npm - @mastra/auth-better-auth - Versions diffs - 0.0.0-agent-chat-ui-20260305212602 - Mend

@mastra/auth-better-auth 0.0.0-agent-chat-ui-20260305212602

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,124 @@
+# @mastra/auth-better-auth
+## 0.0.0-agent-chat-ui-20260305212602
+### Patch Changes
+- Updated dependencies [[`41e48c1`](https://github.com/mastra-ai/mastra/commit/41e48c198eee846478e60c02ec432c19d322a517), [`82469d3`](https://github.com/mastra-ai/mastra/commit/82469d3135d5a49dd8dc8feec0ff398b4e0225a0), [`33e2fd5`](https://github.com/mastra-ai/mastra/commit/33e2fd5088f83666df17401e2da68c943dbc0448), [`7ef6e2c`](https://github.com/mastra-ai/mastra/commit/7ef6e2c61be5a42e26f55d15b5902866fc76634f), [`b12d2a5`](https://github.com/mastra-ai/mastra/commit/b12d2a59a48be0477cabae66eb6cf0fc94a7d40d), [`fa37d39`](https://github.com/mastra-ai/mastra/commit/fa37d39910421feaf8847716292e3d65dd4f30c2), [`b12d2a5`](https://github.com/mastra-ai/mastra/commit/b12d2a59a48be0477cabae66eb6cf0fc94a7d40d), [`71c38bf`](https://github.com/mastra-ai/mastra/commit/71c38bf905905148ecd0e75c07c1f9825d299b76), [`f993c38`](https://github.com/mastra-ai/mastra/commit/f993c3848c97479b813231be872443bedeced6ab), [`f51849a`](https://github.com/mastra-ai/mastra/commit/f51849a568935122b5100b7ee69704e6d680cf7b), [`9bf3a0d`](https://github.com/mastra-ai/mastra/commit/9bf3a0dac602787925f1762f1f0387d7b4a59620), [`cafa045`](https://github.com/mastra-ai/mastra/commit/cafa0453c9de141ad50c09a13894622dffdd9978), [`1fd9ddb`](https://github.com/mastra-ai/mastra/commit/1fd9ddbb3fe83b281b12bd2e27e426ae86288266), [`6135ef4`](https://github.com/mastra-ai/mastra/commit/6135ef4f5288652bf45f616ec590607e4c95f443), [`d9d228c`](https://github.com/mastra-ai/mastra/commit/d9d228c0c6ae82ae6ce3b540a3a56b2b1c2b8d98), [`5576507`](https://github.com/mastra-ai/mastra/commit/55765071e360fb97e443aa0a91ccf7e1cd8d92aa), [`79d69c9`](https://github.com/mastra-ai/mastra/commit/79d69c9d5f842ff1c31352fb6026f04c1f6190f3), [`94f44b8`](https://github.com/mastra-ai/mastra/commit/94f44b827ce57b179e50f4916a84c0fa6e7f3b8c), [`13187db`](https://github.com/mastra-ai/mastra/commit/13187dbac880174232dedc5a501ff6c5d0fe59bc), [`2ae5311`](https://github.com/mastra-ai/mastra/commit/2ae531185fff66a80fa165c0999e3d801900e89d), [`6135ef4`](https://github.com/mastra-ai/mastra/commit/6135ef4f5288652bf45f616ec590607e4c95f443)]:
+  - @mastra/core@0.0.0-agent-chat-ui-20260305212602
+## 1.0.2
+### Patch Changes
+- Expanded `@mastra/auth-better-auth` to implement the new auth interfaces (`IUserProvider`, `ISessionProvider`, `ICredentialsProvider`) from `@mastra/core/auth`. Adds support for username/password credential flows alongside the existing token-based authentication. ([#13163](https://github.com/mastra-ai/mastra/pull/13163))
+- Updated dependencies [[`504fc8b`](https://github.com/mastra-ai/mastra/commit/504fc8b9d0ddab717577ad3bf9c95ea4bd5377bd), [`f9c150b`](https://github.com/mastra-ai/mastra/commit/f9c150b7595ad05ad9cc9a11098e2944361e8c22), [`88de7e8`](https://github.com/mastra-ai/mastra/commit/88de7e8dfe4b7e1951a9e441bb33136e705ce24e), [`edee4b3`](https://github.com/mastra-ai/mastra/commit/edee4b37dff0af515fc7cc0e8d71ee39e6a762f0), [`3790c75`](https://github.com/mastra-ai/mastra/commit/3790c7578cc6a47d854eb12d89e6b1912867fe29), [`e7a235b`](https://github.com/mastra-ai/mastra/commit/e7a235be6472e0c870ed6c791ddb17c492dc188b), [`d51d298`](https://github.com/mastra-ai/mastra/commit/d51d298953967aab1f58ec965b644d109214f085), [`6dbeeb9`](https://github.com/mastra-ai/mastra/commit/6dbeeb94a8b1eebb727300d1a98961f882180794), [`d5f0d8d`](https://github.com/mastra-ai/mastra/commit/d5f0d8d6a03e515ddaa9b5da19b7e44b8357b07b), [`09c3b18`](https://github.com/mastra-ai/mastra/commit/09c3b1802ff14e243a8a8baea327440bc8cc2e32), [`b896379`](https://github.com/mastra-ai/mastra/commit/b8963791c6afa79484645fcec596a201f936b9a2), [`85c84eb`](https://github.com/mastra-ai/mastra/commit/85c84ebb78aebfcba9d209c8e152b16d7a00cb71), [`a89272a`](https://github.com/mastra-ai/mastra/commit/a89272a5d71939b9fcd284e6a6dc1dd091a6bdcf), [`ee9c8df`](https://github.com/mastra-ai/mastra/commit/ee9c8df644f19d055af5f496bf4942705f5a47b7), [`77b4a25`](https://github.com/mastra-ai/mastra/commit/77b4a254e51907f8ff3a3ba95596a18e93ae4b35), [`276246e`](https://github.com/mastra-ai/mastra/commit/276246e0b9066a1ea48bbc70df84dbe528daaf99), [`08ecfdb`](https://github.com/mastra-ai/mastra/commit/08ecfdbdad6fb8285deef86a034bdf4a6047cfca), [`d5f628c`](https://github.com/mastra-ai/mastra/commit/d5f628ca86c6f6f3ff1035d52f635df32dd81cab), [`524c0f3`](https://github.com/mastra-ai/mastra/commit/524c0f3c434c3d9d18f66338dcef383d6161b59c), [`c18a0e9`](https://github.com/mastra-ai/mastra/commit/c18a0e9cef1e4ca004b2963d35e4cfc031971eac), [`4bd21ea`](https://github.com/mastra-ai/mastra/commit/4bd21ea43d44d0a0427414fc047577f9f0aa3bec), [`115a7a4`](https://github.com/mastra-ai/mastra/commit/115a7a47db5e9896fec12ae6507501adb9ec89bf), [`22a48ae`](https://github.com/mastra-ai/mastra/commit/22a48ae2513eb54d8d79dad361fddbca97a155e8), [`3c6ef79`](https://github.com/mastra-ai/mastra/commit/3c6ef798481e00d6d22563be2de98818fd4dd5e0), [`9311c17`](https://github.com/mastra-ai/mastra/commit/9311c17d7a0640d9c4da2e71b814dc67c57c6369), [`7edf78f`](https://github.com/mastra-ai/mastra/commit/7edf78f80422c43e84585f08ba11df0d4d0b73c5), [`1c4221c`](https://github.com/mastra-ai/mastra/commit/1c4221cf6032ec98d0e094d4ee11da3e48490d96), [`d25b9ea`](https://github.com/mastra-ai/mastra/commit/d25b9eabd400167255a97b690ffbc4ee4097ded5), [`fe1ce5c`](https://github.com/mastra-ai/mastra/commit/fe1ce5c9211c03d561606fda95cbfe7df1d9a9b5), [`b03c0e0`](https://github.com/mastra-ai/mastra/commit/b03c0e0389a799523929a458b0509c9e4244d562), [`0a8366b`](https://github.com/mastra-ai/mastra/commit/0a8366b0a692fcdde56c4d526e4cf03c502ae4ac), [`85664e9`](https://github.com/mastra-ai/mastra/commit/85664e9fd857320fbc245e301f764f45f66f32a3), [`bc79650`](https://github.com/mastra-ai/mastra/commit/bc796500c6e0334faa158a96077e3fb332274869), [`9257d01`](https://github.com/mastra-ai/mastra/commit/9257d01d1366d81f84c582fe02b5e200cf9621f4), [`3a3a59e`](https://github.com/mastra-ai/mastra/commit/3a3a59e8ffaa6a985fe3d9a126a3f5ade11a6724), [`3108d4e`](https://github.com/mastra-ai/mastra/commit/3108d4e649c9fddbf03253a6feeb388a5fa9fa5a), [`0c33b2c`](https://github.com/mastra-ai/mastra/commit/0c33b2c9db537f815e1c59e2c898ffce2e395a79), [`191e5bd`](https://github.com/mastra-ai/mastra/commit/191e5bd29b82f5bda35243945790da7bc7b695c2), [`f77cd94`](https://github.com/mastra-ai/mastra/commit/f77cd94c44eabed490384e7d19232a865e13214c), [`e8135c7`](https://github.com/mastra-ai/mastra/commit/e8135c7e300dac5040670eec7eab896ac6092e30), [`daca48f`](https://github.com/mastra-ai/mastra/commit/daca48f0fb17b7ae0b62a2ac40cf0e491b2fd0b7), [`257d14f`](https://github.com/mastra-ai/mastra/commit/257d14faca5931f2e4186fc165b6f0b1f915deee), [`352f25d`](https://github.com/mastra-ai/mastra/commit/352f25da316b24cdd5b410fd8dddf6a8b763da2a), [`93477d0`](https://github.com/mastra-ai/mastra/commit/93477d0769b8a13ea5ed73d508d967fb23eaeed9), [`31c78b3`](https://github.com/mastra-ai/mastra/commit/31c78b3eb28f58a8017f1dcc795c33214d87feac), [`0bc0720`](https://github.com/mastra-ai/mastra/commit/0bc07201095791858087cc56f353fcd65e87ab54), [`36516ac`](https://github.com/mastra-ai/mastra/commit/36516aca1021cbeb42e74751b46a2614101f37c8), [`e947652`](https://github.com/mastra-ai/mastra/commit/e9476527fdecb4449e54570e80dfaf8466901254), [`3c6ef79`](https://github.com/mastra-ai/mastra/commit/3c6ef798481e00d6d22563be2de98818fd4dd5e0), [`9257d01`](https://github.com/mastra-ai/mastra/commit/9257d01d1366d81f84c582fe02b5e200cf9621f4), [`ec248f6`](https://github.com/mastra-ai/mastra/commit/ec248f6b56e8a037c066c49b2178e2507471d988)]:
+  - @mastra/core@1.9.0
+## 1.0.2-alpha.0
+### Patch Changes
+- Expanded `@mastra/auth-better-auth` to implement the new auth interfaces (`IUserProvider`, `ISessionProvider`, `ICredentialsProvider`) from `@mastra/core/auth`. Adds support for username/password credential flows alongside the existing token-based authentication. ([#13163](https://github.com/mastra-ai/mastra/pull/13163))
