npm - @better-auth/passkey - Versions diffs - 1.7.0-beta.5 → 1.7.0-beta.6 - Mend

@better-auth/passkey 1.7.0-beta.5 → 1.7.0-beta.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/client.d.mts +1 -1
package/dist/client.mjs +1 -1
package/dist/{index-Ci52vhOT.d.mts → index-z0BvlclO.d.mts} +1 -16
package/dist/index.d.mts +1 -1
package/dist/index.mjs +38 -20
package/dist/{version-tMqL0F6x.mjs → version-DvfQNSl9.mjs} +1 -1
package/package.json +7 -7

package/dist/client.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { a as Passkey, c as PasskeyOptions, d as WebAuthnChallengeValue, l as PasskeyRegistrationOptions, n as PASSKEY_ERROR_CODES, o as PasskeyAuthenticationOptions, s as PasskeyExtensionsResolver, t as passkey, u as PasskeyRegistrationUser } from "./index-Ci52vhOT.mjs";
+import { a as Passkey, c as PasskeyOptions, d as WebAuthnChallengeValue, l as PasskeyRegistrationOptions, n as PASSKEY_ERROR_CODES, o as PasskeyAuthenticationOptions, s as PasskeyExtensionsResolver, t as passkey, u as PasskeyRegistrationUser } from "./index-z0BvlclO.mjs";
 import { AuthenticationExtensionsClientInputs, AuthenticationExtensionsClientOutputs, AuthenticationResponseJSON, RegistrationResponseJSON } from "@simplewebauthn/server";
 import * as better_auth_client0 from "better-auth/client";
 import * as nanostores from "nanostores";

package/dist/client.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-import { n as PASSKEY_ERROR_CODES, t as PACKAGE_VERSION } from "./version-tMqL0F6x.mjs";
+import { n as PASSKEY_ERROR_CODES, t as PACKAGE_VERSION } from "./version-DvfQNSl9.mjs";
 import { WebAuthnError, startAuthentication, startRegistration } from "@simplewebauthn/browser";
 import { useAuthQuery } from "better-auth/client";
 import { atom } from "nanostores";

package/dist/{index-Ci52vhOT.d.mts → index-z0BvlclO.d.mts} RENAMED Viewed

@@ -294,25 +294,10 @@ declare const passkey: (options?: PasskeyOptions | undefined) => {
         openapi: {
           operationId: string;
           description: string;
+          parameters: better_call0.OpenAPIParameter[];
           responses: {
             200: {
               description: string;
-              parameters: {
-                query: {
-                  authenticatorAttachment: {
-                    description: string;
-                    required: boolean;
-                  };
-                  name: {
-                    description: string;
-                    required: boolean;
-                  };
-                  context: {
-                    description: string;
-                    required: boolean;
-                  };
-                };
-              };
               content: {
                 "application/json": {
                   schema: {

package/dist/index.d.mts CHANGED Viewed

@@ -1,2 +1,2 @@
-import { a as Passkey, c as PasskeyOptions, i as getAuthenticatorName, n as PASSKEY_ERROR_CODES, r as commonAuthenticatorNames, t as passkey } from "./index-Ci52vhOT.mjs";
+import { a as Passkey, c as PasskeyOptions, i as getAuthenticatorName, n as PASSKEY_ERROR_CODES, r as commonAuthenticatorNames, t as passkey } from "./index-z0BvlclO.mjs";
 export { PASSKEY_ERROR_CODES, Passkey, PasskeyOptions, commonAuthenticatorNames, getAuthenticatorName, passkey };

