npm - @hammadj/better-auth - Versions diffs - 1.5.0-beta.9 - Mend

@hammadj/better-auth 1.5.0-beta.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (688) hide show

package/LICENSE.md +20 -0
package/README.md +33 -0
package/dist/_virtual/rolldown_runtime.mjs +36 -0
package/dist/adapters/drizzle-adapter/index.d.mts +1 -0
package/dist/adapters/drizzle-adapter/index.mjs +3 -0
package/dist/adapters/index.d.mts +23 -0
package/dist/adapters/index.mjs +13 -0
package/dist/adapters/index.mjs.map +1 -0
package/dist/adapters/kysely-adapter/index.d.mts +1 -0
package/dist/adapters/kysely-adapter/index.mjs +3 -0
package/dist/adapters/memory-adapter/index.d.mts +1 -0
package/dist/adapters/memory-adapter/index.mjs +3 -0
package/dist/adapters/mongodb-adapter/index.d.mts +1 -0
package/dist/adapters/mongodb-adapter/index.mjs +3 -0
package/dist/adapters/prisma-adapter/index.d.mts +1 -0
package/dist/adapters/prisma-adapter/index.mjs +3 -0
package/dist/api/index.d.mts +40 -0
package/dist/api/index.mjs +205 -0
package/dist/api/index.mjs.map +1 -0
package/dist/api/middlewares/index.d.mts +1 -0
package/dist/api/middlewares/index.mjs +3 -0
package/dist/api/middlewares/origin-check.d.mts +17 -0
package/dist/api/middlewares/origin-check.mjs +140 -0
package/dist/api/middlewares/origin-check.mjs.map +1 -0
package/dist/api/rate-limiter/index.mjs +177 -0
package/dist/api/rate-limiter/index.mjs.map +1 -0
package/dist/api/routes/account.d.mts +10 -0
package/dist/api/routes/account.mjs +493 -0
package/dist/api/routes/account.mjs.map +1 -0
package/dist/api/routes/callback.d.mts +5 -0
package/dist/api/routes/callback.mjs +178 -0
package/dist/api/routes/callback.mjs.map +1 -0
package/dist/api/routes/email-verification.d.mts +29 -0
package/dist/api/routes/email-verification.mjs +301 -0
package/dist/api/routes/email-verification.mjs.map +1 -0
package/dist/api/routes/error.d.mts +5 -0
package/dist/api/routes/error.mjs +386 -0
package/dist/api/routes/error.mjs.map +1 -0
package/dist/api/routes/index.d.mts +11 -0
package/dist/api/routes/index.mjs +13 -0
package/dist/api/routes/ok.d.mts +5 -0
package/dist/api/routes/ok.mjs +30 -0
package/dist/api/routes/ok.mjs.map +1 -0
package/dist/api/routes/password.d.mts +8 -0
package/dist/api/routes/password.mjs +198 -0
package/dist/api/routes/password.mjs.map +1 -0
package/dist/api/routes/session.d.mts +52 -0
package/dist/api/routes/session.mjs +478 -0
package/dist/api/routes/session.mjs.map +1 -0
package/dist/api/routes/sign-in.d.mts +8 -0
package/dist/api/routes/sign-in.mjs +262 -0
package/dist/api/routes/sign-in.mjs.map +1 -0
package/dist/api/routes/sign-out.d.mts +5 -0
package/dist/api/routes/sign-out.mjs +33 -0
package/dist/api/routes/sign-out.mjs.map +1 -0
package/dist/api/routes/sign-up.d.mts +7 -0
package/dist/api/routes/sign-up.mjs +227 -0
package/dist/api/routes/sign-up.mjs.map +1 -0
package/dist/api/routes/update-user.d.mts +12 -0
package/dist/api/routes/update-user.mjs +493 -0
package/dist/api/routes/update-user.mjs.map +1 -0
package/dist/api/state/oauth.d.mts +5 -0
package/dist/api/state/oauth.mjs +8 -0
package/dist/api/state/oauth.mjs.map +1 -0
package/dist/api/state/should-session-refresh.d.mts +13 -0
package/dist/api/state/should-session-refresh.mjs +16 -0
package/dist/api/state/should-session-refresh.mjs.map +1 -0
package/dist/api/to-auth-endpoints.mjs +197 -0
package/dist/api/to-auth-endpoints.mjs.map +1 -0
package/dist/auth/base.mjs +44 -0
package/dist/auth/base.mjs.map +1 -0
package/dist/auth/full.d.mts +30 -0
package/dist/auth/full.mjs +32 -0
package/dist/auth/full.mjs.map +1 -0
package/dist/auth/minimal.d.mts +12 -0
package/dist/auth/minimal.mjs +14 -0
package/dist/auth/minimal.mjs.map +1 -0
package/dist/auth/trusted-origins.mjs +31 -0
package/dist/auth/trusted-origins.mjs.map +1 -0
package/dist/client/broadcast-channel.d.mts +20 -0
package/dist/client/broadcast-channel.mjs +46 -0
package/dist/client/broadcast-channel.mjs.map +1 -0
package/dist/client/config.mjs +90 -0
package/dist/client/config.mjs.map +1 -0
package/dist/client/fetch-plugins.mjs +18 -0
package/dist/client/fetch-plugins.mjs.map +1 -0
package/dist/client/focus-manager.d.mts +11 -0
package/dist/client/focus-manager.mjs +32 -0
package/dist/client/focus-manager.mjs.map +1 -0
package/dist/client/index.d.mts +30 -0
package/dist/client/index.mjs +21 -0
package/dist/client/index.mjs.map +1 -0
package/dist/client/lynx/index.d.mts +62 -0
package/dist/client/lynx/index.mjs +24 -0
package/dist/client/lynx/index.mjs.map +1 -0
package/dist/client/lynx/lynx-store.d.mts +47 -0
package/dist/client/lynx/lynx-store.mjs +47 -0
package/dist/client/lynx/lynx-store.mjs.map +1 -0
package/dist/client/online-manager.d.mts +12 -0
package/dist/client/online-manager.mjs +35 -0
package/dist/client/online-manager.mjs.map +1 -0
package/dist/client/parser.mjs +73 -0
package/dist/client/parser.mjs.map +1 -0
package/dist/client/path-to-object.d.mts +57 -0
package/dist/client/plugins/index.d.mts +58 -0
package/dist/client/plugins/index.mjs +33 -0
package/dist/client/plugins/infer-plugin.d.mts +9 -0
package/dist/client/plugins/infer-plugin.mjs +11 -0
package/dist/client/plugins/infer-plugin.mjs.map +1 -0
package/dist/client/proxy.mjs +79 -0
package/dist/client/proxy.mjs.map +1 -0
package/dist/client/query.d.mts +23 -0
package/dist/client/query.mjs +98 -0
package/dist/client/query.mjs.map +1 -0
package/dist/client/react/index.d.mts +63 -0
package/dist/client/react/index.mjs +24 -0
package/dist/client/react/index.mjs.map +1 -0
package/dist/client/react/react-store.d.mts +47 -0
package/dist/client/react/react-store.mjs +47 -0
package/dist/client/react/react-store.mjs.map +1 -0
package/dist/client/session-atom.mjs +29 -0
package/dist/client/session-atom.mjs.map +1 -0
package/dist/client/session-refresh.d.mts +28 -0
package/dist/client/session-refresh.mjs +140 -0
package/dist/client/session-refresh.mjs.map +1 -0
package/dist/client/solid/index.d.mts +57 -0
package/dist/client/solid/index.mjs +22 -0
package/dist/client/solid/index.mjs.map +1 -0
package/dist/client/solid/solid-store.mjs +24 -0
package/dist/client/solid/solid-store.mjs.map +1 -0
package/dist/client/svelte/index.d.mts +63 -0
package/dist/client/svelte/index.mjs +20 -0
package/dist/client/svelte/index.mjs.map +1 -0
package/dist/client/types.d.mts +58 -0
package/dist/client/vanilla.d.mts +62 -0
package/dist/client/vanilla.mjs +20 -0
package/dist/client/vanilla.mjs.map +1 -0
package/dist/client/vue/index.d.mts +86 -0
package/dist/client/vue/index.mjs +38 -0
package/dist/client/vue/index.mjs.map +1 -0
package/dist/client/vue/vue-store.mjs +26 -0
package/dist/client/vue/vue-store.mjs.map +1 -0
package/dist/context/create-context.mjs +211 -0
package/dist/context/create-context.mjs.map +1 -0
package/dist/context/helpers.mjs +62 -0
package/dist/context/helpers.mjs.map +1 -0
package/dist/context/init-minimal.mjs +20 -0
package/dist/context/init-minimal.mjs.map +1 -0
package/dist/context/init.mjs +22 -0
package/dist/context/init.mjs.map +1 -0
package/dist/cookies/cookie-utils.d.mts +29 -0
package/dist/cookies/cookie-utils.mjs +105 -0
package/dist/cookies/cookie-utils.mjs.map +1 -0
package/dist/cookies/index.d.mts +67 -0
package/dist/cookies/index.mjs +264 -0
package/dist/cookies/index.mjs.map +1 -0
package/dist/cookies/session-store.d.mts +36 -0
package/dist/cookies/session-store.mjs +200 -0
package/dist/cookies/session-store.mjs.map +1 -0
package/dist/crypto/buffer.d.mts +8 -0
package/dist/crypto/buffer.mjs +18 -0
package/dist/crypto/buffer.mjs.map +1 -0
package/dist/crypto/index.d.mts +27 -0
package/dist/crypto/index.mjs +38 -0
package/dist/crypto/index.mjs.map +1 -0
package/dist/crypto/jwt.d.mts +8 -0
package/dist/crypto/jwt.mjs +95 -0
package/dist/crypto/jwt.mjs.map +1 -0
package/dist/crypto/password.d.mts +12 -0
package/dist/crypto/password.mjs +36 -0
package/dist/crypto/password.mjs.map +1 -0
package/dist/crypto/random.d.mts +5 -0
package/dist/crypto/random.mjs +8 -0
package/dist/crypto/random.mjs.map +1 -0
package/dist/db/adapter-base.d.mts +8 -0
package/dist/db/adapter-base.mjs +28 -0
package/dist/db/adapter-base.mjs.map +1 -0
package/dist/db/adapter-kysely.d.mts +8 -0
package/dist/db/adapter-kysely.mjs +21 -0
package/dist/db/adapter-kysely.mjs.map +1 -0
package/dist/db/field-converter.d.mts +8 -0
package/dist/db/field-converter.mjs +21 -0
package/dist/db/field-converter.mjs.map +1 -0
package/dist/db/field.d.mts +55 -0
package/dist/db/field.mjs +11 -0
package/dist/db/field.mjs.map +1 -0
package/dist/db/get-migration.d.mts +23 -0
package/dist/db/get-migration.mjs +339 -0
package/dist/db/get-migration.mjs.map +1 -0
package/dist/db/get-schema.d.mts +11 -0
package/dist/db/get-schema.mjs +39 -0
package/dist/db/get-schema.mjs.map +1 -0
package/dist/db/index.d.mts +9 -0
package/dist/db/index.mjs +36 -0
package/dist/db/index.mjs.map +1 -0
package/dist/db/internal-adapter.d.mts +14 -0
package/dist/db/internal-adapter.mjs +616 -0
package/dist/db/internal-adapter.mjs.map +1 -0
package/dist/db/schema.d.mts +26 -0
package/dist/db/schema.mjs +118 -0
package/dist/db/schema.mjs.map +1 -0
package/dist/db/to-zod.d.mts +36 -0
package/dist/db/to-zod.mjs +26 -0
package/dist/db/to-zod.mjs.map +1 -0
package/dist/db/verification-token-storage.mjs +28 -0
package/dist/db/verification-token-storage.mjs.map +1 -0
package/dist/db/with-hooks.d.mts +33 -0
package/dist/db/with-hooks.mjs +159 -0
package/dist/db/with-hooks.mjs.map +1 -0
package/dist/index.d.mts +52 -0
package/dist/index.mjs +26 -0
package/dist/integrations/next-js.d.mts +14 -0
package/dist/integrations/next-js.mjs +78 -0
package/dist/integrations/next-js.mjs.map +1 -0
package/dist/integrations/node.d.mts +13 -0
package/dist/integrations/node.mjs +16 -0
package/dist/integrations/node.mjs.map +1 -0
package/dist/integrations/solid-start.d.mts +23 -0
package/dist/integrations/solid-start.mjs +17 -0
package/dist/integrations/solid-start.mjs.map +1 -0
package/dist/integrations/svelte-kit.d.mts +29 -0
package/dist/integrations/svelte-kit.mjs +57 -0
package/dist/integrations/svelte-kit.mjs.map +1 -0
package/dist/integrations/tanstack-start-solid.d.mts +22 -0
package/dist/integrations/tanstack-start-solid.mjs +61 -0
package/dist/integrations/tanstack-start-solid.mjs.map +1 -0
package/dist/integrations/tanstack-start.d.mts +22 -0
package/dist/integrations/tanstack-start.mjs +61 -0
package/dist/integrations/tanstack-start.mjs.map +1 -0
package/dist/oauth2/index.d.mts +5 -0
package/dist/oauth2/index.mjs +7 -0
package/dist/oauth2/link-account.d.mts +31 -0
package/dist/oauth2/link-account.mjs +144 -0
package/dist/oauth2/link-account.mjs.map +1 -0
package/dist/oauth2/state.d.mts +26 -0
package/dist/oauth2/state.mjs +51 -0
package/dist/oauth2/state.mjs.map +1 -0
package/dist/oauth2/utils.d.mts +8 -0
package/dist/oauth2/utils.mjs +31 -0
package/dist/oauth2/utils.mjs.map +1 -0
package/dist/plugins/access/access.d.mts +30 -0
package/dist/plugins/access/access.mjs +46 -0
package/dist/plugins/access/access.mjs.map +1 -0
package/dist/plugins/access/index.d.mts +3 -0
package/dist/plugins/access/index.mjs +3 -0
package/dist/plugins/access/types.d.mts +17 -0
package/dist/plugins/additional-fields/client.d.mts +14 -0
package/dist/plugins/additional-fields/client.mjs +11 -0
package/dist/plugins/additional-fields/client.mjs.map +1 -0
package/dist/plugins/admin/access/index.d.mts +2 -0
package/dist/plugins/admin/access/index.mjs +3 -0
package/dist/plugins/admin/access/statement.d.mts +118 -0
package/dist/plugins/admin/access/statement.mjs +53 -0
package/dist/plugins/admin/access/statement.mjs.map +1 -0
package/dist/plugins/admin/admin.d.mts +14 -0
package/dist/plugins/admin/admin.mjs +95 -0
package/dist/plugins/admin/admin.mjs.map +1 -0
package/dist/plugins/admin/client.d.mts +14 -0
package/dist/plugins/admin/client.mjs +36 -0
package/dist/plugins/admin/client.mjs.map +1 -0
package/dist/plugins/admin/error-codes.d.mts +5 -0
package/dist/plugins/admin/error-codes.mjs +30 -0
package/dist/plugins/admin/error-codes.mjs.map +1 -0
package/dist/plugins/admin/has-permission.mjs +16 -0
package/dist/plugins/admin/has-permission.mjs.map +1 -0
package/dist/plugins/admin/index.d.mts +3 -0
package/dist/plugins/admin/index.mjs +3 -0
package/dist/plugins/admin/routes.mjs +855 -0
package/dist/plugins/admin/routes.mjs.map +1 -0
package/dist/plugins/admin/schema.d.mts +6 -0
package/dist/plugins/admin/schema.mjs +34 -0
package/dist/plugins/admin/schema.mjs.map +1 -0
package/dist/plugins/admin/types.d.mts +89 -0
package/dist/plugins/anonymous/client.d.mts +9 -0
package/dist/plugins/anonymous/client.mjs +22 -0
package/dist/plugins/anonymous/client.mjs.map +1 -0
package/dist/plugins/anonymous/error-codes.d.mts +5 -0
package/dist/plugins/anonymous/error-codes.mjs +16 -0
package/dist/plugins/anonymous/error-codes.mjs.map +1 -0
package/dist/plugins/anonymous/index.d.mts +14 -0
package/dist/plugins/anonymous/index.mjs +163 -0
package/dist/plugins/anonymous/index.mjs.map +1 -0
package/dist/plugins/anonymous/schema.d.mts +5 -0
package/dist/plugins/anonymous/schema.mjs +11 -0
package/dist/plugins/anonymous/schema.mjs.map +1 -0
package/dist/plugins/anonymous/types.d.mts +68 -0
package/dist/plugins/api-key/adapter.mjs +468 -0
package/dist/plugins/api-key/adapter.mjs.map +1 -0
package/dist/plugins/api-key/client.d.mts +9 -0
package/dist/plugins/api-key/client.mjs +19 -0
package/dist/plugins/api-key/client.mjs.map +1 -0
package/dist/plugins/api-key/error-codes.d.mts +5 -0
package/dist/plugins/api-key/error-codes.mjs +34 -0
package/dist/plugins/api-key/error-codes.mjs.map +1 -0
package/dist/plugins/api-key/index.d.mts +17 -0
package/dist/plugins/api-key/index.mjs +134 -0
package/dist/plugins/api-key/index.mjs.map +1 -0
package/dist/plugins/api-key/rate-limit.mjs +74 -0
package/dist/plugins/api-key/rate-limit.mjs.map +1 -0
package/dist/plugins/api-key/routes/create-api-key.mjs +252 -0
package/dist/plugins/api-key/routes/create-api-key.mjs.map +1 -0
package/dist/plugins/api-key/routes/delete-all-expired-api-keys.mjs +24 -0
package/dist/plugins/api-key/routes/delete-all-expired-api-keys.mjs.map +1 -0
package/dist/plugins/api-key/routes/delete-api-key.mjs +74 -0
package/dist/plugins/api-key/routes/delete-api-key.mjs.map +1 -0
package/dist/plugins/api-key/routes/get-api-key.mjs +158 -0
package/dist/plugins/api-key/routes/get-api-key.mjs.map +1 -0
package/dist/plugins/api-key/routes/index.mjs +71 -0
package/dist/plugins/api-key/routes/index.mjs.map +1 -0
package/dist/plugins/api-key/routes/list-api-keys.mjs +194 -0
package/dist/plugins/api-key/routes/list-api-keys.mjs.map +1 -0
package/dist/plugins/api-key/routes/update-api-key.mjs +248 -0
package/dist/plugins/api-key/routes/update-api-key.mjs.map +1 -0
package/dist/plugins/api-key/routes/verify-api-key.mjs +223 -0
package/dist/plugins/api-key/routes/verify-api-key.mjs.map +1 -0
package/dist/plugins/api-key/schema.d.mts +11 -0
package/dist/plugins/api-key/schema.mjs +130 -0
package/dist/plugins/api-key/schema.mjs.map +1 -0
package/dist/plugins/api-key/types.d.mts +346 -0
package/dist/plugins/bearer/index.d.mts +25 -0
package/dist/plugins/bearer/index.mjs +66 -0
package/dist/plugins/bearer/index.mjs.map +1 -0
package/dist/plugins/captcha/constants.d.mts +10 -0
package/dist/plugins/captcha/constants.mjs +22 -0
package/dist/plugins/captcha/constants.mjs.map +1 -0
package/dist/plugins/captcha/error-codes.mjs +16 -0
package/dist/plugins/captcha/error-codes.mjs.map +1 -0
package/dist/plugins/captcha/index.d.mts +14 -0
package/dist/plugins/captcha/index.mjs +60 -0
package/dist/plugins/captcha/index.mjs.map +1 -0
package/dist/plugins/captcha/types.d.mts +28 -0
package/dist/plugins/captcha/utils.mjs +11 -0
package/dist/plugins/captcha/utils.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/captchafox.mjs +27 -0
package/dist/plugins/captcha/verify-handlers/captchafox.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/cloudflare-turnstile.mjs +25 -0
package/dist/plugins/captcha/verify-handlers/cloudflare-turnstile.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/google-recaptcha.mjs +29 -0
package/dist/plugins/captcha/verify-handlers/google-recaptcha.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/h-captcha.mjs +27 -0
package/dist/plugins/captcha/verify-handlers/h-captcha.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/index.mjs +6 -0
package/dist/plugins/custom-session/client.d.mts +10 -0
package/dist/plugins/custom-session/client.mjs +11 -0
package/dist/plugins/custom-session/client.mjs.map +1 -0
package/dist/plugins/custom-session/index.d.mts +26 -0
package/dist/plugins/custom-session/index.mjs +70 -0
package/dist/plugins/custom-session/index.mjs.map +1 -0
package/dist/plugins/device-authorization/client.d.mts +5 -0
package/dist/plugins/device-authorization/client.mjs +18 -0
package/dist/plugins/device-authorization/client.mjs.map +1 -0
package/dist/plugins/device-authorization/error-codes.mjs +21 -0
package/dist/plugins/device-authorization/error-codes.mjs.map +1 -0
package/dist/plugins/device-authorization/index.d.mts +28 -0
package/dist/plugins/device-authorization/index.mjs +50 -0
package/dist/plugins/device-authorization/index.mjs.map +1 -0
package/dist/plugins/device-authorization/routes.mjs +510 -0
