@better-auth/mcp 1.4.13

package/LICENSE.md

@@ -0,0 +1,17 @@
+The MIT License (MIT)
+Copyright (c) 2024 - present, Bereket Engida
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software
+and associated documentation files (the "Software"), to deal in the Software without restriction,
+including without limitation the rights to use, copy, modify, merge, publish, distribute,
+sublicense, and/or sell copies of the Software, and to permit persons to whom the Software
+is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or
+substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
+BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

package/dist/index.d.mts

@@ -0,0 +1 @@
+export { };

package/dist/index.mjs

@@ -0,0 +1,1029 @@
+#!/usr/bin/env node
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import * as z from "zod";
+
+//#region src/lib/parser.ts
+function parseExistingSetup(existingSetup) {
+	const detected = { features: [] };
+	if (existingSetup.authConfig) {
+		const config = existingSetup.authConfig;
+		detected.database = detectDatabase(config);
+		detected.orm = detectORM(config);
+		detected.features = detectFeatures(config, existingSetup.authClientConfig);
+	}
+	return detected;
+}
+function detectDatabase(config) {
+	if (/provider:\s*["']postgresql["']/.test(config) || /provider:\s*["']pg["']/.test(config)) return "postgres";
+	if (/provider:\s*["']mysql["']/.test(config)) return "mysql";
+	if (/provider:\s*["']sqlite["']/.test(config)) return "sqlite";
+	if (/provider:\s*["']mongodb["']/.test(config)) return "mongodb";
+}
+function detectORM(config) {
+	if (/prismaAdapter\(/.test(config)) return "prisma";
+	if (/drizzleAdapter\(/.test(config)) return "drizzle";
+	if (/database:\s*\{[\s\S]*provider:/.test(config)) return "none";
+}
+function detectFeatures(serverConfig, clientConfig) {
+	const features = [];
+	if (/emailAndPassword:\s*\{[\s\S]*enabled:\s*true/.test(serverConfig)) features.push("email-password");
+	for (const provider of [
+		"google",
+		"github",
+		"apple",
+		"discord",
+		"twitter",
+		"facebook",
+		"microsoft",
+		"linkedin"
+	]) if ((/* @__PURE__ */ new RegExp(`${provider}:\\s*\\{`)).test(serverConfig)) features.push(provider);
+	for (const [pattern, feature] of [
+		[/twoFactor\(/, "2fa"],
+		[/organization\(/, "organization"],
+		[/admin\(/, "admin"],
+		[/username\(/, "username"],
+		[/multiSession\(/, "multi-session"],
+		[/apiKey\(/, "api-key"],
+		[/bearer\(/, "bearer"],
+		[/jwt\(/, "jwt"],
+		[/magicLink\(/, "magic-link"],
+		[/phoneNumber\(/, "phone-number"],
+		[/passkey\(/, "passkey"],
+		[/anonymous\(/, "anonymous"],
+		[/captcha\(/, "captcha"]
+	]) if (pattern.test(serverConfig)) features.push(feature);
+	return features;
+}
+function computeFeatureDiff(existing, requested) {
+	return {
+		toAdd: requested.filter((f) => !existing.includes(f)),
+		existing: requested.filter((f) => existing.includes(f))
+	};
+}
+
+//#endregion
+//#region src/lib/templates/database.ts
+const DATABASE_CONFIGS = {
+	postgres: {
+		provider: "postgresql",
+		envVarName: "DATABASE_URL",
+		connectionStringExample: "postgresql://user:password@localhost:5432/mydb"
+	},
+	mysql: {
+		provider: "mysql",
+		envVarName: "DATABASE_URL",
+		connectionStringExample: "mysql://user:password@localhost:3306/mydb"
+	},
+	sqlite: {
+		provider: "sqlite",
+		envVarName: "DATABASE_URL",
+		connectionStringExample: "file:./dev.db"
+	},
+	mongodb: {
+		provider: "mongodb",
+		envVarName: "DATABASE_URL",
+		connectionStringExample: "mongodb://localhost:27017/mydb"
+	}
+};
+const ORM_CONFIGS = {
+	prisma: {
+		adapterImport: `import { prismaAdapter } from "better-auth/adapters/prisma";
+import { PrismaClient } from "@prisma/client";`,
+		adapterSetup: (dbProvider) => `prismaAdapter(prisma, {
+    provider: "${dbProvider}",
+  })`,
+		schemaCommand: "npx @better-auth/cli generate --output prisma/schema.prisma",
+		pushCommand: "npx prisma db push"
+	},
+	drizzle: {
+		adapterImport: `import { drizzleAdapter } from "better-auth/adapters/drizzle";
+import { db } from "./db";`,
+		adapterSetup: (dbProvider) => `drizzleAdapter(db, {
+    provider: "${getShortProvider(dbProvider)}",
+  })`,
+		schemaCommand: "npx @better-auth/cli generate --output src/lib/schema.ts",
+		pushCommand: "npx drizzle-kit push"
+	},
+	none: {
+		adapterImport: "",
+		adapterSetup: (dbProvider) => `{
+    provider: "${getShortProvider(dbProvider)}",
+    url: process.env.DATABASE_URL,
+  }`,
+		pushCommand: "npx @better-auth/cli migrate"
+	}
+};
+function getShortProvider(provider) {
+	switch (provider) {
+		case "postgresql": return "pg";
+		case "mysql": return "mysql";
+		case "sqlite": return "sqlite";
