@meistrari/auth-core 1.1.1 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/index.d.mts +779 -210
  2. package/dist/index.d.ts +779 -210
  3. package/dist/index.mjs +85 -35
  4. package/package.json +30 -29
package/dist/index.d.ts CHANGED
@@ -1,42 +1,199 @@
1
+ import * as better_auth_client from 'better-auth/client';
2
+ import { BetterFetchOption } from 'better-auth/client';
3
+ export { BetterFetchError as APIError } from 'better-auth/client';
1
4
  import * as better_auth from 'better-auth';
5
+ import { JWTPayload } from 'better-auth';
2
6
  import * as better_auth_plugins from 'better-auth/plugins';
3
7
  import * as jose from 'jose';
4
8
  import * as _better_auth_sso from '@better-auth/sso';
5
- import * as _better_fetch_fetch from '@better-fetch/fetch';
9
+ import * as better_call from 'better-call';
6
10
  import * as nanostores from 'nanostores';
11
+ import * as _better_fetch_fetch from '@better-fetch/fetch';
7
12
  import * as better_auth_client_plugins from 'better-auth/client/plugins';
8
- import * as better_auth_client from 'better-auth/client';
9
- import { BetterFetchError } from 'better-auth/client';
10
- export { BetterFetchError as APIError } from 'better-auth/client';
11
13
 
12
- declare class BaseError extends Error {
13
- code: string;
14
- constructor(code: string, message: string, options?: ErrorOptions);
15
- }
16
-
17
- /**
18
- * Error thrown when an invalid social provider is specified.
19
- */
20
- declare class InvalidSocialProvider extends BaseError {
21
- constructor(message: string);
22
- }
14
+ declare const ac: {
15
+ newRole<K extends "member" | "access" | "organization" | "invitation" | "team" | "ac">(statements: better_auth_client.Subset<K, {
16
+ access: string[];
17
+ organization: readonly ["update", "delete"];
18
+ member: readonly ["create", "update", "delete"];
19
+ invitation: readonly ["create", "cancel"];
20
+ team: readonly ["create", "update", "delete"];
21
+ ac: readonly ["create", "read", "update", "delete"];
22
+ }>): {
23
+ authorize<K_1 extends K>(request: K_1 extends infer T extends K_2 ? { [key in T]?: better_auth_client.Subset<K, {
24
+ access: string[];
25
+ organization: readonly ["update", "delete"];
26
+ member: readonly ["create", "update", "delete"];
27
+ invitation: readonly ["create", "cancel"];
28
+ team: readonly ["create", "update", "delete"];
29
+ ac: readonly ["create", "read", "update", "delete"];
30
+ }>[key] | {
31
+ actions: better_auth_client.Subset<K, {
32
+ access: string[];
33
+ organization: readonly ["update", "delete"];
34
+ member: readonly ["create", "update", "delete"];
35
+ invitation: readonly ["create", "cancel"];
36
+ team: readonly ["create", "update", "delete"];
37
+ ac: readonly ["create", "read", "update", "delete"];
38
+ }>[key];
39
+ connector: "OR" | "AND";
40
+ } | undefined; } : never, connector?: "OR" | "AND"): better_auth_client.AuthorizeResponse;
41
+ statements: better_auth_client.Subset<K, {
42
+ access: string[];
43
+ organization: readonly ["update", "delete"];
44
+ member: readonly ["create", "update", "delete"];
45
+ invitation: readonly ["create", "cancel"];
46
+ team: readonly ["create", "update", "delete"];
47
+ ac: readonly ["create", "read", "update", "delete"];
48
+ }>;
49
+ };
50
+ statements: {
51
+ access: string[];
52
+ organization: readonly ["update", "delete"];
53
+ member: readonly ["create", "update", "delete"];
54
+ invitation: readonly ["create", "cancel"];
55
+ team: readonly ["create", "update", "delete"];
56
+ ac: readonly ["create", "read", "update", "delete"];
57
+ };
58
+ };
23
59
  /**
24
- * Error thrown when an invalid callback URL is provided.
60
+ * Predefined organization roles.
25
61
  *
26
- * This error occurs when the callback URL or error callback URL
27
- * is malformed or not a valid URL.
62
+ * @example
63
+ * ```typescript
64
+ * import { Roles } from '@meistrari/auth-core'
65
+ *
66
+ * // Invite user with specific role
67
+ * await authClient.organization.inviteUserToOrganization({
68
+ * userEmail: 'user@example.com',
69
+ * role: Roles.ORG_ADMIN
70
+ * })
71
+ * ```
28
72
  */
29
- declare class InvalidCallbackURL extends BaseError {
30
- constructor(message: string);
31
- }
73
+ declare const Roles: {
74
+ readonly ORG_ADMIN: "org:admin";
75
+ readonly ORG_MEMBER: "org:member";
76
+ readonly ORG_REVIEWER: "org:reviewer";
77
+ };
32
78
  /**
33
- * Error thrown when an email is required but not provided.
79
+ * Type representing a valid organization role.
34
80
  */
35
- declare class EmailRequired extends BaseError {
36
- constructor(message: string);
37
- }
81
+ type Role = typeof Roles[keyof typeof Roles];
82
+ declare const rolesAccessControl: {
83
+ "org:admin": {
84
+ authorize<K_1 extends "member" | "access" | "organization" | "invitation" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_client.Subset<"member" | "access" | "organization" | "invitation" | "team", {
85
+ access: string[];
86
+ organization: readonly ["update", "delete"];
87
+ member: readonly ["create", "update", "delete"];
88
+ invitation: readonly ["create", "cancel"];
89
+ team: readonly ["create", "update", "delete"];
90
+ ac: readonly ["create", "read", "update", "delete"];
91
+ }>[key] | {
92
+ actions: better_auth_client.Subset<"member" | "access" | "organization" | "invitation" | "team", {
93
+ access: string[];
94
+ organization: readonly ["update", "delete"];
95
+ member: readonly ["create", "update", "delete"];
96
+ invitation: readonly ["create", "cancel"];
97
+ team: readonly ["create", "update", "delete"];
98
+ ac: readonly ["create", "read", "update", "delete"];
99
+ }>[key];
100
+ connector: "OR" | "AND";
101
+ } | undefined; } : never, connector?: "OR" | "AND"): better_auth_client.AuthorizeResponse;
102
+ statements: better_auth_client.Subset<"member" | "access" | "organization" | "invitation" | "team", {
103
+ access: string[];
104
+ organization: readonly ["update", "delete"];
105
+ member: readonly ["create", "update", "delete"];
106
+ invitation: readonly ["create", "cancel"];
107
+ team: readonly ["create", "update", "delete"];
108
+ ac: readonly ["create", "read", "update", "delete"];
109
+ }>;
110
+ };
111
+ "org:member": {
112
+ authorize<K_1 extends "access">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_client.Subset<"access", {
113
+ access: string[];
114
+ organization: readonly ["update", "delete"];
115
+ member: readonly ["create", "update", "delete"];
116
+ invitation: readonly ["create", "cancel"];
117
+ team: readonly ["create", "update", "delete"];
118
+ ac: readonly ["create", "read", "update", "delete"];
119
+ }>[key] | {
120
+ actions: better_auth_client.Subset<"access", {
121
+ access: string[];
122
+ organization: readonly ["update", "delete"];
123
+ member: readonly ["create", "update", "delete"];
124
+ invitation: readonly ["create", "cancel"];
125
+ team: readonly ["create", "update", "delete"];
126
+ ac: readonly ["create", "read", "update", "delete"];
127
+ }>[key];
128
+ connector: "OR" | "AND";
129
+ } | undefined; } : never, connector?: "OR" | "AND"): better_auth_client.AuthorizeResponse;
130
+ statements: better_auth_client.Subset<"access", {
131
+ access: string[];
132
+ organization: readonly ["update", "delete"];