package/dist/plugins/device-authorization/routes.mjs.map +1 -0
package/dist/plugins/device-authorization/schema.mjs +57 -0
package/dist/plugins/device-authorization/schema.mjs.map +1 -0
package/dist/plugins/email-otp/client.d.mts +7 -0
package/dist/plugins/email-otp/client.mjs +18 -0
package/dist/plugins/email-otp/client.mjs.map +1 -0
package/dist/plugins/email-otp/error-codes.d.mts +5 -0
package/dist/plugins/email-otp/error-codes.mjs +12 -0
package/dist/plugins/email-otp/error-codes.mjs.map +1 -0
package/dist/plugins/email-otp/index.d.mts +14 -0
package/dist/plugins/email-otp/index.mjs +108 -0
package/dist/plugins/email-otp/index.mjs.map +1 -0
package/dist/plugins/email-otp/otp-token.mjs +29 -0
package/dist/plugins/email-otp/otp-token.mjs.map +1 -0
package/dist/plugins/email-otp/routes.mjs +564 -0
package/dist/plugins/email-otp/routes.mjs.map +1 -0
package/dist/plugins/email-otp/types.d.mts +74 -0
package/dist/plugins/email-otp/utils.mjs +17 -0
package/dist/plugins/email-otp/utils.mjs.map +1 -0
package/dist/plugins/generic-oauth/client.d.mts +19 -0
package/dist/plugins/generic-oauth/client.mjs +14 -0
package/dist/plugins/generic-oauth/client.mjs.map +1 -0
package/dist/plugins/generic-oauth/error-codes.d.mts +5 -0
package/dist/plugins/generic-oauth/error-codes.mjs +15 -0
package/dist/plugins/generic-oauth/error-codes.mjs.map +1 -0
package/dist/plugins/generic-oauth/index.d.mts +34 -0
package/dist/plugins/generic-oauth/index.mjs +137 -0
package/dist/plugins/generic-oauth/index.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/auth0.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/auth0.mjs +62 -0
package/dist/plugins/generic-oauth/providers/auth0.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/gumroad.d.mts +32 -0
package/dist/plugins/generic-oauth/providers/gumroad.mjs +60 -0
package/dist/plugins/generic-oauth/providers/gumroad.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/hubspot.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/hubspot.mjs +60 -0
package/dist/plugins/generic-oauth/providers/hubspot.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/index.d.mts +9 -0
package/dist/plugins/generic-oauth/providers/index.mjs +11 -0
package/dist/plugins/generic-oauth/providers/keycloak.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/keycloak.mjs +62 -0
package/dist/plugins/generic-oauth/providers/keycloak.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/line.d.mts +55 -0
package/dist/plugins/generic-oauth/providers/line.mjs +91 -0
package/dist/plugins/generic-oauth/providers/line.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/microsoft-entra-id.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/microsoft-entra-id.mjs +66 -0
package/dist/plugins/generic-oauth/providers/microsoft-entra-id.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/okta.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/okta.mjs +62 -0
package/dist/plugins/generic-oauth/providers/okta.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/patreon.d.mts +30 -0
package/dist/plugins/generic-oauth/providers/patreon.mjs +59 -0
package/dist/plugins/generic-oauth/providers/patreon.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/slack.d.mts +30 -0
package/dist/plugins/generic-oauth/providers/slack.mjs +61 -0
package/dist/plugins/generic-oauth/providers/slack.mjs.map +1 -0
package/dist/plugins/generic-oauth/routes.mjs +394 -0
package/dist/plugins/generic-oauth/routes.mjs.map +1 -0
package/dist/plugins/generic-oauth/types.d.mts +145 -0
package/dist/plugins/haveibeenpwned/index.d.mts +21 -0
package/dist/plugins/haveibeenpwned/index.mjs +56 -0
package/dist/plugins/haveibeenpwned/index.mjs.map +1 -0
package/dist/plugins/index.d.mts +68 -0
package/dist/plugins/index.mjs +51 -0
package/dist/plugins/jwt/adapter.mjs +27 -0
package/dist/plugins/jwt/adapter.mjs.map +1 -0
package/dist/plugins/jwt/client.d.mts +18 -0
package/dist/plugins/jwt/client.mjs +19 -0
package/dist/plugins/jwt/client.mjs.map +1 -0
package/dist/plugins/jwt/index.d.mts +17 -0
package/dist/plugins/jwt/index.mjs +202 -0
package/dist/plugins/jwt/index.mjs.map +1 -0
package/dist/plugins/jwt/schema.d.mts +5 -0
package/dist/plugins/jwt/schema.mjs +23 -0
package/dist/plugins/jwt/schema.mjs.map +1 -0
package/dist/plugins/jwt/sign.d.mts +57 -0
package/dist/plugins/jwt/sign.mjs +66 -0
package/dist/plugins/jwt/sign.mjs.map +1 -0
package/dist/plugins/jwt/types.d.mts +194 -0
package/dist/plugins/jwt/utils.d.mts +42 -0
package/dist/plugins/jwt/utils.mjs +64 -0
package/dist/plugins/jwt/utils.mjs.map +1 -0
package/dist/plugins/jwt/verify.d.mts +12 -0
package/dist/plugins/jwt/verify.mjs +46 -0
package/dist/plugins/jwt/verify.mjs.map +1 -0
package/dist/plugins/last-login-method/client.d.mts +18 -0
package/dist/plugins/last-login-method/client.mjs +32 -0
package/dist/plugins/last-login-method/client.mjs.map +1 -0
package/dist/plugins/last-login-method/index.d.mts +52 -0
package/dist/plugins/last-login-method/index.mjs +77 -0
package/dist/plugins/last-login-method/index.mjs.map +1 -0
package/dist/plugins/magic-link/client.d.mts +5 -0
package/dist/plugins/magic-link/client.mjs +11 -0
package/dist/plugins/magic-link/client.mjs.map +1 -0
package/dist/plugins/magic-link/index.d.mts +61 -0
package/dist/plugins/magic-link/index.mjs +167 -0
package/dist/plugins/magic-link/index.mjs.map +1 -0
package/dist/plugins/magic-link/utils.mjs +12 -0
package/dist/plugins/magic-link/utils.mjs.map +1 -0
package/dist/plugins/mcp/authorize.mjs +133 -0
package/dist/plugins/mcp/authorize.mjs.map +1 -0
package/dist/plugins/mcp/index.d.mts +46 -0
package/dist/plugins/mcp/index.mjs +717 -0
package/dist/plugins/mcp/index.mjs.map +1 -0
package/dist/plugins/multi-session/client.d.mts +8 -0
package/dist/plugins/multi-session/client.mjs +20 -0
package/dist/plugins/multi-session/client.mjs.map +1 -0
package/dist/plugins/multi-session/error-codes.d.mts +5 -0
package/dist/plugins/multi-session/error-codes.mjs +8 -0
package/dist/plugins/multi-session/error-codes.mjs.map +1 -0
package/dist/plugins/multi-session/index.d.mts +22 -0
package/dist/plugins/multi-session/index.mjs +172 -0
package/dist/plugins/multi-session/index.mjs.map +1 -0
package/dist/plugins/oauth-proxy/index.d.mts +39 -0
package/dist/plugins/oauth-proxy/index.mjs +305 -0
package/dist/plugins/oauth-proxy/index.mjs.map +1 -0
package/dist/plugins/oauth-proxy/utils.mjs +44 -0
package/dist/plugins/oauth-proxy/utils.mjs.map +1 -0
package/dist/plugins/oidc-provider/authorize.mjs +194 -0
package/dist/plugins/oidc-provider/authorize.mjs.map +1 -0
package/dist/plugins/oidc-provider/client.d.mts +8 -0
package/dist/plugins/oidc-provider/client.mjs +11 -0
package/dist/plugins/oidc-provider/client.mjs.map +1 -0
package/dist/plugins/oidc-provider/error.mjs +17 -0
package/dist/plugins/oidc-provider/error.mjs.map +1 -0
package/dist/plugins/oidc-provider/index.d.mts +32 -0
package/dist/plugins/oidc-provider/index.mjs +1093 -0
package/dist/plugins/oidc-provider/index.mjs.map +1 -0
package/dist/plugins/oidc-provider/schema.d.mts +26 -0
package/dist/plugins/oidc-provider/schema.mjs +132 -0
package/dist/plugins/oidc-provider/schema.mjs.map +1 -0
package/dist/plugins/oidc-provider/types.d.mts +517 -0
package/dist/plugins/oidc-provider/utils/prompt.mjs +19 -0
package/dist/plugins/oidc-provider/utils/prompt.mjs.map +1 -0
package/dist/plugins/oidc-provider/utils.mjs +15 -0
package/dist/plugins/oidc-provider/utils.mjs.map +1 -0
package/dist/plugins/one-tap/client.d.mts +159 -0
package/dist/plugins/one-tap/client.mjs +214 -0
package/dist/plugins/one-tap/client.mjs.map +1 -0
package/dist/plugins/one-tap/index.d.mts +27 -0
package/dist/plugins/one-tap/index.mjs +96 -0
package/dist/plugins/one-tap/index.mjs.map +1 -0
package/dist/plugins/one-time-token/client.d.mts +7 -0
package/dist/plugins/one-time-token/client.mjs +11 -0
package/dist/plugins/one-time-token/client.mjs.map +1 -0
package/dist/plugins/one-time-token/index.d.mts +53 -0
package/dist/plugins/one-time-token/index.mjs +82 -0
package/dist/plugins/one-time-token/index.mjs.map +1 -0
package/dist/plugins/one-time-token/utils.mjs +12 -0
package/dist/plugins/one-time-token/utils.mjs.map +1 -0
package/dist/plugins/open-api/generator.d.mts +115 -0
package/dist/plugins/open-api/generator.mjs +315 -0
package/dist/plugins/open-api/generator.mjs.map +1 -0
package/dist/plugins/open-api/index.d.mts +45 -0
package/dist/plugins/open-api/index.mjs +67 -0
package/dist/plugins/open-api/index.mjs.map +1 -0
package/dist/plugins/open-api/logo.mjs +15 -0
package/dist/plugins/open-api/logo.mjs.map +1 -0
package/dist/plugins/organization/access/index.d.mts +2 -0
package/dist/plugins/organization/access/index.mjs +3 -0
package/dist/plugins/organization/access/statement.d.mts +249 -0
package/dist/plugins/organization/access/statement.mjs +81 -0
package/dist/plugins/organization/access/statement.mjs.map +1 -0
package/dist/plugins/organization/adapter.d.mts +205 -0
package/dist/plugins/organization/adapter.mjs +624 -0
package/dist/plugins/organization/adapter.mjs.map +1 -0
package/dist/plugins/organization/call.mjs +19 -0
package/dist/plugins/organization/call.mjs.map +1 -0
package/dist/plugins/organization/client.d.mts +151 -0
package/dist/plugins/organization/client.mjs +107 -0
package/dist/plugins/organization/client.mjs.map +1 -0
package/dist/plugins/organization/error-codes.d.mts +5 -0
package/dist/plugins/organization/error-codes.mjs +65 -0
package/dist/plugins/organization/error-codes.mjs.map +1 -0
package/dist/plugins/organization/has-permission.mjs +35 -0
package/dist/plugins/organization/has-permission.mjs.map +1 -0
package/dist/plugins/organization/index.d.mts +5 -0
package/dist/plugins/organization/index.mjs +4 -0
package/dist/plugins/organization/organization.d.mts +252 -0
package/dist/plugins/organization/organization.mjs +428 -0
package/dist/plugins/organization/organization.mjs.map +1 -0
package/dist/plugins/organization/permission.d.mts +26 -0
package/dist/plugins/organization/permission.mjs +16 -0
package/dist/plugins/organization/permission.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-access-control.d.mts +11 -0
package/dist/plugins/organization/routes/crud-access-control.mjs +656 -0
package/dist/plugins/organization/routes/crud-access-control.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-invites.d.mts +16 -0
package/dist/plugins/organization/routes/crud-invites.mjs +555 -0
package/dist/plugins/organization/routes/crud-invites.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-members.d.mts +13 -0
package/dist/plugins/organization/routes/crud-members.mjs +473 -0
package/dist/plugins/organization/routes/crud-members.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-org.d.mts +13 -0
package/dist/plugins/organization/routes/crud-org.mjs +447 -0
package/dist/plugins/organization/routes/crud-org.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-team.d.mts +15 -0
package/dist/plugins/organization/routes/crud-team.mjs +676 -0
package/dist/plugins/organization/routes/crud-team.mjs.map +1 -0
package/dist/plugins/organization/schema.d.mts +376 -0
package/dist/plugins/organization/schema.mjs +68 -0
package/dist/plugins/organization/schema.mjs.map +1 -0
package/dist/plugins/organization/types.d.mts +733 -0
package/dist/plugins/phone-number/client.d.mts +8 -0
package/dist/plugins/phone-number/client.mjs +20 -0
package/dist/plugins/phone-number/client.mjs.map +1 -0
package/dist/plugins/phone-number/error-codes.d.mts +5 -0
package/dist/plugins/phone-number/error-codes.mjs +21 -0
package/dist/plugins/phone-number/error-codes.mjs.map +1 -0
package/dist/plugins/phone-number/index.d.mts +14 -0
package/dist/plugins/phone-number/index.mjs +49 -0
package/dist/plugins/phone-number/index.mjs.map +1 -0
package/dist/plugins/phone-number/routes.mjs +459 -0
package/dist/plugins/phone-number/routes.mjs.map +1 -0
package/dist/plugins/phone-number/schema.d.mts +5 -0
package/dist/plugins/phone-number/schema.mjs +20 -0
package/dist/plugins/phone-number/schema.mjs.map +1 -0
package/dist/plugins/phone-number/types.d.mts +118 -0
package/dist/plugins/siwe/client.d.mts +5 -0
package/dist/plugins/siwe/client.mjs +11 -0
package/dist/plugins/siwe/client.mjs.map +1 -0
package/dist/plugins/siwe/error-codes.mjs +13 -0
package/dist/plugins/siwe/error-codes.mjs.map +1 -0
package/dist/plugins/siwe/index.d.mts +26 -0
package/dist/plugins/siwe/index.mjs +261 -0
package/dist/plugins/siwe/index.mjs.map +1 -0
package/dist/plugins/siwe/schema.d.mts +5 -0
package/dist/plugins/siwe/schema.mjs +32 -0
package/dist/plugins/siwe/schema.mjs.map +1 -0
package/dist/plugins/siwe/types.d.mts +44 -0
package/dist/plugins/two-factor/backup-codes/index.d.mts +91 -0
package/dist/plugins/two-factor/backup-codes/index.mjs +277 -0
package/dist/plugins/two-factor/backup-codes/index.mjs.map +1 -0
package/dist/plugins/two-factor/client.d.mts +17 -0
package/dist/plugins/two-factor/client.mjs +37 -0
package/dist/plugins/two-factor/client.mjs.map +1 -0
package/dist/plugins/two-factor/constant.mjs +8 -0
package/dist/plugins/two-factor/constant.mjs.map +1 -0
package/dist/plugins/two-factor/error-code.d.mts +5 -0
package/dist/plugins/two-factor/error-code.mjs +18 -0
package/dist/plugins/two-factor/error-code.mjs.map +1 -0
package/dist/plugins/two-factor/index.d.mts +19 -0
package/dist/plugins/two-factor/index.mjs +207 -0
package/dist/plugins/two-factor/index.mjs.map +1 -0
package/dist/plugins/two-factor/otp/index.d.mts +96 -0
package/dist/plugins/two-factor/otp/index.mjs +199 -0
package/dist/plugins/two-factor/otp/index.mjs.map +1 -0
package/dist/plugins/two-factor/schema.d.mts +5 -0
package/dist/plugins/two-factor/schema.mjs +36 -0
package/dist/plugins/two-factor/schema.mjs.map +1 -0
package/dist/plugins/two-factor/totp/index.d.mts +81 -0
package/dist/plugins/two-factor/totp/index.mjs +157 -0
package/dist/plugins/two-factor/totp/index.mjs.map +1 -0
package/dist/plugins/two-factor/types.d.mts +65 -0
package/dist/plugins/two-factor/utils.mjs +12 -0
package/dist/plugins/two-factor/utils.mjs.map +1 -0
package/dist/plugins/two-factor/verify-two-factor.mjs +76 -0
package/dist/plugins/two-factor/verify-two-factor.mjs.map +1 -0
package/dist/plugins/username/client.d.mts +7 -0
package/dist/plugins/username/client.mjs +18 -0
package/dist/plugins/username/client.mjs.map +1 -0
package/dist/plugins/username/error-codes.d.mts +5 -0
package/dist/plugins/username/error-codes.mjs +17 -0
package/dist/plugins/username/error-codes.mjs.map +1 -0
package/dist/plugins/username/index.d.mts +74 -0
package/dist/plugins/username/index.mjs +237 -0
package/dist/plugins/username/index.mjs.map +1 -0
package/dist/plugins/username/schema.d.mts +9 -0
package/dist/plugins/username/schema.mjs +26 -0
package/dist/plugins/username/schema.mjs.map +1 -0
package/dist/social-providers/index.d.mts +1 -0
package/dist/social-providers/index.mjs +3 -0
package/dist/state.d.mts +42 -0
package/dist/state.mjs +107 -0
package/dist/state.mjs.map +1 -0
package/dist/test-utils/headers.d.mts +9 -0
package/dist/test-utils/headers.mjs +24 -0
package/dist/test-utils/headers.mjs.map +1 -0
package/dist/test-utils/index.d.mts +3 -0
package/dist/test-utils/index.mjs +4 -0
package/dist/test-utils/test-instance.d.mts +181 -0
package/dist/test-utils/test-instance.mjs +210 -0
package/dist/test-utils/test-instance.mjs.map +1 -0
package/dist/types/adapter.d.mts +24 -0
package/dist/types/api.d.mts +29 -0
package/dist/types/auth.d.mts +30 -0
package/dist/types/helper.d.mts +21 -0
package/dist/types/index.d.mts +11 -0
package/dist/types/index.mjs +1 -0
package/dist/types/models.d.mts +17 -0
package/dist/types/plugins.d.mts +16 -0
package/dist/utils/boolean.mjs +8 -0
package/dist/utils/boolean.mjs.map +1 -0
package/dist/utils/constants.mjs +6 -0
package/dist/utils/constants.mjs.map +1 -0
package/dist/utils/date.mjs +8 -0
package/dist/utils/date.mjs.map +1 -0
package/dist/utils/get-request-ip.d.mts +7 -0
package/dist/utils/get-request-ip.mjs +23 -0
package/dist/utils/get-request-ip.mjs.map +1 -0
package/dist/utils/hashing.mjs +21 -0
package/dist/utils/hashing.mjs.map +1 -0
package/dist/utils/hide-metadata.d.mts +7 -0
package/dist/utils/hide-metadata.mjs +6 -0
package/dist/utils/hide-metadata.mjs.map +1 -0
package/dist/utils/index.d.mts +3 -0
package/dist/utils/index.mjs +5 -0
package/dist/utils/is-api-error.d.mts +7 -0
package/dist/utils/is-api-error.mjs +11 -0
package/dist/utils/is-api-error.mjs.map +1 -0
package/dist/utils/is-atom.mjs +8 -0
package/dist/utils/is-atom.mjs.map +1 -0
package/dist/utils/is-promise.mjs +8 -0
package/dist/utils/is-promise.mjs.map +1 -0
package/dist/utils/middleware-response.mjs +6 -0
package/dist/utils/middleware-response.mjs.map +1 -0
package/dist/utils/password.mjs +26 -0
package/dist/utils/password.mjs.map +1 -0
package/dist/utils/plugin-helper.mjs +17 -0
package/dist/utils/plugin-helper.mjs.map +1 -0
package/dist/utils/shim.mjs +24 -0
package/dist/utils/shim.mjs.map +1 -0
package/dist/utils/time.d.mts +49 -0
package/dist/utils/time.mjs +100 -0
package/dist/utils/time.mjs.map +1 -0
package/dist/utils/url.mjs +92 -0
package/dist/utils/url.mjs.map +1 -0
package/dist/utils/wildcard.mjs +108 -0
package/dist/utils/wildcard.mjs.map +1 -0
package/package.json +601 -0

