@hammadj/better-auth-core 1.5.0-beta.9

package/src/db/adapter/utils.ts

@@ -0,0 +1,61 @@
+import type { DBFieldAttribute } from "../type";
+
+export function withApplyDefault(
+	value: any,
+	field: DBFieldAttribute,
+	action: "create" | "update" | "findOne" | "findMany",
+) {
+	if (action === "update") {
+		// Apply onUpdate if value is undefined
+		if (value === undefined && field.onUpdate !== undefined) {
+			if (typeof field.onUpdate === "function") {
+				return field.onUpdate();
+			}
+			return field.onUpdate;
+		}
+		return value;
+	}
+	if (action === "create") {
+		// we do not want to apply default values if the value is null & not required
+		if (value === undefined || (field.required === true && value === null)) {
+			if (field.defaultValue !== undefined) {
+				if (typeof field.defaultValue === "function") {
+					return field.defaultValue();
+				}
+				return field.defaultValue;
+			}
+		}
+	}
+	return value;
+}
+
+function isObject(item: unknown): item is Record<string, unknown> {
+	return item !== null && typeof item === "object" && !Array.isArray(item);
+}
+
+export function deepmerge<T>(target: T, source: Partial<T>): T {
+	if (Array.isArray(target) && Array.isArray(source)) {
+		// merge arrays by concatenation
+		return [...target, ...source] as T;
+	} else if (isObject(target) && isObject(source)) {
+		const result: Record<string, unknown> = { ...target };
+
+		for (const [key, value] of Object.entries(source)) {
+			if (value === undefined) continue; // skip undefined
+
+			if (key in target) {
+				result[key] = deepmerge(
+					(target as Record<string, unknown>)[key],
+					value as unknown as Partial<T>,
+				);
+			} else {
+				result[key] = value;
+			}
+		}
+
+		return result as T;
+	}
+
+	// primitives and fallback: source overrides target
+	return source as T;
+}

