npm - @lenne.tech/nest-server - Versions diffs - 11.6.1 → 11.7.0 - Mend

@lenne.tech/nest-server 11.6.1 → 11.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (120) hide show

package/dist/core/modules/better-auth/better-auth.config.js ADDED Viewed

@@ -0,0 +1,254 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createBetterAuthInstance = createBetterAuthInstance;
+const passkey_1 = require("@better-auth/passkey");
+const common_1 = require("@nestjs/common");
+const better_auth_1 = require("better-auth");
+const mongodb_1 = require("better-auth/adapters/mongodb");
+const plugins_1 = require("better-auth/plugins");
+const crypto = require("crypto");
+function generateSecureSecret() {
+    return crypto.randomBytes(32).toString('base64');
+}
+let cachedAutoGeneratedSecret = null;
+function createBetterAuthInstance(options) {
+    const logger = new common_1.Logger('BetterAuthConfig');
+    const { config, db, fallbackSecrets } = options;
+    if (config?.enabled === false) {
+        return null;
+    }
+    const validation = validateConfig(config, fallbackSecrets);
+    for (const warning of validation.warnings) {
+        logger.warn(warning);
+    }
+    if (!validation.valid) {
+        throw new Error(`BetterAuth configuration invalid: ${validation.errors.join('; ')}`);
+    }
+    const plugins = buildPlugins(config);
+    const socialProviders = buildSocialProviders(config);
+    const trustedOrigins = buildTrustedOrigins(config);
+    const additionalFields = buildUserFields(config);
+    const betterAuthConfig = {
+        basePath: config.basePath || '/iam',
+        baseURL: config.baseUrl || 'http://localhost:3000',
+        database: (0, mongodb_1.mongodbAdapter)(db),
+        emailAndPassword: {
+            enabled: config.emailAndPassword?.enabled !== false,
+        },
+        plugins,
+        secret: config.secret,
+        socialProviders,
+        trustedOrigins,
+        user: {
+            additionalFields,
+            modelName: 'users',
+        },
+    };
+    const finalConfig = config.options ? { ...betterAuthConfig, ...config.options } : betterAuthConfig;
+    return (0, better_auth_1.betterAuth)(finalConfig);
+}
+function buildPlugins(config) {
+    const plugins = [];
+    if (config.jwt && config.jwt.enabled !== false) {
+        plugins.push((0, plugins_1.jwt)({
+            jwt: {
+                expirationTime: config.jwt.expiresIn || '15m',
+            },
+        }));
+    }
+    if (config.twoFactor && config.twoFactor.enabled !== false) {
+        plugins.push((0, plugins_1.twoFactor)({
+            issuer: config.twoFactor.appName || 'Nest Server',
+        }));
+    }
+    if (config.passkey && config.passkey.enabled !== false) {
+        plugins.push((0, passkey_1.passkey)({
+            origin: config.passkey.origin || 'http://localhost:3000',
+            rpID: config.passkey.rpId || 'localhost',
+            rpName: config.passkey.rpName || 'Nest Server',
+        }));
+    }
+    if (config.plugins?.length) {
+        plugins.push(...config.plugins);
+    }
+    return plugins;
+}
+function buildSocialProviders(config) {
+    const socialProvidersConfig = {};
+    if (config.socialProviders) {
+        for (const [name, provider] of Object.entries(config.socialProviders)) {
+            if (provider?.clientId && provider?.clientSecret && provider?.enabled !== false) {
+                socialProvidersConfig[name] = {
+                    clientId: provider.clientId,
+                    clientSecret: provider.clientSecret,
+                };
+            }
+        }
+    }
+    return socialProvidersConfig;
+}
+function buildTrustedOrigins(config) {
+    if (config.trustedOrigins?.length) {
+        return config.trustedOrigins;
+    }
+    if (config.baseUrl) {
+        return [config.baseUrl];
+    }
+    return ['http://localhost:3000'];
+}
+function buildUserFields(config) {
+    const coreFields = {
+        firstName: {
+            defaultValue: null,
+            fieldName: 'firstName',
+            type: 'string',
+        },
+        iamId: {
+            defaultValue: null,
+            fieldName: 'iamId',
+            type: 'string',
+        },
+        lastName: {
+            defaultValue: null,
+            fieldName: 'lastName',
+            type: 'string',
+        },
+        roles: {
+            defaultValue: [],
+            fieldName: 'roles',
+            type: 'string[]',
+        },
+        twoFactorEnabled: {
+            defaultValue: false,
+            fieldName: 'twoFactorEnabled',
+            type: 'boolean',
+        },
+        verified: {
+            defaultValue: false,
+            fieldName: 'verified',
+            type: 'boolean',
+        },
+    };
+    if (config.additionalUserFields) {
