@better-auth/infra 0.1.9-beta.1 → 0.1.10

package/dist/index.mjs

@@ -1,8 +1,9 @@
-import { n as INFRA_KV_URL, r as KV_TIMEOUT_MS, t as INFRA_API_URL } from "./constants-DWl1utFw.mjs";
+import { n as INFRA_KV_URL, r as KV_TIMEOUT_MS, t as INFRA_API_URL } from "./constants-B-e0_Nsv.mjs";
 import { EMAIL_TEMPLATES, createEmailSender, sendBulkEmails, sendEmail } from "./email.mjs";
 import { APIError, generateId, getAuthTables, logger, parseState } from "better-auth";
 import { env } from "@better-auth/core/env";
 import { APIError as APIError$1, createAuthEndpoint, createAuthMiddleware, requestPasswordReset, sendVerificationEmailFn, sessionMiddleware } from "better-auth/api";
+import { getCurrentAuthContext } from "@better-auth/core/context";
 import { betterFetch, createFetch } from "@better-fetch/fetch";
 import { isValidPhoneNumber, parsePhoneNumberFromString } from "libphonenumber-js";
 import { createLocalJWKSet, jwtVerify } from "jose";
@@ -133,21 +134,6 @@ const ORGANIZATION_EVENT_TYPES = {
 	ORGANIZATION_TEAM_MEMBER_REMOVED: "organization_team_member_removed"
 };
 
-//#endregion
-//#region src/events/utils.ts
-function backgroundTask(task) {
-	let result;
-	try {
-		result = task();
-	} catch (error) {
-		logger.debug("[Dash] Background operation failed: ", error);
-		return;
-	}
-	Promise.resolve(result).catch((error) => {
-		logger.debug("[Dash] Background operation failed: ", error);
-	});
-}
-
 //#endregion
 //#region src/events/core/adapter.ts
 const getUserByEmail = async (email, ctx) => {
@@ -245,7 +231,7 @@ const initAccountEvents = (tracker) => {
 				countryCode: location?.countryCode
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	const trackAccountUnlink = (account, trigger, ctx, location) => {
 		const track = async () => {
@@ -269,7 +255,7 @@ const initAccountEvents = (tracker) => {
 				countryCode: location?.countryCode
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	const trackAccountPasswordChange = (account, trigger, ctx, location) => {
 		const track = async () => {
@@ -293,7 +279,7 @@ const initAccountEvents = (tracker) => {
 				countryCode: location?.countryCode
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	return {
 		trackAccountLinking,
@@ -358,7 +344,7 @@ const initSessionEvents = (tracker) => {
 				countryCode: location?.countryCode
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	const trackUserSignedOut = (session, trigger, ctx, location) => {
 		const track = async () => {
@@ -384,7 +370,7 @@ const initSessionEvents = (tracker) => {
 				countryCode: location?.countryCode
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	const trackSessionRevoked = (session, trigger, ctx, location) => {
 		const track = async () => {
@@ -410,7 +396,7 @@ const initSessionEvents = (tracker) => {
 				countryCode: location?.countryCode
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	const trackSessionRevokedAll = (session, trigger, ctx, _location) => {
 		const track = async () => {
@@ -428,7 +414,7 @@ const initSessionEvents = (tracker) => {
 				}
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	const trackUserImpersonated = (session, trigger, ctx, location) => {
 		const track = async () => {
@@ -457,7 +443,7 @@ const initSessionEvents = (tracker) => {
 				countryCode: location?.countryCode
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	const trackUserImpersonationStop = (session, trigger, ctx, location) => {
 		const track = async () => {
@@ -486,7 +472,7 @@ const initSessionEvents = (tracker) => {
 				countryCode: location?.countryCode
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	const trackSessionCreated = (session, trigger, ctx, location) => {
 		const track = async () => {
@@ -512,7 +498,7 @@ const initSessionEvents = (tracker) => {
 				countryCode: location?.countryCode
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	const trackEmailVerificationSent = (session, user, trigger, _ctx) => {
