAAQ,YAAY;GAC9B,MAAM,QAAQ,SAAS,OAAO;AAC9B,OAAI,MAAO,QAAO;;;AAIpB,QAAO;;AAGR,SAAS,UAAU,QAAgB;AAElC,QADkB,QAAQ,UAAU,IAAI,EAAE,QAAQ,CAAC;;;;;;;;;;AAYpD,SAAS,wBACR,YACA,WACU;AACV,KAAI,CAAC,WAAY,QAAO;AAExB,KAAI;EACH,MAAM,OAAO,KAAK,MAAM,WAAW;EACnC,MAAM,OAAO,KAAK,MAAM,UAAU;EAGlC,MAAM,8BAAc,IAAI,KAAa;AACrC,SAAO,KAAK,KAAK,CAAC,SAAS,QAAQ;AAClC,OAAI,IAAI,SAAS,gBAAgB,IAAI,IAAI,SAAS,eAAe,CAChE,aAAY,IAAI,IAAI;IAEpB;AACF,SAAO,KAAK,KAAK,CAAC,SAAS,QAAQ;AAClC,OAAI,IAAI,SAAS,gBAAgB,IAAI,IAAI,SAAS,eAAe,CAChE,aAAY,IAAI,IAAI;IAEpB;AAGF,OAAK,MAAM,OAAO,YAGjB,KAFkB,KAAK,MAAM,UACX,KAAK,MAAM,MAE5B,QAAO;AAIT,SAAO;SACA;AAEP,SAAO;;;;;;;;;;;;;;;;;;AAmBT,SAAgB,qBACf,iBACA,cACU;CACV,MAAM,UAAUA,uBAAqB,gBAAgB;CACrD,MAAM,iBAAiB,CAAC,iBAAiB,eAAe;CACxD,MAAM,WAAW,MAAM,QAAQ,aAAa,GAAG,eAAe,CAAC,aAAa;AAG5E,MAAK,MAAM,QAAQ,QAAQ,MAAM,EAAE;EAElC,MAAM,oBAAoB,wBAAwB,KAAK;AAGvD,OAAK,MAAM,UAAU,SACpB,KAAI,QAGH;OAAI,kBAAkB,WAAW,OAAO,CACvC,QAAO;QAIR,MAAK,MAAM,UAAU,eACpB,KAAI,kBAAkB,SAAS,OAAO,CACrC,QAAO;;AAMZ,QAAO;;;;;;;;;;;AAYR,SAAgB,oBAAoB,MAAc;AACjD,QAAO,KAAK,QAAQ,MAAM,IAAI;;AAG/B,SAAgB,eAAe,SAG5B;AACF,QAAO;EACN,UAAU,SAAiB;AAC1B,UAAO,QAAQ,QAAQ,oBAAoB,KAAK,CAAC;;EAElD,UAAU,MAAc,UAAkB;AACzC,UAAO,QAAQ,QAAQ,oBAAoB,KAAK,EAAE,MAAM;;EAEzD;;AAGF,MAAa,cAAc,SAA4B;CACtD,IAAI,QAA4B;CAChC,MAAM,gBAAgB,MAAM,iBAAiB;CAC7C,MAAM,aAAa,GAAG,cAAc;CACpC,MAAM,iBAAiB,GAAG,cAAc;CACxC,MAAM,UAAU,eAAe,MAAM,QAAQ;CAC7C,MAAM,QAAQ,SAAS,OAAO;CAC9B,MAAM,eAAe,MAAM,gBAAgB;CAE3C,MAAM,YACL,MAAM,UAAU,UAAU,YAAY,UAAU,UAAU,UAAU;CACrE,MAAM,SAAS,MAAM,QAAQ,UAAU,GAAG,UAAU,KAAK;AAEzD,KAAI,CAAC,UAAU,CAAC,MACf,OAAM,IAAI,MACT,wEACA;AAEF,QAAO;EACN,IAAI;EACJ,WAAW,GAAG,QAAQ;AACrB,WAAQ;AACR,UAAO,EAgBN,iBAAiB;AAEhB,WAAO,UADQ,QAAQ,QAAQ,WAAW,IACf,KAAK;MAEjC;;EAEF,cAAc,CACb;GACC,IAAI;GACJ,MAAM;GACN,OAAO,EACN,MAAM,UAAU,SAAS;AACxB,QAAI,MAAO;IACX,MAAM,YAAY,QAAQ,SAAS,QAAQ,IAAI,aAAa;AAC5D,QAAI,WAGH;SAAI,qBAAqB,WAAW,aAAa,EAAE;MAClD,MAAM,aAAa,QAAQ,QAAQ,WAAW;MAC9C,MAAM,cAAc,aACnB,aAAa,IACb,cAAc,OACd;AAGD,UAAI,wBAAwB,YAAY,YAAY,EAAE;AACrD,eAAQ,QAAQ,YAAY,YAAY;AACxC,cAAO,OAAO,iBAAiB;YAG/B,SAAQ,QAAQ,YAAY,YAAY;;;AAK3C,QACC,QAAQ,QAAQ,IAAI,UAAU,CAAC,SAAS,eAAe,IACvD,CAAC,MAAM,cACN;KACD,MAAM,OAAO,QAAQ;AACrB,aAAQ,QAAQ,gBAAgB,KAAK,UAAU,KAAK,CAAC;;AAGtD,QACC,QAAQ,MAAM,aACb,QAAQ,QAAQ,IAAI,UAAU,CAAC,SAAS,WAAW,IACnD,QAAQ,QAAQ,IAAI,UAAU,CAAC,SAAS,eAAe,KACxD,CAAC,QAAQ,SAAS,KAAK,SAAS,UAAU,EACzC;KAED,MAAM,KADc,KAAK,MAAM,QAAQ,QAAQ,KAAK,EAAE;KAEtD,MAAM,YAAY,QAAQ,MAAM;KAChC,IAAI,UACH;AACD,SAAI;AACH,gBAAU,MAAM,OAAO;cACf,OAAO;AACf,YAAM,IAAI,MACT,0DACA,EACC,OAAO,OACP,CACD;;AAGF,SAAI,SAAS,OAAO,UACnB,KAAI;AACH,cAAQ,oBAAoB;aACrB;KAIT,MAAM,kBAAkB,mBADC,QAAQ,QAAQ,WAAW,EAGnD,aACA;KACD,MAAM,SAAS,IAAI,gBAAgB,EAClC,kBAAkB,WAClB,CAAC;AACF,SAAI,gBACH,QAAO,OAAO,cAAc,gBAAgB;KAE7C,MAAM,WAAW,GAAG,QAAQ,QAAQ,QAAQ,4BAA4B,OAAO,UAAU;KACzF,MAAM,SAAS,MAAM,QAAQ,qBAC5B,UACA,IACA,MAAM,kBACN;AACD,SAAI,OAAO,SAAS,UAAW;KAE/B,MAAM,SADM,IAAI,IAAI,OAAO,IAAI,CACZ,aAAa,IAAI,SAAS;AAC7C,SAAI,CAAC,OAAQ;KAEb,MAAM,cAAc,aAAa,QADd,QAAQ,QAAQ,WAAW,IACS,OAAU;AACjE,aAAQ,QAAQ,YAAY,YAAY;AACxC,YAAO,OAAO,iBAAiB;;MAGjC;GACD,MAAM,KAAK,KAAK,SAAS;AACxB,QAAI,MACH,QAAO;KACN;KACS;KACT;AAEF,cAAU,WAAW,EAAE;IAEvB,MAAM,SAAS,UADM,QAAQ,QAAQ,WAAW,IACP,KAAK;AAC9C,YAAQ,cAAc;AACtB,YAAQ,UAAU;KACjB,GAAG,QAAQ;KACX;KACA,eAAe,UAAU,OAAQ;KACjC,sBAAsB;KACtB;AACD,QAAI,QAAQ,MAAM,aACjB;SAAI,QAAQ,KAAK,YAAY,WAAW,IAAI,EAAE;MAC7C,MAAM,MAAM,QAAQ,UAAU,QAAQ,KAAK,aAAa,EACvD,QACA,CAAC;AACF,cAAQ,KAAK,cAAc;;;AAG7B,QAAI,QAAQ,MAAM,oBACjB;SAAI,QAAQ,KAAK,mBAAmB,WAAW,IAAI,EAAE;MACpD,MAAM,MAAM,QAAQ,UAAU,QAAQ,KAAK,oBAAoB,EAC9D,QACA,CAAC;AACF,cAAQ,KAAK,qBAAqB;;;AAGpC,QAAI,QAAQ,MAAM,kBACjB;SAAI,QAAQ,KAAK,iBAAiB,WAAW,IAAI,EAAE;MAClD,MAAM,MAAM,QAAQ,UAAU,QAAQ,KAAK,kBAAkB,EAC5D,QACA,CAAC;AACF,cAAQ,KAAK,mBAAmB;;;AAGlC,QAAI,IAAI,SAAS,YAAY,EAAE;AAC9B,aAAQ,QAAQ,YAAY,KAAK;AACjC,YAAO,MAAM,SAAS,IAAI;MACzB,GAAG,MAAM,MAAM,QAAQ,KAAK;MAC5B,MAAM;MACN,OAAO;MACP,WAAW;MACX,CAAC;AACF,aAAQ,QAAQ,gBAAgB,KAAK;;AAEtC,WAAO;KACN;KACS;KACT;;GAEF,CACD;EACD"}

package/dist/index.d.mts

@@ -10,6 +10,13 @@ interface ExpoOptions {
    */
   disableOriginOverride?: boolean | undefined;
 }
+declare module "@better-auth/core" {
+  interface BetterAuthPluginRegistry<AuthOptions, Options> {
+    expo: {
+      creator: typeof expo;
+    };
+  }
+}
 declare const expo: (options?: ExpoOptions | undefined) => {
   id: "expo";
   init: (ctx: better_auth0.AuthContext) => {
@@ -31,6 +38,7 @@ declare const expo: (options?: ExpoOptions | undefined) => {
       method: "GET";
       query: zod0.ZodObject<{
         authorizationURL: zod0.ZodString;
+        oauthState: zod0.ZodOptional<zod0.ZodString>;
       }, better_auth0.$strip>;
       metadata: {
         readonly scope: "server";
@@ -53,4 +61,5 @@ declare const expo: (options?: ExpoOptions | undefined) => {