+        for (const [key, field] of Object.entries(config.additionalUserFields)) {
+            coreFields[key] = {
+                defaultValue: field.defaultValue,
+                fieldName: field.fieldName || key,
+                required: field.required,
+                type: field.type,
+            };
+        }
+    }
+    return coreFields;
+}
+function getAutoGeneratedSecret() {
+    if (!cachedAutoGeneratedSecret) {
+        cachedAutoGeneratedSecret = generateSecureSecret();
+    }
+    return cachedAutoGeneratedSecret;
+}
+function isValidSecretLength(secret) {
+    return secret && secret.length >= 32;
+}
+function isValidUrl(url) {
+    try {
+        new URL(url);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+function validateConfig(config, fallbackSecrets) {
+    const errors = [];
+    const warnings = [];
+    let secretSource = 'explicit';
+    if (!config.secret || config.secret.trim() === '') {
+        const validFallback = fallbackSecrets?.find((secret) => secret && isValidSecretLength(secret));
+        if (validFallback) {
+            config.secret = validFallback;
+            secretSource = 'fallback';
+        }
+        else {
+            config.secret = getAutoGeneratedSecret();
+            secretSource = 'auto-generated';
+        }
+    }
+    const secretValidation = validateSecret(config.secret);
+    if (!secretValidation.valid) {
+        errors.push(secretValidation.message);
+    }
+    else if (secretValidation.message) {
+        warnings.push(secretValidation.message);
+    }
+    switch (secretSource) {
+        case 'auto-generated':
+            warnings.push('⚠️  BETTER_AUTH: No secret configured - using auto-generated secret.');
+            warnings.push('⚠️  CONSEQUENCE: All user sessions will be invalidated on server restart!');
+            warnings.push('💡 FOR PRODUCTION: Set betterAuth.secret in config or provide a valid fallback secret (min 32 chars).');
+            warnings.push("💡 Generate with: node -e \"console.log(require('crypto').randomBytes(32).toString('base64'))\"");
+            break;
+        case 'fallback':
+            warnings.push('💡 BETTER_AUTH: Using fallback secret (backwards compatible). Consider setting betterAuth.secret explicitly.');
+            break;
+    }
+    if (config.baseUrl && !isValidUrl(config.baseUrl)) {
+        errors.push(`Invalid baseUrl format: ${config.baseUrl}`);
+    }
+    if (config.trustedOrigins) {
+        for (const origin of config.trustedOrigins) {
+            if (!isValidUrl(origin)) {
+                errors.push(`Invalid trustedOrigin format: ${origin}`);
+            }
+        }
+    }
+    if (config.passkey?.enabled && config.passkey.origin && !isValidUrl(config.passkey.origin)) {
+        errors.push(`Invalid passkey origin format: ${config.passkey.origin}`);
+    }
+    if (config.socialProviders) {
+        for (const [name, provider] of Object.entries(config.socialProviders)) {
+            if (provider && provider.enabled !== false) {
+                const hasClientId = !!provider.clientId;
+                const hasClientSecret = !!provider.clientSecret;
+                if (hasClientId && hasClientSecret) {
+                    continue;
+                }
+                else if (hasClientId || hasClientSecret) {
+                    if (!hasClientId) {
+                        errors.push(`Social provider '${name}' is missing clientId`);
+                    }
+                    if (!hasClientSecret) {
+                        errors.push(`Social provider '${name}' is missing clientSecret`);
+                    }
+                }
+                else {
+                    warnings.push(`Social provider '${name}' is configured but missing both clientId and clientSecret. ` +
+                        `Set 'enabled: false' to disable it explicitly, or provide credentials to enable it.`);
+                }
+            }
+        }
+    }
+    return {
+        errors,
+        valid: errors.length === 0,
+        warnings,
+    };
+}
+function validateSecret(secret) {
+    if (!secret || secret.length < 32) {
+        return { message: 'Secret must be at least 32 characters long', valid: false };
+    }
+    const hasLowercase = /[a-z]/.test(secret);
+    const hasUppercase = /[A-Z]/.test(secret);
+    const hasNumbers = /[0-9]/.test(secret);
+    const hasSpecial = /[^a-zA-Z0-9]/.test(secret);
+    const diversityCount = [hasLowercase, hasUppercase, hasNumbers, hasSpecial].filter(Boolean).length;
+    if (diversityCount < 2) {
+        return {
+            message: 'Secret should contain at least 2 different character types (lowercase, uppercase, numbers, special)',
+            valid: true,
+        };
+    }
+    return { valid: true };
