@mastra/auth-better-auth 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/CHANGELOG.md +18 -0
  2. package/LICENSE.md +15 -0
  3. package/dist/index.cjs +184 -162
  4. package/dist/index.cjs.map +1 -1
  5. package/dist/index.d.ts +78 -2
  6. package/dist/index.d.ts.map +1 -1
  7. package/dist/index.js +183 -161
  8. package/dist/index.js.map +1 -1
  9. package/package.json +11 -8
package/CHANGELOG.md CHANGED
@@ -1,5 +1,23 @@
1
1
  # @mastra/auth-better-auth
2
2
 
3
+ ## 1.0.2
4
+
5
+ ### Patch Changes
6
+
7
+ - Expanded `@mastra/auth-better-auth` to implement the new auth interfaces (`IUserProvider`, `ISessionProvider`, `ICredentialsProvider`) from `@mastra/core/auth`. Adds support for username/password credential flows alongside the existing token-based authentication. ([#13163](https://github.com/mastra-ai/mastra/pull/13163))
8
+
9
+ - Updated dependencies [[`504fc8b`](https://github.com/mastra-ai/mastra/commit/504fc8b9d0ddab717577ad3bf9c95ea4bd5377bd), [`f9c150b`](https://github.com/mastra-ai/mastra/commit/f9c150b7595ad05ad9cc9a11098e2944361e8c22), [`88de7e8`](https://github.com/mastra-ai/mastra/commit/88de7e8dfe4b7e1951a9e441bb33136e705ce24e), [`edee4b3`](https://github.com/mastra-ai/mastra/commit/edee4b37dff0af515fc7cc0e8d71ee39e6a762f0), [`3790c75`](https://github.com/mastra-ai/mastra/commit/3790c7578cc6a47d854eb12d89e6b1912867fe29), [`e7a235b`](https://github.com/mastra-ai/mastra/commit/e7a235be6472e0c870ed6c791ddb17c492dc188b), [`d51d298`](https://github.com/mastra-ai/mastra/commit/d51d298953967aab1f58ec965b644d109214f085), [`6dbeeb9`](https://github.com/mastra-ai/mastra/commit/6dbeeb94a8b1eebb727300d1a98961f882180794), [`d5f0d8d`](https://github.com/mastra-ai/mastra/commit/d5f0d8d6a03e515ddaa9b5da19b7e44b8357b07b), [`09c3b18`](https://github.com/mastra-ai/mastra/commit/09c3b1802ff14e243a8a8baea327440bc8cc2e32), [`b896379`](https://github.com/mastra-ai/mastra/commit/b8963791c6afa79484645fcec596a201f936b9a2), [`85c84eb`](https://github.com/mastra-ai/mastra/commit/85c84ebb78aebfcba9d209c8e152b16d7a00cb71), [`a89272a`](https://github.com/mastra-ai/mastra/commit/a89272a5d71939b9fcd284e6a6dc1dd091a6bdcf), [`ee9c8df`](https://github.com/mastra-ai/mastra/commit/ee9c8df644f19d055af5f496bf4942705f5a47b7), [`77b4a25`](https://github.com/mastra-ai/mastra/commit/77b4a254e51907f8ff3a3ba95596a18e93ae4b35), [`276246e`](https://github.com/mastra-ai/mastra/commit/276246e0b9066a1ea48bbc70df84dbe528daaf99), [`08ecfdb`](https://github.com/mastra-ai/mastra/commit/08ecfdbdad6fb8285deef86a034bdf4a6047cfca), [`d5f628c`](https://github.com/mastra-ai/mastra/commit/d5f628ca86c6f6f3ff1035d52f635df32dd81cab), [`524c0f3`](https://github.com/mastra-ai/mastra/commit/524c0f3c434c3d9d18f66338dcef383d6161b59c), [`c18a0e9`](https://github.com/mastra-ai/mastra/commit/c18a0e9cef1e4ca004b2963d35e4cfc031971eac), [`4bd21ea`](https://github.com/mastra-ai/mastra/commit/4bd21ea43d44d0a0427414fc047577f9f0aa3bec), [`115a7a4`](https://github.com/mastra-ai/mastra/commit/115a7a47db5e9896fec12ae6507501adb9ec89bf), [`22a48ae`](https://github.com/mastra-ai/mastra/commit/22a48ae2513eb54d8d79dad361fddbca97a155e8), [`3c6ef79`](https://github.com/mastra-ai/mastra/commit/3c6ef798481e00d6d22563be2de98818fd4dd5e0), [`9311c17`](https://github.com/mastra-ai/mastra/commit/9311c17d7a0640d9c4da2e71b814dc67c57c6369), [`7edf78f`](https://github.com/mastra-ai/mastra/commit/7edf78f80422c43e84585f08ba11df0d4d0b73c5), [`1c4221c`](https://github.com/mastra-ai/mastra/commit/1c4221cf6032ec98d0e094d4ee11da3e48490d96), [`d25b9ea`](https://github.com/mastra-ai/mastra/commit/d25b9eabd400167255a97b690ffbc4ee4097ded5), [`fe1ce5c`](https://github.com/mastra-ai/mastra/commit/fe1ce5c9211c03d561606fda95cbfe7df1d9a9b5), [`b03c0e0`](https://github.com/mastra-ai/mastra/commit/b03c0e0389a799523929a458b0509c9e4244d562), [`0a8366b`](https://github.com/mastra-ai/mastra/commit/0a8366b0a692fcdde56c4d526e4cf03c502ae4ac), [`85664e9`](https://github.com/mastra-ai/mastra/commit/85664e9fd857320fbc245e301f764f45f66f32a3), [`bc79650`](https://github.com/mastra-ai/mastra/commit/bc796500c6e0334faa158a96077e3fb332274869), [`9257d01`](https://github.com/mastra-ai/mastra/commit/9257d01d1366d81f84c582fe02b5e200cf9621f4), [`3a3a59e`](https://github.com/mastra-ai/mastra/commit/3a3a59e8ffaa6a985fe3d9a126a3f5ade11a6724), [`3108d4e`](https://github.com/mastra-ai/mastra/commit/3108d4e649c9fddbf03253a6feeb388a5fa9fa5a), [`0c33b2c`](https://github.com/mastra-ai/mastra/commit/0c33b2c9db537f815e1c59e2c898ffce2e395a79), [`191e5bd`](https://github.com/mastra-ai/mastra/commit/191e5bd29b82f5bda35243945790da7bc7b695c2), [`f77cd94`](https://github.com/mastra-ai/mastra/commit/f77cd94c44eabed490384e7d19232a865e13214c), [`e8135c7`](https://github.com/mastra-ai/mastra/commit/e8135c7e300dac5040670eec7eab896ac6092e30), [`daca48f`](https://github.com/mastra-ai/mastra/commit/daca48f0fb17b7ae0b62a2ac40cf0e491b2fd0b7), [`257d14f`](https://github.com/mastra-ai/mastra/commit/257d14faca5931f2e4186fc165b6f0b1f915deee), [`352f25d`](https://github.com/mastra-ai/mastra/commit/352f25da316b24cdd5b410fd8dddf6a8b763da2a), [`93477d0`](https://github.com/mastra-ai/mastra/commit/93477d0769b8a13ea5ed73d508d967fb23eaeed9), [`31c78b3`](https://github.com/mastra-ai/mastra/commit/31c78b3eb28f58a8017f1dcc795c33214d87feac), [`0bc0720`](https://github.com/mastra-ai/mastra/commit/0bc07201095791858087cc56f353fcd65e87ab54), [`36516ac`](https://github.com/mastra-ai/mastra/commit/36516aca1021cbeb42e74751b46a2614101f37c8), [`e947652`](https://github.com/mastra-ai/mastra/commit/e9476527fdecb4449e54570e80dfaf8466901254), [`3c6ef79`](https://github.com/mastra-ai/mastra/commit/3c6ef798481e00d6d22563be2de98818fd4dd5e0), [`9257d01`](https://github.com/mastra-ai/mastra/commit/9257d01d1366d81f84c582fe02b5e200cf9621f4), [`ec248f6`](https://github.com/mastra-ai/mastra/commit/ec248f6b56e8a037c066c49b2178e2507471d988)]:
10
+ - @mastra/core@1.9.0
11
+
12
+ ## 1.0.2-alpha.0
13
+
14
+ ### Patch Changes
15
+
16
+ - Expanded `@mastra/auth-better-auth` to implement the new auth interfaces (`IUserProvider`, `ISessionProvider`, `ICredentialsProvider`) from `@mastra/core/auth`. Adds support for username/password credential flows alongside the existing token-based authentication. ([#13163](https://github.com/mastra-ai/mastra/pull/13163))
17
+
18
+ - Updated dependencies [[`504fc8b`](https://github.com/mastra-ai/mastra/commit/504fc8b9d0ddab717577ad3bf9c95ea4bd5377bd), [`f9c150b`](https://github.com/mastra-ai/mastra/commit/f9c150b7595ad05ad9cc9a11098e2944361e8c22), [`88de7e8`](https://github.com/mastra-ai/mastra/commit/88de7e8dfe4b7e1951a9e441bb33136e705ce24e), [`edee4b3`](https://github.com/mastra-ai/mastra/commit/edee4b37dff0af515fc7cc0e8d71ee39e6a762f0), [`3790c75`](https://github.com/mastra-ai/mastra/commit/3790c7578cc6a47d854eb12d89e6b1912867fe29), [`e7a235b`](https://github.com/mastra-ai/mastra/commit/e7a235be6472e0c870ed6c791ddb17c492dc188b), [`d51d298`](https://github.com/mastra-ai/mastra/commit/d51d298953967aab1f58ec965b644d109214f085), [`6dbeeb9`](https://github.com/mastra-ai/mastra/commit/6dbeeb94a8b1eebb727300d1a98961f882180794), [`d5f0d8d`](https://github.com/mastra-ai/mastra/commit/d5f0d8d6a03e515ddaa9b5da19b7e44b8357b07b), [`09c3b18`](https://github.com/mastra-ai/mastra/commit/09c3b1802ff14e243a8a8baea327440bc8cc2e32), [`b896379`](https://github.com/mastra-ai/mastra/commit/b8963791c6afa79484645fcec596a201f936b9a2), [`85c84eb`](https://github.com/mastra-ai/mastra/commit/85c84ebb78aebfcba9d209c8e152b16d7a00cb71), [`a89272a`](https://github.com/mastra-ai/mastra/commit/a89272a5d71939b9fcd284e6a6dc1dd091a6bdcf), [`ee9c8df`](https://github.com/mastra-ai/mastra/commit/ee9c8df644f19d055af5f496bf4942705f5a47b7), [`77b4a25`](https://github.com/mastra-ai/mastra/commit/77b4a254e51907f8ff3a3ba95596a18e93ae4b35), [`276246e`](https://github.com/mastra-ai/mastra/commit/276246e0b9066a1ea48bbc70df84dbe528daaf99), [`08ecfdb`](https://github.com/mastra-ai/mastra/commit/08ecfdbdad6fb8285deef86a034bdf4a6047cfca), [`d5f628c`](https://github.com/mastra-ai/mastra/commit/d5f628ca86c6f6f3ff1035d52f635df32dd81cab), [`524c0f3`](https://github.com/mastra-ai/mastra/commit/524c0f3c434c3d9d18f66338dcef383d6161b59c), [`c18a0e9`](https://github.com/mastra-ai/mastra/commit/c18a0e9cef1e4ca004b2963d35e4cfc031971eac), [`4bd21ea`](https://github.com/mastra-ai/mastra/commit/4bd21ea43d44d0a0427414fc047577f9f0aa3bec), [`115a7a4`](https://github.com/mastra-ai/mastra/commit/115a7a47db5e9896fec12ae6507501adb9ec89bf), [`22a48ae`](https://github.com/mastra-ai/mastra/commit/22a48ae2513eb54d8d79dad361fddbca97a155e8), [`3c6ef79`](https://github.com/mastra-ai/mastra/commit/3c6ef798481e00d6d22563be2de98818fd4dd5e0), [`9311c17`](https://github.com/mastra-ai/mastra/commit/9311c17d7a0640d9c4da2e71b814dc67c57c6369), [`7edf78f`](https://github.com/mastra-ai/mastra/commit/7edf78f80422c43e84585f08ba11df0d4d0b73c5), [`1c4221c`](https://github.com/mastra-ai/mastra/commit/1c4221cf6032ec98d0e094d4ee11da3e48490d96), [`d25b9ea`](https://github.com/mastra-ai/mastra/commit/d25b9eabd400167255a97b690ffbc4ee4097ded5), [`fe1ce5c`](https://github.com/mastra-ai/mastra/commit/fe1ce5c9211c03d561606fda95cbfe7df1d9a9b5), [`b03c0e0`](https://github.com/mastra-ai/mastra/commit/b03c0e0389a799523929a458b0509c9e4244d562), [`0a8366b`](https://github.com/mastra-ai/mastra/commit/0a8366b0a692fcdde56c4d526e4cf03c502ae4ac), [`85664e9`](https://github.com/mastra-ai/mastra/commit/85664e9fd857320fbc245e301f764f45f66f32a3), [`bc79650`](https://github.com/mastra-ai/mastra/commit/bc796500c6e0334faa158a96077e3fb332274869), [`9257d01`](https://github.com/mastra-ai/mastra/commit/9257d01d1366d81f84c582fe02b5e200cf9621f4), [`3a3a59e`](https://github.com/mastra-ai/mastra/commit/3a3a59e8ffaa6a985fe3d9a126a3f5ade11a6724), [`3108d4e`](https://github.com/mastra-ai/mastra/commit/3108d4e649c9fddbf03253a6feeb388a5fa9fa5a), [`0c33b2c`](https://github.com/mastra-ai/mastra/commit/0c33b2c9db537f815e1c59e2c898ffce2e395a79), [`191e5bd`](https://github.com/mastra-ai/mastra/commit/191e5bd29b82f5bda35243945790da7bc7b695c2), [`f77cd94`](https://github.com/mastra-ai/mastra/commit/f77cd94c44eabed490384e7d19232a865e13214c), [`e8135c7`](https://github.com/mastra-ai/mastra/commit/e8135c7e300dac5040670eec7eab896ac6092e30), [`daca48f`](https://github.com/mastra-ai/mastra/commit/daca48f0fb17b7ae0b62a2ac40cf0e491b2fd0b7), [`257d14f`](https://github.com/mastra-ai/mastra/commit/257d14faca5931f2e4186fc165b6f0b1f915deee), [`352f25d`](https://github.com/mastra-ai/mastra/commit/352f25da316b24cdd5b410fd8dddf6a8b763da2a), [`93477d0`](https://github.com/mastra-ai/mastra/commit/93477d0769b8a13ea5ed73d508d967fb23eaeed9), [`31c78b3`](https://github.com/mastra-ai/mastra/commit/31c78b3eb28f58a8017f1dcc795c33214d87feac), [`0bc0720`](https://github.com/mastra-ai/mastra/commit/0bc07201095791858087cc56f353fcd65e87ab54), [`36516ac`](https://github.com/mastra-ai/mastra/commit/36516aca1021cbeb42e74751b46a2614101f37c8), [`e947652`](https://github.com/mastra-ai/mastra/commit/e9476527fdecb4449e54570e80dfaf8466901254), [`3c6ef79`](https://github.com/mastra-ai/mastra/commit/3c6ef798481e00d6d22563be2de98818fd4dd5e0), [`9257d01`](https://github.com/mastra-ai/mastra/commit/9257d01d1366d81f84c582fe02b5e200cf9621f4), [`ec248f6`](https://github.com/mastra-ai/mastra/commit/ec248f6b56e8a037c066c49b2178e2507471d988)]:
19
+ - @mastra/core@1.9.0-alpha.0
20
+
3
21
  ## 1.0.1
4
22
 
5
23
  ### Patch Changes
package/LICENSE.md CHANGED
@@ -1,3 +1,18 @@
1
+ Portions of this software are licensed as follows:
2
+
3
+ - All content that resides under any directory named "ee/" within this
4
+ repository, including but not limited to:
5
+ - `packages/core/src/auth/ee/`
6
+ - `packages/server/src/server/auth/ee/`
7
+ is licensed under the license defined in `ee/LICENSE`.
8
+
9
+ - All third-party components incorporated into the Mastra Software are
10
+ licensed under the original license provided by the owner of the
11
+ applicable component.
12
+
13
+ - Content outside of the above-mentioned directories or restrictions is
14
+ available under the "Apache License 2.0" as defined below.