package/dist/plugins/api-key/error-codes.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"error-codes.mjs","names":[],"sources":["../../../src/plugins/api-key/error-codes.ts"],"sourcesContent":["import { defineErrorCodes } from \"@better-auth/core/utils/error-codes\";\n\nexport const API_KEY_ERROR_CODES = defineErrorCodes({\n\tINVALID_METADATA_TYPE: \"metadata must be an object or undefined\",\n\tREFILL_AMOUNT_AND_INTERVAL_REQUIRED:\n\t\t\"refillAmount is required when refillInterval is provided\",\n\tREFILL_INTERVAL_AND_AMOUNT_REQUIRED:\n\t\t\"refillInterval is required when refillAmount is provided\",\n\tUSER_BANNED: \"User is banned\",\n\tUNAUTHORIZED_SESSION: \"Unauthorized or invalid session\",\n\tKEY_NOT_FOUND: \"API Key not found\",\n\tKEY_DISABLED: \"API Key is disabled\",\n\tKEY_EXPIRED: \"API Key has expired\",\n\tUSAGE_EXCEEDED: \"API Key has reached its usage limit\",\n\tKEY_NOT_RECOVERABLE: \"API Key is not recoverable\",\n\tEXPIRES_IN_IS_TOO_SMALL:\n\t\t\"The expiresIn is smaller than the predefined minimum value.\",\n\tEXPIRES_IN_IS_TOO_LARGE:\n\t\t\"The expiresIn is larger than the predefined maximum value.\",\n\tINVALID_REMAINING: \"The remaining count is either too large or too small.\",\n\tINVALID_PREFIX_LENGTH: \"The prefix length is either too large or too small.\",\n\tINVALID_NAME_LENGTH: \"The name length is either too large or too small.\",\n\tMETADATA_DISABLED: \"Metadata is disabled.\",\n\tRATE_LIMIT_EXCEEDED: \"Rate limit exceeded.\",\n\tNO_VALUES_TO_UPDATE: \"No values to update.\",\n\tKEY_DISABLED_EXPIRATION: \"Custom key expiration values are disabled.\",\n\tINVALID_API_KEY: \"Invalid API key.\",\n\tINVALID_USER_ID_FROM_API_KEY: \"The user id from the API key is invalid.\",\n\tINVALID_API_KEY_GETTER_RETURN_TYPE:\n\t\t\"API Key getter returned an invalid key type. Expected string.\",\n\tSERVER_ONLY_PROPERTY:\n\t\t\"The property you're trying to set can only be set from the server auth instance only.\",\n\tFAILED_TO_UPDATE_API_KEY: \"Failed to update API key\",\n\tNAME_REQUIRED: \"API Key name is required.\",\n});\n"],"mappings":";;;AAEA,MAAa,sBAAsB,iBAAiB;CACnD,uBAAuB;CACvB,qCACC;CACD,qCACC;CACD,aAAa;CACb,sBAAsB;CACtB,eAAe;CACf,cAAc;CACd,aAAa;CACb,gBAAgB;CAChB,qBAAqB;CACrB,yBACC;CACD,yBACC;CACD,mBAAmB;CACnB,uBAAuB;CACvB,qBAAqB;CACrB,mBAAmB;CACnB,qBAAqB;CACrB,qBAAqB;CACrB,yBAAyB;CACzB,iBAAiB;CACjB,8BAA8B;CAC9B,oCACC;CACD,sBACC;CACD,0BAA0B;CAC1B,eAAe;CACf,CAAC"}

package/dist/plugins/api-key/index.d.mts ADDED Viewed

@@ -0,0 +1,17 @@
+import { API_KEY_ERROR_CODES } from "./error-codes.mjs";
+import { ApiKey, ApiKeyOptions } from "./types.mjs";
+//#region src/plugins/api-key/index.d.ts
+declare module "@better-auth/core" {
+  interface BetterAuthPluginRegistry<AuthOptions, Options> {
+    "api-key": {
+      creator: typeof apiKey;
+    };
+  }
+}
+declare const defaultKeyHasher: (key: string) => Promise<string>;
+declare const API_KEY_TABLE_NAME = "apikey";
+declare const apiKey: (options?: ApiKeyOptions | undefined) => BetterAuthPlugin;
+//#endregion
+export { API_KEY_TABLE_NAME, apiKey, defaultKeyHasher };
+//# sourceMappingURL=index.d.mts.map