133
+ member: readonly ["create", "update", "delete"];
134
+ invitation: readonly ["create", "cancel"];
135
+ team: readonly ["create", "update", "delete"];
136
+ ac: readonly ["create", "read", "update", "delete"];
137
+ }>;
138
+ };
139
+ "org:reviewer": {
140
+ authorize<K_1 extends "access">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_client.Subset<"access", {
141
+ access: string[];
142
+ organization: readonly ["update", "delete"];
143
+ member: readonly ["create", "update", "delete"];
144
+ invitation: readonly ["create", "cancel"];
145
+ team: readonly ["create", "update", "delete"];
146
+ ac: readonly ["create", "read", "update", "delete"];
147
+ }>[key] | {
148
+ actions: better_auth_client.Subset<"access", {
149
+ access: string[];
150
+ organization: readonly ["update", "delete"];
151
+ member: readonly ["create", "update", "delete"];
152
+ invitation: readonly ["create", "cancel"];
153
+ team: readonly ["create", "update", "delete"];
154
+ ac: readonly ["create", "read", "update", "delete"];
155
+ }>[key];
156
+ connector: "OR" | "AND";
157
+ } | undefined; } : never, connector?: "OR" | "AND"): better_auth_client.AuthorizeResponse;
158
+ statements: better_auth_client.Subset<"access", {
159
+ access: string[];
160
+ organization: readonly ["update", "delete"];
161
+ member: readonly ["create", "update", "delete"];
162
+ invitation: readonly ["create", "cancel"];
163
+ team: readonly ["create", "update", "delete"];
164
+ ac: readonly ["create", "read", "update", "delete"];
165
+ }>;
166
+ };
167
+ };
168
+ declare const userAdditionalFields: {
169
+ lastActiveAt: {
170
+ type: "date";
171
+ required: false;
172
+ defaultValue: null;
173
+ };
174
+ };
175
+ declare const organizationAdditionalFields: {
176
+ settings: {
177
+ type: "json";
178
+ input: true;
179
+ required: false;
180
+ };
181
+ };
182
+ type JWTTokenPayload = JWTPayload & {
183
+ email: string;
184
+ user: {
185
+ id: string;
186
+ name: string;
187
+ image: string | null | undefined;
188
+ role: string | null;
189
+ };
190
+ workspace: {
191
+ id: string;
192
+ title: string;
193
+ };
194
+ };
38
195
 
39
- declare function createAPIClient(apiUrl: string, headers?: Record<string, string>): {
196
+ declare function createAPIClient(apiUrl: string, fetchOptions?: BetterFetchOption): {
40
197
  useActiveOrganization: nanostores.PreinitializedWritableAtom<{
41
198
  data: better_auth_client_plugins.Prettify<{
42
199
  id: string;
@@ -72,7 +229,7 @@ declare function createAPIClient(apiUrl: string, headers?: Record<string, string
72
229
  teamId?: string | undefined | undefined;
73
230
  }[];
74
231
  }> | null;
75
- error: null | BetterFetchError;
232
+ error: null | _better_fetch_fetch.BetterFetchError;
76
233
  isPending: boolean;
77
234
  isRefetching: boolean;
78
235
  refetch: (queryParams?: {
@@ -88,7 +245,7 @@ declare function createAPIClient(apiUrl: string, headers?: Record<string, string
88
245
  logo?: string | null | undefined | undefined;
89
246
  metadata?: any;
90
247
  }[] | null;
91
- error: null | BetterFetchError;
248
+ error: null | _better_fetch_fetch.BetterFetchError;
92
249
  isPending: boolean;
93
250
  isRefetching: boolean;
94
251
  refetch: (queryParams?: {
@@ -103,7 +260,7 @@ declare function createAPIClient(apiUrl: string, headers?: Record<string, string
103
260
  role: string;
104
261
  createdAt: Date;
105
262
  } | null;
106
