npm - @hammadj/better-auth - Versions diffs - 1.5.0-beta.9 - Mend

@hammadj/better-auth 1.5.0-beta.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (688) hide show

package/LICENSE.md +20 -0
package/README.md +33 -0
package/dist/_virtual/rolldown_runtime.mjs +36 -0
package/dist/adapters/drizzle-adapter/index.d.mts +1 -0
package/dist/adapters/drizzle-adapter/index.mjs +3 -0
package/dist/adapters/index.d.mts +23 -0
package/dist/adapters/index.mjs +13 -0
package/dist/adapters/index.mjs.map +1 -0
package/dist/adapters/kysely-adapter/index.d.mts +1 -0
package/dist/adapters/kysely-adapter/index.mjs +3 -0
package/dist/adapters/memory-adapter/index.d.mts +1 -0
package/dist/adapters/memory-adapter/index.mjs +3 -0
package/dist/adapters/mongodb-adapter/index.d.mts +1 -0
package/dist/adapters/mongodb-adapter/index.mjs +3 -0
package/dist/adapters/prisma-adapter/index.d.mts +1 -0
package/dist/adapters/prisma-adapter/index.mjs +3 -0
package/dist/api/index.d.mts +40 -0
package/dist/api/index.mjs +205 -0
package/dist/api/index.mjs.map +1 -0
package/dist/api/middlewares/index.d.mts +1 -0
package/dist/api/middlewares/index.mjs +3 -0
package/dist/api/middlewares/origin-check.d.mts +17 -0
package/dist/api/middlewares/origin-check.mjs +140 -0
package/dist/api/middlewares/origin-check.mjs.map +1 -0
package/dist/api/rate-limiter/index.mjs +177 -0
package/dist/api/rate-limiter/index.mjs.map +1 -0
package/dist/api/routes/account.d.mts +10 -0
package/dist/api/routes/account.mjs +493 -0
package/dist/api/routes/account.mjs.map +1 -0
package/dist/api/routes/callback.d.mts +5 -0
package/dist/api/routes/callback.mjs +178 -0
package/dist/api/routes/callback.mjs.map +1 -0
package/dist/api/routes/email-verification.d.mts +29 -0
package/dist/api/routes/email-verification.mjs +301 -0
package/dist/api/routes/email-verification.mjs.map +1 -0
package/dist/api/routes/error.d.mts +5 -0
package/dist/api/routes/error.mjs +386 -0
package/dist/api/routes/error.mjs.map +1 -0
package/dist/api/routes/index.d.mts +11 -0
package/dist/api/routes/index.mjs +13 -0
package/dist/api/routes/ok.d.mts +5 -0
package/dist/api/routes/ok.mjs +30 -0
package/dist/api/routes/ok.mjs.map +1 -0
package/dist/api/routes/password.d.mts +8 -0
package/dist/api/routes/password.mjs +198 -0
package/dist/api/routes/password.mjs.map +1 -0
package/dist/api/routes/session.d.mts +52 -0
package/dist/api/routes/session.mjs +478 -0
package/dist/api/routes/session.mjs.map +1 -0
package/dist/api/routes/sign-in.d.mts +8 -0
package/dist/api/routes/sign-in.mjs +262 -0
package/dist/api/routes/sign-in.mjs.map +1 -0
package/dist/api/routes/sign-out.d.mts +5 -0
package/dist/api/routes/sign-out.mjs +33 -0
package/dist/api/routes/sign-out.mjs.map +1 -0
package/dist/api/routes/sign-up.d.mts +7 -0
package/dist/api/routes/sign-up.mjs +227 -0
package/dist/api/routes/sign-up.mjs.map +1 -0
package/dist/api/routes/update-user.d.mts +12 -0
package/dist/api/routes/update-user.mjs +493 -0
package/dist/api/routes/update-user.mjs.map +1 -0
package/dist/api/state/oauth.d.mts +5 -0
package/dist/api/state/oauth.mjs +8 -0
package/dist/api/state/oauth.mjs.map +1 -0
package/dist/api/state/should-session-refresh.d.mts +13 -0
package/dist/api/state/should-session-refresh.mjs +16 -0
package/dist/api/state/should-session-refresh.mjs.map +1 -0
package/dist/api/to-auth-endpoints.mjs +197 -0
package/dist/api/to-auth-endpoints.mjs.map +1 -0
package/dist/auth/base.mjs +44 -0
package/dist/auth/base.mjs.map +1 -0
package/dist/auth/full.d.mts +30 -0
package/dist/auth/full.mjs +32 -0
package/dist/auth/full.mjs.map +1 -0
package/dist/auth/minimal.d.mts +12 -0
package/dist/auth/minimal.mjs +14 -0
package/dist/auth/minimal.mjs.map +1 -0
package/dist/auth/trusted-origins.mjs +31 -0
package/dist/auth/trusted-origins.mjs.map +1 -0
package/dist/client/broadcast-channel.d.mts +20 -0
package/dist/client/broadcast-channel.mjs +46 -0
package/dist/client/broadcast-channel.mjs.map +1 -0
package/dist/client/config.mjs +90 -0
package/dist/client/config.mjs.map +1 -0
package/dist/client/fetch-plugins.mjs +18 -0
package/dist/client/fetch-plugins.mjs.map +1 -0
package/dist/client/focus-manager.d.mts +11 -0
package/dist/client/focus-manager.mjs +32 -0
package/dist/client/focus-manager.mjs.map +1 -0
package/dist/client/index.d.mts +30 -0
package/dist/client/index.mjs +21 -0
package/dist/client/index.mjs.map +1 -0
package/dist/client/lynx/index.d.mts +62 -0
package/dist/client/lynx/index.mjs +24 -0
package/dist/client/lynx/index.mjs.map +1 -0
package/dist/client/lynx/lynx-store.d.mts +47 -0
package/dist/client/lynx/lynx-store.mjs +47 -0
package/dist/client/lynx/lynx-store.mjs.map +1 -0
package/dist/client/online-manager.d.mts +12 -0
package/dist/client/online-manager.mjs +35 -0
package/dist/client/online-manager.mjs.map +1 -0
package/dist/client/parser.mjs +73 -0
package/dist/client/parser.mjs.map +1 -0
package/dist/client/path-to-object.d.mts +57 -0
package/dist/client/plugins/index.d.mts +58 -0
package/dist/client/plugins/index.mjs +33 -0
package/dist/client/plugins/infer-plugin.d.mts +9 -0
package/dist/client/plugins/infer-plugin.mjs +11 -0
package/dist/client/plugins/infer-plugin.mjs.map +1 -0
package/dist/client/proxy.mjs +79 -0
package/dist/client/proxy.mjs.map +1 -0
package/dist/client/query.d.mts +23 -0
package/dist/client/query.mjs +98 -0
package/dist/client/query.mjs.map +1 -0
package/dist/client/react/index.d.mts +63 -0
package/dist/client/react/index.mjs +24 -0
package/dist/client/react/index.mjs.map +1 -0
package/dist/client/react/react-store.d.mts +47 -0
package/dist/client/react/react-store.mjs +47 -0
package/dist/client/react/react-store.mjs.map +1 -0
package/dist/client/session-atom.mjs +29 -0
package/dist/client/session-atom.mjs.map +1 -0
package/dist/client/session-refresh.d.mts +28 -0
package/dist/client/session-refresh.mjs +140 -0
package/dist/client/session-refresh.mjs.map +1 -0
package/dist/client/solid/index.d.mts +57 -0
package/dist/client/solid/index.mjs +22 -0
package/dist/client/solid/index.mjs.map +1 -0
package/dist/client/solid/solid-store.mjs +24 -0
package/dist/client/solid/solid-store.mjs.map +1 -0
package/dist/client/svelte/index.d.mts +63 -0
package/dist/client/svelte/index.mjs +20 -0
package/dist/client/svelte/index.mjs.map +1 -0
package/dist/client/types.d.mts +58 -0
package/dist/client/vanilla.d.mts +62 -0
package/dist/client/vanilla.mjs +20 -0
package/dist/client/vanilla.mjs.map +1 -0
package/dist/client/vue/index.d.mts +86 -0
package/dist/client/vue/index.mjs +38 -0
package/dist/client/vue/index.mjs.map +1 -0
package/dist/client/vue/vue-store.mjs +26 -0
package/dist/client/vue/vue-store.mjs.map +1 -0
package/dist/context/create-context.mjs +211 -0
package/dist/context/create-context.mjs.map +1 -0
package/dist/context/helpers.mjs +62 -0
package/dist/context/helpers.mjs.map +1 -0
package/dist/context/init-minimal.mjs +20 -0
package/dist/context/init-minimal.mjs.map +1 -0
package/dist/context/init.mjs +22 -0
package/dist/context/init.mjs.map +1 -0
package/dist/cookies/cookie-utils.d.mts +29 -0
package/dist/cookies/cookie-utils.mjs +105 -0
package/dist/cookies/cookie-utils.mjs.map +1 -0
package/dist/cookies/index.d.mts +67 -0
package/dist/cookies/index.mjs +264 -0
package/dist/cookies/index.mjs.map +1 -0
package/dist/cookies/session-store.d.mts +36 -0
package/dist/cookies/session-store.mjs +200 -0
package/dist/cookies/session-store.mjs.map +1 -0
package/dist/crypto/buffer.d.mts +8 -0
package/dist/crypto/buffer.mjs +18 -0
package/dist/crypto/buffer.mjs.map +1 -0
package/dist/crypto/index.d.mts +27 -0
package/dist/crypto/index.mjs +38 -0
package/dist/crypto/index.mjs.map +1 -0
package/dist/crypto/jwt.d.mts +8 -0
package/dist/crypto/jwt.mjs +95 -0
package/dist/crypto/jwt.mjs.map +1 -0
package/dist/crypto/password.d.mts +12 -0
package/dist/crypto/password.mjs +36 -0
package/dist/crypto/password.mjs.map +1 -0
package/dist/crypto/random.d.mts +5 -0
package/dist/crypto/random.mjs +8 -0
package/dist/crypto/random.mjs.map +1 -0
package/dist/db/adapter-base.d.mts +8 -0
package/dist/db/adapter-base.mjs +28 -0
package/dist/db/adapter-base.mjs.map +1 -0
package/dist/db/adapter-kysely.d.mts +8 -0
package/dist/db/adapter-kysely.mjs +21 -0
package/dist/db/adapter-kysely.mjs.map +1 -0
package/dist/db/field-converter.d.mts +8 -0
package/dist/db/field-converter.mjs +21 -0
package/dist/db/field-converter.mjs.map +1 -0
package/dist/db/field.d.mts +55 -0
package/dist/db/field.mjs +11 -0
package/dist/db/field.mjs.map +1 -0
package/dist/db/get-migration.d.mts +23 -0
package/dist/db/get-migration.mjs +339 -0
package/dist/db/get-migration.mjs.map +1 -0
package/dist/db/get-schema.d.mts +11 -0
package/dist/db/get-schema.mjs +39 -0
package/dist/db/get-schema.mjs.map +1 -0
package/dist/db/index.d.mts +9 -0
package/dist/db/index.mjs +36 -0
package/dist/db/index.mjs.map +1 -0
package/dist/db/internal-adapter.d.mts +14 -0
package/dist/db/internal-adapter.mjs +616 -0
package/dist/db/internal-adapter.mjs.map +1 -0
package/dist/db/schema.d.mts +26 -0
package/dist/db/schema.mjs +118 -0
package/dist/db/schema.mjs.map +1 -0
package/dist/db/to-zod.d.mts +36 -0
package/dist/db/to-zod.mjs +26 -0
package/dist/db/to-zod.mjs.map +1 -0
package/dist/db/verification-token-storage.mjs +28 -0
package/dist/db/verification-token-storage.mjs.map +1 -0
package/dist/db/with-hooks.d.mts +33 -0
package/dist/db/with-hooks.mjs +159 -0
package/dist/db/with-hooks.mjs.map +1 -0
package/dist/index.d.mts +52 -0
package/dist/index.mjs +26 -0
package/dist/integrations/next-js.d.mts +14 -0
package/dist/integrations/next-js.mjs +78 -0
package/dist/integrations/next-js.mjs.map +1 -0
package/dist/integrations/node.d.mts +13 -0
package/dist/integrations/node.mjs +16 -0
package/dist/integrations/node.mjs.map +1 -0
package/dist/integrations/solid-start.d.mts +23 -0
package/dist/integrations/solid-start.mjs +17 -0
package/dist/integrations/solid-start.mjs.map +1 -0
package/dist/integrations/svelte-kit.d.mts +29 -0
package/dist/integrations/svelte-kit.mjs +57 -0
package/dist/integrations/svelte-kit.mjs.map +1 -0
package/dist/integrations/tanstack-start-solid.d.mts +22 -0
package/dist/integrations/tanstack-start-solid.mjs +61 -0
package/dist/integrations/tanstack-start-solid.mjs.map +1 -0
package/dist/integrations/tanstack-start.d.mts +22 -0
package/dist/integrations/tanstack-start.mjs +61 -0
package/dist/integrations/tanstack-start.mjs.map +1 -0
package/dist/oauth2/index.d.mts +5 -0
package/dist/oauth2/index.mjs +7 -0
package/dist/oauth2/link-account.d.mts +31 -0
package/dist/oauth2/link-account.mjs +144 -0
package/dist/oauth2/link-account.mjs.map +1 -0
package/dist/oauth2/state.d.mts +26 -0
package/dist/oauth2/state.mjs +51 -0
package/dist/oauth2/state.mjs.map +1 -0
package/dist/oauth2/utils.d.mts +8 -0
package/dist/oauth2/utils.mjs +31 -0
package/dist/oauth2/utils.mjs.map +1 -0
package/dist/plugins/access/access.d.mts +30 -0
package/dist/plugins/access/access.mjs +46 -0
package/dist/plugins/access/access.mjs.map +1 -0
package/dist/plugins/access/index.d.mts +3 -0
package/dist/plugins/access/index.mjs +3 -0
package/dist/plugins/access/types.d.mts +17 -0
package/dist/plugins/additional-fields/client.d.mts +14 -0
package/dist/plugins/additional-fields/client.mjs +11 -0
package/dist/plugins/additional-fields/client.mjs.map +1 -0
package/dist/plugins/admin/access/index.d.mts +2 -0
package/dist/plugins/admin/access/index.mjs +3 -0
package/dist/plugins/admin/access/statement.d.mts +118 -0
package/dist/plugins/admin/access/statement.mjs +53 -0
package/dist/plugins/admin/access/statement.mjs.map +1 -0
package/dist/plugins/admin/admin.d.mts +14 -0
package/dist/plugins/admin/admin.mjs +95 -0
package/dist/plugins/admin/admin.mjs.map +1 -0
package/dist/plugins/admin/client.d.mts +14 -0
package/dist/plugins/admin/client.mjs +36 -0
package/dist/plugins/admin/client.mjs.map +1 -0
package/dist/plugins/admin/error-codes.d.mts +5 -0
package/dist/plugins/admin/error-codes.mjs +30 -0
package/dist/plugins/admin/error-codes.mjs.map +1 -0
package/dist/plugins/admin/has-permission.mjs +16 -0
package/dist/plugins/admin/has-permission.mjs.map +1 -0
package/dist/plugins/admin/index.d.mts +3 -0
package/dist/plugins/admin/index.mjs +3 -0
package/dist/plugins/admin/routes.mjs +855 -0
package/dist/plugins/admin/routes.mjs.map +1 -0
package/dist/plugins/admin/schema.d.mts +6 -0
package/dist/plugins/admin/schema.mjs +34 -0
package/dist/plugins/admin/schema.mjs.map +1 -0
package/dist/plugins/admin/types.d.mts +89 -0
package/dist/plugins/anonymous/client.d.mts +9 -0
package/dist/plugins/anonymous/client.mjs +22 -0
package/dist/plugins/anonymous/client.mjs.map +1 -0
package/dist/plugins/anonymous/error-codes.d.mts +5 -0
package/dist/plugins/anonymous/error-codes.mjs +16 -0
package/dist/plugins/anonymous/error-codes.mjs.map +1 -0
package/dist/plugins/anonymous/index.d.mts +14 -0
package/dist/plugins/anonymous/index.mjs +163 -0
package/dist/plugins/anonymous/index.mjs.map +1 -0
package/dist/plugins/anonymous/schema.d.mts +5 -0
package/dist/plugins/anonymous/schema.mjs +11 -0
package/dist/plugins/anonymous/schema.mjs.map +1 -0
package/dist/plugins/anonymous/types.d.mts +68 -0
package/dist/plugins/api-key/adapter.mjs +468 -0
package/dist/plugins/api-key/adapter.mjs.map +1 -0
package/dist/plugins/api-key/client.d.mts +9 -0
package/dist/plugins/api-key/client.mjs +19 -0
package/dist/plugins/api-key/client.mjs.map +1 -0
package/dist/plugins/api-key/error-codes.d.mts +5 -0
package/dist/plugins/api-key/error-codes.mjs +34 -0
package/dist/plugins/api-key/error-codes.mjs.map +1 -0
package/dist/plugins/api-key/index.d.mts +17 -0
package/dist/plugins/api-key/index.mjs +134 -0
package/dist/plugins/api-key/index.mjs.map +1 -0
package/dist/plugins/api-key/rate-limit.mjs +74 -0
package/dist/plugins/api-key/rate-limit.mjs.map +1 -0
package/dist/plugins/api-key/routes/create-api-key.mjs +252 -0
package/dist/plugins/api-key/routes/create-api-key.mjs.map +1 -0
package/dist/plugins/api-key/routes/delete-all-expired-api-keys.mjs +24 -0
package/dist/plugins/api-key/routes/delete-all-expired-api-keys.mjs.map +1 -0
package/dist/plugins/api-key/routes/delete-api-key.mjs +74 -0
package/dist/plugins/api-key/routes/delete-api-key.mjs.map +1 -0
package/dist/plugins/api-key/routes/get-api-key.mjs +158 -0
package/dist/plugins/api-key/routes/get-api-key.mjs.map +1 -0
package/dist/plugins/api-key/routes/index.mjs +71 -0
package/dist/plugins/api-key/routes/index.mjs.map +1 -0
package/dist/plugins/api-key/routes/list-api-keys.mjs +194 -0
package/dist/plugins/api-key/routes/list-api-keys.mjs.map +1 -0
package/dist/plugins/api-key/routes/update-api-key.mjs +248 -0
package/dist/plugins/api-key/routes/update-api-key.mjs.map +1 -0
package/dist/plugins/api-key/routes/verify-api-key.mjs +223 -0
package/dist/plugins/api-key/routes/verify-api-key.mjs.map +1 -0
package/dist/plugins/api-key/schema.d.mts +11 -0
package/dist/plugins/api-key/schema.mjs +130 -0
package/dist/plugins/api-key/schema.mjs.map +1 -0
package/dist/plugins/api-key/types.d.mts +346 -0
package/dist/plugins/bearer/index.d.mts +25 -0
package/dist/plugins/bearer/index.mjs +66 -0
package/dist/plugins/bearer/index.mjs.map +1 -0
package/dist/plugins/captcha/constants.d.mts +10 -0
package/dist/plugins/captcha/constants.mjs +22 -0
package/dist/plugins/captcha/constants.mjs.map +1 -0
package/dist/plugins/captcha/error-codes.mjs +16 -0
package/dist/plugins/captcha/error-codes.mjs.map +1 -0
package/dist/plugins/captcha/index.d.mts +14 -0
package/dist/plugins/captcha/index.mjs +60 -0
package/dist/plugins/captcha/index.mjs.map +1 -0
package/dist/plugins/captcha/types.d.mts +28 -0
package/dist/plugins/captcha/utils.mjs +11 -0
package/dist/plugins/captcha/utils.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/captchafox.mjs +27 -0
package/dist/plugins/captcha/verify-handlers/captchafox.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/cloudflare-turnstile.mjs +25 -0
package/dist/plugins/captcha/verify-handlers/cloudflare-turnstile.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/google-recaptcha.mjs +29 -0
package/dist/plugins/captcha/verify-handlers/google-recaptcha.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/h-captcha.mjs +27 -0
package/dist/plugins/captcha/verify-handlers/h-captcha.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/index.mjs +6 -0
package/dist/plugins/custom-session/client.d.mts +10 -0
package/dist/plugins/custom-session/client.mjs +11 -0
package/dist/plugins/custom-session/client.mjs.map +1 -0
package/dist/plugins/custom-session/index.d.mts +26 -0
package/dist/plugins/custom-session/index.mjs +70 -0
package/dist/plugins/custom-session/index.mjs.map +1 -0
package/dist/plugins/device-authorization/client.d.mts +5 -0
package/dist/plugins/device-authorization/client.mjs +18 -0
package/dist/plugins/device-authorization/client.mjs.map +1 -0
package/dist/plugins/device-authorization/error-codes.mjs +21 -0
package/dist/plugins/device-authorization/error-codes.mjs.map +1 -0
package/dist/plugins/device-authorization/index.d.mts +28 -0
package/dist/plugins/device-authorization/index.mjs +50 -0
package/dist/plugins/device-authorization/index.mjs.map +1 -0
package/dist/plugins/device-authorization/routes.mjs +510 -0
