@better-auth/passkey 1.4.8-beta.1 → 1.4.8-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/client.d.mts +3 -3
  2. package/dist/{index-BMEjtlnp.d.mts → index-BNQEf218.d.mts} +2 -1
  3. package/dist/index.d.mts +1 -1
  4. package/dist/index.mjs +16 -16
  5. package/package.json +5 -5
package/dist/client.d.mts CHANGED
@@ -1,9 +1,9 @@
1
- import { i as WebAuthnChallengeValue, n as Passkey, r as PasskeyOptions, t as passkey } from "./index-BMEjtlnp.mjs";
2
- import * as better_auth4 from "better-auth";
1
+ import { i as WebAuthnChallengeValue, n as Passkey, r as PasskeyOptions, t as passkey } from "./index-BNQEf218.mjs";
3
2
  import * as nanostores0 from "nanostores";
4
3
  import { atom } from "nanostores";
5
4
  import * as _better_fetch_fetch0 from "@better-fetch/fetch";
6
5
  import { BetterFetch } from "@better-fetch/fetch";
6
+ import * as better_auth0 from "better-auth";
7
7
  import { ClientFetchOption, ClientStore } from "@better-auth/core";
8
8
  import { Session, User } from "better-auth/types";
9
9
  export * from "@simplewebauthn/server";
@@ -185,7 +185,7 @@ declare const passkeyClient: () => {
185
185
  isPending: boolean;
186
186
  isRefetching: boolean;
187
187
  refetch: (queryParams?: {
188
- query?: better_auth4.SessionQueryParams;
188
+ query?: better_auth0.SessionQueryParams;
189
189
  } | undefined) => Promise<void>;
190
190
  }> & object;
191
191
  $listPasskeys: nanostores0.PreinitializedWritableAtom<any> & object;
package/dist/{index-BMEjtlnp.d.mts → index-BNQEf218.d.mts} RENAMED
@@ -1,8 +1,8 @@
1
1
  import * as _simplewebauthn_server0 from "@simplewebauthn/server";
2
2
  import { CredentialDeviceType } from "@simplewebauthn/server";
3
- import * as better_auth0 from "better-auth";
4
3
  import * as better_call0 from "better-call";
5
4
  import * as zod0 from "zod";
5
+ import * as better_auth0 from "better-auth";
6
6
  import { InferOptionSchema } from "better-auth/types";
7
7
 
8
8
  //#region src/schema.d.ts
@@ -694,6 +694,7 @@ declare const passkey: (options?: PasskeyOptions | undefined) => {
694
694
  readonly UNABLE_TO_CREATE_SESSION: "Unable to create session";
695
695
  readonly FAILED_TO_UPDATE_PASSKEY: "Failed to update passkey";
696
696
  };
697
+ options: PasskeyOptions | undefined;
697
698
  };
698
699
  //#endregion
699
700
  export { WebAuthnChallengeValue as i, Passkey as n, PasskeyOptions as r, passkey as t };
package/dist/index.d.mts CHANGED
@@ -1,2 +1,2 @@
1
- import { n as Passkey, r as PasskeyOptions, t as passkey } from "./index-BMEjtlnp.mjs";
1
+ import { n as Passkey, r as PasskeyOptions, t as passkey } from "./index-BNQEf218.mjs";
2
2
  export { Passkey, PasskeyOptions, passkey };
package/dist/index.mjs CHANGED
@@ -3,7 +3,6 @@ import { defineErrorCodes } from "@better-auth/core/utils";
3
3
  import { createAuthEndpoint } from "@better-auth/core/api";
4
4
  import { base64 } from "@better-auth/utils/base64";
5
5
  import { generateAuthenticationOptions, generateRegistrationOptions, verifyAuthenticationResponse, verifyRegistrationResponse } from "@simplewebauthn/server";
6
- import { generateId } from "better-auth";
7
6
  import { freshSessionMiddleware, getSessionFromCtx, sessionMiddleware } from "better-auth/api";
8
7
  import { setSessionCookie } from "better-auth/cookies";
9
8
  import { generateRandomString } from "better-auth/crypto";
@@ -142,14 +141,14 @@ const generatePasskeyRegistrationOptions = (opts, { maxAgeInSeconds, expirationT
142
141
  ...ctx.query?.authenticatorAttachment ? { authenticatorAttachment: ctx.query.authenticatorAttachment } : {}
143
142
  }
144
143
  });
145
- const id = generateId(32);
144
+ const verificationToken = generateRandomString(32);
146
145
  const webAuthnCookie = ctx.context.createAuthCookie(opts.advanced.webAuthnChallengeCookie);
147
- await ctx.setSignedCookie(webAuthnCookie.name, id, ctx.context.secret, {
146
+ await ctx.setSignedCookie(webAuthnCookie.name, verificationToken, ctx.context.secret, {
148
147
  ...webAuthnCookie.attributes,
149
148
  maxAge: maxAgeInSeconds
150
149
  });
151
150
  await ctx.context.internalAdapter.createVerificationValue({
152
- identifier: id,
151
+ identifier: verificationToken,
153
152
  value: JSON.stringify({
154
153
  expectedChallenge: options.challenge,
155
154
  userData: { id: session.user.id }
@@ -235,14 +234,14 @@ const generatePasskeyAuthenticationOptions = (opts, { maxAgeInSeconds, expiratio
235
234
  expectedChallenge: options.challenge,
236
235
  userData: { id: session?.user.id || "" }
237
236
  };
238
- const id = generateId(32);
237
+ const verificationToken = generateRandomString(32);
239
238
  const webAuthnCookie = ctx.context.createAuthCookie(opts.advanced.webAuthnChallengeCookie);
240
- await ctx.setSignedCookie(webAuthnCookie.name, id, ctx.context.secret, {
239
+ await ctx.setSignedCookie(webAuthnCookie.name, verificationToken, ctx.context.secret, {
241
240
  ...webAuthnCookie.attributes,
