@lenne.tech/nest-server 11.6.0 → 11.6.2

package/dist/core/modules/better-auth/better-auth-user.mapper.js

@@ -0,0 +1,159 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var BetterAuthUserMapper_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BetterAuthUserMapper = void 0;
+const common_1 = require("@nestjs/common");
+const mongoose_1 = require("@nestjs/mongoose");
+const mongoose_2 = require("mongoose");
+const role_enum_1 = require("../../common/enums/role.enum");
+let BetterAuthUserMapper = BetterAuthUserMapper_1 = class BetterAuthUserMapper {
+    constructor(connection) {
+        this.connection = connection;
+        this.logger = new common_1.Logger(BetterAuthUserMapper_1.name);
+    }
+    async mapSessionUser(sessionUser) {
+        if (!sessionUser?.id || !sessionUser?.email) {
+            return null;
+        }
+        if (!this.connection) {
+            this.logger.warn('No database connection available - using default role mapping');
+            return this.createMappedUser({
+                email: sessionUser.email,
+                emailVerified: sessionUser.emailVerified,
+                iamId: sessionUser.id,
+                id: sessionUser.id,
+                image: sessionUser.image,
+                name: sessionUser.name,
+                roles: [],
+                verified: sessionUser.emailVerified,
+            });
+        }
+        try {
+            const userCollection = this.connection.collection('users');
+            const dbUser = await userCollection.findOne({
+                $or: [{ email: sessionUser.email }, { iamId: sessionUser.id }],
+            });
+            if (dbUser) {
+                const roles = Array.isArray(dbUser.roles) ? dbUser.roles : [];
+                const verified = dbUser.verified === true || sessionUser.emailVerified === true;
+                return this.createMappedUser({
+                    email: sessionUser.email,
+                    emailVerified: sessionUser.emailVerified,
+                    iamId: sessionUser.id,
+                    id: dbUser._id.toString(),
+                    image: sessionUser.image,
+                    name: sessionUser.name,
+                    roles,
+                    verified,
+                });
+            }
+            this.logger.debug(`Better-Auth user ${sessionUser.email} not found in users collection`);
+            return this.createMappedUser({
+                email: sessionUser.email,
+                emailVerified: sessionUser.emailVerified,
+                iamId: sessionUser.id,
+                id: sessionUser.id,
+                image: sessionUser.image,
+                name: sessionUser.name,
+                roles: [],
+                verified: sessionUser.emailVerified,
+            });
+        }
+        catch (error) {
+            this.logger.error(`Error mapping Better-Auth user: ${error instanceof Error ? error.message : 'Unknown error'}`);
+            return null;
+        }
+    }
+    createMappedUser(userData) {
+        const roles = userData.roles || [];
+        return {
+            ...userData,
+            _authenticatedViaBetterAuth: true,
+            hasRole: (checkRoles) => {
+                const rolesToCheck = Array.isArray(checkRoles) ? checkRoles : [checkRoles];
+                if (rolesToCheck.includes(role_enum_1.RoleEnum.S_EVERYONE)) {
+                    return true;
+                }
+                if (rolesToCheck.includes(role_enum_1.RoleEnum.S_USER)) {
+                    return true;
+                }
+                if (rolesToCheck.includes(role_enum_1.RoleEnum.S_NO_ONE)) {
+                    return false;
+                }
+                if (rolesToCheck.includes(role_enum_1.RoleEnum.S_VERIFIED)) {
+                    return userData.verified === true;
+                }
+                return rolesToCheck.some((role) => roles.includes(role));
+            },
+            roles,
+        };
+    }
+    async linkOrCreateUser(sessionUser, additionalData) {
+        if (!sessionUser?.email) {
+            return null;
+        }
+        if (!this.connection) {
+            this.logger.warn('No database connection available - cannot sync user');
+            return null;
+        }
+        try {
+            const userCollection = this.connection.collection('users');
+            const existingUser = await userCollection.findOne({
+                $or: [{ email: sessionUser.email }, { iamId: sessionUser.id }],
+            });
+            const updateData = {
+                email: sessionUser.email,
+                ...(sessionUser.name && { firstName: sessionUser.name.split(' ')[0] }),
+                ...(sessionUser.name &&
+                    sessionUser.name.includes(' ') && {
+                    lastName: sessionUser.name.split(' ').slice(1).join(' '),
+                }),
+                ...(sessionUser.emailVerified !== undefined && { verified: sessionUser.emailVerified }),
+                ...(sessionUser.image && { avatar: sessionUser.image }),
+                iamId: sessionUser.id,
+                updatedAt: new Date(),
+                ...additionalData,
+            };
+            const updateQuery = {
+                $set: updateData,
+            };
+            if (!existingUser) {
+                updateQuery.$setOnInsert = {
+                    createdAt: new Date(),
+                    roles: [],
+                };
+            }
+            const result = await userCollection.findOneAndUpdate({
+                $or: [{ email: sessionUser.email }, { iamId: sessionUser.id }],
+            }, updateQuery, {
+                returnDocument: 'after',
+                upsert: true,
+            });
+            return result;
+        }
+        catch (error) {
+            this.logger.error(`Error syncing Better-Auth user: ${error instanceof Error ? error.message : 'Unknown error'}`);
+            return null;
+        }
+    }
+};
+exports.BetterAuthUserMapper = BetterAuthUserMapper;
+exports.BetterAuthUserMapper = BetterAuthUserMapper = BetterAuthUserMapper_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, common_1.Optional)()),
+    __param(0, (0, mongoose_1.InjectConnection)()),
+    __metadata("design:paramtypes", [mongoose_2.Connection])
+], BetterAuthUserMapper);
+//# sourceMappingURL=better-auth-user.mapper.js.map