+		case "mongodb": return "mongodb";
+		default: return provider;
+	}
+}
+function generateDatabaseConfig(database, orm) {
+	if (orm === "drizzle" && database === "mongodb") throw new Error("Drizzle ORM does not support MongoDB. Please select Prisma or use the built-in MongoDB adapter instead.");
+	const dbConfig = DATABASE_CONFIGS[database];
+	const ormConfig = ORM_CONFIGS[orm];
+	let imports = "";
+	let prismaInstance = "";
+	if (orm === "prisma") {
+		imports = ormConfig.adapterImport;
+		prismaInstance = "\nconst prisma = new PrismaClient();\n";
+	} else if (orm === "drizzle") imports = ormConfig.adapterImport;
+	const config = ormConfig.adapterSetup(dbConfig.provider);
+	return {
+		imports,
+		config,
+		prismaInstance
+	};
+}
+function getDatabaseEnvVar(database) {
+	const config = DATABASE_CONFIGS[database];
+	return {
+		name: config.envVarName,
+		description: `${database.charAt(0).toUpperCase() + database.slice(1)} connection string`,
+		required: true,
+		example: config.connectionStringExample
+	};
+}
+function getDatabaseCommands(orm) {
+	const ormConfig = ORM_CONFIGS[orm];
+	const commands = [];
+	if (ormConfig.schemaCommand) commands.push({
+		command: ormConfig.schemaCommand,
+		description: `Generate ${orm === "prisma" ? "Prisma" : "Drizzle"} schema for auth tables`
+	});
+	commands.push({
+		command: ormConfig.pushCommand,
+		description: orm === "none" ? "Run database migrations for auth tables" : `Push ${orm === "prisma" ? "Prisma" : "Drizzle"} schema to database`,
+		when: "After setting DATABASE_URL"
+	});
+	return commands;
+}
+
+//#endregion
+//#region src/lib/templates/features.ts
+function generateSocialProviderConfig(provider) {
+	const upperName = provider.toUpperCase();
+	return `${provider}: {
+      clientId: process.env.${upperName}_CLIENT_ID!,
+      clientSecret: process.env.${upperName}_CLIENT_SECRET!,
+    }`;
+}
+function getSocialProviderEnvVars(provider) {
+	const upperName = provider.toUpperCase();
+	const providerName = provider.charAt(0).toUpperCase() + provider.slice(1);
+	return [{
+		name: `${upperName}_CLIENT_ID`,
+		description: `${providerName} OAuth client ID`,
+		required: true,
+		howToGet: `Create OAuth app at ${providerName} developer console`
+	}, {
+		name: `${upperName}_CLIENT_SECRET`,
+		description: `${providerName} OAuth client secret`,
+		required: true,
+		howToGet: `Create OAuth app at ${providerName} developer console`
+	}];
+}
+const PLUGIN_CONFIGS = {
+	"2fa": {
+		serverImport: "import { twoFactor } from \"better-auth/plugins\";",
+		clientImport: "import { twoFactorClient } from \"better-auth/client/plugins\";",
+		serverPlugin: () => `twoFactor()`,
+		clientPlugin: () => `twoFactorClient()`
+	},
+	organization: {
+		serverImport: "import { organization } from \"better-auth/plugins\";",
+		clientImport: "import { organizationClient } from \"better-auth/client/plugins\";",
+		serverPlugin: () => `organization()`,
+		clientPlugin: () => `organizationClient()`
+	},
+	admin: {
+		serverImport: "import { admin } from \"better-auth/plugins\";",
+		clientImport: "import { adminClient } from \"better-auth/client/plugins\";",
+		serverPlugin: () => `admin()`,
+		clientPlugin: () => `adminClient()`
+	},
+	username: {
+		serverImport: "import { username } from \"better-auth/plugins\";",
+		clientImport: "import { usernameClient } from \"better-auth/client/plugins\";",
+		serverPlugin: () => `username()`,
+		clientPlugin: () => `usernameClient()`
+	},
+	"multi-session": {
+		serverImport: "import { multiSession } from \"better-auth/plugins\";",
+		clientImport: "import { multiSessionClient } from \"better-auth/client/plugins\";",
+		serverPlugin: () => `multiSession()`,
+		clientPlugin: () => `multiSessionClient()`
+	},
+	"api-key": {
+		serverImport: "import { apiKey } from \"better-auth/plugins\";",
+		clientImport: "import { apiKeyClient } from \"better-auth/client/plugins\";",
+		serverPlugin: () => `apiKey()`,
+		clientPlugin: () => `apiKeyClient()`
+	},
+	bearer: {
+		serverImport: "import { bearer } from \"better-auth/plugins\";",
+		serverPlugin: () => `bearer()`
+	},
+	jwt: {
+		serverImport: "import { jwt } from \"better-auth/plugins\";",
+		serverPlugin: () => `jwt()`
+	},
+	"magic-link": {
+		serverImport: "import { magicLink } from \"better-auth/plugins\";",
+		clientImport: "import { magicLinkClient } from \"better-auth/client/plugins\";",
+		serverPlugin: () => `magicLink({
+      sendMagicLink: async ({ email, url }) => {
+        // TODO: Send magic link email
+        console.log("Send magic link to", email, url);
+      },
+    })`,
+		clientPlugin: () => `magicLinkClient()`
+	},
+	"phone-number": {