package/dist/plugins/api-key/index.mjs ADDED Viewed

@@ -0,0 +1,134 @@
+import { getIp } from "../../utils/get-request-ip.mjs";
+import { generateRandomString } from "../../crypto/random.mjs";
+import { mergeSchema } from "../../db/schema.mjs";
+import { getDate } from "../../utils/date.mjs";
+import "../../db/index.mjs";
+import { APIError } from "../../api/index.mjs";
+import { API_KEY_ERROR_CODES } from "./error-codes.mjs";
+import { validateApiKey } from "./routes/verify-api-key.mjs";
+import { createApiKeyRoutes, deleteAllExpiredApiKeys } from "./routes/index.mjs";
+import { apiKeySchema } from "./schema.mjs";
+import { createAuthMiddleware } from "@better-auth/core/api";
+import { createHash } from "@better-auth/utils/hash";
+import { base64Url } from "@better-auth/utils/base64";
+//#region src/plugins/api-key/index.ts
+const defaultKeyHasher = async (key) => {
+	const hash = await createHash("SHA-256").digest(new TextEncoder().encode(key));
+	return base64Url.encode(new Uint8Array(hash), { padding: false });
+};
+const API_KEY_TABLE_NAME = "apikey";
+const apiKey = (options) => {
+	const opts = {
+		...options,
+		apiKeyHeaders: options?.apiKeyHeaders ?? "x-api-key",
+		defaultKeyLength: options?.defaultKeyLength || 64,
+		maximumPrefixLength: options?.maximumPrefixLength ?? 32,
+		minimumPrefixLength: options?.minimumPrefixLength ?? 1,
+		maximumNameLength: options?.maximumNameLength ?? 32,
+		minimumNameLength: options?.minimumNameLength ?? 1,
+		enableMetadata: options?.enableMetadata ?? false,
+		disableKeyHashing: options?.disableKeyHashing ?? false,
+		requireName: options?.requireName ?? false,
+		storage: options?.storage ?? "database",
+		rateLimit: {
+			enabled: options?.rateLimit?.enabled === void 0 ? true : options?.rateLimit?.enabled,
+			timeWindow: options?.rateLimit?.timeWindow ?? 1e3 * 60 * 60 * 24,
+			maxRequests: options?.rateLimit?.maxRequests ?? 10
+		},
+		keyExpiration: {
+			defaultExpiresIn: options?.keyExpiration?.defaultExpiresIn ?? null,
+			disableCustomExpiresTime: options?.keyExpiration?.disableCustomExpiresTime ?? false,
+			maxExpiresIn: options?.keyExpiration?.maxExpiresIn ?? 365,
+			minExpiresIn: options?.keyExpiration?.minExpiresIn ?? 1
+		},
+		startingCharactersConfig: {
+			shouldStore: options?.startingCharactersConfig?.shouldStore ?? true,
+			charactersLength: options?.startingCharactersConfig?.charactersLength ?? 6
+		},
+		enableSessionForAPIKeys: options?.enableSessionForAPIKeys ?? false,
+		fallbackToDatabase: options?.fallbackToDatabase ?? false,
+		customStorage: options?.customStorage,
+		deferUpdates: options?.deferUpdates ?? false
+	};
+	const schema = mergeSchema(apiKeySchema({
+		rateLimitMax: opts.rateLimit.maxRequests,
+		timeWindow: opts.rateLimit.timeWindow
+	}), opts.schema);
+	const getter = opts.customAPIKeyGetter || ((ctx) => {
+		if (Array.isArray(opts.apiKeyHeaders)) for (const header of opts.apiKeyHeaders) {
+			const value = ctx.headers?.get(header);
+			if (value) return value;
+		}
+		else return ctx.headers?.get(opts.apiKeyHeaders);
+	});
+	const routes = createApiKeyRoutes({
+		keyGenerator: opts.customKeyGenerator || (async (options) => {
+			const key = generateRandomString(options.length, "a-z", "A-Z");
+			return `${options.prefix || ""}${key}`;
+		}),
+		opts,
+		schema
+	});
+	return {
+		id: "api-key",
+		$ERROR_CODES: API_KEY_ERROR_CODES,
+		hooks: { before: [{
+			matcher: (ctx) => !!getter(ctx) && opts.enableSessionForAPIKeys,
+			handler: createAuthMiddleware(async (ctx) => {
+				const key = getter(ctx);
+				if (typeof key !== "string") throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.INVALID_API_KEY_GETTER_RETURN_TYPE);
+				if (key.length < opts.defaultKeyLength) throw APIError.from("FORBIDDEN", API_KEY_ERROR_CODES.INVALID_API_KEY);
+				if (opts.customAPIKeyValidator) {
+					if (!await opts.customAPIKeyValidator({
+						ctx,
+						key
+					})) throw APIError.from("FORBIDDEN", API_KEY_ERROR_CODES.INVALID_API_KEY);
+				}
+				const apiKey = await validateApiKey({
+					hashedKey: opts.disableKeyHashing ? key : await defaultKeyHasher(key),
+					ctx,
+					opts,
+					schema
+				});
+				const cleanupTask = deleteAllExpiredApiKeys(ctx.context).catch((err) => {
+					ctx.context.logger.error("Failed to delete expired API keys:", err);
+				});
+				if (opts.deferUpdates) ctx.context.runInBackground(cleanupTask);
+				const user = await ctx.context.internalAdapter.findUserById(apiKey.userId);
+				if (!user) throw APIError.from("UNAUTHORIZED", API_KEY_ERROR_CODES.INVALID_USER_ID_FROM_API_KEY);
+				const session = {
+					user,
+					session: {
+						id: apiKey.id,
+						token: key,
+						userId: apiKey.userId,
+						userAgent: ctx.request?.headers.get("user-agent") ?? null,
+						ipAddress: ctx.request ? getIp(ctx.request, ctx.context.options) : null,
+						createdAt: /* @__PURE__ */ new Date(),
+						updatedAt: /* @__PURE__ */ new Date(),
+						expiresAt: apiKey.expiresAt || getDate(ctx.context.options.session?.expiresIn || 3600 * 24 * 7, "ms")
+					}
+				};
+				ctx.context.session = session;
+				if (ctx.path === "/get-session") return session;
+				else return { context: ctx };
+			})
+		}] },
+		endpoints: {
+			createApiKey: routes.createApiKey,
+			verifyApiKey: routes.verifyApiKey,
+			getApiKey: routes.getApiKey,
+			updateApiKey: routes.updateApiKey,
+			deleteApiKey: routes.deleteApiKey,
+			listApiKeys: routes.listApiKeys,
+			deleteAllExpiredApiKeys: routes.deleteAllExpiredApiKeys
+		},
+		schema,
+		options
+	};
+};
+//#endregion
+export { API_KEY_TABLE_NAME, apiKey, defaultKeyHasher };
+//# sourceMappingURL=index.mjs.map