package/dist/core/modules/better-auth/better-auth-user.mapper.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"better-auth-user.mapper.js","sourceRoot":"","sources":["../../../../src/core/modules/better-auth/better-auth-user.mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAA8D;AAC9D,+CAAoD;AACpD,uCAAsC;AAEtC,4DAAwD;AA+DjD,IAAM,oBAAoB,4BAA1B,MAAM,oBAAoB;IAG/B,YAA4C,UAAwC;QAAvB,eAAU,GAAV,UAAU,CAAa;QAFnE,WAAM,GAAG,IAAI,eAAM,CAAC,sBAAoB,CAAC,IAAI,CAAC,CAAC;IAEuB,CAAC;IAaxF,KAAK,CAAC,cAAc,CAAC,WAAkC;QACrD,IAAI,CAAC,WAAW,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC;QACd,CAAC;QAGD,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+DAA+D,CAAC,CAAC;YAClF,OAAO,IAAI,CAAC,gBAAgB,CAAC;gBAC3B,KAAK,EAAE,WAAW,CAAC,KAAK;gBACxB,aAAa,EAAE,WAAW,CAAC,aAAa;gBACxC,KAAK,EAAE,WAAW,CAAC,EAAE;gBACrB,EAAE,EAAE,WAAW,CAAC,EAAE;gBAClB,KAAK,EAAE,WAAW,CAAC,KAAK;gBACxB,IAAI,EAAE,WAAW,CAAC,IAAI;gBACtB,KAAK,EAAE,EAAE;gBACT,QAAQ,EAAE,WAAW,CAAC,aAAa;aACpC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,CAAC;YAGH,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YAC3D,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC;gBAC1C,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,WAAW,CAAC,EAAE,EAAE,CAAC;aAC/D,CAAC,CAAC;YAEH,IAAI,MAAM,EAAE,CAAC;gBAEX,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gBAE9D,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,KAAK,IAAI,IAAI,WAAW,CAAC,aAAa,KAAK,IAAI,CAAC;gBAEhF,OAAO,IAAI,CAAC,gBAAgB,CAAC;oBAC3B,KAAK,EAAE,WAAW,CAAC,KAAK;oBACxB,aAAa,EAAE,WAAW,CAAC,aAAa;oBACxC,KAAK,EAAE,WAAW,CAAC,EAAE;oBACrB,EAAE,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACzB,KAAK,EAAE,WAAW,CAAC,KAAK;oBACxB,IAAI,EAAE,WAAW,CAAC,IAAI;oBACtB,KAAK;oBACL,QAAQ;iBACT,CAAC,CAAC;YACL,CAAC;YAKD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oBAAoB,WAAW,CAAC,KAAK,gCAAgC,CAAC,CAAC;YAEzF,OAAO,IAAI,CAAC,gBAAgB,CAAC;gBAC3B,KAAK,EAAE,WAAW,CAAC,KAAK;gBACxB,aAAa,EAAE,WAAW,CAAC,aAAa;gBACxC,KAAK,EAAE,WAAW,CAAC,EAAE;gBACrB,EAAE,EAAE,WAAW,CAAC,EAAE;gBAClB,KAAK,EAAE,WAAW,CAAC,KAAK;gBACxB,IAAI,EAAE,WAAW,CAAC,IAAI;gBACtB,KAAK,EAAE,EAAE;gBACT,QAAQ,EAAE,WAAW,CAAC,aAAa;aACpC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YACjH,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAKO,gBAAgB,CAAC,QAAqE;QAC5F,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,IAAI,EAAE,CAAC;QAEnC,OAAO;YACL,GAAG,QAAQ;YACX,2BAA2B,EAAE,IAAI;YACjC,OAAO,EAAE,CAAC,UAA6B,EAAW,EAAE;gBAClD,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;gBAG3E,IAAI,YAAY,CAAC,QAAQ,CAAC,oBAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBAC/C,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,IAAI,YAAY,CAAC,QAAQ,CAAC,oBAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC3C,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,IAAI,YAAY,CAAC,QAAQ,CAAC,oBAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC7C,OAAO,KAAK,CAAC;gBACf,CAAC;gBAGD,IAAI,YAAY,CAAC,QAAQ,CAAC,oBAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBAC/C,OAAO,QAAQ,CAAC,QAAQ,KAAK,IAAI,CAAC;gBACpC,CAAC;gBAGD,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;YAC3D,CAAC;YACD,KAAK;SACN,CAAC;IACJ,CAAC;IAiBD,KAAK,CAAC,gBAAgB,CACpB,WAAkC,EAClC,cAAoC;QAEpC,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC;QACd,CAAC;QAGD,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAAC;YACxE,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YAG3D,MAAM,YAAY,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC;gBAChD,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,WAAW,CAAC,EAAE,EAAE,CAAC;aAC/D,CAAC,CAAC;YAEH,MAAM,UAAU,GAAwB;gBACtC,KAAK,EAAE,WAAW,CAAC,KAAK;gBACxB,GAAG,CAAC,WAAW,CAAC,IAAI,IAAI,EAAE,SAAS,EAAE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtE,GAAG,CAAC,WAAW,CAAC,IAAI;oBAClB,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI;oBAChC,QAAQ,EAAE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;iBACzD,CAAC;gBACJ,GAAG,CAAC,WAAW,CAAC,aAAa,KAAK,SAAS,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,aAAa,EAAE,CAAC;gBACvF,GAAG,CAAC,WAAW,CAAC,KAAK,IAAI,EAAE,MAAM,EAAE,WAAW,CAAC,KAAK,EAAE,CAAC;gBACvD,KAAK,EAAE,WAAW,CAAC,EAAE;gBACrB,SAAS,EAAE,IAAI,IAAI,EAAE;gBACrB,GAAG,cAAc;aAClB,CAAC;YAGF,MAAM,WAAW,GAAwB;gBACvC,IAAI,EAAE,UAAU;aACjB,CAAC;YAGF,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,WAAW,CAAC,YAAY,GAAG;oBACzB,SAAS,EAAE,IAAI,IAAI,EAAE;oBACrB,KAAK,EAAE,EAAE;iBACV,CAAC;YACJ,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,gBAAgB,CAClD;gBACE,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,WAAW,CAAC,EAAE,EAAE,CAAC;aAC/D,EACD,WAAW,EACX;gBACE,cAAc,EAAE,OAAO;gBACvB,MAAM,EAAE,IAAI;aACb,CACF,CAAC;YAEF,OAAO,MAAmC,CAAC;QAC7C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YACjH,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;CACF,CAAA;AAzMY,oDAAoB;+BAApB,oBAAoB;IADhC,IAAA,mBAAU,GAAE;IAIE,WAAA,IAAA,iBAAQ,GAAE,CAAA;IAAE,WAAA,IAAA,2BAAgB,GAAE,CAAA;qCAA+B,qBAAU;GAHzE,oBAAoB,CAyMhC"}