+		serverImport: "import { phoneNumber } from \"better-auth/plugins\";",
+		clientImport: "import { phoneNumberClient } from \"better-auth/client/plugins\";",
+		serverPlugin: () => `phoneNumber({
+      sendOTP: async ({ phoneNumber, code }) => {
+        // TODO: Send OTP via SMS
+        console.log("Send OTP", code, "to", phoneNumber);
+      },
+    })`,
+		clientPlugin: () => `phoneNumberClient()`
+	},
+	passkey: {
+		serverImport: "import { passkey } from \"better-auth/plugins\";",
+		clientImport: "import { passkeyClient } from \"better-auth/client/plugins\";",
+		serverPlugin: () => `passkey()`,
+		clientPlugin: () => `passkeyClient()`
+	},
+	anonymous: {
+		serverImport: "import { anonymous } from \"better-auth/plugins\";",
+		clientImport: "import { anonymousClient } from \"better-auth/client/plugins\";",
+		serverPlugin: () => `anonymous()`,
+		clientPlugin: () => `anonymousClient()`
+	},
+	captcha: {
+		serverImport: "import { captcha } from \"better-auth/plugins\";",
+		serverPlugin: () => `captcha({
+      provider: "cloudflare-turnstile", // or "recaptcha" or "hcaptcha"
+      secretKey: process.env.CAPTCHA_SECRET_KEY!,
+    })`,
+		envVars: [{
+			name: "CAPTCHA_SECRET_KEY",
+			description: "Captcha provider secret key",
+			required: true
+		}]
+	}
+};
+function generatePluginImports(plugins) {
+	const serverImports = [];
+	const clientImports = [];
+	for (const plugin of plugins) {
+		const config = PLUGIN_CONFIGS[plugin];
+		if (config) {
+			serverImports.push(config.serverImport);
+			if (config.clientImport) clientImports.push(config.clientImport);
+		}
+	}
+	return {
+		serverImports,
+		clientImports
+	};
+}
+function generatePluginSetup(plugins) {
+	const serverPlugins = [];
+	const clientPlugins = [];
+	for (const plugin of plugins) {
+		const config = PLUGIN_CONFIGS[plugin];
+		if (config) {
+			serverPlugins.push(config.serverPlugin());
+			if (config.clientPlugin) clientPlugins.push(config.clientPlugin());
+		}
+	}
+	return {
+		serverPlugins,
+		clientPlugins
+	};
+}
+function getPluginEnvVars(plugins) {
+	const envVars = [];
+	for (const plugin of plugins) {
+		const config = PLUGIN_CONFIGS[plugin];
+		if (config?.envVars) envVars.push(...config.envVars);
+	}
+	return envVars;
+}
+function categorizeFeatures(features) {
+	const socialProviders = [];
+	const plugins = [];
+	let hasEmailPassword = false;
+	for (const feature of features) if (feature === "email-password") hasEmailPassword = true;
+	else if (feature in PLUGIN_CONFIGS) plugins.push(feature);
+	else socialProviders.push(feature);
+	return {
+		socialProviders,
+		plugins,
+		hasEmailPassword
+	};
+}
+
+//#endregion
+//#region src/lib/templates/frameworks.ts
+const FRAMEWORK_CONFIGS = {
+	"next-app-router": {
+		name: "Next.js (App Router)",
+		defaultSrcDir: false,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "app/api/auth/[...all]",
+		clientImport: "import { createAuthClient } from \"better-auth/react\";",
+		handlerImport: "import { toNextJsHandler } from \"better-auth/next-js\";",
+		handlerFunction: "toNextJsHandler",
+		apiRouteTemplate: (authPath) => `import { auth } from "@/${authPath}";
+import { toNextJsHandler } from "better-auth/next-js";
+
+export const { GET, POST } = toNextJsHandler(auth);`,
+		defaultPort: 3e3
+	},
+	"next-pages-router": {
+		name: "Next.js (Pages Router)",
+		defaultSrcDir: false,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "pages/api/auth/[...all]",
+		clientImport: "import { createAuthClient } from \"better-auth/react\";",
+		handlerImport: "import { toNodeHandler } from \"better-auth/node\";",
+		handlerFunction: "toNodeHandler",
+		apiRouteTemplate: (authPath) => `import { toNodeHandler } from "better-auth/node";
+import { auth } from "@/${authPath}";
+
+export const config = { api: { bodyParser: false } };
+export default toNodeHandler(auth);`,
+		defaultPort: 3e3
+	},
+	sveltekit: {
+		name: "SvelteKit",
+		defaultSrcDir: true,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "routes/api/auth/[...all]",
+		clientImport: "import { createAuthClient } from \"better-auth/svelte\";",
+		handlerImport: "import { svelteKitHandler } from \"better-auth/svelte-kit\";",
+		handlerFunction: "svelteKitHandler",
+		apiRouteTemplate: () => "",
+		hooksTemplate: (authPath) => `import { auth } from "$${authPath}";
+import { svelteKitHandler } from "better-auth/svelte-kit";
+import type { Handle } from "@sveltejs/kit";
+
+export const handle: Handle = async ({ event, resolve }) => {
+  return svelteKitHandler({ event, resolve, auth });
+};`,
+		defaultPort: 5173
+	},
+	astro: {
+		name: "Astro",
+		defaultSrcDir: true,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "pages/api/auth/[...all]",
