@lenne.tech/nest-server 11.6.1 → 11.6.2

package/dist/core/modules/better-auth/better-auth-models.d.ts

@@ -0,0 +1,44 @@
+export declare class BetterAuthUserModel {
+    id: string;
+    iamId?: string;
+    email: string;
+    name?: string;
+    emailVerified?: boolean;
+    verified?: boolean;
+    roles?: string[];
+}
+export declare class BetterAuthSessionModel {
+    id: string;
+    expiresAt: Date;
+    user: BetterAuthUserModel;
+}
+export declare class BetterAuthSessionInfoModel {
+    id?: string;
+    token?: string;
+    expiresAt?: Date;
+}
+export declare class BetterAuth2FASetupModel {
+    success: boolean;
+    totpUri?: string;
+    backupCodes?: string[];
+    error?: string;
+}
+export declare class BetterAuthPasskeyModel {
+    id: string;
+    name?: string;
+    credentialId: string;
+    createdAt: Date;
+}
+export declare class BetterAuthPasskeyChallengeModel {
+    success: boolean;
+    challenge?: string;
+    error?: string;
+}
+export declare class BetterAuthFeaturesModel {
+    enabled: boolean;
+    jwt: boolean;
+    twoFactor: boolean;
+    passkey: boolean;
+    legacyPassword: boolean;
+    socialProviders: string[];
+}