 		trackEvent({
@@ -546,7 +532,7 @@ const initSessionEvents = (tracker) => {
 				}
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	const trackSocialSignInAttempt = (ctx, trigger) => {
 		const track = async () => {
@@ -565,11 +551,11 @@ const initSessionEvents = (tracker) => {
 				}
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	const trackSocialSignInRedirectionAttempt = (ctx, trigger) => {
 		const track = async () => {
-			const user = await getUserByAuthorizationCode(ctx.body.provider, ctx);
+			const user = await getUserByAuthorizationCode(ctx.params?.id, ctx);
 			trackEvent({
 				eventKey: user?.id.toString() ?? UNKNOWN_USER,
 				eventType: EVENT_TYPES.USER_SIGN_IN_FAILED,
@@ -584,7 +570,7 @@ const initSessionEvents = (tracker) => {
 				}
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	return {
 		trackUserSignedIn,
@@ -773,7 +759,7 @@ const initVerificationEvents = (tracker) => {
 				countryCode: location?.countryCode
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	const trackPasswordResetRequestCompletion = (verification, trigger, ctx, location) => {
 		const track = async () => {
@@ -795,7 +781,7 @@ const initVerificationEvents = (tracker) => {
 				countryCode: location?.countryCode
 			});
 		};
-		backgroundTask(track);
+		ctx.context.runInBackground(track());
 	};
 	return {
 		trackPasswordResetRequest,
@@ -851,7 +837,13 @@ const initTrackEvents = (options) => {
 				logger.debug("[Dash] Failed to track event:", e);
 			}
 		};
-		track();
+		const onSuccess = (ctx) => {
+			ctx.context.runInBackground(track());
+		};
+		const onError = () => {
+			track();
+		};
+		getCurrentAuthContext().then(onSuccess, onError);
 	};
 	return { tracker: { trackEvent } };
 };
@@ -2042,7 +2034,7 @@ const sentinel = (options) => {
 	const { trackEvent } = tracker;
 	if (!opts.apiKey) logger.warn("[Sentinel] Missing BETTER_AUTH_API_KEY. Security checks may fall back to allow mode when the Infra API rejects requests.");
 	const securityService = createSecurityClient(opts.apiUrl, opts.apiKey, opts.security || {}, (event) => {
-		tracker.trackEvent({
+		trackEvent({
 			eventKey: event.visitorId || event.userId || "unknown",
 			eventType: `security_${event.type}`,
 			eventDisplayName: `Security: ${event.type.replace(/_/g, " ")}`,
@@ -2073,7 +2065,7 @@ const sentinel = (options) => {
 			const displayName = isNoMxRecord ? `Security: invalid email domain ${actionVerb}` : `Security: disposable email ${actionVerb}`;
 			const description = isNoMxRecord ? `${actionVerb.charAt(0).toUpperCase() + actionVerb.slice(1)} signup attempt with invalid email domain (no MX records): ${data.email}` : `${actionVerb.charAt(0).toUpperCase() + actionVerb.slice(1)} signup attempt with disposable email: ${data.email} (${data.reason}, ${data.confidence} confidence)`;
 			logger.info(`[Sentinel] Tracking ${reason} event for email: ${data.email} (action: ${actionLabel})`);
-			tracker.trackEvent({
+			trackEvent({
 				eventKey: data.email,
 				eventType,
 				eventDisplayName: displayName,
@@ -2091,28 +2083,28 @@ const sentinel = (options) => {
 	});
 	return {
 		id: "sentinel",
-		init(ctx) {
+		init() {
 			return { options: { databaseHooks: {
 				user: { create: {
-					async before(_user, hookCtx) {
-						if (!hookCtx) return;
-						const visitorId = hookCtx.context.visitorId;
+					async before(_user, ctx) {
+						if (!ctx) return;
+						const visitorId = ctx.context.visitorId;
 						if (visitorId && opts.security?.freeTrialAbuse?.enabled) {
 							const abuseCheck = await securityService.checkFreeTrialAbuse(visitorId);
 							if (abuseCheck.isAbuse && abuseCheck.action === "block") throw new APIError("FORBIDDEN", { message: "Account creation is not allowed from this device." });
 						}
 					},
-					async after(user, hookCtx) {
-						if (!hookCtx) return;
-						const visitorId = hookCtx.context.visitorId;