15
+
1
16
  # Apache License 2.0
2
17
 
3
18
  Copyright (c) 2025 Kepler Software, Inc.
package/dist/index.cjs CHANGED
@@ -1,163 +1,25 @@
1
1
  'use strict';
2
2
 
3
- // ../../packages/core/dist/chunk-X2WMFSPB.js
4
- var RegisteredLogger = {
5
- LLM: "LLM"};
6
- var LogLevel = {
7
- DEBUG: "debug",
8
- INFO: "info",
9
- WARN: "warn",
10
- ERROR: "error"};
11
- var MastraLogger = class {
12
- name;
13
- level;
14
- transports;
15
- constructor(options = {}) {
16
- this.name = options.name || "Mastra";
17
- this.level = options.level || LogLevel.ERROR;
18
- this.transports = new Map(Object.entries(options.transports || {}));
19
- }
20
- getTransports() {
21
- return this.transports;
22
- }
23
- trackException(_error) {
24
- }
25
- async listLogs(transportId, params) {
26
- if (!transportId || !this.transports.has(transportId)) {
27
- return { logs: [], total: 0, page: params?.page ?? 1, perPage: params?.perPage ?? 100, hasMore: false };
28
- }
29
- return this.transports.get(transportId).listLogs(params) ?? {
30
- logs: [],
31
- total: 0,
32
- page: params?.page ?? 1,
33
- perPage: params?.perPage ?? 100,
34
- hasMore: false
35
- };
36
- }
37
- async listLogsByRunId({
38
- transportId,
39
- runId,
40
- fromDate,
41
- toDate,
42
- logLevel,
43
- filters,
44
- page,
45
- perPage
46
- }) {
47
- if (!transportId || !this.transports.has(transportId) || !runId) {
48
- return { logs: [], total: 0, page: page ?? 1, perPage: perPage ?? 100, hasMore: false };
49
- }
50
- return this.transports.get(transportId).listLogsByRunId({ runId, fromDate, toDate, logLevel, filters, page, perPage }) ?? {
51
- logs: [],
52
- total: 0,
53
- page: page ?? 1,
54
- perPage: perPage ?? 100,
55
- hasMore: false
56
- };
57
- }
58
- };
59
- var ConsoleLogger = class extends MastraLogger {
60
- constructor(options = {}) {
61
- super(options);
62
- }
63
- debug(message, ...args) {
64
- if (this.level === LogLevel.DEBUG) {
65
- console.info(message, ...args);
66
- }
67
- }
68
- info(message, ...args) {
69
- if (this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {
70
- console.info(message, ...args);
71
- }
72
- }
73
- warn(message, ...args) {
74
- if (this.level === LogLevel.WARN || this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {
75
- console.info(message, ...args);
76
- }
77
- }
78
- error(message, ...args) {
79
- if (this.level === LogLevel.ERROR || this.level === LogLevel.WARN || this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {
80
- console.error(message, ...args);
81
- }
82
- }
83
- async listLogs(_transportId, _params) {
84
- return { logs: [], total: 0, page: _params?.page ?? 1, perPage: _params?.perPage ?? 100, hasMore: false };
85
- }
86
- async listLogsByRunId(_args) {
87
- return { logs: [], total: 0, page: _args.page ?? 1, perPage: _args.perPage ?? 100, hasMore: false };
88
- }
89
- };
90
-
91
- // ../../packages/core/dist/chunk-WCAFTXGK.js
92
- var MastraBase = class {
93
- component = RegisteredLogger.LLM;
94
- logger;
95
- name;
96
- #rawConfig;
97
- constructor({
98
- component,
99
- name,
100
- rawConfig
101
- }) {
102
- this.component = component || RegisteredLogger.LLM;
103
- this.name = name;
104
- this.#rawConfig = rawConfig;
105
- this.logger = new ConsoleLogger({ name: `${this.component} - ${this.name}` });
106
- }
107
- /**
108
- * Returns the raw storage configuration this primitive was created from,
109
- * or undefined if it was created from code.
110
- */
111
- toRawConfig() {
112
- return this.#rawConfig;
113
- }
114
- /**
115
- * Sets the raw storage configuration for this primitive.
116
- * @internal
117
- */
118
- __setRawConfig(rawConfig) {
119
- this.#rawConfig = rawConfig;
120
- }
121
- /**
122
- * Set the logger for the agent
123
- * @param logger
124
- */
125
- __setLogger(logger) {
126
- this.logger = logger;
127
- if (this.component !== RegisteredLogger.LLM) {
128
- this.logger.debug(`Logger updated [component=${this.component}] [name=${this.name}]`);
129
- }
130
- }
131
- };
132
-
133
- // ../../packages/core/dist/server/index.js
134
- var MastraAuthProvider = class extends MastraBase {
135
- protected;
136
- public;
137
- constructor(options) {
138
- super({ component: "AUTH", name: options?.name });
139
- if (options?.authorizeUser) {
140
- this.authorizeUser = options.authorizeUser.bind(this);
141
- }
142
- this.protected = options?.protected;
143
- this.public = options?.public;
144
- }
145
- registerOptions(opts) {
146
- if (opts?.authorizeUser) {
147
- this.authorizeUser = opts.authorizeUser.bind(this);
148
- }
149
- if (opts?.protected) {
150
- this.protected = opts.protected;
151
- }
152
- if (opts?.public) {
153
- this.public = opts.public;
154
- }
155
- }
156
- };
3
+ var server = require('@mastra/core/server');
157
4
 
158
5
  // src/index.ts
159
- var MastraAuthBetterAuth = class extends MastraAuthProvider {
6
+ function mapBetterAuthUserToEEUser(user) {
7
+ return {
8
+ id: user.id,
9
+ email: user.email,
10
+ name: user.name,
11
+ avatarUrl: user.image ?? void 0,
12
+ metadata: {
13
+ emailVerified: user.emailVerified,
14
+ createdAt: user.createdAt,
15
+ updatedAt: user.updatedAt
16
+ }
17
+ };
18
+ }
19
+ var MastraAuthBetterAuth = class extends server.MastraAuthProvider {
160
20
  auth;
21
+ signUpEnabledConfig;
22
+ sessionCookieName;
161
23
  constructor(options) {
162
24
  super({ name: options?.name ?? "better-auth" });
163
25
  if (!options.auth) {
@@ -166,8 +28,65 @@ var MastraAuthBetterAuth = class extends MastraAuthProvider {
166
28
  );
167
29
  }
168
30
  this.auth = options.auth;
31
+ this.signUpEnabledConfig = options.signUpEnabled ?? true;
32
+ const authWithOptions = this.auth;
33
+ const prefix = authWithOptions.options?.advanced?.cookiePrefix ?? "better-auth";
34
+ this.sessionCookieName = `${prefix}.session_token`;
169
35
  this.registerOptions(options);
170
36
  }
37
+ /**
38
+ * Check if sign-up is enabled.
39
+ * Implements ICredentialsProvider.isSignUpEnabled.
40
+ */
41
+ isSignUpEnabled() {
42
+ return this.signUpEnabledConfig;
43
+ }
44
+ // ============================================
45
+ // IUserProvider implementation (EE capability)
46
+ // License check happens in buildCapabilities()
47
+ // ============================================
48
+ /**
49
+ * Get current user from request.
50
+ * Implements IUserProvider for EE user awareness in Studio.
51
+ *
52
+ * @param request - Incoming HTTP request
53
+ * @returns EE User object or null if not authenticated
54
+ */
55
+ async getCurrentUser(request) {
56
+ try {
57
+ const result = await this.auth.api.getSession({
58
+ headers: request.headers
59
+ });
60
+ if (!result?.user) return null;
61
+ return mapBetterAuthUserToEEUser(result.user);
62
+ } catch {
63
+ return null;
64
+ }
65
+ }
66
+ /**
67
+ * Get user by ID.
68
+ * Implements IUserProvider for EE user awareness.
69
+ *
70
+ * Note: Better Auth doesn't expose a direct getUser API.
71
+ * For full functionality, you may need to implement this using
72
+ * direct database access in a subclass.
73
+ *
74
+ * @param userId - User identifier
75
+ * @returns EE User object or null if not found
76
+ */
77
+ async getUser(_userId) {
78
+ console.warn(
79
+ "[MastraAuthBetterAuth] getUser() requires direct database access. Override this method in a subclass for full user lookup support."
80
+ );
81
+ return null;
82
+ }
83
+ /**
84
+ * Get URL to user's profile page.
85
+ * Optional IUserProvider method.
86
+ */
87
+ getUserProfileUrl(user) {
88
+ return `/profile/${user.id}`;
89
+ }
171
90
  /**
172
91
  * Authenticate a bearer token by verifying the session with Better Auth.
173
92
  *
@@ -181,16 +100,19 @@ var MastraAuthBetterAuth = class extends MastraAuthProvider {
181
100
  async authenticateToken(token, request) {
182
101
  try {
183
102
  const headers = new Headers();
184
- const authHeader = request.header("Authorization");
185
- if (authHeader) {
186
- headers.set("Authorization", authHeader);
187
- } else if (token) {
188
- headers.set("Authorization", `Bearer ${token}`);
189
- }
190
- const cookieHeader = request.header("Cookie");
103
+ const rawRequest = "raw" in request ? request.raw : request;
104
+ const cookieHeader = rawRequest.headers.get("Cookie");
191
105
  if (cookieHeader) {
192
106
  headers.set("Cookie", cookieHeader);
193
107
  }
108
+ const hasSessionCookie = !!cookieHeader?.split(";").some((pair) => {
109
+ const [key] = pair.trim().split("=");
110
+ return key?.trim() === this.sessionCookieName;
111
+ });
112
+ if (token && !hasSessionCookie) {
113
+ const existingCookies = cookieHeader ? `${cookieHeader}; ` : "";
114
+ headers.set("Cookie", `${existingCookies}${this.sessionCookieName}=${token}`);
115
+ }
194
116
  const result = await this.auth.api.getSession({
195
117
  headers
196
118
  });
@@ -218,6 +140,106 @@ var MastraAuthBetterAuth = class extends MastraAuthProvider {
218
140
  async authorizeUser(user) {
219
141
  return !!user?.session?.id && !!user?.user?.id;
220
142
  }
143
+ // ============================================
144
+ // ICredentialsProvider implementation (EE capability)
145
+ // License check happens in buildCapabilities()
146
+ // ============================================
147
+ /**
148
+ * Sign in with email and password.
149
+ * Implements ICredentialsProvider for EE credentials auth.
150
+ *
151
+ * @param email - User email
152
+ * @param password - User password
153
+ * @param request - Incoming HTTP request
154
+ * @returns Result with user and session cookies
155
+ * @throws Error if credentials are invalid
156
+ */
157
+ async signIn(email, password, request) {
158
+ const headers = request?.headers ?? new Headers();
159
+ const response = await this.auth.api.signInEmail({
160
+ body: { email, password },
161
+ headers,
162
+ asResponse: true
163
+ });
164
+ if (!response.ok) {
165
+ const errorData = await response.json().catch(() => ({}));
166
+ throw new Error(errorData.message || "Invalid email or password");
167
+ }
168
+ const result = await response.json();
169
+ if (!result?.user) {
170
+ throw new Error("Invalid email or password");
171
+ }
172
+ const cookies = [];
173
+ const setCookieHeader = response.headers.get("set-cookie");
174
+ if (setCookieHeader) {
175
+ cookies.push(...setCookieHeader.split(/,(?=\s*\w+=)/));
176
+ }
177
+ return {
178
+ user: mapBetterAuthUserToEEUser(result.user),
179
+ token: result.token ?? void 0,
180
+ cookies
181
+ };
182
+ }
183
+ /**
184
+ * Sign up with email and password.
185
+ * Implements ICredentialsProvider for EE credentials auth.
186
+ *
187
+ * @param email - User email
188
+ * @param password - User password
189
+ * @param name - Optional display name
190
+ * @param request - Incoming HTTP request
191
+ * @returns Result with new user and session cookies
192
+ * @throws Error if sign up fails
193
+ */
194
+ async signUp(email, password, name, request) {
195
+ const displayName = name ?? email.split("@")[0] ?? "User";
196
+ const headers = request?.headers ?? new Headers();
197
+ const response = await this.auth.api.signUpEmail({
198
+ body: { email, password, name: displayName },
199
+ headers,
200
+ asResponse: true
201
+ });
202
+ if (!response.ok) {
203
+ const errorData = await response.json().catch(() => ({}));
204
+ throw new Error(errorData.message || "Failed to create account");
205
+ }
206
+ const result = await response.json();
207
+ if (!result?.user) {
208
+ throw new Error("Failed to create account");
209
+ }
210
+ const cookies = [];
211
+ const setCookieHeader = response.headers.get("set-cookie");
212
+ if (setCookieHeader) {
213
+ cookies.push(...setCookieHeader.split(/,(?=\s*\w+=)/));
214
+ }
215
+ return {
216
+ user: mapBetterAuthUserToEEUser(result.user),
217
+ token: result.token ?? void 0,
218
+ cookies
219
+ };
220
+ }
221
+ /**
222
+ * Get the underlying Better Auth instance.
223
+ * Useful for accessing Better Auth APIs directly.
224
+ */
225
+ getAuth() {
226
+ return this.auth;
227
+ }
228
+ /**
229
+ * Get headers to clear the session cookies on logout.
230
+ * Partial ISessionProvider implementation for logout support.
231
+ *
232
+ * Clears Better Auth's default session cookies.
233
+ */
234
+ getClearSessionHeaders() {
235
+ const cookies = [
236
+ `${this.sessionCookieName}=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`,
237
+ `${this.sessionCookieName}_sig=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`
238
+ ];
239
+ return {
240
+ "Set-Cookie": cookies.join(", ")
241
+ };
242
+ }
221
243
  };
222
244
 
223
245
  exports.MastraAuthBetterAuth = MastraAuthBetterAuth;
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../packages/core/src/logger/constants.ts","../../../packages/core/src/logger/logger.ts","../../../packages/core/src/logger/default-logger.ts","../../../packages/core/src/base.ts","../../../packages/core/src/server/auth.ts","../src/index.ts"],"names":[],"mappings":";;;AACO,IAAM,gBAAA,GAAmB;EAM9B,GAAA,EAAK,KAaP,CAAA;AAIO,IAAM,QAAA,GAAW;EACtB,KAAA,EAAO,OAAA;EACP,IAAA,EAAM,MAAA;EACN,IAAA,EAAM,MAAA;EACN,KAAA,EAAO,OAET,CAAA;ACKO,IAAe,eAAf,MAAqD;AAChD,EAAA,IAAA;AACA,EAAA,KAAA;AACA,EAAA,UAAA;EAEV,WAAA,CACE,OAAA,GAII,EAAA,EACJ;AACA,IAAA,IAAA,CAAK,IAAA,GAAO,QAAQ,IAAA,IAAQ,QAAA;AAC5B,IAAA,IAAA,CAAK,KAAA,GAAQ,OAAA,CAAQ,KAAA,IAAS,QAAA,CAAS,KAAA;AACvC,IAAA,IAAA,CAAK,UAAA,GAAa,IAAI,GAAA,CAAI,MAAA,CAAO,QAAQ,OAAA,CAAQ,UAAA,IAAc,EAAE,CAAC,CAAA;AACpE,EAAA;EAOA,aAAA,GAAgB;AACd,IAAA,OAAO,IAAA,CAAK,UAAA;AACd,EAAA;AAEA,EAAA,cAAA,CAAe,MAAA,EAAqB;AAAC,EAAA;EAErC,MAAM,QAAA,CACJ,aACA,MAAA,EAQA;AACA,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,KAAK,UAAA,CAAW,GAAA,CAAI,WAAW,CAAA,EAAG;AACrD,MAAA,OAAO,EAAE,IAAA,EAAM,EAAA,EAAI,OAAO,CAAA,EAAG,IAAA,EAAM,MAAA,EAAQ,IAAA,IAAQ,GAAG,OAAA,EAAS,MAAA,EAAQ,OAAA,IAAW,GAAA,EAAK,SAAS,KAAA,EAAA;AAClG,IAAA;AAEA,IAAA,OACE,KAAK,UAAA,CAAW,GAAA,CAAI,WAAW,CAAA,CAAG,QAAA,CAAS,MAAM,CAAA,IAAK;AACpD,MAAA,IAAA,EAAM,EAAA;MACN,KAAA,EAAO,CAAA;AACP,MAAA,IAAA,EAAM,QAAQ,IAAA,IAAQ,CAAA;AACtB,MAAA,OAAA,EAAS,QAAQ,OAAA,IAAW,GAAA;MAC5B,OAAA,EAAS;AAAA,KAAA;AAGf,EAAA;AAEA,EAAA,MAAM,eAAA,CAAgB;AACpB,IAAA,WAAA;AACA,IAAA,KAAA;AACA,IAAA,QAAA;AACA,IAAA,MAAA;AACA,IAAA,QAAA;AACA,IAAA,OAAA;AACA,IAAA,IAAA;AACA,IAAA;GAAA,EAUC;AACD,IAAA,IAAI,CAAC,eAAe,CAAC,IAAA,CAAK,WAAW,GAAA,CAAI,WAAW,CAAA,IAAK,CAAC,KAAA,EAAO;AAC/D,MAAA,OAAO,EAAE,IAAA,EAAM,EAAA,EAAI,KAAA,EAAO,CAAA,EAAG,IAAA,EAAM,IAAA,IAAQ,CAAA,EAAG,OAAA,EAAS,OAAA,IAAW,GAAA,EAAK,SAAS,KAAA,EAAA;AAClF,IAAA;AAEA,IAAA,OACE,IAAA,CAAK,UAAA,CACF,GAAA,CAAI,WAAW,EACf,eAAA,CAAgB,EAAE,KAAA,EAAO,QAAA,EAAU,QAAQ,QAAA,EAAU,OAAA,EAAS,IAAA,EAAM,OAAA,EAAS,CAAA,IAAK;AACnF,MAAA,IAAA,EAAM,EAAA;MACN,KAAA,EAAO,CAAA;AACP,MAAA,IAAA,EAAM,IAAA,IAAQ,CAAA;AACd,MAAA,OAAA,EAAS,OAAA,IAAW,GAAA;MACpB,OAAA,EAAS;AAAA,KAAA;AAGf,EAAA;AACF,CAAA;AC5GO,IAAM,aAAA,GAAN,cAA4B,YAAA,CAAa;EAC9C,WAAA,CACE,OAAA,GAGI,EAAA,EACJ;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AACf,EAAA;AAEA,EAAA,KAAA,CAAM,YAAoB,IAAA,EAAmB;AAC3C,IAAA,IAAI,IAAA,CAAK,KAAA,KAAU,QAAA,CAAS,KAAA,EAAO;AACjC,MAAA,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,GAAG,IAAI,CAAA;AAC/B,IAAA;AACF,EAAA;AAEA,EAAA,IAAA,CAAK,YAAoB,IAAA,EAAmB;AAC1C,IAAA,IAAI,KAAK,KAAA,KAAU,QAAA,CAAS,QAAQ,IAAA,CAAK,KAAA,KAAU,SAAS,KAAA,EAAO;AACjE,MAAA,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,GAAG,IAAI,CAAA;AAC/B,IAAA;AACF,EAAA;AAEA,EAAA,IAAA,CAAK,YAAoB,IAAA,EAAmB;AAC1C,IAAA,IAAI,IAAA,CAAK,KAAA,KAAU,QAAA,CAAS,IAAA,IAAQ,IAAA,CAAK,KAAA,KAAU,QAAA,CAAS,IAAA,IAAQ,IAAA,CAAK,KAAA,KAAU,QAAA,CAAS,KAAA,EAAO;AACjG,MAAA,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,GAAG,IAAI,CAAA;AAC/B,IAAA;AACF,EAAA;AAEA,EAAA,KAAA,CAAM,YAAoB,IAAA,EAAmB;AAC3C,IAAA,IACE,IAAA,CAAK,KAAA,KAAU,QAAA,CAAS,KAAA,IACxB,KAAK,KAAA,KAAU,QAAA,CAAS,IAAA,IACxB,IAAA,CAAK,UAAU,QAAA,CAAS,IAAA,IACxB,IAAA,CAAK,KAAA,KAAU,SAAS,KAAA,EACxB;AACA,MAAA,OAAA,CAAQ,KAAA,CAAM,OAAA,EAAS,GAAG,IAAI,CAAA;AAChC,IAAA;AACF,EAAA;EAEA,MAAM,QAAA,CACJ,cACA,OAAA,EAQA;AACA,IAAA,OAAO,EAAE,IAAA,EAAM,EAAA,EAAI,OAAO,CAAA,EAAG,IAAA,EAAM,OAAA,EAAS,IAAA,IAAQ,GAAG,OAAA,EAAS,OAAA,EAAS,OAAA,IAAW,GAAA,EAAK,SAAS,KAAA,EAAA;AACpG,EAAA;AAEA,EAAA,MAAM,gBAAgB,KAAA,EASnB;AACD,IAAA,OAAO,EAAE,IAAA,EAAM,EAAA,EAAI,OAAO,CAAA,EAAG,IAAA,EAAM,KAAA,CAAM,IAAA,IAAQ,GAAG,OAAA,EAAS,KAAA,CAAM,OAAA,IAAW,GAAA,EAAK,SAAS,KAAA,EAAA;AAC9F,EAAA;AACF,CAAA;;;AC7EO,IAAM,aAAN,MAAiB;AACtB,EAAA,SAAA,GAA8B,gBAAA,CAAiB,GAAA;AACrC,EAAA,MAAA;AACV,EAAA,IAAA;AACA,EAAA,UAAA;EAEA,WAAA,CAAY;AACV,IAAA,SAAA;AACA,IAAA,IAAA;AACA,IAAA;GAAA,EAKC;AACD,IAAA,IAAA,CAAK,SAAA,GAAY,aAAa,gBAAA,CAAiB,GAAA;AAC/C,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AACZ,IAAA,IAAA,CAAK,UAAA,GAAa,SAAA;AAClB,IAAA