package/dist/plugins/api-key/index.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.mjs","names":[],"sources":["../../../src/plugins/api-key/index.ts"],"sourcesContent":["import type { BetterAuthPlugin } from \"@better-auth/core\";\nimport { createAuthMiddleware } from \"@better-auth/core/api\";\nimport { base64Url } from \"@better-auth/utils/base64\";\nimport { createHash } from \"@better-auth/utils/hash\";\nimport { APIError } from \"../../api\";\nimport { generateRandomString } from \"../../crypto/random\";\nimport { mergeSchema } from \"../../db\";\nimport { getDate } from \"../../utils/date\";\nimport { getIp } from \"../../utils/get-request-ip\";\nimport { createApiKeyRoutes, deleteAllExpiredApiKeys } from \"./routes\";\nimport { validateApiKey } from \"./routes/verify-api-key\";\nimport { apiKeySchema } from \"./schema\";\nimport type { ApiKeyOptions } from \"./types\";\n\ndeclare module \"@better-auth/core\" {\n\tinterface BetterAuthPluginRegistry<AuthOptions, Options> {\n\t\t\"api-key\": {\n\t\t\tcreator: typeof apiKey;\n\t\t};\n\t}\n}\n\nexport const defaultKeyHasher = async (key: string) => {\n\tconst hash = await createHash(\"SHA-256\").digest(\n\t\tnew TextEncoder().encode(key),\n\t);\n\tconst hashed = base64Url.encode(new Uint8Array(hash), {\n\t\tpadding: false,\n\t});\n\treturn hashed;\n};\n\nimport { API_KEY_ERROR_CODES } from \"./error-codes\";\n\nexport { API_KEY_ERROR_CODES } from \"./error-codes\";\n\nexport const API_KEY_TABLE_NAME = \"apikey\";\n\nexport const apiKey = (options?: ApiKeyOptions | undefined) => {\n\tconst opts = {\n\t\t...options,\n\t\tapiKeyHeaders: options?.apiKeyHeaders ?? \"x-api-key\",\n\t\tdefaultKeyLength: options?.defaultKeyLength || 64,\n\t\tmaximumPrefixLength: options?.maximumPrefixLength ?? 32,\n\t\tminimumPrefixLength: options?.minimumPrefixLength ?? 1,\n\t\tmaximumNameLength: options?.maximumNameLength ?? 32,\n\t\tminimumNameLength: options?.minimumNameLength ?? 1,\n\t\tenableMetadata: options?.enableMetadata ?? false,\n\t\tdisableKeyHashing: options?.disableKeyHashing ?? false,\n\t\trequireName: options?.requireName ?? false,\n\t\tstorage: options?.storage ?? \"database\",\n\t\trateLimit: {\n\t\t\tenabled:\n\t\t\t\toptions?.rateLimit?.enabled === undefined\n\t\t\t\t\t? true\n\t\t\t\t\t: options?.rateLimit?.enabled,\n\t\t\ttimeWindow: options?.rateLimit?.timeWindow ?? 1000 * 60 * 60 * 24,\n\t\t\tmaxRequests: options?.rateLimit?.maxRequests ?? 10,\n\t\t},\n\t\tkeyExpiration: {\n\t\t\tdefaultExpiresIn: options?.keyExpiration?.defaultExpiresIn ?? null,\n\t\t\tdisableCustomExpiresTime:\n\t\t\t\toptions?.keyExpiration?.disableCustomExpiresTime ?? false,\n\t\t\tmaxExpiresIn: options?.keyExpiration?.maxExpiresIn ?? 365,\n\t\t\tminExpiresIn: options?.keyExpiration?.minExpiresIn ?? 1,\n\t\t},\n\t\tstartingCharactersConfig: {\n\t\t\tshouldStore: options?.startingCharactersConfig?.shouldStore ?? true,\n\t\t\tcharactersLength:\n\t\t\t\toptions?.startingCharactersConfig?.charactersLength ?? 6,\n\t\t},\n\t\tenableSessionForAPIKeys: options?.enableSessionForAPIKeys ?? false,\n\t\tfallbackToDatabase: options?.fallbackToDatabase ?? false,\n\t\tcustomStorage: options?.customStorage,\n\t\tdeferUpdates: options?.deferUpdates ?? false,\n\t} satisfies ApiKeyOptions;\n\n\tconst schema = mergeSchema(\n\t\tapiKeySchema({\n\t\t\trateLimitMax: opts.rateLimit.maxRequests,\n\t\t\ttimeWindow: opts.rateLimit.timeWindow,\n\t\t}),\n\t\topts.schema,\n\t);\n\n\tconst getter =\n\t\topts.customAPIKeyGetter ||\n\t\t((ctx) => {\n\t\t\tif (Array.isArray(opts.apiKeyHeaders)) {\n\t\t\t\tfor (const header of opts.apiKeyHeaders) {\n\t\t\t\t\tconst value = ctx.headers?.get(header);\n\t\t\t\t\tif (value) {\n\t\t\t\t\t\treturn value;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t} else {\n\t\t\t\treturn ctx.headers?.get(opts.apiKeyHeaders);\n\t\t\t}\n\t\t});\n\n\tconst keyGenerator =\n\t\topts.customKeyGenerator ||\n\t\t(async (options: { length: number; prefix: string | undefined }) => {\n\t\t\tconst key = generateRandomString(options.length, \"a-z\", \"A-Z\");\n\t\t\treturn `${options.prefix || \"\"}${key}`;\n\t\t});\n\n\tconst routes = createApiKeyRoutes({ keyGenerator, opts, schema });\n\n\treturn {\n\t\tid: \"api-key\",\n\t\t$ERROR_CODES: API_KEY_ERROR_CODES,\n\t\thooks: {\n\t\t\tbefore: [\n\t\t\t\t{\n\t\t\t\t\tmatcher: (ctx) => !!getter(ctx) && opts.enableSessionForAPIKeys,\n\t\t\t\t\thandler: createAuthMiddleware(async (ctx) => {\n\t\t\t\t\t\tconst key = getter(ctx)!;\n\n\t\t\t\t\t\tif (typeof key !== \"string\") {\n\t\t\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\t\t\tAPI_KEY_ERROR_CODES.INVALID_API_KEY_GETTER_RETURN_TYPE,\n\t\t\t\t\t\t\t);\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\tif (key.length < opts.defaultKeyLength) {\n\t\t\t\t\t\t\t// if the key is shorter than the default key length, than we know the key is invalid.\n\t\t\t\t\t\t\t// we can't check if the key is exactly equal to the default key length, because\n\t\t\t\t\t\t\t// a prefix may be added to the key.\n\t\t\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\t\t\t\tAPI_KEY_ERROR_CODES.INVALID_API_KEY,\n\t\t\t\t\t\t\t);\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\tif (opts.customAPIKeyValidator) {\n\t\t\t\t\t\t\tconst isValid = await opts.customAPIKeyValidator({ ctx, key });\n\t\t\t\t\t\t\tif (!isValid) {\n\t\t\t\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\t\t\t\t\tAPI_KEY_ERROR_CODES.INVALID_API_KEY,\n\t\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\tconst hashed = opts.disableKeyHashing\n\t\t\t\t\t\t\t? key\n\t\t\t\t\t\t\t: await defaultKeyHasher(key);\n\n\t\t\t\t\t\tconst apiKey = await validateApiKey({\n\t\t\t\t\t\t\thashedKey: hashed,\n\t\t\t\t\t\t\tctx,\n\t\t\t\t\t\t\topts,\n\t\t\t\t\t\t\tschema,\n\t\t\t\t\t\t});\n\n\t\t\t\t\t\tconst cleanupTask = deleteAllExpiredApiKeys(ctx.context).catch(\n\t\t\t\t\t\t\t(err) => {\n\t\t\t\t\t\t\t\tctx.context.logger.error(\n\t\t\t\t\t\t\t\t\t\"Failed to delete expired API keys:\",\n\t\t\t\t\t\t\t\t\terr,\n\t\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t);\n\t\t\t\t\t\tif (opts.deferUpdates) {\n\t\t\t\t\t\t\tctx.context.runInBackground(cleanupTask);\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\tconst user = await ctx.context.internalAdapter.findUserById(\n\t\t\t\t\t\t\tapiKey.userId,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tif (!user) {\n\t\t\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\t\t\"UNAUTHORIZED\",\n\t\t\t\t\t\t\t\tAPI_KEY_ERROR_CODES.INVALID_USER_ID_FROM_API_KEY,\n\t\t\t\t\t\t\t);\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\tconst session = {\n\t\t\t\t\t\t\tuser,\n\t\t\t\t\t\t\tsession: {\n\t\t\t\t\t\t\t\tid: apiKey.id,\n\t\t\t\t\t\t\t\ttoken: key,\n\t\t\t\t\t\t\t\tuserId: apiKey.userId,\n\t\t\t\t\t\t\t\tuserAgent: ctx.request?.headers.get(\"user-agent\") ?? null,\n\t\t\t\t\t\t\t\tipAddress: ctx.request\n\t\t\t\t\t\t\t\t\t? getIp(ctx.request, ctx.context.options)\n\t\t\t\t\t\t\t\t\t: null,\n\t\t\t\t\t\t\t\tcreatedAt: new Date(),\n\t\t\t\t\t\t\t\tupdatedAt: new Date(),\n\t\t\t\t\t\t\t\texpiresAt:\n\t\t\t\t\t\t\t\t\tapiKey.expiresAt ||\n\t\t\t\t\t\t\t\t\tgetDate(\n\t\t\t\t\t\t\t\t\t\tctx.context.options.session?.expiresIn || 60 * 60 * 24 * 7, // 7 days\n\t\t\t\t\t\t\t\t\t\t\"ms\",\n\t\t\t\t\t\t\t\t\t),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t};\n\n\t\t\t\t\t\t// Always set the session context for API key authentication\n\t\t\t\t\t\tctx.context.session = session;\n\n\t\t\t\t\t\tif (ctx.path === \"/get-session\") {\n\t\t\t\t\t\t\treturn session;\n\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\treturn {\n\t\t\t\t\t\t\t\tcontext: ctx,\n\t\t\t\t\t\t\t};\n\t\t\t\t\t\t}\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t],\n\t\t},\n\t\tendpoints: {\n\t\t\t/**\n\t\t\t * ### Endpoint\n\t\t\t *\n\t\t\t * POST `/api-key/create`\n\t\t\t *\n\t\t\t * ### API Methods\n\t\t\t *\n\t\t\t * **server:**\n\t\t\t * `auth.api.createApiKey`\n\t\t\t *\n\t\t\t * **client:**\n\t\t\t * `authClient.apiKey.create`\n\t\t\t *\n\t\t\t * @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/api-key#api-method-api-key-create)\n\t\t\t */\n\t\t\tcreateApiKey: routes.createApiKey,\n\t\t\t/**\n\t\t\t * ### Endpoint\n\t\t\t *\n\t\t\t * POST `/api-key/verify`\n\t\t\t *\n\t\t\t * ### API Methods\n\t\t\t *\n\t\t\t * **server:**\n\t\t\t * `auth.api.verifyApiKey`\n\t\t\t *\n\t\t\t * @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/api-key#api-method-api-key-verify)\n\t\t\t */\n\t\t\tverifyApiKey: routes.verifyApiKey,\n\t\t\t/**\n\t\t\t * ### Endpoint\n\t\t\t *\n\t\t\t * GET `/api-key/get`\n\t\t\t *\n\t\t\t * ### API Methods\n\t\t\t *\n\t\t\t * **server:**\n\t\t\t * `auth.api.getApiKey`\n\t\t\t *\n\t\t\t * **client:**\n\t\t\t * `authClient.apiKey.get`\n\t\t\t *\n\t\t\t * @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/api-key#api-method-api-key-get)\n\t\t\t */\n\t\t\tgetApiKey: routes.getApiKey,\n\t\t\t/**\n\t\t\t * ### Endpoint\n\t\t\t *\n\t\t\t * POST `/api-key/update`\n\t\t\t *\n\t\t\t * ### API Methods\n\t\t\t *\n\t\t\t * **server:**\n\t\t\t * `auth.api.updateApiKey`\n\t\t\t *\n\t\t\t * **client:**\n\t\t\t * `authClient.apiKey.update`\n\t\t\t *\n\t\t\t * @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/api-key#api-method-api-key-update)\n\t\t\t */\n\t\t\tupdateApiKey: routes.updateApiKey,\n\t\t\t/**\n\t\t\t * ### Endpoint\n\t\t\t *\n\t\t\t * POST `/api-key/delete`\n\t\t\t *\n\t\t\t * ### API Methods\n\t\t\t *\n\t\t\t * **server:**\n\t\t\t * `auth.api.deleteApiKey`\n\t\t\t *\n\t\t\t * **client:**\n\t\t\t * `authClient.apiKey.delete`\n\t\t\t *\n\t\t\t * @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/api-key#api-method-api-key-delete)\n\t\t\t */\n\t\t\tdeleteApiKey: routes.deleteApiKey,\n\t\t\t/**\n\t\t\t * ### Endpoint\n\t\t\t *\n\t\t\t * GET `/api-key/list`\n\t\t\t *\n\t\t\t * ### API Methods\n\t\t\t *\n\t\t\t * **server:**\n\t\t\t * `auth.api.listApiKeys`\n\t\t\t *\n\t\t\t * **client:**\n\t\t\t * `authClient.apiKey.list`\n\t\t\t *\n\t\t\t * @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/api-key#api-method-api-key-list)\n\t\t\t */\n\t\t\tlistApiKeys: routes.listApiKeys,\n\t\t\t/**\n\t\t\t * ### Endpoint\n\t\t\t *\n\t\t\t * POST `/api-key/delete-all-expired-api-keys`\n\t\t\t *\n\t\t\t * ### API Methods\n\t\t\t *\n\t\t\t * **server:**\n\t\t\t * `auth.api.deleteAllExpiredApiKeys`\n\t\t\t *\n\t\t\t * @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/api-key#api-method-api-key-delete-all-expired-api-keys)\n\t\t\t */\n\t\t\tdeleteAllExpiredApiKeys: routes.deleteAllExpiredApiKeys,\n\t\t},\n\t\tschema,\n\t\toptions,\n\t} satisfies BetterAuthPlugin;\n};\n\nexport type * from \"./types\";\n"],"mappings":";;;;;;;;;;;;;;;AAsBA,MAAa,mBAAmB,OAAO,QAAgB;CACtD,MAAM,OAAO,MAAM,WAAW,UAAU,CAAC,OACxC,IAAI,aAAa,CAAC,OAAO,IAAI,CAC7B;AAID,QAHe,UAAU,OAAO,IAAI,WAAW,KAAK,EAAE,EACrD,SAAS,OACT,CAAC;;AAQH,MAAa,qBAAqB;AAElC,MAAa,UAAU,YAAwC;CAC9D,MAAM,OAAO;EACZ,GAAG;EACH,eAAe,SAAS,iBAAiB;EACzC,kBAAkB,SAAS,oBAAoB;EAC/C,qBAAqB,SAAS,uBAAuB;EACrD,qBAAqB,SAAS,uBAAuB;EACrD,mBAAmB,SAAS,qBAAqB;EACjD,mBAAmB,SAAS,qBAAqB;EACjD,gBAAgB,SAAS,kBAAkB;EAC3C,mBAAmB,SAAS,qBAAqB;EACjD,aAAa,SAAS,eAAe;EACrC,SAAS,SAAS,WAAW;EAC7B,WAAW;GACV,SACC,SAAS,WAAW,YAAY,SAC7B,OACA,SAAS,WAAW;GACxB,YAAY,SAAS,WAAW,cAAc,MAAO,KAAK,KAAK;GAC/D,aAAa,SAAS,WAAW,eAAe;GAChD;EACD,eAAe;GACd,kBAAkB,SAAS,eAAe,oBAAoB;GAC9D,0BACC,SAAS,eAAe,4BAA4B;GACrD,cAAc,SAAS,eAAe,gBAAgB;GACtD,cAAc,SAAS,eAAe,gBAAgB;GACtD;EACD,0BAA0B;GACzB,aAAa,SAAS,0BAA0B,eAAe;GAC/D,kBACC,SAAS,0BAA0B,oBAAoB;GACxD;EACD,yBAAyB,SAAS,2BAA2B;EAC7D,oBAAoB,SAAS,sBAAsB;EACnD,eAAe,SAAS;EACxB,cAAc,SAAS,gBAAgB;EACvC;CAED,MAAM,SAAS,YACd,aAAa;EACZ,cAAc,KAAK,UAAU;EAC7B,YAAY,KAAK,UAAU;EAC3B,CAAC,EACF,KAAK,OACL;CAED,MAAM,SACL,KAAK,wBACH,QAAQ;AACT,MAAI,MAAM,QAAQ,KAAK,cAAc,CACpC,MAAK,MAAM,UAAU,KAAK,eAAe;GACxC,MAAM,QAAQ,IAAI,SAAS,IAAI,OAAO;AACtC,OAAI,MACH,QAAO;;MAIT,QAAO,IAAI,SAAS,IAAI,KAAK,cAAc;;CAW9C,MAAM,SAAS,mBAAmB;EAAE,cANnC,KAAK,uBACJ,OAAO,YAA4D;GACnE,MAAM,MAAM,qBAAqB,QAAQ,QAAQ,OAAO,MAAM;AAC9D,UAAO,GAAG,QAAQ,UAAU,KAAK;;EAGe;EAAM;EAAQ,CAAC;AAEjE,QAAO;EACN,IAAI;EACJ,cAAc;EACd,OAAO,EACN,QAAQ,CACP;GACC,UAAU,QAAQ,CAAC,CAAC,OAAO,IAAI,IAAI,KAAK;GACxC,SAAS,qBAAqB,OAAO,QAAQ;IAC5C,MAAM,MAAM,OAAO,IAAI;AAEvB,QAAI,OAAO,QAAQ,SAClB,OAAM,SAAS,KACd,eACA,oBAAoB,mCACpB;AAGF,QAAI,IAAI,SAAS,KAAK,iBAIrB,OAAM,SAAS,KACd,aACA,oBAAoB,gBACpB;AAGF,QAAI,KAAK,uBAER;SAAI,CADY,MAAM,KAAK,sBAAsB;MAAE;MAAK;MAAK,CAAC,CAE7D,OAAM,SAAS,KACd,aACA,oBAAoB,gBACpB;;IAQH,MAAM,SAAS,MAAM,eAAe;KACnC,WALc,KAAK,oBACjB,MACA,MAAM,iBAAiB,IAAI;KAI7B;KACA;KACA;KACA,CAAC;IAEF,MAAM,cAAc,wBAAwB,IAAI,QAAQ,CAAC,OACvD,QAAQ;AACR,SAAI,QAAQ,OAAO,MAClB,sCACA,IACA;MAEF;AACD,QAAI,KAAK,aACR,KAAI,QAAQ,gBAAgB,YAAY;IAGzC,MAAM,OAAO,MAAM,IAAI,QAAQ,gBAAgB,aAC9C,OAAO,OACP;AACD,QAAI,CAAC,KACJ,OAAM,SAAS,KACd,gBACA,oBAAoB,6BACpB;IAGF,MAAM,UAAU;KACf;KACA,SAAS;MACR,IAAI,OAAO;MACX,OAAO;MACP,QAAQ,OAAO;MACf,WAAW,IAAI,SAAS,QAAQ,IAAI,aAAa,IAAI;MACrD,WAAW,IAAI,UACZ,MAAM,IAAI,SAAS,IAAI,QAAQ,QAAQ,GACvC;MACH,2BAAW,IAAI,MAAM;MACrB,2BAAW,IAAI,MAAM;MACrB,WACC,OAAO,aACP,QACC,IAAI,QAAQ,QAAQ,SAAS,aAAa,OAAU,KAAK,GACzD,KACA;MACF;KACD;AAGD,QAAI,QAAQ,UAAU;AAEtB,QAAI,IAAI,SAAS,eAChB,QAAO;QAEP,QAAO,EACN,SAAS,KACT;KAED;GACF,CACD,EACD;EACD,WAAW;GAgBV,cAAc,OAAO;GAarB,cAAc,OAAO;GAgBrB,WAAW,OAAO;GAgBlB,cAAc,OAAO;GAgBrB,cAAc,OAAO;GAgBrB,aAAa,OAAO;GAapB,yBAAyB,OAAO;GAChC;EACD;EACA;EACA"}

package/dist/plugins/api-key/rate-limit.mjs ADDED Viewed

@@ -0,0 +1,74 @@
+import { API_KEY_ERROR_CODES } from "./error-codes.mjs";
+import "./index.mjs";
+//#region src/plugins/api-key/rate-limit.ts
+/**
+* Determines if a request is allowed based on rate limiting parameters.
+*
+* @returns An object indicating whether the request is allowed and, if not,
+*          a message and updated ApiKey data.
+*/
+function isRateLimited(apiKey, opts) {
+	const now = /* @__PURE__ */ new Date();
+	const lastRequest = apiKey.lastRequest;
+	const rateLimitTimeWindow = apiKey.rateLimitTimeWindow;
+	const rateLimitMax = apiKey.rateLimitMax;
+	let requestCount = apiKey.requestCount;
+	if (opts.rateLimit.enabled === false) return {
+		success: true,
+		message: null,
+		update: { lastRequest: now },
+		tryAgainIn: null
+	};
+	if (apiKey.rateLimitEnabled === false) return {
+		success: true,
+		message: null,
+		update: { lastRequest: now },
+		tryAgainIn: null
+	};
+	if (rateLimitTimeWindow === null || rateLimitMax === null) return {
+		success: true,
+		message: null,
+		update: null,
+		tryAgainIn: null
+	};
+	if (lastRequest === null) return {
+		success: true,
+		message: null,
+		update: {
+			lastRequest: now,
+			requestCount: 1
+		},
+		tryAgainIn: null
+	};
+	const timeSinceLastRequest = now.getTime() - new Date(lastRequest).getTime();
+	if (timeSinceLastRequest > rateLimitTimeWindow) return {
+		success: true,
+		message: null,
+		update: {
+			lastRequest: now,
+			requestCount: 1
+		},
+		tryAgainIn: null
+	};
+	if (requestCount >= rateLimitMax) return {
+		success: false,
+		message: API_KEY_ERROR_CODES.RATE_LIMIT_EXCEEDED.message,
+		update: null,
+		tryAgainIn: Math.ceil(rateLimitTimeWindow - timeSinceLastRequest)
+	};
+	requestCount++;
+	return {
+		success: true,
+		message: null,
+		tryAgainIn: null,
+		update: {
+			lastRequest: now,
+			requestCount
+		}
+	};
+}
+//#endregion
+export { isRateLimited };
+//# sourceMappingURL=rate-limit.mjs.map