   options: ExpoOptions | undefined;
 };
 //#endregion
-export { ExpoOptions, expo };
+export { ExpoOptions, expo };
+//# sourceMappingURL=index.d.mts.map

package/dist/index.mjs

@@ -6,13 +6,22 @@ import * as z from "zod";
 //#region src/routes.ts
 const expoAuthorizationProxy = createAuthEndpoint("/expo-authorization-proxy", {
 	method: "GET",
-	query: z.object({ authorizationURL: z.string() }),
+	query: z.object({
+		authorizationURL: z.string(),
+		oauthState: z.string().optional()
+	}),
 	metadata: HIDE_METADATA
 }, async (ctx) => {
+	const { oauthState } = ctx.query;
+	if (oauthState) {
+		const oauthStateCookie = ctx.context.createAuthCookie("oauth_state", { maxAge: 600 });
+		ctx.setCookie(oauthStateCookie.name, oauthState, oauthStateCookie.attributes);
+		return ctx.redirect(ctx.query.authorizationURL);
+	}
 	const { authorizationURL } = ctx.query;
 	const state = new URL(authorizationURL).searchParams.get("state");
 	if (!state) throw new APIError("BAD_REQUEST", { message: "Unexpected error" });
-	const stateCookie = ctx.context.createAuthCookie("state", { maxAge: 300 * 1e3 });
+	const stateCookie = ctx.context.createAuthCookie("state", { maxAge: 300 });
 	await ctx.setSignedCookie(stateCookie.name, state, ctx.context.secret, stateCookie.attributes);
 	return ctx.redirect(ctx.query.authorizationURL);
 });
@@ -60,4 +69,5 @@ const expo = (options) => {
 };
 
 //#endregion
-export { expo };
+export { expo };
+//# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.mjs","names":[],"sources":["../src/routes.ts","../src/index.ts"],"sourcesContent":["import { HIDE_METADATA } from \"better-auth\";\nimport { APIError, createAuthEndpoint } from \"better-auth/api\";\nimport * as z from \"zod\";\n\nexport const expoAuthorizationProxy = createAuthEndpoint(\n\t\"/expo-authorization-proxy\",\n\t{\n\t\tmethod: \"GET\",\n\t\tquery: z.object({\n\t\t\tauthorizationURL: z.string(),\n\t\t\toauthState: z.string().optional(),\n\t\t}),\n\t\tmetadata: HIDE_METADATA,\n\t},\n\tasync (ctx) => {\n\t\tconst { oauthState } = ctx.query;\n\t\tif (oauthState) {\n\t\t\tconst oauthStateCookie = ctx.context.createAuthCookie(\"oauth_state\", {\n\t\t\t\tmaxAge: 10 * 60, // 10 minutes\n\t\t\t});\n\t\t\tctx.setCookie(\n\t\t\t\toauthStateCookie.name,\n\t\t\t\toauthState,\n\t\t\t\toauthStateCookie.attributes,\n\t\t\t);\n\t\t\treturn