@delmaredigital/payload-better-auth 0.3.4 → 0.3.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. package/README.md +91 -5
  2. package/dist/adapter/collections.d.ts +28 -0
  3. package/dist/adapter/collections.d.ts.map +1 -1
  4. package/dist/adapter/collections.js +72 -2
  5. package/dist/adapter/collections.js.map +1 -1
  6. package/dist/adapter/index.d.ts.map +1 -1
  7. package/dist/adapter/index.js +4 -3
  8. package/dist/adapter/index.js.map +1 -1
  9. package/dist/components/LoginView.d.ts.map +1 -1
  10. package/dist/components/LoginView.js +11 -6
  11. package/dist/components/LoginView.js.map +1 -1
  12. package/dist/components/management/ApiKeysManagementClient.d.ts.map +1 -1
  13. package/dist/components/management/ApiKeysManagementClient.js +3 -4
  14. package/dist/components/management/ApiKeysManagementClient.js.map +1 -1
  15. package/dist/components/management/SecurityNavLinks.d.ts +8 -3
  16. package/dist/components/management/SecurityNavLinks.d.ts.map +1 -1
  17. package/dist/components/management/SecurityNavLinks.js +20 -12
  18. package/dist/components/management/SecurityNavLinks.js.map +1 -1
  19. package/dist/index.d.ts +3 -0
  20. package/dist/index.d.ts.map +1 -1
  21. package/dist/index.js +4 -0
  22. package/dist/index.js.map +1 -1
  23. package/dist/plugin/index.d.ts.map +1 -1
  24. package/dist/plugin/index.js +116 -9
  25. package/dist/plugin/index.js.map +1 -1
  26. package/dist/utils/betterAuthDefaults.d.ts +1102 -0
  27. package/dist/utils/betterAuthDefaults.d.ts.map +1 -0
  28. package/dist/utils/betterAuthDefaults.js +93 -0
  29. package/dist/utils/betterAuthDefaults.js.map +1 -0
  30. package/dist/utils/firstUserAdmin.d.ts +85 -0
  31. package/dist/utils/firstUserAdmin.d.ts.map +1 -0
  32. package/dist/utils/firstUserAdmin.js +128 -0
  33. package/dist/utils/firstUserAdmin.js.map +1 -0
  34. package/package.json +3 -3
package/dist/utils/betterAuthDefaults.d.ts ADDED
@@ -0,0 +1,1102 @@
1
+ /**
2
+ * Utility to apply sensible defaults to Better Auth options.
3
+ *
4
+ * @packageDocumentation
5
+ */
6
+ import type { BetterAuthOptions } from 'better-auth';
7
+ import { apiKey as betterAuthApiKey } from 'better-auth/plugins';
8
+ type ApiKeyPluginOptions = Parameters<typeof betterAuthApiKey>[0];
9
+ /**
10
+ * API Key plugin with sensible defaults for use with this package.
11
+ *
12
+ * Enables metadata storage by default so that scopes can be displayed
13
+ * in the admin UI after key creation.
14
+ *
15
+ * @example
16
+ * ```ts
17
+ * import { apiKeyWithDefaults } from '@delmaredigital/payload-better-auth'
18
+ *
19
+ * export const betterAuthOptions = {
20
+ * plugins: [
21
+ * apiKeyWithDefaults(), // metadata enabled by default
22
+ * ],
23
+ * }
24
+ * ```
25
+ *
26
+ * @example With custom options
27
+ * ```ts
28
+ * apiKeyWithDefaults({
29
+ * rateLimit: { max: 100, window: 60 },
30
+ * // enableMetadata is already true
31
+ * })
32
+ * ```
33
+ */
34
+ export declare function apiKeyWithDefaults(options?: ApiKeyPluginOptions): {
35
+ id: "api-key";
36
+ $ERROR_CODES: {
37
+ readonly INVALID_METADATA_TYPE: "metadata must be an object or undefined";
38
+ readonly REFILL_AMOUNT_AND_INTERVAL_REQUIRED: "refillAmount is required when refillInterval is provided";
39
+ readonly REFILL_INTERVAL_AND_AMOUNT_REQUIRED: "refillInterval is required when refillAmount is provided";
40
+ readonly USER_BANNED: "User is banned";
41
+ readonly UNAUTHORIZED_SESSION: "Unauthorized or invalid session";
42
+ readonly KEY_NOT_FOUND: "API Key not found";
43
+ readonly KEY_DISABLED: "API Key is disabled";
44
+ readonly KEY_EXPIRED: "API Key has expired";
45
+ readonly USAGE_EXCEEDED: "API Key has reached its usage limit";
46
+ readonly KEY_NOT_RECOVERABLE: "API Key is not recoverable";
47
+ readonly EXPIRES_IN_IS_TOO_SMALL: "The expiresIn is smaller than the predefined minimum value.";
48
+ readonly EXPIRES_IN_IS_TOO_LARGE: "The expiresIn is larger than the predefined maximum value.";
49
+ readonly INVALID_REMAINING: "The remaining count is either too large or too small.";