package/dist/plugins/api-key/rate-limit.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"rate-limit.mjs","names":["ERROR_CODES"],"sources":["../../../src/plugins/api-key/rate-limit.ts"],"sourcesContent":["import { API_KEY_ERROR_CODES as ERROR_CODES } from \".\";\nimport type { PredefinedApiKeyOptions } from \"./routes\";\nimport type { ApiKey } from \"./types\";\n\ninterface RateLimitResult {\n\tsuccess: boolean;\n\tmessage: string | null;\n\ttryAgainIn: number | null;\n\tupdate: Partial<ApiKey> | null;\n}\n\n/**\n * Determines if a request is allowed based on rate limiting parameters.\n *\n * @returns An object indicating whether the request is allowed and, if not,\n * a message and updated ApiKey data.\n */\nexport function isRateLimited(\n\t/**\n\t * The ApiKey object containing rate limiting information\n\t */\n\tapiKey: ApiKey,\n\topts: PredefinedApiKeyOptions,\n): RateLimitResult {\n\tconst now = new Date();\n\tconst lastRequest = apiKey.lastRequest;\n\tconst rateLimitTimeWindow = apiKey.rateLimitTimeWindow;\n\tconst rateLimitMax = apiKey.rateLimitMax;\n\tlet requestCount = apiKey.requestCount;\n\n\tif (opts.rateLimit.enabled === false)\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tmessage: null,\n\t\t\tupdate: { lastRequest: now },\n\t\t\ttryAgainIn: null,\n\t\t};\n\n\tif (apiKey.rateLimitEnabled === false)\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tmessage: null,\n\t\t\tupdate: { lastRequest: now },\n\t\t\ttryAgainIn: null,\n\t\t};\n\n\tif (rateLimitTimeWindow === null || rateLimitMax === null) {\n\t\t// Rate limiting is disabled.\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tmessage: null,\n\t\t\tupdate: null,\n\t\t\ttryAgainIn: null,\n\t\t};\n\t}\n\n\tif (lastRequest === null) {\n\t\t// No previous requests, so allow the first one.\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tmessage: null,\n\t\t\tupdate: { lastRequest: now, requestCount: 1 },\n\t\t\ttryAgainIn: null,\n\t\t};\n\t}\n\n\tconst timeSinceLastRequest = now.getTime() - new Date(lastRequest).getTime();\n\n\tif (timeSinceLastRequest > rateLimitTimeWindow) {\n\t\t// Time window has passed, reset the request count.\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tmessage: null,\n\t\t\tupdate: { lastRequest: now, requestCount: 1 },\n\t\t\ttryAgainIn: null,\n\t\t};\n\t}\n\n\tif (requestCount >= rateLimitMax) {\n\t\t// Rate limit exceeded.\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\tmessage: ERROR_CODES.RATE_LIMIT_EXCEEDED.message,\n\t\t\tupdate: null,\n\t\t\ttryAgainIn: Math.ceil(rateLimitTimeWindow - timeSinceLastRequest),\n\t\t};\n\t}\n\n\t// Request is allowed.\n\trequestCount++;\n\treturn {\n\t\tsuccess: true,\n\t\tmessage: null,\n\t\ttryAgainIn: null,\n\t\tupdate: { lastRequest: now, requestCount: requestCount },\n\t};\n}\n"],"mappings":";;;;;;;;;;AAiBA,SAAgB,cAIf,QACA,MACkB;CAClB,MAAM,sBAAM,IAAI,MAAM;CACtB,MAAM,cAAc,OAAO;CAC3B,MAAM,sBAAsB,OAAO;CACnC,MAAM,eAAe,OAAO;CAC5B,IAAI,eAAe,OAAO;AAE1B,KAAI,KAAK,UAAU,YAAY,MAC9B,QAAO;EACN,SAAS;EACT,SAAS;EACT,QAAQ,EAAE,aAAa,KAAK;EAC5B,YAAY;EACZ;AAEF,KAAI,OAAO,qBAAqB,MAC/B,QAAO;EACN,SAAS;EACT,SAAS;EACT,QAAQ,EAAE,aAAa,KAAK;EAC5B,YAAY;EACZ;AAEF,KAAI,wBAAwB,QAAQ,iBAAiB,KAEpD,QAAO;EACN,SAAS;EACT,SAAS;EACT,QAAQ;EACR,YAAY;EACZ;AAGF,KAAI,gBAAgB,KAEnB,QAAO;EACN,SAAS;EACT,SAAS;EACT,QAAQ;GAAE,aAAa;GAAK,cAAc;GAAG;EAC7C,YAAY;EACZ;CAGF,MAAM,uBAAuB,IAAI,SAAS,GAAG,IAAI,KAAK,YAAY,CAAC,SAAS;AAE5E,KAAI,uBAAuB,oBAE1B,QAAO;EACN,SAAS;EACT,SAAS;EACT,QAAQ;GAAE,aAAa;GAAK,cAAc;GAAG;EAC7C,YAAY;EACZ;AAGF,KAAI,gBAAgB,aAEnB,QAAO;EACN,SAAS;EACT,SAASA,oBAAY,oBAAoB;EACzC,QAAQ;EACR,YAAY,KAAK,KAAK,sBAAsB,qBAAqB;EACjE;AAIF;AACA,QAAO;EACN,SAAS;EACT,SAAS;EACT,YAAY;EACZ,QAAQ;GAAE,aAAa;GAAmB;GAAc;EACxD"}

package/dist/plugins/api-key/routes/create-api-key.mjs ADDED Viewed

@@ -0,0 +1,252 @@
+import { getDate } from "../../../utils/date.mjs";
+import { getSessionFromCtx } from "../../../api/routes/session.mjs";
+import "../../../api/index.mjs";
+import { API_KEY_ERROR_CODES } from "../error-codes.mjs";
+import { setApiKey } from "../adapter.mjs";
+import { API_KEY_TABLE_NAME, defaultKeyHasher } from "../index.mjs";
+import { APIError } from "@better-auth/core/error";
+import { generateId } from "@better-auth/core/utils/id";
+import { safeJSONParse } from "@better-auth/core/utils/json";
+import { createAuthEndpoint } from "@better-auth/core/api";
+import * as z from "zod";
+//#region src/plugins/api-key/routes/create-api-key.ts
+const createApiKeyBodySchema = z.object({
+	name: z.string().meta({ description: "Name of the Api Key" }).optional(),
+	expiresIn: z.number().meta({ description: "Expiration time of the Api Key in seconds" }).min(1).optional().nullable().default(null),
+	userId: z.coerce.string().meta({ description: "User Id of the user that the Api Key belongs to. server-only. Eg: \"user-id\"" }).optional(),
+	prefix: z.string().meta({ description: "Prefix of the Api Key" }).regex(/^[a-zA-Z0-9_-]+$/, { message: "Invalid prefix format, must be alphanumeric and contain only underscores and hyphens." }).optional(),
+	remaining: z.number().meta({ description: "Remaining number of requests. Server side only" }).min(0).optional().nullable().default(null),
+	metadata: z.any().optional(),
+	refillAmount: z.number().meta({ description: "Amount to refill the remaining count of the Api Key. server-only. Eg: 100" }).min(1).optional(),
+	refillInterval: z.number().meta({ description: "Interval to refill the Api Key in milliseconds. server-only. Eg: 1000" }).optional(),
+	rateLimitTimeWindow: z.number().meta({ description: "The duration in milliseconds where each request is counted. Once the `maxRequests` is reached, the request will be rejected until the `timeWindow` has passed, at which point the `timeWindow` will be reset. server-only. Eg: 1000" }).optional(),
+	rateLimitMax: z.number().meta({ description: "Maximum amount of requests allowed within a window. Once the `maxRequests` is reached, the request will be rejected until the `timeWindow` has passed, at which point the `timeWindow` will be reset. server-only. Eg: 100" }).optional(),
+	rateLimitEnabled: z.boolean().meta({ description: "Whether the key has rate limiting enabled. server-only. Eg: true" }).optional(),
+	permissions: z.record(z.string(), z.array(z.string())).meta({ description: "Permissions of the Api Key." }).optional()
+});
+function createApiKey({ keyGenerator, opts, schema, deleteAllExpiredApiKeys }) {
+	return createAuthEndpoint("/api-key/create", {
+		method: "POST",
+		body: createApiKeyBodySchema,
+		metadata: { openapi: {
+			description: "Create a new API key for a user",
+			responses: { "200": {
+				description: "API key created successfully",
+				content: { "application/json": { schema: {
+					type: "object",
+					properties: {
+						id: {
+							type: "string",
+							description: "Unique identifier of the API key"
+						},
+						createdAt: {
+							type: "string",
+							format: "date-time",
+							description: "Creation timestamp"
+						},
+						updatedAt: {
+							type: "string",
+							format: "date-time",
+							description: "Last update timestamp"
+						},
+						name: {
+							type: "string",
+							nullable: true,
+							description: "Name of the API key"
+						},
+						prefix: {
+							type: "string",
+							nullable: true,
+							description: "Prefix of the API key"
+						},
+						start: {
+							type: "string",
+							nullable: true,
+							description: "Starting characters of the key (if configured)"
+						},
+						key: {
+							type: "string",
+							description: "The full API key (only returned on creation)"
+						},
+						enabled: {
+							type: "boolean",
+							description: "Whether the key is enabled"
+						},
+						expiresAt: {
+							type: "string",
+							format: "date-time",
+							nullable: true,
+							description: "Expiration timestamp"
+						},
+						userId: {
+							type: "string",
+							description: "ID of the user owning the key"
+						},
+						lastRefillAt: {
+							type: "string",
+							format: "date-time",
+							nullable: true,
+							description: "Last refill timestamp"
+						},
+						lastRequest: {
+							type: "string",
+							format: "date-time",
+							nullable: true,
+							description: "Last request timestamp"
+						},
+						metadata: {
+							type: "object",
+							nullable: true,
+							additionalProperties: true,
+							description: "Metadata associated with the key"
+						},
+						rateLimitMax: {
+							type: "number",
+							nullable: true,
+							description: "Maximum requests in time window"
+						},
+						rateLimitTimeWindow: {
+							type: "number",
+							nullable: true,
+							description: "Rate limit time window in milliseconds"
+						},
+						remaining: {
+							type: "number",
+							nullable: true,
+							description: "Remaining requests"
+						},
+						refillAmount: {
+							type: "number",
+							nullable: true,
+							description: "Amount to refill"
+						},
+						refillInterval: {
+							type: "number",
+							nullable: true,
+							description: "Refill interval in milliseconds"
+						},
+						rateLimitEnabled: {
+							type: "boolean",
+							description: "Whether rate limiting is enabled"
+						},
+						requestCount: {
+							type: "number",
+							description: "Current request count in window"
+						},
+						permissions: {
+							type: "object",
+							nullable: true,
+							additionalProperties: {
+								type: "array",
+								items: { type: "string" }
+							},
+							description: "Permissions associated with the key"
+						}
+					},
+					required: [
+						"id",
+						"createdAt",
+						"updatedAt",
+						"key",
+						"enabled",
+						"userId",
+						"rateLimitEnabled",
+						"requestCount"
+					]
+				} } }
+			} }
+		} }
+	}, async (ctx) => {
+		const { name, expiresIn, prefix, remaining, metadata, refillAmount, refillInterval, permissions, rateLimitMax, rateLimitTimeWindow, rateLimitEnabled } = ctx.body;
+		const session = await getSessionFromCtx(ctx);
+		const authRequired = ctx.request || ctx.headers;
+		const user = authRequired && !session ? null : session?.user || { id: ctx.body.userId };
+		if (!user?.id) throw APIError.from("UNAUTHORIZED", API_KEY_ERROR_CODES.UNAUTHORIZED_SESSION);
+		if (session && ctx.body.userId && session?.user.id !== ctx.body.userId) throw APIError.from("UNAUTHORIZED", API_KEY_ERROR_CODES.UNAUTHORIZED_SESSION);
+		if (authRequired) {
+			if (refillAmount !== void 0 || refillInterval !== void 0 || rateLimitMax !== void 0 || rateLimitTimeWindow !== void 0 || rateLimitEnabled !== void 0 || permissions !== void 0 || remaining !== null) throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.SERVER_ONLY_PROPERTY);
+		}
+		if (metadata) {
+			if (opts.enableMetadata === false) throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.METADATA_DISABLED);
+			if (typeof metadata !== "object") throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.INVALID_METADATA_TYPE);
+		}
+		if (refillAmount && !refillInterval) throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.REFILL_AMOUNT_AND_INTERVAL_REQUIRED);
+		if (refillInterval && !refillAmount) throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.REFILL_INTERVAL_AND_AMOUNT_REQUIRED);
+		if (expiresIn) {
+			if (opts.keyExpiration.disableCustomExpiresTime === true) throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.KEY_DISABLED_EXPIRATION);
+			const expiresIn_in_days = expiresIn / (3600 * 24);
+			if (opts.keyExpiration.minExpiresIn > expiresIn_in_days) throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.EXPIRES_IN_IS_TOO_SMALL);
+			else if (opts.keyExpiration.maxExpiresIn < expiresIn_in_days) throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.EXPIRES_IN_IS_TOO_LARGE);
+		}
+		if (prefix) {
+			if (prefix.length < opts.minimumPrefixLength) throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.INVALID_PREFIX_LENGTH);
+			if (prefix.length > opts.maximumPrefixLength) throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.INVALID_PREFIX_LENGTH);
+		}
+		if (name) {
+			if (name.length < opts.minimumNameLength) throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.INVALID_NAME_LENGTH);
+			if (name.length > opts.maximumNameLength) throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.INVALID_NAME_LENGTH);
+		} else if (opts.requireName) throw APIError.from("BAD_REQUEST", API_KEY_ERROR_CODES.NAME_REQUIRED);
+		deleteAllExpiredApiKeys(ctx.context);
+		const key = await keyGenerator({
+			length: opts.defaultKeyLength,
+			prefix: prefix || opts.defaultPrefix
+		});
+		const hashed = opts.disableKeyHashing ? key : await defaultKeyHasher(key);
+		let start = null;
+		if (opts.startingCharactersConfig.shouldStore) start = key.substring(0, opts.startingCharactersConfig.charactersLength);
+		const defaultPermissions = opts.permissions?.defaultPermissions ? typeof opts.permissions.defaultPermissions === "function" ? await opts.permissions.defaultPermissions(user.id, ctx) : opts.permissions.defaultPermissions : void 0;
+		const permissionsToApply = permissions ? JSON.stringify(permissions) : defaultPermissions ? JSON.stringify(defaultPermissions) : void 0;
+		const data = {
+			createdAt: /* @__PURE__ */ new Date(),
+			updatedAt: /* @__PURE__ */ new Date(),
+			name: name ?? null,
+			prefix: prefix ?? opts.defaultPrefix ?? null,
+			start,
+			key: hashed,
+			enabled: true,
+			expiresAt: expiresIn ? getDate(expiresIn, "sec") : opts.keyExpiration.defaultExpiresIn ? getDate(opts.keyExpiration.defaultExpiresIn, "sec") : null,
+			userId: user.id,
+			lastRefillAt: null,
+			lastRequest: null,
+			metadata: null,
+			rateLimitMax: rateLimitMax ?? opts.rateLimit.maxRequests ?? null,
+			rateLimitTimeWindow: rateLimitTimeWindow ?? opts.rateLimit.timeWindow ?? null,
+			remaining: remaining === null ? remaining : remaining ?? refillAmount ?? null,
+			refillAmount: refillAmount ?? null,
+			refillInterval: refillInterval ?? null,
+			rateLimitEnabled: rateLimitEnabled === void 0 ? opts.rateLimit.enabled ?? true : rateLimitEnabled,
+			requestCount: 0,
+			permissions: permissionsToApply
+		};
+		if (metadata) data.metadata = metadata;
+		let apiKey;
+		if (opts.storage === "secondary-storage" && opts.fallbackToDatabase) {
+			apiKey = await ctx.context.adapter.create({
+				model: API_KEY_TABLE_NAME,
+				data
+			});
+			await setApiKey(ctx, apiKey, opts);
+		} else if (opts.storage === "secondary-storage") {
+			const id = ctx.context.generateId({ model: API_KEY_TABLE_NAME }) || generateId();
+			apiKey = {
+				...data,
+				id
+			};
+			await setApiKey(ctx, apiKey, opts);
+		} else apiKey = await ctx.context.adapter.create({
+			model: API_KEY_TABLE_NAME,
+			data
+		});
+		return ctx.json({
+			...apiKey,
+			key,
+			metadata: metadata ?? null,
+			permissions: apiKey.permissions ? safeJSONParse(apiKey.permissions) : null
+		});
+	});
+}
+//#endregion
+export { createApiKey };
+//# sourceMappingURL=create-api-key.mjs.map