+}
+//# sourceMappingURL=better-auth.config.js.map

package/dist/core/modules/better-auth/better-auth.config.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"better-auth.config.js","sourceRoot":"","sources":["../../../../src/core/modules/better-auth/better-auth.config.ts"],"names":[],"mappings":";;AA2GA,4DAyDC;AApKD,kDAA+C;AAC/C,2CAAwC;AACxC,6CAA2D;AAC3D,0DAA8D;AAC9D,iDAAqD;AACrD,iCAAiC;AAkBjC,SAAS,oBAAoB;IAC3B,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACnD,CAAC;AAMD,IAAI,yBAAyB,GAAkB,IAAI,CAAC;AA4EpD,SAAgB,wBAAwB,CAAC,OAAgC;IACvE,MAAM,MAAM,GAAG,IAAI,eAAM,CAAC,kBAAkB,CAAC,CAAC;IAC9C,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE,eAAe,EAAE,GAAG,OAAO,CAAC;IAIhD,IAAI,MAAM,EAAE,OAAO,KAAK,KAAK,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAGD,MAAM,UAAU,GAAG,cAAc,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAG3D,KAAK,MAAM,OAAO,IAAI,UAAU,CAAC,QAAQ,EAAE,CAAC;QAC1C,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACvB,CAAC;IAGD,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,qCAAqC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvF,CAAC;IAGD,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACrC,MAAM,eAAe,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC;IACrD,MAAM,cAAc,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IACnD,MAAM,gBAAgB,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;IAGjD,MAAM,gBAAgB,GAAG;QACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,MAAM;QACnC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,uBAAuB;QAClD,QAAQ,EAAE,IAAA,wBAAc,EAAC,EAAE,CAAC;QAG5B,gBAAgB,EAAE;YAChB,OAAO,EAAE,MAAM,CAAC,gBAAgB,EAAE,OAAO,KAAK,KAAK;SACpD;QACD,OAAO;QACP,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,eAAe;QACf,cAAc;QACd,IAAI,EAAE;YACJ,gBAAgB;YAChB,SAAS,EAAE,OAAO;SACnB;KACF,CAAC;IAIF,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,gBAAgB,EAAE,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC;IAKnG,OAAO,IAAA,wBAAU,EAAC,WAAkB,CAAC,CAAC;AACxC,CAAC;AASD,SAAS,YAAY,CAAC,MAAmB;IACvC,MAAM,OAAO,GAAuB,EAAE,CAAC;IAIvC,IAAI,MAAM,CAAC,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QAC/C,OAAO,CAAC,IAAI,CACV,IAAA,aAAG,EAAC;YACF,GAAG,EAAE;gBACH,cAAc,EAAE,MAAM,CAAC,GAAG,CAAC,SAAS,IAAI,KAAK;aAC9C;SACF,CAAC,CACH,CAAC;IACJ,CAAC;IAID,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,SAAS,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QAC3D,OAAO,CAAC,IAAI,CACV,IAAA,mBAAS,EAAC;YACR,MAAM,EAAE,MAAM,CAAC,SAAS,CAAC,OAAO,IAAI,aAAa;SAClD,CAAC,CACH,CAAC;IACJ,CAAC;IAID,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QACvD,OAAO,CAAC,IAAI,CACV,IAAA,iBAAO,EAAC;YACN,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,IAAI,uBAAuB;YACxD,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,WAAW;YACxC,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,IAAI,aAAa;SAC/C,CAAC,CACH,CAAC;IACJ,CAAC;IAID,IAAI,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC;QAC3B,OAAO,CAAC,IAAI,CAAC,GAAI,MAAM,CAAC,OAA8B,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAOD,SAAS,oBAAoB,CAAC,MAAmB;IAC/C,MAAM,qBAAqB,GAAyC,EAAE,CAAC;IAKvE,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;QAC3B,KAAK,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC;YACtE,IAAI,QAAQ,EAAE,QAAQ,IAAI,QAAQ,EAAE,YAAY,IAAI,QAAQ,EAAE,OAAO,KAAK,KAAK,EAAE,CAAC;gBAChF,qBAAqB,CAAC,IAAI,CAAC,GAAG;oBAC5B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;oBAC3B,YAAY,EAAE,QAAQ,CAAC,YAAY;iBACpC,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,qBAAqB,CAAC;AAC/B,CAAC;AAKD,SAAS,mBAAmB,CAAC,MAAmB;IAC9C,IAAI,MAAM,CAAC,cAAc,EAAE,MAAM,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,cAAc,CAAC;IAC/B,CAAC;IACD,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,CAAC,uBAAuB,CAAC,CAAC;AACnC,CAAC;AAOD,SAAS,eAAe,CAAC,MAAmB;IAE1C,MAAM,UAAU,GAAoC;QAClD,SAAS,EAAE;YACT,YAAY,EAAE,IAAI;YAClB,SAAS,EAAE,WAAW;YACtB,IAAI,EAAE,QAAQ;SACf;QACD,KAAK,EAAE;YACL,YAAY,EAAE,IAAI;YAClB,SAAS,EAAE,OAAO;YAClB,IAAI,EAAE,QAAQ;SACf;QACD,QAAQ,EAAE;YACR,YAAY,EAAE,IAAI;YAClB,SAAS,EAAE,UAAU;YACrB,IAAI,EAAE,QAAQ;SACf;QACD,KAAK,EAAE;YACL,YAAY,EAAE,EAAE;YAChB,SAAS,EAAE,OAAO;YAClB,IAAI,EAAE,UAAU;SACjB;QACD,gBAAgB,EAAE;YAChB,YAAY,EAAE,KAAK;YACnB,SAAS,EAAE,kBAAkB;YAC7B,IAAI,EAAE,SAAS;SAChB;QACD,QAAQ,EAAE;YACR,YAAY,EAAE,KAAK;YACnB,SAAS,EAAE,UAAU;YACrB,IAAI,EAAE,SAAS;SAChB;KACF,CAAC;IAIF,IAAI,MAAM,CAAC,oBAAoB,EAAE,CAAC;QAChC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACvE,UAAU,CAAC,GAAG,CAAC,GAAG;gBAChB,YAAY,EAAE,KAAK,CAAC,YAAY;gBAChC,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,GAAG;gBACjC,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,IAAI,EAAE,KAAK,CAAC,IAAI;aACjB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAMD,SAAS,sBAAsB;IAC7B,IAAI,CAAC,yBAAyB,EAAE,CAAC;QAC/B,yBAAyB,GAAG,oBAAoB,EAAE,CAAC;IACrD,CAAC;IACD,OAAO,yBAAyB,CAAC;AACnC,CAAC;AAKD,SAAS,mBAAmB,CAAC,MAAc;IACzC,OAAO,MAAM,IAAI,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC;AACvC,CAAC;AAKD,SAAS,UAAU,CAAC,GAAW;IAC7B,IAAI,CAAC;QACH,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QACb,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAcD,SAAS,cAAc,CAAC,MAAmB,EAAE,eAAwC;IACnF,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,QAAQ,GAAa,EAAE,CAAC;IAG9B,IAAI,YAAY,GAA+C,UAAU,CAAC;IAG1E,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QAElD,MAAM,aAAa,GAAG,eAAe,EAAE,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC;QAE/F,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,CAAC,MAAM,GAAG,aAAa,CAAC;YAC9B,YAAY,GAAG,UAAU,CAAC;QAC5B,CAAC;aAAM,CAAC;YAEN,MAAM,CAAC,MAAM,GAAG,sBAAsB,EAAE,CAAC;YACzC,YAAY,GAAG,gBAAgB,CAAC;QAClC,CAAC;IACH,CAAC;IAGD,MAAM,gBAAgB,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACvD,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAQ,CAAC,CAAC;IACzC,CAAC;SAAM,IAAI,gBAAgB,CAAC,OAAO,EAAE,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAC1C,CAAC;IAGD,QAAQ,YAAY,EAAE,CAAC;QACrB,KAAK,gBAAgB;YACnB,QAAQ,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;YACtF,QAAQ,CAAC,IAAI,CAAC,2EAA2E,CAAC,CAAC;YAC3F,QAAQ,CAAC,IAAI,CACX,uGAAuG,CACxG,CAAC;YACF,QAAQ,CAAC,IAAI,CAAC,iGAAiG,CAAC,CAAC;YACjH,MAAM;QACR,KAAK,UAAU;YACb,QAAQ,CAAC,IAAI,CACX,8GAA8G,CAC/G,CAAC;YACF,MAAM;IAEV,CAAC;IAGD,IAAI,MAAM,CAAC,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;QAClD,MAAM,CAAC,IAAI,CAAC,2BAA2B,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAC3D,CAAC;IAGD,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;QAC1B,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;YAC3C,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBACxB,MAAM,CAAC,IAAI,CAAC,iCAAiC,MAAM,EAAE,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;IAGD,IAAI,MAAM,CAAC,OAAO,EAAE,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3F,MAAM,CAAC,IAAI,CAAC,kCAAkC,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACzE,CAAC;IAKD,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;QAC3B,KAAK,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC;YAEtE,IAAI,QAAQ,IAAI,QAAQ,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;gBAE3C,MAAM,WAAW,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBACxC,MAAM,eAAe,GAAG,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC;gBAEhD,IAAI,WAAW,IAAI,eAAe,EAAE,CAAC;oBAEnC,SAAS;gBACX,CAAC;qBAAM,IAAI,WAAW,IAAI,eAAe,EAAE,CAAC;oBAE1C,IAAI,CAAC,WAAW,EAAE,CAAC;wBACjB,MAAM,CAAC,IAAI,CAAC,oBAAoB,IAAI,uBAAuB,CAAC,CAAC;oBAC/D,CAAC;oBACD,IAAI,CAAC,eAAe,EAAE,CAAC;wBACrB,MAAM,CAAC,IAAI,CAAC,oBAAoB,IAAI,2BAA2B,CAAC,CAAC;oBACnE,CAAC;gBACH,CAAC;qBAAM,CAAC;oBAGN,QAAQ,CAAC,IAAI,CACX,oBAAoB,IAAI,8DAA8D;wBACpF,qFAAqF,CACxF,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,MAAM;QACN,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;QAC1B,QAAQ;KACT,CAAC;AACJ,CAAC;AAMD,SAAS,cAAc,CAAC,MAAc;IACpC,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAClC,OAAO,EAAE,OAAO,EAAE,4CAA4C,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACjF,CAAC;IAGD,MAAM,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC1C,MAAM,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC1C,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACxC,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC/C,MAAM,cAAc,GAAG,CAAC,YAAY,EAAE,YAAY,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;IAEnG,IAAI,cAAc,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO;YACL,OAAO,EAAE,qGAAqG;YAC9G,KAAK,EAAE,IAAI;SACZ,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;AACzB,CAAC"}

package/dist/core/modules/better-auth/better-auth.middleware.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import { NestMiddleware } from '@nestjs/common';
+import { NextFunction, Request, Response } from 'express';
+import { BetterAuthSessionUser, BetterAuthUserMapper, MappedUser } from './better-auth-user.mapper';
+import { BetterAuthService } from './better-auth.service';
+export interface BetterAuthRequest extends Request {
+    betterAuthSession?: {
+        session: any;
+        user: BetterAuthSessionUser;
+    };
+    betterAuthUser?: BetterAuthSessionUser;
+    user?: MappedUser | Request['user'];
+}
+export declare class BetterAuthMiddleware implements NestMiddleware {
+    private readonly betterAuthService;
+    private readonly userMapper;
+    private readonly logger;
+    constructor(betterAuthService: BetterAuthService, userMapper: BetterAuthUserMapper);
+    use(req: BetterAuthRequest, _res: Response, next: NextFunction): Promise<void>;
+    private getSession;
+}

package/dist/core/modules/better-auth/better-auth.middleware.js ADDED Viewed

@@ -0,0 +1,79 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var BetterAuthMiddleware_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BetterAuthMiddleware = void 0;