50
+ readonly INVALID_PREFIX_LENGTH: "The prefix length is either too large or too small.";
51
+ readonly INVALID_NAME_LENGTH: "The name length is either too large or too small.";
52
+ readonly METADATA_DISABLED: "Metadata is disabled.";
53
+ readonly RATE_LIMIT_EXCEEDED: "Rate limit exceeded.";
54
+ readonly NO_VALUES_TO_UPDATE: "No values to update.";
55
+ readonly KEY_DISABLED_EXPIRATION: "Custom key expiration values are disabled.";
56
+ readonly INVALID_API_KEY: "Invalid API key.";
57
+ readonly INVALID_USER_ID_FROM_API_KEY: "The user id from the API key is invalid.";
58
+ readonly INVALID_API_KEY_GETTER_RETURN_TYPE: "API Key getter returned an invalid key type. Expected string.";
59
+ readonly SERVER_ONLY_PROPERTY: "The property you're trying to set can only be set from the server auth instance only.";
60
+ readonly FAILED_TO_UPDATE_API_KEY: "Failed to update API key";
61
+ readonly NAME_REQUIRED: "API Key name is required.";
62
+ };
63
+ hooks: {
64
+ before: {
65
+ matcher: (ctx: import("better-auth").HookEndpointContext) => boolean;
66
+ handler: (inputContext: import("better-auth").MiddlewareInputContext<import("better-auth").MiddlewareOptions>) => Promise<{
67
+ user: {
68
+ id: string;
69
+ createdAt: Date;
70
+ updatedAt: Date;
71
+ email: string;
72
+ emailVerified: boolean;
73
+ name: string;
74
+ image?: string | null | undefined;
75
+ };
76
+ session: {
77
+ id: string;
78
+ token: string;
79
+ userId: string;
80
+ userAgent: string | null;
81
+ ipAddress: string | null;
82
+ createdAt: Date;
83
+ updatedAt: Date;
84
+ expiresAt: Date;
85
+ };
86
+ } | {
87
+ context: import("better-auth").MiddlewareContext<import("better-auth").MiddlewareOptions, {
88
+ returned?: unknown | undefined;
89
+ responseHeaders?: Headers | undefined;
90
+ } & import("better-auth").PluginContext & import("better-auth").InfoContext & {
91
+ options: BetterAuthOptions;
92
+ trustedOrigins: string[];
93
+ isTrustedOrigin: (url: string, settings?: {
94
+ allowRelativePaths: boolean;
95
+ }) => boolean;
96
+ oauthConfig: {
97
+ skipStateCookieCheck?: boolean | undefined;
98
+ storeStateStrategy: "database" | "cookie";
99
+ };
100
+ newSession: {
101
+ session: import("better-auth").Session & Record<string, any>;
102
+ user: import("better-auth").User & Record<string, any>;
103
+ } | null;
104
+ session: {
105
+ session: import("better-auth").Session & Record<string, any>;
106
+ user: import("better-auth").User & Record<string, any>;
107
+ } | null;
108
+ setNewSession: (session: {
109
+ session: import("better-auth").Session & Record<string, any>;
110
+ user: import("better-auth").User & Record<string, any>;
111
+ } | null) => void;
112
+ socialProviders: import("better-auth").OAuthProvider[];
113
+ authCookies: import("better-auth").BetterAuthCookies;
114
+ logger: ReturnType<(options?: import("better-auth").Logger | undefined) => import("better-auth").InternalLogger>;
115
+ rateLimit: {
116
+ enabled: boolean;
117
+ window: number;
118
+ max: number;
119
+ storage: "memory" | "database" | "secondary-storage";
120
+ } & Omit<import("better-auth").BetterAuthRateLimitOptions, "enabled" | "window" | "max" | "storage">;
121
+ adapter: import("better-auth").DBAdapter<BetterAuthOptions>;
122
+ internalAdapter: import("better-auth").InternalAdapter<BetterAuthOptions>;
123
+ createAuthCookie: (cookieName: string, overrideAttributes?: Partial<import("better-auth").CookieOptions> | undefined) => import("better-auth").BetterAuthCookie;
124
+ secret: string;
125
+ sessionConfig: {
126
+ updateAge: number;
127
+ expiresIn: number;
128
+ freshAge: number;
129
+ cookieRefreshCache: false | {
130
+ enabled: true;
131
+ updateAge: number;
132
+ };
133
+ };
134
+ generateId: (options: {
135
+ model: import("better-auth").ModelNames;
136
+ size?: number | undefined;
137
+ }) => string | false;
138
+ secondaryStorage: import("better-auth").SecondaryStorage | undefined;
139
+ password: {
140
+ hash: (password: string) => Promise<string>;
141
+ verify: (data: {