package/dist/plugins/api-key/routes/create-api-key.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"create-api-key.mjs","names":["ERROR_CODES"],"sources":["../../../../src/plugins/api-key/routes/create-api-key.ts"],"sourcesContent":["import type { AuthContext, Awaitable } from \"@better-auth/core\";\nimport { createAuthEndpoint } from \"@better-auth/core/api\";\nimport { APIError } from \"@better-auth/core/error\";\nimport { generateId } from \"@better-auth/core/utils/id\";\nimport { safeJSONParse } from \"@better-auth/core/utils/json\";\nimport * as z from \"zod\";\nimport { getSessionFromCtx } from \"../../../api\";\nimport { getDate } from \"../../../utils/date\";\nimport { API_KEY_TABLE_NAME, API_KEY_ERROR_CODES as ERROR_CODES } from \"..\";\nimport { defaultKeyHasher } from \"../\";\nimport { setApiKey } from \"../adapter\";\nimport type { apiKeySchema } from \"../schema\";\nimport type { ApiKey } from \"../types\";\nimport type { PredefinedApiKeyOptions } from \".\";\n\nconst createApiKeyBodySchema = z.object({\n\tname: z.string().meta({ description: \"Name of the Api Key\" }).optional(),\n\texpiresIn: z\n\t\t.number()\n\t\t.meta({\n\t\t\tdescription: \"Expiration time of the Api Key in seconds\",\n\t\t})\n\t\t.min(1)\n\t\t.optional()\n\t\t.nullable()\n\t\t.default(null),\n\n\tuserId: z.coerce\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t'User Id of the user that the Api Key belongs to. server-only. Eg: \"user-id\"',\n\t\t})\n\t\t.optional(),\n\tprefix: z\n\t\t.string()\n\t\t.meta({ description: \"Prefix of the Api Key\" })\n\t\t.regex(/^[a-zA-Z0-9_-]+$/, {\n\t\t\tmessage:\n\t\t\t\t\"Invalid prefix format, must be alphanumeric and contain only underscores and hyphens.\",\n\t\t})\n\t\t.optional(),\n\tremaining: z\n\t\t.number()\n\t\t.meta({\n\t\t\tdescription: \"Remaining number of requests. Server side only\",\n\t\t})\n\t\t.min(0)\n\t\t.optional()\n\t\t.nullable()\n\t\t.default(null),\n\tmetadata: z.any().optional(),\n\trefillAmount: z\n\t\t.number()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t\"Amount to refill the remaining count of the Api Key. server-only. Eg: 100\",\n\t\t})\n\t\t.min(1)\n\t\t.optional(),\n\trefillInterval: z\n\t\t.number()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t\"Interval to refill the Api Key in milliseconds. server-only. Eg: 1000\",\n\t\t})\n\t\t.optional(),\n\trateLimitTimeWindow: z\n\t\t.number()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t\"The duration in milliseconds where each request is counted. Once the `maxRequests` is reached, the request will be rejected until the `timeWindow` has passed, at which point the `timeWindow` will be reset. server-only. Eg: 1000\",\n\t\t})\n\t\t.optional(),\n\trateLimitMax: z\n\t\t.number()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t\"Maximum amount of requests allowed within a window. Once the `maxRequests` is reached, the request will be rejected until the `timeWindow` has passed, at which point the `timeWindow` will be reset. server-only. Eg: 100\",\n\t\t})\n\t\t.optional(),\n\trateLimitEnabled: z\n\t\t.boolean()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t\"Whether the key has rate limiting enabled. server-only. Eg: true\",\n\t\t})\n\t\t.optional(),\n\tpermissions: z\n\t\t.record(z.string(), z.array(z.string()))\n\t\t.meta({\n\t\t\tdescription: \"Permissions of the Api Key.\",\n\t\t})\n\t\t.optional(),\n});\n\nexport function createApiKey({\n\tkeyGenerator,\n\topts,\n\tschema,\n\tdeleteAllExpiredApiKeys,\n}: {\n\tkeyGenerator: (options: {\n\t\tlength: number;\n\t\tprefix: string | undefined;\n\t}) => Awaitable<string>;\n\topts: PredefinedApiKeyOptions;\n\tschema: ReturnType<typeof apiKeySchema>;\n\tdeleteAllExpiredApiKeys(\n\t\tctx: AuthContext,\n\t\tbyPassLastCheckTime?: boolean | undefined,\n\t): void;\n}) {\n\treturn createAuthEndpoint(\n\t\t\"/api-key/create\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: createApiKeyBodySchema,\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"Create a new API key for a user\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"API key created successfully\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tid: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Unique identifier of the API key\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tcreatedAt: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tformat: \"date-time\",\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Creation timestamp\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tupdatedAt: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tformat: \"date-time\",\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Last update timestamp\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tname: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Name of the API key\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tprefix: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Prefix of the API key\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tstart: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\t\t\t\t\t\"Starting characters of the key (if configured)\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tkey: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\t\t\t\t\t\"The full API key (only returned on creation)\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tenabled: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"boolean\",\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Whether the key is enabled\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\texpiresAt: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tformat: \"date-time\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Expiration timestamp\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tuserId: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"ID of the user owning the key\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tlastRefillAt: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tformat: \"date-time\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Last refill timestamp\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tlastRequest: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tformat: \"date-time\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Last request timestamp\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tmetadata: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tadditionalProperties: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Metadata associated with the key\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trateLimitMax: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"number\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Maximum requests in time window\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trateLimitTimeWindow: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"number\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Rate limit time window in milliseconds\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tremaining: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"number\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Remaining requests\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trefillAmount: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"number\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Amount to refill\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trefillInterval: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"number\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Refill interval in milliseconds\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trateLimitEnabled: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"boolean\",\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Whether rate limiting is enabled\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trequestCount: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"number\",\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Current request count in window\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tpermissions: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tadditionalProperties: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"array\",\n\t\t\t\t\t\t\t\t\t\t\t\t\titems: { type: \"string\" },\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Permissions associated with the key\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trequired: [\n\t\t\t\t\t\t\t\t\t\t\t\"id\",\n\t\t\t\t\t\t\t\t\t\t\t\"createdAt\",\n\t\t\t\t\t\t\t\t\t\t\t\"updatedAt\",\n\t\t\t\t\t\t\t\t\t\t\t\"key\",\n\t\t\t\t\t\t\t\t\t\t\t\"enabled\",\n\t\t\t\t\t\t\t\t\t\t\t\"userId\",\n\t\t\t\t\t\t\t\t\t\t\t\"rateLimitEnabled\",\n\t\t\t\t\t\t\t\t\t\t\t\"requestCount\",\n\t\t\t\t\t\t\t\t\t\t],\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst {\n\t\t\t\tname,\n\t\t\t\texpiresIn,\n\t\t\t\tprefix,\n\t\t\t\tremaining,\n\t\t\t\tmetadata,\n\t\t\t\trefillAmount,\n\t\t\t\trefillInterval,\n\t\t\t\tpermissions,\n\t\t\t\trateLimitMax,\n\t\t\t\trateLimitTimeWindow,\n\t\t\t\trateLimitEnabled,\n\t\t\t} = ctx.body;\n\n\t\t\tconst session = await getSessionFromCtx(ctx);\n\t\t\tconst authRequired = ctx.request || ctx.headers;\n\t\t\tconst user =\n\t\t\t\tauthRequired && !session\n\t\t\t\t\t? null\n\t\t\t\t\t: session?.user || { id: ctx.body.userId };\n\n\t\t\tif (!user?.id) {\n\t\t\t\tthrow APIError.from(\"UNAUTHORIZED\", ERROR_CODES.UNAUTHORIZED_SESSION);\n\t\t\t}\n\n\t\t\tif (session && ctx.body.userId && session?.user.id !== ctx.body.userId) {\n\t\t\t\tthrow APIError.from(\"UNAUTHORIZED\", ERROR_CODES.UNAUTHORIZED_SESSION);\n\t\t\t}\n\n\t\t\tif (authRequired) {\n\t\t\t\t// if this endpoint was being called from the client,\n\t\t\t\t// we must make sure they can't use server-only properties.\n\t\t\t\tif (\n\t\t\t\t\trefillAmount !== undefined ||\n\t\t\t\t\trefillInterval !== undefined ||\n\t\t\t\t\trateLimitMax !== undefined ||\n\t\t\t\t\trateLimitTimeWindow !== undefined ||\n\t\t\t\t\trateLimitEnabled !== undefined ||\n\t\t\t\t\tpermissions !== undefined ||\n\t\t\t\t\tremaining !== null\n\t\t\t\t) {\n\t\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", ERROR_CODES.SERVER_ONLY_PROPERTY);\n\t\t\t\t}\n\t\t\t}\n\n\t\t\t// if metadata is defined, than check that it's an object.\n\t\t\tif (metadata) {\n\t\t\t\tif (opts.enableMetadata === false) {\n\t\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", ERROR_CODES.METADATA_DISABLED);\n\t\t\t\t}\n\t\t\t\tif (typeof metadata !== \"object\") {\n\t\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", ERROR_CODES.INVALID_METADATA_TYPE);\n\t\t\t\t}\n\t\t\t}\n\n\t\t\t// make sure that if they pass a refill amount, they also pass a refill interval\n\t\t\tif (refillAmount && !refillInterval) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tERROR_CODES.REFILL_AMOUNT_AND_INTERVAL_REQUIRED,\n\t\t\t\t);\n\t\t\t}\n\t\t\t// make sure that if they pass a refill interval, they also pass a refill amount\n\t\t\tif (refillInterval && !refillAmount) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tERROR_CODES.REFILL_INTERVAL_AND_AMOUNT_REQUIRED,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tif (expiresIn) {\n\t\t\t\tif (opts.keyExpiration.disableCustomExpiresTime === true) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tERROR_CODES.KEY_DISABLED_EXPIRATION,\n\t\t\t\t\t);\n\t\t\t\t}\n\n\t\t\t\tconst expiresIn_in_days = expiresIn / (60 * 60 * 24);\n\n\t\t\t\tif (opts.keyExpiration.minExpiresIn > expiresIn_in_days) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tERROR_CODES.EXPIRES_IN_IS_TOO_SMALL,\n\t\t\t\t\t);\n\t\t\t\t} else if (opts.keyExpiration.maxExpiresIn < expiresIn_in_days) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tERROR_CODES.EXPIRES_IN_IS_TOO_LARGE,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t}\n\t\t\tif (prefix) {\n\t\t\t\tif (prefix.length < opts.minimumPrefixLength) {\n\t\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", ERROR_CODES.INVALID_PREFIX_LENGTH);\n\t\t\t\t}\n\t\t\t\tif (prefix.length > opts.maximumPrefixLength) {\n\t\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", ERROR_CODES.INVALID_PREFIX_LENGTH);\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (name) {\n\t\t\t\tif (name.length < opts.minimumNameLength) {\n\t\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", ERROR_CODES.INVALID_NAME_LENGTH);\n\t\t\t\t}\n\t\t\t\tif (name.length > opts.maximumNameLength) {\n\t\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", ERROR_CODES.INVALID_NAME_LENGTH);\n\t\t\t\t}\n\t\t\t} else if (opts.requireName) {\n\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", ERROR_CODES.NAME_REQUIRED);\n\t\t\t}\n\n\t\t\tdeleteAllExpiredApiKeys(ctx.context);\n\n\t\t\tconst key = await keyGenerator({\n\t\t\t\tlength: opts.defaultKeyLength,\n\t\t\t\tprefix: prefix || opts.defaultPrefix,\n\t\t\t});\n\n\t\t\tconst hashed = opts.disableKeyHashing ? key : await defaultKeyHasher(key);\n\n\t\t\tlet start: string | null = null;\n\n\t\t\tif (opts.startingCharactersConfig.shouldStore) {\n\t\t\t\tstart = key.substring(\n\t\t\t\t\t0,\n\t\t\t\t\topts.startingCharactersConfig.charactersLength,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst defaultPermissions = opts.permissions?.defaultPermissions\n\t\t\t\t? typeof opts.permissions.defaultPermissions === \"function\"\n\t\t\t\t\t? await opts.permissions.defaultPermissions(user.id, ctx)\n\t\t\t\t\t: opts.permissions.defaultPermissions\n\t\t\t\t: undefined;\n\t\t\tconst permissionsToApply = permissions\n\t\t\t\t? JSON.stringify(permissions)\n\t\t\t\t: defaultPermissions\n\t\t\t\t\t? JSON.stringify(defaultPermissions)\n\t\t\t\t\t: undefined;\n\n\t\t\tconst data: Omit<ApiKey, \"id\"> = {\n\t\t\t\tcreatedAt: new Date(),\n\t\t\t\tupdatedAt: new Date(),\n\t\t\t\tname: name ?? null,\n\t\t\t\tprefix: prefix ?? opts.defaultPrefix ?? null,\n\t\t\t\tstart: start,\n\t\t\t\tkey: hashed,\n\t\t\t\tenabled: true,\n\t\t\t\texpiresAt: expiresIn\n\t\t\t\t\t? getDate(expiresIn, \"sec\")\n\t\t\t\t\t: opts.keyExpiration.defaultExpiresIn\n\t\t\t\t\t\t? getDate(opts.keyExpiration.defaultExpiresIn, \"sec\")\n\t\t\t\t\t\t: null,\n\t\t\t\tuserId: user.id,\n\t\t\t\tlastRefillAt: null,\n\t\t\t\tlastRequest: null,\n\t\t\t\tmetadata: null,\n\t\t\t\trateLimitMax: rateLimitMax ?? opts.rateLimit.maxRequests ?? null,\n\t\t\t\trateLimitTimeWindow:\n\t\t\t\t\trateLimitTimeWindow ?? opts.rateLimit.timeWindow ?? null,\n\t\t\t\tremaining:\n\t\t\t\t\tremaining === null ? remaining : (remaining ?? refillAmount ?? null),\n\t\t\t\trefillAmount: refillAmount ?? null,\n\t\t\t\trefillInterval: refillInterval ?? null,\n\t\t\t\trateLimitEnabled:\n\t\t\t\t\trateLimitEnabled === undefined\n\t\t\t\t\t\t? (opts.rateLimit.enabled ?? true)\n\t\t\t\t\t\t: rateLimitEnabled,\n\t\t\t\trequestCount: 0,\n\t\t\t\t//@ts-expect-error - we intentionally save the permissions as string on DB.\n\t\t\t\tpermissions: permissionsToApply,\n\t\t\t};\n\n\t\t\tif (metadata) {\n\t\t\t\t// The adapter will automatically apply the schema transform to stringify\n\t\t\t\tdata.metadata = metadata;\n\t\t\t}\n\n\t\t\tlet apiKey: ApiKey;\n\n\t\t\tif (opts.storage === \"secondary-storage\" && opts.fallbackToDatabase) {\n\t\t\t\tapiKey = await ctx.context.adapter.create<Omit<ApiKey, \"id\">, ApiKey>({\n\t\t\t\t\tmodel: API_KEY_TABLE_NAME,\n\t\t\t\t\tdata: data,\n\t\t\t\t});\n\t\t\t\tawait setApiKey(ctx, apiKey, opts);\n\t\t\t} else if (opts.storage === \"secondary-storage\") {\n\t\t\t\tconst generatedId = ctx.context.generateId({\n\t\t\t\t\tmodel: API_KEY_TABLE_NAME,\n\t\t\t\t});\n\t\t\t\tconst id = generatedId || generateId();\n\t\t\t\tapiKey = {\n\t\t\t\t\t...data,\n\t\t\t\t\tid,\n\t\t\t\t} as ApiKey;\n\t\t\t\tawait setApiKey(ctx, apiKey, opts);\n\t\t\t} else {\n\t\t\t\tapiKey = await ctx.context.adapter.create<Omit<ApiKey, \"id\">, ApiKey>({\n\t\t\t\t\tmodel: API_KEY_TABLE_NAME,\n\t\t\t\t\tdata: data,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\treturn ctx.json({\n\t\t\t\t...(apiKey as ApiKey),\n\t\t\t\tkey: key,\n\t\t\t\tmetadata: metadata ?? null,\n\t\t\t\tpermissions: apiKey.permissions\n\t\t\t\t\t? safeJSONParse(apiKey.permissions)\n\t\t\t\t\t: null,\n\t\t\t});\n\t\t},\n\t);\n}\n"],"mappings":";;;;;;;;;;;;;AAeA,MAAM,yBAAyB,EAAE,OAAO;CACvC,MAAM,EAAE,QAAQ,CAAC,KAAK,EAAE,aAAa,uBAAuB,CAAC,CAAC,UAAU;CACxE,WAAW,EACT,QAAQ,CACR,KAAK,EACL,aAAa,6CACb,CAAC,CACD,IAAI,EAAE,CACN,UAAU,CACV,UAAU,CACV,QAAQ,KAAK;CAEf,QAAQ,EAAE,OACR,QAAQ,CACR,KAAK,EACL,aACC,iFACD,CAAC,CACD,UAAU;CACZ,QAAQ,EACN,QAAQ,CACR,KAAK,EAAE,aAAa,yBAAyB,CAAC,CAC9C,MAAM,oBAAoB,EAC1B,SACC,yFACD,CAAC,CACD,UAAU;CACZ,WAAW,EACT,QAAQ,CACR,KAAK,EACL,aAAa,kDACb,CAAC,CACD,IAAI,EAAE,CACN,UAAU,CACV,UAAU,CACV,QAAQ,KAAK;CACf,UAAU,EAAE,KAAK,CAAC,UAAU;CAC5B,cAAc,EACZ,QAAQ,CACR,KAAK,EACL,aACC,6EACD,CAAC,CACD,IAAI,EAAE,CACN,UAAU;CACZ,gBAAgB,EACd,QAAQ,CACR,KAAK,EACL,aACC,yEACD,CAAC,CACD,UAAU;CACZ,qBAAqB,EACnB,QAAQ,CACR,KAAK,EACL,aACC,uOACD,CAAC,CACD,UAAU;CACZ,cAAc,EACZ,QAAQ,CACR,KAAK,EACL,aACC,8NACD,CAAC,CACD,UAAU;CACZ,kBAAkB,EAChB,SAAS,CACT,KAAK,EACL,aACC,oEACD,CAAC,CACD,UAAU;CACZ,aAAa,EACX,OAAO,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,CACvC,KAAK,EACL,aAAa,+BACb,CAAC,CACD,UAAU;CACZ,CAAC;AAEF,SAAgB,aAAa,EAC5B,cACA,MACA,QACA,2BAYE;AACF,QAAO,mBACN,mBACA;EACC,QAAQ;EACR,MAAM;EACN,UAAU,EACT,SAAS;GACR,aAAa;GACb,WAAW,EACV,OAAO;IACN,aAAa;IACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;KACP,MAAM;KACN,YAAY;MACX,IAAI;OACH,MAAM;OACN,aAAa;OACb;MACD,WAAW;OACV,MAAM;OACN,QAAQ;OACR,aAAa;OACb;MACD,WAAW;OACV,MAAM;OACN,QAAQ;OACR,aAAa;OACb;MACD,MAAM;OACL,MAAM;OACN,UAAU;OACV,aAAa;OACb;MACD,QAAQ;OACP,MAAM;OACN,UAAU;OACV,aAAa;OACb;MACD,OAAO;OACN,MAAM;OACN,UAAU;OACV,aACC;OACD;MACD,KAAK;OACJ,MAAM;OACN,aACC;OACD;MACD,SAAS;OACR,MAAM;OACN,aAAa;OACb;MACD,WAAW;OACV,MAAM;OACN,QAAQ;OACR,UAAU;OACV,aAAa;OACb;MACD,QAAQ;OACP,MAAM;OACN,aAAa;OACb;MACD,cAAc;OACb,MAAM;OACN,QAAQ;OACR,UAAU;OACV,aAAa;OACb;MACD,aAAa;OACZ,MAAM;OACN,QAAQ;OACR,UAAU;OACV,aAAa;OACb;MACD,UAAU;OACT,MAAM;OACN,UAAU;OACV,sBAAsB;OACtB,aAAa;OACb;MACD,cAAc;OACb,MAAM;OACN,UAAU;OACV,aAAa;OACb;MACD,qBAAqB;OACpB,MAAM;OACN,UAAU;OACV,aAAa;OACb;MACD,WAAW;OACV,MAAM;OACN,UAAU;OACV,aAAa;OACb;MACD,cAAc;OACb,MAAM;OACN,UAAU;OACV,aAAa;OACb;MACD,gBAAgB;OACf,MAAM;OACN,UAAU;OACV,aAAa;OACb;MACD,kBAAkB;OACjB,MAAM;OACN,aAAa;OACb;MACD,cAAc;OACb,MAAM;OACN,aAAa;OACb;MACD,aAAa;OACZ,MAAM;OACN,UAAU;OACV,sBAAsB;QACrB,MAAM;QACN,OAAO,EAAE,MAAM,UAAU;QACzB;OACD,aAAa;OACb;MACD;KACD,UAAU;MACT;MACA;MACA;MACA;MACA;MACA;MACA;MACA;MACA;KACD,EACD,EACD;IACD,EACD;GACD,EACD;EACD,EACD,OAAO,QAAQ;EACd,MAAM,EACL,MACA,WACA,QACA,WACA,UACA,cACA,gBACA,aACA,cACA,qBACA,qBACG,IAAI;EAER,MAAM,UAAU,MAAM,kBAAkB,IAAI;EAC5C,MAAM,eAAe,IAAI,WAAW,IAAI;EACxC,MAAM,OACL,gBAAgB,CAAC,UACd,OACA,SAAS,QAAQ,EAAE,IAAI,IAAI,KAAK,QAAQ;AAE5C,MAAI,CAAC,MAAM,GACV,OAAM,SAAS,KAAK,gBAAgBA,oBAAY,qBAAqB;AAGtE,MAAI,WAAW,IAAI,KAAK,UAAU,SAAS,KAAK,OAAO,IAAI,KAAK,OAC/D,OAAM,SAAS,KAAK,gBAAgBA,oBAAY,qBAAqB;AAGtE,MAAI,cAGH;OACC,iBAAiB,UACjB,mBAAmB,UACnB,iBAAiB,UACjB,wBAAwB,UACxB,qBAAqB,UACrB,gBAAgB,UAChB,cAAc,KAEd,OAAM,SAAS,KAAK,eAAeA,oBAAY,qBAAqB;;AAKtE,MAAI,UAAU;AACb,OAAI,KAAK,mBAAmB,MAC3B,OAAM,SAAS,KAAK,eAAeA,oBAAY,kBAAkB;AAElE,OAAI,OAAO,aAAa,SACvB,OAAM,SAAS,KAAK,eAAeA,oBAAY,sBAAsB;;AAKvE,MAAI,gBAAgB,CAAC,eACpB,OAAM,SAAS,KACd,eACAA,oBAAY,oCACZ;AAGF,MAAI,kBAAkB,CAAC,aACtB,OAAM,SAAS,KACd,eACAA,oBAAY,oCACZ;AAGF,MAAI,WAAW;AACd,OAAI,KAAK,cAAc,6BAA6B,KACnD,OAAM,SAAS,KACd,eACAA,oBAAY,wBACZ;GAGF,MAAM,oBAAoB,aAAa,OAAU;AAEjD,OAAI,KAAK,cAAc,eAAe,kBACrC,OAAM,SAAS,KACd,eACAA,oBAAY,wBACZ;YACS,KAAK,cAAc,eAAe,kBAC5C,OAAM,SAAS,KACd,eACAA,oBAAY,wBACZ;;AAGH,MAAI,QAAQ;AACX,OAAI,OAAO,SAAS,KAAK,oBACxB,OAAM,SAAS,KAAK,eAAeA,oBAAY,sBAAsB;AAEtE,OAAI,OAAO,SAAS,KAAK,oBACxB,OAAM,SAAS,KAAK,eAAeA,oBAAY,sBAAsB;;AAIvE,MAAI,MAAM;AACT,OAAI,KAAK,SAAS,KAAK,kBACtB,OAAM,SAAS,KAAK,eAAeA,oBAAY,oBAAoB;AAEpE,OAAI,KAAK,SAAS,KAAK,kBACtB,OAAM,SAAS,KAAK,eAAeA,oBAAY,oBAAoB;aAE1D,KAAK,YACf,OAAM,SAAS,KAAK,eAAeA,oBAAY,cAAc;AAG9D,0BAAwB,IAAI,QAAQ;EAEpC,MAAM,MAAM,MAAM,aAAa;GAC9B,QAAQ,KAAK;GACb,QAAQ,UAAU,KAAK;GACvB,CAAC;EAEF,MAAM,SAAS,KAAK,oBAAoB,MAAM,MAAM,iBAAiB,IAAI;EAEzE,IAAI,QAAuB;AAE3B,MAAI,KAAK,yBAAyB,YACjC,SAAQ,IAAI,UACX,GACA,KAAK,yBAAyB,iBAC9B;EAGF,MAAM,qBAAqB,KAAK,aAAa,qBAC1C,OAAO,KAAK,YAAY,uBAAuB,aAC9C,MAAM,KAAK,YAAY,mBAAmB,KAAK,IAAI,IAAI,GACvD,KAAK,YAAY,qBAClB;EACH,MAAM,qBAAqB,cACxB,KAAK,UAAU,YAAY,GAC3B,qBACC,KAAK,UAAU,mBAAmB,GAClC;EAEJ,MAAM,OAA2B;GAChC,2BAAW,IAAI,MAAM;GACrB,2BAAW,IAAI,MAAM;GACrB,MAAM,QAAQ;GACd,QAAQ,UAAU,KAAK,iBAAiB;GACjC;GACP,KAAK;GACL,SAAS;GACT,WAAW,YACR,QAAQ,WAAW,MAAM,GACzB,KAAK,cAAc,mBAClB,QAAQ,KAAK,cAAc,kBAAkB,MAAM,GACnD;GACJ,QAAQ,KAAK;GACb,cAAc;GACd,aAAa;GACb,UAAU;GACV,cAAc,gBAAgB,KAAK,UAAU,eAAe;GAC5D,qBACC,uBAAuB,KAAK,UAAU,cAAc;GACrD,WACC,cAAc,OAAO,YAAa,aAAa,gBAAgB;GAChE,cAAc,gBAAgB;GAC9B,gBAAgB,kBAAkB;GAClC,kBACC,qBAAqB,SACjB,KAAK,UAAU,WAAW,OAC3B;GACJ,cAAc;GAEd,aAAa;GACb;AAED,MAAI,SAEH,MAAK,WAAW;EAGjB,IAAI;AAEJ,MAAI,KAAK,YAAY,uBAAuB,KAAK,oBAAoB;AACpE,YAAS,MAAM,IAAI,QAAQ,QAAQ,OAAmC;IACrE,OAAO;IACD;IACN,CAAC;AACF,SAAM,UAAU,KAAK,QAAQ,KAAK;aACxB,KAAK,YAAY,qBAAqB;GAIhD,MAAM,KAHc,IAAI,QAAQ,WAAW,EAC1C,OAAO,oBACP,CAAC,IACwB,YAAY;AACtC,YAAS;IACR,GAAG;IACH;IACA;AACD,SAAM,UAAU,KAAK,QAAQ,KAAK;QAElC,UAAS,MAAM,IAAI,QAAQ,QAAQ,OAAmC;GACrE,OAAO;GACD;GACN,CAAC;AAGH,SAAO,IAAI,KAAK;GACf,GAAI;GACC;GACL,UAAU,YAAY;GACtB,aAAa,OAAO,cACjB,cAAc,OAAO,YAAY,GACjC;GACH,CAAC;GAEH"}

