@lunora/auth 1.0.0-alpha.12 → 1.0.0-alpha.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.mjs CHANGED
@@ -1,9 +1,9 @@
1
1
  export { lunoraAuthAdapter, lunoraD1Adapter } from './adapter.mjs';
2
2
  export { LunoraAuthAdminError, createAuthAdmin } from './packem_shared/LunoraAuthAdminError-BxrfEeA_.mjs';
3
- export { createAuth, resolveAuthOptions } from './packem_shared/createAuth-CChKko05.mjs';
3
+ export { createAuth, resolveAuthOptions } from './packem_shared/createAuth-hRGxUJ9w.mjs';
4
4
  export { DEFAULT_AUTH_BASE_PATH, handleAuthRequest } from './packem_shared/DEFAULT_AUTH_BASE_PATH-DjcUWEQl.mjs';
5
5
  export { LunoraAuthHeadersError, withAuthPlugins } from './middleware.mjs';
6
- export { compileMigrationsSql, ensureMigrated } from './packem_shared/compileMigrationsSql-Cz0omU09.mjs';
6
+ export { compileMigrationsSql, ensureMigrated } from './packem_shared/compileMigrationsSql-cyE5U18R.mjs';
7
7
  export { default as authTables } from './schema.mjs';
8
8
  export { sessionPresets, validateSessionPolicy } from './packem_shared/sessionPresets-Dwwd74_J.mjs';
9
9
  export { createSqlAuthStore, d1Executor } from './sql-store.mjs';
@@ -1,5 +1,5 @@
1
1
  import { getMigrations } from 'better-auth/db/migration';
2
- import { resolveAuthOptions } from './createAuth-CChKko05.mjs';
2
+ import { resolveAuthOptions } from './createAuth-hRGxUJ9w.mjs';
3
3
 
4
4
  const migrating = /* @__PURE__ */ new WeakMap();
5
5
  const ensureMigrated = async (auth) => {
@@ -21,6 +21,21 @@ const isHttpsBaseUrl = (baseURL) => {
21
21
  }
22
22
  return false;
23
23
  };
24
+ const isExplicitHttpBaseUrl = (baseURL) => {
25
+ if (typeof baseURL === "string") {
26
+ return baseURL.startsWith("http://");
27
+ }
28
+ if (baseURL && typeof baseURL === "object") {
29
+ if (baseURL.protocol === "http") {
30
+ return true;
31
+ }
32
+ if (baseURL.protocol === "https") {
33
+ return false;
34
+ }
35
+ return typeof baseURL.fallback === "string" && baseURL.fallback.startsWith("http://");
36
+ }
37
+ return false;
38
+ };
24
39
  const hardenAuthOptions = (options) => {
25
40
  if (isWeakSecret(options.secret)) {
26
41
  const message = `@lunora/auth: AUTH_SECRET is only ${String(options.secret?.trim().length)} characters. Use at least ${String(MIN_SECRET_LENGTH)} for a brute-force-resistant secret — generate one with \`openssl rand -hex 32\`.`;
@@ -35,7 +50,7 @@ const hardenAuthOptions = (options) => {
35
50
  advanced: {
36
51
  ...advanced,
37
52
  defaultCookieAttributes: advanced.defaultCookieAttributes ?? { httpOnly: true, path: "/", sameSite: "lax" },
38
- ...advanced.useSecureCookies === void 0 && isHttpsBaseUrl(options.baseURL) ? { useSecureCookies: true } : {}
53
+ ...advanced.useSecureCookies === void 0 ? { useSecureCookies: !isExplicitHttpBaseUrl(options.baseURL) } : {}
39
54
  }
40
55
  };
41
56
  };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lunora/auth",
3
- "version": "1.0.0-alpha.12",
3
+ "version": "1.0.0-alpha.13",
4
4
  "description": "Auth for Lunora — a thin better-auth wrapper: email/password, OAuth, plugins, D1-backed",
5
5
  "keywords": [
6
6
  "auth",
@@ -83,7 +83,7 @@
83
83
  },
84
84
  "dependencies": {
85
85
  "@better-auth/passkey": "^1.6.22",
86
- "@lunora/server": "1.0.0-alpha.11",
86
+ "@lunora/server": "1.0.0-alpha.12",
87
87
  "@lunora/values": "1.0.0-alpha.3",
88
88
  "better-auth": "^1.6.22"
89
89
  },