+		clientImport: "import { createAuthClient } from \"better-auth/client\";",
+		handlerImport: "",
+		handlerFunction: "",
+		apiRouteTemplate: (authPath) => `import type { APIRoute } from "astro";
+import { auth } from "@/${authPath}";
+
+export const GET: APIRoute = async (ctx) => {
+  return auth.handler(ctx.request);
+};
+
+export const POST: APIRoute = async (ctx) => {
+  return auth.handler(ctx.request);
+};`,
+		defaultPort: 4321
+	},
+	remix: {
+		name: "Remix",
+		defaultSrcDir: true,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "routes/api.auth.$",
+		clientImport: "import { createAuthClient } from \"better-auth/react\";",
+		handlerImport: "",
+		handlerFunction: "",
+		apiRouteTemplate: (authPath) => `import { auth } from "~/${authPath}";
+import type { ActionFunctionArgs, LoaderFunctionArgs } from "@remix-run/node";
+
+export async function loader({ request }: LoaderFunctionArgs) {
+  return auth.handler(request);
+}
+
+export async function action({ request }: ActionFunctionArgs) {
+  return auth.handler(request);
+}`,
+		defaultPort: 3e3
+	},
+	nuxt: {
+		name: "Nuxt 3",
+		defaultSrcDir: false,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "server/api/auth/[...all]",
+		clientImport: "import { createAuthClient } from \"better-auth/vue\";",
+		handlerImport: "",
+		handlerFunction: "",
+		apiRouteTemplate: (authPath) => `import { auth } from "~/${authPath}";
+
+export default defineEventHandler((event) => {
+  return auth.handler(toWebRequest(event));
+});`,
+		defaultPort: 3e3
+	},
+	"solid-start": {
+		name: "SolidStart",
+		defaultSrcDir: true,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "routes/api/auth/[...all]",
+		clientImport: "import { createAuthClient } from \"better-auth/solid\";",
+		handlerImport: "",
+		handlerFunction: "",
+		apiRouteTemplate: (authPath) => `import { auth } from "~/${authPath}";
+import type { APIEvent } from "@solidjs/start/server";
+
+export async function GET(event: APIEvent) {
+  return auth.handler(event.request);
+}
+
+export async function POST(event: APIEvent) {
+  return auth.handler(event.request);
+}`,
+		defaultPort: 3e3
+	},
+	hono: {
+		name: "Hono",
+		defaultSrcDir: true,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "",
+		clientImport: "import { createAuthClient } from \"better-auth/client\";",
+		handlerImport: "",
+		handlerFunction: "",
+		apiRouteTemplate: (authPath) => `import { Hono } from "hono";
+import { auth } from "./${authPath}";
+
+const app = new Hono();
+
+app.on(["POST", "GET"], "/api/auth/**", (c) => {
+  return auth.handler(c.req.raw);
+});
+
+export default app;`,
+		defaultPort: 3e3
+	},
+	express: {
+		name: "Express.js",
+		defaultSrcDir: true,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "",
+		clientImport: "import { createAuthClient } from \"better-auth/client\";",
+		handlerImport: "import { toNodeHandler } from \"better-auth/node\";",
+		handlerFunction: "toNodeHandler",
+		apiRouteTemplate: (authPath) => `import express from "express";
+import { toNodeHandler } from "better-auth/node";
+import { auth } from "./${authPath}";
+
+const app = express();
+
+app.all("/api/auth/*", toNodeHandler(auth));
+
+app.listen(3000, () => {
+  console.log("Server running on port 3000");
+});`,
+		defaultPort: 3e3
+	},
+	fastify: {
+		name: "Fastify",
+		defaultSrcDir: true,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "",
+		clientImport: "import { createAuthClient } from \"better-auth/client\";",
+		handlerImport: "import { toNodeHandler } from \"better-auth/node\";",
+		handlerFunction: "toNodeHandler",
+		apiRouteTemplate: (authPath) => `import Fastify from "fastify";
+import { toNodeHandler } from "better-auth/node";
+import { auth } from "./${authPath}";
+
+const fastify = Fastify();
+
+fastify.all("/api/auth/*", async (request, reply) => {
+  const handler = toNodeHandler(auth);
+  return handler(request.raw, reply.raw);
+});
+
+fastify.listen({ port: 3000 }, (err) => {
+  if (err) throw err;
+  console.log("Server running on port 3000");
+});`,
+		defaultPort: 3e3
+	},
+	elysia: {
+		name: "Elysia (Bun)",
+		defaultSrcDir: true,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "",
+		clientImport: "import { createAuthClient } from \"better-auth/client\";",
+		handlerImport: "",
+		handlerFunction: "",
+		apiRouteTemplate: (authPath) => `import { Elysia } from "elysia";
+import { auth } from "./${authPath}";
+
+const app = new Elysia()
+  .all("/api/auth/*", ({ request }) => auth.handler(request))
+  .listen(3000);
+
+console.log("Server running on port 3000");`,
+		defaultPort: 3e3
+	},
+	"tanstack-start": {
+		name: "TanStack Start",