,IAAA,CAAK,MAAA,GAAS,IAAI,aAAA,CAAc,EAAE,IAAA,EAAM,CAAA,EAAG,IAAA,CAAK,SAAS,CAAA,GAAA,EAAM,IAAA,CAAK,IAAI,CAAA,CAAA,EAAI,CAAA;AAC9E,EAAA;;;;;EAMA,WAAA,GAAmD;AACjD,IAAA,OAAO,IAAA,CAAK,UAAA;AACd,EAAA;;;;;AAMA,EAAA,cAAA,CAAe,SAAA,EAA0C;AACvD,IAAA,IAAA,CAAK,UAAA,GAAa,SAAA;AACpB,EAAA;;;;;AAMA,EAAA,WAAA,CAAY,MAAA,EAAuB;AACjC,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAEd,IAAA,IAAI,IAAA,CAAK,SAAA,KAAc,gBAAA,CAAiB,GAAA,EAAK;AAC3C,MAAA,IAAA,CAAK,MAAA,CAAO,MAAM,CAAA,0BAAA,EAA6B,IAAA,CAAK,SAAS,CAAA,QAAA,EAAW,IAAA,CAAK,IAAI,CAAA,CAAA,CAAG,CAAA;AACtF,IAAA;AACF,EAAA;AACF,CAAA;;;ACnCO,IAAe,kBAAA,GAAf,cAA2D,UAAA,CAAW;AACpE,EAAA,SAAA;AACA,EAAA,MAAA;AAEP,EAAA,WAAA,CAAY,OAAA,EAA4C;AACtD,IAAA,KAAA,CAAM,EAAE,SAAA,EAAW,MAAA,EAAQ,IAAA,EAAM,OAAA,EAAS,MAAM,CAAA;AAEhD,IAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,MAAA,IAAA,CAAK,aAAA,GAAgB,OAAA,CAAQ,aAAA,CAAc,IAAA,CAAK,IAAI,CAAA;AACtD,IAAA;AAEA,IAAA,IAAA,CAAK,YAAY,OAAA,EAAS,SAAA;AAC1B,IAAA,IAAA,CAAK,SAAS,OAAA,EAAS,MAAA;AACzB,EAAA;AAkBU,EAAA,eAAA,CAAgB,IAAA,EAAyC;AACjE,IAAA,IAAI,MAAM,aAAA,EAAe;AACvB,MAAA,IAAA,CAAK,aAAA,GAAgB,IAAA,CAAK,aAAA,CAAc,IAAA,CAAK,IAAI,CAAA;AACnD,IAAA;AACA,IAAA,IAAI,MAAM,SAAA,EAAW;AACnB,MAAA,IAAA,CAAK,YAAY,IAAA,CAAK,SAAA;AACxB,IAAA;AACA,IAAA,IAAI,MAAM,MAAA,EAAQ;AAChB,MAAA,IAAA,CAAK,SAAS,IAAA,CAAK,MAAA;AACrB,IAAA;AACF,EAAA;AACF,CAAA;;;ACAO,IAAM,oBAAA,GAAN,cAAmC,kBAAA,CAAmC;AAAA,EACjE,IAAA;AAAA,EAEV,YAAY,OAAA,EAAsC;AAChD,IAAA,KAAA,CAAM,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,IAAQ,eAAe,CAAA;AAE9C,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,OAAO,OAAA,CAAQ,IAAA;AAEpB,IAAA,IAAA,CAAK,gBAAgB,OAAO,CAAA;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,iBAAA,CAAkB,KAAA,EAAe,OAAA,EAAsD;AAC3F,IAAA,IAAI;AAGF,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAG5B,MAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,MAAA,CAAO,eAAe,CAAA;AACjD,MAAA,IAAI,UAAA,EAAY;AACd,QAAA,OAAA,CAAQ,GAAA,CAAI,iBAAiB,UAAU,CAAA;AAAA,MACzC,WAAW,KAAA,EAAO;AAEhB,QAAA,OAAA,CAAQ,GAAA,CAAI,eAAA,EAAiB,CAAA,OAAA,EAAU,KAAK,CAAA,CAAE,CAAA;AAAA,MAChD;AAGA,MAAA,MAAM,YAAA,GAAe,OAAA,CAAQ,MAAA,CAAO,QAAQ,CAAA;AAC5C,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAU,YAAY,CAAA;AAAA,MACpC;AAGA,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,UAAA,CAAW;AAAA,QAC5C;AAAA,OACD,CAAA;AAED,MAAA,IAAI,CAAC,MAAA,IAAU,CAAC,OAAO,OAAA,IAAW,CAAC,OAAO,IAAA,EAAM;AAC9C,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,OAAO;AAAA,QACL,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,MAAM,MAAA,CAAO;AAAA,OACf;AAAA,IACF,CAAA,CAAA,MAAQ;AAEN,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,cAAc,IAAA,EAAwC;AAE1D,IAAA,OAAO,CAAC,CAAC,IAAA,EAAM,OAAA,EAAS,MAAM,CAAC,CAAC,MAAM,IAAA,EAAM,EAAA;AAAA,EAC9C;AACF","file":"index.cjs","sourcesContent":["// Constants and Types (keeping from original implementation)\nexport const RegisteredLogger = {\n AGENT: 'AGENT',\n OBSERVABILITY: 'OBSERVABILITY',\n AUTH: 'AUTH',\n NETWORK: 'NETWORK',\n WORKFLOW: 'WORKFLOW',\n LLM: 'LLM',\n TTS: 'TTS',\n VOICE: 'VOICE',\n VECTOR: 'VECTOR',\n BUNDLER: 'BUNDLER',\n DEPLOYER: 'DEPLOYER',\n MEMORY: 'MEMORY',\n STORAGE: 'STORAGE',\n EMBEDDINGS: 'EMBEDDINGS',\n MCP_SERVER: 'MCP_SERVER',\n SERVER_CACHE: 'SERVER_CACHE',\n SERVER: 'SERVER',\n WORKSPACE: 'WORKSPACE',\n} as const;\n\nexport type RegisteredLogger = (typeof RegisteredLogger)[keyof typeof RegisteredLogger];\n\nexport const LogLevel = {\n DEBUG: 'debug',\n INFO: 'info',\n WARN: 'warn',\n ERROR: 'error',\n NONE: 'silent',\n} as const;\n\nexport type LogLevel = (typeof LogLevel)[keyof typeof LogLevel];\n","import type { MastraError } from '../error';\nimport { LogLevel } from './constants';\nimport type { BaseLogMessage, LoggerTransport } from './transport';\n\nexport interface IMastraLogger {\n debug(message: string, ...args: any[]): void;\n info(message: string, ...args: any[]): void;\n warn(message: string, ...args: any[]): void;\n error(message: string, ...args: any[]): void;\n trackException(error: MastraError): void;\n\n getTransports(): Map<string, LoggerTransport>;\n listLogs(\n _transportId: string,\n _params?: {\n fromDate?: Date;\n toDate?: Date;\n logLevel?: LogLevel;\n filters?: Record<string, any>;\n page?: number;\n perPage?: number;\n },\n ): Promise<{ logs: BaseLogMessage[]; total: number; page: number; perPage: number; hasMore: boolean }>;\n listLogsByRunId(_args: {\n transportId: string;\n runId: string;\n fromDate?: Date;\n toDate?: Date;\n logLevel?: LogLevel;\n filters?: Record<string, any>;\n page?: number;\n perPage?: number;\n }): Promise<{ logs: BaseLogMessage[]; total: number; page: number; perPage: number; hasMore: boolean }>;\n}\n\nexport abstract class MastraLogger implements IMastraLogger {\n protected name: string;\n protected level: LogLevel;\n protected transports: Map<string, LoggerTransport>;\n\n constructor(\n options: {\n name?: string;\n level?: LogLevel;\n transports?: Record<string, LoggerTransport>;\n } = {},\n ) {\n this.name = options.name || 'Mastra';\n this.level = options.level || LogLevel.ERROR;\n this.transports = new Map(Object.entries(options.transports || {}));\n }\n\n abstract debug(message: string, ...args: any[]): void;\n abstract info(message: string, ...args: any[]): void;\n abstract warn(message: string, ...args: any[]): void;\n abstract error(message: string, ...args: any[]): void;\n\n getTransports() {\n return this.transports;\n }\n\n trackException(_error: MastraError) {}\n\n async listLogs(\n transportId: string,\n params?: {\n fromDate?: Date;\n toDate?: Date;\n logLevel?: LogLevel;\n filters?: Record<string, any>;\n page?: number;\n perPage?: number;\n },\n ) {\n if (!transportId || !this.transports.has(transportId)) {\n return { logs: [], total: 0, page: params?.page ?? 1, perPage: params?.perPage ?? 100, hasMore: false };\n }\n\n return (\n this.transports.get(transportId)!.listLogs(params) ?? {\n logs: [],\n total: 0,\n page: params?.page ?? 1,\n perPage: params?.perPage ?? 100,\n hasMore: false,\n }\n );\n }\n\n async listLogsByRunId({\n transportId,\n runId,\n fromDate,\n toDate,\n logLevel,\n filters,\n page,\n perPage,\n }: {\n transportId: string;\n runId: string;\n fromDate?: Date;\n toDate?: Date;\n logLevel?: LogLevel;\n filters?: Record<string, any>;\n page?: number;\n perPage?: number;\n }) {\n if (!transportId || !this.transports.has(transportId) || !runId) {\n return { logs: [], total: 0, page: page ?? 1, perPage: perPage ?? 100, hasMore: false };\n }\n\n return (\n this.transports\n .get(transportId)!\n .listLogsByRunId({ runId, fromDate, toDate, logLevel, filters, page, perPage }) ?? {\n logs: [],\n total: 0,\n page: page ?? 1,\n perPage: perPage ?? 100,\n hasMore: false,\n }\n );\n }\n}\n","import { LogLevel } from './constants';\nimport { MastraLogger } from './logger';\nimport type { LoggerTransport } from './transport';\n\nexport const createLogger = (options: {\n name?: string;\n level?: LogLevel;\n transports?: Record<string, LoggerTransport>;\n}) => {\n const logger = new ConsoleLogger(options);\n\n logger.warn(`createLogger is deprecated. Please use \"new ConsoleLogger()\" from \"@mastra/core/logger\" instead.`);\n\n return logger;\n};\n\nexport class ConsoleLogger extends MastraLogger {\n constructor(\n options: {\n name?: string;\n level?: LogLevel;\n } = {},\n ) {\n super(options);\n }\n\n debug(message: string, ...args: any[]): void {\n if (this.level === LogLevel.DEBUG) {\n console.info(message, ...args);\n }\n }\n\n info(message: string, ...args: any[]): void {\n if (this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {\n console.info(message, ...args);\n }\n }\n\n warn(message: string, ...args: any[]): void {\n if (this.level === LogLevel.WARN || this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {\n console.info(message, ...args);\n }\n }\n\n error(message: string, ...args: any[]): void {\n if (\n this.level === LogLevel.ERROR ||\n this.level === LogLevel.WARN ||\n this.level === LogLevel.INFO ||\n this.level === LogLevel.DEBUG\n ) {\n console.error(message, ...args);\n }\n }\n\n async listLogs(\n _transportId: string,\n _params?: {\n fromDate?: Date;\n toDate?: Date;\n logLevel?: LogLevel;\n filters?: Record<string, any>;\n page?: number;\n perPage?: number;\n },\n ) {\n return { logs: [], total: 0, page: _params?.page ?? 1, perPage: _params?.perPage ?? 100, hasMore: false };\n }\n\n async listLogsByRunId(_args: {\n transportId: string;\n runId: string;\n fromDate?: Date;\n toDate?: Date;\n logLevel?: LogLevel;\n filters?: Record<string, any>;\n page?: number;\n perPage?: number;\n }) {\n return { logs: [], total: 0, page: _args.page ?? 1, perPage: _args.perPage ?? 100, hasMore: false };\n }\n}\n","import type { IMastraLogger } from './logger';\nimport { RegisteredLogger } from './logger/constants';\nimport { ConsoleLogger } from './logger/default-logger';\n\nexport class MastraBase {\n component: RegisteredLogger = RegisteredLogger.LLM;\n protected logger: IMastraLogger;\n name?: string;\n #rawConfig?: Record<string, unknown>;\n\n constructor({\n component,\n name,\n rawConfig,\n }: {\n component?: RegisteredLogger;\n name?: string;\n rawConfig?: Record<string, unknown>;\n }) {\n this.component = component || RegisteredLogger.LLM;\n this.name = name;\n this.#rawConfig = rawConfig;\n this.logger = new ConsoleLogger({ name: `${this.component} - ${this.name}` });\n }\n\n /**\n * Returns the raw storage configuration this primitive was created from,\n * or undefined if it was created from code.\n */\n toRawConfig(): Record<string, unknown> | undefined {\n return this.#rawConfig;\n }\n\n /**\n * Sets the raw storage configuration for this primitive.\n * @internal\n */\n __setRawConfig(rawConfig: Record<string, unknown>): void {\n this.#rawConfig = rawConfig;\n }\n\n /**\n * Set the logger for the agent\n * @param logger\n */\n __setLogger(logger: IMastraLogger) {\n this.logger = logger;\n\n if (this.component !== RegisteredLogger.LLM) {\n this.logger.debug(`Logger updated [component=${this.component}] [name=${this.name}]`);\n }\n }\n}\n\nexport * from './types';\n","import type { HonoRequest } from 'hono';\nimport { MastraBase } from '../base';\nimport type { MastraAuthConfig } from './types';\n\nexport interface MastraAuthProviderOptions<TUser = unknown> {\n name?: string;\n authorizeUser?: (user: TUser, request: HonoRequest) => Promise<boolean> | boolean;\n /**\n * Protected paths for the auth provider\n */\n protected?: MastraAuthConfig['protected'];\n /**\n * Public paths for the auth provider\n */\n public?: MastraAuthConfig['public'];\n}\n\nexport abstract class MastraAuthProvider<TUser = unknown> extends MastraBase {\n public protected?: MastraAuthConfig['protected'];\n public public?: MastraAuthConfig['public'];\n\n constructor(options?: MastraAuthProviderOptions<TUser>) {\n super({ component: 'AUTH', name: options?.name });\n\n if (options?.authorizeUser) {\n this.authorizeUser = options.authorizeUser.bind(this);\n }\n\n this.protected = options?.protected;\n this.public = options?.public;\n }\n\n /**\n * Authenticate a token and return the payload\n * @param token - The token to authenticate\n * @param request - The request\n * @returns The payload\n */\n abstract authenticateToken(token: string, request: HonoRequest): Promise<TUser | null>;\n\n /**\n * Authorize a user for a path and method\n * @param user - The user to authorize\n * @param request - The request\n * @returns The authorization result\n */\n abstract authorizeUser(user: TUser, request: HonoRequest): Promise<boolean> | boolean;\n\n protected registerOptions(opts?: MastraAuthProviderOptions<TUser>) {\n if (opts?.authorizeUser) {\n this.authorizeUser = opts.authorizeUser.bind(this);\n }\n if (opts?.protected) {\n this.protected = opts.protected;\n }\n if (opts?.public) {\n this.public = opts.public;\n }\n }\n}\n","import type { MastraAuthProviderOptions } from '@mastra/core/server';\nimport { MastraAuthProvider } from '@mastra/core/server';\n\nimport type { Auth, Session, User } from 'better-auth';\nimport type { HonoRequest } from 'hono';\n\n/**\n * User type returned by Better Auth session verification\n */\nexport interface BetterAuthUser {\n session: Session;\n user: User;\n}\n\ninterface MastraAuthBetterAuthOptions extends MastraAuthProviderOptions<BetterAuthUser> {\n /**\n * The Better Auth instance to use for authentication.\n * This should be the result of calling `betterAuth({ ... })`.\n */\n auth: Auth;\n}\n\n/**\n * Mastra authentication provider for Better Auth.\n *\n * Better Auth is a self-hosted, open-source authentication framework\n * that gives you full control over your authentication system.\n *\n * @example\n * ```typescript\n * import { betterAuth } from 'better-auth';\n * import { MastraAuthBetterAuth } from '@mastra/auth-better-auth';\n *\n * // Create your Better Auth instance\n * const auth = betterAuth({\n * database: {\n * provider: 'postgresql',\n * url: process.env.DATABASE_URL!,\n * },\n * emailAndPassword: {\n * enabled: true,\n * },\n * });\n *\n * // Create the Mastra auth provider\n * const mastraAuth = new MastraAuthBetterAuth({\n * auth,\n * });\n *\n * // Use with Mastra\n * const mastra = new Mastra({\n * server: {\n * auth: mastraAuth,\n * },\n * });\n * ```\n *\n * @see https://better-auth.com for Better Auth documentation\n */\nexport class MastraAuthBetterAuth extends MastraAuthProvider<BetterAuthUser> {\n protected auth: Auth;\n\n constructor(options: MastraAuthBetterAuthOptions) {\n super({ name: options?.name ?? 'better-auth' });\n\n if (!options.auth) {\n throw new Error(\n 'Better Auth instance is required. Please provide the auth option with your Better Auth instance created via betterAuth({ ... })',\n );\n }\n\n this.auth = options.auth;\n\n this.registerOptions(options);\n }\n\n /**\n * Authenticate a bearer token by verifying the session with Better Auth.\n *\n * This method extracts the session from the request headers using\n * Better Auth's `api.getSession()` endpoint.\n *\n * @param token - The bearer token (session token) to authenticate\n * @param request - The Hono request object containing headers\n * @returns The authenticated user and session, or null if authentication fails\n */\n async authenticateToken(token: string, request: HonoRequest): Promise<BetterAuthUser | null> {\n try {\n // Better Auth expects the token to be passed via headers\n // We need to construct headers with the Authorization bearer token\n const headers = new Headers();\n\n // Copy relevant headers from the request\n const authHeader = request.header('Authorization');\n if (authHeader) {\n headers.set('Authorization', authHeader);\n } else if (token) {\n // If no auth header but token is provided, set it\n headers.set('Authorization', `Bearer ${token}`);\n }\n\n // Copy cookie header if present (Better Auth can use cookies for sessions)\n const cookieHeader = request.header('Cookie');\n if (cookieHeader) {\n headers.set('Cookie', cookieHeader);\n }\n\n // Use Better Auth's API to get the session\n const result = await this.auth.api.getSession({\n headers,\n });\n\n if (!result || !result.session || !result.user) {\n return null;\n }\n\n return {\n session: result.session,\n user: result.user,\n };\n } catch {\n // Session verification failed\n return null;\n }\n }\n\n /**\n * Authorize a user for access.\n *\n * By default, any authenticated user with a valid session is authorized.\n * You can override this behavior by providing a custom `authorizeUser` function\n * in the constructor options.\n *\n * @param user - The authenticated user and session\n * @returns True if the user is authorized, false otherwise\n */\n async authorizeUser(user: BetterAuthUser): Promise<boolean> {\n // By default, any authenticated user with a valid session is authorized\n return !!user?.session?.id && !!user?.user?.id;\n }\n}\n"]}
1