242
241
  maxAge: maxAgeInSeconds
243
242
  });
244
243
  await ctx.context.internalAdapter.createVerificationValue({
245
- identifier: id,
244
+ identifier: verificationToken,
246
245
  value: JSON.stringify(data),
247
246
  expiresAt: expirationTime
248
247
  });
@@ -272,9 +271,9 @@ const verifyPasskeyRegistration = (options) => createAuthEndpoint("/passkey/veri
272
271
  if (!origin) return ctx.json(null, { status: 400 });
273
272
  const resp = ctx.body.response;
274
273
  const webAuthnCookie = ctx.context.createAuthCookie(options.advanced.webAuthnChallengeCookie);
275
- const challengeId = await ctx.getSignedCookie(webAuthnCookie.name, ctx.context.secret);
276
- if (!challengeId) throw new APIError("BAD_REQUEST", { message: PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND });
277
- const data = await ctx.context.internalAdapter.findVerificationValue(challengeId);
274
+ const verificationToken = await ctx.getSignedCookie(webAuthnCookie.name, ctx.context.secret);
275
+ if (!verificationToken) throw new APIError("BAD_REQUEST", { message: PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND });
276
+ const data = await ctx.context.internalAdapter.findVerificationValue(verificationToken);
278
277
  if (!data) return ctx.json(null, { status: 400 });
279
278
  const { expectedChallenge, userData } = JSON.parse(data.value);
280
279
  if (userData.id !== ctx.context.session.user.id) throw new APIError("UNAUTHORIZED", { message: PASSKEY_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY });
@@ -305,7 +304,7 @@ const verifyPasskeyRegistration = (options) => createAuthEndpoint("/passkey/veri
305
304
  model: "passkey",
306
305
  data: newPasskey
307
306
  });
308
- await ctx.context.internalAdapter.deleteVerificationValue(challengeId);
307
+ await ctx.context.internalAdapter.deleteVerificationByIdentifier(verificationToken);
309
308
  return ctx.json(newPasskeyRes, { status: 200 });
310
309
  } catch (e) {
311
310
  ctx.context.logger.error("Failed to verify registration", e);
@@ -338,9 +337,9 @@ const verifyPasskeyAuthentication = (options) => createAuthEndpoint("/passkey/ve
338
337
  if (!origin) throw new APIError("BAD_REQUEST", { message: "origin missing" });
339
338
  const resp = ctx.body.response;
340
339
  const webAuthnCookie = ctx.context.createAuthCookie(options.advanced.webAuthnChallengeCookie);
341
- const challengeId = await ctx.getSignedCookie(webAuthnCookie.name, ctx.context.secret);
342
- if (!challengeId) throw new APIError("BAD_REQUEST", { message: PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND });
343
- const data = await ctx.context.internalAdapter.findVerificationValue(challengeId);
340
+ const verificationToken = await ctx.getSignedCookie(webAuthnCookie.name, ctx.context.secret);
341
+ if (!verificationToken) throw new APIError("BAD_REQUEST", { message: PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND });
342
+ const data = await ctx.context.internalAdapter.findVerificationValue(verificationToken);
344
343
  if (!data) throw new APIError("BAD_REQUEST", { message: PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND });
345
344
  const { expectedChallenge } = JSON.parse(data.value);
346
345
  const passkey$1 = await ctx.context.adapter.findOne({
@@ -383,7 +382,7 @@ const verifyPasskeyAuthentication = (options) => createAuthEndpoint("/passkey/ve
383
382
  session: s,
384
383
  user
385
384
  });
386
- await ctx.context.internalAdapter.deleteVerificationValue(challengeId);
385
+ await ctx.context.internalAdapter.deleteVerificationByIdentifier(verificationToken);
387
386
  return ctx.json({ session: s }, { status: 200 });
388
387
  } catch (e) {
389
388
  ctx.context.logger.error("Failed to verify authentication", e);
@@ -630,7 +629,8 @@ const passkey = (options) => {
630
629
  updatePasskey
631
630
  },
632
631
  schema: mergeSchema(schema, options?.schema),
633
- $ERROR_CODES: PASSKEY_ERROR_CODES
632
+ $ERROR_CODES: PASSKEY_ERROR_CODES,
633
+ options
634
634
  };
635
635
  };
636
636
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@better-auth/passkey",
3
- "version": "1.4.8-beta.1",
3
+ "version": "1.4.8-beta.3",
4
4
  "type": "module",
5
5
  "description": "Passkey plugin for Better Auth",
6
6
  "main": "dist/index.mjs",
@@ -33,8 +33,8 @@
33
33
  },
34
34
  "devDependencies": {
35
35
  "tsdown": "^0.17.2",
36
- "@better-auth/core": "1.4.8-beta.1",
37
- "better-auth": "1.4.8-beta.1"
36
+ "@better-auth/core": "1.4.8-beta.3",
37
+ "better-auth": "1.4.8-beta.3"
38
38
  },
39
39
  "dependencies": {
40
40
  "@simplewebauthn/browser": "^13.1.2",
@@ -46,8 +46,8 @@
46
46
  "@better-fetch/fetch": "1.1.21",
47
47
  "better-call": "1.1.5",
48
48
  "nanostores": "^1.0.1",
49
- "@better-auth/core": "1.4.8-beta.1",
50
- "better-auth": "1.4.8-beta.1"
49
+ "@better-auth/core": "1.4.8-beta.3",
50
+ "better-auth": "1.4.8-beta.3"
51
51
  },
52
52
  "files": [
53
53
  "dist"