+		defaultSrcDir: true,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "routes/api/auth.$",
+		clientImport: "import { createAuthClient } from \"better-auth/react\";",
+		handlerImport: "",
+		handlerFunction: "",
+		apiRouteTemplate: (authPath) => `import { auth } from "~/${authPath}";
+import { createAPIFileRoute } from "@tanstack/start/api";
+
+export const Route = createAPIFileRoute("/api/auth/$")({
+  GET: ({ request }) => auth.handler(request),
+  POST: ({ request }) => auth.handler(request),
+});`,
+		defaultPort: 3e3
+	},
+	expo: {
+		name: "Expo (React Native)",
+		defaultSrcDir: true,
+		defaultAuthPath: "lib/auth",
+		defaultApiPath: "",
+		clientImport: "import { createAuthClient } from \"@better-auth/expo\";",
+		handlerImport: "",
+		handlerFunction: "",
+		apiRouteTemplate: () => "",
+		defaultPort: 8081
+	}
+};
+function getDefaultAuthPath(framework, srcDir) {
+	const basePath = FRAMEWORK_CONFIGS[framework].defaultAuthPath;
+	return srcDir ? `src/${basePath}` : basePath;
+}
+function getDefaultApiPath(framework, srcDir) {
+	const basePath = FRAMEWORK_CONFIGS[framework].defaultApiPath;
+	if (!basePath) return "";
+	return srcDir ? `src/${basePath}` : basePath;
+}
+
+//#endregion
+//#region src/lib/generator.ts
+function generateSetup(input) {
+	const framework = input.framework;
+	const database = input.database;
+	const orm = input.orm || "none";
+	const features = input.features || ["email-password"];
+	const typescript = input.typescript ?? true;
+	const srcDir = input.srcDir ?? FRAMEWORK_CONFIGS[framework].defaultSrcDir;
+	const authPath = input.authPath || getDefaultAuthPath(framework, srcDir);
+	const apiPath = input.apiPath || getDefaultApiPath(framework, srcDir);
+	let mode = "create";
+	let featuresToGenerate = features;
+	let detected;
+	if (input.existingSetup?.authConfig) {
+		mode = "update";
+		detected = parseExistingSetup(input.existingSetup);
+		featuresToGenerate = computeFeatureDiff(detected.features, features).toAdd;
+		if (featuresToGenerate.length === 0) return {
+			mode: "update",
+			files: [],
+			envVars: [],
+			commands: [],
+			detected,
+			nextSteps: ["All requested features are already configured"],
+			docs: []
+		};
+	}
+	const { socialProviders, plugins, hasEmailPassword } = categorizeFeatures(featuresToGenerate);
+	const files = [];
+	const envVars = [];
+	const commands = [];
+	const warnings = [];
+	envVars.push({
+		name: "BETTER_AUTH_SECRET",
+		description: "Secret key for signing tokens",
+		required: true,
+		howToGet: "Run: npx @better-auth/cli secret"
+	});
+	envVars.push(getDatabaseEnvVar(database));
+	for (const provider of socialProviders) envVars.push(...getSocialProviderEnvVars(provider));
+	envVars.push(...getPluginEnvVars(plugins));
+	if (mode === "create") {
+		const authFile = generateAuthFile({
+			framework,
+			database,
+			orm,
+			socialProviders,
+			plugins,
+			hasEmailPassword,
+			typescript
+		});
+		files.push({
+			path: `${authPath}.${typescript ? "ts" : "js"}`,
+			description: "Better Auth server configuration",
+			action: "create",
+			content: authFile
+		});
+		const clientFile = generateClientFile({
+			framework,
+			plugins,
+			typescript
+		});
+		files.push({
+			path: `${authPath}-client.${typescript ? "ts" : "js"}`,
+			description: "Better Auth client configuration",
+			action: "create",
+			content: clientFile
+		});
+		if (apiPath) {
+			const apiFile = generateApiRouteFile(framework, authPath);
+			if (apiFile) files.push({
+				path: `${apiPath}/route.${typescript ? "ts" : "js"}`,
+				description: "API route handler for auth endpoints",
+				action: "create",
+				content: apiFile
+			});
+		}
+		const frameworkConfig = FRAMEWORK_CONFIGS[framework];
+		if (frameworkConfig.hooksTemplate) files.push({
+			path: srcDir ? "src/hooks.server.ts" : "hooks.server.ts",
+			description: "SvelteKit hooks for auth handling",
+			action: "create",
+			content: frameworkConfig.hooksTemplate(authPath)
+		});
+	} else if (socialProviders.length > 0 || plugins.length > 0 || hasEmailPassword) {
+		const changes = generateUpdateChanges({
+			socialProviders,
+			plugins,
+			hasEmailPassword
+		});
+		files.push({
+			path: `${authPath}.${typescript ? "ts" : "js"}`,
+			description: "Better Auth server configuration",
+			action: "update",
+			changes: changes.serverChanges
+		});
+		if (plugins.length > 0) files.push({
+			path: `${authPath}-client.${typescript ? "ts" : "js"}`,
+			description: "Better Auth client configuration",
+			action: "update",
+			changes: changes.clientChanges
+		});
+	}
+	commands.push({
+		command: "pnpm add better-auth",
+		description: "Install Better Auth",