+ {"version":3,"sources":["../src/index.ts"],"names":["MastraAuthProvider"],"mappings":";;;;;AAoBA,SAAS,0BAA0B,IAAA,EAAoB;AACrD,EAAA,OAAO;AAAA,IACL,IAAI,IAAA,CAAK,EAAA;AAAA,IACT,OAAO,IAAA,CAAK,KAAA;AAAA,IACZ,MAAM,IAAA,CAAK,IAAA;AAAA,IACX,SAAA,EAAW,KAAK,KAAA,IAAS,MAAA;AAAA,IACzB,QAAA,EAAU;AAAA,MACR,eAAe,IAAA,CAAK,aAAA;AAAA,MACpB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA;AAClB,GACF;AACF;AAsDO,IAAM,oBAAA,GAAN,cACGA,yBAAA,CAEV;AAAA,EACY,IAAA;AAAA,EACA,mBAAA;AAAA,EACH,iBAAA;AAAA,EAEP,YAAY,OAAA,EAAsC;AAChD,IAAA,KAAA,CAAM,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,IAAQ,eAAe,CAAA;AAE9C,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,OAAO,OAAA,CAAQ,IAAA;AACpB,IAAA,IAAA,CAAK,mBAAA,GAAsB,QAAQ,aAAA,IAAiB,IAAA;AAGpD,IAAA,MAAM,kBAAkB,IAAA,CAAK,IAAA;AAC7B,IAAA,MAAM,MAAA,GAAS,eAAA,CAAgB,OAAA,EAAS,QAAA,EAAU,YAAA,IAAgB,aAAA;AAClE,IAAA,IAAA,CAAK,iBAAA,GAAoB,GAAG,MAAM,CAAA,cAAA,CAAA;AAElC,IAAA,IAAA,CAAK,gBAAgB,OAAO,CAAA;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,eAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,mBAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,MAAM,eAAe,OAAA,EAA0C;AAC7D,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,UAAA,CAAW;AAAA,QAC5C,SAAS,OAAA,CAAQ;AAAA,OAClB,CAAA;AAED,MAAA,IAAI,CAAC,MAAA,EAAQ,IAAA,EAAM,OAAO,IAAA;AAC1B,MAAA,OAAO,yBAAA,CAA0B,OAAO,IAAI,CAAA;AAAA,IAC9C,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,QAAQ,OAAA,EAAyC;AAIrD,IAAA,OAAA,CAAQ,IAAA;AAAA,MACN;AAAA,KAEF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,kBAAkB,IAAA,EAAsB;AACtC,IAAA,OAAO,CAAA,SAAA,EAAY,KAAK,EAAE,CAAA,CAAA;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,iBAAA,CAAkB,KAAA,EAAe,OAAA,EAAsD;AAC3F,IAAA,IAAI;AAEF,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAI5B,MAAA,MAAM,UAAA,GAAsB,KAAA,IAAS,OAAA,GAAW,OAAA,CAAgB,GAAA,GAAO,OAAA;AAEvE,MAAA,MAAM,YAAA,GAAe,UAAA,CAAW,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAU,YAAY,CAAA;AAAA,MACpC;AAIA,MAAA,MAAM,gBAAA,GAAmB,CAAC,CAAC,YAAA,EAAc,MAAM,GAAG,CAAA,CAAE,KAAK,CAAA,IAAA,KAAQ;AAC/D,QAAA,MAAM,CAAC,GAAG,CAAA,GAAI,KAAK,IAAA,EAAK,CAAE,MAAM,GAAG,CAAA;AACnC,QAAA,OAAO,GAAA,EAAK,IAAA,EAAK,KAAM,IAAA,CAAK,iBAAA;AAAA,MAC9B,CAAC,CAAA;AACD,MAAA,IAAI,KAAA,IAAS,CAAC,gBAAA,EAAkB;AAC9B,QAAA,MAAM,eAAA,GAAkB,YAAA,GAAe,CAAA,EAAG,YAAY,CAAA,EAAA,CAAA,GAAO,EAAA;AAC7D,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA,EAAG,eAAe,GAAG,IAAA,CAAK,iBAAiB,CAAA,CAAA,EAAI,KAAK,CAAA,CAAE,CAAA;AAAA,MAC9E;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,UAAA,CAAW;AAAA,QAC5C;AAAA,OACD,CAAA;AAED,MAAA,IAAI,CAAC,MAAA,IAAU,CAAC,OAAO,OAAA,IAAW,CAAC,OAAO,IAAA,EAAM;AAC9C,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,OAAO;AAAA,QACL,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,MAAM,MAAA,CAAO;AAAA,OACf;AAAA,IACF,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,cAAc,IAAA,EAAwC;AAE1D,IAAA,OAAO,CAAC,CAAC,IAAA,EAAM,OAAA,EAAS,MAAM,CAAC,CAAC,MAAM,IAAA,EAAM,EAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,MAAM,MAAA,CAAO,KAAA,EAAe,QAAA,EAAkB,OAAA,EAAsD;AAClG,IAAA,MAAM,OAAA,GAAU,OAAA,EAAS,OAAA,IAAW,IAAI,OAAA,EAAQ;AAGhD,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,WAAA,CAAY;AAAA,MAC/C,IAAA,EAAM,EAAE,KAAA,EAAO,QAAA,EAAS;AAAA,MACxB,OAAA;AAAA,MACA,UAAA,EAAY;AAAA,KACb,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACzD,MAAA,MAAM,IAAI,KAAA,CAAM,SAAA,CAAU,OAAA,IAAW,2BAA2B,CAAA;AAAA,IAClE;AAEA,IAAA,MAAM,MAAA,GAAU,MAAM,QAAA,CAAS,IAAA,EAAK;AAEpC,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,MAAM,2BAA2B,CAAA;AAAA,IAC7C;AAGA,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,MAAM,eAAA,GAAkB,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,YAAY,CAAA;AACzD,IAAA,IAAI,eAAA,EAAiB;AAEnB,MAAA,OAAA,CAAQ,IAAA,CAAK,GAAG,eAAA,CAAgB,KAAA,CAAM,cAAc,CAAC,CAAA;AAAA,IACvD;AAEA,IAAA,OAAO;AAAA,MACL,IAAA,EAAM,yBAAA,CAA0B,MAAA,CAAO,IAAI,CAAA;AAAA,MAC3C,KAAA,EAAO,OAAO,KAAA,IAAS,MAAA;AAAA,MACvB;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,MAAA,CACJ,KAAA,EACA,QAAA,EACA,MACA,OAAA,EACoC;AACpC,IAAA,MAAM,cAAc,IAAA,IAAQ,KAAA,CAAM,MAAM,GAAG,CAAA,CAAE,CAAC,CAAA,IAAK,MAAA;AACnD,IAAA,MAAM,OAAA,GAAU,OAAA,EAAS,OAAA,IAAW,IAAI,OAAA,EAAQ;AAGhD,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,WAAA,CAAY;AAAA,MAC/C,IAAA,EAAM,EAAE,KAAA,EAAO,QAAA,EAAU,MAAM,WAAA,EAAY;AAAA,MAC3C,OAAA;AAAA,MACA,UAAA,EAAY;AAAA,KACb,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACzD,MAAA,MAAM,IAAI,KAAA,CAAM,SAAA,CAAU,OAAA,IAAW,0BAA0B,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,MAAA,GAAU,MAAM,QAAA,CAAS,IAAA,EAAK;AAEpC,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,MAAM,0BAA0B,CAAA;AAAA,IAC5C;AAGA,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,MAAM,eAAA,GAAkB,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,YAAY,CAAA;AACzD,IAAA,IAAI,eAAA,EAAiB;AAEnB,MAAA,OAAA,CAAQ,IAAA,CAAK,GAAG,eAAA,CAAgB,KAAA,CAAM,cAAc,CAAC,CAAA;AAAA,IACvD;AAEA,IAAA,OAAO;AAAA,MACL,IAAA,EAAM,yBAAA,CAA0B,MAAA,CAAO,IAAI,CAAA;AAAA,MAC3C,KAAA,EAAO,OAAO,KAAA,IAAS,MAAA;AAAA,MACvB;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,OAAA,GAAgB;AACd,IAAA,OAAO,IAAA,CAAK,IAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,sBAAA,GAAiD;AAE/C,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,CAAA,EAAG,KAAK,iBAAiB,CAAA,4CAAA,CAAA;AAAA,MACzB,CAAA,EAAG,KAAK,iBAAiB,CAAA,gDAAA;AAAA,KAC3B;AACA,IAAA,OAAO;AAAA,MACL,YAAA,EAAc,OAAA,CAAQ,IAAA,CAAK,IAAI;AAAA,KACjC;AAAA,EACF;AACF","file":"index.cjs","sourcesContent":["import type { IUserProvider, ICredentialsProvider, CredentialsResult } from '@mastra/core/auth';\nimport type { EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProviderOptions } from '@mastra/core/server';\nimport { MastraAuthProvider } from '@mastra/core/server';\n\nimport type { Auth, Session, User } from 'better-auth';\nimport type { HonoRequest } from 'hono';\n\n/**\n * User type returned by Better Auth session verification.\n * Used internally for authentication token verification.\n */\nexport interface BetterAuthUser {\n session: Session;\n user: User;\n}\n\n/**\n * Maps Better Auth User to EE User format.\n */\nfunction mapBetterAuthUserToEEUser(user: User): EEUser {\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.image ?? undefined,\n metadata: {\n emailVerified: user.emailVerified,\n createdAt: user.createdAt,\n updatedAt: user.updatedAt,\n },\n };\n}\n\ninterface MastraAuthBetterAuthOptions extends MastraAuthProviderOptions<BetterAuthUser> {\n /**\n * The Better Auth instance to use for authentication.\n * This should be the result of calling `betterAuth({ ... })`.\n */\n auth: Auth;\n\n /**\n * Whether to allow new user registration via sign-up.\n * Set to false to disable public registration.\n * @default true\n */\n signUpEnabled?: boolean;\n}\n\n/**\n * Mastra authentication provider for Better Auth.\n *\n * Better Auth is a self-hosted, open-source authentication framework\n * that gives you full control over your authentication system.\n *\n * @example\n * ```typescript\n * import { betterAuth } from 'better-auth';\n * import { MastraAuthBetterAuth } from '@mastra/auth-better-auth';\n *\n * // Create your Better Auth instance\n * const auth = betterAuth({\n * database: {\n * provider: 'postgresql',\n * url: process.env.DATABASE_URL!,\n * },\n * emailAndPassword: {\n * enabled: true,\n * },\n * });\n *\n * // Create the Mastra auth provider\n * const mastraAuth = new MastraAuthBetterAuth({\n * auth,\n * });\n *\n * // Use with Mastra\n * const mastra = new Mastra({\n * server: {\n * auth: mastraAuth,\n * },\n * });\n * ```\n *\n * @see https://better-auth.com for Better Auth documentation\n */\nexport class MastraAuthBetterAuth\n extends MastraAuthProvider<BetterAuthUser>\n implements IUserProvider<EEUser>, ICredentialsProvider<EEUser>\n{\n protected auth: Auth;\n protected signUpEnabledConfig: boolean;\n public sessionCookieName: string;\n\n constructor(options: MastraAuthBetterAuthOptions) {\n super({ name: options?.name ?? 'better-auth' });\n\n if (!options.auth) {\n throw new Error(\n 'Better Auth instance is required. Please provide the auth option with your Better Auth instance created via betterAuth({ ... })',\n );\n }\n\n this.auth = options.auth;\n this.signUpEnabledConfig = options.signUpEnabled ?? true;\n\n // Derive the session cookie name from Better Auth's cookiePrefix option\n const authWithOptions = this.auth as unknown as { options?: { advanced?: { cookiePrefix?: string } } };\n const prefix = authWithOptions.options?.advanced?.cookiePrefix ?? 'better-auth';\n this.sessionCookieName = `${prefix}.session_token`;\n\n this.registerOptions(options);\n }\n\n /**\n * Check if sign-up is enabled.\n * Implements ICredentialsProvider.isSignUpEnabled.\n */\n isSignUpEnabled(): boolean {\n return this.signUpEnabledConfig;\n }\n\n // ============================================\n // IUserProvider implementation (EE capability)\n // License check happens in buildCapabilities()\n // ============================================\n\n /**\n * Get current user from request.\n * Implements IUserProvider for EE user awareness in Studio.\n *\n * @param request - Incoming HTTP request\n * @returns EE User object or null if not authenticated\n */\n async getCurrentUser(request: Request): Promise<EEUser | null> {\n try {\n const result = await this.auth.api.getSession({\n headers: request.headers,\n });\n\n if (!result?.user) return null;\n return mapBetterAuthUserToEEUser(result.user);\n } catch {\n return null;\n }\n }\n\n /**\n * Get user by ID.\n * Implements IUserProvider for EE user awareness.\n *\n * Note: Better Auth doesn't expose a direct getUser API.\n * For full functionality, you may need to implement this using\n * direct database access in a subclass.\n *\n * @param userId - User identifier\n * @returns EE User object or null if not found\n */\n async getUser(_userId: string): Promise<EEUser | null> {\n // Better Auth doesn't have a direct getUser API\n // Users can override this method with their own implementation\n // that queries the database directly\n console.warn(\n '[MastraAuthBetterAuth] getUser() requires direct database access. ' +\n 'Override this method in a subclass for full user lookup support.',\n );\n return null;\n }\n\n /**\n * Get URL to user's profile page.\n * Optional IUserProvider method.\n */\n getUserProfileUrl(user: EEUser): string {\n return `/profile/${user.id}`;\n }\n\n /**\n * Authenticate a bearer token by verifying the session with Better Auth.\n *\n * This method extracts the session from the request headers using\n * Better Auth's `api.getSession()` endpoint.\n *\n * @param token - The bearer token (session token) to authenticate\n * @param request - The Hono request object containing headers\n * @returns The authenticated user and session, or null if authentication fails\n */\n async authenticateToken(token: string, request: HonoRequest): Promise<BetterAuthUser | null> {\n try {\n // Better Auth's api.getSession() reads session tokens from the Cookie header\n const headers = new Headers();\n\n // The auth middleware may pass a raw Request (c.req.raw) instead of HonoRequest,\n // so unwrap via 'raw' property detection and use the standard Web API.\n const rawRequest: Request = 'raw' in request ? (request as any).raw : (request as unknown as Request);\n\n const cookieHeader = rawRequest.headers.get('Cookie');\n if (cookieHeader) {\n headers.set('Cookie', cookieHeader);\n }\n\n // Convert Bearer token to a session cookie if not already present.\n // better-auth ignores the Authorization header — it only reads from Cookie.\n const hasSessionCookie = !!cookieHeader?.split(';').some(pair => {\n const [key] = pair.trim().split('=');\n return key?.trim() === this.sessionCookieName;\n });\n if (token && !hasSessionCookie) {\n const existingCookies = cookieHeader ? `${cookieHeader}; ` : '';\n headers.set('Cookie', `${existingCookies}${this.sessionCookieName}=${token}`);\n }\n\n const result = await this.auth.api.getSession({\n headers,\n });\n\n if (!result || !result.session || !result.user) {\n return null;\n }\n\n return {\n session: result.session,\n user: result.user,\n };\n } catch {\n return null;\n }\n }\n\n /**\n * Authorize a user for access.\n *\n * By default, any authenticated user with a valid session is authorized.\n * You can override this behavior by providing a custom `authorizeUser` function\n * in the constructor options.\n *\n * @param user - The authenticated user and session\n * @returns True if the user is authorized, false otherwise\n */\n async authorizeUser(user: BetterAuthUser): Promise<boolean> {\n // By default, any authenticated user with a valid session is authorized\n return !!user?.session?.id && !!user?.user?.id;\n }\n\n // ============================================\n // ICredentialsProvider implementation (EE capability)\n // License check happens in buildCapabilities()\n // ============================================\n\n /**\n * Sign in with email and password.\n * Implements ICredentialsProvider for EE credentials auth.\n *\n * @param email - User email\n * @param password - User password\n * @param request - Incoming HTTP request\n * @returns Result with user and session cookies\n * @throws Error if credentials are invalid\n */\n async signIn(email: string, password: string, request: Request): Promise<CredentialsResult<EEUser>> {\n const headers = request?.headers ?? new Headers();\n\n // Use asResponse: true to get the full response with Set-Cookie headers\n const response = await this.auth.api.signInEmail({\n body: { email, password },\n headers,\n asResponse: true,\n });\n\n if (!response.ok) {\n const errorData = (await response.json().catch(() => ({}))) as { message?: string };\n throw new Error(errorData.message || 'Invalid email or password');\n }\n\n const result = (await response.json()) as { user?: User; token?: string | null };\n\n if (!result?.user) {\n throw new Error('Invalid email or password');\n }\n\n // Extract Set-Cookie headers from Better Auth response\n const cookies: string[] = [];\n const setCookieHeader = response.headers.get('set-cookie');\n if (setCookieHeader) {\n // Split multiple cookies (they may be comma-separated or in multiple headers)\n cookies.push(...setCookieHeader.split(/,(?=\\s*\\w+=)/));\n }\n\n return {\n user: mapBetterAuthUserToEEUser(result.user),\n token: result.token ?? undefined,\n cookies,\n };\n }\n\n /**\n * Sign up with email and password.\n * Implements ICredentialsProvider for EE credentials auth.\n *\n * @param email - User email\n * @param password - User password\n * @param name - Optional display name\n * @param request - Incoming HTTP request\n * @returns Result with new user and session cookies\n * @throws Error if sign up fails\n */\n async signUp(\n email: string,\n password: string,\n name: string | undefined,\n request: Request,\n ): Promise<CredentialsResult<EEUser>> {\n const displayName = name ?? email.split('@')[0] ?? 'User';\n const headers = request?.headers ?? new Headers();\n\n // Use asResponse: true to get the full response with Set-Cookie headers\n const response = await this.auth.api.signUpEmail({\n body: { email, password, name: displayName },\n headers,\n asResponse: true,\n });\n\n if (!response.ok) {\n const errorData = (await response.json().catch(() => ({}))) as { message?: string };\n throw new Error(errorData.message || 'Failed to create account');\n }\n\n const result = (await response.json()) as { user?: User; token?: string | null };\n\n if (!result?.user) {\n throw new Error('Failed to create account');\n }\n\n // Extract Set-Cookie headers from Better Auth response\n const cookies: string[] = [];\n const setCookieHeader = response.headers.get('set-cookie');\n if (setCookieHeader) {\n // Split multiple cookies (they may be comma-separated or in multiple headers)\n cookies.push(...setCookieHeader.split(/,(?=\\s*\\w+=)/));\n }\n\n return {\n user: mapBetterAuthUserToEEUser(result.user),\n token: result.token ?? undefined,\n cookies,\n };\n }\n\n /**\n * Get the underlying Better Auth instance.\n * Useful for accessing Better Auth APIs directly.\n */\n getAuth(): Auth {\n return this.auth;\n }\n\n /**\n * Get headers to clear the session cookies on logout.\n * Partial ISessionProvider implementation for logout support.\n *\n * Clears Better Auth's default session cookies.\n */\n getClearSessionHeaders(): Record<string, string> {\n // Clear both the session token and its signature cookie\n const cookies = [\n `${this.sessionCookieName}=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`,\n `${this.sessionCookieName}_sig=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`,\n ];\n return {\n 'Set-Cookie': cookies.join(', '),\n };\n }\n}\n"]}
package/dist/index.d.ts CHANGED
@@ -1,9 +1,12 @@
1
+ import type { IUserProvider, ICredentialsProvider, CredentialsResult } from '@mastra/core/auth';
2
+ import type { EEUser } from '@mastra/core/auth/ee';
1
3
  import type { MastraAuthProviderOptions } from '@mastra/core/server';
2
4
  import { MastraAuthProvider } from '@mastra/core/server';
3
5
  import type { Auth, Session, User } from 'better-auth';
4
6
  import type { HonoRequest } from 'hono';
5
7
  /**
6
- * User type returned by Better Auth session verification
8
+ * User type returned by Better Auth session verification.
