@ley0x/better-auth-lastfm 1.0.0

package/README.md

@@ -0,0 +1,191 @@
+# BetterAuth Last.fm Plugin
+
+A clean, modern Last.fm authentication plugin for [BetterAuth](https://better-auth.com).
+
+## Features
+
+- 🔐 Complete Last.fm authentication flow implementation
+- 🎵 Session key storage for Last.fm API calls
+- 🌟 TypeScript support with full type safety
+- ⚛️ React hooks for easy integration
+- 🛠️ Modern architecture following BetterAuth patterns
+- 🚀 Zero additional dependencies (except peer dependencies)
+
+## Installation
+
+```bash
+npm install @ley0x/better-auth-lastfm
+# or
+pnpm add @ley0x/better-auth-lastfm
+# or
+yarn add @ley0x/better-auth-lastfm
+```
+
+## Setup
+
+### 1. Get Last.fm API Credentials
+
+1. Visit [Last.fm API Account Creation](https://www.last.fm/api/account/create)
+2. Create an application to get your API Key and Shared Secret
+
+### 2. Server Configuration
+
+```typescript
+import { betterAuth } from 'better-auth'
+import { lastfmPlugin } from '@ley0x/better-auth-lastfm'
+
+export const auth = betterAuth({
+  // ... your other config
+  plugins: [
+    lastfmPlugin({
+      apiKey: process.env.LASTFM_API_KEY!,
+      sharedSecret: process.env.LASTFM_SHARED_SECRET!,
+      // Optional: customize redirect URL after successful auth
+      redirectTo: '/dashboard', // default: '/dashboard'
+      // Optional: set base URL (usually auto-detected)
+      baseUrl: process.env.BETTER_AUTH_URL
+    })
+  ]
+})
+```
+
+### 3. Client Configuration
+
+```typescript
+import { createAuthClient } from 'better-auth/react'
+import { lastfmClientPlugin } from '@ley0x/better-auth-lastfm/client'
+
+export const authClient = createAuthClient({
+  plugins: [lastfmClientPlugin()]
+})
+
+export const { useSession, signOut, signIn, signUp } = authClient
+```
+
+## Usage
+
+### Basic Sign-In
+
+```typescript
+import { authClient } from './auth-client'
+
+// Redirect to Last.fm authentication
+await authClient.signInWithLastfm()
+```
+
+### React Hook
+
+```typescriptreact
+import { useLastfm } from '@ley0x/better-auth-lastfm/react'
+import { authClient } from './auth-client'
+
+function LoginButton() {
+  const { signInWithLastfm } = useLastfm(authClient)
+
+  return (
+    <button onClick={signInWithLastfm}>
+      Sign in with Last.fm
+    </button>
+  )
+}
+```
+
+### Getting Last.fm Session Key
+
+After authentication, you can retrieve the Last.fm session key to make API calls:
+
+```typescript
+import { authClient } from './auth-client'
+
+// Get the Last.fm session key for API calls
+const sessionKey = await authClient.getLastfmSessionKey()
+
+if (sessionKey) {
+  // Use session key to call Last.fm API
+  // Example: get user's recent tracks, scrobble, etc.
+}
+```
+
+### Making Last.fm API Calls
+
+```typescript
+import { createLastfmApiSignature } from '@ley0x/better-auth-lastfm'
+
+async function getRecentTracks(username: string, sessionKey: string) {
+  const params = {
+    method: 'user.getRecentTracks',
+    user: username,
+    api_key: process.env.LASTFM_API_KEY!,
+    sk: sessionKey,
+    format: 'json'
+  }
+
+  const signature = createLastfmApiSignature(params, process.env.LASTFM_SHARED_SECRET!)
+  
+  const url = new URL('https://ws.audioscrobbler.com/2.0/')
+  Object.entries({ ...params, api_sig: signature }).forEach(([key, value]) => {
+    url.searchParams.set(key, value)
+  })
+
+  const response = await fetch(url)
+  return response.json()
+}
+```
+
+## Environment Variables
+
+Add these to your `.env` file:
+
+```env
+LASTFM_API_KEY=your_api_key_here
+LASTFM_SHARED_SECRET=your_shared_secret_here
+BETTER_AUTH_URL=http://localhost:3000  # Your app's base URL
+BETTER_AUTH_SECRET=your_secret_here    # BetterAuth secret
+```
+
+## Database Schema
+
+The plugin uses BetterAuth's standard user and account tables. Last.fm session keys are stored in the `accessToken` field of the account record.
+
+## API Reference
+
+### `lastfmPlugin(options)`
+
+Server-side plugin configuration.
+
+#### Options
+
+- `apiKey` (required): Your Last.fm API key
+- `sharedSecret` (required): Your Last.fm shared secret  
+- `baseUrl` (optional): Your app's base URL for callbacks
+- `redirectTo` (optional): Path to redirect after successful auth
+
+### `lastfmClientPlugin()`
+
+Client-side plugin for browser environments.
+
+### Client Methods
+
+- `signInWithLastfm()`: Initiates Last.fm authentication flow
+- `getLastfmSessionKey()`: Returns the user's Last.fm session key
+
+## TypeScript Support
+
+Full TypeScript support with exported types:
+
+```typescript
+import type { 
+  LastfmPluginOptions,
+  LastfmSession,
+  LastfmAuthResponse,
+  LastfmUserProfile 
+} from '@ley0x/better-auth-lastfm'
+```
+
+## Contributing
+
+Contributions are welcome! Please feel free to submit a Pull Request.
+
+## License
+
+MIT