package/dist/plugins/device-authorization/routes.mjs.map +1 -0
package/dist/plugins/device-authorization/schema.mjs +57 -0
package/dist/plugins/device-authorization/schema.mjs.map +1 -0
package/dist/plugins/email-otp/client.d.mts +7 -0
package/dist/plugins/email-otp/client.mjs +18 -0
package/dist/plugins/email-otp/client.mjs.map +1 -0
package/dist/plugins/email-otp/error-codes.d.mts +5 -0
package/dist/plugins/email-otp/error-codes.mjs +12 -0
package/dist/plugins/email-otp/error-codes.mjs.map +1 -0
package/dist/plugins/email-otp/index.d.mts +14 -0
package/dist/plugins/email-otp/index.mjs +108 -0
package/dist/plugins/email-otp/index.mjs.map +1 -0
package/dist/plugins/email-otp/otp-token.mjs +29 -0
package/dist/plugins/email-otp/otp-token.mjs.map +1 -0
package/dist/plugins/email-otp/routes.mjs +564 -0
package/dist/plugins/email-otp/routes.mjs.map +1 -0
package/dist/plugins/email-otp/types.d.mts +74 -0
package/dist/plugins/email-otp/utils.mjs +17 -0
package/dist/plugins/email-otp/utils.mjs.map +1 -0
package/dist/plugins/generic-oauth/client.d.mts +19 -0
package/dist/plugins/generic-oauth/client.mjs +14 -0
package/dist/plugins/generic-oauth/client.mjs.map +1 -0
package/dist/plugins/generic-oauth/error-codes.d.mts +5 -0
package/dist/plugins/generic-oauth/error-codes.mjs +15 -0
package/dist/plugins/generic-oauth/error-codes.mjs.map +1 -0
package/dist/plugins/generic-oauth/index.d.mts +34 -0
package/dist/plugins/generic-oauth/index.mjs +137 -0
package/dist/plugins/generic-oauth/index.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/auth0.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/auth0.mjs +62 -0
package/dist/plugins/generic-oauth/providers/auth0.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/gumroad.d.mts +32 -0
package/dist/plugins/generic-oauth/providers/gumroad.mjs +60 -0
package/dist/plugins/generic-oauth/providers/gumroad.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/hubspot.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/hubspot.mjs +60 -0
package/dist/plugins/generic-oauth/providers/hubspot.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/index.d.mts +9 -0
package/dist/plugins/generic-oauth/providers/index.mjs +11 -0
package/dist/plugins/generic-oauth/providers/keycloak.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/keycloak.mjs +62 -0
package/dist/plugins/generic-oauth/providers/keycloak.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/line.d.mts +55 -0
package/dist/plugins/generic-oauth/providers/line.mjs +91 -0
package/dist/plugins/generic-oauth/providers/line.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/microsoft-entra-id.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/microsoft-entra-id.mjs +66 -0
package/dist/plugins/generic-oauth/providers/microsoft-entra-id.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/okta.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/okta.mjs +62 -0
package/dist/plugins/generic-oauth/providers/okta.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/patreon.d.mts +30 -0
package/dist/plugins/generic-oauth/providers/patreon.mjs +59 -0
package/dist/plugins/generic-oauth/providers/patreon.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/slack.d.mts +30 -0
package/dist/plugins/generic-oauth/providers/slack.mjs +61 -0
package/dist/plugins/generic-oauth/providers/slack.mjs.map +1 -0
package/dist/plugins/generic-oauth/routes.mjs +394 -0
package/dist/plugins/generic-oauth/routes.mjs.map +1 -0
package/dist/plugins/generic-oauth/types.d.mts +145 -0
package/dist/plugins/haveibeenpwned/index.d.mts +21 -0
package/dist/plugins/haveibeenpwned/index.mjs +56 -0
package/dist/plugins/haveibeenpwned/index.mjs.map +1 -0
package/dist/plugins/index.d.mts +68 -0
package/dist/plugins/index.mjs +51 -0
package/dist/plugins/jwt/adapter.mjs +27 -0
package/dist/plugins/jwt/adapter.mjs.map +1 -0
package/dist/plugins/jwt/client.d.mts +18 -0
package/dist/plugins/jwt/client.mjs +19 -0
package/dist/plugins/jwt/client.mjs.map +1 -0
package/dist/plugins/jwt/index.d.mts +17 -0
package/dist/plugins/jwt/index.mjs +202 -0
package/dist/plugins/jwt/index.mjs.map +1 -0
package/dist/plugins/jwt/schema.d.mts +5 -0
package/dist/plugins/jwt/schema.mjs +23 -0
package/dist/plugins/jwt/schema.mjs.map +1 -0
package/dist/plugins/jwt/sign.d.mts +57 -0
package/dist/plugins/jwt/sign.mjs +66 -0
package/dist/plugins/jwt/sign.mjs.map +1 -0
package/dist/plugins/jwt/types.d.mts +194 -0
package/dist/plugins/jwt/utils.d.mts +42 -0
package/dist/plugins/jwt/utils.mjs +64 -0
package/dist/plugins/jwt/utils.mjs.map +1 -0
package/dist/plugins/jwt/verify.d.mts +12 -0
package/dist/plugins/jwt/verify.mjs +46 -0
package/dist/plugins/jwt/verify.mjs.map +1 -0
package/dist/plugins/last-login-method/client.d.mts +18 -0
package/dist/plugins/last-login-method/client.mjs +32 -0
package/dist/plugins/last-login-method/client.mjs.map +1 -0
package/dist/plugins/last-login-method/index.d.mts +52 -0
package/dist/plugins/last-login-method/index.mjs +77 -0
package/dist/plugins/last-login-method/index.mjs.map +1 -0
package/dist/plugins/magic-link/client.d.mts +5 -0
package/dist/plugins/magic-link/client.mjs +11 -0
package/dist/plugins/magic-link/client.mjs.map +1 -0
package/dist/plugins/magic-link/index.d.mts +61 -0
package/dist/plugins/magic-link/index.mjs +167 -0
package/dist/plugins/magic-link/index.mjs.map +1 -0
package/dist/plugins/magic-link/utils.mjs +12 -0
package/dist/plugins/magic-link/utils.mjs.map +1 -0
package/dist/plugins/mcp/authorize.mjs +133 -0
package/dist/plugins/mcp/authorize.mjs.map +1 -0
package/dist/plugins/mcp/index.d.mts +46 -0
package/dist/plugins/mcp/index.mjs +717 -0
package/dist/plugins/mcp/index.mjs.map +1 -0
package/dist/plugins/multi-session/client.d.mts +8 -0
package/dist/plugins/multi-session/client.mjs +20 -0
package/dist/plugins/multi-session/client.mjs.map +1 -0
package/dist/plugins/multi-session/error-codes.d.mts +5 -0
package/dist/plugins/multi-session/error-codes.mjs +8 -0
package/dist/plugins/multi-session/error-codes.mjs.map +1 -0
package/dist/plugins/multi-session/index.d.mts +22 -0
package/dist/plugins/multi-session/index.mjs +172 -0
package/dist/plugins/multi-session/index.mjs.map +1 -0
package/dist/plugins/oauth-proxy/index.d.mts +39 -0
package/dist/plugins/oauth-proxy/index.mjs +305 -0
package/dist/plugins/oauth-proxy/index.mjs.map +1 -0
package/dist/plugins/oauth-proxy/utils.mjs +44 -0
package/dist/plugins/oauth-proxy/utils.mjs.map +1 -0
package/dist/plugins/oidc-provider/authorize.mjs +194 -0
package/dist/plugins/oidc-provider/authorize.mjs.map +1 -0
package/dist/plugins/oidc-provider/client.d.mts +8 -0
package/dist/plugins/oidc-provider/client.mjs +11 -0
package/dist/plugins/oidc-provider/client.mjs.map +1 -0
package/dist/plugins/oidc-provider/error.mjs +17 -0
package/dist/plugins/oidc-provider/error.mjs.map +1 -0
package/dist/plugins/oidc-provider/index.d.mts +32 -0
package/dist/plugins/oidc-provider/index.mjs +1093 -0
package/dist/plugins/oidc-provider/index.mjs.map +1 -0
package/dist/plugins/oidc-provider/schema.d.mts +26 -0
package/dist/plugins/oidc-provider/schema.mjs +132 -0
package/dist/plugins/oidc-provider/schema.mjs.map +1 -0
package/dist/plugins/oidc-provider/types.d.mts +517 -0
package/dist/plugins/oidc-provider/utils/prompt.mjs +19 -0
package/dist/plugins/oidc-provider/utils/prompt.mjs.map +1 -0
package/dist/plugins/oidc-provider/utils.mjs +15 -0
package/dist/plugins/oidc-provider/utils.mjs.map +1 -0
package/dist/plugins/one-tap/client.d.mts +159 -0
package/dist/plugins/one-tap/client.mjs +214 -0
package/dist/plugins/one-tap/client.mjs.map +1 -0
package/dist/plugins/one-tap/index.d.mts +27 -0
package/dist/plugins/one-tap/index.mjs +96 -0
package/dist/plugins/one-tap/index.mjs.map +1 -0
package/dist/plugins/one-time-token/client.d.mts +7 -0
package/dist/plugins/one-time-token/client.mjs +11 -0
package/dist/plugins/one-time-token/client.mjs.map +1 -0
package/dist/plugins/one-time-token/index.d.mts +53 -0
package/dist/plugins/one-time-token/index.mjs +82 -0
package/dist/plugins/one-time-token/index.mjs.map +1 -0
package/dist/plugins/one-time-token/utils.mjs +12 -0
package/dist/plugins/one-time-token/utils.mjs.map +1 -0
package/dist/plugins/open-api/generator.d.mts +115 -0
package/dist/plugins/open-api/generator.mjs +315 -0
package/dist/plugins/open-api/generator.mjs.map +1 -0
package/dist/plugins/open-api/index.d.mts +45 -0
package/dist/plugins/open-api/index.mjs +67 -0
package/dist/plugins/open-api/index.mjs.map +1 -0
package/dist/plugins/open-api/logo.mjs +15 -0
package/dist/plugins/open-api/logo.mjs.map +1 -0
package/dist/plugins/organization/access/index.d.mts +2 -0
package/dist/plugins/organization/access/index.mjs +3 -0
package/dist/plugins/organization/access/statement.d.mts +249 -0
package/dist/plugins/organization/access/statement.mjs +81 -0
package/dist/plugins/organization/access/statement.mjs.map +1 -0
package/dist/plugins/organization/adapter.d.mts +205 -0
package/dist/plugins/organization/adapter.mjs +624 -0
package/dist/plugins/organization/adapter.mjs.map +1 -0
package/dist/plugins/organization/call.mjs +19 -0
package/dist/plugins/organization/call.mjs.map +1 -0
package/dist/plugins/organization/client.d.mts +151 -0
package/dist/plugins/organization/client.mjs +107 -0
package/dist/plugins/organization/client.mjs.map +1 -0
package/dist/plugins/organization/error-codes.d.mts +5 -0
package/dist/plugins/organization/error-codes.mjs +65 -0
package/dist/plugins/organization/error-codes.mjs.map +1 -0
package/dist/plugins/organization/has-permission.mjs +35 -0
package/dist/plugins/organization/has-permission.mjs.map +1 -0
package/dist/plugins/organization/index.d.mts +5 -0
package/dist/plugins/organization/index.mjs +4 -0
package/dist/plugins/organization/organization.d.mts +252 -0
package/dist/plugins/organization/organization.mjs +428 -0
package/dist/plugins/organization/organization.mjs.map +1 -0
package/dist/plugins/organization/permission.d.mts +26 -0
package/dist/plugins/organization/permission.mjs +16 -0
package/dist/plugins/organization/permission.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-access-control.d.mts +11 -0
package/dist/plugins/organization/routes/crud-access-control.mjs +656 -0
package/dist/plugins/organization/routes/crud-access-control.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-invites.d.mts +16 -0
package/dist/plugins/organization/routes/crud-invites.mjs +555 -0
package/dist/plugins/organization/routes/crud-invites.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-members.d.mts +13 -0
package/dist/plugins/organization/routes/crud-members.mjs +473 -0
package/dist/plugins/organization/routes/crud-members.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-org.d.mts +13 -0
package/dist/plugins/organization/routes/crud-org.mjs +447 -0
package/dist/plugins/organization/routes/crud-org.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-team.d.mts +15 -0
package/dist/plugins/organization/routes/crud-team.mjs +676 -0
package/dist/plugins/organization/routes/crud-team.mjs.map +1 -0
package/dist/plugins/organization/schema.d.mts +376 -0
package/dist/plugins/organization/schema.mjs +68 -0
package/dist/plugins/organization/schema.mjs.map +1 -0
package/dist/plugins/organization/types.d.mts +733 -0
package/dist/plugins/phone-number/client.d.mts +8 -0
package/dist/plugins/phone-number/client.mjs +20 -0
package/dist/plugins/phone-number/client.mjs.map +1 -0
package/dist/plugins/phone-number/error-codes.d.mts +5 -0
package/dist/plugins/phone-number/error-codes.mjs +21 -0
package/dist/plugins/phone-number/error-codes.mjs.map +1 -0
package/dist/plugins/phone-number/index.d.mts +14 -0
package/dist/plugins/phone-number/index.mjs +49 -0
package/dist/plugins/phone-number/index.mjs.map +1 -0
package/dist/plugins/phone-number/routes.mjs +459 -0
package/dist/plugins/phone-number/routes.mjs.map +1 -0
package/dist/plugins/phone-number/schema.d.mts +5 -0
package/dist/plugins/phone-number/schema.mjs +20 -0
package/dist/plugins/phone-number/schema.mjs.map +1 -0
package/dist/plugins/phone-number/types.d.mts +118 -0
package/dist/plugins/siwe/client.d.mts +5 -0
package/dist/plugins/siwe/client.mjs +11 -0
package/dist/plugins/siwe/client.mjs.map +1 -0
package/dist/plugins/siwe/error-codes.mjs +13 -0
package/dist/plugins/siwe/error-codes.mjs.map +1 -0
package/dist/plugins/siwe/index.d.mts +26 -0
package/dist/plugins/siwe/index.mjs +261 -0
package/dist/plugins/siwe/index.mjs.map +1 -0
package/dist/plugins/siwe/schema.d.mts +5 -0
package/dist/plugins/siwe/schema.mjs +32 -0
package/dist/plugins/siwe/schema.mjs.map +1 -0
package/dist/plugins/siwe/types.d.mts +44 -0
package/dist/plugins/two-factor/backup-codes/index.d.mts +91 -0
package/dist/plugins/two-factor/backup-codes/index.mjs +277 -0
package/dist/plugins/two-factor/backup-codes/index.mjs.map +1 -0
package/dist/plugins/two-factor/client.d.mts +17 -0
package/dist/plugins/two-factor/client.mjs +37 -0
package/dist/plugins/two-factor/client.mjs.map +1 -0
package/dist/plugins/two-factor/constant.mjs +8 -0
package/dist/plugins/two-factor/constant.mjs.map +1 -0
package/dist/plugins/two-factor/error-code.d.mts +5 -0
package/dist/plugins/two-factor/error-code.mjs +18 -0
package/dist/plugins/two-factor/error-code.mjs.map +1 -0
package/dist/plugins/two-factor/index.d.mts +19 -0
package/dist/plugins/two-factor/index.mjs +207 -0
package/dist/plugins/two-factor/index.mjs.map +1 -0
package/dist/plugins/two-factor/otp/index.d.mts +96 -0
package/dist/plugins/two-factor/otp/index.mjs +199 -0
package/dist/plugins/two-factor/otp/index.mjs.map +1 -0
package/dist/plugins/two-factor/schema.d.mts +5 -0
package/dist/plugins/two-factor/schema.mjs +36 -0
package/dist/plugins/two-factor/schema.mjs.map +1 -0
package/dist/plugins/two-factor/totp/index.d.mts +81 -0
package/dist/plugins/two-factor/totp/index.mjs +157 -0
package/dist/plugins/two-factor/totp/index.mjs.map +1 -0
package/dist/plugins/two-factor/types.d.mts +65 -0
package/dist/plugins/two-factor/utils.mjs +12 -0
package/dist/plugins/two-factor/utils.mjs.map +1 -0
package/dist/plugins/two-factor/verify-two-factor.mjs +76 -0
package/dist/plugins/two-factor/verify-two-factor.mjs.map +1 -0
package/dist/plugins/username/client.d.mts +7 -0
package/dist/plugins/username/client.mjs +18 -0
package/dist/plugins/username/client.mjs.map +1 -0
package/dist/plugins/username/error-codes.d.mts +5 -0
package/dist/plugins/username/error-codes.mjs +17 -0
package/dist/plugins/username/error-codes.mjs.map +1 -0
package/dist/plugins/username/index.d.mts +74 -0
package/dist/plugins/username/index.mjs +237 -0
package/dist/plugins/username/index.mjs.map +1 -0
package/dist/plugins/username/schema.d.mts +9 -0
package/dist/plugins/username/schema.mjs +26 -0
package/dist/plugins/username/schema.mjs.map +1 -0
package/dist/social-providers/index.d.mts +1 -0
package/dist/social-providers/index.mjs +3 -0
package/dist/state.d.mts +42 -0
package/dist/state.mjs +107 -0
package/dist/state.mjs.map +1 -0
package/dist/test-utils/headers.d.mts +9 -0
package/dist/test-utils/headers.mjs +24 -0
package/dist/test-utils/headers.mjs.map +1 -0
package/dist/test-utils/index.d.mts +3 -0
package/dist/test-utils/index.mjs +4 -0
package/dist/test-utils/test-instance.d.mts +181 -0
package/dist/test-utils/test-instance.mjs +210 -0
package/dist/test-utils/test-instance.mjs.map +1 -0
package/dist/types/adapter.d.mts +24 -0
package/dist/types/api.d.mts +29 -0
package/dist/types/auth.d.mts +30 -0
package/dist/types/helper.d.mts +21 -0
package/dist/types/index.d.mts +11 -0
package/dist/types/index.mjs +1 -0
package/dist/types/models.d.mts +17 -0
package/dist/types/plugins.d.mts +16 -0
package/dist/utils/boolean.mjs +8 -0
package/dist/utils/boolean.mjs.map +1 -0
package/dist/utils/constants.mjs +6 -0
package/dist/utils/constants.mjs.map +1 -0
package/dist/utils/date.mjs +8 -0
package/dist/utils/date.mjs.map +1 -0
package/dist/utils/get-request-ip.d.mts +7 -0
package/dist/utils/get-request-ip.mjs +23 -0
package/dist/utils/get-request-ip.mjs.map +1 -0
package/dist/utils/hashing.mjs +21 -0
package/dist/utils/hashing.mjs.map +1 -0
package/dist/utils/hide-metadata.d.mts +7 -0
package/dist/utils/hide-metadata.mjs +6 -0
package/dist/utils/hide-metadata.mjs.map +1 -0
package/dist/utils/index.d.mts +3 -0
package/dist/utils/index.mjs +5 -0
package/dist/utils/is-api-error.d.mts +7 -0
package/dist/utils/is-api-error.mjs +11 -0
package/dist/utils/is-api-error.mjs.map +1 -0
package/dist/utils/is-atom.mjs +8 -0
package/dist/utils/is-atom.mjs.map +1 -0
package/dist/utils/is-promise.mjs +8 -0
package/dist/utils/is-promise.mjs.map +1 -0
package/dist/utils/middleware-response.mjs +6 -0
package/dist/utils/middleware-response.mjs.map +1 -0
package/dist/utils/password.mjs +26 -0
package/dist/utils/password.mjs.map +1 -0
package/dist/utils/plugin-helper.mjs +17 -0
package/dist/utils/plugin-helper.mjs.map +1 -0
package/dist/utils/shim.mjs +24 -0
package/dist/utils/shim.mjs.map +1 -0
package/dist/utils/time.d.mts +49 -0
package/dist/utils/time.mjs +100 -0
package/dist/utils/time.mjs.map +1 -0
package/dist/utils/url.mjs +92 -0
package/dist/utils/url.mjs.map +1 -0
package/dist/utils/wildcard.mjs +108 -0
package/dist/utils/wildcard.mjs.map +1 -0
package/package.json +601 -0