9
+ * Used internally for authentication token verification.
7
10
  */
8
11
  export interface BetterAuthUser {
9
12
  session: Session;
@@ -15,6 +18,12 @@ interface MastraAuthBetterAuthOptions extends MastraAuthProviderOptions<BetterAu
15
18
  * This should be the result of calling `betterAuth({ ... })`.
16
19
  */
17
20
  auth: Auth;
21
+ /**
22
+ * Whether to allow new user registration via sign-up.
23
+ * Set to false to disable public registration.
24
+ * @default true
25
+ */
26
+ signUpEnabled?: boolean;
18
27
  }
19
28
  /**
20
29
  * Mastra authentication provider for Better Auth.
@@ -53,9 +62,41 @@ interface MastraAuthBetterAuthOptions extends MastraAuthProviderOptions<BetterAu
53
62
  *
54
63
  * @see https://better-auth.com for Better Auth documentation
55
64
  */
56
- export declare class MastraAuthBetterAuth extends MastraAuthProvider<BetterAuthUser> {
65
+ export declare class MastraAuthBetterAuth extends MastraAuthProvider<BetterAuthUser> implements IUserProvider<EEUser>, ICredentialsProvider<EEUser> {
57
66
  protected auth: Auth;
67
+ protected signUpEnabledConfig: boolean;
68
+ sessionCookieName: string;
58
69
  constructor(options: MastraAuthBetterAuthOptions);
70
+ /**
71
+ * Check if sign-up is enabled.
72
+ * Implements ICredentialsProvider.isSignUpEnabled.
73
+ */
74
+ isSignUpEnabled(): boolean;
75
+ /**
76
+ * Get current user from request.
77
+ * Implements IUserProvider for EE user awareness in Studio.
78
+ *
79
+ * @param request - Incoming HTTP request
80
+ * @returns EE User object or null if not authenticated
81
+ */
82
+ getCurrentUser(request: Request): Promise<EEUser | null>;
83
+ /**
84
+ * Get user by ID.
85
+ * Implements IUserProvider for EE user awareness.
86
+ *
87
+ * Note: Better Auth doesn't expose a direct getUser API.
88
+ * For full functionality, you may need to implement this using
89
+ * direct database access in a subclass.
90
+ *
91
+ * @param userId - User identifier
92
+ * @returns EE User object or null if not found
93
+ */
94
+ getUser(_userId: string): Promise<EEUser | null>;
95
+ /**
96
+ * Get URL to user's profile page.
97
+ * Optional IUserProvider method.
98
+ */
99
+ getUserProfileUrl(user: EEUser): string;
59
100
  /**
60
101
  * Authenticate a bearer token by verifying the session with Better Auth.
61
102
  *
@@ -78,6 +119,41 @@ export declare class MastraAuthBetterAuth extends MastraAuthProvider<BetterAuthU
78
119
  * @returns True if the user is authorized, false otherwise
79
120
  */
80
121
  authorizeUser(user: BetterAuthUser): Promise<boolean>;
122
+ /**
123
+ * Sign in with email and password.
124
+ * Implements ICredentialsProvider for EE credentials auth.
125
+ *
126
+ * @param email - User email
127
+ * @param password - User password
128
+ * @param request - Incoming HTTP request
129
+ * @returns Result with user and session cookies
130
+ * @throws Error if credentials are invalid
131
+ */
132
+ signIn(email: string, password: string, request: Request): Promise<CredentialsResult<EEUser>>;
133
+ /**
134
+ * Sign up with email and password.
135
+ * Implements ICredentialsProvider for EE credentials auth.
136
+ *
137
+ * @param email - User email
138
+ * @param password - User password
139
+ * @param name - Optional display name
140
+ * @param request - Incoming HTTP request
141
+ * @returns Result with new user and session cookies
142
+ * @throws Error if sign up fails
143
+ */
144
+ signUp(email: string, password: string, name: string | undefined, request: Request): Promise<CredentialsResult<EEUser>>;
145
+ /**
146
+ * Get the underlying Better Auth instance.
147
+ * Useful for accessing Better Auth APIs directly.
148
+ */
149
+ getAuth(): Auth;
150
+ /**
151
+ * Get headers to clear the session cookies on logout.
152
+ * Partial ISessionProvider implementation for logout support.
153
+ *
154
+ * Clears Better Auth's default session cookies.
155
+ */
156
+ getClearSessionHeaders(): Record<string, string>;
81
157
  }
82
158
  export {};
83
159
  //# sourceMappingURL=index.d.ts.map
package/dist/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,qBAAqB,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAEzD,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,MAAM,CAAC;AAExC;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,IAAI,CAAC;CACZ;AAED,UAAU,2BAA4B,SAAQ,yBAAyB,CAAC,cAAc,CAAC;IACrF;;;OAGG;IACH,IAAI,EAAE,IAAI,CAAC;CACZ;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,qBAAa,oBAAqB,SAAQ,kBAAkB,CAAC,cAAc,CAAC;IAC1E,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC;gBAET,OAAO,EAAE,2BAA2B;IAchD;;;;;;;;;OASG;IACG,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IAwC5F;;;;;;;;;OASG;IACG,aAAa,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC;CAI5D"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAChG,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,qBAAqB,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAEzD,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,MAAM,CAAC;AAExC;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,IAAI,CAAC;CACZ;AAmBD,UAAU,2BAA4B,SAAQ,yBAAyB,CAAC,cAAc,CAAC;IACrF;;;OAGG;IACH,IAAI,EAAE,IAAI,CAAC;IAEX;;;;OAIG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,qBAAa,oBACX,SAAQ,kBAAkB,CAAC,cAAc,CACzC,YAAW,aAAa,CAAC,MAAM,CAAC,EAAE,oBAAoB,CAAC,MAAM,CAAC;IAE9D,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC;IACrB,SAAS,CAAC,mBAAmB,EAAE,OAAO,CAAC;IAChC,iBAAiB,EAAE,MAAM,CAAC;gBAErB,OAAO,EAAE,2BAA2B;IAoBhD;;;OAGG;IACH,eAAe,IAAI,OAAO;IAS1B;;;;;;OAMG;IACG,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAa9D;;;;;;;;;;OAUG;IACG,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAWtD;;;OAGG;IACH,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;IAIvC;;;;;;;;;OASG;IACG,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IA0C5F;;;;;;;;;OASG;IACG,aAAa,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC;IAU3D;;;;;;;;;OASG;IACG,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAoCnG;;;;;;;;;;OAUG;IACG,MAAM,CACV,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,GAAG,SAAS,EACxB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAqCrC;;;OAGG;IACH,OAAO,IAAI,IAAI;IAIf;;;;;OAKG;IACH,sBAAsB,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;CAUjD"}
package/dist/index.js CHANGED
@@ -1,161 +1,23 @@
1
- // ../../packages/core/dist/chunk-X2WMFSPB.js
2
- var RegisteredLogger = {
3
- LLM: "LLM"};
4
- var LogLevel = {
5
- DEBUG: "debug",
6
- INFO: "info",
7
- WARN: "warn",
8
- ERROR: "error"};
9
- var MastraLogger = class {
10
- name;
11
- level;
12
- transports;
13
- constructor(options = {}) {
14
- this.name = options.name || "Mastra";
15
- this.level = options.level || LogLevel.ERROR;
16
- this.transports = new Map(Object.entries(options.transports || {}));
17
- }
18
- getTransports() {
19
- return this.transports;
20
- }
21
- trackException(_error) {
22
- }
23
- async listLogs(transportId, params) {
24
- if (!transportId || !this.transports.has(transportId)) {
25
- return { logs: [], total: 0, page: params?.page ?? 1, perPage: params?.perPage ?? 100, hasMore: false };
26
- }
27
- return this.transports.get(transportId).listLogs(params) ?? {
28
- logs: [],
29
- total: 0,
30
- page: params?.page ?? 1,
31
- perPage: params?.perPage ?? 100,
32
- hasMore: false
33
- };
34
- }
35
- async listLogsByRunId({
36
- transportId,
37
- runId,
38
- fromDate,
39
- toDate,
40
- logLevel,
41
- filters,
42
- page,
43
- perPage
44
- }) {
45
- if (!transportId || !this.transports.has(transportId) || !runId) {
46
- return { logs: [], total: 0, page: page ?? 1, perPage: perPage ?? 100, hasMore: false };
47
- }
48
- return this.transports.get(transportId).listLogsByRunId({ runId, fromDate, toDate, logLevel, filters, page, perPage }) ?? {
49
- logs: [],
50
- total: 0,
51
- page: page ?? 1,
52
- perPage: perPage ?? 100,
53
- hasMore: false
54
- };
55
- }
56
- };
57
- var ConsoleLogger = class extends MastraLogger {
58
- constructor(options = {}) {
59
- super(options);
60
- }
61
- debug(message, ...args) {
62
- if (this.level === LogLevel.DEBUG) {
63
- console.info(message, ...args);
64
- }
65
- }
66
- info(message, ...args) {
67
- if (this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {
68
- console.info(message, ...args);
69
- }
70
- }
71
- warn(message, ...args) {
72
- if (this.level === LogLevel.WARN || this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {
73
- console.info(message, ...args);
74
- }
75
- }
76
- error(message, ...args) {
77
- if (this.level === LogLevel.ERROR || this.level === LogLevel.WARN || this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {
78
- console.error(message, ...args);
79
- }
80
- }
81
- async listLogs(_transportId, _params) {
82
- return { logs: [], total: 0, page: _params?.page ?? 1, perPage: _params?.perPage ?? 100, hasMore: false };
83
- }
84
- async listLogsByRunId(_args) {
85
- return { logs: [], total: 0, page: _args.page ?? 1, perPage: _args.perPage ?? 100, hasMore: false };
86
- }
87
- };
88
-
89
- // ../../packages/core/dist/chunk-WCAFTXGK.js
90
- var MastraBase = class {
91
- component = RegisteredLogger.LLM;
92
- logger;
93
- name;
94
- #rawConfig;
95
- constructor({
96
- component,
97
- name,
98
- rawConfig
99
- }) {
100
- this.component = component || RegisteredLogger.LLM;
101
- this.name = name;
102
- this.#rawConfig = rawConfig;
103
- this.logger = new ConsoleLogger({ name: `${this.component} - ${this.name}` });
104
- }
105
- /**
106
- * Returns the raw storage configuration this primitive was created from,
107
- * or undefined if it was created from code.
108
- */
109
- toRawConfig() {
110
- return this.#rawConfig;
111
- }
112
- /**
113
- * Sets the raw storage configuration for this primitive.
114
- * @internal
115
- */
116
- __setRawConfig(rawConfig) {
117
- this.#rawConfig = rawConfig;
118
- }
119
- /**
120
- * Set the logger for the agent
121
- * @param logger
122
- */
123
- __setLogger(logger) {
124
- this.logger = logger;
125
- if (this.component !== RegisteredLogger.LLM) {
126
- this.logger.debug(`Logger updated [component=${this.component}] [name=${this.name}]`);
127
- }
128
- }
129
- };
130
-
131
- // ../../packages/core/dist/server/index.js
132
- var MastraAuthProvider = class extends MastraBase {
133
- protected;
134
- public;
135
- constructor(options) {
136
- super({ component: "AUTH", name: options?.name });
137
- if (options?.authorizeUser) {
138
- this.authorizeUser = options.authorizeUser.bind(this);
139
- }
140
- this.protected = options?.protected;
141
- this.public = options?.public;
142
- }
143
- registerOptions(opts) {
144
- if (opts?.authorizeUser) {
145
- this.authorizeUser = opts.authorizeUser.bind(this);
146
- }
147
- if (opts?.protected) {
148
- this.protected = opts.protected;
149
- }
150
- if (opts?.public) {
151
- this.public = opts.public;
152
- }
153
- }
154
- };
1
+ import { MastraAuthProvider } from '@mastra/core/server';
155
2
 
156
3
  // src/index.ts
4
+ function mapBetterAuthUserToEEUser(user) {
5
+ return {
6
+ id: user.id,
7
+ email: user.email,
8
+ name: user.name,
9
+ avatarUrl: user.image ?? void 0,
10
+ metadata: {
11
+ emailVerified: user.emailVerified,
12
+ createdAt: user.createdAt,
13
+ updatedAt: user.updatedAt
14
+ }
15
+ };
16
+ }
157
17
  var MastraAuthBetterAuth = class extends MastraAuthProvider {
158
18
  auth;
19
+ signUpEnabledConfig;
20
+ sessionCookieName;
159
21
  constructor(options) {
160
22
  super({ name: options?.name ?? "better-auth" });
161
23
  if (!options.auth) {
@@ -164,8 +26,65 @@ var MastraAuthBetterAuth = class extends MastraAuthProvider {
164
26
  );
165
27
  }
166
28
  this.auth = options.auth;
29
+ this.signUpEnabledConfig = options.signUpEnabled ?? true;
30
+ const authWithOptions = this.auth;
31
+ const prefix = authWithOptions.options?.advanced?.cookiePrefix ?? "better-auth";
32
+ this.sessionCookieName = `${prefix}.session_token`;
167
33
  this.registerOptions(options);
168
34
  }
35
+ /**
36
+ * Check if sign-up is enabled.
37
+ * Implements ICredentialsProvider.isSignUpEnabled.
38
+ */
39
+ isSignUpEnabled() {
40
+ return this.signUpEnabledConfig;
41
+ }
42
+ // ============================================
43
+ // IUserProvider implementation (EE capability)
44
+ // License check happens in buildCapabilities()
45
+ // ============================================
46
+ /**
47
+ * Get current user from request.
48
+ * Implements IUserProvider for EE user awareness in Studio.