+- Updated dependencies [[`504fc8b`](https://github.com/mastra-ai/mastra/commit/504fc8b9d0ddab717577ad3bf9c95ea4bd5377bd), [`f9c150b`](https://github.com/mastra-ai/mastra/commit/f9c150b7595ad05ad9cc9a11098e2944361e8c22), [`88de7e8`](https://github.com/mastra-ai/mastra/commit/88de7e8dfe4b7e1951a9e441bb33136e705ce24e), [`edee4b3`](https://github.com/mastra-ai/mastra/commit/edee4b37dff0af515fc7cc0e8d71ee39e6a762f0), [`3790c75`](https://github.com/mastra-ai/mastra/commit/3790c7578cc6a47d854eb12d89e6b1912867fe29), [`e7a235b`](https://github.com/mastra-ai/mastra/commit/e7a235be6472e0c870ed6c791ddb17c492dc188b), [`d51d298`](https://github.com/mastra-ai/mastra/commit/d51d298953967aab1f58ec965b644d109214f085), [`6dbeeb9`](https://github.com/mastra-ai/mastra/commit/6dbeeb94a8b1eebb727300d1a98961f882180794), [`d5f0d8d`](https://github.com/mastra-ai/mastra/commit/d5f0d8d6a03e515ddaa9b5da19b7e44b8357b07b), [`09c3b18`](https://github.com/mastra-ai/mastra/commit/09c3b1802ff14e243a8a8baea327440bc8cc2e32), [`b896379`](https://github.com/mastra-ai/mastra/commit/b8963791c6afa79484645fcec596a201f936b9a2), [`85c84eb`](https://github.com/mastra-ai/mastra/commit/85c84ebb78aebfcba9d209c8e152b16d7a00cb71), [`a89272a`](https://github.com/mastra-ai/mastra/commit/a89272a5d71939b9fcd284e6a6dc1dd091a6bdcf), [`ee9c8df`](https://github.com/mastra-ai/mastra/commit/ee9c8df644f19d055af5f496bf4942705f5a47b7), [`77b4a25`](https://github.com/mastra-ai/mastra/commit/77b4a254e51907f8ff3a3ba95596a18e93ae4b35), [`276246e`](https://github.com/mastra-ai/mastra/commit/276246e0b9066a1ea48bbc70df84dbe528daaf99), [`08ecfdb`](https://github.com/mastra-ai/mastra/commit/08ecfdbdad6fb8285deef86a034bdf4a6047cfca), [`d5f628c`](https://github.com/mastra-ai/mastra/commit/d5f628ca86c6f6f3ff1035d52f635df32dd81cab), [`524c0f3`](https://github.com/mastra-ai/mastra/commit/524c0f3c434c3d9d18f66338dcef383d6161b59c), [`c18a0e9`](https://github.com/mastra-ai/mastra/commit/c18a0e9cef1e4ca004b2963d35e4cfc031971eac), [`4bd21ea`](https://github.com/mastra-ai/mastra/commit/4bd21ea43d44d0a0427414fc047577f9f0aa3bec), [`115a7a4`](https://github.com/mastra-ai/mastra/commit/115a7a47db5e9896fec12ae6507501adb9ec89bf), [`22a48ae`](https://github.com/mastra-ai/mastra/commit/22a48ae2513eb54d8d79dad361fddbca97a155e8), [`3c6ef79`](https://github.com/mastra-ai/mastra/commit/3c6ef798481e00d6d22563be2de98818fd4dd5e0), [`9311c17`](https://github.com/mastra-ai/mastra/commit/9311c17d7a0640d9c4da2e71b814dc67c57c6369), [`7edf78f`](https://github.com/mastra-ai/mastra/commit/7edf78f80422c43e84585f08ba11df0d4d0b73c5), [`1c4221c`](https://github.com/mastra-ai/mastra/commit/1c4221cf6032ec98d0e094d4ee11da3e48490d96), [`d25b9ea`](https://github.com/mastra-ai/mastra/commit/d25b9eabd400167255a97b690ffbc4ee4097ded5), [`fe1ce5c`](https://github.com/mastra-ai/mastra/commit/fe1ce5c9211c03d561606fda95cbfe7df1d9a9b5), [`b03c0e0`](https://github.com/mastra-ai/mastra/commit/b03c0e0389a799523929a458b0509c9e4244d562), [`0a8366b`](https://github.com/mastra-ai/mastra/commit/0a8366b0a692fcdde56c4d526e4cf03c502ae4ac), [`85664e9`](https://github.com/mastra-ai/mastra/commit/85664e9fd857320fbc245e301f764f45f66f32a3), [`bc79650`](https://github.com/mastra-ai/mastra/commit/bc796500c6e0334faa158a96077e3fb332274869), [`9257d01`](https://github.com/mastra-ai/mastra/commit/9257d01d1366d81f84c582fe02b5e200cf9621f4), [`3a3a59e`](https://github.com/mastra-ai/mastra/commit/3a3a59e8ffaa6a985fe3d9a126a3f5ade11a6724), [`3108d4e`](https://github.com/mastra-ai/mastra/commit/3108d4e649c9fddbf03253a6feeb388a5fa9fa5a), [`0c33b2c`](https://github.com/mastra-ai/mastra/commit/0c33b2c9db537f815e1c59e2c898ffce2e395a79), [`191e5bd`](https://github.com/mastra-ai/mastra/commit/191e5bd29b82f5bda35243945790da7bc7b695c2), [`f77cd94`](https://github.com/mastra-ai/mastra/commit/f77cd94c44eabed490384e7d19232a865e13214c), [`e8135c7`](https://github.com/mastra-ai/mastra/commit/e8135c7e300dac5040670eec7eab896ac6092e30), [`daca48f`](https://github.com/mastra-ai/mastra/commit/daca48f0fb17b7ae0b62a2ac40cf0e491b2fd0b7), [`257d14f`](https://github.com/mastra-ai/mastra/commit/257d14faca5931f2e4186fc165b6f0b1f915deee), [`352f25d`](https://github.com/mastra-ai/mastra/commit/352f25da316b24cdd5b410fd8dddf6a8b763da2a), [`93477d0`](https://github.com/mastra-ai/mastra/commit/93477d0769b8a13ea5ed73d508d967fb23eaeed9), [`31c78b3`](https://github.com/mastra-ai/mastra/commit/31c78b3eb28f58a8017f1dcc795c33214d87feac), [`0bc0720`](https://github.com/mastra-ai/mastra/commit/0bc07201095791858087cc56f353fcd65e87ab54), [`36516ac`](https://github.com/mastra-ai/mastra/commit/36516aca1021cbeb42e74751b46a2614101f37c8), [`e947652`](https://github.com/mastra-ai/mastra/commit/e9476527fdecb4449e54570e80dfaf8466901254), [`3c6ef79`](https://github.com/mastra-ai/mastra/commit/3c6ef798481e00d6d22563be2de98818fd4dd5e0), [`9257d01`](https://github.com/mastra-ai/mastra/commit/9257d01d1366d81f84c582fe02b5e200cf9621f4), [`ec248f6`](https://github.com/mastra-ai/mastra/commit/ec248f6b56e8a037c066c49b2178e2507471d988)]:
+  - @mastra/core@1.9.0-alpha.0
+## 1.0.1
+### Patch Changes
+- dependencies updates: ([#12964](https://github.com/mastra-ai/mastra/pull/12964))
+  - Updated dependency [`better-auth@^1.4.18` ↗︎](https://www.npmjs.com/package/better-auth/v/1.4.18) (from `^1.4.5`, in `dependencies`)
+## 1.0.1-alpha.0
+### Patch Changes
+- dependencies updates: ([#12964](https://github.com/mastra-ai/mastra/pull/12964))
+  - Updated dependency [`better-auth@^1.4.18` ↗︎](https://www.npmjs.com/package/better-auth/v/1.4.18) (from `^1.4.5`, in `dependencies`)
+## 1.0.0
+### Minor Changes
+- Add Better Auth authentication provider ([#10658](https://github.com/mastra-ai/mastra/pull/10658))
+  Adds a new authentication provider for Better Auth, a self-hosted, open-source authentication framework.
+  ```typescript
+  import { betterAuth } from 'better-auth';
+  import { MastraAuthBetterAuth } from '@mastra/auth-better-auth';
+  import { Mastra } from '@mastra/core';
+  // Create your Better Auth instance
+  const auth = betterAuth({
+    database: {
+      provider: 'postgresql',
+      url: process.env.DATABASE_URL!,
+    },
+    emailAndPassword: {
+      enabled: true,
+    },
+  });
+  // Create the Mastra auth provider
+  const mastraAuth = new MastraAuthBetterAuth({
+    auth,
+  });
+  // Use with Mastra
+  const mastra = new Mastra({
+    server: {
+      auth: mastraAuth,
+    },
+  });
+  ```
+## 1.0.0-beta.2
+### Minor Changes
+- Add Better Auth authentication provider ([#10658](https://github.com/mastra-ai/mastra/pull/10658))
+  Adds a new authentication provider for Better Auth, a self-hosted, open-source authentication framework.
+  ```typescript
+  import { betterAuth } from 'better-auth';
+  import { MastraAuthBetterAuth } from '@mastra/auth-better-auth';
+  import { Mastra } from '@mastra/core';
+  // Create your Better Auth instance
+  const auth = betterAuth({
+    database: {
+      provider: 'postgresql',
+      url: process.env.DATABASE_URL!,
+    },
+    emailAndPassword: {
+      enabled: true,
+    },
+  });
+  // Create the Mastra auth provider
+  const mastraAuth = new MastraAuthBetterAuth({
+    auth,
+  });
+  // Use with Mastra
+  const mastra = new Mastra({
+    server: {
+      auth: mastraAuth,
+    },
+  });
+  ```
+## 1.0.0-beta.1
+### Major Changes
+- Initial release of Better Auth integration for Mastra
+- Self-hosted authentication provider using Better Auth
+- Support for session-based authentication
+- Custom authorization logic support
+- Route configuration for public/protected paths

package/LICENSE.md ADDED Viewed

@@ -0,0 +1,30 @@
+Portions of this software are licensed as follows:
+- All content that resides under any directory named "ee/" within this
+  repository, including but not limited to:
+  - `packages/core/src/auth/ee/`
+  - `packages/server/src/server/auth/ee/`
+    is licensed under the license defined in `ee/LICENSE`.
+- All third-party components incorporated into the Mastra Software are
+  licensed under the original license provided by the owner of the
+  applicable component.
+- Content outside of the above-mentioned directories or restrictions is
+  available under the "Apache License 2.0" as defined below.
+# Apache License 2.0
+Copyright (c) 2025 Kepler Software, Inc.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

package/README.md ADDED Viewed

@@ -0,0 +1,107 @@
+# @mastra/auth-better-auth
+Better Auth integration for Mastra - a self-hosted, open-source authentication solution.