package/dist/client/index.cjs

@@ -0,0 +1,50 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/client/index.ts
+var index_exports = {};
+__export(index_exports, {
+  lastfmClientPlugin: () => lastfmClientPlugin
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/client/plugin.ts
+var lastfmClientPlugin = () => {
+  return {
+    id: "lastfm",
+    $InferServerPlugin: {},
+    getActions: ($fetch) => {
+      return {
+        signInWithLastfm: async () => {
+          window.location.href = "/api/auth/lastfm/login";
+        },
+        getLastfmSession: async () => {
+          const response = await $fetch("/api/auth/session", {
+            method: "GET"
+          });
+          return response;
+        }
+      };
+    }
+  };
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  lastfmClientPlugin
+});

package/dist/client/index.d.cts

@@ -0,0 +1,56 @@
+import * as better_auth_client from 'better-auth/client';
+import { BetterAuthPlugin } from 'better-auth';
+
+interface LastfmPluginOptions {
+    /**
+     * Last.fm API key
+     */
+    apiKey: string;
+    /**
+     * Last.fm shared secret for API signature generation
+     */
+    sharedSecret: string;
+    /**
+     * Base URL for your application (used for callback URL generation)
+     * @default process.env.BETTER_AUTH_URL || 'http://localhost:3000'
+     */
+    baseUrl?: string;
+    /**
+     * Custom redirect path after successful authentication
+     * @default '/dashboard'
+     */
+    redirectTo?: string;
+}
+
+/**
+ * Last.fm authentication plugin for BetterAuth
+ *
+ * Provides Last.fm authentication using their custom API flow (not OAuth)
+ * Creates a session with the Last.fm session key for subsequent API calls
+ */
+declare function lastfmPlugin(options: LastfmPluginOptions): BetterAuthPlugin;
+
+/**
+ * Client-side plugin for Last.fm authentication
+ * Provides methods to interact with Last.fm authentication flow
+ */
+declare const lastfmClientPlugin: () => {
+    id: "lastfm";
+    $InferServerPlugin: ReturnType<typeof lastfmPlugin>;
+    getActions: ($fetch: better_auth_client.BetterFetch) => {
+        signInWithLastfm: () => Promise<void>;
+        getLastfmSession: () => Promise<{
+            data: unknown;
+            error: null;
+        } | {
+            data: null;
+            error: {
+                message?: string | undefined;
+                status: number;
+                statusText: string;
+            };
+        }>;
+    };
+};
+
+export { lastfmClientPlugin };