-						if (visitorId && opts.security?.freeTrialAbuse?.enabled) backgroundTask(() => securityService.trackFreeTrialSignup(visitorId, user.id));
+					async after(user, ctx) {
+						if (!ctx) return;
+						const visitorId = ctx.context.visitorId;
+						if (visitorId && opts.security?.freeTrialAbuse?.enabled) await ctx.context.runInBackgroundOrAwait(securityService.trackFreeTrialSignup(visitorId, user.id));
 					}
 				} },
 				session: { create: {
-					async before(session, hookCtx) {
-						if (!hookCtx) return;
-						const visitorId = hookCtx.context.visitorId;
-						const identification = hookCtx.context.identification;
+					async before(session, ctx) {
+						if (!ctx) return;
+						const visitorId = ctx.context.visitorId;
+						const identification = ctx.context.identification;
 						if (session.userId && identification?.location && visitorId) {
 							const travelCheck = await securityService.checkImpossibleTravel(session.userId, identification.location, visitorId);
 							if (travelCheck?.isImpossible) {
@@ -2121,13 +2113,13 @@ const sentinel = (options) => {
 							}
 						}
 					},
-					async after(session, hookCtx) {
-						if (!hookCtx || !session.userId) return;
-						const visitorId = hookCtx.context.visitorId;
-						const identification = hookCtx.context.identification;
+					async after(session, ctx) {
+						if (!ctx || !session.userId) return;
+						const visitorId = ctx.context.visitorId;
+						const identification = ctx.context.identification;
 						let user = null;
 						try {
-							user = await hookCtx.context.adapter.findOne({
+							user = await ctx.context.adapter.findOne({
 								model: "user",
 								select: [
 									"email",
@@ -2143,7 +2135,7 @@ const sentinel = (options) => {
 							logger.warn("[Sentinel] Failed to fetch user for security checks:", error);
 						}
 						if (visitorId) {
-							if (await securityService.checkUnknownDevice(session.userId, visitorId) && user?.email) backgroundTask(() => securityService.notifyUnknownDevice(session.userId, user.email, identification));
+							if (await securityService.checkUnknownDevice(session.userId, visitorId) && user?.email) await ctx.context.runInBackgroundOrAwait(securityService.notifyUnknownDevice(session.userId, user.email, identification));
 						}
 						if (opts.security?.staleUsers?.enabled && user) {
 							const staleCheck = await securityService.checkStaleUser(session.userId, user.lastActiveAt || null);
@@ -2182,7 +2174,7 @@ const sentinel = (options) => {
 								});
 							}
 						}
-						if (identification?.location) backgroundTask(() => securityService.storeLastLocation(session.userId, identification.location));
+						if (identification?.location) await ctx.context.runInBackgroundOrAwait(securityService.storeLastLocation(session.userId, identification.location));
 					}
 				} }
 			} } };
@@ -2195,11 +2187,11 @@ const sentinel = (options) => {
 				},
 				{
 					matcher: (ctx) => ctx.request?.method !== "GET",
-					handler: createAuthMiddleware(async (hookCtx) => {
-						const visitorId = hookCtx.context.visitorId;
-						const powSolution = hookCtx.headers?.get?.("X-PoW-Solution");
+					handler: createAuthMiddleware(async (ctx) => {
+						const visitorId = ctx.context.visitorId;
+						const powSolution = ctx.headers?.get?.("X-PoW-Solution");
 						if (visitorId && powSolution) {
-							if ((await securityService.verifyPoWSolution(visitorId, powSolution)).valid) hookCtx.context.powVerified = true;
+							if ((await securityService.verifyPoWSolution(visitorId, powSolution)).valid) ctx.context.powVerified = true;
 						}
 					})
 				},
@@ -2207,10 +2199,10 @@ const sentinel = (options) => {
 				...phoneValidationHooks.before,
 				{
 					matcher: (ctx) => ctx.request?.method !== "GET",
-					handler: createAuthMiddleware(async (hookCtx) => {
-						const visitorId = hookCtx.context.visitorId;
-						const identification = hookCtx.context.identification;
-						const isSignIn = matchesAnyRoute(hookCtx.path, [