+## Installation
+```bash
+npm install @mastra/auth-better-auth better-auth
+```
+## Usage
+```typescript
+import { betterAuth } from 'better-auth';
+import { MastraAuthBetterAuth } from '@mastra/auth-better-auth';
+import { Mastra } from '@mastra/core';
+// Create your Better Auth instance
+const auth = betterAuth({
+  database: {
+    provider: 'postgresql',
+    url: process.env.DATABASE_URL!,
+  },
+  emailAndPassword: {
+    enabled: true,
+  },
+});
+// Create the Mastra auth provider
+const mastraAuth = new MastraAuthBetterAuth({
+  auth,
+});
+// Use with Mastra
+const mastra = new Mastra({
+  server: {
+    auth: mastraAuth,
+  },
+});
+```
+## Configuration Options
+| Option          | Type                                  | Required | Description                                                  |
+| --------------- | ------------------------------------- | -------- | ------------------------------------------------------------ |
+| `auth`          | `Auth`                                | Yes      | Your Better Auth instance created via `betterAuth({ ... })`  |
+| `name`          | `string`                              | No       | Custom name for the auth provider (default: `'better-auth'`) |
+| `authorizeUser` | `(user, request) => Promise<boolean>` | No       | Custom authorization logic                                   |
+| `public`        | `string[]`                            | No       | Public routes that don't require authentication              |
+| `protected`     | `string[]`                            | No       | Protected routes that require authentication                 |
+## Custom Authorization
+You can provide custom authorization logic:
+```typescript
+const mastraAuth = new MastraAuthBetterAuth({
+  auth,
+  async authorizeUser(user) {
+    // Only allow verified emails
+    return user?.user?.emailVerified === true;
+  },
+});
+```
+## Role-Based Access Control
+```typescript
+const mastraAuth = new MastraAuthBetterAuth({
+  auth,
+  async authorizeUser(user) {
+    // Check for admin role (assuming you have a role field)
+    const userWithRole = user?.user as any;
+    return userWithRole?.role === 'admin';
+  },
+});
+```
+## Route Configuration
+```typescript
+const mastraAuth = new MastraAuthBetterAuth({
+  auth,
+  public: ['/health', '/api/status'],
+  protected: ['/api/*', '/admin/*'],
+});
+```
+## Why Better Auth?
+Better Auth is a self-hosted, open-source authentication framework that gives you:
+- **Full control** over your authentication system
+- **No vendor lock-in** - host it yourself
+- **Flexible** - works with various databases and providers
+- **TypeScript-first** - full type safety
+- **Plugin system** - extend with OAuth, 2FA, organizations, etc.
+## Resources
+- [Better Auth Documentation](https://better-auth.com)
+- [Mastra Documentation](https://mastra.ai/docs)
+- [GitHub Repository](https://github.com/mastra-ai/mastra)
+## License
+Apache-2.0

package/dist/index.cjs ADDED Viewed

@@ -0,0 +1,247 @@
+'use strict';
+var server = require('@mastra/core/server');
+// src/index.ts
+function mapBetterAuthUserToEEUser(user) {
+  return {
+    id: user.id,
+    email: user.email,
+    name: user.name,
+    avatarUrl: user.image ?? void 0,
+    metadata: {
+      emailVerified: user.emailVerified,
+      createdAt: user.createdAt,
+      updatedAt: user.updatedAt
+    }
+  };
+}
+var MastraAuthBetterAuth = class extends server.MastraAuthProvider {
+  auth;
+  signUpEnabledConfig;
+  sessionCookieName;
+  constructor(options) {
+    super({ name: options?.name ?? "better-auth" });
+    if (!options.auth) {
+      throw new Error(
+        "Better Auth instance is required. Please provide the auth option with your Better Auth instance created via betterAuth({ ... })"
+      );
+    }
+    this.auth = options.auth;
+    this.signUpEnabledConfig = options.signUpEnabled ?? true;
+    const authWithOptions = this.auth;
+    const prefix = authWithOptions.options?.advanced?.cookiePrefix ?? "better-auth";
+    this.sessionCookieName = `${prefix}.session_token`;
+    this.registerOptions(options);
+  }
+  /**
+   * Check if sign-up is enabled.
+   * Implements ICredentialsProvider.isSignUpEnabled.
+   */
+  isSignUpEnabled() {
+    return this.signUpEnabledConfig;
+  }
+  // ============================================
+  // IUserProvider implementation (EE capability)
+  // License check happens in buildCapabilities()
+  // ============================================
+  /**
+   * Get current user from request.
+   * Implements IUserProvider for EE user awareness in Studio.
+   *
+   * @param request - Incoming HTTP request
+   * @returns EE User object or null if not authenticated
+   */
+  async getCurrentUser(request) {
+    try {
+      const result = await this.auth.api.getSession({
+        headers: request.headers
+      });
+      if (!result?.user) return null;
+      return mapBetterAuthUserToEEUser(result.user);
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Get user by ID.
+   * Implements IUserProvider for EE user awareness.
+   *
+   * Note: Better Auth doesn't expose a direct getUser API.
+   * For full functionality, you may need to implement this using
+   * direct database access in a subclass.
+   *
+   * @param userId - User identifier
+   * @returns EE User object or null if not found
+   */
+  async getUser(_userId) {
+    console.warn(
+      "[MastraAuthBetterAuth] getUser() requires direct database access. Override this method in a subclass for full user lookup support."
+    );
+    return null;
+  }
+  /**
+   * Get URL to user's profile page.
+   * Optional IUserProvider method.
+   */
+  getUserProfileUrl(user) {
+    return `/profile/${user.id}`;
+  }
+  /**
+   * Authenticate a bearer token by verifying the session with Better Auth.
+   *
+   * This method extracts the session from the request headers using
+   * Better Auth's `api.getSession()` endpoint.
+   *
+   * @param token - The bearer token (session token) to authenticate
+   * @param request - The Hono request object containing headers
+   * @returns The authenticated user and session, or null if authentication fails
+   */
+  async authenticateToken(token, request) {
+    try {
+      const headers = new Headers();
+      const rawRequest = "raw" in request ? request.raw : request;
+      const cookieHeader = rawRequest.headers.get("Cookie");
+      if (cookieHeader) {
+        headers.set("Cookie", cookieHeader);
+      }
+      const hasSessionCookie = !!cookieHeader?.split(";").some((pair) => {
+        const [key] = pair.trim().split("=");
+        return key?.trim() === this.sessionCookieName;
+      });
+      if (token && !hasSessionCookie) {
+        const existingCookies = cookieHeader ? `${cookieHeader}; ` : "";
+        headers.set("Cookie", `${existingCookies}${this.sessionCookieName}=${token}`);
+      }
+      const result = await this.auth.api.getSession({
+        headers
+      });
+      if (!result || !result.session || !result.user) {
+        return null;
+      }
+      return {
+        session: result.session,
+        user: result.user
+      };
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Authorize a user for access.
+   *
+   * By default, any authenticated user with a valid session is authorized.
+   * You can override this behavior by providing a custom `authorizeUser` function
+   * in the constructor options.
+   *
+   * @param user - The authenticated user and session
+   * @returns True if the user is authorized, false otherwise
+   */
+  async authorizeUser(user) {
+    return !!user?.session?.id && !!user?.user?.id;
+  }
+  // ============================================
+  // ICredentialsProvider implementation (EE capability)
+  // License check happens in buildCapabilities()
+  // ============================================
+  /**
+   * Sign in with email and password.
+   * Implements ICredentialsProvider for EE credentials auth.
+   *
+   * @param email - User email
+   * @param password - User password
+   * @param request - Incoming HTTP request
+   * @returns Result with user and session cookies
+   * @throws Error if credentials are invalid
+   */
+  async signIn(email, password, request) {
+    const headers = request?.headers ?? new Headers();
+    const response = await this.auth.api.signInEmail({
+      body: { email, password },
+      headers,
+      asResponse: true
+    });
+    if (!response.ok) {
+      const errorData = await response.json().catch(() => ({}));
+      throw new Error(errorData.message || "Invalid email or password");
+    }
+    const result = await response.json();
+    if (!result?.user) {
+      throw new Error("Invalid email or password");
+    }
+    const cookies = [];
+    const setCookieHeader = response.headers.get("set-cookie");
+    if (setCookieHeader) {
+      cookies.push(...setCookieHeader.split(/,(?=\s*\w+=)/));
+    }
+    return {
+      user: mapBetterAuthUserToEEUser(result.user),
+      token: result.token ?? void 0,
+      cookies
+    };
+  }
+  /**
+   * Sign up with email and password.
+   * Implements ICredentialsProvider for EE credentials auth.
+   *
+   * @param email - User email
+   * @param password - User password
+   * @param name - Optional display name
+   * @param request - Incoming HTTP request
+   * @returns Result with new user and session cookies
+   * @throws Error if sign up fails
+   */
+  async signUp(email, password, name, request) {
+    const displayName = name ?? email.split("@")[0] ?? "User";
+    const headers = request?.headers ?? new Headers();
+    const response = await this.auth.api.signUpEmail({
+      body: { email, password, name: displayName },
+      headers,
+      asResponse: true
+    });
+    if (!response.ok) {
+      const errorData = await response.json().catch(() => ({}));
+      throw new Error(errorData.message || "Failed to create account");
+    }
+    const result = await response.json();
+    if (!result?.user) {
+      throw new Error("Failed to create account");
+    }
+    const cookies = [];
+    const setCookieHeader = response.headers.get("set-cookie");
+    if (setCookieHeader) {
+      cookies.push(...setCookieHeader.split(/,(?=\s*\w+=)/));
+    }
+    return {
+      user: mapBetterAuthUserToEEUser(result.user),
+      token: result.token ?? void 0,
+      cookies
+    };
+  }
+  /**
+   * Get the underlying Better Auth instance.
+   * Useful for accessing Better Auth APIs directly.
+   */
+  getAuth() {
+    return this.auth;
+  }
+  /**
+   * Get headers to clear the session cookies on logout.
+   * Partial ISessionProvider implementation for logout support.
+   *
+   * Clears Better Auth's default session cookies.
