@better-auth/expo 1.7.0-beta.2 → 1.7.0-beta.4

package/dist/client.d.ts

@@ -84,10 +84,23 @@ declare function hasBetterAuthCookies(setCookieHeader: string, cookiePrefix: str
 declare function normalizeCookieName(name: string): string;
 declare function storageAdapter(storage: {
   getItem: (name: string) => string | null;
-  setItem: (name: string, value: string) => void;
+  setItem: (name: string, value: string) => unknown;
 }): {
+  /**
+   * Reads a value, reassembling it if it was split across chunk keys. A value
+   * that fit is returned as-is (values written before chunking still read
+   * back); a missing chunk returns `null` so a torn write fails closed.
+   */
   getItem: (name: string) => string | null;
-  setItem: (name: string, value: string) => void;
+  /**
+   * Stores `value`, splitting it across chunk keys when it exceeds the
+   * per-write limit. The base key is cleared before the chunks are rewritten
+   * and set to the marker last, as the commit point, so a write interrupted
+   * partway through reads as absent rather than a mix of old and new chunks.
+   * Failures are logged, not thrown: persistence is best-effort and must not
+   * break the request.
+   */
+  setItem: (name: string, value: string) => Promise<void>;
 };
 declare const expoClient: (opts: ExpoClientOptions) => {
   id: "expo";

package/dist/client.js

@@ -1,4 +1,4 @@
-import { t as PACKAGE_VERSION } from "./version-C8sKtO-X.js";
+import { t as PACKAGE_VERSION } from "./version-DPtU3iXk.js";
 import { safeJSONParse } from "@better-auth/core/utils/json";
 import { SECURE_COOKIE_PREFIX, parseSetCookieHeader, parseSetCookieHeader as parseSetCookieHeader$1, stripSecureCookiePrefix } from "better-auth/cookies";
 import Constants from "expo-constants";
@@ -195,13 +195,54 @@ function hasBetterAuthCookies(setCookieHeader, cookiePrefix) {
 function normalizeCookieName(name) {
 	return name.replace(/:/g, "_");
 }
+/**
+* Max characters written per `setItem`. Native secure stores silently reject
+* oversized writes (iOS Keychain refuses values above ~2KB), losing the cookie,
+* so a larger value is split across keys here. Mirrors the server's
+* `chunkCookie`/`joinChunks` in `session-store.ts`; keep the two in sync.
+*
+* @see https://github.com/better-auth/better-auth/issues/9151
+*/
+const STORAGE_VALUE_LIMIT = 1800;
+/**
+* Marks a base key whose value is split across `<key>.0..N` chunks. The leading
+* control char can't start a JSON value (so it never collides) and, unlike NUL,
+* survives the native storage bridge without C-string truncation.
+*/
+const CHUNK_MARKER = "
ba-chunks:";
 function storageAdapter(storage) {
 	return {
 		getItem: (name) => {
-			return storage.getItem(normalizeCookieName(name));
+			const key = normalizeCookieName(name);
+			const stored = storage.getItem(key);
+			if (stored == null || !stored.startsWith(CHUNK_MARKER)) return stored;
+			const count = Number(stored.slice(11));
+			if (!Number.isInteger(count) || count < 1) return null;
+			let value = "";
+			for (let i = 0; i < count; i++) {
+				const chunk = storage.getItem(`${key}.${i}`);
+				if (chunk == null) return null;
+				value += chunk;
+			}
+			return value;
 		},
-		setItem: (name, value) => {
-			return storage.setItem(normalizeCookieName(name), value);
+		setItem: async (name, value) => {
+			const key = normalizeCookieName(name);
+			try {
+				if (value.length <= STORAGE_VALUE_LIMIT) {
+					await storage.setItem(key, value);
+					return;
+				}
+				await storage.setItem(key, "");
+				const count = Math.ceil(value.length / STORAGE_VALUE_LIMIT);
+				for (let i = 0; i < count; i++) {
+					const start = i * STORAGE_VALUE_LIMIT;
+					await storage.setItem(`${key}.${i}`, value.slice(start, start + STORAGE_VALUE_LIMIT));
+				}
+				await storage.setItem(key, `${CHUNK_MARKER}${count}`);
+			} catch (error) {
+				console.error(`[better-auth/expo] failed to persist "${key}" to storage`, error);
+			}
 		}
 	};
 }
@@ -248,14 +289,14 @@ const expoClient = (opts) => {
 						const prevCookie = storage.getItem(cookieName);
 						const toSetCookie = getSetCookie(setCookie || "", prevCookie ?? void 0);
 						if (hasSessionCookieChanged(prevCookie, toSetCookie)) {
-							storage.setItem(cookieName, toSetCookie);
+							await storage.setItem(cookieName, toSetCookie);
 							store?.notify("$sessionSignal");
-						} else storage.setItem(cookieName, toSetCookie);
+						} else await storage.setItem(cookieName, toSetCookie);
 					}
 				}
 				if (context.request.url.toString().includes("/get-session") && !opts?.disableCache) {
 					const data = context.data;
-					storage.setItem(localCacheName, JSON.stringify(data));
+					await storage.setItem(localCacheName, JSON.stringify(data));
 				}
 				if (context.data?.redirect && (context.request.url.toString().includes("/sign-in") || context.request.url.toString().includes("/link-social")) && !context.request?.body.includes("idToken")) {
 					const to = JSON.parse(context.request.body)?.callbackURL;
@@ -282,7 +323,7 @@ const expoClient = (opts) => {
 					const cookie = new URL(result.url).searchParams.get("cookie");
 					if (!cookie) return;
 					const toSetCookie = getSetCookie(cookie, storage.getItem(cookieName) ?? void 0);
-					storage.setItem(cookieName, toSetCookie);
+					await storage.setItem(cookieName, toSetCookie);
 					store?.notify("$sessionSignal");
 				}
 			} },
@@ -324,14 +365,14 @@ const expoClient = (opts) => {
 						}
 					}
 					if (url.includes("/sign-out")) {
-						storage.setItem(cookieName, "{}");
+						await storage.setItem(cookieName, "{}");
 						store?.atoms.session?.set({
 							...store.atoms.session.get(),
 							data: null,
 							error: null,
 							isPending: false
 						});
-						storage.setItem(localCacheName, "{}");
+						await storage.setItem(localCacheName, "{}");
 					}
 				}
 				return {