ctx.redirect(ctx.query.authorizationURL);\n\t\t}\n\n\t\tconst { authorizationURL } = ctx.query;\n\t\tconst url = new URL(authorizationURL);\n\t\tconst state = url.searchParams.get(\"state\");\n\t\tif (!state) {\n\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\tmessage: \"Unexpected error\",\n\t\t\t});\n\t\t}\n\t\tconst stateCookie = ctx.context.createAuthCookie(\"state\", {\n\t\t\tmaxAge: 5 * 60, // 5 minutes\n\t\t});\n\t\tawait ctx.setSignedCookie(\n\t\t\tstateCookie.name,\n\t\t\tstate,\n\t\t\tctx.context.secret,\n\t\t\tstateCookie.attributes,\n\t\t);\n\t\treturn ctx.redirect(ctx.query.authorizationURL);\n\t},\n);\n","import type { BetterAuthPlugin } from \"@better-auth/core\";\nimport { createAuthMiddleware } from \"@better-auth/core/api\";\nimport { expoAuthorizationProxy } from \"./routes\";\n\nexport interface ExpoOptions {\n\t/**\n\t * Disable origin override for expo API routes\n\t * When set to true, the origin header will not be overridden for expo API routes\n\t */\n\tdisableOriginOverride?: boolean | undefined;\n}\n\ndeclare module \"@better-auth/core\" {\n\tinterface BetterAuthPluginRegistry<AuthOptions, Options> {\n\t\texpo: {\n\t\t\tcreator: typeof expo;\n\t\t};\n\t}\n}\n\nexport const expo = (options?: ExpoOptions | undefined) => {\n\treturn {\n\t\tid: \"expo\",\n\t\tinit: (ctx) => {\n\t\t\tconst trustedOrigins =\n\t\t\t\tprocess.env.NODE_ENV === \"development\" ? [\"exp://\"] : [];\n\n\t\t\treturn {\n\t\t\t\toptions: {\n\t\t\t\t\ttrustedOrigins,\n\t\t\t\t},\n\t\t\t};\n\t\t},\n\t\tasync onRequest(request, ctx) {\n\t\t\tif (options?.disableOriginOverride || request.headers.get(\"origin\")) {\n\t\t\t\treturn;\n\t\t\t}\n\t\t\t/**\n\t\t\t * To bypass origin check from expo, we need to set the origin\n\t\t\t * header to the expo-origin header\n\t\t\t */\n\t\t\tconst expoOrigin = request.headers.get(\"expo-origin\");\n\t\t\tif (!expoOrigin) {\n\t\t\t\treturn;\n\t\t\t}\n\t\t\tconst req = request.clone();\n\t\t\treq.headers.set(\"origin\", expoOrigin);\n\t\t\treturn {\n\t\t\t\trequest: req,\n\t\t\t};\n\t\t},\n\t\thooks: {\n\t\t\tafter: [\n\t\t\t\t{\n\t\t\t\t\tmatcher(context) {\n\t\t\t\t\t\treturn !!