+   */
+  getClearSessionHeaders() {
+    const cookies = [
+      `${this.sessionCookieName}=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`,
+      `${this.sessionCookieName}_sig=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`
+    ];
+    return {
+      "Set-Cookie": cookies.join(", ")
+    };
+  }
+};
+exports.MastraAuthBetterAuth = MastraAuthBetterAuth;
+//# sourceMappingURL=index.cjs.map
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/index.ts"],"names":["MastraAuthProvider"],"mappings":";;;;;AAoBA,SAAS,0BAA0B,IAAA,EAAoB;AACrD,EAAA,OAAO;AAAA,IACL,IAAI,IAAA,CAAK,EAAA;AAAA,IACT,OAAO,IAAA,CAAK,KAAA;AAAA,IACZ,MAAM,IAAA,CAAK,IAAA;AAAA,IACX,SAAA,EAAW,KAAK,KAAA,IAAS,MAAA;AAAA,IACzB,QAAA,EAAU;AAAA,MACR,eAAe,IAAA,CAAK,aAAA;AAAA,MACpB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA;AAClB,GACF;AACF;AAsDO,IAAM,oBAAA,GAAN,cACGA,yBAAA,CAEV;AAAA,EACY,IAAA;AAAA,EACA,mBAAA;AAAA,EACH,iBAAA;AAAA,EAEP,YAAY,OAAA,EAAsC;AAChD,IAAA,KAAA,CAAM,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,IAAQ,eAAe,CAAA;AAE9C,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,OAAO,OAAA,CAAQ,IAAA;AACpB,IAAA,IAAA,CAAK,mBAAA,GAAsB,QAAQ,aAAA,IAAiB,IAAA;AAGpD,IAAA,MAAM,kBAAkB,IAAA,CAAK,IAAA;AAC7B,IAAA,MAAM,MAAA,GAAS,eAAA,CAAgB,OAAA,EAAS,QAAA,EAAU,YAAA,IAAgB,aAAA;AAClE,IAAA,IAAA,CAAK,iBAAA,GAAoB,GAAG,MAAM,CAAA,cAAA,CAAA;AAElC,IAAA,IAAA,CAAK,gBAAgB,OAAO,CAAA;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,eAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,mBAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,MAAM,eAAe,OAAA,EAA0C;AAC7D,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,UAAA,CAAW;AAAA,QAC5C,SAAS,OAAA,CAAQ;AAAA,OAClB,CAAA;AAED,MAAA,IAAI,CAAC,MAAA,EAAQ,IAAA,EAAM,OAAO,IAAA;AAC1B,MAAA,OAAO,yBAAA,CAA0B,OAAO,IAAI,CAAA;AAAA,IAC9C,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,QAAQ,OAAA,EAAyC;AAIrD,IAAA,OAAA,CAAQ,IAAA;AAAA,MACN;AAAA,KAEF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,kBAAkB,IAAA,EAAsB;AACtC,IAAA,OAAO,CAAA,SAAA,EAAY,KAAK,EAAE,CAAA,CAAA;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,iBAAA,CAAkB,KAAA,EAAe,OAAA,EAAsD;AAC3F,IAAA,IAAI;AAEF,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAI5B,MAAA,MAAM,UAAA,GAAsB,KAAA,IAAS,OAAA,GAAW,OAAA,CAAgB,GAAA,GAAO,OAAA;AAEvE,MAAA,MAAM,YAAA,GAAe,UAAA,CAAW,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAU,YAAY,CAAA;AAAA,MACpC;AAIA,MAAA,MAAM,gBAAA,GAAmB,CAAC,CAAC,YAAA,EAAc,MAAM,GAAG,CAAA,CAAE,KAAK,CAAA,IAAA,KAAQ;AAC/D,QAAA,MAAM,CAAC,GAAG,CAAA,GAAI,KAAK,IAAA,EAAK,CAAE,MAAM,GAAG,CAAA;AACnC,QAAA,OAAO,GAAA,EAAK,IAAA,EAAK,KAAM,IAAA,CAAK,iBAAA;AAAA,MAC9B,CAAC,CAAA;AACD,MAAA,IAAI,KAAA,IAAS,CAAC,gBAAA,EAAkB;AAC9B,QAAA,MAAM,eAAA,GAAkB,YAAA,GAAe,CAAA,EAAG,YAAY,CAAA,EAAA,CAAA,GAAO,EAAA;AAC7D,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA,EAAG,eAAe,GAAG,IAAA,CAAK,iBAAiB,CAAA,CAAA,EAAI,KAAK,CAAA,CAAE,CAAA;AAAA,MAC9E;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,UAAA,CAAW;AAAA,QAC5C;AAAA,OACD,CAAA;AAED,MAAA,IAAI,CAAC,MAAA,IAAU,CAAC,OAAO,OAAA,IAAW,CAAC,OAAO,IAAA,EAAM;AAC9C,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,OAAO;AAAA,QACL,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,MAAM,MAAA,CAAO;AAAA,OACf;AAAA,IACF,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,cAAc,IAAA,EAAwC;AAE1D,IAAA,OAAO,CAAC,CAAC,IAAA,EAAM,OAAA,EAAS,MAAM,CAAC,CAAC,MAAM,IAAA,EAAM,EAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,MAAM,MAAA,CAAO,KAAA,EAAe,QAAA,EAAkB,OAAA,EAAsD;AAClG,IAAA,MAAM,OAAA,GAAU,OAAA,EAAS,OAAA,IAAW,IAAI,OAAA,EAAQ;AAGhD,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,WAAA,CAAY;AAAA,MAC/C,IAAA,EAAM,EAAE,KAAA,EAAO,QAAA,EAAS;AAAA,MACxB,OAAA;AAAA,MACA,UAAA,EAAY;AAAA,KACb,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACzD,MAAA,MAAM,IAAI,KAAA,CAAM,SAAA,CAAU,OAAA,IAAW,2BAA2B,CAAA;AAAA,IAClE;AAEA,IAAA,MAAM,MAAA,GAAU,MAAM,QAAA,CAAS,IAAA,EAAK;AAEpC,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,MAAM,2BAA2B,CAAA;AAAA,IAC7C;AAGA,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,MAAM,eAAA,GAAkB,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,YAAY,CAAA;AACzD,IAAA,IAAI,eAAA,EAAiB;AAEnB,MAAA,OAAA,CAAQ,IAAA,CAAK,GAAG,eAAA,CAAgB,KAAA,CAAM,cAAc,CAAC,CAAA;AAAA,IACvD;AAEA,IAAA,OAAO;AAAA,MACL,IAAA,EAAM,yBAAA,CAA0B,MAAA,CAAO,IAAI,CAAA;AAAA,MAC3C,KAAA,EAAO,OAAO,KAAA,IAAS,MAAA;AAAA,MACvB;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,MAAA,CACJ,KAAA,EACA,QAAA,EACA,MACA,OAAA,EACoC;AACpC,IAAA,MAAM,cAAc,IAAA,IAAQ,KAAA,CAAM,MAAM,GAAG,CAAA,CAAE,CAAC,CAAA,IAAK,MAAA;AACnD,IAAA,MAAM,OAAA,GAAU,OAAA,EAAS,OAAA,IAAW,IAAI,OAAA,EAAQ;AAGhD,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,WAAA,CAAY;AAAA,MAC/C,IAAA,EAAM,EAAE,KAAA,EAAO,QAAA,EAAU,MAAM,WAAA,EAAY;AAAA,MAC3C,OAAA;AAAA,MACA,UAAA,EAAY;AAAA,KACb,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACzD,MAAA,MAAM,IAAI,KAAA,CAAM,SAAA,CAAU,OAAA,IAAW,0BAA0B,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,MAAA,GAAU,MAAM,QAAA,CAAS,IAAA,EAAK;AAEpC,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,MAAM,0BAA0B,CAAA;AAAA,IAC5C;AAGA,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,MAAM,eAAA,GAAkB,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,YAAY,CAAA;AACzD,IAAA,IAAI,eAAA,EAAiB;AAEnB,MAAA,OAAA,CAAQ,IAAA,CAAK,GAAG,eAAA,CAAgB,KAAA,CAAM,cAAc,CAAC,CAAA;AAAA,IACvD;AAEA,IAAA,OAAO;AAAA,MACL,IAAA,EAAM,yBAAA,CAA0B,MAAA,CAAO,IAAI,CAAA;AAAA,MAC3C,KAAA,EAAO,OAAO,KAAA,IAAS,MAAA;AAAA,MACvB;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,OAAA,GAAgB;AACd,IAAA,OAAO,IAAA,CAAK,IAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,sBAAA,GAAiD;AAE/C,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,CAAA,EAAG,KAAK,iBAAiB,CAAA,4CAAA,CAAA;AAAA,MACzB,CAAA,EAAG,KAAK,iBAAiB,CAAA,gDAAA;AAAA,KAC3B;AACA,IAAA,OAAO;AAAA,MACL,YAAA,EAAc,OAAA,CAAQ,IAAA,CAAK,IAAI;AAAA,KACjC;AAAA,EACF;AACF","file":"index.cjs","sourcesContent":["import type { IUserProvider, ICredentialsProvider, CredentialsResult } from '@mastra/core/auth';\nimport type { EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProviderOptions } from '@mastra/core/server';\nimport { MastraAuthProvider } from '@mastra/core/server';\n\nimport type { Auth, Session, User } from 'better-auth';\nimport type { HonoRequest } from 'hono';\n\n/**\n * User type returned by Better Auth session verification.\n * Used internally for authentication token verification.\n */\nexport interface BetterAuthUser {\n session: Session;\n user: User;\n}\n\n/**\n * Maps Better Auth User to EE User format.\n */\nfunction mapBetterAuthUserToEEUser(user: User): EEUser {\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.image ?? undefined,\n metadata: {\n emailVerified: user.emailVerified,\n createdAt: user.createdAt,\n updatedAt: user.updatedAt,\n },\n };\n}\n\ninterface MastraAuthBetterAuthOptions extends MastraAuthProviderOptions<BetterAuthUser> {\n /**\n * The Better Auth instance to use for authentication.\n * This should be the result of calling `betterAuth({ ... })`.\n */\n auth: Auth;\n\n /**\n * Whether to allow new user registration via sign-up.\n * Set to false to disable public registration.\n * @default true\n */\n signUpEnabled?: boolean;\n}\n\n/**\n * Mastra authentication provider for Better Auth.\n *\n * Better Auth is a self-hosted, open-source authentication framework\n * that gives you full control over your authentication system.\n *\n * @example\n * ```typescript\n * import { betterAuth } from 'better-auth';\n * import { MastraAuthBetterAuth } from '@mastra/auth-better-auth';\n *\n * // Create your Better Auth instance\n * const auth = betterAuth({\n * database: {\n * provider: 'postgresql',\n * url: process.env.DATABASE_URL!,\n * },\n * emailAndPassword: {\n * enabled: true,\n * },\n * });\n *\n * // Create the Mastra auth provider\n * const mastraAuth = new MastraAuthBetterAuth({\n * auth,\n * });\n *\n * // Use with Mastra\n * const mastra = new Mastra({\n * server: {\n * auth: mastraAuth,\n * },\n * });\n * ```\n *\n * @see https://better-auth.com for Better Auth documentation\n */\nexport class MastraAuthBetterAuth\n extends MastraAuthProvider<BetterAuthUser>\n implements IUserProvider<EEUser>, ICredentialsProvider<EEUser>\n{\n protected auth: Auth;\n protected signUpEnabledConfig: boolean;\n public sessionCookieName: string;\n\n constructor(options: MastraAuthBetterAuthOptions) {\n super({ name: options?.name ?? 'better-auth' });\n\n if (!options.auth) {\n throw new Error(\n 'Better Auth instance is required. Please provide the auth option with your Better Auth instance created via betterAuth({ ... })',\n );\n }\n\n this.auth = options.auth;\n this.signUpEnabledConfig = options.signUpEnabled ?? true;\n\n // Derive the session cookie name from Better Auth's cookiePrefix option\n const authWithOptions = this.auth as unknown as { options?: { advanced?: { cookiePrefix?: string } } };\n const prefix = authWithOptions.options?.advanced?.cookiePrefix ?? 'better-auth';\n this.sessionCookieName = `${prefix}.session_token`;\n\n this.registerOptions(options);\n }\n\n /**\n * Check if sign-up is enabled.\n * Implements ICredentialsProvider.isSignUpEnabled.\n */\n isSignUpEnabled(): boolean {\n return this.signUpEnabledConfig;\n }\n\n // ============================================\n // IUserProvider implementation (EE capability)\n // License check happens in buildCapabilities()\n // ============================================\n\n /**\n * Get current user from request.\n * Implements IUserProvider for EE user awareness in Studio.\n *\n * @param request - Incoming HTTP request\n * @returns EE User object or null if not authenticated\n */\n async getCurrentUser(request: Request): Promise<EEUser | null> {\n try {\n const result = await this.auth.api.getSession({\n headers: request.headers,\n });\n\n if (!result?.user) return null;\n return mapBetterAuthUserToEEUser(result.user);\n } catch {\n return null;\n }\n }\n\n /**\n * Get user by ID.\n * Implements IUserProvider for EE user awareness.