package/dist/api/routes/sign-in.mjs ADDED Viewed

@@ -0,0 +1,262 @@
+import { formCsrfMiddleware } from "../middlewares/origin-check.mjs";
+import { parseUserOutput } from "../../db/schema.mjs";
+import { setSessionCookie } from "../../cookies/index.mjs";
+import { generateState } from "../../oauth2/state.mjs";
+import { handleOAuthUserInfo } from "../../oauth2/link-account.mjs";
+import { createEmailVerificationToken } from "./email-verification.mjs";
+import "../../utils/index.mjs";
+import { APIError, BASE_ERROR_CODES } from "@better-auth/core/error";
+import { SocialProviderListEnum } from "@better-auth/core/social-providers";
+import { createAuthEndpoint } from "@better-auth/core/api";
+import * as z from "zod";
+//#region src/api/routes/sign-in.ts
+const socialSignInBodySchema = z.object({
+	callbackURL: z.string().meta({ description: "Callback URL to redirect to after the user has signed in" }).optional(),
+	newUserCallbackURL: z.string().optional(),
+	errorCallbackURL: z.string().meta({ description: "Callback URL to redirect to if an error happens" }).optional(),
+	provider: SocialProviderListEnum,
+	disableRedirect: z.boolean().meta({ description: "Disable automatic redirection to the provider. Useful for handling the redirection yourself" }).optional(),
+	idToken: z.optional(z.object({
+		token: z.string().meta({ description: "ID token from the provider" }),
+		nonce: z.string().meta({ description: "Nonce used to generate the token" }).optional(),
+		accessToken: z.string().meta({ description: "Access token from the provider" }).optional(),
+		refreshToken: z.string().meta({ description: "Refresh token from the provider" }).optional(),
+		expiresAt: z.number().meta({ description: "Expiry date of the token" }).optional()
+	})),
+	scopes: z.array(z.string()).meta({ description: "Array of scopes to request from the provider. This will override the default scopes passed." }).optional(),
+	requestSignUp: z.boolean().meta({ description: "Explicitly request sign-up. Useful when disableImplicitSignUp is true for this provider" }).optional(),
+	loginHint: z.string().meta({ description: "The login hint to use for the authorization code request" }).optional(),
+	additionalData: z.record(z.string(), z.any()).optional().meta({ description: "Additional data to be passed through the OAuth flow" })
+});
+const signInSocial = () => createAuthEndpoint("/sign-in/social", {
+	method: "POST",
+	operationId: "socialSignIn",
+	body: socialSignInBodySchema,
+	metadata: {
+		$Infer: {
+			body: {},
+			returned: {}
+		},
+		openapi: {
+			description: "Sign in with a social provider",
+			operationId: "socialSignIn",
+			responses: { "200": {
+				description: "Success - Returns either session details or redirect URL",
+				content: { "application/json": { schema: {
+					type: "object",
+					description: "Session response when idToken is provided",
+					properties: {
+						token: { type: "string" },
+						user: {
+							type: "object",
+							$ref: "#/components/schemas/User"
+						},
+						url: { type: "string" },
+						redirect: {
+							type: "boolean",
+							enum: [false]
+						}
+					},
+					required: [
+						"redirect",
+						"token",
+						"user"
+					]
+				} } }
+			} }
+		}
+	}
+}, async (c) => {
+	const provider = c.context.socialProviders.find((p) => p.id === c.body.provider);
+	if (!provider) {
+		c.context.logger.error("Provider not found. Make sure to add the provider in your auth config", { provider: c.body.provider });
+		throw APIError.from("NOT_FOUND", BASE_ERROR_CODES.PROVIDER_NOT_FOUND);
+	}
+	if (c.body.idToken) {
+		if (!provider.verifyIdToken) {
+			c.context.logger.error("Provider does not support id token verification", { provider: c.body.provider });
+			throw APIError.from("NOT_FOUND", BASE_ERROR_CODES.ID_TOKEN_NOT_SUPPORTED);
+		}
+		const { token, nonce } = c.body.idToken;
+		if (!await provider.verifyIdToken(token, nonce)) {
+			c.context.logger.error("Invalid id token", { provider: c.body.provider });
+			throw APIError.from("UNAUTHORIZED", BASE_ERROR_CODES.INVALID_TOKEN);
+		}
+		const userInfo = await provider.getUserInfo({
+			idToken: token,
+			accessToken: c.body.idToken.accessToken,
+			refreshToken: c.body.idToken.refreshToken
+		});
+		if (!userInfo || !userInfo?.user) {
+			c.context.logger.error("Failed to get user info", { provider: c.body.provider });
+			throw APIError.from("UNAUTHORIZED", BASE_ERROR_CODES.FAILED_TO_GET_USER_INFO);
+		}
+		if (!userInfo.user.email) {
+			c.context.logger.error("User email not found", { provider: c.body.provider });
+			throw APIError.from("UNAUTHORIZED", BASE_ERROR_CODES.USER_EMAIL_NOT_FOUND);
+		}
+		const data = await handleOAuthUserInfo(c, {
+			userInfo: {
+				...userInfo.user,
+				email: userInfo.user.email,
+				id: String(userInfo.user.id),
+				name: userInfo.user.name || "",
+				image: userInfo.user.image,
+				emailVerified: userInfo.user.emailVerified || false
+			},
+			account: {
+				providerId: provider.id,
+				accountId: String(userInfo.user.id),
+				accessToken: c.body.idToken.accessToken
+			},
+			callbackURL: c.body.callbackURL,
+			disableSignUp: provider.disableImplicitSignUp && !c.body.requestSignUp || provider.disableSignUp
+		});
+		if (data.error) throw APIError.from("UNAUTHORIZED", {
+			message: data.error,
+			code: "OAUTH_LINK_ERROR"
+		});
+		await setSessionCookie(c, data.data);
+		return c.json({
+			redirect: false,
+			token: data.data.session.token,
+			url: void 0,
+			user: parseUserOutput(c.context.options, data.data.user)
+		});
+	}
+	const { codeVerifier, state } = await generateState(c, void 0, c.body.additionalData);
+	const url = await provider.createAuthorizationURL({
+		state,
+		codeVerifier,
+		redirectURI: `${c.context.baseURL}/callback/${provider.id}`,
+		scopes: c.body.scopes,
+		loginHint: c.body.loginHint
+	});
+	if (!c.body.disableRedirect) c.setHeader("Location", url.toString());
+	return c.json({
+		url: url.toString(),
+		redirect: !c.body.disableRedirect
+	});
+});
+const signInEmail = () => createAuthEndpoint("/sign-in/email", {
+	method: "POST",
+	operationId: "signInEmail",
+	use: [formCsrfMiddleware],
+	body: z.object({
+		email: z.string().meta({ description: "Email of the user" }),
+		password: z.string().meta({ description: "Password of the user" }),
+		callbackURL: z.string().meta({ description: "Callback URL to use as a redirect for email verification" }).optional(),
+		rememberMe: z.boolean().meta({ description: "If this is false, the session will not be remembered. Default is `true`." }).default(true).optional()
+	}),
+	metadata: {
+		allowedMediaTypes: ["application/x-www-form-urlencoded", "application/json"],
+		$Infer: {
+			body: {},
+			returned: {}
+		},
+		openapi: {
+			operationId: "signInEmail",
+			description: "Sign in with email and password",
+			responses: { "200": {
+				description: "Success - Returns either session details or redirect URL",
+				content: { "application/json": { schema: {
+					type: "object",
+					description: "Session response when idToken is provided",
+					properties: {
+						redirect: {
+							type: "boolean",
+							enum: [false]
+						},
+						token: {
+							type: "string",
+							description: "Session token"
+						},
+						url: {
+							type: "string",
+							nullable: true
+						},
+						user: {
+							type: "object",
+							$ref: "#/components/schemas/User"
+						}
+					},
+					required: [
+						"redirect",
+						"token",
+						"user"
+					]
+				} } }
+			} }
+		}
+	}
+}, async (ctx) => {
+	if (!ctx.context.options?.emailAndPassword?.enabled) {
+		ctx.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!");
+		throw APIError.from("BAD_REQUEST", {
+			code: "EMAIL_PASSWORD_DISABLED",
+			message: "Email and password is not enabled"
+		});
+	}
+	const { email, password } = ctx.body;
+	if (!z.email().safeParse(email).success) throw APIError.from("BAD_REQUEST", BASE_ERROR_CODES.INVALID_EMAIL);
+	const user = await ctx.context.internalAdapter.findUserByEmail(email, { includeAccounts: true });
+	if (!user) {
+		await ctx.context.password.hash(password);
+		ctx.context.logger.error("User not found", { email });
+		throw APIError.from("UNAUTHORIZED", BASE_ERROR_CODES.INVALID_EMAIL_OR_PASSWORD);
+	}
+	const credentialAccount = user.accounts.find((a) => a.providerId === "credential");
+	if (!credentialAccount) {
+		await ctx.context.password.hash(password);
+		ctx.context.logger.error("Credential account not found", { email });
+		throw APIError.from("UNAUTHORIZED", BASE_ERROR_CODES.INVALID_EMAIL_OR_PASSWORD);
+	}
+	const currentPassword = credentialAccount?.password;
+	if (!currentPassword) {
+		await ctx.context.password.hash(password);
+		ctx.context.logger.error("Password not found", { email });
+		throw APIError.from("UNAUTHORIZED", BASE_ERROR_CODES.INVALID_EMAIL_OR_PASSWORD);
+	}
+	if (!await ctx.context.password.verify({
+		hash: currentPassword,
+		password
+	})) {
+		ctx.context.logger.error("Invalid password");
+		throw APIError.from("UNAUTHORIZED", BASE_ERROR_CODES.INVALID_EMAIL_OR_PASSWORD);
+	}
+	if (ctx.context.options?.emailAndPassword?.requireEmailVerification && !user.user.emailVerified) {
+		if (!ctx.context.options?.emailVerification?.sendVerificationEmail) throw APIError.from("FORBIDDEN", BASE_ERROR_CODES.EMAIL_NOT_VERIFIED);
+		if (ctx.context.options?.emailVerification?.sendOnSignIn) {
+			const token = await createEmailVerificationToken(ctx.context.secret, user.user.email, void 0, ctx.context.options.emailVerification?.expiresIn);
+			const callbackURL = ctx.body.callbackURL ? encodeURIComponent(ctx.body.callbackURL) : encodeURIComponent("/");
+			const url = `${ctx.context.baseURL}/verify-email?token=${token}&callbackURL=${callbackURL}`;
+			await ctx.context.runInBackgroundOrAwait(ctx.context.options.emailVerification.sendVerificationEmail({
+				user: user.user,
+				url,
+				token
+			}, ctx.request));
+		}
+		throw APIError.from("FORBIDDEN", BASE_ERROR_CODES.EMAIL_NOT_VERIFIED);
+	}
+	const session = await ctx.context.internalAdapter.createSession(user.user.id, ctx.body.rememberMe === false);
+	if (!session) {
+		ctx.context.logger.error("Failed to create session");
+		throw APIError.from("UNAUTHORIZED", BASE_ERROR_CODES.FAILED_TO_CREATE_SESSION);
+	}
+	await setSessionCookie(ctx, {
+		session,
+		user: user.user
+	}, ctx.body.rememberMe === false);
+	if (ctx.body.callbackURL) ctx.setHeader("Location", ctx.body.callbackURL);
+	return ctx.json({
+		redirect: !!ctx.body.callbackURL,
+		token: session.token,
+		url: ctx.body.callbackURL,
+		user: parseUserOutput(ctx.context.options, user.user)
+	});
+});
+//#endregion
+export { signInEmail, signInSocial };
+//# sourceMappingURL=sign-in.mjs.map