142
+ password: string;
143
+ hash: string;
144
+ }) => Promise<boolean>;
145
+ config: {
146
+ minPasswordLength: number;
147
+ maxPasswordLength: number;
148
+ };
149
+ checkPassword: (userId: string, ctx: import("better-auth").GenericEndpointContext<BetterAuthOptions>) => Promise<boolean>;
150
+ };
151
+ tables: import("better-auth").BetterAuthDBSchema;
152
+ runMigrations: () => Promise<void>;
153
+ publishTelemetry: (event: {
154
+ type: string;
155
+ anonymousId?: string | undefined;
156
+ payload: Record<string, any>;
157
+ }) => Promise<void>;
158
+ skipOriginCheck: boolean | string[];
159
+ skipCSRFCheck: boolean;
160
+ runInBackground: (promise: Promise<void>) => void;
161
+ runInBackgroundOrAwait: (promise: Promise<unknown> | Promise<void> | void | unknown) => Promise<unknown>;
162
+ }>;
163
+ }>;
164
+ }[];
165
+ };
166
+ endpoints: {
167
+ createApiKey: import("better-auth").StrictEndpoint<"/api-key/create", {
168
+ method: "POST";
169
+ body: import("better-auth").ZodObject<{
170
+ name: import("better-auth").ZodOptional<import("better-auth").ZodString>;
171
+ expiresIn: import("better-auth").ZodDefault<import("better-auth").ZodNullable<import("better-auth").ZodOptional<import("better-auth").ZodNumber>>>;
172
+ userId: import("better-auth").ZodOptional<import("better-auth").ZodCoercedString<unknown>>;
173
+ prefix: import("better-auth").ZodOptional<import("better-auth").ZodString>;
174
+ remaining: import("better-auth").ZodDefault<import("better-auth").ZodNullable<import("better-auth").ZodOptional<import("better-auth").ZodNumber>>>;
175
+ metadata: import("better-auth").ZodOptional<import("better-auth").ZodAny>;
176
+ refillAmount: import("better-auth").ZodOptional<import("better-auth").ZodNumber>;
177
+ refillInterval: import("better-auth").ZodOptional<import("better-auth").ZodNumber>;
178
+ rateLimitTimeWindow: import("better-auth").ZodOptional<import("better-auth").ZodNumber>;
179
+ rateLimitMax: import("better-auth").ZodOptional<import("better-auth").ZodNumber>;
180
+ rateLimitEnabled: import("better-auth").ZodOptional<import("better-auth").ZodBoolean>;
181
+ permissions: import("better-auth").ZodOptional<import("better-auth").ZodRecord<import("better-auth").ZodString, import("better-auth").ZodArray<import("better-auth").ZodString>>>;
182
+ }, import("better-auth").$strip>;
183
+ metadata: {
184
+ openapi: {
185
+ description: string;
186
+ responses: {
187
+ "200": {
188
+ description: string;
189
+ content: {
190
+ "application/json": {
191
+ schema: {
192
+ type: "object";
193
+ properties: {
194
+ id: {
195
+ type: string;
196
+ description: string;
197
+ };
198
+ createdAt: {
199
+ type: string;
200
+ format: string;
201
+ description: string;
202
+ };
203
+ updatedAt: {
204
+ type: string;
205
+ format: string;
206
+ description: string;
207
+ };
208
+ name: {
209
+ type: string;
210
+ nullable: boolean;
211
+ description: string;
212
+ };
213
+ prefix: {
214
+ type: string;
215
+ nullable: boolean;
216
+ description: string;
217
+ };
218
+ start: {
219
+ type: string;
220
+ nullable: boolean;
221
+ description: string;
222
+ };
223
+ key: {
224
+ type: string;
225
+ description: string;
226
+ };
227
+ enabled: {
228
+ type: string;
229
+ description: string;
230
+ };
231
+ expiresAt: {
232
+ type: string;
233
+ format: string;
234
+ nullable: boolean;
235
+ description: string;
236
+ };
237
+ userId: {
238
+ type: string;
239
+ description: string;
240
+ };
241
+ lastRefillAt: {
242
+ type: string;
243
+ format: string;
244
+ nullable: boolean;
245
+ description: string;
246
+ };
247
+ lastRequest: {
248
+ type: string;
249
+ format: string;
250
+ nullable: boolean;
251
+ description: string;
252
+ };
253
+ metadata: {
254
+ type: string;
255
+ nullable: boolean;
256
+ additionalProperties: boolean;
257
+ description: string;
258
+ };
259
+ rateLimitMax: {
260
+ type: string;
261
+ nullable: boolean;
262
+ description: string;
263
+ };
264
+ rateLimitTimeWindow: {
265
+ type: string;
266
+ nullable: boolean;
267
+ description: string;
