npm - @delmaredigital/payload-better-auth - Versions diffs - 0.7.3 → 0.7.4 - Mend

@delmaredigital/payload-better-auth 0.7.3 → 0.7.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/components/management/TwoFactorManagementClient.js +32 -8
package/package.json +1 -1

package/dist/components/management/TwoFactorManagementClient.js CHANGED Viewed

@@ -17,6 +17,7 @@ import { createPayloadAuthClient } from '../../exports/client.js';
     const [backupCodes, setBackupCodes] = useState([]);
     const [verificationCode, setVerificationCode] = useState('');
     const [password, setPassword] = useState('');
+    const [passwordAction, setPasswordAction] = useState('enable');
     const [actionLoading, setActionLoading] = useState(false);
     const getClient = ()=>providedClient ?? createPayloadAuthClient();
     useEffect(()=>{
@@ -41,10 +42,18 @@ import { createPayloadAuthClient } from '../../exports/client.js';
     }
     function handleEnableClick() {
         // Show password prompt first
+        setPasswordAction('enable');
         setStep('password');
         setPassword('');
         setError(null);
     }
+    function handlePasswordContinue() {
+        if (passwordAction === 'disable') {
+            void handleDisableWithPassword();
+        } else {
+            void handleEnableWithPassword();
+        }
+    }
     async function handleEnableWithPassword() {
         setActionLoading(true);
         setError(null);
@@ -95,21 +104,32 @@ import { createPayloadAuthClient } from '../../exports/client.js';
             setActionLoading(false);
         }
     }
-    async function handleDisable() {
+    function handleDisableClick() {
         if (!confirm('Are you sure you want to disable two-factor authentication?')) {
             return;
         }
+        // Better Auth's /two-factor/disable requires the account password.
+        // Prompt for it instead of sending an empty string (which fails with
+        // "Invalid password" before the real password is ever checked).
+        setPasswordAction('disable');
+        setStep('password');
+        setPassword('');
+        setError(null);
+    }
+    async function handleDisableWithPassword() {
         setActionLoading(true);
         setError(null);
         try {
             const client = getClient();
             const result = await client.twoFactor.disable({
-                password: ''
+                password
             });
             if (result.error) {
                 setError(result.error.message ?? 'Failed to disable 2FA');
             } else {
                 setIsEnabled(false);
+                setPassword('');
+                setStep('status');
                 onComplete?.();
             }
         } catch  {
@@ -153,7 +173,7 @@ import { createPayloadAuthClient } from '../../exports/client.js';
                     /*#__PURE__*/ _jsx(Button, {
                         buttonStyle: isEnabled ? 'error' : 'secondary',
                         size: "small",
-                        onClick: isEnabled ? handleDisable : handleEnableClick,
+                        onClick: isEnabled ? handleDisableClick : handleEnableClick,
                         disabled: actionLoading,
                         children: actionLoading ? 'Loading...' : isEnabled ? 'Disable' : 'Enable'
                     })
@@ -161,9 +181,13 @@ import { createPayloadAuthClient } from '../../exports/client.js';
             }),
             step === 'password' && /*#__PURE__*/ _jsxs("div", {
                 children: [
-                    /*#__PURE__*/ _jsx("p", {
+                    /*#__PURE__*/ _jsxs("p", {
                         className: "field-description",
-                        children: "Enter your password to enable two-factor authentication."
+                        children: [
+                            "Enter your password to ",
+                            passwordAction === 'disable' ? 'disable' : 'enable',
+                            " two-factor authentication."
+                        ]
                     }),
                     /*#__PURE__*/ _jsx("input", {
                         type: "password",
@@ -172,7 +196,7 @@ import { createPayloadAuthClient } from '../../exports/client.js';
                         onKeyDown: (e)=>{
                             if (e.key === 'Enter' && password) {
                                 e.preventDefault();
-                                handleEnableWithPassword();
+                                handlePasswordContinue();
                             }
                         },
                         placeholder: "Enter your password",
@@ -198,9 +222,9 @@ import { createPayloadAuthClient } from '../../exports/client.js';
                             /*#__PURE__*/ _jsx(Button, {
                                 buttonStyle: "primary",
                                 size: "small",
-                                onClick: handleEnableWithPassword,
+                                onClick: handlePasswordContinue,
                                 disabled: actionLoading || !password,
-                                children: actionLoading ? 'Enabling...' : 'Continue'
+                                children: actionLoading ? passwordAction === 'disable' ? 'Disabling...' : 'Enabling...' : 'Continue'
                             }),
                             /*#__PURE__*/ _jsx(Button, {
                                 buttonStyle: "secondary",

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@delmaredigital/payload-better-auth",
-  "version": "0.7.3",
+  "version": "0.7.4",
   "description": "Better Auth adapter and plugins for Payload CMS",
   "type": "module",
   "license": "MIT",