package/dist/api/routes/sign-in.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sign-in.mjs","names":[],"sources":["../../../src/api/routes/sign-in.ts"],"sourcesContent":["import type { BetterAuthOptions } from \"@better-auth/core\";\nimport { createAuthEndpoint } from \"@better-auth/core/api\";\nimport { APIError, BASE_ERROR_CODES } from \"@better-auth/core/error\";\nimport { SocialProviderListEnum } from \"@better-auth/core/social-providers\";\nimport * as z from \"zod\";\nimport { setSessionCookie } from \"../../cookies\";\nimport { parseUserOutput } from \"../../db/schema\";\nimport { handleOAuthUserInfo } from \"../../oauth2/link-account\";\nimport type { InferUser } from \"../../types\";\nimport { generateState } from \"../../utils\";\nimport { formCsrfMiddleware } from \"../middlewares/origin-check\";\nimport { createEmailVerificationToken } from \"./email-verification\";\n\nconst socialSignInBodySchema = z.object({\n\t/**\n\t * Callback URL to redirect to after the user\n\t * has signed in.\n\t */\n\tcallbackURL: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription: \"Callback URL to redirect to after the user has signed in\",\n\t\t})\n\t\t.optional(),\n\t/**\n\t * callback url to redirect if the user is newly registered.\n\t *\n\t * useful if you have different routes for existing users and new users\n\t */\n\tnewUserCallbackURL: z.string().optional(),\n\t/**\n\t * Callback url to redirect to if an error happens\n\t *\n\t * If it's initiated from the client sdk this defaults to\n\t * the current url.\n\t */\n\terrorCallbackURL: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription: \"Callback URL to redirect to if an error happens\",\n\t\t})\n\t\t.optional(),\n\t/**\n\t * OAuth2 provider to use`\n\t */\n\tprovider: SocialProviderListEnum,\n\t/**\n\t * Disable automatic redirection to the provider\n\t *\n\t * This is useful if you want to handle the redirection\n\t * yourself like in a popup or a different tab.\n\t */\n\tdisableRedirect: z\n\t\t.boolean()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t\"Disable automatic redirection to the provider. Useful for handling the redirection yourself\",\n\t\t})\n\t\t.optional(),\n\t/**\n\t * ID token from the provider\n\t *\n\t * This is used to sign in the user\n\t * if the user is already signed in with the\n\t * provider in the frontend.\n\t *\n\t * Only applicable if the provider supports\n\t * it. Currently only `apple` and `google` is\n\t * supported out of the box.\n\t */\n\tidToken: z.optional(\n\t\tz.object({\n\t\t\t/**\n\t\t\t * ID token from the provider\n\t\t\t */\n\t\t\ttoken: z.string().meta({\n\t\t\t\tdescription: \"ID token from the provider\",\n\t\t\t}),\n\t\t\t/**\n\t\t\t * The nonce used to generate the token\n\t\t\t */\n\t\t\tnonce: z\n\t\t\t\t.string()\n\t\t\t\t.meta({\n\t\t\t\t\tdescription: \"Nonce used to generate the token\",\n\t\t\t\t})\n\t\t\t\t.optional(),\n\t\t\t/**\n\t\t\t * Access token from the provider\n\t\t\t */\n\t\t\taccessToken: z\n\t\t\t\t.string()\n\t\t\t\t.meta({\n\t\t\t\t\tdescription: \"Access token from the provider\",\n\t\t\t\t})\n\t\t\t\t.optional(),\n\t\t\t/**\n\t\t\t * Refresh token from the provider\n\t\t\t */\n\t\t\trefreshToken: z\n\t\t\t\t.string()\n\t\t\t\t.meta({\n\t\t\t\t\tdescription: \"Refresh token from the provider\",\n\t\t\t\t})\n\t\t\t\t.optional(),\n\t\t\t/**\n\t\t\t * Expiry date of the token\n\t\t\t */\n\t\t\texpiresAt: z\n\t\t\t\t.number()\n\t\t\t\t.meta({\n\t\t\t\t\tdescription: \"Expiry date of the token\",\n\t\t\t\t})\n\t\t\t\t.optional(),\n\t\t}),\n\t),\n\tscopes: z\n\t\t.array(z.string())\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t\"Array of scopes to request from the provider. This will override the default scopes passed.\",\n\t\t})\n\t\t.optional(),\n\t/**\n\t * Explicitly request sign-up\n\t *\n\t * Should be used to allow sign up when\n\t * disableImplicitSignUp for this provider is\n\t * true\n\t */\n\trequestSignUp: z\n\t\t.boolean()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t\"Explicitly request sign-up. Useful when disableImplicitSignUp is true for this provider\",\n\t\t})\n\t\t.optional(),\n\t/**\n\t * The login hint to use for the authorization code request\n\t */\n\tloginHint: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription: \"The login hint to use for the authorization code request\",\n\t\t})\n\t\t.optional(),\n\t/**\n\t * Additional data to be passed through the OAuth flow\n\t */\n\tadditionalData: z.record(z.string(), z.any()).optional().meta({\n\t\tdescription: \"Additional data to be passed through the OAuth flow\",\n\t}),\n});\n\nexport const signInSocial = <O extends BetterAuthOptions>() =>\n\tcreateAuthEndpoint(\n\t\t\"/sign-in/social\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\toperationId: \"socialSignIn\",\n\t\t\tbody: socialSignInBodySchema,\n\t\t\tmetadata: {\n\t\t\t\t$Infer: {\n\t\t\t\t\tbody: {} as z.infer<typeof socialSignInBodySchema>,\n\t\t\t\t\treturned: {} as {\n\t\t\t\t\t\tredirect: boolean;\n\t\t\t\t\t\ttoken?: string | undefined;\n\t\t\t\t\t\turl?: string | undefined;\n\t\t\t\t\t\tuser?: InferUser<O> | undefined;\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"Sign in with a social provider\",\n\t\t\t\t\toperationId: \"socialSignIn\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\"Success - Returns either session details or redirect URL\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\t// todo: we need support for multiple schema\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tdescription: \"Session response when idToken is provided\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\ttoken: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tuser: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t\t$ref: \"#/components/schemas/User\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\turl: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tredirect: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"boolean\",\n\t\t\t\t\t\t\t\t\t\t\t\tenum: [false],\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trequired: [\"redirect\", \"token\", \"user\"],\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (\n\t\t\tc,\n\t\t): Promise<\n\t\t\t| { redirect: boolean; url: string }\n\t\t\t| { redirect: boolean; token: string; url: undefined; user: InferUser<O> }\n\t\t> => {\n\t\t\tconst provider = c.context.socialProviders.find(\n\t\t\t\t(p) => p.id === c.body.provider,\n\t\t\t);\n\t\t\tif (!provider) {\n\t\t\t\tc.context.logger.error(\n\t\t\t\t\t\"Provider not found. Make sure to add the provider in your auth config\",\n\t\t\t\t\t{\n\t\t\t\t\t\tprovider: c.body.provider,\n\t\t\t\t\t},\n\t\t\t\t);\n\t\t\t\tthrow APIError.from(\"NOT_FOUND\", BASE_ERROR_CODES.PROVIDER_NOT_FOUND);\n\t\t\t}\n\n\t\t\tif (c.body.idToken) {\n\t\t\t\tif (!provider.verifyIdToken) {\n\t\t\t\t\tc.context.logger.error(\n\t\t\t\t\t\t\"Provider does not support id token verification\",\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tprovider: c.body.provider,\n\t\t\t\t\t\t},\n\t\t\t\t\t);\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"NOT_FOUND\",\n\t\t\t\t\t\tBASE_ERROR_CODES.ID_TOKEN_NOT_SUPPORTED,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\tconst { token, nonce } = c.body.idToken;\n\t\t\t\tconst valid = await provider.verifyIdToken(token, nonce);\n\t\t\t\tif (!valid) {\n\t\t\t\t\tc.context.logger.error(\"Invalid id token\", {\n\t\t\t\t\t\tprovider: c.body.provider,\n\t\t\t\t\t});\n\t\t\t\t\tthrow APIError.from(\"UNAUTHORIZED\", BASE_ERROR_CODES.INVALID_TOKEN);\n\t\t\t\t}\n\t\t\t\tconst userInfo = await provider.getUserInfo({\n\t\t\t\t\tidToken: token,\n\t\t\t\t\taccessToken: c.body.idToken.accessToken,\n\t\t\t\t\trefreshToken: c.body.idToken.refreshToken,\n\t\t\t\t});\n\t\t\t\tif (!userInfo || !userInfo?.user) {\n\t\t\t\t\tc.context.logger.error(\"Failed to get user info\", {\n\t\t\t\t\t\tprovider: c.body.provider,\n\t\t\t\t\t});\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"UNAUTHORIZED\",\n\t\t\t\t\t\tBASE_ERROR_CODES.FAILED_TO_GET_USER_INFO,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\tif (!userInfo.user.email) {\n\t\t\t\t\tc.context.logger.error(\"User email not found\", {\n\t\t\t\t\t\tprovider: c.body.provider,\n\t\t\t\t\t});\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"UNAUTHORIZED\",\n\t\t\t\t\t\tBASE_ERROR_CODES.USER_EMAIL_NOT_FOUND,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\tconst data = await handleOAuthUserInfo(c, {\n\t\t\t\t\tuserInfo: {\n\t\t\t\t\t\t...userInfo.user,\n\t\t\t\t\t\temail: userInfo.user.email,\n\t\t\t\t\t\tid: String(userInfo.user.id),\n\t\t\t\t\t\tname: userInfo.user.name || \"\",\n\t\t\t\t\t\timage: userInfo.user.image,\n\t\t\t\t\t\temailVerified: userInfo.user.emailVerified || false,\n\t\t\t\t\t},\n\t\t\t\t\taccount: {\n\t\t\t\t\t\tproviderId: provider.id,\n\t\t\t\t\t\taccountId: String(userInfo.user.id),\n\t\t\t\t\t\taccessToken: c.body.idToken.accessToken,\n\t\t\t\t\t},\n\t\t\t\t\tcallbackURL: c.body.callbackURL,\n\t\t\t\t\tdisableSignUp:\n\t\t\t\t\t\t(provider.disableImplicitSignUp && !c.body.requestSignUp) ||\n\t\t\t\t\t\tprovider.disableSignUp,\n\t\t\t\t});\n\t\t\t\tif (data.error) {\n\t\t\t\t\tthrow APIError.from(\"UNAUTHORIZED\", {\n\t\t\t\t\t\tmessage: data.error,\n\t\t\t\t\t\tcode: \"OAUTH_LINK_ERROR\",\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t\tawait setSessionCookie(c, data.data!);\n\t\t\t\treturn c.json({\n\t\t\t\t\tredirect: false,\n\t\t\t\t\ttoken: data.data!.session.token,\n\t\t\t\t\turl: undefined,\n\t\t\t\t\tuser: parseUserOutput(\n\t\t\t\t\t\tc.context.options,\n\t\t\t\t\t\tdata.data!.user,\n\t\t\t\t\t) as InferUser<O>,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst { codeVerifier, state } = await generateState(\n\t\t\t\tc,\n\t\t\t\tundefined,\n\t\t\t\tc.body.additionalData,\n\t\t\t);\n\t\t\tconst url = await provider.createAuthorizationURL({\n\t\t\t\tstate,\n\t\t\t\tcodeVerifier,\n\t\t\t\tredirectURI: `${c.context.baseURL}/callback/${provider.id}`,\n\t\t\t\tscopes: c.body.scopes,\n\t\t\t\tloginHint: c.body.loginHint,\n\t\t\t});\n\n\t\t\tif (!c.body.disableRedirect) {\n\t\t\t\tc.setHeader(\"Location\", url.toString());\n\t\t\t}\n\n\t\t\treturn c.json({\n\t\t\t\turl: url.toString(),\n\t\t\t\tredirect: !c.body.disableRedirect,\n\t\t\t});\n\t\t},\n\t);\n\nexport const signInEmail = <O extends BetterAuthOptions>() =>\n\tcreateAuthEndpoint(\n\t\t\"/sign-in/email\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\toperationId: \"signInEmail\",\n\t\t\tuse: [formCsrfMiddleware],\n\t\t\tbody: z.object({\n\t\t\t\t/**\n\t\t\t\t * Email of the user\n\t\t\t\t */\n\t\t\t\temail: z.string().meta({\n\t\t\t\t\tdescription: \"Email of the user\",\n\t\t\t\t}),\n\t\t\t\t/**\n\t\t\t\t * Password of the user\n\t\t\t\t */\n\t\t\t\tpassword: z.string().meta({\n\t\t\t\t\tdescription: \"Password of the user\",\n\t\t\t\t}),\n\t\t\t\t/**\n\t\t\t\t * Callback URL to use as a redirect for email\n\t\t\t\t * verification and for possible redirects\n\t\t\t\t */\n\t\t\t\tcallbackURL: z\n\t\t\t\t\t.string()\n\t\t\t\t\t.meta({\n\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\"Callback URL to use as a redirect for email verification\",\n\t\t\t\t\t})\n\t\t\t\t\t.optional(),\n\t\t\t\t/**\n\t\t\t\t * If this is false, the session will not be remembered\n\t\t\t\t * @default true\n\t\t\t\t */\n\t\t\t\trememberMe: z\n\t\t\t\t\t.boolean()\n\t\t\t\t\t.meta({\n\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\"If this is false, the session will not be remembered. Default is `true`.