package/dist/client/index.d.ts

@@ -0,0 +1,56 @@
+import * as better_auth_client from 'better-auth/client';
+import { BetterAuthPlugin } from 'better-auth';
+
+interface LastfmPluginOptions {
+    /**
+     * Last.fm API key
+     */
+    apiKey: string;
+    /**
+     * Last.fm shared secret for API signature generation
+     */
+    sharedSecret: string;
+    /**
+     * Base URL for your application (used for callback URL generation)
+     * @default process.env.BETTER_AUTH_URL || 'http://localhost:3000'
+     */
+    baseUrl?: string;
+    /**
+     * Custom redirect path after successful authentication
+     * @default '/dashboard'
+     */
+    redirectTo?: string;
+}
+
+/**
+ * Last.fm authentication plugin for BetterAuth
+ *
+ * Provides Last.fm authentication using their custom API flow (not OAuth)
+ * Creates a session with the Last.fm session key for subsequent API calls
+ */
+declare function lastfmPlugin(options: LastfmPluginOptions): BetterAuthPlugin;
+
+/**
+ * Client-side plugin for Last.fm authentication
+ * Provides methods to interact with Last.fm authentication flow
+ */
+declare const lastfmClientPlugin: () => {
+    id: "lastfm";
+    $InferServerPlugin: ReturnType<typeof lastfmPlugin>;
+    getActions: ($fetch: better_auth_client.BetterFetch) => {
+        signInWithLastfm: () => Promise<void>;
+        getLastfmSession: () => Promise<{
+            data: unknown;
+            error: null;
+        } | {
+            data: null;
+            error: {
+                message?: string | undefined;
+                status: number;
+                statusText: string;
+            };
+        }>;
+    };
+};
+
+export { lastfmClientPlugin };

package/dist/client/index.js

@@ -0,0 +1,23 @@
+// src/client/plugin.ts
+var lastfmClientPlugin = () => {
+  return {
+    id: "lastfm",
+    $InferServerPlugin: {},
+    getActions: ($fetch) => {
+      return {
+        signInWithLastfm: async () => {
+          window.location.href = "/api/auth/lastfm/login";
+        },
+        getLastfmSession: async () => {
+          const response = await $fetch("/api/auth/session", {
+            method: "GET"
+          });
+          return response;
+        }
+      };
+    }
+  };
+};
+export {
+  lastfmClientPlugin
+};