+const common_1 = require("@nestjs/common");
+const better_auth_user_mapper_1 = require("./better-auth-user.mapper");
+const better_auth_service_1 = require("./better-auth.service");
+let BetterAuthMiddleware = BetterAuthMiddleware_1 = class BetterAuthMiddleware {
+    constructor(betterAuthService, userMapper) {
+        this.betterAuthService = betterAuthService;
+        this.userMapper = userMapper;
+        this.logger = new common_1.Logger(BetterAuthMiddleware_1.name);
+    }
+    async use(req, _res, next) {
+        if (!this.betterAuthService.isEnabled()) {
+            return next();
+        }
+        if (req.user) {
+            return next();
+        }
+        try {
+            const session = await this.getSession(req);
+            if (session?.user) {
+                req.betterAuthSession = session;
+                req.betterAuthUser = session.user;
+                const mappedUser = await this.userMapper.mapSessionUser(session.user);
+                if (mappedUser) {
+                    req.user = mappedUser;
+                }
+            }
+        }
+        catch (error) {
+            this.logger.debug(`Session validation failed: ${error instanceof Error ? error.message : 'Unknown error'}`);
+        }
+        next();
+    }
+    async getSession(req) {
+        const api = this.betterAuthService.getApi();
+        if (!api) {
+            return null;
+        }
+        try {
+            const headers = new Headers();
+            for (const [key, value] of Object.entries(req.headers)) {
+                if (typeof value === 'string') {
+                    headers.set(key, value);
+                }
+                else if (Array.isArray(value)) {
+                    headers.set(key, value.join(', '));
+                }
+            }
+            const response = await api.getSession({ headers });
+            if (response && typeof response === 'object' && 'user' in response) {
+                return response;
+            }
+            return null;
+        }
+        catch (error) {
+            this.logger.debug(`getSession error: ${error instanceof Error ? error.message : 'Unknown error'}`);
+            return null;
+        }
+    }
+};
+exports.BetterAuthMiddleware = BetterAuthMiddleware;
+exports.BetterAuthMiddleware = BetterAuthMiddleware = BetterAuthMiddleware_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [better_auth_service_1.BetterAuthService,
+        better_auth_user_mapper_1.BetterAuthUserMapper])
+], BetterAuthMiddleware);
+//# sourceMappingURL=better-auth.middleware.js.map

package/dist/core/modules/better-auth/better-auth.middleware.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"better-auth.middleware.js","sourceRoot":"","sources":["../../../../src/core/modules/better-auth/better-auth.middleware.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,2CAAoE;AAGpE,uEAAoG;AACpG,+DAA0D;AA2BnD,IAAM,oBAAoB,4BAA1B,MAAM,oBAAoB;IAG/B,YACmB,iBAAoC,EACpC,UAAgC;QADhC,sBAAiB,GAAjB,iBAAiB,CAAmB;QACpC,eAAU,GAAV,UAAU,CAAsB;QAJlC,WAAM,GAAG,IAAI,eAAM,CAAC,sBAAoB,CAAC,IAAI,CAAC,CAAC;IAK7D,CAAC;IAEJ,KAAK,CAAC,GAAG,CAAC,GAAsB,EAAE,IAAc,EAAE,IAAkB;QAElE,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,EAAE,CAAC;YACxC,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAGD,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;YACb,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YAEH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YAE3C,IAAI,OAAO,EAAE,IAAI,EAAE,CAAC;gBAElB,GAAG,CAAC,iBAAiB,GAAG,OAAO,CAAC;gBAChC,GAAG,CAAC,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;gBAGlC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBAEtE,IAAI,UAAU,EAAE,CAAC;oBAGf,GAAG,CAAC,IAAI,GAAG,UAAU,CAAC;gBACxB,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAGf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;QAC9G,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC;IAKO,KAAK,CAAC,UAAU,CAAC,GAAY;QACnC,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YAEH,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;YAC9B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;oBAC9B,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;gBAC1B,CAAC;qBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBAChC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;YAGD,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;YAEnD,IAAI,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,MAAM,IAAI,QAAQ,EAAE,CAAC;gBACnE,OAAO,QAAyD,CAAC;YACnE,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YACnG,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;CACF,CAAA;AA/EY,oDAAoB;+BAApB,oBAAoB;IADhC,IAAA,mBAAU,GAAE;qCAK2B,uCAAiB;QACxB,8CAAoB;GALxC,oBAAoB,CA+EhC"}