268
+ };
269
+ remaining: {
270
+ type: string;
271
+ nullable: boolean;
272
+ description: string;
273
+ };
274
+ refillAmount: {
275
+ type: string;
276
+ nullable: boolean;
277
+ description: string;
278
+ };
279
+ refillInterval: {
280
+ type: string;
281
+ nullable: boolean;
282
+ description: string;
283
+ };
284
+ rateLimitEnabled: {
285
+ type: string;
286
+ description: string;
287
+ };
288
+ requestCount: {
289
+ type: string;
290
+ description: string;
291
+ };
292
+ permissions: {
293
+ type: string;
294
+ nullable: boolean;
295
+ additionalProperties: {
296
+ type: string;
297
+ items: {
298
+ type: string;
299
+ };
300
+ };
301
+ description: string;
302
+ };
303
+ };
304
+ required: string[];
305
+ };
306
+ };
307
+ };
308
+ };
309
+ };
310
+ };
311
+ };
312
+ }, {
313
+ key: string;
314
+ metadata: any;
315
+ permissions: any;
316
+ id: string;
317
+ name: string | null;
318
+ start: string | null;
319
+ prefix: string | null;
320
+ userId: string;
321
+ refillInterval: number | null;
322
+ refillAmount: number | null;
323
+ lastRefillAt: Date | null;
324
+ enabled: boolean;
325
+ rateLimitEnabled: boolean;
326
+ rateLimitTimeWindow: number | null;
327
+ rateLimitMax: number | null;
328
+ requestCount: number;
329
+ remaining: number | null;
330
+ lastRequest: Date | null;
331
+ expiresAt: Date | null;
332
+ createdAt: Date;
333
+ updatedAt: Date;
334
+ }>;
335
+ verifyApiKey: import("better-auth").StrictEndpoint<string, {
336
+ method: "POST";
337
+ body: import("better-auth").ZodObject<{
338
+ key: import("better-auth").ZodString;
339
+ permissions: import("better-auth").ZodOptional<import("better-auth").ZodRecord<import("better-auth").ZodString, import("better-auth").ZodArray<import("better-auth").ZodString>>>;
340
+ }, import("better-auth").$strip>;
341
+ }, {
342
+ valid: boolean;
343
+ error: {
344
+ message: string | undefined;
345
+ code: string;
346
+ };
347
+ key: null;
348
+ } | {
349
+ valid: boolean;
350
+ error: null;
351
+ key: Omit<import("better-auth/plugins").ApiKey, "key"> | null;
352
+ }>;
353
+ getApiKey: import("better-auth").StrictEndpoint<"/api-key/get", {
354
+ method: "GET";
355
+ query: import("better-auth").ZodObject<{
356
+ id: import("better-auth").ZodString;
357
+ }, import("better-auth").$strip>;
358
+ use: ((inputContext: import("better-auth").MiddlewareInputContext<import("better-auth").MiddlewareOptions>) => Promise<{
359
+ session: {
360
+ session: Record<string, any> & {
361
+ id: string;
362
+ createdAt: Date;
363
+ updatedAt: Date;
364
+ userId: string;
365
+ expiresAt: Date;
366
+ token: string;
367
+ ipAddress?: string | null | undefined;
368
+ userAgent?: string | null | undefined;
369
+ };
370
+ user: Record<string, any> & {
371
+ id: string;
372
+ createdAt: Date;
373
+ updatedAt: Date;
374
+ email: string;
375
+ emailVerified: boolean;
376
+ name: string;
377
+ image?: string | null | undefined;
378
+ };
379
+ };
380
+ }>)[];
381
+ metadata: {
382
+ openapi: {
383
+ description: string;
384
+ responses: {
385
+ "200": {
386
+ description: string;
387
+ content: {
388
+ "application/json": {
389
+ schema: {
390
+ type: "object";
391
+ properties: {
392
+ id: {
393
+ type: string;
394
+ description: string;
395
+ };
396
+ name: {
397
+ type: string;
398
+ nullable: boolean;
399
+ description: string;
400
+ };
401
+ start: {
402
+ type: string;
403
+ nullable: boolean;
404
+ description: string;
405
+ };
406
+ prefix: {
407
+ type: string;
408
+ nullable: boolean;
409
+ description: string;
410
+ };
411
+ userId: {
412
+ type: string;
413
+ description: string;
414
+ };
415
+ refillInterval: {
416
+ type: string;
417
+ nullable: boolean;
418
+ description: string;
419
+ };
420
+ refillAmount: {
421
+ type: string;
422
+ nullable: boolean;
423
+ description: string;
424
+ };
425
+ lastRefillAt: {
426
+ type: string;
427
+ format: string;
428
+ nullable: boolean;
429
+ description: string;
430
+ };
431
+ enabled: {
432
+ type: string;
433
+ description: string;
434
+ default: boolean;
435
+ };
436