- error: null | BetterFetchError;
263
+ error: null | _better_fetch_fetch.BetterFetchError;
107
264
  isPending: boolean;
108
265
  isRefetching: boolean;
109
266
  refetch: (queryParams?: {
@@ -114,7 +271,7 @@ declare function createAPIClient(apiUrl: string, headers?: Record<string, string
114
271
  data: {
115
272
  role: string;
116
273
  } | null;
117
- error: null | BetterFetchError;
274
+ error: null | _better_fetch_fetch.BetterFetchError;
118
275
  isPending: boolean;
119
276
  isRefetching: boolean;
120
277
  refetch: (queryParams?: {
@@ -144,6 +301,43 @@ declare function createAPIClient(apiUrl: string, headers?: Record<string, string
144
301
  };
145
302
  };
146
303
  };
304
+ } & {
305
+ handshake: <FetchOptions extends better_auth.ClientFetchOption<never, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0?: better_auth_client_plugins.Prettify<{
306
+ query?: Record<string, any> | undefined;
307
+ fetchOptions?: FetchOptions | undefined;
308
+ }> | undefined, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
309
+ status: ("OK" | "CREATED" | "ACCEPTED" | "NO_CONTENT" | "MULTIPLE_CHOICES" | "MOVED_PERMANENTLY" | "FOUND" | "SEE_OTHER" | "NOT_MODIFIED" | "TEMPORARY_REDIRECT" | "BAD_REQUEST" | "UNAUTHORIZED" | "PAYMENT_REQUIRED" | "FORBIDDEN" | "NOT_FOUND" | "METHOD_NOT_ALLOWED" | "NOT_ACCEPTABLE" | "PROXY_AUTHENTICATION_REQUIRED" | "REQUEST_TIMEOUT" | "CONFLICT" | "GONE" | "LENGTH_REQUIRED" | "PRECONDITION_FAILED" | "PAYLOAD_TOO_LARGE" | "URI_TOO_LONG" | "UNSUPPORTED_MEDIA_TYPE" | "RANGE_NOT_SATISFIABLE" | "EXPECTATION_FAILED" | "I'M_A_TEAPOT" | "MISDIRECTED_REQUEST" | "UNPROCESSABLE_ENTITY" | "LOCKED" | "FAILED_DEPENDENCY" | "TOO_EARLY" | "UPGRADE_REQUIRED" | "PRECONDITION_REQUIRED" | "TOO_MANY_REQUESTS" | "REQUEST_HEADER_FIELDS_TOO_LARGE" | "UNAVAILABLE_FOR_LEGAL_REASONS" | "INTERNAL_SERVER_ERROR" | "NOT_IMPLEMENTED" | "BAD_GATEWAY" | "SERVICE_UNAVAILABLE" | "GATEWAY_TIMEOUT" | "HTTP_VERSION_NOT_SUPPORTED" | "VARIANT_ALSO_NEGOTIATES" | "INSUFFICIENT_STORAGE" | "LOOP_DETECTED" | "NOT_EXTENDED" | "NETWORK_AUTHENTICATION_REQUIRED") | better_call.Status;
310
+ body: ({
311
+ message?: string;
312
+ code?: string;
313
+ cause?: unknown;
314
+ } & Record<string, any>) | undefined;
315
+ headers: HeadersInit;
316
+ statusCode: number;
317
+ name: string;
318
+ message: string;
319
+ stack?: string;
320
+ cause?: unknown;
321
+ }, {
322
+ code?: string | undefined;
323
+ message?: string | undefined;
324
+ }, FetchOptions["throw"] extends true ? true : true>>;
325
+ } & {
326
+ handshake: {
327
+ noncePayload: <FetchOptions extends better_auth.ClientFetchOption<never, Partial<{
328
+ nonce: string;
329
+ }> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth_client_plugins.Prettify<{
330
+ query: {
331
+ nonce: string;
332
+ };
333
+ fetchOptions?: FetchOptions | undefined;
334
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
335
+ token: string;
336
+ }, {
337
+ code?: string | undefined;
338
+ message?: string | undefined;
339
+ }, FetchOptions["throw"] extends true ? true : true>>;
340
+ };
147
341
  } & {
148
342
  organization: {
149
343
  create: <FetchOptions extends better_auth.ClientFetchOption<Partial<{
@@ -1395,6 +1589,208 @@ declare function createAPIClient(apiUrl: string, headers?: Record<string, string
1395
1589
  code?: string | undefined;
1396
1590
  message?: string | undefined;
1397
1591
  }, FetchOptions["throw"] extends true ? true : true>>;