package/src/db/get-tables.ts

@@ -0,0 +1,296 @@
+import type { BetterAuthOptions } from "../types";
+import type { BetterAuthDBSchema, DBFieldAttribute } from "./type";
+
+export const getAuthTables = (
+	options: BetterAuthOptions,
+): BetterAuthDBSchema => {
+	const pluginSchema = (options.plugins ?? []).reduce(
+		(acc, plugin) => {
+			const schema = plugin.schema;
+			if (!schema) return acc;
+			for (const [key, value] of Object.entries(schema)) {
+				acc[key] = {
+					fields: {
+						...acc[key]?.fields,
+						...value.fields,
+					},
+					modelName: value.modelName || key,
+				};
+			}
+			return acc;
+		},
+		{} as Record<
+			string,
+			{ fields: Record<string, DBFieldAttribute>; modelName: string }
+		>,
+	);
+
+	const shouldAddRateLimitTable = options.rateLimit?.storage === "database";
+	const rateLimitTable = {
+		rateLimit: {
+			modelName: options.rateLimit?.modelName || "rateLimit",
+			fields: {
+				key: {
+					type: "string",
+					unique: true,
+					required: true,
+					fieldName: options.rateLimit?.fields?.key || "key",
+				},
+				count: {
+					type: "number",
+					required: true,
+					fieldName: options.rateLimit?.fields?.count || "count",
+				},
+				lastRequest: {
+					type: "number",
+					bigint: true,
+					required: true,
+					fieldName: options.rateLimit?.fields?.lastRequest || "lastRequest",
+					defaultValue: () => Date.now(),
+				},
+			},
+		},
+	} satisfies BetterAuthDBSchema;
+
+	const { user, session, account, verification, ...pluginTables } =
+		pluginSchema;
+
+	const verificationTable = {
+		verification: {
+			modelName: options.verification?.modelName || "verification",
+			fields: {
+				identifier: {
+					type: "string",
+					required: true,
+					fieldName: options.verification?.fields?.identifier || "identifier",
+					index: true,
+				},
+				value: {
+					type: "string",
+					required: true,
+					fieldName: options.verification?.fields?.value || "value",
+				},
+				expiresAt: {
+					type: "date",
+					required: true,
+					fieldName: options.verification?.fields?.expiresAt || "expiresAt",
+				},
+				createdAt: {
+					type: "date",
+					required: true,
+					defaultValue: () => new Date(),
+					fieldName: options.verification?.fields?.createdAt || "createdAt",
+				},
+				updatedAt: {
+					type: "date",
+					required: true,
+					defaultValue: () => new Date(),
+					onUpdate: () => new Date(),
+					fieldName: options.verification?.fields?.updatedAt || "updatedAt",
+				},
+				...verification?.fields,
+				...options.verification?.additionalFields,
+			},
+			order: 4,
+		},
+	} satisfies BetterAuthDBSchema;
+
+	const sessionTable = {
+		session: {
+			modelName: options.session?.modelName || "session",
+			fields: {
+				expiresAt: {
+					type: "date",
+					required: true,
+					fieldName: options.session?.fields?.expiresAt || "expiresAt",
+				},
+				token: {
+					type: "string",
+					required: true,
+					fieldName: options.session?.fields?.token || "token",
+					unique: true,
+				},
+				createdAt: {
+					type: "date",
+					required: true,
+					fieldName: options.session?.fields?.createdAt || "createdAt",
+					defaultValue: () => new Date(),
+				},
+				updatedAt: {
+					type: "date",
+					required: true,
+					fieldName: options.session?.fields?.updatedAt || "updatedAt",
+					onUpdate: () => new Date(),
+				},
+				ipAddress: {
+					type: "string",
+					required: false,
+					fieldName: options.session?.fields?.ipAddress || "ipAddress",
+				},
+				userAgent: {
+					type: "string",
+					required: false,
+					fieldName: options.session?.fields?.userAgent || "userAgent",
+				},
+				userId: {
+					type: "string",
+					fieldName: options.session?.fields?.userId || "userId",
+					references: {
+						model: options.user?.modelName || "user",
+						field: "id",
+						onDelete: "cascade",
+					},
+					required: true,
+					index: true,
+				},
+				...session?.fields,
+				...options.session?.additionalFields,
+			},
+			order: 2,
+		},
+	} satisfies BetterAuthDBSchema;
+
+	return {
+		user: {
+			modelName: options.user?.modelName || "user",
+			fields: {
+				name: {
+					type: "string",
+					required: true,
+					fieldName: options.user?.fields?.name || "name",
+					sortable: true,
+				},
+				email: {
+					type: "string",
+					unique: true,
+					required: true,
+					fieldName: options.user?.fields?.email || "email",
+					sortable: true,
+				},
+				emailVerified: {
+					type: "boolean",
+					defaultValue: false,
+					required: true,
+					fieldName: options.user?.fields?.emailVerified || "emailVerified",
+					input: false,
+				},
+				image: {
+					type: "string",
+					required: false,
+					fieldName: options.user?.fields?.image || "image",
+				},
+				createdAt: {
+					type: "date",
+					defaultValue: () => new Date(),
+					required: true,
+					fieldName: options.user?.fields?.createdAt || "createdAt",
+				},
+				updatedAt: {
+					type: "date",
+					defaultValue: () => new Date(),
+					onUpdate: () => new Date(),
+					required: true,
+					fieldName: options.user?.fields?.updatedAt || "updatedAt",
+				},
+				...user?.fields,
+				...options.user?.additionalFields,
+			},
+			order: 1,
+		},
+		//only add session table if it's not stored in secondary storage
+		...(!options.secondaryStorage || options.session?.storeSessionInDatabase
+			? sessionTable
+			: {}),
+		account: {
+			modelName: options.account?.modelName || "account",
+			fields: {
+				accountId: {
+					type: "string",
+					required: true,
+					fieldName: options.account?.fields?.accountId || "accountId",
+				},
+				providerId: {
+					type: "string",
+					required: true,
+					fieldName: options.account?.fields?.providerId || "providerId",
+				},
+				userId: {
+					type: "string",
+					references: {
+						model: options.user?.modelName || "user",
+						field: "id",
+						onDelete: "cascade",
+					},
+					required: true,
+					fieldName: options.account?.fields?.userId || "userId",
+					index: true,
+				},
+				accessToken: {
+					type: "string",
+					required: false,
+					returned: false,
+					fieldName: options.account?.fields?.accessToken || "accessToken",
+				},
+				refreshToken: {
+					type: "string",
+					required: false,
+					returned: false,
+					fieldName: options.account?.fields?.refreshToken || "refreshToken",
+				},
+				idToken: {
+					type: "string",
+					required: false,
+					returned: false,
+					fieldName: options.account?.fields?.idToken || "idToken",
+				},
+				accessTokenExpiresAt: {
+					type: "date",
+					required: false,
+					returned: false,
+					fieldName:
+						options.account?.fields?.accessTokenExpiresAt ||
+						"accessTokenExpiresAt",
+				},
+				refreshTokenExpiresAt: {
+					type: "date",
+					required: false,
+					returned: false,
+					fieldName:
+						options.account?.fields?.refreshTokenExpiresAt ||
+						"refreshTokenExpiresAt",
+				},
+				scope: {
+					type: "string",
+					required: false,
+					fieldName: options.account?.fields?.scope || "scope",
+				},
+				password: {
+					type: "string",
+					required: false,
+					returned: false,
+					fieldName: options.account?.fields?.password || "password",
+				},
+				createdAt: {
+					type: "date",
+					required: true,
+					fieldName: options.account?.fields?.createdAt || "createdAt",
+					defaultValue: () => new Date(),
+				},
+				updatedAt: {
+					type: "date",
+					required: true,
+					fieldName: options.account?.fields?.updatedAt || "updatedAt",
+					onUpdate: () => new Date(),
+				},
+				...account?.fields,
+				...options.account?.additionalFields,
+			},
+			order: 3,
+		},
+		...(!options.secondaryStorage || options.verification?.storeInDatabase
+			? verificationTable
+			: {}),
+		...pluginTables,
+		...(shouldAddRateLimitTable ? rateLimitTable : {}),
+	} satisfies BetterAuthDBSchema;
+};