+ rateLimitEnabled: {
437
+ type: string;
438
+ description: string;
439
+ };
440
+ rateLimitTimeWindow: {
441
+ type: string;
442
+ nullable: boolean;
443
+ description: string;
444
+ };
445
+ rateLimitMax: {
446
+ type: string;
447
+ nullable: boolean;
448
+ description: string;
449
+ };
450
+ requestCount: {
451
+ type: string;
452
+ description: string;
453
+ };
454
+ remaining: {
455
+ type: string;
456
+ nullable: boolean;
457
+ description: string;
458
+ };
459
+ lastRequest: {
460
+ type: string;
461
+ format: string;
462
+ nullable: boolean;
463
+ description: string;
464
+ };
465
+ expiresAt: {
466
+ type: string;
467
+ format: string;
468
+ nullable: boolean;
469
+ description: string;
470
+ };
471
+ createdAt: {
472
+ type: string;
473
+ format: string;
474
+ description: string;
475
+ };
476
+ updatedAt: {
477
+ type: string;
478
+ format: string;
479
+ description: string;
480
+ };
481
+ metadata: {
482
+ type: string;
483
+ nullable: boolean;
484
+ additionalProperties: boolean;
485
+ description: string;
486
+ };
487
+ permissions: {
488
+ type: string;
489
+ nullable: boolean;
490
+ description: string;
491
+ };
492
+ };
493
+ required: string[];
494
+ };
495
+ };
496
+ };
497
+ };
498
+ };
499
+ };
500
+ };
501
+ }, {
502
+ metadata: Record<string, any> | null;
503
+ permissions: {
504
+ [key: string]: string[];
505
+ } | null;
506
+ id: string;
507
+ name: string | null;
508
+ start: string | null;
509
+ prefix: string | null;
510
+ userId: string;
511
+ refillInterval: number | null;
512
+ refillAmount: number | null;
513
+ lastRefillAt: Date | null;
514
+ enabled: boolean;
515
+ rateLimitEnabled: boolean;
516
+ rateLimitTimeWindow: number | null;
517
+ rateLimitMax: number | null;
518
+ requestCount: number;
519
+ remaining: number | null;
520
+ lastRequest: Date | null;
521
+ expiresAt: Date | null;
522
+ createdAt: Date;
523
+ updatedAt: Date;
524
+ }>;
525
+ updateApiKey: import("better-auth").StrictEndpoint<"/api-key/update", {
526
+ method: "POST";
527
+ body: import("better-auth").ZodObject<{
528
+ keyId: import("better-auth").ZodString;
529
+ userId: import("better-auth").ZodOptional<import("better-auth").ZodCoercedString<unknown>>;
530
+ name: import("better-auth").ZodOptional<import("better-auth").ZodString>;
531
+ enabled: import("better-auth").ZodOptional<import("better-auth").ZodBoolean>;
532
+ remaining: import("better-auth").ZodOptional<import("better-auth").ZodNumber>;
533
+ refillAmount: import("better-auth").ZodOptional<import("better-auth").ZodNumber>;
534
+ refillInterval: import("better-auth").ZodOptional<import("better-auth").ZodNumber>;
535
+ metadata: import("better-auth").ZodOptional<import("better-auth").ZodAny>;
536
+ expiresIn: import("better-auth").ZodNullable<import("better-auth").ZodOptional<import("better-auth").ZodNumber>>;
537
+ rateLimitEnabled: import("better-auth").ZodOptional<import("better-auth").ZodBoolean>;
538
+ rateLimitTimeWindow: import("better-auth").ZodOptional<import("better-auth").ZodNumber>;
539
+ rateLimitMax: import("better-auth").ZodOptional<import("better-auth").ZodNumber>;
540
+ permissions: import("better-auth").ZodNullable<import("better-auth").ZodOptional<import("better-auth").ZodRecord<import("better-auth").ZodString, import("better-auth").ZodArray<import("better-auth").ZodString>>>>;
541
+ }, import("better-auth").$strip>;
542
+ metadata: {
543
+ openapi: {
544
+ description: string;
545
+ responses: {
546
+ "200": {
547
+ description: string;
548
+ content: {
549
+ "application/json": {
550
+ schema: {
551
+ type: "object";
552
+ properties: {
553
+ id: {
554
+ type: string;
555
+ description: string;
556
+ };
557
+ name: {
558
+ type: string;
559
+ nullable: boolean;
560
+ description: string;
561
+ };
562
+ start: {
563
+ type: string;
564
+ nullable: boolean;
565
+ description: string;
566
+ };
567
+ prefix: {
568
+ type: string;
569
+ nullable: boolean;
570
+ description: string;
571
+ };
572
+ userId: {
573
+ type: string;
574
+ description: string;
575
+ };
576
+ refillInterval: {