package/dist/core/modules/better-auth/better-auth.config.d.ts

@@ -0,0 +1,9 @@
+import { betterAuth } from 'better-auth';
+import { IBetterAuth } from '../../common/interfaces/server-options.interface';
+export type BetterAuthInstance = ReturnType<typeof betterAuth>;
+export interface CreateBetterAuthOptions {
+    config: IBetterAuth;
+    db: any;
+    fallbackSecrets?: (string | undefined)[];
+}
+export declare function createBetterAuthInstance(options: CreateBetterAuthOptions): BetterAuthInstance | null;

package/dist/core/modules/better-auth/better-auth.config.js

@@ -0,0 +1,251 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createBetterAuthInstance = createBetterAuthInstance;
+const passkey_1 = require("@better-auth/passkey");
+const common_1 = require("@nestjs/common");
+const better_auth_1 = require("better-auth");
+const mongodb_1 = require("better-auth/adapters/mongodb");
+const plugins_1 = require("better-auth/plugins");
+const crypto = require("crypto");
+function generateSecureSecret() {
+    return crypto.randomBytes(32).toString('base64');
+}
+let cachedAutoGeneratedSecret = null;
+function createBetterAuthInstance(options) {
+    const logger = new common_1.Logger('BetterAuthConfig');
+    const { config, db, fallbackSecrets } = options;
+    if (config?.enabled === false) {
+        return null;
+    }
+    const validation = validateConfig(config, fallbackSecrets);
+    for (const warning of validation.warnings) {
+        logger.warn(warning);
+    }
+    if (!validation.valid) {
+        throw new Error(`BetterAuth configuration invalid: ${validation.errors.join('; ')}`);
+    }
+    const plugins = buildPlugins(config);
+    const socialProviders = buildSocialProviders(config);
+    const trustedOrigins = buildTrustedOrigins(config);
+    const additionalFields = buildUserFields(config);
+    const betterAuthConfig = {
+        basePath: config.basePath || '/iam',
+        baseURL: config.baseUrl || 'http://localhost:3000',
+        database: (0, mongodb_1.mongodbAdapter)(db),
+        plugins,
+        secret: config.secret,
+        socialProviders,
+        trustedOrigins,
+        user: {
+            additionalFields,
+            modelName: 'users',
+        },
+    };
+    const finalConfig = config.options ? { ...betterAuthConfig, ...config.options } : betterAuthConfig;
+    return (0, better_auth_1.betterAuth)(finalConfig);
+}
+function buildPlugins(config) {
+    const plugins = [];
+    if (config.jwt && config.jwt.enabled !== false) {
+        plugins.push((0, plugins_1.jwt)({
+            jwt: {
+                expirationTime: config.jwt.expiresIn || '15m',
+            },
+        }));
+    }
+    if (config.twoFactor && config.twoFactor.enabled !== false) {
+        plugins.push((0, plugins_1.twoFactor)({
+            issuer: config.twoFactor.appName || 'Nest Server',
+        }));
+    }
+    if (config.passkey && config.passkey.enabled !== false) {
+        plugins.push((0, passkey_1.passkey)({
+            origin: config.passkey.origin || 'http://localhost:3000',
+            rpID: config.passkey.rpId || 'localhost',
+            rpName: config.passkey.rpName || 'Nest Server',
+        }));
+    }
+    if (config.plugins?.length) {
+        plugins.push(...config.plugins);
+    }
+    return plugins;
+}
+function buildSocialProviders(config) {
+    const socialProvidersConfig = {};
+    if (config.socialProviders) {
+        for (const [name, provider] of Object.entries(config.socialProviders)) {
+            if (provider?.clientId && provider?.clientSecret && provider?.enabled !== false) {
+                socialProvidersConfig[name] = {
+                    clientId: provider.clientId,
+                    clientSecret: provider.clientSecret,
+                };
+            }
+        }
+    }
+    return socialProvidersConfig;
+}
+function buildTrustedOrigins(config) {
+    if (config.trustedOrigins?.length) {
+        return config.trustedOrigins;
+    }
+    if (config.baseUrl) {
+        return [config.baseUrl];
+    }
+    return ['http://localhost:3000'];
+}
+function buildUserFields(config) {
+    const coreFields = {
+        firstName: {
+            defaultValue: null,
+            fieldName: 'firstName',
+            type: 'string',
+        },
+        iamId: {
+            defaultValue: null,
+            fieldName: 'iamId',
+            type: 'string',
+        },
+        lastName: {
+            defaultValue: null,
+            fieldName: 'lastName',
+            type: 'string',
+        },
+        roles: {
+            defaultValue: [],
+            fieldName: 'roles',
+            type: 'string[]',
+        },
+        twoFactorEnabled: {
+            defaultValue: false,
+            fieldName: 'twoFactorEnabled',
+            type: 'boolean',
+        },
+        verified: {
+            defaultValue: false,
+            fieldName: 'verified',