\",\n\t\t\t\t\t})\n\t\t\t\t\t.default(true)\n\t\t\t\t\t.optional(),\n\t\t\t}),\n\t\t\tmetadata: {\n\t\t\t\tallowedMediaTypes: [\n\t\t\t\t\t\"application/x-www-form-urlencoded\",\n\t\t\t\t\t\"application/json\",\n\t\t\t\t],\n\t\t\t\t$Infer: {\n\t\t\t\t\tbody: {} as {\n\t\t\t\t\t\temail: string;\n\t\t\t\t\t\tpassword: string;\n\t\t\t\t\t\tcallbackURL?: string | undefined;\n\t\t\t\t\t\trememberMe?: boolean | undefined;\n\t\t\t\t\t},\n\t\t\t\t\treturned: {} as {\n\t\t\t\t\t\tredirect: boolean;\n\t\t\t\t\t\ttoken: string;\n\t\t\t\t\t\turl?: string | undefined;\n\t\t\t\t\t\tuser: InferUser<O>;\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\topenapi: {\n\t\t\t\t\toperationId: \"signInEmail\",\n\t\t\t\t\tdescription: \"Sign in with email and password\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\"Success - Returns either session details or redirect URL\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\t// todo: we need support for multiple schema\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tdescription: \"Session response when idToken is provided\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tredirect: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"boolean\",\n\t\t\t\t\t\t\t\t\t\t\t\tenum: [false],\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\ttoken: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Session token\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\turl: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tuser: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t\t$ref: \"#/components/schemas/User\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trequired: [\"redirect\", \"token\", \"user\"],\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (\n\t\t\tctx,\n\t\t): Promise<{\n\t\t\tredirect: boolean;\n\t\t\ttoken: string;\n\t\t\turl?: string | undefined;\n\t\t\tuser: InferUser<O>;\n\t\t}> => {\n\t\t\tif (!ctx.context.options?.emailAndPassword?.enabled) {\n\t\t\t\tctx.context.logger.error(\n\t\t\t\t\t\"Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!\",\n\t\t\t\t);\n\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", {\n\t\t\t\t\tcode: \"EMAIL_PASSWORD_DISABLED\",\n\t\t\t\t\tmessage: \"Email and password is not enabled\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst { email, password } = ctx.body;\n\t\t\tconst isValidEmail = z.email().safeParse(email);\n\t\t\tif (!isValidEmail.success) {\n\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", BASE_ERROR_CODES.INVALID_EMAIL);\n\t\t\t}\n\t\t\tconst user = await ctx.context.internalAdapter.findUserByEmail(email, {\n\t\t\t\tincludeAccounts: true,\n\t\t\t});\n\n\t\t\tif (!user) {\n\t\t\t\t// Hash password to prevent timing attacks from revealing valid email addresses\n\t\t\t\t// By hashing passwords for invalid emails, we ensure consistent response times\n\t\t\t\tawait ctx.context.password.hash(password);\n\t\t\t\tctx.context.logger.error(\"User not found\", { email });\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"UNAUTHORIZED\",\n\t\t\t\t\tBASE_ERROR_CODES.INVALID_EMAIL_OR_PASSWORD,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst credentialAccount = user.accounts.find(\n\t\t\t\t(a) => a.providerId === \"credential\",\n\t\t\t);\n\t\t\tif (!credentialAccount) {\n\t\t\t\tawait ctx.context.password.hash(password);\n\t\t\t\tctx.context.logger.error(\"Credential account not found\", { email });\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"UNAUTHORIZED\",\n\t\t\t\t\tBASE_ERROR_CODES.INVALID_EMAIL_OR_PASSWORD,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst currentPassword = credentialAccount?.password;\n\t\t\tif (!currentPassword) {\n\t\t\t\tawait ctx.context.password.hash(password);\n\t\t\t\tctx.context.logger.error(\"Password not found\", { email });\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"UNAUTHORIZED\",\n\t\t\t\t\tBASE_ERROR_CODES.INVALID_EMAIL_OR_PASSWORD,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst validPassword = await ctx.context.password.verify({\n\t\t\t\thash: currentPassword,\n\t\t\t\tpassword,\n\t\t\t});\n\t\t\tif (!validPassword) {\n\t\t\t\tctx.context.logger.error(\"Invalid password\");\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"UNAUTHORIZED\",\n\t\t\t\t\tBASE_ERROR_CODES.INVALID_EMAIL_OR_PASSWORD,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tif (\n\t\t\t\tctx.context.options?.emailAndPassword?.requireEmailVerification &&\n\t\t\t\t!user.user.emailVerified\n\t\t\t) {\n\t\t\t\tif (!ctx.context.options?.emailVerification?.sendVerificationEmail) {\n\t\t\t\t\tthrow APIError.from(\"FORBIDDEN\", BASE_ERROR_CODES.EMAIL_NOT_VERIFIED);\n\t\t\t\t}\n\n\t\t\t\tif (ctx.context.options?.emailVerification?.sendOnSignIn) {\n\t\t\t\t\tconst token = await createEmailVerificationToken(\n\t\t\t\t\t\tctx.context.secret,\n\t\t\t\t\t\tuser.user.email,\n\t\t\t\t\t\tundefined,\n\t\t\t\t\t\tctx.context.options.emailVerification?.expiresIn,\n\t\t\t\t\t);\n\t\t\t\t\tconst callbackURL = ctx.body.callbackURL\n\t\t\t\t\t\t? encodeURIComponent(ctx.body.callbackURL)\n\t\t\t\t\t\t: encodeURIComponent(\"/\");\n\t\t\t\t\tconst url = `${ctx.context.baseURL}/verify-email?token=${token}&callbackURL=${callbackURL}`;\n\t\t\t\t\tawait ctx.context.runInBackgroundOrAwait(\n\t\t\t\t\t\tctx.context.options.emailVerification.sendVerificationEmail(\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\tuser: user.user,\n\t\t\t\t\t\t\t\turl,\n\t\t\t\t\t\t\t\ttoken,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tctx.request,\n\t\t\t\t\t\t),\n\t\t\t\t\t);\n\t\t\t\t}\n\n\t\t\t\tthrow APIError.from(\"FORBIDDEN\", BASE_ERROR_CODES.EMAIL_NOT_VERIFIED);\n\t\t\t}\n\n\t\t\tconst session = await ctx.context.internalAdapter.createSession(\n\t\t\t\tuser.user.id,\n\t\t\t\tctx.body.rememberMe === false,\n\t\t\t);\n\n\t\t\tif (!session) {\n\t\t\t\tctx.context.logger.error(\"Failed to create session\");\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"UNAUTHORIZED\",\n\t\t\t\t\tBASE_ERROR_CODES.FAILED_TO_CREATE_SESSION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tawait setSessionCookie(\n\t\t\t\tctx,\n\t\t\t\t{\n\t\t\t\t\tsession,\n\t\t\t\t\tuser: user.user,\n\t\t\t\t},\n\t\t\t\tctx.body.rememberMe === false,\n\t\t\t);\n\n\t\t\tif (ctx.body.callbackURL) {\n\t\t\t\tctx.setHeader(\"Location\", ctx.body.callbackURL);\n\t\t\t}\n\n\t\t\treturn ctx.json({\n\t\t\t\tredirect: !!ctx.body.callbackURL,\n\t\t\t\ttoken: session.token,\n\t\t\t\turl: ctx.body.callbackURL,\n\t\t\t\tuser: parseUserOutput(ctx.context.options, user.user) as InferUser<O>,\n\t\t\t});\n\t\t},\n\t);\n"],"mappings":";;;;;;;;;;;;;AAaA,MAAM,yBAAyB,EAAE,OAAO;CAKvC,aAAa,EACX,QAAQ,CACR,KAAK,EACL,aAAa,4DACb,CAAC,CACD,UAAU;CAMZ,oBAAoB,EAAE,QAAQ,CAAC,UAAU;CAOzC,kBAAkB,EAChB,QAAQ,CACR,KAAK,EACL,aAAa,mDACb,CAAC,CACD,UAAU;CAIZ,UAAU;CAOV,iBAAiB,EACf,SAAS,CACT,KAAK,EACL,aACC,+FACD,CAAC,CACD,UAAU;CAYZ,SAAS,EAAE,SACV,EAAE,OAAO;EAIR,OAAO,EAAE,QAAQ,CAAC,KAAK,EACtB,aAAa,8BACb,CAAC;EAIF,OAAO,EACL,QAAQ,CACR,KAAK,EACL,aAAa,oCACb,CAAC,CACD,UAAU;EAIZ,aAAa,EACX,QAAQ,CACR,KAAK,EACL,aAAa,kCACb,CAAC,CACD,UAAU;EAIZ,cAAc,EACZ,QAAQ,CACR,KAAK,EACL,aAAa,mCACb,CAAC,CACD,UAAU;EAIZ,WAAW,EACT,QAAQ,CACR,KAAK,EACL,aAAa,4BACb,CAAC,CACD,UAAU;EACZ,CAAC,CACF;CACD,QAAQ,EACN,MAAM,EAAE,QAAQ,CAAC,CACjB,KAAK,EACL,aACC,+FACD,CAAC,CACD,UAAU;CAQZ,eAAe,EACb,SAAS,CACT,KAAK,EACL,aACC,2FACD,CAAC,CACD,UAAU;CAIZ,WAAW,EACT,QAAQ,CACR,KAAK,EACL,aAAa,4DACb,CAAC,CACD,UAAU;CAIZ,gBAAgB,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC,UAAU,CAAC,KAAK,EAC7D,aAAa,uDACb,CAAC;CACF,CAAC;AAEF,MAAa,qBACZ,mBACC,mBACA;CACC,QAAQ;CACR,aAAa;CACb,MAAM;CACN,UAAU;EACT,QAAQ;GACP,MAAM,EAAE;GACR,UAAU,EAAE;GAMZ;EACD,SAAS;GACR,aAAa;GACb,aAAa;GACb,WAAW,EACV,OAAO;IACN,aACC;IACD,SAAS,EACR,oBAAoB,EACnB,QAAQ;KAEP,MAAM;KACN,aAAa;KACb,YAAY;MACX,OAAO,EACN,MAAM,UACN;MACD,MAAM;OACL,MAAM;OACN,MAAM;OACN;MACD,KAAK,EACJ,MAAM,UACN;MACD,UAAU;OACT,MAAM;OACN,MAAM,CAAC,MAAM;OACb;MACD;KACD,UAAU;MAAC;MAAY;MAAS;MAAO;KACvC,EACD,EACD;IACD,EACD;GACD;EACD;CACD,EACD,OACC,MAII;CACJ,MAAM,WAAW,EAAE,QAAQ,gBAAgB,MACzC,MAAM,EAAE,OAAO,EAAE,KAAK,SACvB;AACD,KAAI,CAAC,UAAU;AACd,IAAE,QAAQ,OAAO,MAChB,yEACA,EACC,UAAU,EAAE,KAAK,UACjB,CACD;AACD,QAAM,SAAS,KAAK,aAAa,iBAAiB,mBAAmB;;AAGtE,KAAI,EAAE,KAAK,SAAS;AACnB,MAAI,CAAC,SAAS,eAAe;AAC5B,KAAE,QAAQ,OAAO,MAChB,mDACA,EACC,UAAU,EAAE,KAAK,UACjB,CACD;AACD,SAAM,SAAS,KACd,aACA,iBAAiB,uBACjB;;EAEF,MAAM,EAAE,OAAO,UAAU,EAAE,KAAK;AAEhC,MAAI,CADU,MAAM,SAAS,cAAc,OAAO,MAAM,EAC5C;AACX,KAAE,QAAQ,OAAO,MAAM,oBAAoB,EAC1C,UAAU,EAAE,KAAK,UACjB,CAAC;AACF,SAAM,SAAS,KAAK,gBAAgB,iBAAiB,cAAc;;EAEpE,MAAM,WAAW,MAAM,SAAS,YAAY;GAC3C,SAAS;GACT,aAAa,EAAE,KAAK,QAAQ;GAC5B,cAAc,EAAE,KAAK,QAAQ;GAC7B,CAAC;AACF,MAAI,CAAC,YAAY,CAAC,UAAU,MAAM;AACjC,KAAE,QAAQ,OAAO,MAAM,2BAA2B,EACjD,UAAU,EAAE,KAAK,UACjB,CAAC;AACF,SAAM,SAAS,KACd,gBACA,iBAAiB,wBACjB;;AAEF,MAAI,CAAC,SAAS,KAAK,OAAO;AACzB,KAAE,QAAQ,OAAO,MAAM,wBAAwB,EAC9C,UAAU,EAAE,KAAK,UACjB,CAAC;AACF,SAAM,SAAS,KACd,gBACA,iBAAiB,qBACjB;;EAEF,MAAM,OAAO,MAAM,oBAAoB,GAAG;GACzC,UAAU;IACT,GAAG,SAAS;IACZ,OAAO,SAAS,KAAK;IACrB,IAAI,OAAO,SAAS,KAAK,GAAG;IAC5B,MAAM,SAAS,KAAK,QAAQ;IAC5B,OAAO,SAAS,KAAK;IACrB,eAAe,SAAS,KAAK,iBAAiB;IAC9C;GACD,SAAS;IACR,YAAY,SAAS;IACrB,WAAW,OAAO,SAAS,KAAK,GAAG;IACnC,aAAa,EAAE,KAAK,QAAQ;IAC5B;GACD,aAAa,EAAE,KAAK;GACpB,eACE,SAAS,yBAAyB,CAAC,EAAE,KAAK,iBAC3C,SAAS;GACV,CAAC;AACF,MAAI,KAAK,MACR,OAAM,SAAS,KAAK,gBAAgB;GACnC,SAAS,KAAK;GACd,MAAM;GACN,CAAC;AAEH,QAAM,iBAAiB,GAAG,KAAK,KAAM;AACrC,SAAO,EAAE,KAAK;GACb,UAAU;GACV,OAAO,KAAK,KAAM,QAAQ;GAC1B,KAAK;GACL,MAAM,gBACL,EAAE,QAAQ,SACV,KAAK,KAAM,KACX;GACD,CAAC;;CAGH,MAAM,EAAE,cAAc,UAAU,MAAM,cACrC,GACA,QACA,EAAE,KAAK,eACP;CACD,MAAM,MAAM,MAAM,SAAS,uBAAuB;EACjD;EACA;EACA,aAAa,GAAG,EAAE,QAAQ,QAAQ,YAAY,SAAS;EACvD,QAAQ,EAAE,KAAK;EACf,WAAW,EAAE,KAAK;EAClB,CAAC;AAEF,KAAI,CAAC,EAAE,KAAK,gBACX,GAAE,UAAU,YAAY,IAAI,UAAU,CAAC;AAGxC,QAAO,EAAE,KAAK;EACb,KAAK,IAAI,UAAU;EACnB,UAAU,CAAC,EAAE,KAAK;EAClB,CAAC;EAEH;AAEF,MAAa,oBACZ,mBACC,kBACA;CACC,QAAQ;CACR,aAAa;CACb,KAAK,CAAC,mBAAmB;CACzB,MAAM,EAAE,OAAO;EAId,OAAO,EAAE,QAAQ,CAAC,KAAK,EACtB,aAAa,qBACb,CAAC;EAIF,UAAU,EAAE,QAAQ,CAAC,KAAK,EACzB,aAAa,wBACb,CAAC;EAKF,aAAa,EACX,QAAQ,CACR,KAAK,EACL,aACC,4DACD,CAAC,CACD,UAAU;EAKZ,YAAY,EACV,SAAS,CACT,KAAK,EACL,aACC,4EACD,CAAC,CACD,QAAQ,KAAK,CACb,UAAU;EACZ,CAAC;CACF,UAAU;EACT,mBAAmB,CAClB,qCACA,mBACA;EACD,QAAQ;GACP,MAAM,EAAE;GAMR,UAAU,EAAE;GAMZ;EACD,SAAS;GACR,aAAa;GACb,aAAa;GACb,WAAW,EACV,OAAO;IACN,aACC;IACD,SAAS,EACR,oBAAoB,EACnB,QAAQ;KAEP,MAAM;KACN,aAAa;KACb,YAAY;MACX,UAAU;OACT,MAAM;OACN,MAAM,CAAC,MAAM;OACb;MACD,OAAO;OACN,MAAM;OACN,aAAa;OACb;MACD,KAAK;OACJ,MAAM;OACN,UAAU;OACV;MACD,MAAM;OACL,MAAM;OACN,MAAM;OACN;MACD;KACD,UAAU;MAAC;MAAY;MAAS;MAAO;KACvC,EACD,EACD;IACD,EACD;GACD;EACD;CACD,EACD,OACC,QAMK;AACL,KAAI,CAAC,IAAI,QAAQ,SAAS,kBAAkB,SAAS;AACpD,MAAI,QAAQ,OAAO,MAClB,+KACA;AACD,QAAM,SAAS,KAAK,eAAe;GAClC,MAAM;GACN,SAAS;GACT,CAAC;;CAEH,MAAM,EAAE,OAAO,aAAa,IAAI;AAEhC,KAAI,CADiB,EAAE,OAAO,CAAC,UAAU,MAAM,CAC7B,QACjB,OAAM,SAAS,KAAK,eAAe,iBAAiB,cAAc;CAEnE,MAAM,OAAO,MAAM,IAAI,QAAQ,gBAAgB,gBAAgB,OAAO,EACrE,iBAAiB,MACjB,CAAC;AAEF,KAAI,CAAC,MAAM;AAGV,QAAM,IAAI,QAAQ,SAAS,KAAK,SAAS;AACzC,MAAI,QAAQ,OAAO,MAAM,kBAAkB,EAAE,OAAO,CAAC;AACrD,QAAM,SAAS,KACd,gBACA,iBAAiB,0BACjB;;CAGF,MAAM,oBAAoB,KAAK,SAAS,MACtC,MAAM,EAAE,eAAe,aACxB;AACD,KAAI,CAAC,mBAAmB;AACvB,QAAM,IAAI,QAAQ,SAAS,KAAK,SAAS;AACzC,MAAI,QAAQ,OAAO,MAAM,gCAAgC,EAAE,OAAO,CAAC;AACnE,QAAM,SAAS,KACd,gBACA,iBAAiB,0BACjB;;CAEF,MAAM,kBAAkB,mBAAmB;AAC3C,KAAI,CAAC,iBAAiB;AACrB,QAAM,IAAI,QAAQ,SAAS,KAAK,SAAS;AACzC,MAAI,QAAQ,OAAO,MAAM,sBAAsB,EAAE,OAAO,CAAC;AACzD,QAAM,SAAS,KACd,gBACA,iBAAiB,0BACjB;;AAMF,KAAI,CAJkB,MAAM,IAAI,QAAQ,SAAS,OAAO;EACvD,MAAM;EACN;EACA,CAAC,EACkB;AACnB,MAAI,QAAQ,OAAO,MAAM,mBAAmB;AAC5C,QAAM,SAAS,KACd,gBACA,iBAAiB,0BACjB;;AAGF,KACC,IAAI,QAAQ,SAAS,kBAAkB,4BACvC,CAAC,KAAK,KAAK,eACV;AACD,MAAI,CAAC,IAAI,QAAQ,SAAS,mBAAmB,sBAC5C,OAAM,SAAS,KAAK,aAAa,iBAAiB,mBAAmB;AAGtE,MAAI,IAAI,QAAQ,SAAS,mBAAmB,cAAc;GACzD,MAAM,QAAQ,MAAM,6BACnB,IAAI,QAAQ,QACZ,KAAK,KAAK,OACV,QACA,IAAI,QAAQ,QAAQ,mBAAmB,UACvC;GACD,MAAM,cAAc,IAAI,KAAK,cAC1B,mBAAmB,IAAI,KAAK,YAAY,GACxC,mBAAmB,IAAI;GAC1B,MAAM,MAAM,GAAG,IAAI,QAAQ,QAAQ,sBAAsB,MAAM,eAAe;AAC9E,SAAM,IAAI,QAAQ,uBACjB,IAAI,QAAQ,QAAQ,kBAAkB,sBACrC;IACC,MAAM,KAAK;IACX;IACA;IACA,EACD,IAAI,QACJ,CACD;;AAGF,QAAM,SAAS,KAAK,aAAa,iBAAiB,mBAAmB;;CAGtE,MAAM,UAAU,MAAM,IAAI,QAAQ,gBAAgB,cACjD,KAAK,KAAK,IACV,IAAI,KAAK,eAAe,MACxB;AAED,KAAI,CAAC,SAAS;AACb,MAAI,QAAQ,OAAO,MAAM,2BAA2B;AACpD,QAAM,SAAS,KACd,gBACA,iBAAiB,yBACjB;;AAGF,OAAM,iBACL,KACA;EACC;EACA,MAAM,KAAK;EACX,EACD,IAAI,KAAK,eAAe,MACxB;AAED,KAAI,IAAI,KAAK,YACZ,KAAI,UAAU,YAAY,IAAI,KAAK,YAAY;AAGhD,QAAO,IAAI,KAAK;EACf,UAAU,CAAC,CAAC,IAAI,KAAK;EACrB,OAAO,QAAQ;EACf,KAAK,IAAI,KAAK;EACd,MAAM,gBAAgB,IAAI,QAAQ,SAAS,KAAK,KAAK;EACrD,CAAC;EAEH"}