+		when: "If not already installed"
+	});
+	commands.push(...getDatabaseCommands(orm));
+	const nextSteps = generateNextSteps(mode, socialProviders, plugins);
+	const docs = generateDocLinks(features);
+	return {
+		mode,
+		files,
+		envVars,
+		commands,
+		detected,
+		nextSteps,
+		warnings: warnings.length > 0 ? warnings : void 0,
+		docs
+	};
+}
+function generateAuthFile(options) {
+	const { database, orm, socialProviders, plugins, hasEmailPassword } = options;
+	const imports = ["import { betterAuth } from \"better-auth\";"];
+	const { imports: dbImports, config: dbConfig, prismaInstance } = generateDatabaseConfig(database, orm);
+	if (dbImports) imports.push(dbImports);
+	const { serverImports } = generatePluginImports(plugins);
+	imports.push(...serverImports);
+	const socialProvidersConfig = socialProviders.map((p) => `    ${generateSocialProviderConfig(p)}`).join(",\n");
+	const { serverPlugins } = generatePluginSetup(plugins);
+	let configBody = `  database: ${dbConfig},`;
+	if (hasEmailPassword) configBody += `
+  emailAndPassword: {
+    enabled: true,
+  },`;
+	if (socialProviders.length > 0) configBody += `
+  socialProviders: {
+${socialProvidersConfig}
+  },`;
+	if (serverPlugins.length > 0) configBody += `
+  plugins: [
+    ${serverPlugins.join(",\n    ")}
+  ],`;
+	return `${imports.join("\n")}
+${prismaInstance || ""}
+export const auth = betterAuth({
+${configBody}
+});
+`;
+}
+function generateClientFile(options) {
+	const { framework, plugins } = options;
+	const imports = [FRAMEWORK_CONFIGS[framework].clientImport];
+	const { clientImports } = generatePluginImports(plugins);
+	imports.push(...clientImports);
+	const { clientPlugins } = generatePluginSetup(plugins);
+	let configBody = "";
+	if (clientPlugins.length > 0) configBody = `{
+  plugins: [
+    ${clientPlugins.join(",\n    ")}
+  ],
+}`;
+	else configBody = "{}";
+	return `${imports.join("\n")}
+
+export const authClient = createAuthClient(${configBody});
+`;
+}
+function generateApiRouteFile(framework, authPath) {
+	const frameworkConfig = FRAMEWORK_CONFIGS[framework];
+	if (!frameworkConfig.apiRouteTemplate) return null;
+	return frameworkConfig.apiRouteTemplate(authPath) || null;
+}
+function generateUpdateChanges(options) {
+	const { socialProviders, plugins, hasEmailPassword } = options;
+	const serverChanges = [];
+	const clientChanges = [];
+	if (hasEmailPassword) serverChanges.push({
+		type: "add_to_config",
+		content: `emailAndPassword: {
+    enabled: true,
+  }`,
+		description: "Enable email and password authentication"
+	});
+	const { serverImports, clientImports } = generatePluginImports(plugins);
+	for (const imp of serverImports) serverChanges.push({
+		type: "add_import",
+		content: imp,
+		description: "Add plugin import"
+	});
+	for (const provider of socialProviders) serverChanges.push({
+		type: "add_to_config",
+		content: generateSocialProviderConfig(provider),
+		description: `Add ${provider} social provider`
+	});
+	const { serverPlugins, clientPlugins } = generatePluginSetup(plugins);
+	for (const plugin of serverPlugins) serverChanges.push({
+		type: "add_plugin",
+		content: plugin,
+		description: "Add server plugin"
+	});
+	for (const imp of clientImports) clientChanges.push({
+		type: "add_import",
+		content: imp,
+		description: "Add client plugin import"
+	});
+	for (const plugin of clientPlugins) clientChanges.push({
+		type: "add_plugin",
+		content: plugin,
+		description: "Add client plugin"
+	});
+	return {
+		serverChanges,
+		clientChanges
+	};
+}
+function generateNextSteps(mode, socialProviders, plugins) {
+	const steps = [];
+	if (mode === "create") {
+		steps.push("Set environment variables in .env file");
+		steps.push("Run database migrations");
+	}
+	if (socialProviders.length > 0) {
+		steps.push(`Configure OAuth apps for: ${socialProviders.join(", ")}`);
+		steps.push("Add callback URLs to OAuth provider dashboards");
+	}
+	if (plugins.includes("magic-link")) steps.push("Configure email provider for magic links");
+	if (plugins.includes("phone-number")) steps.push("Configure SMS provider for OTP");
+	if (plugins.includes("captcha")) steps.push("Set up captcha provider (Cloudflare Turnstile, reCAPTCHA, or hCaptcha)");
+	steps.push("Start your development server and test auth flow");
+	return steps;
+}
+function generateDocLinks(features) {
+	const docs = [{
+		title: "Better Auth Documentation",
+		url: "https://www.better-auth.com/docs"
+	}, {
+		title: "Getting Started",
+		url: "https://www.better-auth.com/docs/getting-started"
+	}];
+	if (features.some((f) => [
+		"google",
+		"github",
+		"apple",
+		"discord"
+	].includes(f))) docs.push({