+            type: 'boolean',
+        },
+    };
+    if (config.additionalUserFields) {
+        for (const [key, field] of Object.entries(config.additionalUserFields)) {
+            coreFields[key] = {
+                defaultValue: field.defaultValue,
+                fieldName: field.fieldName || key,
+                required: field.required,
+                type: field.type,
+            };
+        }
+    }
+    return coreFields;
+}
+function getAutoGeneratedSecret() {
+    if (!cachedAutoGeneratedSecret) {
+        cachedAutoGeneratedSecret = generateSecureSecret();
+    }
+    return cachedAutoGeneratedSecret;
+}
+function isValidSecretLength(secret) {
+    return secret && secret.length >= 32;
+}
+function isValidUrl(url) {
+    try {
+        new URL(url);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+function validateConfig(config, fallbackSecrets) {
+    const errors = [];
+    const warnings = [];
+    let secretSource = 'explicit';
+    if (!config.secret || config.secret.trim() === '') {
+        const validFallback = fallbackSecrets?.find((secret) => secret && isValidSecretLength(secret));
+        if (validFallback) {
+            config.secret = validFallback;
+            secretSource = 'fallback';
+        }
+        else {
+            config.secret = getAutoGeneratedSecret();
+            secretSource = 'auto-generated';
+        }
+    }
+    const secretValidation = validateSecret(config.secret);
+    if (!secretValidation.valid) {
+        errors.push(secretValidation.message);
+    }
+    else if (secretValidation.message) {
+        warnings.push(secretValidation.message);
+    }
+    switch (secretSource) {
+        case 'auto-generated':
+            warnings.push('⚠️  BETTER_AUTH: No secret configured - using auto-generated secret.');
+            warnings.push('⚠️  CONSEQUENCE: All user sessions will be invalidated on server restart!');
+            warnings.push('💡 FOR PRODUCTION: Set betterAuth.secret in config or provide a valid fallback secret (min 32 chars).');
+            warnings.push("💡 Generate with: node -e \"console.log(require('crypto').randomBytes(32).toString('base64'))\"");
+            break;
+        case 'fallback':
+            warnings.push('💡 BETTER_AUTH: Using fallback secret (backwards compatible). Consider setting betterAuth.secret explicitly.');
+            break;
+    }
+    if (config.baseUrl && !isValidUrl(config.baseUrl)) {
+        errors.push(`Invalid baseUrl format: ${config.baseUrl}`);
+    }
+    if (config.trustedOrigins) {
+        for (const origin of config.trustedOrigins) {
+            if (!isValidUrl(origin)) {
+                errors.push(`Invalid trustedOrigin format: ${origin}`);
+            }
+        }
+    }
+    if (config.passkey?.enabled && config.passkey.origin && !isValidUrl(config.passkey.origin)) {
+        errors.push(`Invalid passkey origin format: ${config.passkey.origin}`);
+    }
+    if (config.socialProviders) {
+        for (const [name, provider] of Object.entries(config.socialProviders)) {
+            if (provider && provider.enabled !== false) {
+                const hasClientId = !!provider.clientId;
+                const hasClientSecret = !!provider.clientSecret;
+                if (hasClientId && hasClientSecret) {
+                    continue;
+                }
+                else if (hasClientId || hasClientSecret) {
+                    if (!hasClientId) {
+                        errors.push(`Social provider '${name}' is missing clientId`);
+                    }
+                    if (!hasClientSecret) {
+                        errors.push(`Social provider '${name}' is missing clientSecret`);
+                    }
+                }
+                else {
+                    warnings.push(`Social provider '${name}' is configured but missing both clientId and clientSecret. ` +
+                        `Set 'enabled: false' to disable it explicitly, or provide credentials to enable it.`);
+                }
+            }
+        }
+    }
+    return {
+        errors,
+        valid: errors.length === 0,
+        warnings,
+    };
+}
+function validateSecret(secret) {
+    if (!secret || secret.length < 32) {
+        return { message: 'Secret must be at least 32 characters long', valid: false };
+    }
+    const hasLowercase = /[a-z]/.test(secret);
+    const hasUppercase = /[A-Z]/.test(secret);
+    const hasNumbers = /[0-9]/.test(secret);
+    const hasSpecial = /[^a-zA-Z0-9]/.test(secret);
+    const diversityCount = [hasLowercase, hasUppercase, hasNumbers, hasSpecial].filter(Boolean).length;
+    if (diversityCount < 2) {
+        return {
+            message: 'Secret should contain at least 2 different character types (lowercase, uppercase, numbers, special)',
+            valid: true,
+        };
+    }
+    return { valid: true };
+}
+//# sourceMappingURL=better-auth.config.js.map