+					handler: createAuthMiddleware(async (ctx) => {
+						const visitorId = ctx.context.visitorId;
+						const identification = ctx.context.identification;
+						const isSignIn = matchesAnyRoute(ctx.path, [
 							routes.SIGN_IN_EMAIL,
 							routes.SIGN_IN_USERNAME,
 							routes.SIGN_IN_EMAIL_OTP,
@@ -2220,17 +2212,17 @@ const sentinel = (options) => {
 							routes.SIGN_IN_SSO,
 							routes.SIGN_IN_ANONYMOUS
 						]);
-						const isSignUp = matchesAnyRoute(hookCtx.path, [routes.SIGN_UP_EMAIL]);
-						const isPasswordReset = matchesAnyRoute(hookCtx.path, [routes.FORGET_PASSWORD, routes.REQUEST_PASSWORD_RESET]);
-						const isTwoFactor = matchesAnyRoute(hookCtx.path, [
+						const isSignUp = matchesAnyRoute(ctx.path, [routes.SIGN_UP_EMAIL]);
+						const isPasswordReset = matchesAnyRoute(ctx.path, [routes.FORGET_PASSWORD, routes.REQUEST_PASSWORD_RESET]);
+						const isTwoFactor = matchesAnyRoute(ctx.path, [
 							routes.TWO_FACTOR_VERIFY_TOTP,
 							routes.TWO_FACTOR_VERIFY_BACKUP,
 							routes.TWO_FACTOR_VERIFY_OTP
 						]);
-						const isOtpSend = matchesAnyRoute(hookCtx.path, [routes.EMAIL_OTP_SEND, routes.PHONE_SEND_OTP]);
-						const isMagicLinkVerify = matchesAnyRoute(hookCtx.path, [routes.MAGIC_LINK_VERIFY]);
-						const isOrgCreate = matchesAnyRoute(hookCtx.path, [routes.ORG_CREATE]);
-						const isSensitiveAction = matchesAnyRoute(hookCtx.path, [
+						const isOtpSend = matchesAnyRoute(ctx.path, [routes.EMAIL_OTP_SEND, routes.PHONE_SEND_OTP]);
+						const isMagicLinkVerify = matchesAnyRoute(ctx.path, [routes.MAGIC_LINK_VERIFY]);
+						const isOrgCreate = matchesAnyRoute(ctx.path, [routes.ORG_CREATE]);
+						const isSensitiveAction = matchesAnyRoute(ctx.path, [
 							routes.CHANGE_EMAIL,
 							routes.CHANGE_PASSWORD,
 							routes.SET_PASSWORD,
@@ -2238,9 +2230,9 @@ const sentinel = (options) => {
 							routes.PASSKEY_ADD
 						]);
 						if (!(isSignIn || isSignUp || isPasswordReset || isTwoFactor || isOtpSend || isMagicLinkVerify || isOrgCreate || isSensitiveAction)) return;
-						const requestBody = hookCtx.body;
+						const requestBody = ctx.body;
 						const identifier = requestBody?.email || requestBody?.phone || requestBody?.username || void 0;
-						const powVerified = hookCtx.context.powVerified === true;
+						const powVerified = ctx.context.powVerified === true;
 						if (visitorId && powVerified) trackEvent({
 							eventKey: visitorId,
 							eventType: "security_allowed",
@@ -2249,8 +2241,8 @@ const sentinel = (options) => {
 								action: "allowed",
 								reason: "pow_verified",
 								visitorId,
-								path: hookCtx.path,
-								userAgent: hookCtx.headers?.get?.("user-agent") || "",
+								path: ctx.path,
+								userAgent: ctx.headers?.get?.("user-agent") || "",
 								identifier,
 								detectionLabel: "Challenge Completed",
 								description: identifier ? `Successfully completed security challenge for "${identifier}"` : "Successfully completed security challenge"
@@ -2270,8 +2262,8 @@ const sentinel = (options) => {
 										action: "blocked",
 										reason: "credential_stuffing",
 										visitorId,
-										path: hookCtx.path,
-										userAgent: hookCtx.headers?.get?.("user-agent") || "",
+										path: ctx.path,
+										userAgent: ctx.headers?.get?.("user-agent") || "",
 										identifier,
 										detectionType: "cooldown_active",
 										detectionLabel: "Credential Stuffing",
@@ -2287,19 +2279,19 @@ const sentinel = (options) => {
 							}
 						}
 						await runSecurityChecks({
-							path: hookCtx.path,
+							path: ctx.path,
 							identifier,
 							visitorId,
 							identification,
-							userAgent: hookCtx.headers?.get?.("user-agent") || ""
+							userAgent: ctx.headers?.get?.("user-agent") || ""
 						}, securityService, trackEvent, powVerified);
-						if (matchesAnyRoute(hookCtx.path, [
+						if (matchesAnyRoute(ctx.path, [