577
+ type: string;
578
+ nullable: boolean;
579
+ description: string;
580
+ };
581
+ refillAmount: {
582
+ type: string;
583
+ nullable: boolean;
584
+ description: string;
585
+ };
586
+ lastRefillAt: {
587
+ type: string;
588
+ format: string;
589
+ nullable: boolean;
590
+ description: string;
591
+ };
592
+ enabled: {
593
+ type: string;
594
+ description: string;
595
+ default: boolean;
596
+ };
597
+ rateLimitEnabled: {
598
+ type: string;
599
+ description: string;
600
+ };
601
+ rateLimitTimeWindow: {
602
+ type: string;
603
+ nullable: boolean;
604
+ description: string;
605
+ };
606
+ rateLimitMax: {
607
+ type: string;
608
+ nullable: boolean;
609
+ description: string;
610
+ };
611
+ requestCount: {
612
+ type: string;
613
+ description: string;
614
+ };
615
+ remaining: {
616
+ type: string;
617
+ nullable: boolean;
618
+ description: string;
619
+ };
620
+ lastRequest: {
621
+ type: string;
622
+ format: string;
623
+ nullable: boolean;
624
+ description: string;
625
+ };
626
+ expiresAt: {
627
+ type: string;
628
+ format: string;
629
+ nullable: boolean;
630
+ description: string;
631
+ };
632
+ createdAt: {
633
+ type: string;
634
+ format: string;
635
+ description: string;
636
+ };
637
+ updatedAt: {
638
+ type: string;
639
+ format: string;
640
+ description: string;
641
+ };
642
+ metadata: {
643
+ type: string;
644
+ nullable: boolean;
645
+ additionalProperties: boolean;
646
+ description: string;
647
+ };
648
+ permissions: {
649
+ type: string;
650
+ nullable: boolean;
651
+ description: string;
652
+ };
653
+ };
654
+ required: string[];
655
+ };
656
+ };
657
+ };
658
+ };
659
+ };
660
+ };
661
+ };
662
+ }, {
663
+ metadata: Record<string, any> | null;
664
+ permissions: {
665
+ [key: string]: string[];
666
+ } | null;
667
+ id: string;
668
+ name: string | null;
669
+ start: string | null;
670
+ prefix: string | null;
671
+ userId: string;
672
+ refillInterval: number | null;
673
+ refillAmount: number | null;
674
+ lastRefillAt: Date | null;
675
+ enabled: boolean;
676
+ rateLimitEnabled: boolean;
677
+ rateLimitTimeWindow: number | null;
678
+ rateLimitMax: number | null;
679
+ requestCount: number;
680
+ remaining: number | null;
681
+ lastRequest: Date | null;
682
+ expiresAt: Date | null;
683
+ createdAt: Date;
684
+ updatedAt: Date;
685
+ }>;
686
+ deleteApiKey: import("better-auth").StrictEndpoint<"/api-key/delete", {
687
+ method: "POST";
688
+ body: import("better-auth").ZodObject<{
689
+ keyId: import("better-auth").ZodString;
690
+ }, import("better-auth").$strip>;
691
+ use: ((inputContext: import("better-auth").MiddlewareInputContext<import("better-auth").MiddlewareOptions>) => Promise<{
692
+ session: {
693
+ session: Record<string, any> & {
694
+ id: string;
695
+ createdAt: Date;
696
+ updatedAt: Date;
697
+ userId: string;
698
+ expiresAt: Date;
699
+ token: string;
700
+ ipAddress?: string | null | undefined;
701
+ userAgent?: string | null | undefined;
702
+ };
703
+ user: Record<string, any> & {
704
+ id: string;
705
+ createdAt: Date;
706
+ updatedAt: Date;
707
+ email: string;
708
+ emailVerified: boolean;
709
+ name: string;
710
+ image?: string | null | undefined;
711
+ };
712
+ };
713
+ }>)[];
714
+ metadata: {
715
+ openapi: {
716
+ description: string;
717
+ requestBody: {
718
+ content: {
719
+ "application/json": {
720
+ schema: {
721
+ type: "object";
722
+ properties: {
723
+ keyId: {
724
+ type: string;
725
+ description: string;
726
+ };
727
+ };
728
+ required: string[];
729
+ };
730
+ };
731
+ };
732
+ };
733
+ responses: {
734
+ "200": {
735
+ description: string;
736
+ content: {
737
+ "application/json": {
738
+ schema: {
739
+ type: "object";
740
+ properties: {
741
+ success: {
742
+ type: string;
743
+ description: string;
744
+ };
745
+ };
746
+ required: string[];
747
+ };
748
+ };
749
+ };
750
+ };
751
+ };
752
+ };
753
+ };
754
+ }, {
755
+ success: boolean;
756
+ }>;
757
+ listApiKeys: import("better-auth").StrictEndpoint<"/api-key/list", {
758
+ method: "GET";
759