(\n\t\t\t\t\t\t\tcontext.path?.startsWith(\"/callback\") ||\n\t\t\t\t\t\t\tcontext.path?.startsWith(\"/oauth2/callback\") ||\n\t\t\t\t\t\t\tcontext.path?.startsWith(\"/magic-link/verify\") ||\n\t\t\t\t\t\t\tcontext.path?.startsWith(\"/verify-email\")\n\t\t\t\t\t\t);\n\t\t\t\t\t},\n\t\t\t\t\thandler: createAuthMiddleware(async (ctx) => {\n\t\t\t\t\t\tconst headers = ctx.context.responseHeaders;\n\t\t\t\t\t\tconst location = headers?.get(\"location\");\n\t\t\t\t\t\tif (!location) {\n\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t}\n\t\t\t\t\t\tconst isProxyURL = location.includes(\"/oauth-proxy-callback\");\n\t\t\t\t\t\tif (isProxyURL) {\n\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t}\n\t\t\t\t\t\tconst trustedOrigins = ctx.context.trustedOrigins.filter(\n\t\t\t\t\t\t\t(origin: string) => !origin.startsWith(\"http\"),\n\t\t\t\t\t\t);\n\t\t\t\t\t\tconst isTrustedOrigin = trustedOrigins.some((origin: string) =>\n\t\t\t\t\t\t\tlocation?.startsWith(origin),\n\t\t\t\t\t\t);\n\t\t\t\t\t\tif (!isTrustedOrigin) {\n\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t}\n\t\t\t\t\t\tconst cookie = headers?.get(\"set-cookie\");\n\t\t\t\t\t\tif (!cookie) {\n\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t}\n\t\t\t\t\t\tconst url = new URL(location);\n\t\t\t\t\t\turl.searchParams.set(\"cookie\", cookie);\n\t\t\t\t\t\tctx.setHeader(\"location\", url.toString());\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t],\n\t\t},\n\t\tendpoints: {\n\t\t\texpoAuthorizationProxy,\n\t\t},\n\t\toptions,\n\t} satisfies BetterAuthPlugin;\n};\n"],"mappings":";;;;;;AAIA,MAAa,yBAAyB,mBACrC,6BACA;CACC,QAAQ;CACR,OAAO,EAAE,OAAO;EACf,kBAAkB,EAAE,QAAQ;EAC5B,YAAY,EAAE,QAAQ,CAAC,UAAU;EACjC,CAAC;CACF,UAAU;CACV,EACD,OAAO,QAAQ;CACd,MAAM,EAAE,eAAe,IAAI;AAC3B,KAAI,YAAY;EACf,MAAM,mBAAmB,IAAI,QAAQ,iBAAiB,eAAe,EACpE,QAAQ,KACR,CAAC;AACF,MAAI,UACH,iBAAiB,MACjB,YACA,iBAAiB,WACjB;AACD,SAAO,IAAI,SAAS,IAAI,MAAM,iBAAiB;;CAGhD,MAAM,EAAE,qBAAqB,IAAI;CAEjC,MAAM,QADM,IAAI,IAAI,iBAAiB,CACnB,aAAa,IAAI,QAAQ;AAC3C,KAAI,CAAC,MACJ,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,oBACT,CAAC;CAEH,MAAM,cAAc,IAAI,QAAQ,iBAAiB,SAAS,EACzD,QAAQ,KACR,CAAC;AACF,OAAM,IAAI,gBACT,YAAY,MACZ,OACA,IAAI,QAAQ,QACZ,YAAY,WACZ;AACD,QAAO,IAAI,SAAS,IAAI,MAAM,iBAAiB;EAEhD;;;;AC3BD,MAAa,QAAQ,YAAsC;AAC1D,QAAO;EACN,IAAI;EACJ,OAAO,QAAQ;AAId,UAAO,EACN,SAAS,EACR,gBAJD,QAAQ,IAAI,aAAa,gBAAgB,CAAC,SAAS,GAAG,EAAE,EAKvD,EACD;;EAEF,MAAM,UAAU,SAAS,KAAK;AAC7B,OAAI,SAAS,yBAAyB,QAAQ,QAAQ,IAAI,SAAS,CAClE;;;;