package/dist/index.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-import { n as PASSKEY_ERROR_CODES, t as PACKAGE_VERSION } from "./version-tMqL0F6x.mjs";
+import { n as PASSKEY_ERROR_CODES, t as PACKAGE_VERSION } from "./version-DvfQNSl9.mjs";
 import { mergeSchema } from "better-auth/db";
 import { createAuthEndpoint } from "@better-auth/core/api";
 import { APIError } from "@better-auth/core/error";
@@ -52,6 +52,35 @@ const generatePasskeyQuerySchema = z.object({
 	name: z.string().optional(),
 	context: z.string().optional()
 }).optional();
+const generatePasskeyRegistrationOptionsOpenAPIParameters = [
+	{
+		name: "authenticatorAttachment",
+		in: "query",
+		required: false,
+		description: `Type of authenticator to use for registration.
+                          "platform" for device-specific authenticators,
+                          "cross-platform" for authenticators that can be used across devices.`,
+		schema: {
+			type: "string",
+			enum: ["platform", "cross-platform"]
+		}
+	},
+	{
+		name: "name",
+		in: "query",
+		required: false,
+		description: `Optional custom name for the passkey.
+                          This can help identify the passkey when managing multiple credentials.`,
+		schema: { type: "string" }
+	},
+	{
+		name: "context",
+		in: "query",
+		required: false,
+		description: "Optional context for passkey-first registration flows.",
+		schema: { type: "string" }
+	}
+];
 const generatePasskeyRegistrationOptions = (opts, { maxAgeInSeconds }) => {
 	return createAuthEndpoint("/passkey/generate-register-options", {
 		method: "GET",
@@ -60,25 +89,9 @@ const generatePasskeyRegistrationOptions = (opts, { maxAgeInSeconds }) => {
 		metadata: { openapi: {
 			operationId: "generatePasskeyRegistrationOptions",
 			description: "Generate registration options for a new passkey",
+			parameters: generatePasskeyRegistrationOptionsOpenAPIParameters,
 			responses: { 200: {
 				description: "Success",
-				parameters: { query: {
-					authenticatorAttachment: {
-						description: `Type of authenticator to use for registration.
-                          "platform" for device-specific authenticators,
-                          "cross-platform" for authenticators that can be used across devices.`,
-						required: false
-					},
-					name: {
-						description: `Optional custom name for the passkey.
-                          This can help identify the passkey when managing multiple credentials.`,
-						required: false
-					},
-					context: {
-						description: "Optional context for passkey-first registration flows.",
-						required: false
-					}
-				} },
 				content: { "application/json": { schema: {
 					type: "object",
 					properties: {
@@ -178,6 +191,7 @@ const generatePasskeyRegistrationOptions = (opts, { maxAgeInSeconds }) => {
 		await ctx.context.internalAdapter.createVerificationValue({
 			identifier: verificationToken,
 			value: JSON.stringify({
+				type: "registration",
 				expectedChallenge: options.challenge,
 				userData: {
 					id: user.id,
@@ -268,6 +282,7 @@ const generatePasskeyAuthenticationOptions = (opts, { maxAgeInSeconds }) => crea
 		})) } : {}
 	});
 	const data = {
+		type: "authentication",
 		expectedChallenge: options.challenge,
 		userData: { id: session?.user.id || "" }
 	};
@@ -315,7 +330,8 @@ const verifyPasskeyRegistration = (options) => {
 		if (!verificationToken) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
 		const data = await ctx.context.internalAdapter.consumeVerificationValue(verificationToken);
 		if (!data) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
-		const { expectedChallenge, userData, context } = JSON.parse(data.value);
+		const { type: ceremony, expectedChallenge, userData, context } = JSON.parse(data.value);
+		if (ceremony !== "registration") throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
 		const session = requireSession ? ctx.context.session : await getSessionFromCtx(ctx);
 		if (session?.user?.id && userData.id !== session.user.id) throw APIError.from("UNAUTHORIZED", PASSKEY_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY);
 		try {
@@ -351,6 +367,7 @@ const verifyPasskeyRegistration = (options) => {
 				}
 				if (!resolvedName) resolvedName = result?.name?.trim() || void 0;
 			}
+			if (!targetUserId) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.RESOLVED_USER_INVALID);
 			const pubKey = base64.encode(credential.publicKey);
 			const newPasskey = {
 				name: resolvedName,
@@ -406,7 +423,8 @@ const verifyPasskeyAuthentication = (options) => createAuthEndpoint("/passkey/ve
 	if (!verificationToken) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
 	const data = await ctx.context.internalAdapter.consumeVerificationValue(verificationToken);
 	if (!data) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
-	const { expectedChallenge } = JSON.parse(data.value);
+	const { type: ceremony, expectedChallenge } = JSON.parse(data.value);
+	if (ceremony !== "authentication") throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
 	const passkey = await ctx.context.adapter.findOne({
 		model: "passkey",
 		where: [{

package/dist/{version-tMqL0F6x.mjs → version-DvfQNSl9.mjs} RENAMED Viewed

@@ -18,6 +18,6 @@ const PASSKEY_ERROR_CODES = defineErrorCodes({
 });
 //#endregion
 //#region src/version.ts
-const PACKAGE_VERSION = "1.7.0-beta.5";
+const PACKAGE_VERSION = "1.7.0-beta.6";
 //#endregion
 export { PASSKEY_ERROR_CODES as n, PACKAGE_VERSION as t };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/passkey",
-  "version": "1.7.0-beta.5",
+  "version": "1.7.0-beta.6",
   "description": "Passkey plugin for Better Auth",
   "type": "module",
   "license": "MIT",
@@ -55,16 +55,16 @@
   },
   "devDependencies": {
     "tsdown": "0.21.1",
-    "@better-auth/core": "1.7.0-beta.5",
-    "better-auth": "1.7.0-beta.5"
+    "@better-auth/core": "1.7.0-beta.6",
+    "better-auth": "1.7.0-beta.6"
   },
   "peerDependencies": {
-    "@better-auth/utils": "0.4.1",
-    "@better-fetch/fetch": "1.2.2",
+    "@better-auth/utils": "0.4.2",
+    "@better-fetch/fetch": "1.3.1",
     "better-call": "1.3.6",
     "nanostores": "^1.0.1",
-    "@better-auth/core": "^1.7.0-beta.5",
-    "better-auth": "^1.7.0-beta.5"
+    "@better-auth/core": "^1.7.0-beta.6",
+    "better-auth": "^1.7.0-beta.6"
   },
   "scripts": {
     "build": "tsdown",