package/dist/plugins/api-key/routes/delete-all-expired-api-keys.mjs ADDED Viewed

@@ -0,0 +1,24 @@
+import { createAuthEndpoint } from "@better-auth/core/api";
+//#region src/plugins/api-key/routes/delete-all-expired-api-keys.ts
+function deleteAllExpiredApiKeysEndpoint({ deleteAllExpiredApiKeys }) {
+	return createAuthEndpoint({ method: "POST" }, async (ctx) => {
+		try {
+			await deleteAllExpiredApiKeys(ctx.context, true);
+		} catch (error) {
+			ctx.context.logger.error("[API KEY PLUGIN] Failed to delete expired API keys:", error);
+			return ctx.json({
+				success: false,
+				error
+			});
+		}
+		return ctx.json({
+			success: true,
+			error: null
+		});
+	});
+}
+//#endregion
+export { deleteAllExpiredApiKeysEndpoint };
+//# sourceMappingURL=delete-all-expired-api-keys.mjs.map

package/dist/plugins/api-key/routes/delete-all-expired-api-keys.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"delete-all-expired-api-keys.mjs","names":[],"sources":["../../../../src/plugins/api-key/routes/delete-all-expired-api-keys.ts"],"sourcesContent":["import type { AuthContext } from \"@better-auth/core\";\nimport { createAuthEndpoint } from \"@better-auth/core/api\";\n\nexport function deleteAllExpiredApiKeysEndpoint({\n\tdeleteAllExpiredApiKeys,\n}: {\n\tdeleteAllExpiredApiKeys(\n\t\tctx: AuthContext,\n\t\tbyPassLastCheckTime?: boolean | undefined,\n\t): Promise<void>;\n}) {\n\treturn createAuthEndpoint(\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t},\n\t\tasync (ctx) => {\n\t\t\ttry {\n\t\t\t\tawait deleteAllExpiredApiKeys(ctx.context, true);\n\t\t\t} catch (error) {\n\t\t\t\tctx.context.logger.error(\n\t\t\t\t\t\"[API KEY PLUGIN] Failed to delete expired API keys:\",\n\t\t\t\t\terror,\n\t\t\t\t);\n\t\t\t\treturn ctx.json({\n\t\t\t\t\tsuccess: false,\n\t\t\t\t\terror: error,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\treturn ctx.json({ success: true, error: null });\n\t\t},\n\t);\n}\n"],"mappings":";;;AAGA,SAAgB,gCAAgC,EAC/C,2BAME;AACF,QAAO,mBACN,EACC,QAAQ,QACR,EACD,OAAO,QAAQ;AACd,MAAI;AACH,SAAM,wBAAwB,IAAI,SAAS,KAAK;WACxC,OAAO;AACf,OAAI,QAAQ,OAAO,MAClB,uDACA,MACA;AACD,UAAO,IAAI,KAAK;IACf,SAAS;IACF;IACP,CAAC;;AAGH,SAAO,IAAI,KAAK;GAAE,SAAS;GAAM,OAAO;GAAM,CAAC;GAEhD"}