package/dist/core/modules/better-auth/better-auth.module.d.ts ADDED Viewed

@@ -0,0 +1,38 @@
+import { DynamicModule, MiddlewareConsumer, NestModule, OnModuleInit, Type } from '@nestjs/common';
+import { IBetterAuth } from '../../common/interfaces/server-options.interface';
+import { BetterAuthRateLimiter } from './better-auth-rate-limiter.service';
+import { BetterAuthInstance } from './better-auth.config';
+import { BetterAuthService } from './better-auth.service';
+import { CoreBetterAuthController } from './core-better-auth.controller';
+import { CoreBetterAuthResolver } from './core-better-auth.resolver';
+export declare const BETTER_AUTH_INSTANCE = "BETTER_AUTH_INSTANCE";
+export interface BetterAuthModuleOptions {
+    config: IBetterAuth;
+    controller?: Type<CoreBetterAuthController>;
+    fallbackSecrets?: (string | undefined)[];
+    resolver?: Type<CoreBetterAuthResolver>;
+}
+export declare class BetterAuthModule implements NestModule, OnModuleInit {
+    private readonly betterAuthService?;
+    private readonly rateLimiter?;
+    private static logger;
+    private static authInstance;
+    private static initialized;
+    private static initLogged;
+    private static betterAuthEnabled;
+    private static currentConfig;
+    private static customController;
+    private static customResolver;
+    private static getControllerClass;
+    private static getResolverClass;
+    constructor(betterAuthService?: BetterAuthService, rateLimiter?: BetterAuthRateLimiter);
+    onModuleInit(): void;
+    configure(consumer: MiddlewareConsumer): void;
+    private static waitForMongoConnection;
+    static forRoot(options: BetterAuthModuleOptions): DynamicModule;
+    static forRootAsync(): DynamicModule;
+    static getInstance(): BetterAuthInstance | null;
+    static reset(): void;
+    private static createDeferredModule;
+    private static logEnabledFeatures;
+}

package/dist/core/modules/better-auth/better-auth.module.js ADDED Viewed

@@ -0,0 +1,253 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var BetterAuthModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BetterAuthModule = exports.BETTER_AUTH_INSTANCE = void 0;
+const common_1 = require("@nestjs/common");
+const mongoose_1 = require("@nestjs/mongoose");
+const mongoose_2 = require("mongoose");
+const config_service_1 = require("../../common/services/config.service");
+const better_auth_rate_limit_middleware_1 = require("./better-auth-rate-limit.middleware");
+const better_auth_rate_limiter_service_1 = require("./better-auth-rate-limiter.service");
+const better_auth_user_mapper_1 = require("./better-auth-user.mapper");
+const better_auth_config_1 = require("./better-auth.config");
+const better_auth_middleware_1 = require("./better-auth.middleware");
+const better_auth_resolver_1 = require("./better-auth.resolver");
+const better_auth_service_1 = require("./better-auth.service");
+const core_better_auth_controller_1 = require("./core-better-auth.controller");
+exports.BETTER_AUTH_INSTANCE = 'BETTER_AUTH_INSTANCE';
+let BetterAuthModule = BetterAuthModule_1 = class BetterAuthModule {
+    static getControllerClass() {
+        return this.customController || core_better_auth_controller_1.CoreBetterAuthController;
+    }
+    static getResolverClass() {
+        return this.customResolver || better_auth_resolver_1.BetterAuthResolver;
+    }
+    constructor(betterAuthService, rateLimiter) {
+        this.betterAuthService = betterAuthService;
+        this.rateLimiter = rateLimiter;
+    }
+    onModuleInit() {
+        if (BetterAuthModule_1.authInstance && !BetterAuthModule_1.initialized) {
+            BetterAuthModule_1.initialized = true;
+            BetterAuthModule_1.logger.log('BetterAuthModule ready');
+        }
+        if (this.rateLimiter && BetterAuthModule_1.currentConfig?.rateLimit) {
+            this.rateLimiter.configure(BetterAuthModule_1.currentConfig.rateLimit);
+        }
+    }
+    configure(consumer) {
+        if (BetterAuthModule_1.betterAuthEnabled && this.betterAuthService?.isEnabled()) {
+            const basePath = BetterAuthModule_1.currentConfig?.basePath || '/iam';
+            if (BetterAuthModule_1.currentConfig?.rateLimit?.enabled) {
+                consumer.apply(better_auth_rate_limit_middleware_1.BetterAuthRateLimitMiddleware).forRoutes(`${basePath}/*path`);
+                BetterAuthModule_1.logger.log(`Rate limiting enabled for ${basePath}/*path endpoints`);
+            }
+            consumer.apply(better_auth_middleware_1.BetterAuthMiddleware).forRoutes('(.*)');
+            BetterAuthModule_1.logger.log('BetterAuthMiddleware registered for all routes');
+        }
+    }
+    static async waitForMongoConnection() {
+        const maxAttempts = 60;
+        const pollInterval = 500;