package/dist/core/modules/better-auth/better-auth.config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"better-auth.config.js","sourceRoot":"","sources":["../../../../src/core/modules/better-auth/better-auth.config.ts"],"names":[],"mappings":";;AA2GA,4DAoDC;AA/JD,kDAA+C;AAC/C,2CAAwC;AACxC,6CAA2D;AAC3D,0DAA8D;AAC9D,iDAAqD;AACrD,iCAAiC;AAkBjC,SAAS,oBAAoB;IAC3B,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACnD,CAAC;AAMD,IAAI,yBAAyB,GAAkB,IAAI,CAAC;AA4EpD,SAAgB,wBAAwB,CAAC,OAAgC;IACvE,MAAM,MAAM,GAAG,IAAI,eAAM,CAAC,kBAAkB,CAAC,CAAC;IAC9C,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE,eAAe,EAAE,GAAG,OAAO,CAAC;IAIhD,IAAI,MAAM,EAAE,OAAO,KAAK,KAAK,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAGD,MAAM,UAAU,GAAG,cAAc,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAG3D,KAAK,MAAM,OAAO,IAAI,UAAU,CAAC,QAAQ,EAAE,CAAC;QAC1C,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACvB,CAAC;IAGD,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,qCAAqC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvF,CAAC;IAGD,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACrC,MAAM,eAAe,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC;IACrD,MAAM,cAAc,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IACnD,MAAM,gBAAgB,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;IAGjD,MAAM,gBAAgB,GAAG;QACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,MAAM;QACnC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,uBAAuB;QAClD,QAAQ,EAAE,IAAA,wBAAc,EAAC,EAAE,CAAC;QAC5B,OAAO;QACP,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,eAAe;QACf,cAAc;QACd,IAAI,EAAE;YACJ,gBAAgB;YAChB,SAAS,EAAE,OAAO;SACnB;KACF,CAAC;IAIF,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,gBAAgB,EAAE,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC;IAKnG,OAAO,IAAA,wBAAU,EAAC,WAAkB,CAAC,CAAC;AACxC,CAAC;AASD,SAAS,YAAY,CAAC,MAAmB;IACvC,MAAM,OAAO,GAAuB,EAAE,CAAC;IAIvC,IAAI,MAAM,CAAC,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QAC/C,OAAO,CAAC,IAAI,CACV,IAAA,aAAG,EAAC;YACF,GAAG,EAAE;gBACH,cAAc,EAAE,MAAM,CAAC,GAAG,CAAC,SAAS,IAAI,KAAK;aAC9C;SACF,CAAC,CACH,CAAC;IACJ,CAAC;IAID,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,SAAS,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QAC3D,OAAO,CAAC,IAAI,CACV,IAAA,mBAAS,EAAC;YACR,MAAM,EAAE,MAAM,CAAC,SAAS,CAAC,OAAO,IAAI,aAAa;SAClD,CAAC,CACH,CAAC;IACJ,CAAC;IAID,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QACvD,OAAO,CAAC,IAAI,CACV,IAAA,iBAAO,EAAC;YACN,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,IAAI,uBAAuB;YACxD,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,WAAW;YACxC,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,IAAI,aAAa;SAC/C,CAAC,CACH,CAAC;IACJ,CAAC;IAID,IAAI,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC;QAC3B,OAAO,CAAC,IAAI,CAAC,GAAI,MAAM,CAAC,OAA8B,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAOD,SAAS,oBAAoB,CAAC,MAAmB;IAC/C,MAAM,qBAAqB,GAAyC,EAAE,CAAC;IAKvE,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;QAC3B,KAAK,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC;YACtE,IAAI,QAAQ,EAAE,QAAQ,IAAI,QAAQ,EAAE,YAAY,IAAI,QAAQ,EAAE,OAAO,KAAK,KAAK,EAAE,CAAC;gBAChF,qBAAqB,CAAC,IAAI,CAAC,GAAG;oBAC5B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;oBAC3B,YAAY,EAAE,QAAQ,CAAC,YAAY;iBACpC,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,qBAAqB,CAAC;AAC/B,CAAC;AAKD,SAAS,mBAAmB,CAAC,MAAmB;IAC9C,IAAI,MAAM,CAAC,cAAc,EAAE,MAAM,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,cAAc,CAAC;IAC/B,CAAC;IACD,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,CAAC,uBAAuB,CAAC,CAAC;AACnC,CAAC;AAOD,SAAS,eAAe,CAAC,MAAmB;IAE1C,MAAM,UAAU,GAAoC;QAClD,SAAS,EAAE;YACT,YAAY,EAAE,IAAI;YAClB,SAAS,EAAE,WAAW;YACtB,IAAI,EAAE,QAAQ;SACf;QACD,KAAK,EAAE;YACL,YAAY,EAAE,IAAI;YAClB,SAAS,EAAE,OAAO;YAClB,IAAI,EAAE,QAAQ;SACf;QACD,QAAQ,EAAE;YACR,YAAY,EAAE,IAAI;YAClB,SAAS,EAAE,UAAU;YACrB,IAAI,EAAE,QAAQ;SACf;QACD,KAAK,EAAE;YACL,YAAY,EAAE,EAAE;YAChB,SAAS,EAAE,OAAO;YAClB,IAAI,EAAE,UAAU;SACjB;QACD,gBAAgB,EAAE;YAChB,YAAY,EAAE,KAAK;YACnB,SAAS,EAAE,kBAAkB;YAC7B,IAAI,EAAE,SAAS;SAChB;QACD,QAAQ,EAAE;YACR,YAAY,EAAE,KAAK;YACnB,SAAS,EAAE,UAAU;YACrB,IAAI,EAAE,SAAS;SAChB;KACF,CAAC;IAIF,IAAI,MAAM,CAAC,oBAAoB,EAAE,CAAC;QAChC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACvE,UAAU,CAAC,GAAG,CAAC,GAAG;gBAChB,YAAY,EAAE,KAAK,CAAC,YAAY;gBAChC,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,GAAG;gBACjC,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,IAAI,EAAE,KAAK,CAAC,IAAI;aACjB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAMD,SAAS,sBAAsB;IAC7B,IAAI,CAAC,yBAAyB,EAAE,CAAC;QAC/B,yBAAyB,GAAG,oBAAoB,EAAE,CAAC;IACrD,CAAC;IACD,OAAO,yBAAyB,CAAC;AACnC,CAAC;AAKD,SAAS,mBAAmB,CAAC,MAAc;IACzC,OAAO,MAAM,IAAI,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC;AACvC,CAAC;AAKD,SAAS,UAAU,CAAC,GAAW;IAC7B,IAAI,CAAC;QACH,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QACb,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAcD,SAAS,cAAc,CAAC,MAAmB,EAAE,eAAwC;IACnF,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,QAAQ,GAAa,EAAE,CAAC;IAG9B,IAAI,YAAY,GAA+C,UAAU,CAAC;IAG1E,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QAElD,MAAM,aAAa,GAAG,eAAe,EAAE,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC;QAE/F,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,CAAC,MAAM,GAAG,aAAa,CAAC;YAC9B,YAAY,GAAG,UAAU,CAAC;QAC5B,CAAC;aAAM,CAAC;YAEN,MAAM,CAAC,MAAM,GAAG,sBAAsB,EAAE,CAAC;YACzC,YAAY,GAAG,gBAAgB,CAAC;QAClC,CAAC;IACH,CAAC;IAGD,MAAM,gBAAgB,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACvD,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAQ,CAAC,CAAC;IACzC,CAAC;SAAM,IAAI,gBAAgB,CAAC,OAAO,EAAE,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAC1C,CAAC;IAGD,QAAQ,YAAY,EAAE,CAAC;QACrB,KAAK,gBAAgB;YACnB,QAAQ,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;YACtF,QAAQ,CAAC,IAAI,CAAC,2EAA2E,CAAC,CAAC;YAC3F,QAAQ,CAAC,IAAI,CACX,uGAAuG,CACxG,CAAC;YACF,QAAQ,CAAC,IAAI,CAAC,iGAAiG,CAAC,CAAC;YACjH,MAAM;QACR,KAAK,UAAU;YACb,QAAQ,CAAC,IAAI,CACX,8GAA8G,CAC/G,CAAC;YACF,MAAM;IAEV,CAAC;IAGD,IAAI,MAAM,CAAC,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;QAClD,MAAM,CAAC,IAAI,CAAC,2BAA2B,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAC3D,CAAC;IAGD,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;QAC1B,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;YAC3C,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBACxB,MAAM,CAAC,IAAI,CAAC,iCAAiC,MAAM,EAAE,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;IAGD,IAAI,MAAM,CAAC,OAAO,EAAE,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3F,MAAM,CAAC,IAAI,CAAC,kCAAkC,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACzE,CAAC;IAKD,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;QAC3B,KAAK,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC;YAEtE,IAAI,QAAQ,IAAI,QAAQ,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;gBAE3C,MAAM,WAAW,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBACxC,MAAM,eAAe,GAAG,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC;gBAEhD,IAAI,WAAW,IAAI,eAAe,EAAE,CAAC;oBAEnC,SAAS;gBACX,CAAC;qBAAM,IAAI,WAAW,IAAI,eAAe,EAAE,CAAC;oBAE1C,IAAI,CAAC,WAAW,EAAE,CAAC;wBACjB,MAAM,CAAC,IAAI,CAAC,oBAAoB,IAAI,uBAAuB,CAAC,CAAC;oBAC/D,CAAC;oBACD,IAAI,CAAC,eAAe,EAAE,CAAC;wBACrB,MAAM,CAAC,IAAI,CAAC,oBAAoB,IAAI,2BAA2B,CAAC,CAAC;oBACnE,CAAC;gBACH,CAAC;qBAAM,CAAC;oBAGN,QAAQ,CAAC,IAAI,CACX,oBAAoB,IAAI,8DAA8D;wBACpF,qFAAqF,CACxF,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,MAAM;QACN,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;QAC1B,QAAQ;KACT,CAAC;AACJ,CAAC;AAMD,SAAS,cAAc,CAAC,MAAc;IACpC,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAClC,OAAO,EAAE,OAAO,EAAE,4CAA4C,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACjF,CAAC;IAGD,MAAM,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC1C,MAAM,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC1C,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACxC,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC/C,MAAM,cAAc,GAAG,CAAC,YAAY,EAAE,YAAY,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;IAEnG,IAAI,cAAc,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO;YACL,OAAO,EAAE,qGAAqG;YAC9G,KAAK,EAAE,IAAI;SACZ,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;AACzB,CAAC"}