package/dist/index.js

@@ -1,4 +1,4 @@
-import { t as PACKAGE_VERSION } from "./version-C8sKtO-X.js";
+import { t as PACKAGE_VERSION } from "./version-DPtU3iXk.js";
 import { createAuthMiddleware } from "@better-auth/core/api";
 import { HIDE_METADATA } from "better-auth";
 import { APIError, createAuthEndpoint } from "better-auth/api";

package/dist/plugins/index.js

@@ -1,4 +1,4 @@
-import { t as PACKAGE_VERSION } from "../version-C8sKtO-X.js";
+import { t as PACKAGE_VERSION } from "../version-DPtU3iXk.js";
 //#region src/plugins/last-login-method.ts
 const paths = [
 	"/callback/",

package/dist/{version-C8sKtO-X.js → version-DPtU3iXk.js}

@@ -1,5 +1,5 @@
 //#endregion
 //#region src/version.ts
-const PACKAGE_VERSION = "1.7.0-beta.2";
+const PACKAGE_VERSION = "1.7.0-beta.4";
 //#endregion
 export { PACKAGE_VERSION as t };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/expo",
-  "version": "1.7.0-beta.2",
+  "version": "1.7.0-beta.4",
   "description": "Better Auth integration for Expo and React Native applications.",
   "type": "module",
   "license": "MIT",
@@ -70,16 +70,16 @@
     "expo-web-browser": "~55.0.9",
     "react-native": "~0.84.1",
     "tsdown": "0.21.1",
-    "@better-auth/core": "1.7.0-beta.2",
-    "better-auth": "1.7.0-beta.2"
+    "@better-auth/core": "1.7.0-beta.4",
+    "better-auth": "1.7.0-beta.4"
   },
   "peerDependencies": {
     "expo-constants": ">=17.0.0",
     "expo-linking": ">=7.0.0",
     "expo-network": ">=8.0.7",
     "expo-web-browser": ">=14.0.0",
-    "@better-auth/core": "^1.7.0-beta.2",
-    "better-auth": "^1.7.0-beta.2"
+    "@better-auth/core": "^1.7.0-beta.4",
+    "better-auth": "^1.7.0-beta.4"
   },
   "peerDependenciesMeta": {
     "expo-constants": {