@kuckit/auth 2.0.2 → 2.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/index.js +6 -1
  2. package/dist/index.js.map +1 -1
  3. package/package.json +2 -2
package/dist/index.js CHANGED
@@ -25,12 +25,17 @@ import * as schema from "@kuckit/db/schema/auth";
25
25
  */
26
26
  function createAuth({ db, config = {} }) {
27
27
  const isProduction = process.env.NODE_ENV === "production";
28
+ const trustedOrigins = config.trustedOrigins ?? (process.env.CORS_ORIGIN ? [process.env.CORS_ORIGIN] : void 0) ?? ((request) => {
29
+ const origin = request?.headers.get("origin");
30
+ if (origin && origin.endsWith(".run.app")) return [origin];
31
+ return [];
32
+ });
28
33
  return betterAuth({
29
34
  database: drizzleAdapter(db, {
30
35
  provider: "pg",
31
36
  schema
32
37
  }),
33
- trustedOrigins: config.trustedOrigins ?? [process.env.CORS_ORIGIN || ""],
38
+ trustedOrigins,
34
39
  emailAndPassword: { enabled: true },
35
40
  advanced: { defaultCookieAttributes: {
36
41
  sameSite: isProduction ? "none" : "lax",
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","names":[],"sources":["../src/index.ts"],"sourcesContent":["import { betterAuth, type BetterAuthOptions } from 'better-auth'\nimport { drizzleAdapter } from 'better-auth/adapters/drizzle'\nimport * as schema from '@kuckit/db/schema/auth'\nimport type { AuthConfig } from './config'\n\n/**\n * Auth instance type (inferred from betterAuth)\n */\nexport type Auth = ReturnType<typeof betterAuth>\n\n/**\n * Database type accepted by createAuth\n * This matches the Drizzle database type from @kuckit/db\n */\nexport type AuthDbClient = Parameters<typeof drizzleAdapter>[0]\n\nexport interface CreateAuthOptions {\n\t/** Drizzle database instance */\n\tdb: AuthDbClient\n\t/** Auth configuration */\n\tconfig?: AuthConfig\n}\n\n/**\n * Create a Better-Auth instance\n *\n * This is a factory function that creates the auth instance at runtime,\n * avoiding module-level side effects.\n *\n * @param options - Database and configuration options\n * @returns Better-Auth instance\n *\n * @example\n * ```ts\n * const auth = createAuth({\n * db,\n * config: {\n * trustedOrigins: ['http://localhost:5173'],\n * },\n * })\n * ```\n */\nexport function createAuth({ db, config = {} }: CreateAuthOptions): Auth {\n\tconst isProduction = process.env.NODE_ENV === 'production'\n\n\treturn betterAuth<BetterAuthOptions>({\n\t\tdatabase: drizzleAdapter(db, {\n\t\t\tprovider: 'pg',\n\t\t\tschema: schema,\n\t\t}),\n\t\ttrustedOrigins: config.trustedOrigins ?? [process.env.CORS_ORIGIN || ''],\n\t\temailAndPassword: {\n\t\t\tenabled: true,\n\t\t},\n\t\tadvanced: {\n\t\t\tdefaultCookieAttributes: {\n\t\t\t\tsameSite: isProduction ? 'none' : 'lax',\n\t\t\t\tsecure: isProduction,\n\t\t\t\thttpOnly: true,\n\t\t\t},\n\t\t},\n\t})\n}\n\n// Re-export config types\nexport type { AuthConfig } from './config'\nexport { defineAuthConfig, getCookieAttributes } from './config'\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AA0CA,SAAgB,WAAW,EAAE,IAAI,SAAS,EAAE,IAA6B;CACxE,MAAM,eAAe,QAAQ,IAAI,aAAa;AAE9C,QAAO,WAA8B;EACpC,UAAU,eAAe,IAAI;GAC5B,UAAU;GACF;GACR,CAAC;EACF,gBAAgB,OAAO,kBAAkB,CAAC,QAAQ,IAAI,eAAe,GAAG;EACxE,kBAAkB,EACjB,SAAS,MACT;EACD,UAAU,EACT,yBAAyB;GACxB,UAAU,eAAe,SAAS;GAClC,QAAQ;GACR,UAAU;GACV,EACD;EACD,CAAC"}
1