+        for (let attempt = 0; attempt < maxAttempts; attempt++) {
+            if (mongoose_2.default.connection.readyState === 1 && mongoose_2.default.connection.db) {
+                return;
+            }
+            if (mongoose_2.default.connection.readyState === 0) {
+                this.logger.debug(`MongoDB not connected (attempt ${attempt + 1}/${maxAttempts})`);
+            }
+            await new Promise((resolve) => setTimeout(resolve, pollInterval));
+        }
+        throw new Error('MongoDB connection timeout - ensure MongoDB is running and accessible');
+    }
+    static forRoot(options) {
+        const { config, controller, fallbackSecrets, resolver } = options;
+        this.currentConfig = config;
+        this.customController = controller || null;
+        this.customResolver = resolver || null;
+        if (config?.enabled === false) {
+            this.logger.debug('BetterAuth is explicitly disabled - skipping initialization');
+            this.betterAuthEnabled = false;
+            return {
+                exports: [exports.BETTER_AUTH_INSTANCE, better_auth_service_1.BetterAuthService, better_auth_user_mapper_1.BetterAuthUserMapper, better_auth_rate_limiter_service_1.BetterAuthRateLimiter],
+                module: BetterAuthModule_1,
+                providers: [
+                    {
+                        provide: exports.BETTER_AUTH_INSTANCE,
+                        useValue: null,
+                    },
+                    better_auth_service_1.BetterAuthService,
+                    better_auth_user_mapper_1.BetterAuthUserMapper,
+                    better_auth_rate_limiter_service_1.BetterAuthRateLimiter,
+                ],
+            };
+        }
+        this.betterAuthEnabled = true;
+        return this.createDeferredModule(config, fallbackSecrets);
+    }
+    static forRootAsync() {
+        return {
+            controllers: [this.getControllerClass()],
+            exports: [exports.BETTER_AUTH_INSTANCE, better_auth_service_1.BetterAuthService, better_auth_user_mapper_1.BetterAuthUserMapper, better_auth_rate_limiter_service_1.BetterAuthRateLimiter],
+            imports: [],
+            module: BetterAuthModule_1,
+            providers: [
+                {
+                    inject: [config_service_1.ConfigService],
+                    provide: exports.BETTER_AUTH_INSTANCE,
+                    useFactory: async (configService) => {
+                        const config = configService.get('betterAuth');
+                        this.currentConfig = config || null;
+                        if (config?.enabled === false) {
+                            this.logger.debug('BetterAuth is explicitly disabled');
+                            this.betterAuthEnabled = false;
+                            return null;
+                        }
+                        this.betterAuthEnabled = true;
+                        await this.waitForMongoConnection();
+                        const db = mongoose_2.default.connection.db;
+                        if (!db) {
+                            throw new Error('MongoDB database not available');
+                        }
+                        const jwtConfig = configService.get('jwt');
+                        const fallbackSecrets = [jwtConfig?.secret, jwtConfig?.refresh?.secret];
+                        this.authInstance = (0, better_auth_config_1.createBetterAuthInstance)({ config, db, fallbackSecrets });
+                        if (this.authInstance) {
+                            this.logger.log('BetterAuth initialized successfully');
+                            this.logEnabledFeatures(config);
+                        }
+                        return this.authInstance;
+                    },
+                },
+                {
+                    inject: [exports.BETTER_AUTH_INSTANCE, config_service_1.ConfigService],
+                    provide: better_auth_service_1.BetterAuthService,
+                    useFactory: (authInstance, configService) => {
+                        return new better_auth_service_1.BetterAuthService(authInstance, configService);
+                    },
+                },
+                better_auth_user_mapper_1.BetterAuthUserMapper,
+                better_auth_middleware_1.BetterAuthMiddleware,
+                better_auth_rate_limiter_service_1.BetterAuthRateLimiter,
+                better_auth_rate_limit_middleware_1.BetterAuthRateLimitMiddleware,
+                this.getResolverClass(),
+            ],
+        };
+    }
+    static getInstance() {
+        return this.authInstance;
+    }
+    static reset() {
+        this.authInstance = null;
+        this.initialized = false;
+        this.initLogged = false;