1592
+ } & {
1593
+ apiKey: {
1594
+ create: <FetchOptions extends better_auth.ClientFetchOption<Partial<{
1595
+ name?: string | undefined;
1596
+ expiresIn?: number | null | undefined;
1597
+ userId?: unknown;
1598
+ prefix?: string | undefined;
1599
+ remaining?: number | null | undefined;
1600
+ metadata?: any;
1601
+ refillAmount?: number | undefined;
1602
+ refillInterval?: number | undefined;
1603
+ rateLimitTimeWindow?: number | undefined;
1604
+ rateLimitMax?: number | undefined;
1605
+ rateLimitEnabled?: boolean | undefined;
1606
+ permissions?: Record<string, string[]> | undefined;
1607
+ }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0?: better_auth_client_plugins.Prettify<{
1608
+ name?: string | undefined;
1609
+ expiresIn?: number | null | undefined;
1610
+ userId?: unknown;
1611
+ prefix?: string | undefined;
1612
+ remaining?: number | null | undefined;
1613
+ metadata?: any;
1614
+ refillAmount?: number | undefined;
1615
+ refillInterval?: number | undefined;
1616
+ rateLimitTimeWindow?: number | undefined;
1617
+ rateLimitMax?: number | undefined;
1618
+ rateLimitEnabled?: boolean | undefined;
1619
+ permissions?: Record<string, string[]> | undefined;
1620
+ } & {
1621
+ fetchOptions?: FetchOptions | undefined;
1622
+ }> | undefined, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
1623
+ key: string;
1624
+ metadata: any;
1625
+ permissions: any;
1626
+ id: string;
1627
+ name: string | null;
1628
+ start: string | null;
1629
+ prefix: string | null;
1630
+ userId: string;
1631
+ refillInterval: number | null;
1632
+ refillAmount: number | null;
1633
+ lastRefillAt: Date | null;
1634
+ enabled: boolean;
1635
+ rateLimitEnabled: boolean;
1636
+ rateLimitTimeWindow: number | null;
1637
+ rateLimitMax: number | null;
1638
+ requestCount: number;
1639
+ remaining: number | null;
1640
+ lastRequest: Date | null;
1641
+ expiresAt: Date | null;
1642
+ createdAt: Date;
1643
+ updatedAt: Date;
1644
+ }, {
1645
+ code?: string | undefined;
1646
+ message?: string | undefined;
1647
+ }, FetchOptions["throw"] extends true ? true : true>>;
1648
+ };
1649
+ } & {
1650
+ apiKey: {
1651
+ get: <FetchOptions extends better_auth.ClientFetchOption<never, Partial<{
1652
+ id: string;
1653
+ }> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth_client_plugins.Prettify<{
1654
+ query: {
1655
+ id: string;
1656
+ };
1657
+ fetchOptions?: FetchOptions | undefined;
1658
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
1659
+ permissions: {
1660
+ [key: string]: string[];
1661
+ } | null;
1662
+ id: string;
1663
+ name: string | null;
1664
+ start: string | null;
1665
+ prefix: string | null;
1666
+ userId: string;
1667
+ refillInterval: number | null;
1668
+ refillAmount: number | null;
1669
+ lastRefillAt: Date | null;
1670
+ enabled: boolean;
1671
+ rateLimitEnabled: boolean;
1672
+ rateLimitTimeWindow: number | null;
1673
+ rateLimitMax: number | null;
1674
+ requestCount: number;
1675
+ remaining: number | null;
1676
+ lastRequest: Date | null;
1677
+ expiresAt: Date | null;
1678
+ createdAt: Date;
1679
+ updatedAt: Date;
1680
+ metadata: Record<string, any> | null;
1681
+ }, {
1682
+ code?: string | undefined;
1683
+ message?: string | undefined;
1684
+ }, FetchOptions["throw"] extends true ? true : true>>;
1685
+ };
1686
+ } & {
1687
+ apiKey: {
1688
+ update: <FetchOptions extends better_auth.ClientFetchOption<Partial<{