package/dist/index.cjs

@@ -0,0 +1,201 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  createLastfmApiSignature: () => createLastfmApiSignature,
+  lastfmPlugin: () => lastfmPlugin
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/server/plugin.ts
+var import_api = require("better-auth/api");
+var import_zod = require("zod");
+
+// src/utils/api-signature.ts
+var import_crypto = require("crypto");
+function createLastfmApiSignature(params, secret) {
+  const sortedParams = Object.keys(params).sort().map((key) => `${key}${params[key]}`).join("");
+  return (0, import_crypto.createHash)("md5").update(sortedParams + secret).digest("hex");
+}
+
+// src/server/plugin.ts
+var lastfmResponseSchema = import_zod.z.object({
+  session: import_zod.z.object({
+    key: import_zod.z.string(),
+    name: import_zod.z.string(),
+    subscriber: import_zod.z.number()
+  })
+});
+var userSchema = import_zod.z.object({
+  id: import_zod.z.string(),
+  name: import_zod.z.string(),
+  email: import_zod.z.string(),
+  emailVerified: import_zod.z.boolean(),
+  image: import_zod.z.string().nullish(),
+  createdAt: import_zod.z.date(),
+  updatedAt: import_zod.z.date()
+});
+var accountSchema = import_zod.z.object({
+  id: import_zod.z.string(),
+  accountId: import_zod.z.string(),
+  providerId: import_zod.z.string(),
+  userId: import_zod.z.string(),
+  accessToken: import_zod.z.string().nullish(),
+  refreshToken: import_zod.z.string().nullish(),
+  idToken: import_zod.z.string().nullish(),
+  accessTokenExpiresAt: import_zod.z.date().nullish(),
+  refreshTokenExpiresAt: import_zod.z.date().nullish(),
+  scope: import_zod.z.string().nullish(),
+  password: import_zod.z.string().nullish(),
+  createdAt: import_zod.z.date(),
+  updatedAt: import_zod.z.date()
+});
+function lastfmPlugin(options) {
+  const {
+    apiKey,
+    sharedSecret,
+    baseUrl = process.env.BETTER_AUTH_URL || "http://localhost:3000",
+    redirectTo = "/dashboard"
+  } = options;
+  if (!apiKey || !sharedSecret) {
+    throw new Error("Last.fm plugin requires both apiKey and sharedSecret");
+  }
+  return {
+    id: "lastfm",
+    endpoints: {
+      "/lastfm/signin": (0, import_api.createAuthEndpoint)("/lastfm/signin", { method: "GET" }, async (ctx) => {
+        const callbackUrl = `${baseUrl}/api/auth/lastfm/callback`;
+        const authUrl = `https://www.last.fm/api/auth/?api_key=${apiKey}&cb=${encodeURIComponent(callbackUrl)}`;
+        return ctx.redirect(authUrl);
+      }),
+      "/lastfm/callback": (0, import_api.createAuthEndpoint)(
+        "/lastfm/callback",
+        { method: "GET" },
+        async (ctx) => {
+          const { token } = ctx.query;
+          if (!token) {
+            ctx.context.logger?.error("Last.fm callback: Missing token parameter");
+            return ctx.json({ error: "Authentication failed: Missing token" }, { status: 400 });
+          }
+          try {
+            const sessionData = await exchangeTokenForSession(token, apiKey, sharedSecret);
+            const { username, sessionKey } = sessionData;
+            const existingAccount = await ctx.context.adapter.findOne({
+              model: "account",
+              where: [
+                { field: "providerId", value: "lastfm" },
+                { field: "accountId", value: username }
+              ]
+            });
+            let user;
+            if (existingAccount) {
+              const validatedAccount = accountSchema.parse(existingAccount);
+              await ctx.context.adapter.update({
+                model: "account",
+                where: [{ field: "id", value: validatedAccount.id }],
+                update: {
+                  accessToken: sessionKey,
+                  updatedAt: /* @__PURE__ */ new Date()
+                }
+              });
+              const existingUser = await ctx.context.adapter.findOne({
+                model: "user",
+                where: [{ field: "id", value: validatedAccount.userId }]
+              });
+              if (!existingUser) {
+                return ctx.json({ error: "User not found" }, { status: 404 });
+              }
+              user = userSchema.parse(existingUser);
+            } else {
+              const newUser = await ctx.context.adapter.create({
+                model: "user",
+                data: {
+                  name: username,
+                  email: `${username}@lastfm.local`,
+                  emailVerified: true,
+                  image: null
+                }
+              });
+              user = userSchema.parse(newUser);
+              await ctx.context.adapter.create({
+                model: "account",
+                data: {
+                  accountId: username,
+                  providerId: "lastfm",
+                  userId: user.id,
+                  accessToken: sessionKey
+                }
+              });
+            }
+            const session = await ctx.context.internalAdapter.createSession(user.id, ctx);
+            const cookieName = ctx.context.authCookies.sessionToken.name;
+            const cookieOptions = ctx.context.authCookies.sessionToken.options;
+            await ctx.setSignedCookie(
+              cookieName,
+              session.token,
+              ctx.context.secret,
+              {
+                ...cookieOptions,
+                maxAge: void 0
+              }
+            );
+            return ctx.redirect(redirectTo);
+          } catch (error) {
+            ctx.context.logger?.error("Last.fm authentication error:", error);
+            return ctx.json(
+              { error: "Authentication failed" },
+              { status: 500 }
+            );
+          }
+        }
+      )
+    }
+  };
+}
+async function exchangeTokenForSession(token, apiKey, sharedSecret) {
+  const params = {
+    api_key: apiKey,
+    method: "auth.getSession",
+    token
+  };
+  const apiSignature = createLastfmApiSignature(params, sharedSecret);
+  const url = new URL("https://ws.audioscrobbler.com/2.0/");
+  url.searchParams.set("method", "auth.getSession");
+  url.searchParams.set("api_key", apiKey);
+  url.searchParams.set("token", token);
+  url.searchParams.set("api_sig", apiSignature);
+  url.searchParams.set("format", "json");
+  const response = await fetch(url.toString());
+  if (!response.ok) {
+    throw new Error(`Last.fm API error: ${response.status} ${response.statusText}`);
+  }
+  const data = await response.json();
+  const validatedData = lastfmResponseSchema.parse(data);
+  return {
+    username: validatedData.session.name,
+    sessionKey: validatedData.session.key
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createLastfmApiSignature,
+  lastfmPlugin
+});