;GAMD,MAAM,aAAa,QAAQ,QAAQ,IAAI,cAAc;AACrD,OAAI,CAAC,WACJ;GAED,MAAM,MAAM,QAAQ,OAAO;AAC3B,OAAI,QAAQ,IAAI,UAAU,WAAW;AACrC,UAAO,EACN,SAAS,KACT;;EAEF,OAAO,EACN,OAAO,CACN;GACC,QAAQ,SAAS;AAChB,WAAO,CAAC,EACP,QAAQ,MAAM,WAAW,YAAY,IACrC,QAAQ,MAAM,WAAW,mBAAmB,IAC5C,QAAQ,MAAM,WAAW,qBAAqB,IAC9C,QAAQ,MAAM,WAAW,gBAAgB;;GAG3C,SAAS,qBAAqB,OAAO,QAAQ;IAC5C,MAAM,UAAU,IAAI,QAAQ;IAC5B,MAAM,WAAW,SAAS,IAAI,WAAW;AACzC,QAAI,CAAC,SACJ;AAGD,QADmB,SAAS,SAAS,wBAAwB,CAE5D;AAQD,QAAI,CANmB,IAAI,QAAQ,eAAe,QAChD,WAAmB,CAAC,OAAO,WAAW,OAAO,CAC9C,CACsC,MAAM,WAC5C,UAAU,WAAW,OAAO,CAC5B,CAEA;IAED,MAAM,SAAS,SAAS,IAAI,aAAa;AACzC,QAAI,CAAC,OACJ;IAED,MAAM,MAAM,IAAI,IAAI,SAAS;AAC7B,QAAI,aAAa,IAAI,UAAU,OAAO;AACtC,QAAI,UAAU,YAAY,IAAI,UAAU,CAAC;KACxC;GACF,CACD,EACD;EACD,WAAW,EACV,wBACA;EACD;EACA"}

package/dist/plugins/index.d.mts

@@ -47,4 +47,5 @@ declare const lastLoginMethodClient: (config: LastLoginMethodClientConfig) => {
   };
 };
 //#endregion
-export { LastLoginMethodClientConfig, lastLoginMethodClient };
+export { LastLoginMethodClientConfig, lastLoginMethodClient };
+//# sourceMappingURL=index.d.mts.map

package/dist/plugins/index.mjs

@@ -43,4 +43,5 @@ const lastLoginMethodClient = (config) => {
 };
 
 //#endregion
-export { lastLoginMethodClient };
+export { lastLoginMethodClient };
+//# sourceMappingURL=index.mjs.map

package/dist/plugins/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.mjs","names":[],"sources":["../../src/plugins/last-login-method.ts"],"sourcesContent":["import type { Awaitable, BetterAuthClientPlugin } from \"@better-auth/core\";\n\nexport interface LastLoginMethodClientConfig {\n\tstorage: {\n\t\tsetItem: (key: string, value: string) => any;\n\t\tgetItem: (key: string) => string | null;\n\t\tdeleteItemAsync: (key: string) => Awaitable<void>;\n\t};\n\t/**\n\t * Prefix for local storage keys (e.g., \"my-app_last_login_method\")\n\t * @default \"better-auth\"\n\t */\n\tstoragePrefix?: string | undefined;\n\t/**\n\t * Custom resolve method for retrieving the last login method\n\t */\n\tcustomResolveMethod?:\n\t\t| ((url: string | URL) => Awaitable<string | undefined | null>)\n\t\t| undefined;\n}\n\nconst paths = [\n\t\"/callback/\",\n\t\"/oauth2/callback/\",\n\t\"/sign-in/email\",\n\t\"/sign-up/email\",\n];\nconst defaultResolveMethod = (url: string | URL) => {\n\tconst { pathname } = new