package/dist/api/routes/sign-out.d.mts ADDED Viewed

@@ -0,0 +1,5 @@
+//#region src/api/routes/sign-out.d.ts
+declare const signOut: any;
+//#endregion
+export { signOut };
+//# sourceMappingURL=sign-out.d.mts.map

package/dist/api/routes/sign-out.mjs ADDED Viewed

@@ -0,0 +1,33 @@
+import { deleteSessionCookie } from "../../cookies/index.mjs";
+import { createAuthEndpoint } from "@better-auth/core/api";
+//#region src/api/routes/sign-out.ts
+const signOut = createAuthEndpoint("/sign-out", {
+	method: "POST",
+	operationId: "signOut",
+	requireHeaders: true,
+	metadata: { openapi: {
+		operationId: "signOut",
+		description: "Sign out the current user",
+		responses: { "200": {
+			description: "Success",
+			content: { "application/json": { schema: {
+				type: "object",
+				properties: { success: { type: "boolean" } }
+			} } }
+		} }
+	} }
+}, async (ctx) => {
+	const sessionCookieToken = await ctx.getSignedCookie(ctx.context.authCookies.sessionToken.name, ctx.context.secret);
+	if (sessionCookieToken) try {
+		await ctx.context.internalAdapter.deleteSession(sessionCookieToken);
+	} catch (e) {
+		ctx.context.logger.error("Failed to delete session from database", e);
+	}
+	deleteSessionCookie(ctx);
+	return ctx.json({ success: true });
+});
+//#endregion
+export { signOut };
+//# sourceMappingURL=sign-out.mjs.map

package/dist/api/routes/sign-out.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sign-out.mjs","names":[],"sources":["../../../src/api/routes/sign-out.ts"],"sourcesContent":["import { createAuthEndpoint } from \"@better-auth/core/api\";\nimport { deleteSessionCookie } from \"../../cookies\";\n\nexport const signOut = createAuthEndpoint(\n\t\"/sign-out\",\n\t{\n\t\tmethod: \"POST\",\n\t\toperationId: \"signOut\",\n\t\trequireHeaders: true,\n\t\tmetadata: {\n\t\t\topenapi: {\n\t\t\t\toperationId: \"signOut\",\n\t\t\t\tdescription: \"Sign out the current user\",\n\t\t\t\tresponses: {\n\t\t\t\t\t\"200\": {\n\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\tsuccess: {\n\t\t\t\t\t\t\t\t\t\t\ttype: \"boolean\",\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t},\n\tasync (ctx) => {\n\t\tconst sessionCookieToken = await ctx.getSignedCookie(\n\t\t\tctx.context.authCookies.sessionToken.name,\n\t\t\tctx.context.secret,\n\t\t);\n\t\tif (sessionCookieToken) {\n\t\t\ttry {\n\t\t\t\tawait ctx.context.internalAdapter.deleteSession(sessionCookieToken);\n\t\t\t} catch (e) {\n\t\t\t\tctx.context.logger.error(\"Failed to delete session from database\", e);\n\t\t\t}\n\t\t}\n\t\tdeleteSessionCookie(ctx);\n\t\treturn ctx.json({\n\t\t\tsuccess: true,\n\t\t});\n\t},\n);\n"],"mappings":";;;;AAGA,MAAa,UAAU,mBACtB,aACA;CACC,QAAQ;CACR,aAAa;CACb,gBAAgB;CAChB,UAAU,EACT,SAAS;EACR,aAAa;EACb,aAAa;EACb,WAAW,EACV,OAAO;GACN,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY,EACX,SAAS,EACR,MAAM,WACN,EACD;IACD,EACD,EACD;GACD,EACD;EACD,EACD;CACD,EACD,OAAO,QAAQ;CACd,MAAM,qBAAqB,MAAM,IAAI,gBACpC,IAAI,QAAQ,YAAY,aAAa,MACrC,IAAI,QAAQ,OACZ;AACD,KAAI,mBACH,KAAI;AACH,QAAM,IAAI,QAAQ,gBAAgB,cAAc,mBAAmB;UAC3D,GAAG;AACX,MAAI,QAAQ,OAAO,MAAM,0CAA0C,EAAE;;AAGvE,qBAAoB,IAAI;AACxB,QAAO,IAAI,KAAK,EACf,SAAS,MACT,CAAC;EAEH"}