package/dist/core/modules/better-auth/better-auth-models.js

@@ -0,0 +1,185 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BetterAuthFeaturesModel = exports.BetterAuthPasskeyChallengeModel = exports.BetterAuthPasskeyModel = exports.BetterAuth2FASetupModel = exports.BetterAuthSessionInfoModel = exports.BetterAuthSessionModel = exports.BetterAuthUserModel = void 0;
+const graphql_1 = require("@nestjs/graphql");
+const restricted_decorator_1 = require("../../common/decorators/restricted.decorator");
+const role_enum_1 = require("../../common/enums/role.enum");
+let BetterAuthUserModel = class BetterAuthUserModel {
+};
+exports.BetterAuthUserModel = BetterAuthUserModel;
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'User ID' }),
+    __metadata("design:type", String)
+], BetterAuthUserModel.prototype, "id", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'IAM provider user ID (e.g., Better-Auth)', nullable: true }),
+    __metadata("design:type", String)
+], BetterAuthUserModel.prototype, "iamId", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'Email address' }),
+    __metadata("design:type", String)
+], BetterAuthUserModel.prototype, "email", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'Display name', nullable: true }),
+    __metadata("design:type", String)
+], BetterAuthUserModel.prototype, "name", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => Boolean, { description: 'Email verified status', nullable: true }),
+    __metadata("design:type", Boolean)
+], BetterAuthUserModel.prototype, "emailVerified", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => Boolean, { description: 'User verified status', nullable: true }),
+    __metadata("design:type", Boolean)
+], BetterAuthUserModel.prototype, "verified", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => [String], { description: 'User roles', nullable: true }),
+    __metadata("design:type", Array)
+], BetterAuthUserModel.prototype, "roles", void 0);
+exports.BetterAuthUserModel = BetterAuthUserModel = __decorate([
+    (0, graphql_1.ObjectType)({ description: 'Better-Auth User' }),
+    (0, restricted_decorator_1.Restricted)(role_enum_1.RoleEnum.S_EVERYONE)
+], BetterAuthUserModel);
+let BetterAuthSessionModel = class BetterAuthSessionModel {
+};
+exports.BetterAuthSessionModel = BetterAuthSessionModel;
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'Session ID' }),
+    __metadata("design:type", String)
+], BetterAuthSessionModel.prototype, "id", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => Date, { description: 'Session expiration date' }),
+    __metadata("design:type", Date)
+], BetterAuthSessionModel.prototype, "expiresAt", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => BetterAuthUserModel, { description: 'Session user' }),
+    __metadata("design:type", BetterAuthUserModel)
+], BetterAuthSessionModel.prototype, "user", void 0);
+exports.BetterAuthSessionModel = BetterAuthSessionModel = __decorate([
+    (0, graphql_1.ObjectType)({ description: 'Better-Auth Session' }),
+    (0, restricted_decorator_1.Restricted)(role_enum_1.RoleEnum.S_USER)
+], BetterAuthSessionModel);
+let BetterAuthSessionInfoModel = class BetterAuthSessionInfoModel {
+};
+exports.BetterAuthSessionInfoModel = BetterAuthSessionInfoModel;
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'Session ID', nullable: true }),
+    __metadata("design:type", String)
+], BetterAuthSessionInfoModel.prototype, "id", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'Session token', nullable: true }),
+    __metadata("design:type", String)
+], BetterAuthSessionInfoModel.prototype, "token", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => Date, { description: 'Session expiration date', nullable: true }),
+    __metadata("design:type", Date)
+], BetterAuthSessionInfoModel.prototype, "expiresAt", void 0);
+exports.BetterAuthSessionInfoModel = BetterAuthSessionInfoModel = __decorate([
+    (0, graphql_1.ObjectType)({ description: 'Better-Auth Session Info' }),
+    (0, restricted_decorator_1.Restricted)(role_enum_1.RoleEnum.S_EVERYONE)
+], BetterAuthSessionInfoModel);
+let BetterAuth2FASetupModel = class BetterAuth2FASetupModel {
+};
+exports.BetterAuth2FASetupModel = BetterAuth2FASetupModel;
+__decorate([
+    (0, graphql_1.Field)(() => Boolean, { description: 'Whether the operation was successful' }),
+    __metadata("design:type", Boolean)
+], BetterAuth2FASetupModel.prototype, "success", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'TOTP URI for QR code generation', nullable: true }),
+    __metadata("design:type", String)
+], BetterAuth2FASetupModel.prototype, "totpUri", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => [String], { description: 'Backup codes for account recovery', nullable: true }),
+    __metadata("design:type", Array)
+], BetterAuth2FASetupModel.prototype, "backupCodes", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'Error message if failed', nullable: true }),
+    __metadata("design:type", String)
+], BetterAuth2FASetupModel.prototype, "error", void 0);
+exports.BetterAuth2FASetupModel = BetterAuth2FASetupModel = __decorate([
+    (0, graphql_1.ObjectType)({ description: 'Better-Auth 2FA setup data' }),
+    (0, restricted_decorator_1.Restricted)(role_enum_1.RoleEnum.S_USER)
+], BetterAuth2FASetupModel);
+let BetterAuthPasskeyModel = class BetterAuthPasskeyModel {
+};
+exports.BetterAuthPasskeyModel = BetterAuthPasskeyModel;
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'Passkey ID' }),
+    __metadata("design:type", String)
+], BetterAuthPasskeyModel.prototype, "id", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'Passkey name', nullable: true }),
+    __metadata("design:type", String)
+], BetterAuthPasskeyModel.prototype, "name", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'Credential ID' }),
+    __metadata("design:type", String)
+], BetterAuthPasskeyModel.prototype, "credentialId", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => Date, { description: 'Creation date' }),
+    __metadata("design:type", Date)
+], BetterAuthPasskeyModel.prototype, "createdAt", void 0);
+exports.BetterAuthPasskeyModel = BetterAuthPasskeyModel = __decorate([
+    (0, graphql_1.ObjectType)({ description: 'Better-Auth Passkey' }),
+    (0, restricted_decorator_1.Restricted)(role_enum_1.RoleEnum.S_USER)
+], BetterAuthPasskeyModel);
+let BetterAuthPasskeyChallengeModel = class BetterAuthPasskeyChallengeModel {
+};
+exports.BetterAuthPasskeyChallengeModel = BetterAuthPasskeyChallengeModel;
+__decorate([
+    (0, graphql_1.Field)(() => Boolean, { description: 'Whether the operation was successful' }),
+    __metadata("design:type", Boolean)
+], BetterAuthPasskeyChallengeModel.prototype, "success", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'Challenge data (JSON)', nullable: true }),
+    __metadata("design:type", String)
+], BetterAuthPasskeyChallengeModel.prototype, "challenge", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => String, { description: 'Error message if failed', nullable: true }),
+    __metadata("design:type", String)
+], BetterAuthPasskeyChallengeModel.prototype, "error", void 0);
+exports.BetterAuthPasskeyChallengeModel = BetterAuthPasskeyChallengeModel = __decorate([
+    (0, graphql_1.ObjectType)({ description: 'Better-Auth Passkey registration challenge' }),
+    (0, restricted_decorator_1.Restricted)(role_enum_1.RoleEnum.S_USER)
+], BetterAuthPasskeyChallengeModel);
+let BetterAuthFeaturesModel = class BetterAuthFeaturesModel {
+};
+exports.BetterAuthFeaturesModel = BetterAuthFeaturesModel;
+__decorate([
+    (0, graphql_1.Field)(() => Boolean, { description: 'Whether Better-Auth is enabled' }),
+    __metadata("design:type", Boolean)
+], BetterAuthFeaturesModel.prototype, "enabled", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => Boolean, { description: 'Whether JWT plugin is enabled' }),
+    __metadata("design:type", Boolean)
+], BetterAuthFeaturesModel.prototype, "jwt", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => Boolean, { description: 'Whether 2FA is enabled' }),
+    __metadata("design:type", Boolean)
+], BetterAuthFeaturesModel.prototype, "twoFactor", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => Boolean, { description: 'Whether Passkey is enabled' }),
+    __metadata("design:type", Boolean)
+], BetterAuthFeaturesModel.prototype, "passkey", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => Boolean, { description: 'Whether legacy password handling is enabled' }),
+    __metadata("design:type", Boolean)
+], BetterAuthFeaturesModel.prototype, "legacyPassword", void 0);
+__decorate([
+    (0, graphql_1.Field)(() => [String], { description: 'List of enabled social providers' }),
+    __metadata("design:type", Array)
+], BetterAuthFeaturesModel.prototype, "socialProviders", void 0);
+exports.BetterAuthFeaturesModel = BetterAuthFeaturesModel = __decorate([
+    (0, graphql_1.ObjectType)({ description: 'Better-Auth features status' }),
+    (0, restricted_decorator_1.Restricted)(role_enum_1.RoleEnum.S_EVERYONE)
+], BetterAuthFeaturesModel);
+//# sourceMappingURL=better-auth-models.js.map