 							routes.SIGN_UP_EMAIL,
 							routes.CHANGE_PASSWORD,
 							routes.SET_PASSWORD,
 							routes.RESET_PASSWORD
 						])) {
-							const body = hookCtx.body;
+							const body = ctx.body;
 							const passwordToCheck = body?.newPassword || body?.password;
 							if (passwordToCheck) {
 								const compromisedResult = await securityService.checkCompromisedPassword(passwordToCheck);
@@ -2316,18 +2308,18 @@ const sentinel = (options) => {
 			],
 			after: [{
 				matcher: (ctx) => ctx.request?.method !== "GET",
-				handler: createAuthMiddleware(async (hookCtx) => {
-					const visitorId = hookCtx.context.visitorId;
-					const identification = hookCtx.context.identification;
-					const body = hookCtx.body;
-					if (matchesAnyRoute(hookCtx.path, [routes.SIGN_IN_EMAIL, routes.SIGN_IN_EMAIL_OTP]) && hookCtx.context.returned instanceof Error && body?.email && body?.password && visitorId) {
+				handler: createAuthMiddleware(async (ctx) => {
+					const visitorId = ctx.context.visitorId;
+					const identification = ctx.context.identification;
+					const body = ctx.body;
+					if (matchesAnyRoute(ctx.path, [routes.SIGN_IN_EMAIL, routes.SIGN_IN_EMAIL_OTP]) && ctx.context.returned instanceof Error && body?.email && body?.password && visitorId) {
 						const { email, password } = body;
 						const ip = identification?.ip || null;
-						backgroundTask(() => securityService.trackFailedAttempt(email, visitorId, password, ip));
+						await ctx.context.runInBackgroundOrAwait(securityService.trackFailedAttempt(email, visitorId, password, ip));
 					}
-					if (matchesAnyRoute(hookCtx.path, [routes.SIGN_IN_EMAIL, routes.SIGN_IN_EMAIL_OTP]) && !(hookCtx.context.returned instanceof Error) && body?.email) {
+					if (matchesAnyRoute(ctx.path, [routes.SIGN_IN_EMAIL, routes.SIGN_IN_EMAIL_OTP]) && !(ctx.context.returned instanceof Error) && body?.email) {
 						const email = body.email;
-						backgroundTask(() => securityService.clearFailedAttempts(email));
+						await ctx.context.runInBackgroundOrAwait(securityService.clearFailedAttempts(email));
 					}
 				})
 			}]
@@ -4127,13 +4119,13 @@ const listOrganizations = (options) => {
 		});
 		const needsInMemoryProcessing = sortBy === "members" || !!filterMembers;
 		const dbSortBy = sortBy === "members" ? "createdAt" : sortBy;
+		const fetchLimit = needsInMemoryProcessing ? 1e3 : limit;
+		const fetchOffset = needsInMemoryProcessing ? 0 : offset;
 		const [organizations, initialTotal] = await Promise.all([ctx.context.adapter.findMany({
 			model: "organization",
 			where,
-			...needsInMemoryProcessing ? {} : {
-				limit,
-				offset
-			},
+			limit: fetchLimit,
+			offset: fetchOffset,
 			sortBy: {
 				field: dbSortBy,
 				direction: sortOrder
@@ -8054,7 +8046,7 @@ const dash = (options) => {
 			getDashDirectoryDetails: getDirectoryDetails(opts),
 			dashExecuteAdapter: executeAdapter(opts)
 		},
-		schema: { ...opts.activityTracking?.enabled ? { user: { fields: { lastActiveAt: { type: "date" } } } } : {} }
+		schema: opts.activityTracking?.enabled ? { user: { fields: { lastActiveAt: { type: "date" } } } } : {}
 	};
 };
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/infra",
-  "version": "0.1.9-beta.1",
+  "version": "0.1.10",
   "description": "Dashboard and analytics plugin for Better Auth",
   "type": "module",
   "main": "dist/index.mjs",
@@ -10,15 +10,18 @@
   "exports": {
     ".": {
       "types": "./dist/index.d.mts",
-      "import": "./dist/index.mjs"
+      "import": "./dist/index.mjs",
+      "default": "./dist/index.mjs"
     },
     "./client": {
       "types": "./dist/client.d.mts",
-      "import": "./dist/client.mjs"
+      "import": "./dist/client.mjs",
+      "default": "./dist/client.mjs"
     },
     "./email": {
       "types": "./dist/email.d.mts",
-      "import": "./dist/email.mjs"
+      "import": "./dist/email.mjs",
+      "default": "./dist/email.mjs"
     }
   },
   "files": [