\n *\n * Note: Better Auth doesn't expose a direct getUser API.\n * For full functionality, you may need to implement this using\n * direct database access in a subclass.\n *\n * @param userId - User identifier\n * @returns EE User object or null if not found\n */\n async getUser(_userId: string): Promise<EEUser | null> {\n // Better Auth doesn't have a direct getUser API\n // Users can override this method with their own implementation\n // that queries the database directly\n console.warn(\n '[MastraAuthBetterAuth] getUser() requires direct database access. ' +\n 'Override this method in a subclass for full user lookup support.',\n );\n return null;\n }\n\n /**\n * Get URL to user's profile page.\n * Optional IUserProvider method.\n */\n getUserProfileUrl(user: EEUser): string {\n return `/profile/${user.id}`;\n }\n\n /**\n * Authenticate a bearer token by verifying the session with Better Auth.\n *\n * This method extracts the session from the request headers using\n * Better Auth's `api.getSession()` endpoint.\n *\n * @param token - The bearer token (session token) to authenticate\n * @param request - The Hono request object containing headers\n * @returns The authenticated user and session, or null if authentication fails\n */\n async authenticateToken(token: string, request: HonoRequest): Promise<BetterAuthUser | null> {\n try {\n // Better Auth's api.getSession() reads session tokens from the Cookie header\n const headers = new Headers();\n\n // The auth middleware may pass a raw Request (c.req.raw) instead of HonoRequest,\n // so unwrap via 'raw' property detection and use the standard Web API.\n const rawRequest: Request = 'raw' in request ? (request as any).raw : (request as unknown as Request);\n\n const cookieHeader = rawRequest.headers.get('Cookie');\n if (cookieHeader) {\n headers.set('Cookie', cookieHeader);\n }\n\n // Convert Bearer token to a session cookie if not already present.\n // better-auth ignores the Authorization header — it only reads from Cookie.\n const hasSessionCookie = !!cookieHeader?.split(';').some(pair => {\n const [key] = pair.trim().split('=');\n return key?.trim() === this.sessionCookieName;\n });\n if (token && !hasSessionCookie) {\n const existingCookies = cookieHeader ? `${cookieHeader}; ` : '';\n headers.set('Cookie', `${existingCookies}${this.sessionCookieName}=${token}`);\n }\n\n const result = await this.auth.api.getSession({\n headers,\n });\n\n if (!result || !result.session || !result.user) {\n return null;\n }\n\n return {\n session: result.session,\n user: result.user,\n };\n } catch {\n return null;\n }\n }\n\n /**\n * Authorize a user for access.\n *\n * By default, any authenticated user with a valid session is authorized.\n * You can override this behavior by providing a custom `authorizeUser` function\n * in the constructor options.\n *\n * @param user - The authenticated user and session\n * @returns True if the user is authorized, false otherwise\n */\n async authorizeUser(user: BetterAuthUser): Promise<boolean> {\n // By default, any authenticated user with a valid session is authorized\n return !!user?.session?.id && !!user?.user?.id;\n }\n\n // ============================================\n // ICredentialsProvider implementation (EE capability)\n // License check happens in buildCapabilities()\n // ============================================\n\n /**\n * Sign in with email and password.\n * Implements ICredentialsProvider for EE credentials auth.\n *\n * @param email - User email\n * @param password - User password\n * @param request - Incoming HTTP request\n * @returns Result with user and session cookies\n * @throws Error if credentials are invalid\n */\n async signIn(email: string, password: string, request: Request): Promise<CredentialsResult<EEUser>> {\n const headers = request?.headers ?? new Headers();\n\n // Use asResponse: true to get the full response with Set-Cookie headers\n const response = await this.auth.api.signInEmail({\n body: { email, password },\n headers,\n asResponse: true,\n });\n\n if (!response.ok) {\n const errorData = (await response.json().catch(() => ({}))) as { message?: string };\n throw new Error(errorData.message || 'Invalid email or password');\n }\n\n const result = (await response.json()) as { user?: User; token?: string | null };\n\n if (!result?.user) {\n throw new Error('Invalid email or password');\n }\n\n // Extract Set-Cookie headers from Better Auth response\n const cookies: string[] = [];\n const setCookieHeader = response.headers.get('set-cookie');\n if (setCookieHeader) {\n // Split multiple cookies (they may be comma-separated or in multiple headers)\n cookies.push(...setCookieHeader.split(/,(?=\\s*\\w+=)/));\n }\n\n return {\n user: mapBetterAuthUserToEEUser(result.user),\n token: result.token ?? undefined,\n cookies,\n };\n }\n\n /**\n * Sign up with email and password.\n * Implements ICredentialsProvider for EE credentials auth.\n *\n * @param email - User email\n * @param password - User password\n * @param name - Optional display name\n * @param request - Incoming HTTP request\n * @returns Result with new user and session cookies\n * @throws Error if sign up fails\n */\n async signUp(\n email: string,\n password: string,\n name: string | undefined,\n request: Request,\n ): Promise<CredentialsResult<EEUser>> {\n const displayName = name ?? email.split('@')[0] ?? 'User';\n const headers = request?.headers ?? new Headers();\n\n // Use asResponse: true to get the full response with Set-Cookie headers\n const response = await this.auth.api.signUpEmail({\n body: { email, password, name: displayName },\n headers,\n asResponse: true,\n });\n\n if (!response.ok) {\n const errorData = (await response.json().catch(() => ({}))) as { message?: string };\n throw new Error(errorData.message || 'Failed to create account');\n }\n\n const result = (await response.json()) as { user?: User; token?: string | null };\n\n if (!result?.user) {\n throw new Error('Failed to create account');\n }\n\n // Extract Set-Cookie headers from Better Auth response\n const cookies: string[] = [];\n const setCookieHeader = response.headers.get('set-cookie');\n if (setCookieHeader) {\n // Split multiple cookies (they may be comma-separated or in multiple headers)\n cookies.push(...setCookieHeader.split(/,(?=\\s*\\w+=)/));\n }\n\n return {\n user: mapBetterAuthUserToEEUser(result.user),\n token: result.token ?? undefined,\n cookies,\n };\n }\n\n /**\n * Get the underlying Better Auth instance.\n * Useful for accessing Better Auth APIs directly.\n */\n getAuth(): Auth {\n return this.auth;\n }\n\n /**\n * Get headers to clear the session cookies on logout.\n * Partial ISessionProvider implementation for logout support.\n *\n * Clears Better Auth's default session cookies.\n */\n getClearSessionHeaders(): Record<string, string> {\n // Clear both the session token and its signature cookie\n const cookies = [\n `${this.sessionCookieName}=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`,\n `${this.sessionCookieName}_sig=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`,\n ];\n return {\n 'Set-Cookie': cookies.join(', '),\n };\n }\n}\n"]}

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,159 @@
+import type { IUserProvider, ICredentialsProvider, CredentialsResult } from '@mastra/core/auth';
+import type { EEUser } from '@mastra/core/auth/ee';
+import type { MastraAuthProviderOptions } from '@mastra/core/server';
+import { MastraAuthProvider } from '@mastra/core/server';
+import type { Auth, Session, User } from 'better-auth';
+import type { HonoRequest } from 'hono';
+/**
+ * User type returned by Better Auth session verification.
+ * Used internally for authentication token verification.
+ */
+export interface BetterAuthUser {
+    session: Session;
+    user: User;
+}
+interface MastraAuthBetterAuthOptions extends MastraAuthProviderOptions<BetterAuthUser> {
+    /**
+     * The Better Auth instance to use for authentication.
+     * This should be the result of calling `betterAuth({ ... })`.
+     */
+    auth: Auth;
+    /**
+     * Whether to allow new user registration via sign-up.
+     * Set to false to disable public registration.
+     * @default true
+     */
+    signUpEnabled?: boolean;
+}
+/**
+ * Mastra authentication provider for Better Auth.
+ *
+ * Better Auth is a self-hosted, open-source authentication framework
+ * that gives you full control over your authentication system.
+ *
+ * @example
+ * ```typescript
+ * import { betterAuth } from 'better-auth';
+ * import { MastraAuthBetterAuth } from '@mastra/auth-better-auth';
+ *
+ * // Create your Better Auth instance
+ * const auth = betterAuth({
+ *   database: {
+ *     provider: 'postgresql',
+ *     url: process.env.DATABASE_URL!,
+ *   },
+ *   emailAndPassword: {
+ *     enabled: true,
+ *   },
+ * });
+ *
+ * // Create the Mastra auth provider
+ * const mastraAuth = new MastraAuthBetterAuth({
+ *   auth,
+ * });
+ *
+ * // Use with Mastra
+ * const mastra = new Mastra({
+ *   server: {
+ *     auth: mastraAuth,
+ *   },
+ * });
+ * ```
+ *
+ * @see https://better-auth.com for Better Auth documentation
+ */
+export declare class MastraAuthBetterAuth extends MastraAuthProvider<BetterAuthUser> implements IUserProvider<EEUser>, ICredentialsProvider<EEUser> {
+    protected auth: Auth;
+    protected signUpEnabledConfig: boolean;
+    sessionCookieName: string;
+    constructor(options: MastraAuthBetterAuthOptions);
+    /**
+     * Check if sign-up is enabled.
+     * Implements ICredentialsProvider.isSignUpEnabled.
+     */
+    isSignUpEnabled(): boolean;
+    /**
+     * Get current user from request.
+     * Implements IUserProvider for EE user awareness in Studio.
+     *
+     * @param request - Incoming HTTP request
+     * @returns EE User object or null if not authenticated
+     */
+    getCurrentUser(request: Request): Promise<EEUser | null>;
+    /**
+     * Get user by ID.