package/dist/core/modules/better-auth/better-auth-models.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"better-auth-models.js","sourceRoot":"","sources":["../../../../src/core/modules/better-auth/better-auth-models.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,6CAAoD;AAEpD,uFAA0E;AAC1E,4DAAwD;AAOjD,IAAM,mBAAmB,GAAzB,MAAM,mBAAmB;CAqB/B,CAAA;AArBY,kDAAmB;AAE9B;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,SAAS,EAAE,CAAC;;+CACrC;AAGX;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,0CAA0C,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kDAClF;AAGf;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,eAAe,EAAE,CAAC;;kDACxC;AAGd;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,cAAc,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;iDACvD;AAGd;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,uBAAuB,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;0DACvD;AAGxB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,sBAAsB,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;qDAC3D;AAGnB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kDACpD;8BApBN,mBAAmB;IAF/B,IAAA,oBAAU,EAAC,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;IAC/C,IAAA,iCAAU,EAAC,oBAAQ,CAAC,UAAU,CAAC;GACnB,mBAAmB,CAqB/B;AAOM,IAAM,sBAAsB,GAA5B,MAAM,sBAAsB;CASlC,CAAA;AATY,wDAAsB;AAEjC;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;;kDACxC;AAGX;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,yBAAyB,EAAE,CAAC;8BACnD,IAAI;yDAAC;AAGhB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,mBAAmB,EAAE,EAAE,WAAW,EAAE,cAAc,EAAE,CAAC;8BAC5D,mBAAmB;oDAAC;iCARf,sBAAsB;IAFlC,IAAA,oBAAU,EAAC,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC;IAClD,IAAA,iCAAU,EAAC,oBAAQ,CAAC,MAAM,CAAC;GACf,sBAAsB,CASlC;AAOM,IAAM,0BAA0B,GAAhC,MAAM,0BAA0B;CAStC,CAAA;AATY,gEAA0B;AAErC;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;sDACvD;AAGZ;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,eAAe,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;yDACvD;AAGf;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,yBAAyB,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;8BAClE,IAAI;6DAAC;qCARN,0BAA0B;IAFtC,IAAA,oBAAU,EAAC,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IACvD,IAAA,iCAAU,EAAC,oBAAQ,CAAC,UAAU,CAAC;GACnB,0BAA0B,CAStC;AAOM,IAAM,uBAAuB,GAA7B,MAAM,uBAAuB;CAYnC,CAAA;AAZY,0DAAuB;AAElC;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,sCAAsC,EAAE,CAAC;;wDAC7D;AAGjB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,iCAAiC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;wDACvE;AAGjB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,WAAW,EAAE,mCAAmC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;4DACrE;AAGvB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,yBAAyB,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;sDACjE;kCAXJ,uBAAuB;IAFnC,IAAA,oBAAU,EAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE,CAAC;IACzD,IAAA,iCAAU,EAAC,oBAAQ,CAAC,MAAM,CAAC;GACf,uBAAuB,CAYnC;AAOM,IAAM,sBAAsB,GAA5B,MAAM,sBAAsB;CAYlC,CAAA;AAZY,wDAAsB;AAEjC;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;;kDACxC;AAGX;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,cAAc,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;oDACvD;AAGd;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,eAAe,EAAE,CAAC;;4DACjC;AAGrB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,eAAe,EAAE,CAAC;8BACzC,IAAI;yDAAC;iCAXL,sBAAsB;IAFlC,IAAA,oBAAU,EAAC,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC;IAClD,IAAA,iCAAU,EAAC,oBAAQ,CAAC,MAAM,CAAC;GACf,sBAAsB,CAYlC;AAOM,IAAM,+BAA+B,GAArC,MAAM,+BAA+B;CAS3C,CAAA;AATY,0EAA+B;AAE1C;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,sCAAsC,EAAE,CAAC;;gEAC7D;AAGjB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,uBAAuB,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kEAC3D;AAGnB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,yBAAyB,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;8DACjE;0CARJ,+BAA+B;IAF3C,IAAA,oBAAU,EAAC,EAAE,WAAW,EAAE,4CAA4C,EAAE,CAAC;IACzE,IAAA,iCAAU,EAAC,oBAAQ,CAAC,MAAM,CAAC;GACf,+BAA+B,CAS3C;AAOM,IAAM,uBAAuB,GAA7B,MAAM,uBAAuB;CAkBnC,CAAA;AAlBY,0DAAuB;AAElC;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;;wDACvD;AAGjB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,+BAA+B,EAAE,CAAC;;oDAC1D;AAGb;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,wBAAwB,EAAE,CAAC;;0DAC7C;AAGnB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,4BAA4B,EAAE,CAAC;;wDACnD;AAGjB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;;+DAC7D;AAGxB;IADC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,WAAW,EAAE,kCAAkC,EAAE,CAAC;;gEACjD;kCAjBf,uBAAuB;IAFnC,IAAA,oBAAU,EAAC,EAAE,WAAW,EAAE,6BAA6B,EAAE,CAAC;IAC1D,IAAA,iCAAU,EAAC,oBAAQ,CAAC,UAAU,CAAC;GACnB,uBAAuB,CAkBnC"}