package/dist/index.d.cts

@@ -0,0 +1,52 @@
+import { BetterAuthPlugin } from 'better-auth';
+
+interface LastfmPluginOptions {
+    /**
+     * Last.fm API key
+     */
+    apiKey: string;
+    /**
+     * Last.fm shared secret for API signature generation
+     */
+    sharedSecret: string;
+    /**
+     * Base URL for your application (used for callback URL generation)
+     * @default process.env.BETTER_AUTH_URL || 'http://localhost:3000'
+     */
+    baseUrl?: string;
+    /**
+     * Custom redirect path after successful authentication
+     * @default '/dashboard'
+     */
+    redirectTo?: string;
+}
+interface LastfmSession {
+    key: string;
+    name: string;
+    subscriber: number;
+}
+interface LastfmAuthResponse {
+    session: LastfmSession;
+}
+interface LastfmUserProfile {
+    username: string;
+    sessionKey: string;
+}
+
+/**
+ * Last.fm authentication plugin for BetterAuth
+ *
+ * Provides Last.fm authentication using their custom API flow (not OAuth)
+ * Creates a session with the Last.fm session key for subsequent API calls
+ */
+declare function lastfmPlugin(options: LastfmPluginOptions): BetterAuthPlugin;
+
+/**
+ * Creates a Last.fm API signature as required by their authentication flow
+ * @param params - Object containing API parameters
+ * @param secret - Last.fm shared secret
+ * @returns MD5 hash of sorted parameters + secret
+ */
+declare function createLastfmApiSignature(params: Record<string, string>, secret: string): string;
+
+export { type LastfmAuthResponse, type LastfmPluginOptions, type LastfmSession, type LastfmUserProfile, createLastfmApiSignature, lastfmPlugin };

package/dist/index.d.ts

@@ -0,0 +1,52 @@
+import { BetterAuthPlugin } from 'better-auth';
+
+interface LastfmPluginOptions {
+    /**
+     * Last.fm API key
+     */
+    apiKey: string;
+    /**
+     * Last.fm shared secret for API signature generation
+     */
+    sharedSecret: string;
+    /**
+     * Base URL for your application (used for callback URL generation)
+     * @default process.env.BETTER_AUTH_URL || 'http://localhost:3000'
+     */
+    baseUrl?: string;
+    /**
+     * Custom redirect path after successful authentication
+     * @default '/dashboard'
+     */
+    redirectTo?: string;
+}
+interface LastfmSession {
+    key: string;
+    name: string;
+    subscriber: number;
+}
+interface LastfmAuthResponse {
+    session: LastfmSession;
+}
+interface LastfmUserProfile {
+    username: string;
+    sessionKey: string;
+}
+
+/**
+ * Last.fm authentication plugin for BetterAuth
+ *
+ * Provides Last.fm authentication using their custom API flow (not OAuth)
+ * Creates a session with the Last.fm session key for subsequent API calls
+ */
+declare function lastfmPlugin(options: LastfmPluginOptions): BetterAuthPlugin;
+
+/**
+ * Creates a Last.fm API signature as required by their authentication flow
+ * @param params - Object containing API parameters
+ * @param secret - Last.fm shared secret
+ * @returns MD5 hash of sorted parameters + secret
+ */
+declare function createLastfmApiSignature(params: Record<string, string>, secret: string): string;
+
+export { type LastfmAuthResponse, type LastfmPluginOptions, type LastfmSession, type LastfmUserProfile, createLastfmApiSignature, lastfmPlugin };