package/dist/api/routes/sign-up.d.mts ADDED Viewed

@@ -0,0 +1,7 @@
+import { BetterAuthOptions } from "@better-auth/core";
+//#region src/api/routes/sign-up.d.ts
+declare const signUpEmail: <O extends BetterAuthOptions>() => any;
+//#endregion
+export { signUpEmail };
+//# sourceMappingURL=sign-up.d.mts.map

package/dist/api/routes/sign-up.mjs ADDED Viewed

@@ -0,0 +1,227 @@
+import { isAPIError } from "../../utils/is-api-error.mjs";
+import { formCsrfMiddleware } from "../middlewares/origin-check.mjs";
+import { parseUserInput, parseUserOutput } from "../../db/schema.mjs";
+import { setSessionCookie } from "../../cookies/index.mjs";
+import "../../db/index.mjs";
+import { createEmailVerificationToken } from "./email-verification.mjs";
+import { runWithTransaction } from "@better-auth/core/context";
+import { isDevelopment } from "@better-auth/core/env";
+import { APIError, BASE_ERROR_CODES } from "@better-auth/core/error";
+import { createAuthEndpoint } from "@better-auth/core/api";
+import * as z from "zod";
+//#region src/api/routes/sign-up.ts
+const signUpEmailBodySchema = z.object({
+	name: z.string(),
+	email: z.email(),
+	password: z.string().nonempty(),
+	image: z.string().optional(),
+	callbackURL: z.string().optional(),
+	rememberMe: z.boolean().optional()
+}).and(z.record(z.string(), z.any()));
+const signUpEmail = () => createAuthEndpoint("/sign-up/email", {
+	method: "POST",
+	operationId: "signUpWithEmailAndPassword",
+	use: [formCsrfMiddleware],
+	body: signUpEmailBodySchema,
+	metadata: {
+		allowedMediaTypes: ["application/x-www-form-urlencoded", "application/json"],
+		$Infer: {
+			body: {},
+			returned: {}
+		},
+		openapi: {
+			operationId: "signUpWithEmailAndPassword",
+			description: "Sign up a user using email and password",
+			requestBody: { content: { "application/json": { schema: {
+				type: "object",
+				properties: {
+					name: {
+						type: "string",
+						description: "The name of the user"
+					},
+					email: {
+						type: "string",
+						description: "The email of the user"
+					},
+					password: {
+						type: "string",
+						description: "The password of the user"
+					},
+					image: {
+						type: "string",
+						description: "The profile image URL of the user"
+					},
+					callbackURL: {
+						type: "string",
+						description: "The URL to use for email verification callback"
+					},
+					rememberMe: {
+						type: "boolean",
+						description: "If this is false, the session will not be remembered. Default is `true`."
+					}
+				},
+				required: [
+					"name",
+					"email",
+					"password"
+				]
+			} } } },
+			responses: {
+				"200": {
+					description: "Successfully created user",
+					content: { "application/json": { schema: {
+						type: "object",
+						properties: {
+							token: {
+								type: "string",
+								nullable: true,
+								description: "Authentication token for the session"
+							},
+							user: {
+								type: "object",
+								properties: {
+									id: {
+										type: "string",
+										description: "The unique identifier of the user"
+									},
+									email: {
+										type: "string",
+										format: "email",
+										description: "The email address of the user"
+									},
+									name: {
+										type: "string",
+										description: "The name of the user"
+									},
+									image: {
+										type: "string",
+										format: "uri",
+										nullable: true,
+										description: "The profile image URL of the user"
+									},
+									emailVerified: {
+										type: "boolean",
+										description: "Whether the email has been verified"
+									},
+									createdAt: {
+										type: "string",
+										format: "date-time",
+										description: "When the user was created"
+									},
+									updatedAt: {
+										type: "string",
+										format: "date-time",
+										description: "When the user was last updated"
+									}
+								},
+								required: [
+									"id",
+									"email",
+									"name",
+									"emailVerified",
+									"createdAt",
+									"updatedAt"
+								]
+							}
+						},
+						required: ["user"]
+					} } }
+				},
+				"422": {
+					description: "Unprocessable Entity. User already exists or failed to create user.",
+					content: { "application/json": { schema: {
+						type: "object",
+						properties: { message: { type: "string" } }
+					} } }
+				}
+			}
+		}
+	}
+}, async (ctx) => {
+	return runWithTransaction(ctx.context.adapter, async () => {
+		if (!ctx.context.options.emailAndPassword?.enabled || ctx.context.options.emailAndPassword?.disableSignUp) throw APIError.from("BAD_REQUEST", {
+			message: "Email and password sign up is not enabled",
+			code: "EMAIL_PASSWORD_SIGN_UP_DISABLED"
+		});
+		const body = ctx.body;
+		const { name, email, password, image, callbackURL: _callbackURL, rememberMe, ...rest } = body;
+		if (!z.email().safeParse(email).success) throw APIError.from("BAD_REQUEST", BASE_ERROR_CODES.INVALID_EMAIL);
+		if (!password || typeof password !== "string") throw APIError.from("BAD_REQUEST", BASE_ERROR_CODES.INVALID_PASSWORD);
+		const minPasswordLength = ctx.context.password.config.minPasswordLength;
+		if (password.length < minPasswordLength) {
+			ctx.context.logger.error("Password is too short");
+			throw APIError.from("BAD_REQUEST", BASE_ERROR_CODES.PASSWORD_TOO_SHORT);
+		}
+		const maxPasswordLength = ctx.context.password.config.maxPasswordLength;
+		if (password.length > maxPasswordLength) {
+			ctx.context.logger.error("Password is too long");
+			throw APIError.from("BAD_REQUEST", BASE_ERROR_CODES.PASSWORD_TOO_LONG);
+		}
+		if ((await ctx.context.internalAdapter.findUserByEmail(email))?.user) {
+			ctx.context.logger.info(`Sign-up attempt for existing email: ${email}`);
+			throw APIError.from("UNPROCESSABLE_ENTITY", BASE_ERROR_CODES.USER_ALREADY_EXISTS_USE_ANOTHER_EMAIL);
+		}
+		/**
+		* Hash the password
+		*
+		* This is done prior to creating the user
+		* to ensure that any plugin that
+		* may break the hashing should break
+		* before the user is created.
+		*/
+		const hash = await ctx.context.password.hash(password);
+		let createdUser;
+		try {
+			const data = parseUserInput(ctx.context.options, rest, "create");
+			createdUser = await ctx.context.internalAdapter.createUser({
+				email: email.toLowerCase(),
+				name,
+				image,
+				...data,
+				emailVerified: false
+			});
+			if (!createdUser) throw APIError.from("BAD_REQUEST", BASE_ERROR_CODES.FAILED_TO_CREATE_USER);
+		} catch (e) {
+			if (isDevelopment()) ctx.context.logger.error("Failed to create user", e);
+			if (isAPIError(e)) throw e;
+			ctx.context.logger?.error("Failed to create user", e);
+			throw APIError.from("UNPROCESSABLE_ENTITY", BASE_ERROR_CODES.FAILED_TO_CREATE_USER);
+		}
+		if (!createdUser) throw APIError.from("UNPROCESSABLE_ENTITY", BASE_ERROR_CODES.FAILED_TO_CREATE_USER);
+		await ctx.context.internalAdapter.linkAccount({
+			userId: createdUser.id,
+			providerId: "credential",
+			accountId: createdUser.id,
+			password: hash
+		});
+		if (ctx.context.options.emailVerification?.sendOnSignUp ?? ctx.context.options.emailAndPassword.requireEmailVerification) {
+			const token = await createEmailVerificationToken(ctx.context.secret, createdUser.email, void 0, ctx.context.options.emailVerification?.expiresIn);
+			const callbackURL = body.callbackURL ? encodeURIComponent(body.callbackURL) : encodeURIComponent("/");
+			const url = `${ctx.context.baseURL}/verify-email?token=${token}&callbackURL=${callbackURL}`;
+			if (ctx.context.options.emailVerification?.sendVerificationEmail) await ctx.context.runInBackgroundOrAwait(ctx.context.options.emailVerification.sendVerificationEmail({
+				user: createdUser,
+				url,
+				token
+			}, ctx.request));
+		}
+		if (ctx.context.options.emailAndPassword.autoSignIn === false || ctx.context.options.emailAndPassword.requireEmailVerification) return ctx.json({
+			token: null,
+			user: parseUserOutput(ctx.context.options, createdUser)
+		});
+		const session = await ctx.context.internalAdapter.createSession(createdUser.id, rememberMe === false);
+		if (!session) throw APIError.from("BAD_REQUEST", BASE_ERROR_CODES.FAILED_TO_CREATE_SESSION);
+		await setSessionCookie(ctx, {
+			session,
+			user: createdUser
+		}, rememberMe === false);
+		return ctx.json({
+			token: session.token,
+			user: parseUserOutput(ctx.context.options, createdUser)
+		});
+	});
+});
+//#endregion
+export { signUpEmail };
+//# sourceMappingURL=sign-up.mjs.map

