@delmaredigital/payload-better-auth 0.6.5 → 0.6.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -166,7 +166,11 @@ function generateCollection(modelKey, table, usePlural, adminGroup, customAccess
|
|
|
166
166
|
continue;
|
|
167
167
|
}
|
|
168
168
|
const fieldName = fieldDef.fieldName ?? fieldKey;
|
|
169
|
-
|
|
169
|
+
// Only treat as a relationship if it references the target's 'id' field.
|
|
170
|
+
// When referencing a non-PK field (e.g., oauthClient.clientId), use a plain
|
|
171
|
+
// text field instead — Payload relationships always FK to 'id', which would
|
|
172
|
+
// cause FK constraint violations for non-PK references.
|
|
173
|
+
const hasReferences = fieldDef.references !== undefined && (!fieldDef.references.field || fieldDef.references.field === 'id');
|
|
170
174
|
const fieldType = mapFieldType(fieldDef.type, fieldKey, hasReferences);
|
|
171
175
|
if (fieldType === 'relationship') {
|
|
172
176
|
// Use schema reference if available, otherwise infer from field name
|
package/dist/adapter/index.js
CHANGED
|
@@ -218,9 +218,12 @@
|
|
|
218
218
|
adapter: ({ schema, getModelName, debugLog })=>{
|
|
219
219
|
// Set fieldName on reference fields so the factory maps userId→user, etc.
|
|
220
220
|
// Payload uses relationship fields without the Id suffix.
|
|
221
|
+
// Only do this for references to 'id' (primary key). Non-PK references
|
|
222
|
+
// (e.g., oauthRefreshToken.clientId → oauthClient.clientId) stay as plain
|
|
223
|
+
// text fields and should keep their original name.
|
|
221
224
|
for (const table of Object.values(schema)){
|
|
222
225
|
for (const [fieldKey, fieldDef] of Object.entries(table.fields)){
|
|
223
|
-
if (fieldDef.references) {
|
|
226
|
+
if (fieldDef.references && (!fieldDef.references.field || fieldDef.references.field === 'id')) {
|
|
224
227
|
const stripped = fieldKey.replace(/(_id|Id)$/, '');
|
|
225
228
|
if (stripped !== fieldKey) fieldDef.fieldName = stripped;
|
|
226
229
|
}
|
package/dist/plugin/index.js
CHANGED
|
@@ -560,11 +560,16 @@ let apiKeyPermissionsConfig = undefined;
|
|
|
560
560
|
try {
|
|
561
561
|
const { verifyAccessToken } = await import('better-auth/oauth2');
|
|
562
562
|
const baseURL = auth.options?.baseURL;
|
|
563
|
+
const basePath = auth.options?.basePath || '/api/auth';
|
|
563
564
|
if (!baseURL) throw new Error('baseURL not configured');
|
|
565
|
+
// issuer = baseURL + basePath (e.g., https://example.com/api/auth)
|
|
566
|
+
// audience = baseURL (e.g., https://example.com) — the resource server
|
|
567
|
+
// jwks = issuer + /jwks
|
|
568
|
+
const issuer = `${baseURL}${basePath}`;
|
|
564
569
|
const jwtPayload = await verifyAccessToken(token, {
|
|
565
|
-
jwksUrl: `${
|
|
570
|
+
jwksUrl: `${issuer}/jwks`,
|
|
566
571
|
verifyOptions: {
|
|
567
|
-
issuer
|
|
572
|
+
issuer,
|
|
568
573
|
audience: baseURL
|
|
569
574
|
}
|
|
570
575
|
});
|