+ use: ((inputContext: import("better-auth").MiddlewareInputContext<import("better-auth").MiddlewareOptions>) => Promise<{
760
+ session: {
761
+ session: Record<string, any> & {
762
+ id: string;
763
+ createdAt: Date;
764
+ updatedAt: Date;
765
+ userId: string;
766
+ expiresAt: Date;
767
+ token: string;
768
+ ipAddress?: string | null | undefined;
769
+ userAgent?: string | null | undefined;
770
+ };
771
+ user: Record<string, any> & {
772
+ id: string;
773
+ createdAt: Date;
774
+ updatedAt: Date;
775
+ email: string;
776
+ emailVerified: boolean;
777
+ name: string;
778
+ image?: string | null | undefined;
779
+ };
780
+ };
781
+ }>)[];
782
+ metadata: {
783
+ openapi: {
784
+ description: string;
785
+ responses: {
786
+ "200": {
787
+ description: string;
788
+ content: {
789
+ "application/json": {
790
+ schema: {
791
+ type: "array";
792
+ items: {
793
+ type: string;
794
+ properties: {
795
+ id: {
796
+ type: string;
797
+ description: string;
798
+ };
799
+ name: {
800
+ type: string;
801
+ nullable: boolean;
802
+ description: string;
803
+ };
804
+ start: {
805
+ type: string;
806
+ nullable: boolean;
807
+ description: string;
808
+ };
809
+ prefix: {
810
+ type: string;
811
+ nullable: boolean;
812
+ description: string;
813
+ };
814
+ userId: {
815
+ type: string;
816
+ description: string;
817
+ };
818
+ refillInterval: {
819
+ type: string;
820
+ nullable: boolean;
821
+ description: string;
822
+ };
823
+ refillAmount: {
824
+ type: string;
825
+ nullable: boolean;
826
+ description: string;
827
+ };
828
+ lastRefillAt: {
829
+ type: string;
830
+ format: string;
831
+ nullable: boolean;
832
+ description: string;
833
+ };
834
+ enabled: {
835
+ type: string;
836
+ description: string;
837
+ default: boolean;
838
+ };
839
+ rateLimitEnabled: {
840
+ type: string;
841
+ description: string;
842
+ };
843
+ rateLimitTimeWindow: {
844
+ type: string;
845
+ nullable: boolean;
846
+ description: string;
847
+ };
848
+ rateLimitMax: {
849
+ type: string;
850
+ nullable: boolean;
851
+ description: string;
852
+ };
853
+ requestCount: {
854
+ type: string;
855
+ description: string;
856
+ };
857
+ remaining: {
858
+ type: string;
859
+ nullable: boolean;
860
+ description: string;
861
+ };
862
+ lastRequest: {
863
+ type: string;
864
+ format: string;
865
+ nullable: boolean;
866
+ description: string;
867
+ };
868
+ expiresAt: {
869
+ type: string;
870
+ format: string;
871
+ nullable: boolean;
872
+ description: string;
873
+ };
874
+ createdAt: {
875
+ type: string;
876
+ format: string;
877
+ description: string;
878
+ };
879
+ updatedAt: {
880
+ type: string;
881
+ format: string;
882
+ description: string;
883
+ };
884
+ metadata: {
885
+ type: string;
886
+ nullable: boolean;
887
+ additionalProperties: boolean;
888
+ description: string;
889
+ };
890
+ permissions: {
891
+ type: string;
892
+ nullable: boolean;
893
+ description: string;
894
+ };
895
+ };
896
+ required: string[];
897
+ };
898
+ };
899
+ };
900
+ };
901
+ };
902
+ };
903
+ };
904
+ };
905
+ }, {
906
+ metadata: Record<string, any> | null;
907
+ permissions: {
908
+ [key: string]: string[];
909
+ } | null;
910
+ id: string;
911
+ name: string | null;
912
+ start: string | null;
913
+ prefix: string | null;
914
+ userId: string;
915
+ refillInterval: number | null;
916
+ refillAmount: number | null;
917
+ lastRefillAt: Date | null;
918
+ enabled: boolean;
919
+ rateLimitEnabled: boolean;
920
+ rateLimitTimeWindow: number | null;
921
+ rateLimitMax: number | null;
922
+ requestCount: number;
923
+ remaining: number | null;
924
+ lastRequest: Date | null;
925
+ expiresAt: Date | null;
926
+ createdAt: Date;
927
+ updatedAt: Date;
928
+ }[]>;
929
+ deleteAllExpiredApiKeys: import("better-auth").StrictEndpoint<string, {
930
+ method: "POST";
931
+ }, {
932
+ success: boolean;
933
+ error: unknown;
934
+ }>;
935
+ };
936
+ schema: {
937
+ apikey: {
938
+ fields: {
939
+ name: {
940
+ type: "string";
941
+ required: false;
942
+ input: false;
943
+ };
944
+ start: {
945
+ type: "string";
946