package/dist/api/routes/sign-up.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sign-up.mjs","names":[],"sources":["../../../src/api/routes/sign-up.ts"],"sourcesContent":["import type { BetterAuthOptions } from \"@better-auth/core\";\nimport { createAuthEndpoint } from \"@better-auth/core/api\";\nimport { runWithTransaction } from \"@better-auth/core/context\";\nimport { isDevelopment } from \"@better-auth/core/env\";\nimport { APIError, BASE_ERROR_CODES } from \"@better-auth/core/error\";\nimport * as z from \"zod\";\nimport { setSessionCookie } from \"../../cookies\";\nimport { parseUserInput } from \"../../db\";\nimport { parseUserOutput } from \"../../db/schema\";\nimport type { AdditionalUserFieldsInput, InferUser, User } from \"../../types\";\nimport { isAPIError } from \"../../utils/is-api-error\";\nimport { formCsrfMiddleware } from \"../middlewares/origin-check\";\nimport { createEmailVerificationToken } from \"./email-verification\";\n\nconst signUpEmailBodySchema = z\n\t.object({\n\t\tname: z.string(),\n\t\temail: z.email(),\n\t\tpassword: z.string().nonempty(),\n\t\timage: z.string().optional(),\n\t\tcallbackURL: z.string().optional(),\n\t\trememberMe: z.boolean().optional(),\n\t})\n\t.and(z.record(z.string(), z.any()));\n\nexport const signUpEmail = <O extends BetterAuthOptions>() =>\n\tcreateAuthEndpoint(\n\t\t\"/sign-up/email\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\toperationId: \"signUpWithEmailAndPassword\",\n\t\t\tuse: [formCsrfMiddleware],\n\t\t\tbody: signUpEmailBodySchema,\n\t\t\tmetadata: {\n\t\t\t\tallowedMediaTypes: [\n\t\t\t\t\t\"application/x-www-form-urlencoded\",\n\t\t\t\t\t\"application/json\",\n\t\t\t\t],\n\t\t\t\t$Infer: {\n\t\t\t\t\tbody: {} as {\n\t\t\t\t\t\tname: string;\n\t\t\t\t\t\temail: string;\n\t\t\t\t\t\tpassword: string;\n\t\t\t\t\t\timage?: string | undefined;\n\t\t\t\t\t\tcallbackURL?: string | undefined;\n\t\t\t\t\t\trememberMe?: boolean | undefined;\n\t\t\t\t\t} & AdditionalUserFieldsInput<O>,\n\t\t\t\t\treturned: {} as {\n\t\t\t\t\t\ttoken: string | null;\n\t\t\t\t\t\tuser: InferUser<O>;\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\topenapi: {\n\t\t\t\t\toperationId: \"signUpWithEmailAndPassword\",\n\t\t\t\t\tdescription: \"Sign up a user using email and password\",\n\t\t\t\t\trequestBody: {\n\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\tname: {\n\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\tdescription: \"The name of the user\",\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\temail: {\n\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\tdescription: \"The email of the user\",\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tpassword: {\n\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\tdescription: \"The password of the user\",\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\timage: {\n\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\tdescription: \"The profile image URL of the user\",\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tcallbackURL: {\n\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\t\t\t\t\"The URL to use for email verification callback\",\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trememberMe: {\n\t\t\t\t\t\t\t\t\t\t\ttype: \"boolean\",\n\t\t\t\t\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\t\t\t\t\"If this is false, the session will not be remembered. Default is `true`.\",\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\trequired: [\"name\", \"email\", \"password\"],\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Successfully created user\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\ttoken: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Authentication token for the session\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tuser: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\t\t\tid: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"The unique identifier of the user\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\temail: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tformat: \"email\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"The email address of the user\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\tname: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"The name of the user\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\timage: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tformat: \"uri\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"The profile image URL of the user\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\temailVerified: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"boolean\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"Whether the email has been verified\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\tcreatedAt: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tformat: \"date-time\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"When the user was created\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\tupdatedAt: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tformat: \"date-time\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tdescription: \"When the user was last updated\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\trequired: [\n\t\t\t\t\t\t\t\t\t\t\t\t\t\"id\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\"email\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\"name\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\"emailVerified\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\"createdAt\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\"updatedAt\",\n\t\t\t\t\t\t\t\t\t\t\t\t],\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trequired: [\"user\"], // token is optional\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"422\": {\n\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\"Unprocessable Entity. User already exists or failed to create user.\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tmessage: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\treturn runWithTransaction(ctx.context.adapter, async () => {\n\t\t\t\tif (\n\t\t\t\t\t!ctx.context.options.emailAndPassword?.enabled ||\n\t\t\t\t\tctx.context.options.emailAndPassword?.disableSignUp\n\t\t\t\t) {\n\t\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", {\n\t\t\t\t\t\tmessage: \"Email and password sign up is not enabled\",\n\t\t\t\t\t\tcode: \"EMAIL_PASSWORD_SIGN_UP_DISABLED\",\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t\tconst body = ctx.body as any as User & {\n\t\t\t\t\tpassword: string;\n\t\t\t\t\tcallbackURL?: string | undefined;\n\t\t\t\t\trememberMe?: boolean | undefined;\n\t\t\t\t} & {\n\t\t\t\t\t[key: string]: any;\n\t\t\t\t};\n\t\t\t\tconst {\n\t\t\t\t\tname,\n\t\t\t\t\temail,\n\t\t\t\t\tpassword,\n\t\t\t\t\timage,\n\t\t\t\t\tcallbackURL: _callbackURL,\n\t\t\t\t\trememberMe,\n\t\t\t\t\t...rest\n\t\t\t\t} = body;\n\t\t\t\tconst isValidEmail = z.email().safeParse(email);\n\n\t\t\t\tif (!isValidEmail.success) {\n\t\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", BASE_ERROR_CODES.INVALID_EMAIL);\n\t\t\t\t}\n\n\t\t\t\tif (!password || typeof password !== \"string\") {\n\t\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", BASE_ERROR_CODES.INVALID_PASSWORD);\n\t\t\t\t}\n\n\t\t\t\tconst minPasswordLength = ctx.context.password.config.minPasswordLength;\n\t\t\t\tif (password.length < minPasswordLength) {\n\t\t\t\t\tctx.context.logger.error(\"Password is too short\");\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tBASE_ERROR_CODES.PASSWORD_TOO_SHORT,\n\t\t\t\t\t);\n\t\t\t\t}\n\n\t\t\t\tconst maxPasswordLength = ctx.context.password.config.maxPasswordLength;\n\t\t\t\tif (password.length > maxPasswordLength) {\n\t\t\t\t\tctx.context.logger.error(\"Password is too long\");\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tBASE_ERROR_CODES.PASSWORD_TOO_LONG,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\tconst dbUser = await ctx.context.internalAdapter.findUserByEmail(email);\n\t\t\t\tif (dbUser?.user) {\n\t\t\t\t\tctx.context.logger.info(\n\t\t\t\t\t\t`Sign-up attempt for existing email: ${email}`,\n\t\t\t\t\t);\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"UNPROCESSABLE_ENTITY\",\n\t\t\t\t\t\tBASE_ERROR_CODES.USER_ALREADY_EXISTS_USE_ANOTHER_EMAIL,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\t/**\n\t\t\t\t * Hash the password\n\t\t\t\t *\n\t\t\t\t * This is done prior to creating the user\n\t\t\t\t * to ensure that any plugin that\n\t\t\t\t * may break the hashing should break\n\t\t\t\t * before the user is created.\n\t\t\t\t */\n\t\t\t\tconst hash = await ctx.context.password.hash(password);\n\t\t\t\tlet createdUser: User;\n\t\t\t\ttry {\n\t\t\t\t\tconst data = parseUserInput(ctx.context.options, rest, \"create\");\n\t\t\t\t\tcreatedUser = await ctx.context.internalAdapter.createUser({\n\t\t\t\t\t\temail: email.toLowerCase(),\n\t\t\t\t\t\tname,\n\t\t\t\t\t\timage,\n\t\t\t\t\t\t...data,\n\t\t\t\t\t\temailVerified: false,\n\t\t\t\t\t});\n\t\t\t\t\tif (!createdUser) {\n\t\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\t\tBASE_ERROR_CODES.FAILED_TO_CREATE_USER,\n\t\t\t\t\t\t);\n\t\t\t\t\t}\n\t\t\t\t} catch (e) {\n\t\t\t\t\tif (isDevelopment()) {\n\t\t\t\t\t\tctx.context.logger.error(\"Failed to create user\", e);\n\t\t\t\t\t}\n\t\t\t\t\tif (isAPIError(e)) {\n\t\t\t\t\t\tthrow e;\n\t\t\t\t\t}\n\t\t\t\t\tctx.context.logger?.error(\"Failed to create user\", e);\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"UNPROCESSABLE_ENTITY\",\n\t\t\t\t\t\tBASE_ERROR_CODES.FAILED_TO_CREATE_USER,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\tif (!createdUser) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"UNPROCESSABLE_ENTITY\",\n\t\t\t\t\t\tBASE_ERROR_CODES.FAILED_TO_CREATE_USER,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\tawait ctx.context.internalAdapter.linkAccount({\n\t\t\t\t\tuserId: createdUser.id,\n\t\t\t\t\tproviderId: \"credential\",\n\t\t\t\t\taccountId: createdUser.id,\n\t\t\t\t\tpassword: hash,\n\t\t\t\t});\n\t\t\t\tconst shouldSendVerificationEmail =\n\t\t\t\t\tctx.context.options.emailVerification?.sendOnSignUp ??\n\t\t\t\t\tctx.context.options.emailAndPassword.requireEmailVerification;\n\t\t\t\tif (shouldSendVerificationEmail) {\n\t\t\t\t\tconst token = await createEmailVerificationToken(\n\t\t\t\t\t\tctx.context.secret,\n\t\t\t\t\t\tcreatedUser.email,\n\t\t\t\t\t\tundefined,\n\t\t\t\t\t\tctx.context.options.emailVerification?.expiresIn,\n\t\t\t\t\t);\n\t\t\t\t\tconst callbackURL = body.callbackURL\n\t\t\t\t\t\t? encodeURIComponent(body.callbackURL)\n\t\t\t\t\t\t: encodeURIComponent(\"/\");\n\t\t\t\t\tconst url = `${ctx.context.baseURL}/verify-email?token=${token}&callbackURL=${callbackURL}`;\n\n\t\t\t\t\tif (ctx.context.options.emailVerification?.sendVerificationEmail) {\n\t\t\t\t\t\tawait ctx.context.runInBackgroundOrAwait(\n\t\t\t\t\t\t\tctx.context.options.emailVerification.sendVerificationEmail(\n\t\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\t\tuser: createdUser,\n\t\t\t\t\t\t\t\t\turl,\n\t\t\t\t\t\t\t\t\ttoken,\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tctx.request,\n\t\t\t\t\t\t\t),\n\t\t\t\t\t\t);\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tif (\n\t\t\t\t\tctx.context.options.emailAndPassword.autoSignIn === false ||\n\t\t\t\t\tctx.context.options.emailAndPassword.requireEmailVerification\n\t\t\t\t) {\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\ttoken: null,\n\t\t\t\t\t\tuser: parseUserOutput(\n\t\t\t\t\t\t\tctx.context.options,\n\t\t\t\t\t\t\tcreatedUser,\n\t\t\t\t\t\t) as InferUser<O>,\n\t\t\t\t\t});\n\t\t\t\t}\n\n\t\t\t\tconst session = await ctx.context.internalAdapter.createSession(\n\t\t\t\t\tcreatedUser.id,\n\t\t\t\t\trememberMe === false,\n\t\t\t\t);\n\t\t\t\tif (!session) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tBASE_ERROR_CODES.FAILED_TO_CREATE_SESSION,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\tawait setSessionCookie(\n\t\t\t\t\tctx,\n\t\t\t\t\t{\n\t\t\t\t\t\tsession,\n\t\t\t\t\t\tuser: createdUser,\n\t\t\t\t\t},\n\t\t\t\t\trememberMe === false,\n\t\t\t\t);\n\t\t\t\treturn ctx.json({\n\t\t\t\t\ttoken: session.token,\n\t\t\t\t\tuser: parseUserOutput(\n\t\t\t\t\t\tctx.context.options,\n\t\t\t\t\t\tcreatedUser,\n\t\t\t\t\t) as InferUser<O>,\n\t\t\t\t});\n\t\t\t});\n\t\t},\n\t);\n"],"mappings":";;;;;;;;;;;;;AAcA,MAAM,wBAAwB,EAC5B,OAAO;CACP,MAAM,EAAE,QAAQ;CAChB,OAAO,EAAE,OAAO;CAChB,UAAU,EAAE,QAAQ,CAAC,UAAU;CAC/B,OAAO,EAAE,QAAQ,CAAC,UAAU;CAC5B,aAAa,EAAE,QAAQ,CAAC,UAAU;CAClC,YAAY,EAAE,SAAS,CAAC,UAAU;CAClC,CAAC,CACD,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC;AAEpC,MAAa,oBACZ,mBACC,kBACA;CACC,QAAQ;CACR,aAAa;CACb,KAAK,CAAC,mBAAmB;CACzB,MAAM;CACN,UAAU;EACT,mBAAmB,CAClB,qCACA,mBACA;EACD,QAAQ;GACP,MAAM,EAAE;GAQR,UAAU,EAAE;GAIZ;EACD,SAAS;GACR,aAAa;GACb,aAAa;GACb,aAAa,EACZ,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY;KACX,MAAM;MACL,MAAM;MACN,aAAa;MACb;KACD,OAAO;MACN,MAAM;MACN,aAAa;MACb;KACD,UAAU;MACT,MAAM;MACN,aAAa;MACb;KACD,OAAO;MACN,MAAM;MACN,aAAa;MACb;KACD,aAAa;MACZ,MAAM;MACN,aACC;MACD;KACD,YAAY;MACX,MAAM;MACN,aACC;MACD;KACD;IACD,UAAU;KAAC;KAAQ;KAAS;KAAW;IACvC,EACD,EACD,EACD;GACD,WAAW;IACV,OAAO;KACN,aAAa;KACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;MACP,MAAM;MACN,YAAY;OACX,OAAO;QACN,MAAM;QACN,UAAU;QACV,aAAa;QACb;OACD,MAAM;QACL,MAAM;QACN,YAAY;SACX,IAAI;UACH,MAAM;UACN,aAAa;UACb;SACD,OAAO;UACN,MAAM;UACN,QAAQ;UACR,aAAa;UACb;SACD,MAAM;UACL,MAAM;UACN,aAAa;UACb;SACD,OAAO;UACN,MAAM;UACN,QAAQ;UACR,UAAU;UACV,aAAa;UACb;SACD,eAAe;UACd,MAAM;UACN,aAAa;UACb;SACD,WAAW;UACV,MAAM;UACN,QAAQ;UACR,aAAa;UACb;SACD,WAAW;UACV,MAAM;UACN,QAAQ;UACR,aAAa;UACb;SACD;QACD,UAAU;SACT;SACA;SACA;SACA;SACA;SACA;SACA;QACD;OACD;MACD,UAAU,CAAC,OAAO;MAClB,EACD,EACD;KACD;IACD,OAAO;KACN,aACC;KACD,SAAS,EACR,oBAAoB,EACnB,QAAQ;MACP,MAAM;MACN,YAAY,EACX,SAAS,EACR,MAAM,UACN,EACD;MACD,EACD,EACD;KACD;IACD;GACD;EACD;CACD,EACD,OAAO,QAAQ;AACd,QAAO,mBAAmB,IAAI,QAAQ,SAAS,YAAY;AAC1D,MACC,CAAC,IAAI,QAAQ,QAAQ,kBAAkB,WACvC,IAAI,QAAQ,QAAQ,kBAAkB,cAEtC,OAAM,SAAS,KAAK,eAAe;GAClC,SAAS;GACT,MAAM;GACN,CAAC;EAEH,MAAM,OAAO,IAAI;EAOjB,MAAM,EACL,MACA,OACA,UACA,OACA,aAAa,cACb,YACA,GAAG,SACA;AAGJ,MAAI,CAFiB,EAAE,OAAO,CAAC,UAAU,MAAM,CAE7B,QACjB,OAAM,SAAS,KAAK,eAAe,iBAAiB,cAAc;AAGnE,MAAI,CAAC,YAAY,OAAO,aAAa,SACpC,OAAM,SAAS,KAAK,eAAe,iBAAiB,iBAAiB;EAGtE,MAAM,oBAAoB,IAAI,QAAQ,SAAS,OAAO;AACtD,MAAI,SAAS,SAAS,mBAAmB;AACxC,OAAI,QAAQ,OAAO,MAAM,wBAAwB;AACjD,SAAM,SAAS,KACd,eACA,iBAAiB,mBACjB;;EAGF,MAAM,oBAAoB,IAAI,QAAQ,SAAS,OAAO;AACtD,MAAI,SAAS,SAAS,mBAAmB;AACxC,OAAI,QAAQ,OAAO,MAAM,uBAAuB;AAChD,SAAM,SAAS,KACd,eACA,iBAAiB,kBACjB;;AAGF,OADe,MAAM,IAAI,QAAQ,gBAAgB,gBAAgB,MAAM,GAC3D,MAAM;AACjB,OAAI,QAAQ,OAAO,KAClB,uCAAuC,QACvC;AACD,SAAM,SAAS,KACd,wBACA,iBAAiB,sCACjB;;;;;;;;;;EAUF,MAAM,OAAO,MAAM,IAAI,QAAQ,SAAS,KAAK,SAAS;EACtD,IAAI;AACJ,MAAI;GACH,MAAM,OAAO,eAAe,IAAI,QAAQ,SAAS,MAAM,SAAS;AAChE,iBAAc,MAAM,IAAI,QAAQ,gBAAgB,WAAW;IAC1D,OAAO,MAAM,aAAa;IAC1B;IACA;IACA,GAAG;IACH,eAAe;IACf,CAAC;AACF,OAAI,CAAC,YACJ,OAAM,SAAS,KACd,eACA,iBAAiB,sBACjB;WAEM,GAAG;AACX,OAAI,eAAe,CAClB,KAAI,QAAQ,OAAO,MAAM,yBAAyB,EAAE;AAErD,OAAI,WAAW,EAAE,CAChB,OAAM;AAEP,OAAI,QAAQ,QAAQ,MAAM,yBAAyB,EAAE;AACrD,SAAM,SAAS,KACd,wBACA,iBAAiB,sBACjB;;AAEF,MAAI,CAAC,YACJ,OAAM,SAAS,KACd,wBACA,iBAAiB,sBACjB;AAEF,QAAM,IAAI,QAAQ,gBAAgB,YAAY;GAC7C,QAAQ,YAAY;GACpB,YAAY;GACZ,WAAW,YAAY;GACvB,UAAU;GACV,CAAC;AAIF,MAFC,IAAI,QAAQ,QAAQ,mBAAmB,gBACvC,IAAI,QAAQ,QAAQ,iBAAiB,0BACL;GAChC,MAAM,QAAQ,MAAM,6BACnB,IAAI,QAAQ,QACZ,YAAY,OACZ,QACA,IAAI,QAAQ,QAAQ,mBAAmB,UACvC;GACD,MAAM,cAAc,KAAK,cACtB,mBAAmB,KAAK,YAAY,GACpC,mBAAmB,IAAI;GAC1B,MAAM,MAAM,GAAG,IAAI,QAAQ,QAAQ,sBAAsB,MAAM,eAAe;AAE9E,OAAI,IAAI,QAAQ,QAAQ,mBAAmB,sBAC1C,OAAM,IAAI,QAAQ,uBACjB,IAAI,QAAQ,QAAQ,kBAAkB,sBACrC;IACC,MAAM;IACN;IACA;IACA,EACD,IAAI,QACJ,CACD;;AAIH,MACC,IAAI,QAAQ,QAAQ,iBAAiB,eAAe,SACpD,IAAI,QAAQ,QAAQ,iBAAiB,yBAErC,QAAO,IAAI,KAAK;GACf,OAAO;GACP,MAAM,gBACL,IAAI,QAAQ,SACZ,YACA;GACD,CAAC;EAGH,MAAM,UAAU,MAAM,IAAI,QAAQ,gBAAgB,cACjD,YAAY,IACZ,eAAe,MACf;AACD,MAAI,CAAC,QACJ,OAAM,SAAS,KACd,eACA,iBAAiB,yBACjB;AAEF,QAAM,iBACL,KACA;GACC;GACA,MAAM;GACN,EACD,eAAe,MACf;AACD,SAAO,IAAI,KAAK;GACf,OAAO,QAAQ;GACf,MAAM,gBACL,IAAI,QAAQ,SACZ,YACA;GACD,CAAC;GACD;EAEH"}

package/dist/api/routes/update-user.d.mts ADDED Viewed

@@ -0,0 +1,12 @@
+import { BetterAuthOptions } from "@better-auth/core";
+//#region src/api/routes/update-user.d.ts
+declare const updateUser: <O extends BetterAuthOptions>() => any;
+declare const changePassword: any;
+declare const setPassword: any;
+declare const deleteUser: any;
+declare const deleteUserCallback: any;
+declare const changeEmail: any;
+//#endregion
+export { changeEmail, changePassword, deleteUser, deleteUserCallback, setPassword, updateUser };
+//# sourceMappingURL=update-user.d.mts.map