+        this.betterAuthEnabled = false;
+        this.currentConfig = null;
+        this.customController = null;
+        this.customResolver = null;
+    }
+    static createDeferredModule(config, fallbackSecrets) {
+        return {
+            controllers: [this.getControllerClass()],
+            exports: [exports.BETTER_AUTH_INSTANCE, better_auth_service_1.BetterAuthService, better_auth_user_mapper_1.BetterAuthUserMapper, better_auth_rate_limiter_service_1.BetterAuthRateLimiter],
+            module: BetterAuthModule_1,
+            providers: [
+                {
+                    inject: [(0, mongoose_1.getConnectionToken)()],
+                    provide: exports.BETTER_AUTH_INSTANCE,
+                    useFactory: async (connection) => {
+                        const db = connection.db;
+                        if (!db) {
+                            await this.waitForMongoConnection();
+                            const globalDb = mongoose_2.default.connection.db;
+                            if (!globalDb) {
+                                throw new Error('MongoDB database not available');
+                            }
+                            this.authInstance = (0, better_auth_config_1.createBetterAuthInstance)({ config, db: globalDb, fallbackSecrets });
+                        }
+                        else {
+                            this.authInstance = (0, better_auth_config_1.createBetterAuthInstance)({ config, db, fallbackSecrets });
+                        }
+                        if (this.authInstance && !this.initLogged) {
+                            this.initLogged = true;
+                            this.logger.log('BetterAuth initialized');
+                            this.logEnabledFeatures(config);
+                        }
+                        return this.authInstance;
+                    },
+                },
+                {
+                    inject: [exports.BETTER_AUTH_INSTANCE, config_service_1.ConfigService],
+                    provide: better_auth_service_1.BetterAuthService,
+                    useFactory: (authInstance, configService) => {
+                        return new better_auth_service_1.BetterAuthService(authInstance, configService);
+                    },
+                },
+                better_auth_user_mapper_1.BetterAuthUserMapper,
+                better_auth_middleware_1.BetterAuthMiddleware,
+                better_auth_rate_limiter_service_1.BetterAuthRateLimiter,
+                better_auth_rate_limit_middleware_1.BetterAuthRateLimitMiddleware,
+                this.getResolverClass(),
+            ],
+        };
+    }
+    static logEnabledFeatures(config) {
+        const features = [];
+        if (config.jwt && config.jwt.enabled !== false) {
+            features.push('JWT');
+        }
+        if (config.twoFactor && config.twoFactor.enabled !== false) {
+            features.push('2FA/TOTP');
+        }
+        if (config.passkey && config.passkey.enabled !== false) {
+            features.push('Passkey/WebAuthn');
+        }
+        const socialProviders = [];
+        if (config.socialProviders) {
+            for (const [name, provider] of Object.entries(config.socialProviders)) {
+                if (provider?.clientId && provider?.clientSecret && provider?.enabled !== false) {
+                    socialProviders.push(name.charAt(0).toUpperCase() + name.slice(1));
+                }
+            }
+        }
+        if (socialProviders.length > 0) {
+            features.push(`Social Login (${socialProviders.join(', ')})`);
+        }
+        if (config.rateLimit?.enabled) {
+            features.push(`Rate Limiting (${config.rateLimit.max || 10}/${config.rateLimit.windowSeconds || 60}s)`);
+        }
+        if (features.length > 0) {
+            this.logger.log(`Enabled features: ${features.join(', ')}`);
+        }
+    }
+};
+exports.BetterAuthModule = BetterAuthModule;
+BetterAuthModule.logger = new common_1.Logger(BetterAuthModule_1.name);
+BetterAuthModule.authInstance = null;
+BetterAuthModule.initialized = false;
+BetterAuthModule.initLogged = false;
+BetterAuthModule.betterAuthEnabled = false;
+BetterAuthModule.currentConfig = null;
+BetterAuthModule.customController = null;
+BetterAuthModule.customResolver = null;
+exports.BetterAuthModule = BetterAuthModule = BetterAuthModule_1 = __decorate([
+    (0, common_1.Global)(),
+    (0, common_1.Module)({}),
+    __param(0, (0, common_1.Optional)()),
+    __param(1, (0, common_1.Optional)()),
+    __metadata("design:paramtypes", [better_auth_service_1.BetterAuthService,
+        better_auth_rate_limiter_service_1.BetterAuthRateLimiter])
+], BetterAuthModule);
+//# sourceMappingURL=better-auth.module.js.map