URL(url.toString(), \"http://localhost\");\n\n\tif (paths.some((p) => pathname.includes(p))) {\n\t\treturn pathname.split(\"/\").pop();\n\t}\n\tif (pathname.includes(\"siwe\")) return \"siwe\";\n\tif (pathname.includes(\"/passkey/verify-authentication\")) {\n\t\treturn \"passkey\";\n\t}\n\n\treturn;\n};\n\nexport const lastLoginMethodClient = (config: LastLoginMethodClientConfig) => {\n\tconst resolveMethod = config.customResolveMethod || defaultResolveMethod;\n\tconst storagePrefix = config.storagePrefix || \"better-auth\";\n\tconst lastLoginMethodName = `${storagePrefix}_last_login_method`;\n\tconst storage = config.storage;\n\n\treturn {\n\t\tid: \"last-login-method-expo\",\n\t\tfetchPlugins: [\n\t\t\t{\n\t\t\t\tid: \"last-login-method-expo\",\n\t\t\t\tname: \"Last Login Method\",\n\t\t\t\thooks: {\n\t\t\t\t\tonResponse: async (ctx) => {\n\t\t\t\t\t\tconst lastMethod = await resolveMethod(ctx.request.url);\n\t\t\t\t\t\tif (!lastMethod) {\n\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\tawait storage.setItem(lastLoginMethodName, lastMethod);\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t],\n\t\tgetActions() {\n\t\t\treturn {\n\t\t\t\t/**\n\t\t\t\t * Get the last used login method from storage\n\t\t\t\t *\n\t\t\t\t * @returns The last used login method or null if not found\n\t\t\t\t */\n\t\t\t\tgetLastUsedLoginMethod: (): string | null => {\n\t\t\t\t\treturn storage.getItem(lastLoginMethodName);\n\t\t\t\t},\n\t\t\t\t/**\n\t\t\t\t * Clear the last used login method from storage\n\t\t\t\t */\n\t\t\t\tclearLastUsedLoginMethod: async () => {\n\t\t\t\t\tawait storage.deleteItemAsync(lastLoginMethodName);\n\t\t\t\t},\n\t\t\t\t/**\n\t\t\t\t * Check if a specific login method was the last used\n\t\t\t\t * @param method The method to check\n\t\t\t\t * @returns True if the method was the last used, false otherwise\n\t\t\t\t */\n\t\t\t\tisLastUsedLoginMethod: (method: string): boolean => {\n\t\t\t\t\tconst lastMethod = storage.getItem(lastLoginMethodName);\n\t\t\t\t\treturn lastMethod === method;\n\t\t\t\t},\n\t\t\t};\n\t\t},\n\t} satisfies