package/dist/core/modules/better-auth/better-auth-rate-limit.middleware.d.ts

@@ -0,0 +1,12 @@
+import { NestMiddleware } from '@nestjs/common';
+import { NextFunction, Request, Response } from 'express';
+import { BetterAuthRateLimiter } from './better-auth-rate-limiter.service';
+import { BetterAuthService } from './better-auth.service';
+export declare class BetterAuthRateLimitMiddleware implements NestMiddleware {
+    private readonly rateLimiter;
+    private readonly betterAuthService;
+    constructor(rateLimiter: BetterAuthRateLimiter, betterAuthService: BetterAuthService);
+    use(req: Request, res: Response, next: NextFunction): void;
+    private getClientIp;
+    private addRateLimitHeaders;
+}

package/dist/core/modules/better-auth/better-auth-rate-limit.middleware.js

@@ -0,0 +1,70 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BetterAuthRateLimitMiddleware = void 0;
+const common_1 = require("@nestjs/common");
+const better_auth_rate_limiter_service_1 = require("./better-auth-rate-limiter.service");
+const better_auth_service_1 = require("./better-auth.service");
+let BetterAuthRateLimitMiddleware = class BetterAuthRateLimitMiddleware {
+    constructor(rateLimiter, betterAuthService) {
+        this.rateLimiter = rateLimiter;
+        this.betterAuthService = betterAuthService;
+    }
+    use(req, res, next) {
+        if (!this.betterAuthService.isEnabled()) {
+            return next();
+        }
+        if (!this.rateLimiter.isEnabled()) {
+            return next();
+        }
+        const ip = this.getClientIp(req);
+        const basePath = this.betterAuthService.getBasePath();
+        const path = req.path.startsWith(basePath) ? req.path.substring(basePath.length) : req.path;
+        const result = this.rateLimiter.check(ip, path);
+        this.addRateLimitHeaders(res, result);
+        if (!result.allowed) {
+            throw new common_1.HttpException({
+                error: 'Too Many Requests',
+                message: this.rateLimiter.getMessage(),
+                retryAfter: result.resetIn,
+                statusCode: common_1.HttpStatus.TOO_MANY_REQUESTS,
+            }, common_1.HttpStatus.TOO_MANY_REQUESTS);
+        }
+        next();
+    }
+    getClientIp(req) {
+        const forwardedFor = req.headers['x-forwarded-for'];
+        if (forwardedFor) {
+            const ips = Array.isArray(forwardedFor) ? forwardedFor[0] : forwardedFor.split(',')[0];
+            return ips.trim();
+        }
+        const realIp = req.headers['x-real-ip'];
+        if (realIp) {
+            return Array.isArray(realIp) ? realIp[0] : realIp;
+        }
+        return req.ip || req.socket?.remoteAddress || 'unknown';
+    }
+    addRateLimitHeaders(res, result) {
+        res.setHeader('X-RateLimit-Limit', result.limit.toString());
+        res.setHeader('X-RateLimit-Remaining', result.remaining.toString());
+        res.setHeader('X-RateLimit-Reset', result.resetIn.toString());
+        if (!result.allowed) {
+            res.setHeader('Retry-After', result.resetIn.toString());
+        }
+    }
+};
+exports.BetterAuthRateLimitMiddleware = BetterAuthRateLimitMiddleware;
+exports.BetterAuthRateLimitMiddleware = BetterAuthRateLimitMiddleware = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [better_auth_rate_limiter_service_1.BetterAuthRateLimiter,
+        better_auth_service_1.BetterAuthService])
+], BetterAuthRateLimitMiddleware);
+//# sourceMappingURL=better-auth-rate-limit.middleware.js.map