49
+ *
50
+ * @param request - Incoming HTTP request
51
+ * @returns EE User object or null if not authenticated
52
+ */
53
+ async getCurrentUser(request) {
54
+ try {
55
+ const result = await this.auth.api.getSession({
56
+ headers: request.headers
57
+ });
58
+ if (!result?.user) return null;
59
+ return mapBetterAuthUserToEEUser(result.user);
60
+ } catch {
61
+ return null;
62
+ }
63
+ }
64
+ /**
65
+ * Get user by ID.
66
+ * Implements IUserProvider for EE user awareness.
67
+ *
68
+ * Note: Better Auth doesn't expose a direct getUser API.
69
+ * For full functionality, you may need to implement this using
70
+ * direct database access in a subclass.
71
+ *
72
+ * @param userId - User identifier
73
+ * @returns EE User object or null if not found
74
+ */
75
+ async getUser(_userId) {
76
+ console.warn(
77
+ "[MastraAuthBetterAuth] getUser() requires direct database access. Override this method in a subclass for full user lookup support."
78
+ );
79
+ return null;
80
+ }
81
+ /**
82
+ * Get URL to user's profile page.
83
+ * Optional IUserProvider method.
84
+ */
85
+ getUserProfileUrl(user) {
86
+ return `/profile/${user.id}`;
87
+ }
169
88
  /**
170
89
  * Authenticate a bearer token by verifying the session with Better Auth.
171
90
  *
@@ -179,16 +98,19 @@ var MastraAuthBetterAuth = class extends MastraAuthProvider {
179
98
  async authenticateToken(token, request) {
180
99
  try {
181
100
  const headers = new Headers();
182
- const authHeader = request.header("Authorization");
183
- if (authHeader) {
184
- headers.set("Authorization", authHeader);
185
- } else if (token) {
186
- headers.set("Authorization", `Bearer ${token}`);
187
- }
188
- const cookieHeader = request.header("Cookie");
101
+ const rawRequest = "raw" in request ? request.raw : request;
102
+ const cookieHeader = rawRequest.headers.get("Cookie");
189
103
  if (cookieHeader) {
190
104
  headers.set("Cookie", cookieHeader);
191
105
  }
106
+ const hasSessionCookie = !!cookieHeader?.split(";").some((pair) => {
107
+ const [key] = pair.trim().split("=");
108
+ return key?.trim() === this.sessionCookieName;
109
+ });
110
+ if (token && !hasSessionCookie) {
111
+ const existingCookies = cookieHeader ? `${cookieHeader}; ` : "";
112
+ headers.set("Cookie", `${existingCookies}${this.sessionCookieName}=${token}`);
113
+ }
192
114
  const result = await this.auth.api.getSession({
193
115
  headers
194
116
  });
@@ -216,6 +138,106 @@ var MastraAuthBetterAuth = class extends MastraAuthProvider {
216
138
  async authorizeUser(user) {
217
139
  return !!user?.session?.id && !!user?.user?.id;
218
140
  }
141
+ // ============================================
142
+ // ICredentialsProvider implementation (EE capability)
143
+ // License check happens in buildCapabilities()
144
+ // ============================================
145
+ /**
146
+ * Sign in with email and password.
147
+ * Implements ICredentialsProvider for EE credentials auth.
148
+ *
149
+ * @param email - User email
150
+ * @param password - User password
151
+ * @param request - Incoming HTTP request
152
+ * @returns Result with user and session cookies
153
+ * @throws Error if credentials are invalid
154
+ */
155
+ async signIn(email, password, request) {
156
+ const headers = request?.headers ?? new Headers();
157
+ const response = await this.auth.api.signInEmail({
158
+ body: { email, password },
159
+ headers,
160
+ asResponse: true
161
+ });
162
+ if (!response.ok) {
163
+ const errorData = await response.json().catch(() => ({}));
164
+ throw new Error(errorData.message || "Invalid email or password");
165
+ }
166
+ const result = await response.json();
167
+ if (!result?.user) {
168
+ throw new Error("Invalid email or password");
169
+ }
170
+ const cookies = [];
171
+ const setCookieHeader = response.headers.get("set-cookie");
172
+ if (setCookieHeader) {
173
+ cookies.push(...setCookieHeader.split(/,(?=\s*\w+=)/));
174
+ }
175
+ return {
176
+ user: mapBetterAuthUserToEEUser(result.user),
177
+ token: result.token ?? void 0,
178
+ cookies
179
+ };
180
+ }
181
+ /**
182
+ * Sign up with email and password.
183
+ * Implements ICredentialsProvider for EE credentials auth.
184
+ *
185
+ * @param email - User email
186
+ * @param password - User password
187
+ * @param name - Optional display name
188
+ * @param request - Incoming HTTP request
189
+ * @returns Result with new user and session cookies
190
+ * @throws Error if sign up fails
191
+ */
192
+ async signUp(email, password, name, request) {
193
+ const displayName = name ?? email.split("@")[0] ?? "User";
194
+ const headers = request?.headers ?? new Headers();
195
+ const response = await this.auth.api.signUpEmail({
196
+ body: { email, password, name: displayName },
197
+ headers,
198
+ asResponse: true
199
+ });
200
+ if (!response.ok) {
201
+ const errorData = await response.json().catch(() => ({}));
202
+ throw new Error(errorData.message || "Failed to create account");
203
+ }
204
+ const result = await response.json();
205
+ if (!result?.user) {
206
+ throw new Error("Failed to create account");
207
+ }
208
+ const cookies = [];
209
+ const setCookieHeader = response.headers.get("set-cookie");
210
+ if (setCookieHeader) {
211
+ cookies.push(...setCookieHeader.split(/,(?=\s*\w+=)/));
212
+ }
213
+ return {
214
+ user: mapBetterAuthUserToEEUser(result.user),
215
+ token: result.token ?? void 0,
216
+ cookies
217
+ };
218
+ }
219
+ /**
220
+ * Get the underlying Better Auth instance.
221
+ * Useful for accessing Better Auth APIs directly.
222
+ */
223
+ getAuth() {
224
+ return this.auth;
225
+ }
226
+ /**
227
+ * Get headers to clear the session cookies on logout.
228
+ * Partial ISessionProvider implementation for logout support.
229
+ *
230
+ * Clears Better Auth's default session cookies.
231
+ */
232
+ getClearSessionHeaders() {
233
+ const cookies = [
234
+ `${this.sessionCookieName}=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`,
235
+ `${this.sessionCookieName}_sig=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`
236
+ ];
237
+ return {
238
+ "Set-Cookie": cookies.join(", ")
239
+ };
240
+ }
219
241
  };
220
242
 
221
243
  export { MastraAuthBetterAuth };
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../packages/core/src/logger/constants.ts","../../../packages/core/src/logger/logger.ts","../../../packages/core/src/logger/default-logger.ts","../../../packages/core/src/base.ts","../../../packages/core/src/server/auth.ts","../src/index.ts"],"names":[],"mappings":";AACO,IAAM,gBAAA,GAAmB;EAM9B,GAAA,EAAK,KAaP,CAAA;AAIO,IAAM,QAAA,GAAW;EACtB,KAAA,EAAO,OAAA;EACP,IAAA,EAAM,MAAA;EACN,IAAA,EAAM,MAAA;EACN,KAAA,EAAO,OAET,CAAA;ACKO,IAAe,eAAf,MAAqD;AAChD,EAAA,IAAA;AACA,EAAA,KAAA;AACA,EAAA,UAAA;EAEV,WAAA,CACE,OAAA,GAII,EAAA,EACJ;AACA,IAAA,IAAA,CAAK,IAAA,GAAO,QAAQ,IAAA,IAAQ,QAAA;AAC5B,IAAA,IAAA,CAAK,KAAA,GAAQ,OAAA,CAAQ,KAAA,IAAS,QAAA,CAAS,KAAA;AACvC,IAAA,IAAA,CAAK,UAAA,GAAa,IAAI,GAAA,CAAI,MAAA,CAAO,QAAQ,OAAA,CAAQ,UAAA,IAAc,EAAE,CAAC,CAAA;AACpE,EAAA;EAOA,aAAA,GAAgB;AACd,IAAA,OAAO,IAAA,CAAK,UAAA;AACd,EAAA;AAEA,EAAA,cAAA,CAAe,MAAA,EAAqB;AAAC,EAAA;EAErC,MAAM,QAAA,CACJ,aACA,MAAA,EAQA;AACA,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,KAAK,UAAA,CAAW,GAAA,CAAI,WAAW,CAAA,EAAG;AACrD,MAAA,OAAO,EAAE,IAAA,EAAM,EAAA,EAAI,OAAO,CAAA,EAAG,IAAA,EAAM,MAAA,EAAQ,IAAA,IAAQ,GAAG,OAAA,EAAS,MAAA,EAAQ,OAAA,IAAW,GAAA,EAAK,SAAS,KAAA,EAAA;AAClG,IAAA;AAEA,IAAA,OACE,KAAK,UAAA,CAAW,GAAA,CAAI,WAAW,CAAA,CAAG,QAAA,CAAS,MAAM,CAAA,IAAK;AACpD,MAAA,IAAA,EAAM,EAAA;MACN,KAAA,EAAO,CAAA;AACP,MAAA,IAAA,EAAM,QAAQ,IAAA,IAAQ,CAAA;AACtB,MAAA,OAAA,EAAS,QAAQ,OAAA,IAAW,GAAA;MAC5B,OAAA,EAAS;AAAA,KAAA;AAGf,EAAA;AAEA,EAAA,MAAM,eAAA,CAAgB;AACpB,IAAA,WAAA;AACA,IAAA,KAAA;AACA,IAAA,QAAA;AACA,IAAA,MAAA;AACA,IAAA,QAAA;AACA,IAAA,OAAA;AACA,IAAA,IAAA;AACA,IAAA;GAAA,EAUC;AACD,IAAA,IAAI,CAAC,eAAe,CAAC,IAAA,CAAK,WAAW,GAAA,CAAI,WAAW,CAAA,IAAK,CAAC,KAAA,EAAO;AAC/D,MAAA,OAAO,EAAE,IAAA,EAAM,EAAA,EAAI,KAAA,EAAO,CAAA,EAAG,IAAA,EAAM,IAAA,IAAQ,CAAA,EAAG,OAAA,EAAS,OAAA,IAAW,GAAA,EAAK,SAAS,KAAA,EAAA;AAClF,IAAA;AAEA,IAAA,OACE,IAAA,CAAK,UAAA,CACF,GAAA,CAAI,WAAW,EACf,eAAA,CAAgB,EAAE,KAAA,EAAO,QAAA,EAAU,QAAQ,QAAA,EAAU,OAAA,EAAS,IAAA,EAAM,OAAA,EAAS,CAAA,IAAK;AACnF,MAAA,IAAA,EAAM,EAAA;MACN,KAAA,EAAO,CAAA;AACP,MAAA,IAAA,EAAM,IAAA,IAAQ,CAAA;AACd,MAAA,OAAA,EAAS,OAAA,IAAW,GAAA;MACpB,OAAA,EAAS;AAAA,KAAA;AAGf,EAAA;AACF,CAAA;AC5GO,IAAM,aAAA,GAAN,cAA4B,YAAA,CAAa;EAC9C,WAAA,CACE,OAAA,GAGI,EAAA,EACJ;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AACf,EAAA;AAEA,EAAA,KAAA,CAAM,YAAoB,IAAA,EAAmB;AAC3C,IAAA,IAAI,IAAA,CAAK,KAAA,KAAU,QAAA,CAAS,KAAA,EAAO;AACjC,MAAA,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,GAAG,IAAI,CAAA;AAC/B,IAAA;AACF,EAAA;AAEA,EAAA,IAAA,CAAK,YAAoB,IAAA,EAAmB;AAC1C,IAAA,IAAI,KAAK,KAAA,KAAU,QAAA,CAAS,QAAQ,IAAA,CAAK,KAAA,KAAU,SAAS,KAAA,EAAO;AACjE,MAAA,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,GAAG,IAAI,CAAA;AAC/B,IAAA;AACF,EAAA;AAEA,EAAA,IAAA,CAAK,YAAoB,IAAA,EAAmB;AAC1C,IAAA,IAAI,IAAA,CAAK,KAAA,KAAU,QAAA,CAAS,IAAA,IAAQ,IAAA,CAAK,KAAA,KAAU,QAAA,CAAS,IAAA,IAAQ,IAAA,CAAK,KAAA,KAAU,QAAA,CAAS,KAAA,EAAO;AACjG,MAAA,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,GAAG,IAAI,CAAA;AAC/B,IAAA;AACF,EAAA;AAEA,EAAA,KAAA,CAAM,YAAoB,IAAA,EAAmB;AAC3C,IAAA,IACE,IAAA,CAAK,KAAA,KAAU,QAAA,CAAS,KAAA,IACxB,KAAK,KAAA,KAAU,QAAA,CAAS,IAAA,IACxB,IAAA,CAAK,UAAU,QAAA,CAAS,IAAA,IACxB,IAAA,CAAK,KAAA,KAAU,SAAS,KAAA,EACxB;AACA,MAAA,OAAA,CAAQ,KAAA,CAAM,OAAA,EAAS,GAAG,IAAI,CAAA;AAChC,IAAA;AACF,EAAA;EAEA,MAAM,QAAA,CACJ,cACA,OAAA,EAQA;AACA,IAAA,OAAO,EAAE,IAAA,EAAM,EAAA,EAAI,OAAO,CAAA,EAAG,IAAA,EAAM,OAAA,EAAS,IAAA,IAAQ,GAAG,OAAA,EAAS,OAAA,EAAS,OAAA,IAAW,GAAA,EAAK,SAAS,KAAA,EAAA;AACpG,EAAA;AAEA,EAAA,MAAM,gBAAgB,KAAA,EASnB;AACD,IAAA,OAAO,EAAE,IAAA,EAAM,EAAA,EAAI,OAAO,CAAA,EAAG,IAAA,EAAM,KAAA,CAAM,IAAA,IAAQ,GAAG,OAAA,EAAS,KAAA,CAAM,OAAA,IAAW,GAAA,EAAK,SAAS,KAAA,EAAA;AAC9F,EAAA;AACF,CAAA;;;AC7EO,IAAM,aAAN,MAAiB;AACtB,EAAA,SAAA,GAA8B,gBAAA,CAAiB,GAAA;AACrC,EAAA,MAAA;AACV,EAAA,IAAA;AACA,EAAA,UAAA;EAEA,WAAA,CAAY;AACV,IAAA,SAAA;AACA,IAAA,IAAA;AACA,IAAA;GAAA,EAKC;AACD,IAAA,IAAA,CAAK,SAAA,GAAY,aAAa,gBAAA,CAAiB,GAAA;AAC/C,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AACZ,IAAA,IAAA,CAAK,UAAA,GAAa,SAAA;AAClB,IAAA,IAAA,CAAK,MAAA,GAAS,IAAI,aAAA,CAAc,EAAE,IAAA,EAAM,CAAA,EAAG,IAAA,CAAK,SAAS,CAAA,GAAA,EAAM,IAAA,CAAK,IAAI,CAAA,CAAA,EAAI,CAAA;AAC9E,EAAA;;;;;EAMA,WAAA,GAAmD;AACjD,IAAA,OAAO,IAAA,CAAK,UAAA;AACd,EAAA;;;;;AAMA,EAAA,cAAA,CAAe,SAAA,EAA0C;AACvD,IAAA,IAAA,CAAK,UAAA,GAAa,SAAA;AACpB,EAAA;;;;;AAMA,EAAA,WAAA,CAAY,MAAA,EAAuB;AACjC,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAEd,IAAA,IAAI,IAAA,CAAK,SAAA,KAAc,gBAAA,CAAiB,GAAA,EAAK;AAC3C,MAAA,IAAA,CAAK,MAAA,CAAO,MAAM,CAAA,0BAAA,EAA6B,IAAA,CAAK,SAAS,CAAA,QAAA,EAAW,IAAA,CAAK,IAAI,CAAA,CAAA,CAAG,CAAA;AACtF,IAAA;AACF,EAAA;AACF,CAAA;;;ACnCO,IAAe,kBAAA,GAAf,cAA2D,UAAA,CAAW;AACpE,EAAA,SAAA;AACA,EAAA,MAAA;AAEP,EAAA,WAAA,CAAY,OAAA,EAA4C;AACtD,IAAA,KAAA,CAAM,EAAE,SAAA,EAAW,MAAA,EAAQ,IAAA,EAAM,OAAA,EAAS,MAAM,CAAA;AAEhD,IAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,MAAA,IAAA,CAAK,aAAA,GAAgB,OAAA,CAAQ,aAAA,CAAc,IAAA,CAAK,IAAI,CAAA;AACtD,IAAA;AAEA,IAAA,IAAA,CAAK,YAAY,OAAA,EAAS,SAAA;AAC1B,IAAA,IAAA,CAAK,SAAS,OAAA,EAAS,MAAA;AACzB,EAAA;AAkBU,EAAA,eAAA,CAAgB,IAAA,EAAyC;AACjE,IAAA,IAAI,MAAM,aAAA,EAAe;AACvB,MAAA,IAAA,CAAK,aAAA,GAAgB,IAAA,CAAK,aAAA,CAAc,IAAA,CAAK,IAAI,CAAA;AACnD,IAAA;AACA,IAAA,IAAI,MAAM,SAAA,EAAW;AACnB,MAAA,IAAA,CAAK,YAAY,IAAA,CAAK,SAAA;AACxB,IAAA;AACA,IAAA,IAAI,MAAM,MAAA,EAAQ;AAChB,MAAA,IAAA,CAAK,SAAS,IAAA,CAAK,MAAA;AACrB,IAAA;AACF,EAAA;AACF,CAAA;;;ACAO,IAAM,oBAAA,GAAN,cAAmC,kBAAA,CAAmC;AAAA,EACjE,IAAA;AAAA,EAEV,YAAY,OAAA,EAAsC;AAChD,IAAA,KAAA,CAAM,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,IAAQ,eAAe,CAAA;AAE9C,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,OAAO,OAAA,CAAQ,IAAA;AAEpB,IAAA,IAAA,CAAK,gBAAgB,OAAO,CAAA;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,iBAAA,CAAkB,KAAA,EAAe,OAAA,EAAsD;AAC3F,IAAA,IAAI;AAGF,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAG5B,MAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,MAAA,CAAO,eAAe,CAAA;AACjD,MAAA,IAAI,UAAA,EAAY;AACd,QAAA,OAAA,CAAQ,GAAA,CAAI,iBAAiB,UAAU,CAAA;AAAA,MACzC,WAAW,KAAA,EAAO;AAEhB,QAAA,OAAA,CAAQ,GAAA,CAAI,eAAA,EAAiB,CAAA,OAAA,EAAU,KAAK,CAAA,CAAE,CAAA;AAAA,MAChD;AAGA,MAAA,MAAM,YAAA,GAAe,OAAA,CAAQ,MAAA,CAAO,QAAQ,CAAA;AAC5C,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAU,YAAY,CAAA;AAAA,MACpC;AAGA,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,UAAA,CAAW;AAAA,QAC5C;AAAA,OACD,CAAA;AAED,MAAA,IAAI,CAAC,MAAA,IAAU,CAAC,OAAO,OAAA,IAAW,CAAC,OAAO,IAAA,EAAM;AAC9C,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,OAAO;AAAA,QACL,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,MAAM,MAAA,CAAO;AAAA,OACf;AAAA,IACF,CAAA,CAAA,MAAQ;AAEN,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,cAAc,IAAA,EAAwC;AAE1D,IAAA,OAAO,CAAC,CAAC,IAAA,EAAM,OAAA,EAAS,MAAM,CAAC,CAAC,MAAM,IAAA,EAAM,EAAA;AAAA,EAC9C;AACF","file":"index.js","sourcesContent":["// Constants and Types (keeping from original implementation)\nexport const RegisteredLogger = {\n AGENT: 'AGENT',\n OBSERVABILITY: 'OBSERVABILITY',\n AUTH: 'AUTH',\n NETWORK: 'NETWORK',\n WORKFLOW: 'WORKFLOW',\n LLM: 'LLM',\n TTS: 'TTS',\n VOICE: 'VOICE',\n VECTOR: 'VECTOR',\n BUNDLER: 'BUNDLER',\n DEPLOYER: 'DEPLOYER',\n MEMORY: 'MEMORY',\n STORAGE: 'STORAGE',\n EMBEDDINGS: 'EMBEDDINGS',\n MCP_SERVER: 'MCP_SERVER',\n SERVER_CACHE: 'SERVER_CACHE',\n SERVER: 'SERVER',\n WORKSPACE: 'WORKSPACE',\n} as const;\n\nexport type RegisteredLogger = (typeof RegisteredLogger)[keyof typeof RegisteredLogger];\n\nexport const LogLevel = {\n DEBUG: 'debug',\n INFO: 'info',\n WARN: 'warn',\n ERROR: 'error',\n NONE: 'silent',\n} as const;\n\nexport type LogLevel = (typeof LogLevel)[keyof typeof LogLevel];\n","import type { MastraError } from '../error';\nimport { LogLevel } from './constants';\nimport type { BaseLogMessage, LoggerTransport } from './transport';\n\nexport interface IMastraLogger {\n debug(message: string, ...args: any[]): void;\n info(message: string, ...args: any[]): void;\n warn(message: string, ...args: any[]): void;\n error(message: string, ...args: any[]): void;\n trackException(error: MastraError): void;\n\n getTransports(): Map<string, LoggerTransport>;\n listLogs(\n _transportId: string,\n _params?: {\n fromDate?: Date;\n toDate?: Date;\n logLevel?: LogLevel;\n filters?: Record<string, any>;\n page?: number;\n perPage?: number;\n },\n ): Promise<{ logs: BaseLogMessage[]; total: number; page: number; perPage: number; hasMore: boolean }>;\n listLogsByRunId(_args: {\n transportId: string;\n runId: string;\n fromDate?: Date;\n toDate?: Date;\n logLevel?: LogLevel;\n filters?: Record<string, any>;\n page?: number;\n perPage?: number;\n }): Promise<{ logs: BaseLogMessage[]; total: number; page: number; perPage: number; hasMore: boolean }>;\n}\n\nexport abstract class MastraLogger implements IMastraLogger {\n protected name: string;\n protected level: LogLevel;\n protected transports: Map<string, LoggerTransport>;\n\n constructor(\n options: {\n name?: string;\n level?: LogLevel;\n transports?: Record<string, LoggerTransport>;\n } = {},\n ) {\n this.name = options.name || 'Mastra';\n this.level = options.level || LogLevel.ERROR;\n this.transports = new Map(Object.entries(options.transports || {}));\n }\n\n abstract debug(message: string, ...args: any[]): void;\n abstract info(message: string, ...args: any[]): void;\n abstract warn(message: string, ...args: any[]): void;\n abstract error(message: string, ...args: any[]): void;\n\n getTransports() {\n return this.transports;\n }\n\n trackException(_error: MastraError) {}\n\n async listLogs(\n transportId: string,\n params?: {\n fromDate?: Date;\n toDate?: Date;\n logLevel?: LogLevel;\n filters?: Record<string, any>;\n page?: number;\n perPage?: number;\n },\n ) {\n if (!transportId || !this.transports.has(transportId)) {\n return { logs: [], total: 0, page: params?.page ?? 