1689
+ keyId: string;
1690
+ userId?: unknown;
1691
+ name?: string | undefined;
1692
+ enabled?: boolean | undefined;
1693
+ remaining?: number | undefined;
1694
+ refillAmount?: number | undefined;
1695
+ refillInterval?: number | undefined;
1696
+ metadata?: any;
1697
+ expiresIn?: number | null | undefined;
1698
+ rateLimitEnabled?: boolean | undefined;
1699
+ rateLimitTimeWindow?: number | undefined;
1700
+ rateLimitMax?: number | undefined;
1701
+ permissions?: Record<string, string[]> | null | undefined;
1702
+ }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth_client_plugins.Prettify<{
1703
+ keyId: string;
1704
+ userId?: unknown;
1705
+ name?: string | undefined;
1706
+ enabled?: boolean | undefined;
1707
+ remaining?: number | undefined;
1708
+ refillAmount?: number | undefined;
1709
+ refillInterval?: number | undefined;
1710
+ metadata?: any;
1711
+ expiresIn?: number | null | undefined;
1712
+ rateLimitEnabled?: boolean | undefined;
1713
+ rateLimitTimeWindow?: number | undefined;
1714
+ rateLimitMax?: number | undefined;
1715
+ permissions?: Record<string, string[]> | null | undefined;
1716
+ } & {
1717
+ fetchOptions?: FetchOptions | undefined;
1718
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
1719
+ permissions: {
1720
+ [key: string]: string[];
1721
+ } | null;
1722
+ id: string;
1723
+ name: string | null;
1724
+ start: string | null;
1725
+ prefix: string | null;
1726
+ userId: string;
1727
+ refillInterval: number | null;
1728
+ refillAmount: number | null;
1729
+ lastRefillAt: Date | null;
1730
+ enabled: boolean;
1731
+ rateLimitEnabled: boolean;
1732
+ rateLimitTimeWindow: number | null;
1733
+ rateLimitMax: number | null;
1734
+ requestCount: number;
1735
+ remaining: number | null;
1736
+ lastRequest: Date | null;
1737
+ expiresAt: Date | null;
1738
+ createdAt: Date;
1739
+ updatedAt: Date;
1740
+ metadata: Record<string, any> | null;
1741
+ }, {
1742
+ code?: string | undefined;
1743
+ message?: string | undefined;
1744
+ }, FetchOptions["throw"] extends true ? true : true>>;
1745
+ };
1746
+ } & {
1747
+ apiKey: {
1748
+ delete: <FetchOptions extends better_auth.ClientFetchOption<Partial<{
1749
+ keyId: string;
1750
+ }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth_client_plugins.Prettify<{
1751
+ keyId: string;
1752
+ } & {
1753
+ fetchOptions?: FetchOptions | undefined;
1754
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
1755
+ success: boolean;
1756
+ }, {
1757
+ code?: string | undefined;
1758
+ message?: string | undefined;
1759
+ }, FetchOptions["throw"] extends true ? true : true>>;
1760
+ };
1761
+ } & {
1762
+ apiKey: {
1763
+ list: <FetchOptions extends better_auth.ClientFetchOption<never, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0?: better_auth_client_plugins.Prettify<{
1764
+ query?: Record<string, any> | undefined;
1765
+ fetchOptions?: FetchOptions | undefined;
1766
+ }> | undefined, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
1767
+ permissions: {
1768
+ [key: string]: string[];
1769
+ } | null;
1770
+ id: string;
1771
+ name: string | null;
1772
+ start: string | null;
1773
+ prefix: string | null;
1774
+ userId: string;
1775
+ refillInterval: number | null;
1776
+ refillAmount: number | null;
1777
+ lastRefillAt: Date | null;
1778
+ enabled: boolean;
1779
+ rateLimitEnabled: boolean;
1780
+ rateLimitTimeWindow: number | null;
1781
+ rateLimitMax: number | null;