+     * Implements IUserProvider for EE user awareness.
+     *
+     * Note: Better Auth doesn't expose a direct getUser API.
+     * For full functionality, you may need to implement this using
+     * direct database access in a subclass.
+     *
+     * @param userId - User identifier
+     * @returns EE User object or null if not found
+     */
+    getUser(_userId: string): Promise<EEUser | null>;
+    /**
+     * Get URL to user's profile page.
+     * Optional IUserProvider method.
+     */
+    getUserProfileUrl(user: EEUser): string;
+    /**
+     * Authenticate a bearer token by verifying the session with Better Auth.
+     *
+     * This method extracts the session from the request headers using
+     * Better Auth's `api.getSession()` endpoint.
+     *
+     * @param token - The bearer token (session token) to authenticate
+     * @param request - The Hono request object containing headers
+     * @returns The authenticated user and session, or null if authentication fails
+     */
+    authenticateToken(token: string, request: HonoRequest): Promise<BetterAuthUser | null>;
+    /**
+     * Authorize a user for access.
+     *
+     * By default, any authenticated user with a valid session is authorized.
+     * You can override this behavior by providing a custom `authorizeUser` function
+     * in the constructor options.
+     *
+     * @param user - The authenticated user and session
+     * @returns True if the user is authorized, false otherwise
+     */
+    authorizeUser(user: BetterAuthUser): Promise<boolean>;
+    /**
+     * Sign in with email and password.
+     * Implements ICredentialsProvider for EE credentials auth.
+     *
+     * @param email - User email
+     * @param password - User password
+     * @param request - Incoming HTTP request
+     * @returns Result with user and session cookies
+     * @throws Error if credentials are invalid
+     */
+    signIn(email: string, password: string, request: Request): Promise<CredentialsResult<EEUser>>;
+    /**
+     * Sign up with email and password.
+     * Implements ICredentialsProvider for EE credentials auth.
+     *
+     * @param email - User email
+     * @param password - User password
+     * @param name - Optional display name
+     * @param request - Incoming HTTP request
+     * @returns Result with new user and session cookies
+     * @throws Error if sign up fails
+     */
+    signUp(email: string, password: string, name: string | undefined, request: Request): Promise<CredentialsResult<EEUser>>;
+    /**
+     * Get the underlying Better Auth instance.
+     * Useful for accessing Better Auth APIs directly.
+     */
+    getAuth(): Auth;
+    /**
+     * Get headers to clear the session cookies on logout.
+     * Partial ISessionProvider implementation for logout support.
+     *
+     * Clears Better Auth's default session cookies.
+     */
+    getClearSessionHeaders(): Record<string, string>;
+}
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAChG,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,qBAAqB,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAEzD,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,MAAM,CAAC;AAExC;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,IAAI,CAAC;CACZ;AAmBD,UAAU,2BAA4B,SAAQ,yBAAyB,CAAC,cAAc,CAAC;IACrF;;;OAGG;IACH,IAAI,EAAE,IAAI,CAAC;IAEX;;;;OAIG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,qBAAa,oBACX,SAAQ,kBAAkB,CAAC,cAAc,CACzC,YAAW,aAAa,CAAC,MAAM,CAAC,EAAE,oBAAoB,CAAC,MAAM,CAAC;IAE9D,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC;IACrB,SAAS,CAAC,mBAAmB,EAAE,OAAO,CAAC;IAChC,iBAAiB,EAAE,MAAM,CAAC;gBAErB,OAAO,EAAE,2BAA2B;IAoBhD;;;OAGG;IACH,eAAe,IAAI,OAAO;IAS1B;;;;;;OAMG;IACG,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAa9D;;;;;;;;;;OAUG;IACG,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAWtD;;;OAGG;IACH,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;IAIvC;;;;;;;;;OASG;IACG,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IA0C5F;;;;;;;;;OASG;IACG,aAAa,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC;IAU3D;;;;;;;;;OASG;IACG,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAoCnG;;;;;;;;;;OAUG;IACG,MAAM,CACV,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,GAAG,SAAS,EACxB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAqCrC;;;OAGG;IACH,OAAO,IAAI,IAAI;IAIf;;;;;OAKG;IACH,sBAAsB,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;CAUjD"}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,245 @@
+import { MastraAuthProvider } from '@mastra/core/server';
+// src/index.ts
+function mapBetterAuthUserToEEUser(user) {
+  return {
+    id: user.id,
+    email: user.email,
+    name: user.name,
+    avatarUrl: user.image ?? void 0,
+    metadata: {
+      emailVerified: user.emailVerified,
+      createdAt: user.createdAt,
+      updatedAt: user.updatedAt
+    }
+  };
+}
+var MastraAuthBetterAuth = class extends MastraAuthProvider {
+  auth;
+  signUpEnabledConfig;
+  sessionCookieName;
+  constructor(options) {
+    super({ name: options?.name ?? "better-auth" });
+    if (!options.auth) {
+      throw new Error(
+        "Better Auth instance is required. Please provide the auth option with your Better Auth instance created via betterAuth({ ... })"
+      );
+    }
+    this.auth = options.auth;
+    this.signUpEnabledConfig = options.signUpEnabled ?? true;
+    const authWithOptions = this.auth;
+    const prefix = authWithOptions.options?.advanced?.cookiePrefix ?? "better-auth";
+    this.sessionCookieName = `${prefix}.session_token`;
+    this.registerOptions(options);
+  }
+  /**
+   * Check if sign-up is enabled.
+   * Implements ICredentialsProvider.isSignUpEnabled.
+   */
+  isSignUpEnabled() {
+    return this.signUpEnabledConfig;
+  }
+  // ============================================
+  // IUserProvider implementation (EE capability)
+  // License check happens in buildCapabilities()
+  // ============================================
+  /**
+   * Get current user from request.
+   * Implements IUserProvider for EE user awareness in Studio.
+   *
+   * @param request - Incoming HTTP request
+   * @returns EE User object or null if not authenticated
+   */
+  async getCurrentUser(request) {
+    try {
+      const result = await this.auth.api.getSession({
+        headers: request.headers
+      });
+      if (!result?.user) return null;
+      return mapBetterAuthUserToEEUser(result.user);
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Get user by ID.
+   * Implements IUserProvider for EE user awareness.
+   *
+   * Note: Better Auth doesn't expose a direct getUser API.
+   * For full functionality, you may need to implement this using
+   * direct database access in a subclass.
+   *
+   * @param userId - User identifier
+   * @returns EE User object or null if not found
+   */
+  async getUser(_userId) {
+    console.warn(
+      "[MastraAuthBetterAuth] getUser() requires direct database access. Override this method in a subclass for full user lookup support."
+    );
+    return null;
+  }
+  /**
+   * Get URL to user's profile page.
+   * Optional IUserProvider method.
+   */
+  getUserProfileUrl(user) {
+    return `/profile/${user.id}`;
+  }
+  /**
+   * Authenticate a bearer token by verifying the session with Better Auth.
+   *
+   * This method extracts the session from the request headers using
+   * Better Auth's `api.getSession()` endpoint.
+   *
+   * @param token - The bearer token (session token) to authenticate
+   * @param request - The Hono request object containing headers
+   * @returns The authenticated user and session, or null if authentication fails
+   */
+  async authenticateToken(token, request) {
+    try {
+      const headers = new Headers();
+      const rawRequest = "raw" in request ? request.raw : request;
+      const cookieHeader = rawRequest.headers.get("Cookie");
+      if (cookieHeader) {
+        headers.set("Cookie", cookieHeader);
+      }
+      const hasSessionCookie = !!cookieHeader?.split(";").some((pair) => {
+        const [key] = pair.trim().split("=");
+        return key?.trim() === this.sessionCookieName;
+      });
+      if (token && !hasSessionCookie) {
+        const existingCookies = cookieHeader ? `${cookieHeader}; ` : "";
+        headers.set("Cookie", `${existingCookies}${this.sessionCookieName}=${token}`);
+      }
+      const result = await this.auth.api.getSession({
+        headers
+      });
+      if (!result || !result.session || !result.user) {
+        return null;
+      }
+      return {
+        session: result.session,
+        user: result.user
+      };
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Authorize a user for access.
+   *
+   * By default, any authenticated user with a valid session is authorized.
+   * You can override this behavior by providing a custom `authorizeUser` function
+   * in the constructor options.
+   *
+   * @param user - The authenticated user and session
+   * @returns True if the user is authorized, false otherwise
+   */
+  async authorizeUser(user) {
+    return !!user?.session?.id && !!user?.user?.id;
+  }
+  // ============================================
+  // ICredentialsProvider implementation (EE capability)
+  // License check happens in buildCapabilities()
+  // ============================================
+  /**
+   * Sign in with email and password.
+   * Implements ICredentialsProvider for EE credentials auth.
+   *
+   * @param email - User email
+   * @param password - User password
+   * @param request - Incoming HTTP request
+   * @returns Result with user and session cookies
+   * @throws Error if credentials are invalid
+   */
+  async signIn(email, password, request) {
+    const headers = request?.headers ?? new Headers();
+    const response = await this.auth.api.signInEmail({
+      body: { email, password },
+      headers,
+      asResponse: true
+    });
+    if (!response.ok) {
+      const errorData = await response.json().catch(() => ({}));
+      throw new Error(errorData.message || "Invalid email or password");
+    }
+    const result = await response.json();
+    if (!result?.user) {
+      throw new Error("Invalid email or password");
+    }
+    const cookies = [];
+    const setCookieHeader = response.headers.get("set-cookie");
+    if (setCookieHeader) {
+      cookies.push(...setCookieHeader.split(/,(?=\s*\w+=)/));
+    }
+    return {
+      user: mapBetterAuthUserToEEUser(result.user),
+      token: result.token ?? void 0,
+      cookies
+    };
+  }
+  /**
+   * Sign up with email and password.
+   * Implements ICredentialsProvider for EE credentials auth.
+   *
+   * @param email - User email
+   * @param password - User password
+   * @param name - Optional display name
+   * @param request - Incoming HTTP request
+   * @returns Result with new user and session cookies
+   * @throws Error if sign up fails
+   */
+  async signUp(email, password, name, request) {
+    const displayName = name ?? email.split("@")[0] ?? "User";
+    const headers = request?.headers ?? new Headers();
+    const response = await this.auth.api.signUpEmail({
+      body: { email, password, name: displayName },
+      headers,
+      asResponse: true
+    });
+    if (!response.ok) {
+      const errorData = await response.json().catch(() => ({}));
+      throw new Error(errorData.message || "Failed to create account");
+    }
+    const result = await response.json();
+    if (!result?.user) {
+      throw new Error("Failed to create account");
+    }
+    const cookies = [];
+    const setCookieHeader = response.headers.get("set-cookie");
+    if (setCookieHeader) {
+      cookies.push(...setCookieHeader.split(/,(?=\s*\w+=)/));
+    }
+    return {
+      user: mapBetterAuthUserToEEUser(result.user),
+      token: result.token ?? void 0,
+      cookies
+    };
+  }
+  /**
+   * Get the underlying Better Auth instance.