+		title: "Social Sign-On",
+		url: "https://www.better-auth.com/docs/authentication/social-sign-on"
+	});
+	if (features.includes("2fa")) docs.push({
+		title: "Two-Factor Authentication",
+		url: "https://www.better-auth.com/docs/plugins/two-factor"
+	});
+	if (features.includes("organization")) docs.push({
+		title: "Organizations",
+		url: "https://www.better-auth.com/docs/plugins/organization"
+	});
+	if (features.includes("passkey")) docs.push({
+		title: "Passkeys",
+		url: "https://www.better-auth.com/docs/plugins/passkey"
+	});
+	return docs;
+}
+function isSetupError(result) {
+	return "error" in result;
+}
+
+//#endregion
+//#region src/lib/schemas.ts
+const FrameworkEnum = z.enum([
+	"next-app-router",
+	"next-pages-router",
+	"sveltekit",
+	"astro",
+	"remix",
+	"nuxt",
+	"solid-start",
+	"hono",
+	"express",
+	"fastify",
+	"elysia",
+	"tanstack-start",
+	"expo"
+]);
+const DatabaseEnum = z.enum([
+	"postgres",
+	"mysql",
+	"sqlite",
+	"mongodb"
+]);
+const ORMEnum = z.enum([
+	"prisma",
+	"drizzle",
+	"none"
+]);
+const FeatureEnum = z.enum([
+	"email-password",
+	"magic-link",
+	"phone-number",
+	"passkey",
+	"anonymous",
+	"google",
+	"github",
+	"apple",
+	"discord",
+	"twitter",
+	"facebook",
+	"microsoft",
+	"linkedin",
+	"2fa",
+	"captcha",
+	"organization",
+	"admin",
+	"username",
+	"multi-session",
+	"api-key",
+	"bearer",
+	"jwt"
+]);
+const ExistingSetupSchema = z.object({
+	authConfig: z.string().optional().describe("Contents of existing auth.ts file"),
+	authClientConfig: z.string().optional().describe("Contents of existing auth-client.ts file"),
+	envVars: z.array(z.string()).optional().describe("List of existing environment variable names")
+});
+
+//#endregion
+//#region src/tools/setup-auth.ts
+function registerSetupAuth(server$1) {
+	server$1.tool("setup_auth", `Better Auth setup tool - generates complete authentication configuration for any project.
+
+IMPORTANT: This tool is for the Better Auth framework (npm: better-auth). 
+NOT for NextAuth, Auth.js, Clerk, Auth0, Supabase Auth, or Firebase Auth.
+
+ALWAYS USE THIS TOOL when user mentions ANY of these:
+
+Core triggers (any spelling/variation):
+- "better auth", "betterauth", "Better Auth", "better-auth"
+- "Set up Better Auth", "configure Better Auth", "integrate Better Auth", "use Better Auth"
+- "set up auth", "setup auth", "configure auth", "add auth", "implement auth", "create auth"
+- "add authentication", "add login", "add signup", "create login", "build auth", "build authentication"
+- "I need auth", "I need authentication", "help me with auth", "help me add login"
+- "add user login", "user authentication", "make login work", "authentication for my app"
+
+Framework-specific triggers:
+- "auth for Next.js", "Next.js authentication", "add auth to my Next app", "Next.js app router auth"
+- "auth for SvelteKit", "SvelteKit authentication", "Svelte auth"
+- "auth for Remix", "auth for Nuxt", "auth for Astro", "auth for Solid", "authentication for Remix/Nuxt/Astro"
+- "Express auth", "Hono auth", "Fastify auth", "Elysia auth", "TanStack Start auth"
+- "React Native auth", "Expo auth", "mobile auth"
+
+Database triggers:
+- "auth with PostgreSQL", "auth with MySQL", "auth with SQLite", "auth with MongoDB"
+- "Set up auth with PostgreSQL/MySQL/SQLite", "configure database for auth"
+- "auth with Prisma", "auth with Drizzle", "configure auth with Prisma/Drizzle"
+
+Social/OAuth triggers:
+- "add Google login", "add GitHub login", "add Apple login", "add Discord login"
+- "add Twitter login", "add Facebook login", "add Microsoft login", "add LinkedIn login"
+- "Add Google/GitHub/Apple/Discord/Twitter/Facebook/Microsoft/LinkedIn login"
+- "add social login", "add OAuth", "add OAuth providers", "add SSO", "social authentication"
+
+Security feature triggers:
+- "Set up 2FA", "add 2FA", "add two-factor", "add two-factor authentication"
+- "enable MFA", "add TOTP", "authenticator app"
+- "add passkeys", "passwordless", "passwordless authentication", "add magic links", "email login", "email verification"
+
+Organization/team triggers:
+- "add organizations", "Add organization support", "enable multi-tenancy", "multi-tenancy"
+- "team management", "workspaces"
+
+API/token triggers:
+- "add API keys", "Add API key authentication", "bearer tokens", "JWT auth", "JWT authentication"
+
+Admin/user triggers:
+- "add admin panel", "admin auth", "admin authentication"
+- "Add user management", "user management", "handle sessions", "session management"
+- "Add username login", "username login", "phone auth", "phone number auth", "anonymous auth"
+
+OUTPUT: Returns all files, environment variables, and terminal commands needed.