package/dist/index.js

@@ -0,0 +1,173 @@
+// src/server/plugin.ts
+import { createAuthEndpoint } from "better-auth/api";
+import { z } from "zod";
+
+// src/utils/api-signature.ts
+import { createHash } from "crypto";
+function createLastfmApiSignature(params, secret) {
+  const sortedParams = Object.keys(params).sort().map((key) => `${key}${params[key]}`).join("");
+  return createHash("md5").update(sortedParams + secret).digest("hex");
+}
+
+// src/server/plugin.ts
+var lastfmResponseSchema = z.object({
+  session: z.object({
+    key: z.string(),
+    name: z.string(),
+    subscriber: z.number()
+  })
+});
+var userSchema = z.object({
+  id: z.string(),
+  name: z.string(),
+  email: z.string(),
+  emailVerified: z.boolean(),
+  image: z.string().nullish(),
+  createdAt: z.date(),
+  updatedAt: z.date()
+});
+var accountSchema = z.object({
+  id: z.string(),
+  accountId: z.string(),
+  providerId: z.string(),
+  userId: z.string(),
+  accessToken: z.string().nullish(),
+  refreshToken: z.string().nullish(),
+  idToken: z.string().nullish(),
+  accessTokenExpiresAt: z.date().nullish(),
+  refreshTokenExpiresAt: z.date().nullish(),
+  scope: z.string().nullish(),
+  password: z.string().nullish(),
+  createdAt: z.date(),
+  updatedAt: z.date()
+});
+function lastfmPlugin(options) {
+  const {
+    apiKey,
+    sharedSecret,
+    baseUrl = process.env.BETTER_AUTH_URL || "http://localhost:3000",
+    redirectTo = "/dashboard"
+  } = options;
+  if (!apiKey || !sharedSecret) {
+    throw new Error("Last.fm plugin requires both apiKey and sharedSecret");
+  }
+  return {
+    id: "lastfm",
+    endpoints: {
+      "/lastfm/signin": createAuthEndpoint("/lastfm/signin", { method: "GET" }, async (ctx) => {
+        const callbackUrl = `${baseUrl}/api/auth/lastfm/callback`;
+        const authUrl = `https://www.last.fm/api/auth/?api_key=${apiKey}&cb=${encodeURIComponent(callbackUrl)}`;
+        return ctx.redirect(authUrl);
+      }),
+      "/lastfm/callback": createAuthEndpoint(
+        "/lastfm/callback",
+        { method: "GET" },
+        async (ctx) => {
+          const { token } = ctx.query;
+          if (!token) {
+            ctx.context.logger?.error("Last.fm callback: Missing token parameter");
+            return ctx.json({ error: "Authentication failed: Missing token" }, { status: 400 });
+          }
+          try {
+            const sessionData = await exchangeTokenForSession(token, apiKey, sharedSecret);
+            const { username, sessionKey } = sessionData;
+            const existingAccount = await ctx.context.adapter.findOne({
+              model: "account",
+              where: [
+                { field: "providerId", value: "lastfm" },
+                { field: "accountId", value: username }
+              ]
+            });
+            let user;
+            if (existingAccount) {
+              const validatedAccount = accountSchema.parse(existingAccount);
+              await ctx.context.adapter.update({
+                model: "account",
+                where: [{ field: "id", value: validatedAccount.id }],
+                update: {
+                  accessToken: sessionKey,
+                  updatedAt: /* @__PURE__ */ new Date()
+                }
+              });
+              const existingUser = await ctx.context.adapter.findOne({
+                model: "user",
+                where: [{ field: "id", value: validatedAccount.userId }]
+              });
+              if (!existingUser) {
+                return ctx.json({ error: "User not found" }, { status: 404 });
+              }
+              user = userSchema.parse(existingUser);
+            } else {
+              const newUser = await ctx.context.adapter.create({
+                model: "user",
+                data: {
+                  name: username,
+                  email: `${username}@lastfm.local`,
+                  emailVerified: true,
+                  image: null
+                }
+              });
+              user = userSchema.parse(newUser);
+              await ctx.context.adapter.create({
+                model: "account",
+                data: {
+                  accountId: username,
+                  providerId: "lastfm",
+                  userId: user.id,
+                  accessToken: sessionKey
+                }
+              });
+            }
+            const session = await ctx.context.internalAdapter.createSession(user.id, ctx);
+            const cookieName = ctx.context.authCookies.sessionToken.name;
+            const cookieOptions = ctx.context.authCookies.sessionToken.options;
+            await ctx.setSignedCookie(
+              cookieName,
+              session.token,
+              ctx.context.secret,
+              {
+                ...cookieOptions,
+                maxAge: void 0
+              }
+            );
+            return ctx.redirect(redirectTo);
+          } catch (error) {
+            ctx.context.logger?.error("Last.fm authentication error:", error);
+            return ctx.json(
+              { error: "Authentication failed" },
+              { status: 500 }
+            );
+          }
+        }
+      )
+    }
+  };
+}
+async function exchangeTokenForSession(token, apiKey, sharedSecret) {
+  const params = {
+    api_key: apiKey,
+    method: "auth.getSession",
+    token
+  };
+  const apiSignature = createLastfmApiSignature(params, sharedSecret);
+  const url = new URL("https://ws.audioscrobbler.com/2.0/");
+  url.searchParams.set("method", "auth.getSession");
+  url.searchParams.set("api_key", apiKey);
+  url.searchParams.set("token", token);
+  url.searchParams.set("api_sig", apiSignature);
+  url.searchParams.set("format", "json");
+  const response = await fetch(url.toString());
+  if (!response.ok) {
+    throw new Error(`Last.fm API error: ${response.status} ${response.statusText}`);
+  }
+  const data = await response.json();
+  const validatedData = lastfmResponseSchema.parse(data);
+  return {
+    username: validatedData.session.name,
+    sessionKey: validatedData.session.key
+  };
+}
+export {
+  createLastfmApiSignature,
+  lastfmPlugin
+};