+   * Useful for accessing Better Auth APIs directly.
+   */
+  getAuth() {
+    return this.auth;
+  }
+  /**
+   * Get headers to clear the session cookies on logout.
+   * Partial ISessionProvider implementation for logout support.
+   *
+   * Clears Better Auth's default session cookies.
+   */
+  getClearSessionHeaders() {
+    const cookies = [
+      `${this.sessionCookieName}=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`,
+      `${this.sessionCookieName}_sig=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`
+    ];
+    return {
+      "Set-Cookie": cookies.join(", ")
+    };
+  }
+};
+export { MastraAuthBetterAuth };
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/index.ts"],"names":[],"mappings":";;;AAoBA,SAAS,0BAA0B,IAAA,EAAoB;AACrD,EAAA,OAAO;AAAA,IACL,IAAI,IAAA,CAAK,EAAA;AAAA,IACT,OAAO,IAAA,CAAK,KAAA;AAAA,IACZ,MAAM,IAAA,CAAK,IAAA;AAAA,IACX,SAAA,EAAW,KAAK,KAAA,IAAS,MAAA;AAAA,IACzB,QAAA,EAAU;AAAA,MACR,eAAe,IAAA,CAAK,aAAA;AAAA,MACpB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA;AAClB,GACF;AACF;AAsDO,IAAM,oBAAA,GAAN,cACG,kBAAA,CAEV;AAAA,EACY,IAAA;AAAA,EACA,mBAAA;AAAA,EACH,iBAAA;AAAA,EAEP,YAAY,OAAA,EAAsC;AAChD,IAAA,KAAA,CAAM,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,IAAQ,eAAe,CAAA;AAE9C,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,OAAO,OAAA,CAAQ,IAAA;AACpB,IAAA,IAAA,CAAK,mBAAA,GAAsB,QAAQ,aAAA,IAAiB,IAAA;AAGpD,IAAA,MAAM,kBAAkB,IAAA,CAAK,IAAA;AAC7B,IAAA,MAAM,MAAA,GAAS,eAAA,CAAgB,OAAA,EAAS,QAAA,EAAU,YAAA,IAAgB,aAAA;AAClE,IAAA,IAAA,CAAK,iBAAA,GAAoB,GAAG,MAAM,CAAA,cAAA,CAAA;AAElC,IAAA,IAAA,CAAK,gBAAgB,OAAO,CAAA;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,eAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,mBAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,MAAM,eAAe,OAAA,EAA0C;AAC7D,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,UAAA,CAAW;AAAA,QAC5C,SAAS,OAAA,CAAQ;AAAA,OAClB,CAAA;AAED,MAAA,IAAI,CAAC,MAAA,EAAQ,IAAA,EAAM,OAAO,IAAA;AAC1B,MAAA,OAAO,yBAAA,CAA0B,OAAO,IAAI,CAAA;AAAA,IAC9C,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,QAAQ,OAAA,EAAyC;AAIrD,IAAA,OAAA,CAAQ,IAAA;AAAA,MACN;AAAA,KAEF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,kBAAkB,IAAA,EAAsB;AACtC,IAAA,OAAO,CAAA,SAAA,EAAY,KAAK,EAAE,CAAA,CAAA;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,iBAAA,CAAkB,KAAA,EAAe,OAAA,EAAsD;AAC3F,IAAA,IAAI;AAEF,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAI5B,MAAA,MAAM,UAAA,GAAsB,KAAA,IAAS,OAAA,GAAW,OAAA,CAAgB,GAAA,GAAO,OAAA;AAEvE,MAAA,MAAM,YAAA,GAAe,UAAA,CAAW,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAU,YAAY,CAAA;AAAA,MACpC;AAIA,MAAA,MAAM,gBAAA,GAAmB,CAAC,CAAC,YAAA,EAAc,MAAM,GAAG,CAAA,CAAE,KAAK,CAAA,IAAA,KAAQ;AAC/D,QAAA,MAAM,CAAC,GAAG,CAAA,GAAI,KAAK,IAAA,EAAK,CAAE,MAAM,GAAG,CAAA;AACnC,QAAA,OAAO,GAAA,EAAK,IAAA,EAAK,KAAM,IAAA,CAAK,iBAAA;AAAA,MAC9B,CAAC,CAAA;AACD,MAAA,IAAI,KAAA,IAAS,CAAC,gBAAA,EAAkB;AAC9B,QAAA,MAAM,eAAA,GAAkB,YAAA,GAAe,CAAA,EAAG,YAAY,CAAA,EAAA,CAAA,GAAO,EAAA;AAC7D,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA,EAAG,eAAe,GAAG,IAAA,CAAK,iBAAiB,CAAA,CAAA,EAAI,KAAK,CAAA,CAAE,CAAA;AAAA,MAC9E;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,UAAA,CAAW;AAAA,QAC5C;AAAA,OACD,CAAA;AAED,MAAA,IAAI,CAAC,MAAA,IAAU,CAAC,OAAO,OAAA,IAAW,CAAC,OAAO,IAAA,EAAM;AAC9C,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,OAAO;AAAA,QACL,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,MAAM,MAAA,CAAO;AAAA,OACf;AAAA,IACF,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,cAAc,IAAA,EAAwC;AAE1D,IAAA,OAAO,CAAC,CAAC,IAAA,EAAM,OAAA,EAAS,MAAM,CAAC,CAAC,MAAM,IAAA,EAAM,EAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,MAAM,MAAA,CAAO,KAAA,EAAe,QAAA,EAAkB,OAAA,EAAsD;AAClG,IAAA,MAAM,OAAA,GAAU,OAAA,EAAS,OAAA,IAAW,IAAI,OAAA,EAAQ;AAGhD,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,WAAA,CAAY;AAAA,MAC/C,IAAA,EAAM,EAAE,KAAA,EAAO,QAAA,EAAS;AAAA,MACxB,OAAA;AAAA,MACA,UAAA,EAAY;AAAA,KACb,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACzD,MAAA,MAAM,IAAI,KAAA,CAAM,SAAA,CAAU,OAAA,IAAW,2BAA2B,CAAA;AAAA,IAClE;AAEA,IAAA,MAAM,MAAA,GAAU,MAAM,QAAA,CAAS,IAAA,EAAK;AAEpC,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,MAAM,2BAA2B,CAAA;AAAA,IAC7C;AAGA,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,MAAM,eAAA,GAAkB,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,YAAY,CAAA;AACzD,IAAA,IAAI,eAAA,EAAiB;AAEnB,MAAA,OAAA,CAAQ,IAAA,CAAK,GAAG,eAAA,CAAgB,KAAA,CAAM,cAAc,CAAC,CAAA;AAAA,IACvD;AAEA,IAAA,OAAO;AAAA,MACL,IAAA,EAAM,yBAAA,CAA0B,MAAA,CAAO,IAAI,CAAA;AAAA,MAC3C,KAAA,EAAO,OAAO,KAAA,IAAS,MAAA;AAAA,MACvB;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,MAAA,CACJ,KAAA,EACA,QAAA,EACA,MACA,OAAA,EACoC;AACpC,IAAA,MAAM,cAAc,IAAA,IAAQ,KAAA,CAAM,MAAM,GAAG,CAAA,CAAE,CAAC,CAAA,IAAK,MAAA;AACnD,IAAA,MAAM,OAAA,GAAU,OAAA,EAAS,OAAA,IAAW,IAAI,OAAA,EAAQ;AAGhD,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,WAAA,CAAY;AAAA,MAC/C,IAAA,EAAM,EAAE,KAAA,EAAO,QAAA,EAAU,MAAM,WAAA,EAAY;AAAA,MAC3C,OAAA;AAAA,MACA,UAAA,EAAY;AAAA,KACb,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACzD,MAAA,MAAM,IAAI,KAAA,CAAM,SAAA,CAAU,OAAA,IAAW,0BAA0B,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,MAAA,GAAU,MAAM,QAAA,CAAS,IAAA,EAAK;AAEpC,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,MAAM,0BAA0B,CAAA;AAAA,IAC5C;AAGA,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,MAAM,eAAA,GAAkB,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,YAAY,CAAA;AACzD,IAAA,IAAI,eAAA,EAAiB;AAEnB,MAAA,OAAA,CAAQ,IAAA,CAAK,GAAG,eAAA,CAAgB,KAAA,CAAM,cAAc,CAAC,CAAA;AAAA,IACvD;AAEA,IAAA,OAAO;AAAA,MACL,IAAA,EAAM,yBAAA,CAA0B,MAAA,CAAO,IAAI,CAAA;AAAA,MAC3C,KAAA,EAAO,OAAO,KAAA,IAAS,MAAA;AAAA,MACvB;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,OAAA,GAAgB;AACd,IAAA,OAAO,IAAA,CAAK,IAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,sBAAA,GAAiD;AAE/C,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,CAAA,EAAG,KAAK,iBAAiB,CAAA,4CAAA,CAAA;AAAA,MACzB,CAAA,EAAG,KAAK,iBAAiB,CAAA,gDAAA;AAAA,KAC3B;AACA,IAAA,OAAO;AAAA,MACL,YAAA,EAAc,OAAA,CAAQ,IAAA,CAAK,IAAI;AAAA,KACjC;AAAA,EACF;AACF","file":"index.js","sourcesContent":["import type { IUserProvider, ICredentialsProvider, CredentialsResult } from '@mastra/core/auth';\nimport type { EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProviderOptions } from '@mastra/core/server';\nimport { MastraAuthProvider } from '@mastra/core/server';\n\nimport type { Auth, Session, User } from 'better-auth';\nimport type { HonoRequest } from 'hono';\n\n/**\n * User type returned by Better Auth session verification.\n * Used internally for authentication token verification.\n */\nexport interface BetterAuthUser {\n session: Session;\n user: User;\n}\n\n/**\n * Maps Better Auth User to EE User format.\n */\nfunction mapBetterAuthUserToEEUser(user: User): EEUser {\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.image ?? undefined,\n metadata: {\n emailVerified: user.emailVerified,\n createdAt: user.createdAt,\n updatedAt: user.updatedAt,\n },\n };\n}\n\ninterface MastraAuthBetterAuthOptions extends MastraAuthProviderOptions<BetterAuthUser> {\n /**\n * The Better Auth instance to use for authentication.\n * This should be the result of calling `betterAuth({ ... })`.\n */\n auth: Auth;\n\n /**\n * Whether to allow new user registration via sign-up.\n * Set to false to disable public registration.\n * @default true\n */\n signUpEnabled?: boolean;\n}\n\n/**\n * Mastra authentication provider for Better Auth.\n *\n * Better Auth is a self-hosted, open-source authentication framework\n * that gives you full control over your authentication system.\n *\n * @example\n * ```typescript\n * import { betterAuth } from 'better-auth';\n * import { MastraAuthBetterAuth } from '@mastra/auth-better-auth';\n *\n * // Create your Better Auth instance\n * const auth = betterAuth({\n * database: {\n * provider: 'postgresql',\n * url: process.env.DATABASE_URL!,\n * },\n * emailAndPassword: {\n * enabled: true,\n * },\n * });\n *\n * // Create the Mastra auth provider\n * const mastraAuth = new MastraAuthBetterAuth({\n * auth,\n * });\n *\n * // Use with Mastra\n * const mastra = new Mastra({\n * server: {\n * auth: mastraAuth,\n * },\n * });\n * ```\n *\n * @see https://better-auth.com for Better Auth documentation\n */\nexport class MastraAuthBetterAuth\n extends MastraAuthProvider<BetterAuthUser>\n implements IUserProvider<EEUser>, ICredentialsProvider<EEUser>\n{\n protected auth: Auth;\n protected signUpEnabledConfig: boolean;\n public sessionCookieName: string;\n\n constructor(options: MastraAuthBetterAuthOptions) {\n super({ name: options?.name ?? 'better-auth' });\n\n if (!options.auth) {\n throw new Error(\n 'Better Auth instance is required. Please provide the auth option with your Better Auth instance created via betterAuth({ ... })',\n );\n }\n\n this.auth = options.auth;\n this.signUpEnabledConfig = options.signUpEnabled ?? true;\n\n // Derive the session cookie name from Better Auth's cookiePrefix option\n const authWithOptions = this.auth as unknown as { options?: { advanced?: { cookiePrefix?: string } } };\n const prefix = authWithOptions.options?.advanced?.cookiePrefix ?? 'better-auth';\n this.sessionCookieName = `${prefix}.session_token`;\n\n this.registerOptions(options);\n }\n\n /**\n * Check if sign-up is enabled.\n * Implements ICredentialsProvider.isSignUpEnabled.\n */\n isSignUpEnabled(): boolean {\n return this.signUpEnabledConfig;\n }\n\n // ============================================\n // IUserProvider implementation (EE capability)\n // License check happens in buildCapabilities()\n // ============================================\n\n /**\n * Get current user from request.