+ required: false;
947
+ input: false;
948
+ };
949
+ prefix: {
950
+ type: "string";
951
+ required: false;
952
+ input: false;
953
+ };
954
+ key: {
955
+ type: "string";
956
+ required: true;
957
+ input: false;
958
+ index: true;
959
+ };
960
+ userId: {
961
+ type: "string";
962
+ references: {
963
+ model: string;
964
+ field: string;
965
+ onDelete: "cascade";
966
+ };
967
+ required: true;
968
+ input: false;
969
+ index: true;
970
+ };
971
+ refillInterval: {
972
+ type: "number";
973
+ required: false;
974
+ input: false;
975
+ };
976
+ refillAmount: {
977
+ type: "number";
978
+ required: false;
979
+ input: false;
980
+ };
981
+ lastRefillAt: {
982
+ type: "date";
983
+ required: false;
984
+ input: false;
985
+ };
986
+ enabled: {
987
+ type: "boolean";
988
+ required: false;
989
+ input: false;
990
+ defaultValue: true;
991
+ };
992
+ rateLimitEnabled: {
993
+ type: "boolean";
994
+ required: false;
995
+ input: false;
996
+ defaultValue: true;
997
+ };
998
+ rateLimitTimeWindow: {
999
+ type: "number";
1000
+ required: false;
1001
+ input: false;
1002
+ defaultValue: number;
1003
+ };
1004
+ rateLimitMax: {
1005
+ type: "number";
1006
+ required: false;
1007
+ input: false;
1008
+ defaultValue: number;
1009
+ };
1010
+ requestCount: {
1011
+ type: "number";
1012
+ required: false;
1013
+ input: false;
1014
+ defaultValue: number;
1015
+ };
1016
+ remaining: {
1017
+ type: "number";
1018
+ required: false;
1019
+ input: false;
1020
+ };
1021
+ lastRequest: {
1022
+ type: "date";
1023
+ required: false;
1024
+ input: false;
1025
+ };
1026
+ expiresAt: {
1027
+ type: "date";
1028
+ required: false;
1029
+ input: false;
1030
+ };
1031
+ createdAt: {
1032
+ type: "date";
1033
+ required: true;
1034
+ input: false;
1035
+ };
1036
+ updatedAt: {
1037
+ type: "date";
1038
+ required: true;
1039
+ input: false;
1040
+ };
1041
+ permissions: {
1042
+ type: "string";
1043
+ required: false;
1044
+ input: false;
1045
+ };
1046
+ metadata: {
1047
+ type: "string";
1048
+ required: false;
1049
+ input: true;
1050
+ transform: {
1051
+ input(value: import("better-auth").DBPrimitive): string;
1052
+ output(value: import("better-auth").DBPrimitive): any;
1053
+ };
1054
+ };
1055
+ };
1056
+ };
1057
+ };
1058
+ options: import("better-auth/plugins").ApiKeyOptions | undefined;
1059
+ };
1060
+ /**
1061
+ * Applies sensible defaults to Better Auth options.
1062
+ *
1063
+ * Currently applies the following defaults:
1064
+ * - `trustedOrigins`: If not explicitly provided but `baseURL` is set,
1065
+ * defaults to `[baseURL]`. This handles the common single-domain case
1066
+ * where the app's origin should be trusted for auth requests.
1067
+ *
1068
+ * Multi-domain setups can still explicitly set `trustedOrigins` to include
1069
+ * multiple origins.
1070
+ *
1071
+ * @example Simple case - trustedOrigins defaults to [baseURL]
1072
+ * ```ts
1073
+ * import { withBetterAuthDefaults } from '@delmaredigital/payload-better-auth'
1074
+ *
1075
+ * const auth = betterAuth(withBetterAuthDefaults({
1076
+ * baseURL: 'https://myapp.com',
1077
+ * // trustedOrigins automatically becomes ['https://myapp.com']
1078
+ * }))
1079
+ * ```
1080
+ *
1081
+ * @example Multi-domain case - explicit trustedOrigins respected
1082
+ * ```ts
1083
+ * const auth = betterAuth(withBetterAuthDefaults({
1084
+ * baseURL: 'https://myapp.com',
1085
+ * trustedOrigins: ['https://myapp.com', 'https://other-domain.com'],
1086
+ * // trustedOrigins stays as explicitly provided
1087
+ * }))
1088
+ * ```
1089
+ *
1090
+ * @example With createBetterAuthPlugin
1091
+ * ```ts
1092
+ * createBetterAuthPlugin({
1093
+ * createAuth: (payload) => betterAuth(withBetterAuthDefaults({
1094
+ * database: payloadAdapter({ payloadClient: payload }),
1095
+ * baseURL: process.env.BETTER_AUTH_URL,
1096
+ * })),
1097
+ * })
1098
+ * ```
1099
+ */
1100
+ export declare function withBetterAuthDefaults<T extends BetterAuthOptions>(options: T): T;
1101
+ export {};
1102
+ //# sourceMappingURL=betterAuthDefaults.d.ts.map