+ {"version":3,"file":"index.js","names":["trustedOrigins: string[] | ((request?: Request) => string[])"],"sources":["../src/index.ts"],"sourcesContent":["import { betterAuth, type BetterAuthOptions } from 'better-auth'\nimport { drizzleAdapter } from 'better-auth/adapters/drizzle'\nimport * as schema from '@kuckit/db/schema/auth'\nimport type { AuthConfig } from './config'\n\n/**\n * Auth instance type (inferred from betterAuth)\n */\nexport type Auth = ReturnType<typeof betterAuth>\n\n/**\n * Database type accepted by createAuth\n * This matches the Drizzle database type from @kuckit/db\n */\nexport type AuthDbClient = Parameters<typeof drizzleAdapter>[0]\n\nexport interface CreateAuthOptions {\n\t/** Drizzle database instance */\n\tdb: AuthDbClient\n\t/** Auth configuration */\n\tconfig?: AuthConfig\n}\n\n/**\n * Create a Better-Auth instance\n *\n * This is a factory function that creates the auth instance at runtime,\n * avoiding module-level side effects.\n *\n * @param options - Database and configuration options\n * @returns Better-Auth instance\n *\n * @example\n * ```ts\n * const auth = createAuth({\n * db,\n * config: {\n * trustedOrigins: ['http://localhost:5173'],\n * },\n * })\n * ```\n */\nexport function createAuth({ db, config = {} }: CreateAuthOptions): Auth {\n\tconst isProduction = process.env.NODE_ENV === 'production'\n\n\t// Build trusted origins - use explicit config, env var, or dynamic check for Cloud Run\n\tconst configuredOrigins =\n\t\tconfig.trustedOrigins ?? (process.env.CORS_ORIGIN ? [process.env.CORS_ORIGIN] : undefined)\n\n\t// If no origins configured, use a function to dynamically allow Cloud Run domains\n\tconst trustedOrigins: string[] | ((request?: Request) => string[]) =\n\t\tconfiguredOrigins ??\n\t\t((request?: Request) => {\n\t\t\tconst origin = request?.headers.get('origin')\n\t\t\t// Allow Cloud Run auto-generated domains\n\t\t\tif (origin && origin.endsWith('.run.app')) {\n\t\t\t\treturn [origin]\n\t\t\t}\n\t\t\treturn []\n\t\t})\n\n\treturn betterAuth<BetterAuthOptions>({\n\t\tdatabase: drizzleAdapter(db, {\n\t\t\tprovider: 'pg',\n\t\t\tschema: schema,\n\t\t}),\n\t\ttrustedOrigins,\n\t\temailAndPassword: {\n\t\t\tenabled: true,\n\t\t},\n\t\tadvanced: {\n\t\t\tdefaultCookieAttributes: {\n\t\t\t\tsameSite: isProduction ? 'none' : 'lax',\n\t\t\t\tsecure: isProduction,\n\t\t\t\thttpOnly: true,\n\t\t\t},\n\t\t},\n\t})\n}\n\n// Re-export config types\nexport type { AuthConfig } from './config'\nexport { defineAuthConfig, getCookieAttributes } from './config'\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AA0CA,SAAgB,WAAW,EAAE,IAAI,SAAS,EAAE,IAA6B;CACxE,MAAM,eAAe,QAAQ,IAAI,aAAa;CAO9C,MAAMA,iBAHL,OAAO,mBAAmB,QAAQ,IAAI,cAAc,CAAC,QAAQ,IAAI,YAAY,GAAG,aAK9E,YAAsB;EACvB,MAAM,SAAS,SAAS,QAAQ,IAAI,SAAS;AAE7C,MAAI,UAAU,OAAO,SAAS,WAAW,CACxC,QAAO,CAAC,OAAO;AAEhB,SAAO,EAAE;;AAGX,QAAO,WAA8B;EACpC,UAAU,eAAe,IAAI;GAC5B,UAAU;GACF;GACR,CAAC;EACF;EACA,kBAAkB,EACjB,SAAS,MACT;EACD,UAAU,EACT,yBAAyB;GACxB,UAAU,eAAe,SAAS;GAClC,QAAQ;GACR,UAAU;GACV,EACD;EACD,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@kuckit/auth",
3
- "version": "2.0.2",
3
+ "version": "2.0.5",
4
4
  "type": "module",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
@@ -35,6 +35,6 @@
35
35
  "better-auth": "^1.3.28",
36
36
  "dotenv": "^17.2.2",
37
37
  "zod": "^4.1.11",
38
- "@kuckit/db": "^2.0.2"
38
+ "@kuckit/db": "^2.0.5"
39
39
  }
40
40
  }