package/dist/core/modules/better-auth/better-auth-rate-limit.middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"better-auth-rate-limit.middleware.js","sourceRoot":"","sources":["../../../../src/core/modules/better-auth/better-auth-rate-limit.middleware.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAuF;AAGvF,yFAA4F;AAC5F,+DAA0D;AA4BnD,IAAM,6BAA6B,GAAnC,MAAM,6BAA6B;IACxC,YACmB,WAAkC,EAClC,iBAAoC;QADpC,gBAAW,GAAX,WAAW,CAAuB;QAClC,sBAAiB,GAAjB,iBAAiB,CAAmB;IACpD,CAAC;IAEJ,GAAG,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;QAEjD,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,EAAE,CAAC;YACxC,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAGD,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC;YAClC,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAGD,MAAM,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAGjC,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,CAAC;QACtD,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;QAG5F,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QAGhD,IAAI,CAAC,mBAAmB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAGtC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,IAAI,sBAAa,CACrB;gBACE,KAAK,EAAE,mBAAmB;gBAC1B,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE;gBACtC,UAAU,EAAE,MAAM,CAAC,OAAO;gBAC1B,UAAU,EAAE,mBAAU,CAAC,iBAAiB;aACzC,EACD,mBAAU,CAAC,iBAAiB,CAC7B,CAAC;QACJ,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC;IAMO,WAAW,CAAC,GAAY;QAE9B,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;QACpD,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACvF,OAAO,GAAG,CAAC,IAAI,EAAE,CAAC;QACpB,CAAC;QAGD,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QACpD,CAAC;QAGD,OAAO,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,EAAE,aAAa,IAAI,SAAS,CAAC;IAC1D,CAAC;IAKO,mBAAmB,CAAC,GAAa,EAAE,MAAuB;QAChE,GAAG,CAAC,SAAS,CAAC,mBAAmB,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC5D,GAAG,CAAC,SAAS,CAAC,uBAAuB,EAAE,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;QACpE,GAAG,CAAC,SAAS,CAAC,mBAAmB,EAAE,MAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;QAE9D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,GAAG,CAAC,SAAS,CAAC,aAAa,EAAE,MAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;CACF,CAAA;AAhFY,sEAA6B;wCAA7B,6BAA6B;IADzC,IAAA,mBAAU,GAAE;qCAGqB,wDAAqB;QACf,uCAAiB;GAH5C,6BAA6B,CAgFzC"}

package/dist/core/modules/better-auth/better-auth-rate-limiter.service.d.ts

@@ -0,0 +1,32 @@
+import { IBetterAuthRateLimit } from '../../common/interfaces/server-options.interface';
+export interface RateLimitResult {
+    allowed: boolean;
+    current: number;
+    limit: number;
+    remaining: number;
+    resetIn: number;
+}
+export declare class BetterAuthRateLimiter {
+    private readonly logger;
+    private readonly store;
+    private config;
+    private cleanupInterval;
+    constructor();
+    configure(config: IBetterAuthRateLimit | undefined): void;
+    check(ip: string, path: string): RateLimitResult;
+    getMessage(): string;
+    isEnabled(): boolean;
+    reset(ip: string): void;
+    clear(): void;
+    getStats(): {
+        activeEntries: number;
+        enabled: boolean;
+    };
+    onModuleDestroy(): void;
+    private shouldSkip;
+    private getLimit;
+    private getKey;
+    private normalizeEndpoint;
+    private maskIp;
+    private startCleanup;
+}