package/dist/core/modules/better-auth/better-auth.middleware.d.ts

@@ -0,0 +1,20 @@
+import { NestMiddleware } from '@nestjs/common';
+import { NextFunction, Request, Response } from 'express';
+import { BetterAuthSessionUser, BetterAuthUserMapper, MappedUser } from './better-auth-user.mapper';
+import { BetterAuthService } from './better-auth.service';
+export interface BetterAuthRequest extends Request {
+    betterAuthSession?: {
+        session: any;
+        user: BetterAuthSessionUser;
+    };
+    betterAuthUser?: BetterAuthSessionUser;
+    user?: MappedUser | Request['user'];
+}
+export declare class BetterAuthMiddleware implements NestMiddleware {
+    private readonly betterAuthService;
+    private readonly userMapper;
+    private readonly logger;
+    constructor(betterAuthService: BetterAuthService, userMapper: BetterAuthUserMapper);
+    use(req: BetterAuthRequest, _res: Response, next: NextFunction): Promise<void>;
+    private getSession;
+}

package/dist/core/modules/better-auth/better-auth.middleware.js

@@ -0,0 +1,79 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var BetterAuthMiddleware_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BetterAuthMiddleware = void 0;
+const common_1 = require("@nestjs/common");
+const better_auth_user_mapper_1 = require("./better-auth-user.mapper");
+const better_auth_service_1 = require("./better-auth.service");
+let BetterAuthMiddleware = BetterAuthMiddleware_1 = class BetterAuthMiddleware {
+    constructor(betterAuthService, userMapper) {
+        this.betterAuthService = betterAuthService;
+        this.userMapper = userMapper;
+        this.logger = new common_1.Logger(BetterAuthMiddleware_1.name);
+    }
+    async use(req, _res, next) {
+        if (!this.betterAuthService.isEnabled()) {
+            return next();
+        }
+        if (req.user) {
+            return next();
+        }
+        try {
+            const session = await this.getSession(req);
+            if (session?.user) {
+                req.betterAuthSession = session;
+                req.betterAuthUser = session.user;
+                const mappedUser = await this.userMapper.mapSessionUser(session.user);
+                if (mappedUser) {
+                    req.user = mappedUser;
+                }
+            }
+        }
+        catch (error) {
+            this.logger.debug(`Session validation failed: ${error instanceof Error ? error.message : 'Unknown error'}`);
+        }
+        next();
+    }
+    async getSession(req) {
+        const api = this.betterAuthService.getApi();
+        if (!api) {
+            return null;
+        }
+        try {
+            const headers = new Headers();
+            for (const [key, value] of Object.entries(req.headers)) {
+                if (typeof value === 'string') {
+                    headers.set(key, value);
+                }
+                else if (Array.isArray(value)) {
+                    headers.set(key, value.join(', '));
+                }
+            }
+            const response = await api.getSession({ headers });
+            if (response && typeof response === 'object' && 'user' in response) {
+                return response;
+            }
+            return null;
+        }
+        catch (error) {
+            this.logger.debug(`getSession error: ${error instanceof Error ? error.message : 'Unknown error'}`);
+            return null;
+        }
+    }
+};
+exports.BetterAuthMiddleware = BetterAuthMiddleware;
+exports.BetterAuthMiddleware = BetterAuthMiddleware = BetterAuthMiddleware_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [better_auth_service_1.BetterAuthService,
+        better_auth_user_mapper_1.BetterAuthUserMapper])