+One tool call = complete auth setup ready to copy-paste.`, {
+		framework: FrameworkEnum.describe("The web framework being used. Detect from package.json or user's message. Examples: 'next-app-router' for Next.js 13+, 'next-pages-router' for Next.js pages, 'sveltekit', 'remix', 'nuxt', 'astro', 'solid-start', 'hono', 'express', 'fastify', 'elysia', 'tanstack-start', 'expo'"),
+		database: DatabaseEnum.describe("The database type. Detect from user's message or project config. Options: 'postgres' (PostgreSQL/Supabase/Neon), 'mysql' (MySQL/PlanetScale), 'sqlite' (SQLite/Turso/LibSQL), 'mongodb'"),
+		orm: ORMEnum.optional().default("none").describe("ORM being used - affects adapter imports. Options: 'prisma', 'drizzle', 'none'. Detect from package.json or user's message."),
+		features: z.array(FeatureEnum).optional().default(["email-password"]).describe("Auth features to enable. Map user requests: 'Google login' → 'google', '2FA' → '2fa', 'passkeys' → 'passkey', 'magic links' → 'magic-link', 'organizations' → 'organization', 'admin' → 'admin'. Default: ['email-password']"),
+		typescript: z.boolean().optional().default(true).describe("Generate TypeScript (.ts) or JavaScript (.js). Default: true (TypeScript)"),
+		srcDir: z.boolean().optional().describe("Whether project uses src/ directory structure. Check if src/ folder exists. Default: false. Provide true for frameworks that store app files in src/."),
+		authPath: z.string().optional().describe("Where to create auth.ts file. Auto-detected based on framework. Override only if user specifies custom path."),
+		apiPath: z.string().optional().describe("API route path for auth handler. Auto-detected based on framework. Override only if user specifies custom path."),
+		existingSetup: ExistingSetupSchema.optional().describe("For INCREMENTAL updates only. Pass existing auth.ts and auth-client.ts contents to add new features without overwriting. Read these files first if they exist.")
+	}, async (input) => {
+		try {
+			const result = generateSetup({
+				framework: input.framework,
+				database: input.database,
+				orm: input.orm || "none",
+				features: input.features || ["email-password"],
+				typescript: input.typescript ?? true,
+				srcDir: input.srcDir ?? false,
+				authPath: input.authPath,
+				apiPath: input.apiPath,
+				existingSetup: input.existingSetup
+			});
+			if (isSetupError(result)) return {
+				content: [{
+					type: "text",
+					text: JSON.stringify(result, null, 2)
+				}],
+				isError: true
+			};
+			return { content: [{
+				type: "text",
+				text: JSON.stringify(result, null, 2)
+			}] };
+		} catch (error) {
+			const message = error instanceof Error ? error.message : "Unknown error";
+			return {
+				content: [{
+					type: "text",
+					text: JSON.stringify({ error: {
+						code: "SETUP_ERROR",
+						message
+					} }, null, 2)
+				}],
+				isError: true
+			};
+		}
+	});
+}
+
+//#endregion
+//#region src/index.ts
+const server = new McpServer({
+	name: "better-auth",
+	description: "Better Auth MCP server for AI-powered auth setup and diagnostics",
+	version: "0.0.1"
+});
+registerSetupAuth(server);
+async function main() {
+	const transport = new StdioServerTransport();
+	await server.connect(transport);
+}
+main().catch(console.error);
+
+//#endregion
+export {  };

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "@better-auth/mcp",
+  "version": "1.4.13",
+  "type": "module",
+  "description": "Better Auth MCP server for AI-powered auth setup and diagnostics",
+  "module": "dist/index.mjs",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/better-auth/better-auth.git",
+    "directory": "packages/mcp"
+  },
+  "homepage": "https://www.better-auth.com/docs/concepts/cli#mcp",
+  "main": "./dist/index.mjs",
+  "publishConfig": {
+    "access": "public",
+    "executableFiles": [
+      "./dist/index.mjs"
+    ]
+  },
+  "license": "MIT",
+  "keywords": [
+    "auth",
+    "mcp",
+    "ai",
+    "model-context-protocol",
+    "better-auth"
+  ],
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.mts",
+      "default": "./dist/index.mjs"
+    }
+  },
+  "bin": {
+    "better-auth-mcp": "./dist/index.mjs"
+  },
+  "devDependencies": {
+    "tsdown": "^0.17.2",
+    "typescript": "^5.9.3"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.8.0",
+    "zod": "^3.24.2"
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsdown",
+    "dev": "tsdown --watch",
+    "typecheck": "tsc --project tsconfig.json"
+  }
+}