package/dist/core/modules/better-auth/better-auth-rate-limiter.service.js

@@ -0,0 +1,173 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var BetterAuthRateLimiter_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BetterAuthRateLimiter = void 0;
+const common_1 = require("@nestjs/common");
+const DEFAULT_CONFIG = {
+    enabled: false,
+    max: 10,
+    message: 'Too many requests, please try again later.',
+    skipEndpoints: ['/session', '/callback'],
+    strictEndpoints: ['/sign-in', '/sign-up', '/forgot-password', '/reset-password'],
+    windowSeconds: 60,
+};
+let BetterAuthRateLimiter = BetterAuthRateLimiter_1 = class BetterAuthRateLimiter {
+    constructor() {
+        this.logger = new common_1.Logger(BetterAuthRateLimiter_1.name);
+        this.store = new Map();
+        this.config = DEFAULT_CONFIG;
+        this.cleanupInterval = null;
+        this.startCleanup();
+    }
+    configure(config) {
+        this.config = {
+            ...DEFAULT_CONFIG,
+            ...config,
+            skipEndpoints: config?.skipEndpoints ?? DEFAULT_CONFIG.skipEndpoints,
+            strictEndpoints: config?.strictEndpoints ?? DEFAULT_CONFIG.strictEndpoints,
+        };
+        if (this.config.enabled) {
+            this.logger.log(`Rate limiting enabled: ${this.config.max} requests per ${this.config.windowSeconds}s`);
+        }
+    }
+    check(ip, path) {
+        if (!this.config.enabled) {
+            return {
+                allowed: true,
+                current: 0,
+                limit: Infinity,
+                remaining: Infinity,
+                resetIn: 0,
+            };
+        }
+        if (this.shouldSkip(path)) {
+            return {
+                allowed: true,
+                current: 0,
+                limit: Infinity,
+                remaining: Infinity,
+                resetIn: 0,
+            };
+        }
+        const limit = this.getLimit(path);
+        const key = this.getKey(ip, path);
+        const now = Date.now();
+        let entry = this.store.get(key);
+        if (!entry || now >= entry.resetTime) {
+            entry = {
+                count: 1,
+                resetTime: now + this.config.windowSeconds * 1000,
+            };
+            this.store.set(key, entry);
+            return {
+                allowed: true,
+                current: 1,
+                limit,
+                remaining: limit - 1,
+                resetIn: this.config.windowSeconds,
+            };
+        }
+        entry.count++;
+        const resetIn = Math.ceil((entry.resetTime - now) / 1000);
+        const allowed = entry.count <= limit;
+        const remaining = Math.max(0, limit - entry.count);
+        if (!allowed) {
+            this.logger.warn(`Rate limit exceeded for IP ${this.maskIp(ip)} on ${path}: ${entry.count}/${limit}`);
+        }
+        return {
+            allowed,
+            current: entry.count,
+            limit,
+            remaining,
+            resetIn,
+        };
+    }
+    getMessage() {
+        return this.config.message;
+    }
+    isEnabled() {
+        return this.config.enabled;
+    }
+    reset(ip) {
+        for (const key of this.store.keys()) {
+            if (key.startsWith(`${ip}:`)) {
+                this.store.delete(key);
+            }
+        }
+    }
+    clear() {
+        this.store.clear();
+    }
+    getStats() {
+        return {
+            activeEntries: this.store.size,
+            enabled: this.config.enabled,
+        };
+    }
+    onModuleDestroy() {
+        if (this.cleanupInterval) {
+            clearInterval(this.cleanupInterval);
+            this.cleanupInterval = null;
+        }
+    }
+    shouldSkip(path) {
+        return this.config.skipEndpoints.some((skip) => path === skip || path.endsWith(skip) || path.includes(skip));
+    }
+    getLimit(path) {
+        const isStrict = this.config.strictEndpoints.some((strict) => path === strict || path.endsWith(strict) || path.includes(strict));
+        return isStrict ? Math.ceil(this.config.max / 2) : this.config.max;
+    }
+    getKey(ip, path) {
+        const endpoint = this.normalizeEndpoint(path);
+        return `${ip}:${endpoint}`;
+    }
+    normalizeEndpoint(path) {
+        const cleanPath = path.split('?')[0];
+        if (cleanPath.includes('/callback/')) {
+            return 'callback';
+        }
+        const segments = cleanPath.split('/').filter(Boolean);
+        return segments[segments.length - 1] || 'root';
+    }
+    maskIp(ip) {
+        if (ip.includes('.')) {
+            const parts = ip.split('.');
+            return `${parts[0]}.${parts[1]}.*.*`;
+        }
+        const parts = ip.split(':');
+        return `${parts[0]}:****`;
+    }
+    startCleanup() {
+        this.cleanupInterval = setInterval(() => {
+            const now = Date.now();
+            let cleaned = 0;
+            for (const [key, entry] of this.store.entries()) {
+                if (now >= entry.resetTime) {
+                    this.store.delete(key);
+                    cleaned++;
+                }
+            }
+            if (cleaned > 0) {
+                this.logger.debug(`Cleaned up ${cleaned} expired rate limit entries`);
+            }
+        }, 5 * 60 * 1000);
+        if (this.cleanupInterval.unref) {
+            this.cleanupInterval.unref();
+        }
+    }
+};
+exports.BetterAuthRateLimiter = BetterAuthRateLimiter;
+exports.BetterAuthRateLimiter = BetterAuthRateLimiter = BetterAuthRateLimiter_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [])
+], BetterAuthRateLimiter);
+//# sourceMappingURL=better-auth-rate-limiter.service.js.map