\n * Implements IUserProvider for EE user awareness in Studio.\n *\n * @param request - Incoming HTTP request\n * @returns EE User object or null if not authenticated\n */\n async getCurrentUser(request: Request): Promise<EEUser | null> {\n try {\n const result = await this.auth.api.getSession({\n headers: request.headers,\n });\n\n if (!result?.user) return null;\n return mapBetterAuthUserToEEUser(result.user);\n } catch {\n return null;\n }\n }\n\n /**\n * Get user by ID.\n * Implements IUserProvider for EE user awareness.\n *\n * Note: Better Auth doesn't expose a direct getUser API.\n * For full functionality, you may need to implement this using\n * direct database access in a subclass.\n *\n * @param userId - User identifier\n * @returns EE User object or null if not found\n */\n async getUser(_userId: string): Promise<EEUser | null> {\n // Better Auth doesn't have a direct getUser API\n // Users can override this method with their own implementation\n // that queries the database directly\n console.warn(\n '[MastraAuthBetterAuth] getUser() requires direct database access. ' +\n 'Override this method in a subclass for full user lookup support.',\n );\n return null;\n }\n\n /**\n * Get URL to user's profile page.\n * Optional IUserProvider method.\n */\n getUserProfileUrl(user: EEUser): string {\n return `/profile/${user.id}`;\n }\n\n /**\n * Authenticate a bearer token by verifying the session with Better Auth.\n *\n * This method extracts the session from the request headers using\n * Better Auth's `api.getSession()` endpoint.\n *\n * @param token - The bearer token (session token) to authenticate\n * @param request - The Hono request object containing headers\n * @returns The authenticated user and session, or null if authentication fails\n */\n async authenticateToken(token: string, request: HonoRequest): Promise<BetterAuthUser | null> {\n try {\n // Better Auth's api.getSession() reads session tokens from the Cookie header\n const headers = new Headers();\n\n // The auth middleware may pass a raw Request (c.req.raw) instead of HonoRequest,\n // so unwrap via 'raw' property detection and use the standard Web API.\n const rawRequest: Request = 'raw' in request ? (request as any).raw : (request as unknown as Request);\n\n const cookieHeader = rawRequest.headers.get('Cookie');\n if (cookieHeader) {\n headers.set('Cookie', cookieHeader);\n }\n\n // Convert Bearer token to a session cookie if not already present.\n // better-auth ignores the Authorization header — it only reads from Cookie.\n const hasSessionCookie = !!cookieHeader?.split(';').some(pair => {\n const [key] = pair.trim().split('=');\n return key?.trim() === this.sessionCookieName;\n });\n if (token && !hasSessionCookie) {\n const existingCookies = cookieHeader ? `${cookieHeader}; ` : '';\n headers.set('Cookie', `${existingCookies}${this.sessionCookieName}=${token}`);\n }\n\n const result = await this.auth.api.getSession({\n headers,\n });\n\n if (!result || !result.session || !result.user) {\n return null;\n }\n\n return {\n session: result.session,\n user: result.user,\n };\n } catch {\n return null;\n }\n }\n\n /**\n * Authorize a user for access.\n *\n * By default, any authenticated user with a valid session is authorized.\n * You can override this behavior by providing a custom `authorizeUser` function\n * in the constructor options.\n *\n * @param user - The authenticated user and session\n * @returns True if the user is authorized, false otherwise\n */\n async authorizeUser(user: BetterAuthUser): Promise<boolean> {\n // By default, any authenticated user with a valid session is authorized\n return !!user?.session?.id && !!user?.user?.id;\n }\n\n // ============================================\n // ICredentialsProvider implementation (EE capability)\n // License check happens in buildCapabilities()\n // ============================================\n\n /**\n * Sign in with email and password.\n * Implements ICredentialsProvider for EE credentials auth.\n *\n * @param email - User email\n * @param password - User password\n * @param request - Incoming HTTP request\n * @returns Result with user and session cookies\n * @throws Error if credentials are invalid\n */\n async signIn(email: string, password: string, request: Request): Promise<CredentialsResult<EEUser>> {\n const headers = request?.headers ?? new Headers();\n\n // Use asResponse: true to get the full response with Set-Cookie headers\n const response = await this.auth.api.signInEmail({\n body: { email, password },\n headers,\n asResponse: true,\n });\n\n if (!response.ok) {\n const errorData = (await response.json().catch(() => ({}))) as { message?: string };\n throw new Error(errorData.message || 'Invalid email or password');\n }\n\n const result = (await response.json()) as { user?: User; token?: string | null };\n\n if (!result?.user) {\n throw new Error('Invalid email or password');\n }\n\n // Extract Set-Cookie headers from Better Auth response\n const cookies: string[] = [];\n const setCookieHeader = response.headers.get('set-cookie');\n if (setCookieHeader) {\n // Split multiple cookies (they may be comma-separated or in multiple headers)\n cookies.push(...setCookieHeader.split(/,(?=\\s*\\w+=)/));\n }\n\n return {\n user: mapBetterAuthUserToEEUser(result.user),\n token: result.token ?? undefined,\n cookies,\n };\n }\n\n /**\n * Sign up with email and password.\n * Implements ICredentialsProvider for EE credentials auth.\n *\n * @param email - User email\n * @param password - User password\n * @param name - Optional display name\n * @param request - Incoming HTTP request\n * @returns Result with new user and session cookies\n * @throws Error if sign up fails\n */\n async signUp(\n email: string,\n password: string,\n name: string | undefined,\n request: Request,\n ): Promise<CredentialsResult<EEUser>> {\n const displayName = name ?? email.split('@')[0] ?? 'User';\n const headers = request?.headers ?? new Headers();\n\n // Use asResponse: true to get the full response with Set-Cookie headers\n const response = await this.auth.api.signUpEmail({\n body: { email, password, name: displayName },\n headers,\n asResponse: true,\n });\n\n if (!response.ok) {\n const errorData = (await response.json().catch(() => ({}))) as { message?: string };\n throw new Error(errorData.message || 'Failed to create account');\n }\n\n const result = (await response.json()) as { user?: User; token?: string | null };\n\n if (!result?.user) {\n throw new Error('Failed to create account');\n }\n\n // Extract Set-Cookie headers from Better Auth response\n const cookies: string[] = [];\n const setCookieHeader = response.headers.get('set-cookie');\n if (setCookieHeader) {\n // Split multiple cookies (they may be comma-separated or in multiple headers)\n cookies.push(...setCookieHeader.split(/,(?=\\s*\\w+=)/));\n }\n\n return {\n user: mapBetterAuthUserToEEUser(result.user),\n token: result.token ?? undefined,\n cookies,\n };\n }\n\n /**\n * Get the underlying Better Auth instance.\n * Useful for accessing Better Auth APIs directly.\n */\n getAuth(): Auth {\n return this.auth;\n }\n\n /**\n * Get headers to clear the session cookies on logout.\n * Partial ISessionProvider implementation for logout support.\n *\n * Clears Better Auth's default session cookies.\n */\n getClearSessionHeaders(): Record<string, string> {\n // Clear both the session token and its signature cookie\n const cookies = [\n `${this.sessionCookieName}=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`,\n `${this.sessionCookieName}_sig=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`,\n ];\n return {\n 'Set-Cookie': cookies.join(', '),\n };\n }\n}\n"]}

package/package.json ADDED Viewed

@@ -0,0 +1,63 @@
+{
+  "name": "@mastra/auth-better-auth",
+  "version": "0.0.0-agent-chat-ui-20260305212602",
+  "description": "Mastra Better Auth integration - self-hosted authentication",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      },
+      "require": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.cjs"
+      }
+    },
+    "./package.json": "./package.json"
+  },
+  "license": "Apache-2.0",
+  "dependencies": {
+    "better-auth": "^1.4.18"
+  },
+  "peerDependencies": {
+    "@mastra/core": "0.0.0-agent-chat-ui-20260305212602"
+  },
+  "devDependencies": {
+    "@types/node": "22.19.7",
+    "hono": "^4.11.9",
+    "@vitest/coverage-v8": "4.0.18",
+    "@vitest/ui": "4.0.18",
+    "eslint": "^9.37.0",
+    "tsup": "^8.5.1",
+    "typescript": "^5.9.3",
+    "vitest": "4.0.18",
+    "@internal/lint": "0.0.0-agent-chat-ui-20260305212602",
+    "@mastra/core": "0.0.0-agent-chat-ui-20260305212602",
+    "@internal/types-builder": "0.0.0-agent-chat-ui-20260305212602"
+  },
+  "files": [
+    "dist",
+    "CHANGELOG.md"
+  ],
+  "homepage": "https://mastra.ai",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/mastra-ai/mastra.git",
+    "directory": "auth/better-auth"
+  },
+  "bugs": {
+    "url": "https://github.com/mastra-ai/mastra/issues"
+  },
+  "engines": {
+    "node": ">=22.13.0"
+  },
+  "scripts": {
+    "build": "tsup --silent --config tsup.config.ts",
+    "build:watch": "tsup --watch --silent --config tsup.config.ts",
+    "test": "vitest run",
+    "lint": "eslint ."
+  }
+}