1, perPage: params?.perPage ?? 100, hasMore: false };\n }\n\n return (\n this.transports.get(transportId)!.listLogs(params) ?? {\n logs: [],\n total: 0,\n page: params?.page ?? 1,\n perPage: params?.perPage ?? 100,\n hasMore: false,\n }\n );\n }\n\n async listLogsByRunId({\n transportId,\n runId,\n fromDate,\n toDate,\n logLevel,\n filters,\n page,\n perPage,\n }: {\n transportId: string;\n runId: string;\n fromDate?: Date;\n toDate?: Date;\n logLevel?: LogLevel;\n filters?: Record<string, any>;\n page?: number;\n perPage?: number;\n }) {\n if (!transportId || !this.transports.has(transportId) || !runId) {\n return { logs: [], total: 0, page: page ?? 1, perPage: perPage ?? 100, hasMore: false };\n }\n\n return (\n this.transports\n .get(transportId)!\n .listLogsByRunId({ runId, fromDate, toDate, logLevel, filters, page, perPage }) ?? {\n logs: [],\n total: 0,\n page: page ?? 1,\n perPage: perPage ?? 100,\n hasMore: false,\n }\n );\n }\n}\n","import { LogLevel } from './constants';\nimport { MastraLogger } from './logger';\nimport type { LoggerTransport } from './transport';\n\nexport const createLogger = (options: {\n name?: string;\n level?: LogLevel;\n transports?: Record<string, LoggerTransport>;\n}) => {\n const logger = new ConsoleLogger(options);\n\n logger.warn(`createLogger is deprecated. Please use \"new ConsoleLogger()\" from \"@mastra/core/logger\" instead.`);\n\n return logger;\n};\n\nexport class ConsoleLogger extends MastraLogger {\n constructor(\n options: {\n name?: string;\n level?: LogLevel;\n } = {},\n ) {\n super(options);\n }\n\n debug(message: string, ...args: any[]): void {\n if (this.level === LogLevel.DEBUG) {\n console.info(message, ...args);\n }\n }\n\n info(message: string, ...args: any[]): void {\n if (this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {\n console.info(message, ...args);\n }\n }\n\n warn(message: string, ...args: any[]): void {\n if (this.level === LogLevel.WARN || this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {\n console.info(message, ...args);\n }\n }\n\n error(message: string, ...args: any[]): void {\n if (\n this.level === LogLevel.ERROR ||\n this.level === LogLevel.WARN ||\n this.level === LogLevel.INFO ||\n this.level === LogLevel.DEBUG\n ) {\n console.error(message, ...args);\n }\n }\n\n async listLogs(\n _transportId: string,\n _params?: {\n fromDate?: Date;\n toDate?: Date;\n logLevel?: LogLevel;\n filters?: Record<string, any>;\n page?: number;\n perPage?: number;\n },\n ) {\n return { logs: [], total: 0, page: _params?.page ?? 1, perPage: _params?.perPage ?? 100, hasMore: false };\n }\n\n async listLogsByRunId(_args: {\n transportId: string;\n runId: string;\n fromDate?: Date;\n toDate?: Date;\n logLevel?: LogLevel;\n filters?: Record<string, any>;\n page?: number;\n perPage?: number;\n }) {\n return { logs: [], total: 0, page: _args.page ?? 1, perPage: _args.perPage ?? 100, hasMore: false };\n }\n}\n","import type { IMastraLogger } from './logger';\nimport { RegisteredLogger } from './logger/constants';\nimport { ConsoleLogger } from './logger/default-logger';\n\nexport class MastraBase {\n component: RegisteredLogger = RegisteredLogger.LLM;\n protected logger: IMastraLogger;\n name?: string;\n #rawConfig?: Record<string, unknown>;\n\n constructor({\n component,\n name,\n rawConfig,\n }: {\n component?: RegisteredLogger;\n name?: string;\n rawConfig?: Record<string, unknown>;\n }) {\n this.component = component || RegisteredLogger.LLM;\n this.name = name;\n this.#rawConfig = rawConfig;\n this.logger = new ConsoleLogger({ name: `${this.component} - ${this.name}` });\n }\n\n /**\n * Returns the raw storage configuration this primitive was created from,\n * or undefined if it was created from code.\n */\n toRawConfig(): Record<string, unknown> | undefined {\n return this.#rawConfig;\n }\n\n /**\n * Sets the raw storage configuration for this primitive.\n * @internal\n */\n __setRawConfig(rawConfig: Record<string, unknown>): void {\n this.#rawConfig = rawConfig;\n }\n\n /**\n * Set the logger for the agent\n * @param logger\n */\n __setLogger(logger: IMastraLogger) {\n this.logger = logger;\n\n if (this.component !== RegisteredLogger.LLM) {\n this.logger.debug(`Logger updated [component=${this.component}] [name=${this.name}]`);\n }\n }\n}\n\nexport * from './types';\n","import type { HonoRequest } from 'hono';\nimport { MastraBase } from '../base';\nimport type { MastraAuthConfig } from './types';\n\nexport interface MastraAuthProviderOptions<TUser = unknown> {\n name?: string;\n authorizeUser?: (user: TUser, request: HonoRequest) => Promise<boolean> | boolean;\n /**\n * Protected paths for the auth provider\n */\n protected?: MastraAuthConfig['protected'];\n /**\n * Public paths for the auth provider\n */\n public?: MastraAuthConfig['public'];\n}\n\nexport abstract class MastraAuthProvider<TUser = unknown> extends MastraBase {\n public protected?: MastraAuthConfig['protected'];\n public public?: MastraAuthConfig['public'];\n\n constructor(options?: MastraAuthProviderOptions<TUser>) {\n super({ component: 'AUTH', name: options?.name });\n\n if (options?.authorizeUser) {\n this.authorizeUser = options.authorizeUser.bind(this);\n }\n\n this.protected = options?.protected;\n this.public = options?.public;\n }\n\n /**\n * Authenticate a token and return the payload\n * @param token - The token to authenticate\n * @param request - The request\n * @returns The payload\n */\n abstract authenticateToken(token: string, request: HonoRequest): Promise<TUser | null>;\n\n /**\n * Authorize a user for a path and method\n * @param user - The user to authorize\n * @param request - The request\n * @returns The authorization result\n */\n abstract authorizeUser(user: TUser, request: HonoRequest): Promise<boolean> | boolean;\n\n protected registerOptions(opts?: MastraAuthProviderOptions<TUser>) {\n if (opts?.authorizeUser) {\n this.authorizeUser = opts.authorizeUser.bind(this);\n }\n if (opts?.protected) {\n this.protected = opts.protected;\n }\n if (opts?.public) {\n this.public = opts.public;\n }\n }\n}\n","import type { MastraAuthProviderOptions } from '@mastra/core/server';\nimport { MastraAuthProvider } from '@mastra/core/server';\n\nimport type { Auth, Session, User } from 'better-auth';\nimport type { HonoRequest } from 'hono';\n\n/**\n * User type returned by Better Auth session verification\n */\nexport interface BetterAuthUser {\n session: Session;\n user: User;\n}\n\ninterface MastraAuthBetterAuthOptions extends MastraAuthProviderOptions<BetterAuthUser> {\n /**\n * The Better Auth instance to use for authentication.\n * This should be the result of calling `betterAuth({ ... })`.\n */\n auth: Auth;\n}\n\n/**\n * Mastra authentication provider for Better Auth.\n *\n * Better Auth is a self-hosted, open-source authentication framework\n * that gives you full control over your authentication system.\n *\n * @example\n * ```typescript\n * import { betterAuth } from 'better-auth';\n * import { MastraAuthBetterAuth } from '@mastra/auth-better-auth';\n *\n * // Create your Better Auth instance\n * const auth = betterAuth({\n * database: {\n * provider: 'postgresql',\n * url: process.env.DATABASE_URL!,\n * },\n * emailAndPassword: {\n * enabled: true,\n * },\n * });\n *\n * // Create the Mastra auth provider\n * const mastraAuth = new MastraAuthBetterAuth({\n * auth,\n * });\n *\n * // Use with Mastra\n * const mastra = new Mastra({\n * server: {\n * auth: mastraAuth,\n * },\n * });\n * ```\n *\n * @see https://better-auth.com for Better Auth documentation\n */\nexport class MastraAuthBetterAuth extends MastraAuthProvider<BetterAuthUser> {\n protected auth: Auth;\n\n constructor(options: MastraAuthBetterAuthOptions) {\n super({ name: options?.name ?? 'better-auth' });\n\n if (!options.auth) {\n throw new Error(\n 'Better Auth instance is required. Please provide the auth option with your Better Auth instance created via betterAuth({ ... })',\n );\n }\n\n this.auth = options.auth;\n\n this.registerOptions(options);\n }\n\n /**\n * Authenticate a bearer token by verifying the session with Better Auth.\n *\n * This method extracts the session from the request headers using\n * Better Auth's `api.getSession()` endpoint.\n *\n * @param token - The bearer token (session token) to authenticate\n * @param request - The Hono request object containing headers\n * @returns The authenticated user and session, or null if authentication fails\n */\n async authenticateToken(token: string, request: HonoRequest): Promise<BetterAuthUser | null> {\n try {\n // Better Auth expects the token to be passed via headers\n // We need to construct headers with the Authorization bearer token\n const headers = new Headers();\n\n // Copy relevant headers from the request\n const authHeader = request.header('Authorization');\n if (authHeader) {\n headers.set('Authorization', authHeader);\n } else if (token) {\n // If no auth header but token is provided, set it\n headers.set('Authorization', `Bearer ${token}`);\n }\n\n // Copy cookie header if present (Better Auth can use cookies for sessions)\n const cookieHeader = request.header('Cookie');\n if (cookieHeader) {\n headers.set('Cookie', cookieHeader);\n }\n\n // Use Better Auth's API to get the session\n const result = await this.auth.api.getSession({\n headers,\n });\n\n if (!result || !result.session || !result.user) {\n return null;\n }\n\n return {\n session: result.session,\n user: result.user,\n };\n } catch {\n // Session verification failed\n return null;\n }\n }\n\n /**\n * Authorize a user for access.\n *\n * By default, any authenticated user with a valid session is authorized.\n * You can override this behavior by providing a custom `authorizeUser` function\n * in the constructor options.\n *\n * @param user - The authenticated user and session\n * @returns True if the user is authorized, false otherwise\n */\n async authorizeUser(user: BetterAuthUser): Promise<boolean> {\n // By default, any authenticated user with a valid session is authorized\n return !!user?.session?.id && !!user?.user?.id;\n }\n}\n"]}
1
+ {"version":3,"sources":["../src/index.ts"],"names":[],"mappings":";;;AAoBA,SAAS,0BAA0B,IAAA,EAAoB;AACrD,EAAA,OAAO;AAAA,IACL,IAAI,IAAA,CAAK,EAAA;AAAA,IACT,OAAO,IAAA,CAAK,KAAA;AAAA,IACZ,MAAM,IAAA,CAAK,IAAA;AAAA,IACX,SAAA,EAAW,KAAK,KAAA,IAAS,MAAA;AAAA,IACzB,QAAA,EAAU;AAAA,MACR,eAAe,IAAA,CAAK,aAAA;AAAA,MACpB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA;AAClB,GACF;AACF;AAsDO,IAAM,oBAAA,GAAN,cACG,kBAAA,CAEV;AAAA,EACY,IAAA;AAAA,EACA,mBAAA;AAAA,EACH,iBAAA;AAAA,EAEP,YAAY,OAAA,EAAsC;AAChD,IAAA,KAAA,CAAM,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,IAAQ,eAAe,CAAA;AAE9C,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,OAAO,OAAA,CAAQ,IAAA;AACpB,IAAA,IAAA,CAAK,mBAAA,GAAsB,QAAQ,aAAA,IAAiB,IAAA;AAGpD,IAAA,MAAM,kBAAkB,IAAA,CAAK,IAAA;AAC7B,IAAA,MAAM,MAAA,GAAS,eAAA,CAAgB,OAAA,EAAS,QAAA,EAAU,YAAA,IAAgB,aAAA;AAClE,IAAA,IAAA,CAAK,iBAAA,GAAoB,GAAG,MAAM,CAAA,cAAA,CAAA;AAElC,IAAA,IAAA,CAAK,gBAAgB,OAAO,CAAA;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,eAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,mBAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,MAAM,eAAe,OAAA,EAA0C;AAC7D,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,UAAA,CAAW;AAAA,QAC5C,SAAS,OAAA,CAAQ;AAAA,OAClB,CAAA;AAED,MAAA,IAAI,CAAC,MAAA,EAAQ,IAAA,EAAM,OAAO,IAAA;AAC1B,MAAA,OAAO,yBAAA,CAA0B,OAAO,IAAI,CAAA;AAAA,IAC9C,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,QAAQ,OAAA,EAAyC;AAIrD,IAAA,OAAA,CAAQ,IAAA;AAAA,MACN;AAAA,KAEF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,kBAAkB,IAAA,EAAsB;AACtC,IAAA,OAAO,CAAA,SAAA,EAAY,KAAK,EAAE,CAAA,CAAA;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,iBAAA,CAAkB,KAAA,EAAe,OAAA,EAAsD;AAC3F,IAAA,IAAI;AAEF,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAI5B,MAAA,MAAM,UAAA,GAAsB,KAAA,IAAS,OAAA,GAAW,OAAA,CAAgB,GAAA,GAAO,OAAA;AAEvE,MAAA,MAAM,YAAA,GAAe,UAAA,CAAW,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAU,YAAY,CAAA;AAAA,MACpC;AAIA,MAAA,MAAM,gBAAA,GAAmB,CAAC,CAAC,YAAA,EAAc,MAAM,GAAG,CAAA,CAAE,KAAK,CAAA,IAAA,KAAQ;AAC/D,QAAA,MAAM,CAAC,GAAG,CAAA,GAAI,KAAK,IAAA,EAAK,CAAE,MAAM,GAAG,CAAA;AACnC,QAAA,OAAO,GAAA,EAAK,IAAA,EAAK,KAAM,IAAA,CAAK,iBAAA;AAAA,MAC9B,CAAC,CAAA;AACD,MAAA,IAAI,KAAA,IAAS,CAAC,gBAAA,EAAkB;AAC9B,QAAA,MAAM,eAAA,GAAkB,YAAA,GAAe,CAAA,EAAG,YAAY,CAAA,EAAA,CAAA,GAAO,EAAA;AAC7D,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA,EAAG,eAAe,GAAG,IAAA,CAAK,iBAAiB,CAAA,CAAA,EAAI,KAAK,CAAA,CAAE,CAAA;AAAA,MAC9E;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,UAAA,CAAW;AAAA,QAC5C;AAAA,OACD,CAAA;AAED,MAAA,IAAI,CAAC,MAAA,IAAU,CAAC,OAAO,OAAA,IAAW,CAAC,OAAO,IAAA,EAAM;AAC9C,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,OAAO;AAAA,QACL,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,MAAM,MAAA,CAAO;AAAA,OACf;AAAA,IACF,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,cAAc,IAAA,EAAwC;AAE1D,IAAA,OAAO,CAAC,CAAC,IAAA,EAAM,OAAA,EAAS,MAAM,CAAC,CAAC,MAAM,IAAA,EAAM,EAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,MAAM,MAAA,CAAO,KAAA,EAAe,QAAA,EAAkB,OAAA,EAAsD;AAClG,IAAA,MAAM,OAAA,GAAU,OAAA,EAAS,OAAA,IAAW,IAAI,OAAA,EAAQ;AAGhD,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,WAAA,CAAY;AAAA,MAC/C,IAAA,EAAM,EAAE,KAAA