package/src/db/index.ts

@@ -0,0 +1,18 @@
+export { getAuthTables } from "./get-tables";
+export type { BetterAuthPluginDBSchema } from "./plugin";
+export { type Account, accountSchema } from "./schema/account";
+export { type RateLimit, rateLimitSchema } from "./schema/rate-limit";
+export { type Session, sessionSchema } from "./schema/session";
+export { coreSchema } from "./schema/shared";
+export { type User, userSchema } from "./schema/user";
+export { type Verification, verificationSchema } from "./schema/verification";
+export type {
+	BaseModelNames,
+	BetterAuthDBSchema,
+	DBFieldAttribute,
+	DBFieldAttributeConfig,
+	DBFieldType,
+	DBPrimitive,
+	ModelNames,
+	SecondaryStorage,
+} from "./type";

package/src/db/plugin.ts

@@ -0,0 +1,11 @@
+import type { DBFieldAttribute } from "./type";
+
+export type BetterAuthPluginDBSchema = {
+	[table in string]: {
+		fields: {
+			[field: string]: DBFieldAttribute;
+		};
+		disableMigration?: boolean | undefined;
+		modelName?: string | undefined;
+	};
+};

package/src/db/schema/account.ts

@@ -0,0 +1,34 @@
+import * as z from "zod";
+import { coreSchema } from "./shared";
+
+export const accountSchema = coreSchema.extend({
+	providerId: z.string(),
+	accountId: z.string(),
+	userId: z.coerce.string(),
+	accessToken: z.string().nullish(),
+	refreshToken: z.string().nullish(),
+	idToken: z.string().nullish(),
+	/**
+	 * Access token expires at
+	 */
+	accessTokenExpiresAt: z.date().nullish(),
+	/**
+	 * Refresh token expires at
+	 */
+	refreshTokenExpiresAt: z.date().nullish(),
+	/**
+	 * The scopes that the user has authorized
+	 */
+	scope: z.string().nullish(),
+	/**
+	 * Password is only stored in the credential provider
+	 */
+	password: z.string().nullish(),
+});
+
+/**
+ * Account schema type used by better-auth, note that it's possible that account could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+export type Account = z.infer<typeof accountSchema>;

package/src/db/schema/rate-limit.ts

@@ -0,0 +1,21 @@
+import * as z from "zod";
+
+export const rateLimitSchema = z.object({
+	/**
+	 * The key to use for rate limiting
+	 */
+	key: z.string(),
+	/**
+	 * The number of requests made
+	 */
+	count: z.number(),
+	/**
+	 * The last request time in milliseconds
+	 */
+	lastRequest: z.number(),
+});
+
+/**
+ * Rate limit schema type used by better-auth for rate limiting
+ */
+export type RateLimit = z.infer<typeof rateLimitSchema>;

package/src/db/schema/session.ts

@@ -0,0 +1,17 @@
+import * as z from "zod";
+import { coreSchema } from "./shared";
+
+export const sessionSchema = coreSchema.extend({
+	userId: z.coerce.string(),
+	expiresAt: z.date(),
+	token: z.string(),
+	ipAddress: z.string().nullish(),
+	userAgent: z.string().nullish(),
+});
+
+/**
+ * Session schema type used by better-auth, note that it's possible that session could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+export type Session = z.infer<typeof sessionSchema>;

package/src/db/schema/shared.ts

@@ -0,0 +1,7 @@
+import * as z from "zod";
+
+export const coreSchema = z.object({
+	id: z.string(),
+	createdAt: z.date().default(() => new Date()),
+	updatedAt: z.date().default(() => new Date()),
+});