BetterAuthClientPlugin;\n};\n"],"mappings":";AAqBA,MAAM,QAAQ;CACb;CACA;CACA;CACA;CACA;AACD,MAAM,wBAAwB,QAAsB;CACnD,MAAM,EAAE,aAAa,IAAI,IAAI,IAAI,UAAU,EAAE,mBAAmB;AAEhE,KAAI,MAAM,MAAM,MAAM,SAAS,SAAS,EAAE,CAAC,CAC1C,QAAO,SAAS,MAAM,IAAI,CAAC,KAAK;AAEjC,KAAI,SAAS,SAAS,OAAO,CAAE,QAAO;AACtC,KAAI,SAAS,SAAS,iCAAiC,CACtD,QAAO;;AAMT,MAAa,yBAAyB,WAAwC;CAC7E,MAAM,gBAAgB,OAAO,uBAAuB;CAEpD,MAAM,sBAAsB,GADN,OAAO,iBAAiB,cACD;CAC7C,MAAM,UAAU,OAAO;AAEvB,QAAO;EACN,IAAI;EACJ,cAAc,CACb;GACC,IAAI;GACJ,MAAM;GACN,OAAO,EACN,YAAY,OAAO,QAAQ;IAC1B,MAAM,aAAa,MAAM,cAAc,IAAI,QAAQ,IAAI;AACvD,QAAI,CAAC,WACJ;AAGD,UAAM,QAAQ,QAAQ,qBAAqB,WAAW;MAEvD;GACD,CACD;EACD,aAAa;AACZ,UAAO;IAMN,8BAA6C;AAC5C,YAAO,QAAQ,QAAQ,oBAAoB;;IAK5C,0BAA0B,YAAY;AACrC,WAAM,QAAQ,gBAAgB,oBAAoB;;IAOnD,wBAAwB,WAA4B;AAEnD,YADmB,QAAQ,QAAQ,oBAAoB,KACjC;;IAEvB;;EAEF"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/expo",
-  "version": "1.5.0-beta.1",
+  "version": "1.5.0-beta.10",
   "type": "module",
   "description": "Better Auth integration for Expo and React Native applications.",
   "main": "dist/index.mjs",
@@ -55,22 +55,22 @@
   "license": "MIT",
   "devDependencies": {
     "@better-fetch/fetch": "1.1.21",
-    "expo-constants": "~17.1.7",
-    "expo-network": "^8.0.7",
-    "expo-linking": "~7.1.7",
-    "expo-web-browser": "~14.2.0",
-    "react-native": "~0.80.2",
-    "tsdown": "^0.17.2",
-    "@better-auth/core": "1.5.0-beta.1",
-    "better-auth": "1.5.0-beta.1"
+    "expo-constants": "~18.0.13",
+    "expo-linking": "~8.0.11",
+    "expo-network": "^8.0.8",
+    "expo-web-browser": "~15.0.10",
+    "react-native": "~0.83.1",
+    "tsdown": "^0.20.1",
+    "@better-auth/core": "1.5.0-beta.10",
+    "better-auth": "1.5.0-beta.10"
   },
   "peerDependencies": {
     "expo-constants": ">=17.0.0",
     "expo-linking": ">=7.0.0",
     "expo-network": "^8.0.7",
     "expo-web-browser": ">=14.0.0",
-    "better-auth": "1.5.0-beta.1",
-    "@better-auth/core": "1.5.0-beta.1"
+    "@better-auth/core": "1.5.0-beta.10",
+    "better-auth": "1.5.0-beta.10"
   },
   "peerDependenciesMeta": {
     "expo-constants": {
@@ -88,15 +88,15 @@
   },
   "dependencies": {
     "@better-fetch/fetch": "1.1.21",
-    "better-call": "1.1.7",
-    "zod": "^4.1.12"
+    "better-call": "1.2.0",
+    "zod": "^4.3.6"
   },
   "files": [
     "dist"
   ],
   "scripts": {
     "test": "vitest",
-    "coverage": "vitest run --coverage",
+    "coverage": "vitest run --coverage --coverage.provider=istanbul",
     "lint:types": "attw --profile esm-only --pack .",
     "lint:package": "publint run --strict",
     "build": "tsdown",