,EAAO,QAAA,EAAS;AAAA,MACxB,OAAA;AAAA,MACA,UAAA,EAAY;AAAA,KACb,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACzD,MAAA,MAAM,IAAI,KAAA,CAAM,SAAA,CAAU,OAAA,IAAW,2BAA2B,CAAA;AAAA,IAClE;AAEA,IAAA,MAAM,MAAA,GAAU,MAAM,QAAA,CAAS,IAAA,EAAK;AAEpC,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,MAAM,2BAA2B,CAAA;AAAA,IAC7C;AAGA,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,MAAM,eAAA,GAAkB,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,YAAY,CAAA;AACzD,IAAA,IAAI,eAAA,EAAiB;AAEnB,MAAA,OAAA,CAAQ,IAAA,CAAK,GAAG,eAAA,CAAgB,KAAA,CAAM,cAAc,CAAC,CAAA;AAAA,IACvD;AAEA,IAAA,OAAO;AAAA,MACL,IAAA,EAAM,yBAAA,CAA0B,MAAA,CAAO,IAAI,CAAA;AAAA,MAC3C,KAAA,EAAO,OAAO,KAAA,IAAS,MAAA;AAAA,MACvB;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,MAAA,CACJ,KAAA,EACA,QAAA,EACA,MACA,OAAA,EACoC;AACpC,IAAA,MAAM,cAAc,IAAA,IAAQ,KAAA,CAAM,MAAM,GAAG,CAAA,CAAE,CAAC,CAAA,IAAK,MAAA;AACnD,IAAA,MAAM,OAAA,GAAU,OAAA,EAAS,OAAA,IAAW,IAAI,OAAA,EAAQ;AAGhD,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,IAAA,CAAK,IAAI,WAAA,CAAY;AAAA,MAC/C,IAAA,EAAM,EAAE,KAAA,EAAO,QAAA,EAAU,MAAM,WAAA,EAAY;AAAA,MAC3C,OAAA;AAAA,MACA,UAAA,EAAY;AAAA,KACb,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACzD,MAAA,MAAM,IAAI,KAAA,CAAM,SAAA,CAAU,OAAA,IAAW,0BAA0B,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,MAAA,GAAU,MAAM,QAAA,CAAS,IAAA,EAAK;AAEpC,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,MAAM,0BAA0B,CAAA;AAAA,IAC5C;AAGA,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,MAAM,eAAA,GAAkB,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,YAAY,CAAA;AACzD,IAAA,IAAI,eAAA,EAAiB;AAEnB,MAAA,OAAA,CAAQ,IAAA,CAAK,GAAG,eAAA,CAAgB,KAAA,CAAM,cAAc,CAAC,CAAA;AAAA,IACvD;AAEA,IAAA,OAAO;AAAA,MACL,IAAA,EAAM,yBAAA,CAA0B,MAAA,CAAO,IAAI,CAAA;AAAA,MAC3C,KAAA,EAAO,OAAO,KAAA,IAAS,MAAA;AAAA,MACvB;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,OAAA,GAAgB;AACd,IAAA,OAAO,IAAA,CAAK,IAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,sBAAA,GAAiD;AAE/C,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,CAAA,EAAG,KAAK,iBAAiB,CAAA,4CAAA,CAAA;AAAA,MACzB,CAAA,EAAG,KAAK,iBAAiB,CAAA,gDAAA;AAAA,KAC3B;AACA,IAAA,OAAO;AAAA,MACL,YAAA,EAAc,OAAA,CAAQ,IAAA,CAAK,IAAI;AAAA,KACjC;AAAA,EACF;AACF","file":"index.js","sourcesContent":["import type { IUserProvider, ICredentialsProvider, CredentialsResult } from '@mastra/core/auth';\nimport type { EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProviderOptions } from '@mastra/core/server';\nimport { MastraAuthProvider } from '@mastra/core/server';\n\nimport type { Auth, Session, User } from 'better-auth';\nimport type { HonoRequest } from 'hono';\n\n/**\n * User type returned by Better Auth session verification.\n * Used internally for authentication token verification.\n */\nexport interface BetterAuthUser {\n session: Session;\n user: User;\n}\n\n/**\n * Maps Better Auth User to EE User format.\n */\nfunction mapBetterAuthUserToEEUser(user: User): EEUser {\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.image ?? undefined,\n metadata: {\n emailVerified: user.emailVerified,\n createdAt: user.createdAt,\n updatedAt: user.updatedAt,\n },\n };\n}\n\ninterface MastraAuthBetterAuthOptions extends MastraAuthProviderOptions<BetterAuthUser> {\n /**\n * The Better Auth instance to use for authentication.\n * This should be the result of calling `betterAuth({ ... })`.\n */\n auth: Auth;\n\n /**\n * Whether to allow new user registration via sign-up.\n * Set to false to disable public registration.\n * @default true\n */\n signUpEnabled?: boolean;\n}\n\n/**\n * Mastra authentication provider for Better Auth.\n *\n * Better Auth is a self-hosted, open-source authentication framework\n * that gives you full control over your authentication system.\n *\n * @example\n * ```typescript\n * import { betterAuth } from 'better-auth';\n * import { MastraAuthBetterAuth } from '@mastra/auth-better-auth';\n *\n * // Create your Better Auth instance\n * const auth = betterAuth({\n * database: {\n * provider: 'postgresql',\n * url: process.env.DATABASE_URL!,\n * },\n * emailAndPassword: {\n * enabled: true,\n * },\n * });\n *\n * // Create the Mastra auth provider\n * const mastraAuth = new MastraAuthBetterAuth({\n * auth,\n * });\n *\n * // Use with Mastra\n * const mastra = new Mastra({\n * server: {\n * auth: mastraAuth,\n * },\n * });\n * ```\n *\n * @see https://better-auth.com for Better Auth documentation\n */\nexport class MastraAuthBetterAuth\n extends MastraAuthProvider<BetterAuthUser>\n implements IUserProvider<EEUser>, ICredentialsProvider<EEUser>\n{\n protected auth: Auth;\n protected signUpEnabledConfig: boolean;\n public sessionCookieName: string;\n\n constructor(options: MastraAuthBetterAuthOptions) {\n super({ name: options?.name ?? 'better-auth' });\n\n if (!options.auth) {\n throw new Error(\n 'Better Auth instance is required. Please provide the auth option with your Better Auth instance created via betterAuth({ ... })',\n );\n }\n\n this.auth = options.auth;\n this.signUpEnabledConfig = options.signUpEnabled ?? true;\n\n // Derive the session cookie name from Better Auth's cookiePrefix option\n const authWithOptions = this.auth as unknown as { options?: { advanced?: { cookiePrefix?: string } } };\n const prefix = authWithOptions.options?.advanced?.cookiePrefix ?? 'better-auth';\n this.sessionCookieName = `${prefix}.session_token`;\n\n this.registerOptions(options);\n }\n\n /**\n * Check if sign-up is enabled.\n * Implements ICredentialsProvider.isSignUpEnabled.\n */\n isSignUpEnabled(): boolean {\n return this.signUpEnabledConfig;\n }\n\n // ============================================\n // IUserProvider implementation (EE capability)\n // License check happens in buildCapabilities()\n // ============================================\n\n /**\n * Get current user from request.\n * Implements IUserProvider for EE user awareness in Studio.\n *\n * @param request - Incoming HTTP request\n * @returns EE User object or null if not authenticated\n */\n async getCurrentUser(request: Request): Promise<EEUser | null> {\n try {\n const result = await this.auth.api.getSession({\n headers: request.headers,\n });\n\n if (!result?.user) return null;\n return mapBetterAuthUserToEEUser(result.user);\n } catch {\n return null;\n }\n }\n\n /**\n * Get user by ID.\n * Implements IUserProvider for EE user awareness.\n *\n * Note: Better Auth doesn't expose a direct getUser API.\n * For full functionality, you may need to implement this using\n * direct database access in a subclass.\n *\n * @param userId - User identifier\n * @returns EE User object or null if not found\n */\n async getUser(_userId: string): Promise<EEUser | null> {\n // Better Auth doesn't have a direct getUser API\n // Users can override this method with their own implementation\n // that queries the database directly\n console.warn(\n '[MastraAuthBetterAuth] getUser() requires direct database access. ' +\n 'Override this method in a subclass for full user lookup support.',\n );\n return null;\n }\n\n /**\n * Get URL to user's profile page.\n * Optional IUserProvider method.\n */\n getUserProfileUrl(user: EEUser): string {\n return `/profile/${user.id}`;\n }\n\n /**\n * Authenticate a bearer token by verifying the session with Better Auth.\n *\n * This method extracts the session from the request headers using\n * Better Auth's `api.getSession()` endpoint.\n *\n * @param token - The bearer token (session token) to authenticate\n * @param request - The Hono request object containing headers\n * @returns The authenticated user and session, or null if authentication fails\n */\n async authenticateToken(token: string, request: HonoRequest): Promise<BetterAuthUser | null> {\n try {\n // Better Auth's api.getSession() reads session tokens from the Cookie header\n const headers = new Headers();\n\n // The auth middleware may pass a raw Request (c.req.raw) instead of HonoRequest,\n // so unwrap via 'raw' property detection and use the standard Web API.\n const rawRequest: Request = 'raw' in request ? (request as any).raw : (request as unknown as Request);\n\n const cookieHeader = rawRequest.headers.get('Cookie');\n if (cookieHeader) {\n headers.set('Cookie', cookieHeader);\n }\n\n // Convert Bearer token to a session cookie if not already present.\n // better-auth ignores the Authorization header — it only reads from Cookie.\n const hasSessionCookie = !!cookieHeader?.split(';').some(pair => {\n const [key] = pair.trim().split('=');\n return key?.trim() === this.sessionCookieName;\n });\n if (token && !hasSessionCookie) {\n const existingCookies = cookieHeader ? `${cookieHeader}; ` : '';\n headers.set('Cookie', `${existingCookies}${this.sessionCookieName}=${token}`);\n }\n\n const result = await this.auth.api.getSession({\n headers,\n });\n\n if (!result || !result.session || !result.user) {\n return null;\n }\n\n return {\n session: result.session,\n user: result.user,\n };\n } catch {\n return null;\n }\n }\n\n /**\n * Authorize a user for access.\n *\n * By default, any authenticated user with a valid session is authorized.\n * You can override this behavior by providing a custom `authorizeUser` function\n * in the constructor options.\n *\n * @param user - The authenticated user and session\n * @returns True if the user is authorized, false otherwise\n */\n async authorizeUser(user: BetterAuthUser): Promise<boolean> {\n // By default, any authenticated user with a valid session is authorized\n return !!user?.session?.id && !!user?.user?.id;\n }\n\n // ============================================\n // ICredentialsProvider implementation (EE capability)\n // License check happens in buildCapabilities()\n // ============================================\n\n /**\n * Sign in with email and password.\n * Implements ICredentialsProvider for EE credentials auth.\n *\n * @param email - User email\n * @param password - User password\n * @param request - Incoming HTTP request\n * @returns Result with user and session cookies\n * @throws Error if credentials are invalid\n */\n async signIn(email: string, password: string, request: Request): Promise<CredentialsResult<EEUser>> {\n const headers = request?.headers ?? new Headers();\n\n // Use asResponse: true to get the full response with Set-Cookie headers\n const response = await this.auth.api.signInEmail({\n body: { email, password },\n headers,\n asResponse: true,\n });\n\n if (!response.ok) {\n const errorData = (await response.json().catch(() => ({}))) as { message?: string };\n throw new Error(errorData.message || 'Invalid email or password');\n }\n\n const result = (await response.json()) as { user?: User; token?: string | null };\n\n if (!result?.user) {\n throw new Error('Invalid email or password');\n }\n\n // Extract Set-Cookie headers from Better Auth response\n const cookies: string[] = [];\n const setCookieHeader = response.headers.get('set-cookie');\n if (setCookieHeader) {\n // Split multiple cookies (they may be comma-separated or in multiple headers)\n cookies.push(...setCookieHeader.split(/,(?=\\s*\\w+=)/));\n }\n\n return {\n user: mapBetterAuthUserToEEUser(result.user),\n token: result.token ?? undefined,\n cookies,\n };\n }\n\n /**\n * Sign up with email and password.\n * Implements ICredentialsProvider for EE credentials auth.\n *\n * @param email - User email\n * @param password - User password\n * @param name - Optional display name\n * @param request - Incoming HTTP request\n * @returns Result with new user and session cookies\n * @throws Error if sign up fails\n */\n async signUp(\n email: string,\n password: string,\n name: string | undefined,\n request: Request,\n ): Promise<CredentialsResult<EEUser>> {\n const displayName = name ?? email.split('@')[0] ?? 'User';\n const headers = request?.headers ?? new Headers();\n\n // Use asResponse: true to get the full response with Set-Cookie headers\n const response = await this.auth.api.signUpEmail({\n body: { email, password, name: displayName },\n headers,\n asResponse: true,\n });\n\n if (!response.ok) {\n const errorData = (await response.json().catch(() => ({}))) as { message?: string };\n throw new Error(errorData.message || 'Failed to create account');\n }\n\n const result = (await response.json()) as { user?: User; token?: string | null };\n\n if (!result?.user) {\n throw new Error('Failed to create account');\n }\n\n // Extract Set-Cookie headers from Better Auth response\n const cookies: string[] = [];\n const setCookieHeader = response.headers.get('set-cookie');\n if (setCookieHeader) {\n // Split multiple cookies (they may be comma-separated or in multiple headers)\n cookies.push(...setCookieHeader.split(/,(?=\\s*\\w+=)/));\n }\n\n return {\n user: mapBetterAuthUserToEEUser(result.user),\n token: result.token ?? undefined,\n cookies,\n };\n }\n\n /**\n * Get the underlying Better Auth instance.\n * Useful for accessing Better Auth APIs directly.\n */\n getAuth(): Auth {\n return this.auth;\n }\n\n /**\n * Get headers to clear the session cookies on logout.\n * Partial ISessionProvider implementation for logout support.\n *\n * Clears Better Auth's default session cookies.\n */\n getClearSessionHeaders(): Record<string, string> {\n // Clear both the session token and its signature cookie\n const cookies = [\n `${this.sessionCookieName}=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`,\n `${this.sessionCookieName}_sig=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0`,\n ];\n return {\n 'Set-Cookie': cookies.join(', '),\n };\n }\n}\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@mastra/auth-better-auth",
3
- "version": "1.0.1",
3
+ "version": "1.0.2",
4
4
  "description": "Mastra Better Auth integration - self-hosted authentication",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",
@@ -22,18 +22,21 @@
22
22
  "dependencies": {
23
23
  "better-auth": "^1.4.18"
24
24
  },
25
+ "peerDependencies": {
26
+ "@mastra/core": ">=1.0.0-0 <2.0.0-0"
27
+ },
25
28
  "devDependencies": {
26
29
  "@types/node": "22.19.7",
27
- "hono": "^4.11.3",
28
- "@vitest/coverage-v8": "4.0.12",
29
- "@vitest/ui": "4.0.12",
30
+ "hono": "^4.11.9",
31
+ "@vitest/coverage-v8": "4.0.18",
32
+ "@vitest/ui": "4.0.18",
30
33
  "eslint": "^9.37.0",
31
34
  "tsup": "^8.5.1",
32
35
  "typescript": "^5.9.3",
33
- "vitest": "4.0.16",
34
- "@internal/types-builder": "0.0.34",
35
- "@internal/lint": "0.0.59",
36
- "@mastra/core": "1.4.0"
36
+ "vitest": "4.0.18",
37
+ "@internal/types-builder": "0.0.39",
38
+ "@internal/lint": "0.0.64",
39
+ "@mastra/core": "1.9.0"
37
40
  },
38
41
  "files": [
39
42
  "dist",