package/dist/core/modules/better-auth/better-auth-rate-limiter.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"better-auth-rate-limiter.service.js","sourceRoot":"","sources":["../../../../src/core/modules/better-auth/better-auth-rate-limiter.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,2CAAoD;AA6CpD,MAAM,cAAc,GAAmC;IACrD,OAAO,EAAE,KAAK;IACd,GAAG,EAAE,EAAE;IACP,OAAO,EAAE,4CAA4C;IACrD,aAAa,EAAE,CAAC,UAAU,EAAE,WAAW,CAAC;IACxC,eAAe,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,kBAAkB,EAAE,iBAAiB,CAAC;IAChF,aAAa,EAAE,EAAE;CAClB,CAAC;AAwBK,IAAM,qBAAqB,6BAA3B,MAAM,qBAAqB;IAMhC;QALiB,WAAM,GAAG,IAAI,eAAM,CAAC,uBAAqB,CAAC,IAAI,CAAC,CAAC;QAChD,UAAK,GAAG,IAAI,GAAG,EAA0B,CAAC;QACnD,WAAM,GAAmC,cAAc,CAAC;QACxD,oBAAe,GAA0B,IAAI,CAAC;QAIpD,IAAI,CAAC,YAAY,EAAE,CAAC;IACtB,CAAC;IAOD,SAAS,CAAC,MAAwC;QAChD,IAAI,CAAC,MAAM,GAAG;YACZ,GAAG,cAAc;YACjB,GAAG,MAAM;YAET,aAAa,EAAE,MAAM,EAAE,aAAa,IAAI,cAAc,CAAC,aAAa;YACpE,eAAe,EAAE,MAAM,EAAE,eAAe,IAAI,cAAc,CAAC,eAAe;SAC3E,CAAC;QAEF,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACxB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,0BAA0B,IAAI,CAAC,MAAM,CAAC,GAAG,iBAAiB,IAAI,CAAC,MAAM,CAAC,aAAa,GAAG,CAAC,CAAC;QAC1G,CAAC;IACH,CAAC;IASD,KAAK,CAAC,EAAU,EAAE,IAAY;QAE5B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,CAAC;gBACV,KAAK,EAAE,QAAQ;gBACf,SAAS,EAAE,QAAQ;gBACnB,OAAO,EAAE,CAAC;aACX,CAAC;QACJ,CAAC;QAGD,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1B,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,CAAC;gBACV,KAAK,EAAE,QAAQ;gBACf,SAAS,EAAE,QAAQ;gBACnB,OAAO,EAAE,CAAC;aACX,CAAC;QACJ,CAAC;QAGD,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QAClC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAGvB,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEhC,IAAI,CAAC,KAAK,IAAI,GAAG,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;YAErC,KAAK,GAAG;gBACN,KAAK,EAAE,CAAC;gBACR,SAAS,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,GAAG,IAAI;aAClD,CAAC;YACF,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAE3B,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,CAAC;gBACV,KAAK;gBACL,SAAS,EAAE,KAAK,GAAG,CAAC;gBACpB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;aACnC,CAAC;QACJ,CAAC;QAGD,KAAK,CAAC,KAAK,EAAE,CAAC;QAEd,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC;QAC1D,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,IAAI,KAAK,CAAC;QACrC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC;QAEnD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,IAAI,KAAK,KAAK,CAAC,KAAK,IAAI,KAAK,EAAE,CAAC,CAAC;QACxG,CAAC;QAED,OAAO;YACL,OAAO;YACP,OAAO,EAAE,KAAK,CAAC,KAAK;YACpB,KAAK;YACL,SAAS;YACT,OAAO;SACR,CAAC;IACJ,CAAC;IAKD,UAAU;QACR,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;IAC7B,CAAC;IAKD,SAAS;QACP,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;IAC7B,CAAC;IAOD,KAAK,CAAC,EAAU;QAEd,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;YACpC,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC;gBAC7B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAKD,KAAK;QACH,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;IAKD,QAAQ;QACN,OAAO;YACL,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI;YAC9B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;SAC7B,CAAC;IACJ,CAAC;IAKD,eAAe;QACb,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACzB,aAAa,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YACpC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC;QAC9B,CAAC;IACH,CAAC;IAKO,UAAU,CAAC,IAAY;QAC7B,OAAO,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IAC/G,CAAC;IAMO,QAAQ,CAAC,IAAY;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,CAC/C,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,KAAK,MAAM,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAC9E,CAAC;QAEF,OAAO,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;IACrE,CAAC;IAMO,MAAM,CAAC,EAAU,EAAE,IAAY;QAErC,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAC9C,OAAO,GAAG,EAAE,IAAI,QAAQ,EAAE,CAAC;IAC7B,CAAC;IAKO,iBAAiB,CAAC,IAAY;QAEpC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAGrC,IAAI,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;YACrC,OAAO,UAAU,CAAC;QACpB,CAAC;QAGD,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACtD,OAAO,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,MAAM,CAAC;IACjD,CAAC;IAKO,MAAM,CAAC,EAAU;QACvB,IAAI,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAErB,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5B,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC;QACvC,CAAC;QAED,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC5B,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC;IAC5B,CAAC;IAKO,YAAY;QAElB,IAAI,CAAC,eAAe,GAAG,WAAW,CAChC,GAAG,EAAE;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,OAAO,GAAG,CAAC,CAAC;YAEhB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;gBAChD,IAAI,GAAG,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;oBAC3B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBACvB,OAAO,EAAE,CAAC;gBACZ,CAAC;YACH,CAAC;YAED,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;gBAChB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,cAAc,OAAO,6BAA6B,CAAC,CAAC;YACxE,CAAC;QACH,CAAC,EACD,CAAC,GAAG,EAAE,GAAG,IAAI,CACd,CAAC;QAGF,IAAI,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;YAC/B,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;QAC/B,CAAC;IACH,CAAC;CACF,CAAA;AAzPY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;;GACA,qBAAqB,CAyPjC"}