package/src/db/schema/user.ts

@@ -0,0 +1,16 @@
+import * as z from "zod";
+import { coreSchema } from "./shared";
+
+export const userSchema = coreSchema.extend({
+	email: z.string().transform((val) => val.toLowerCase()),
+	emailVerified: z.boolean().default(false),
+	name: z.string(),
+	image: z.string().nullish(),
+});
+
+/**
+ * User schema type used by better-auth, note that it's possible that user could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+export type User = z.infer<typeof userSchema>;

package/src/db/schema/verification.ts

@@ -0,0 +1,15 @@
+import * as z from "zod";
+import { coreSchema } from "./shared";
+
+export const verificationSchema = coreSchema.extend({
+	value: z.string(),
+	expiresAt: z.date(),
+	identifier: z.string(),
+});
+
+/**
+ * Verification schema type used by better-auth, note that it's possible that verification could have additional fields
+ *
+ * todo: we should use generics to extend this type with additional fields from plugins and options in the future
+ */
+export type Verification = z.infer<typeof verificationSchema>;

package/src/db/test/get-tables.test.ts

@@ -0,0 +1,116 @@
+import { describe, expect, it } from "vitest";
+import { getAuthTables } from "../get-tables";
+
+describe("getAuthTables", () => {
+	it("should use correct field name for refreshTokenExpiresAt", () => {
+		const tables = getAuthTables({
+			account: {
+				fields: {
+					refreshTokenExpiresAt: "custom_refresh_token_expires_at",
+				},
+			},
+		});
+
+		const accountTable = tables.account;
+		const refreshTokenExpiresAtField =
+			accountTable!.fields.refreshTokenExpiresAt!;
+
+		expect(refreshTokenExpiresAtField.fieldName).toBe(
+			"custom_refresh_token_expires_at",
+		);
+	});
+
+	it("should not use accessTokenExpiresAt field name for refreshTokenExpiresAt", () => {
+		const tables = getAuthTables({
+			account: {
+				fields: {
+					accessTokenExpiresAt: "custom_access_token_expires_at",
+					refreshTokenExpiresAt: "custom_refresh_token_expires_at",
+				},
+			},
+		});
+
+		const accountTable = tables.account;
+		const refreshTokenExpiresAtField =
+			accountTable!.fields.refreshTokenExpiresAt!;
+		const accessTokenExpiresAtField =
+			accountTable!.fields.accessTokenExpiresAt!;
+
+		expect(refreshTokenExpiresAtField.fieldName).toBe(
+			"custom_refresh_token_expires_at",
+		);
+		expect(accessTokenExpiresAtField.fieldName).toBe(
+			"custom_access_token_expires_at",
+		);
+		expect(refreshTokenExpiresAtField.fieldName).not.toBe(
+			accessTokenExpiresAtField.fieldName,
+		);
+	});
+
+	it("should use default field names when no custom names provided", () => {
+		const tables = getAuthTables({});
+
+		const accountTable = tables.account;
+		const refreshTokenExpiresAtField =
+			accountTable!.fields.refreshTokenExpiresAt!;
+		const accessTokenExpiresAtField =
+			accountTable!.fields.accessTokenExpiresAt!;
+
+		expect(refreshTokenExpiresAtField.fieldName).toBe("refreshTokenExpiresAt");
+		expect(accessTokenExpiresAtField.fieldName).toBe("accessTokenExpiresAt");
+	});
+
+	it("should merge additionalFields into verification table metadata", () => {
+		const tables = getAuthTables({
+			verification: {
+				additionalFields: {
+					newField: {
+						fieldName: "new_field",
+						type: "string",
+					},
+				},
+			},
+		});
+
+		const verificationTable = tables.verification;
+		const newField = verificationTable!.fields.newField!;
+
+		console.log(newField);
+		expect(newField).not.toBeUndefined();
+		expect(newField.fieldName).toBe("new_field");
+		expect(newField.type).toBe("string");
+	});
+
+	it("should exclude verification table when secondaryStorage is configured", () => {
+		const tables = getAuthTables({
+			secondaryStorage: {
+				get: async () => null,
+				set: async () => {},
+				delete: async () => {},
+			},
+		});
+
+		expect(tables.verification).toBeUndefined();
+	});
+
+	it("should include verification table when storeInDatabase is true", () => {
+		const tables = getAuthTables({
+			secondaryStorage: {
+				get: async () => null,
+				set: async () => {},
+				delete: async () => {},
+			},
+			verification: {
+				storeInDatabase: true,
+			},
+		});
+
+		expect(tables.verification).toBeDefined();
+	});
+
+	it("should include verification table when no secondaryStorage", () => {
+		const tables = getAuthTables({});
+
+		expect(tables.verification).toBeDefined();
+	});
+});