package/package.json

@@ -0,0 +1,82 @@
+{
+  "name": "@ley0x/better-auth-lastfm",
+  "version": "1.0.0",
+  "type": "module",
+  "description": "Last.fm authentication plugin for BetterAuth",
+  "main": "dist/index.js",
+  "module": "dist/index.mjs",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
+    },
+    "./client": {
+      "types": "./dist/client/index.d.ts",
+      "import": "./dist/client/index.mjs",
+      "require": "./dist/client/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "keywords": [
+    "better-auth",
+    "lastfm",
+    "authentication",
+    "auth",
+    "plugin",
+    "typescript"
+  ],
+  "author": "ley0x <ley0x@pm.me>",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/ley0x/better-auth-lastfm.git"
+  },
+  "bugs": {
+    "url": "https://github.com/ley0x/better-auth-lastfm/issues"
+  },
+  "homepage": "https://github.com/ley0x/better-auth-lastfm#readme",
+  "peerDependencies": {
+    "better-auth": "^0.x.x",
+    "react": ">=16.8.0"
+  },
+  "peerDependenciesMeta": {
+    "react": {
+      "optional": true
+    }
+  },
+  "dependencies": {
+    "zod": "^3.25.76"
+  },
+  "devDependencies": {
+    "@eslint/js": "^9.33.0",
+    "@types/node": "^20.19.10",
+    "@types/react": "^18.3.23",
+    "better-auth": "latest",
+    "eslint": "^9.33.0",
+    "react": "^18.3.1",
+    "tsup": "^8.5.0",
+    "typescript": "^5.9.2",
+    "typescript-eslint": "^8.39.1",
+    "vitest": "^1.6.1"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "type-check": "tsc --noEmit",
+    "lint": "eslint src --max-warnings 0",
+    "lint:fix": "eslint src --fix",
+    "test": "vitest",
+    "test:ui": "vitest --ui"
+  }
+}