package/dist/core/modules/better-auth/better-auth-user.mapper.d.ts

@@ -0,0 +1,43 @@
+import { Connection } from 'mongoose';
+export interface BetterAuthSessionUser {
+    createdAt?: Date;
+    email: string;
+    emailVerified?: boolean;
+    id: string;
+    image?: string;
+    name?: string;
+    updatedAt?: Date;
+}
+export interface MappedUser {
+    _authenticatedViaBetterAuth: true;
+    email: string;
+    emailVerified?: boolean;
+    hasRole: (roles: string | string[]) => boolean;
+    iamId: string;
+    id: string;
+    image?: string;
+    name?: string;
+    roles: string[];
+    verified?: boolean;
+}
+export interface SyncedUserDocument {
+    _id: any;
+    avatar?: string;
+    createdAt: Date;
+    email: string;
+    firstName?: string;
+    iamId: string;
+    lastName?: string;
+    password?: string;
+    roles: string[];
+    updatedAt: Date;
+    verified?: boolean;
+}
+export declare class BetterAuthUserMapper {
+    private readonly connection?;
+    private readonly logger;
+    constructor(connection?: Connection);
+    mapSessionUser(sessionUser: BetterAuthSessionUser): Promise<MappedUser | null>;
+    private createMappedUser;
+    linkOrCreateUser(sessionUser: BetterAuthSessionUser, additionalData?: Record<string, any>): Promise<null | SyncedUserDocument>;
+}