+], BetterAuthMiddleware);
+//# sourceMappingURL=better-auth.middleware.js.map

package/dist/core/modules/better-auth/better-auth.middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"better-auth.middleware.js","sourceRoot":"","sources":["../../../../src/core/modules/better-auth/better-auth.middleware.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,2CAAoE;AAGpE,uEAAoG;AACpG,+DAA0D;AA2BnD,IAAM,oBAAoB,4BAA1B,MAAM,oBAAoB;IAG/B,YACmB,iBAAoC,EACpC,UAAgC;QADhC,sBAAiB,GAAjB,iBAAiB,CAAmB;QACpC,eAAU,GAAV,UAAU,CAAsB;QAJlC,WAAM,GAAG,IAAI,eAAM,CAAC,sBAAoB,CAAC,IAAI,CAAC,CAAC;IAK7D,CAAC;IAEJ,KAAK,CAAC,GAAG,CAAC,GAAsB,EAAE,IAAc,EAAE,IAAkB;QAElE,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,EAAE,CAAC;YACxC,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAGD,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;YACb,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YAEH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YAE3C,IAAI,OAAO,EAAE,IAAI,EAAE,CAAC;gBAElB,GAAG,CAAC,iBAAiB,GAAG,OAAO,CAAC;gBAChC,GAAG,CAAC,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;gBAGlC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBAEtE,IAAI,UAAU,EAAE,CAAC;oBAGf,GAAG,CAAC,IAAI,GAAG,UAAU,CAAC;gBACxB,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAGf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;QAC9G,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC;IAKO,KAAK,CAAC,UAAU,CAAC,GAAY;QACnC,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YAEH,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;YAC9B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;oBAC9B,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;gBAC1B,CAAC;qBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBAChC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;YAGD,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;YAEnD,IAAI,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,MAAM,IAAI,QAAQ,EAAE,CAAC;gBACnE,OAAO,QAAyD,CAAC;YACnE,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YACnG,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;CACF,CAAA;AA/EY,oDAAoB;+BAApB,oBAAoB;IADhC,IAAA,mBAAU,GAAE;qCAK2B,uCAAiB;QACxB,8CAAoB;GALxC,oBAAoB,CA+EhC"}

package/dist/core/modules/better-auth/better-auth.module.d.ts

@@ -0,0 +1,30 @@
+import { DynamicModule, MiddlewareConsumer, NestModule, OnModuleInit } from '@nestjs/common';
+import { IBetterAuth } from '../../common/interfaces/server-options.interface';
+import { BetterAuthRateLimiter } from './better-auth-rate-limiter.service';
+import { BetterAuthInstance } from './better-auth.config';
+import { BetterAuthService } from './better-auth.service';
+export declare const BETTER_AUTH_INSTANCE = "BETTER_AUTH_INSTANCE";
+export interface BetterAuthModuleOptions {
+    config: IBetterAuth;
+    fallbackSecrets?: (string | undefined)[];
+}
+export declare class BetterAuthModule implements NestModule, OnModuleInit {
+    private readonly betterAuthService?;
+    private readonly rateLimiter?;
+    private static logger;
+    private static authInstance;
+    private static initialized;
+    private static betterAuthEnabled;
+    private static currentConfig;
+    constructor(betterAuthService?: BetterAuthService, rateLimiter?: BetterAuthRateLimiter);
+    onModuleInit(): void;
+    configure(consumer: MiddlewareConsumer): void;
+    private static waitForMongoConnection;
+    static forRoot(options: BetterAuthModuleOptions): DynamicModule;
+    static forRootAsync(): DynamicModule;
+    static getInstance(): BetterAuthInstance | null;
+    static reset(): void;
+    private static createModule;
+    private static createDeferredModule;
+    private static logEnabledFeatures;
+}