1782
+ requestCount: number;
1783
+ remaining: number | null;
1784
+ lastRequest: Date | null;
1785
+ expiresAt: Date | null;
1786
+ createdAt: Date;
1787
+ updatedAt: Date;
1788
+ metadata: Record<string, any> | null;
1789
+ }[], {
1790
+ code?: string | undefined;
1791
+ message?: string | undefined;
1792
+ }, FetchOptions["throw"] extends true ? true : true>>;
1793
+ };
1398
1794
  } & {
1399
1795
  admin: {
1400
1796
  setRole: <FetchOptions extends better_auth.ClientFetchOption<Partial<{
@@ -2429,7 +2825,7 @@ declare function createAPIClient(apiUrl: string, headers?: Record<string, string
2429
2825
  impersonatedBy?: string | null | undefined;
2430
2826
  };
2431
2827
  };
2432
- error: BetterFetchError | null;
2828
+ error: _better_fetch_fetch.BetterFetchError | null;
2433
2829
  isPending: boolean;
2434
2830
  }>;
2435
2831
  $fetch: _better_fetch_fetch.BetterFetch<{
@@ -2606,7 +3002,7 @@ declare const stub: {
2606
3002
  teamId?: string | undefined | undefined;
2607
3003
  }[];
2608
3004
  }> | null;
2609
- error: null | BetterFetchError;
3005
+ error: null | _better_fetch_fetch.BetterFetchError;
2610
3006
  isPending: boolean;
2611
3007
  isRefetching: boolean;
2612
3008
  refetch: (queryParams?: {
@@ -2622,7 +3018,7 @@ declare const stub: {
2622
3018
  logo?: string | null | undefined | undefined;
2623
3019
  metadata?: any;
2624
3020
  }[] | null;
2625
- error: null | BetterFetchError;
3021
+ error: null | _better_fetch_fetch.BetterFetchError;
2626
3022
  isPending: boolean;
2627
3023
  isRefetching: boolean;
2628
3024
  refetch: (queryParams?: {
@@ -2637,7 +3033,7 @@ declare const stub: {
2637
3033
  role: string;
2638
3034
  createdAt: Date;
2639
3035
  } | null;
2640
- error: null | BetterFetchError;
3036
+ error: null | _better_fetch_fetch.BetterFetchError;
2641
3037
  isPending: boolean;
2642
3038
  isRefetching: boolean;
2643
3039
  refetch: (queryParams?: {
@@ -2648,7 +3044,7 @@ declare const stub: {
2648
3044
  data: {
2649
3045
  role: string;
2650
3046
  } | null;
2651
- error: null | BetterFetchError;
3047
+ error: null | _better_fetch_fetch.BetterFetchError;
2652
3048
  isPending: boolean;
2653
3049
  isRefetching: boolean;
2654
3050
  refetch: (queryParams?: {
@@ -2678,6 +3074,43 @@ declare const stub: {
2678
3074
  };
2679
3075
  };
2680
3076
  };
3077
+ } & {
3078
+ handshake: <FetchOptions extends better_auth.ClientFetchOption<never, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0?: better_auth_client_plugins.Prettify<{
3079
+ query?: Record<string, any> | undefined;
3080
+ fetchOptions?: FetchOptions | undefined;
3081
+ }> | undefined, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
3082
+ status: ("OK" | "CREATED" | "ACCEPTED" | "NO_CONTENT" | "MULTIPLE_CHOICES" | "MOVED_PERMANENTLY" | "FOUND" | "SEE_OTHER" | "NOT_MODIFIED" | "TEMPORARY_REDIRECT" | "BAD_REQUEST" | "UNAUTHORIZED" | "PAYMENT_REQUIRED" | "FORBIDDEN" | "NOT_FOUND" | "METHOD_NOT_ALLOWED" | "NOT_ACCEPTABLE" | "PROXY_AUTHENTICATION_REQUIRED" | "REQUEST_TIMEOUT" | "CONFLICT" | "GONE" | "LENGTH_REQUIRED" | "PRECONDITION_FAILED" | "PAYLOAD_TOO_LARGE" | "URI_TOO_LONG" | "UNSUPPORTED_MEDIA_TYPE" | "RANGE_NOT_SATISFIABLE" | "EXPECTATION_FAILED" | "I'M_A_TEAPOT" | "MISDIRECTED_REQUEST" | "UNPROCESSABLE_ENTITY" | "LOCKED" | "FAILED_DEPENDENCY" | "TOO_EARLY" | "UPGRADE_REQUIRED" | "PRECONDITION_REQUIRED" | "TOO_MANY_REQUESTS" | "REQUEST_HEADER_FIELDS_TOO_LARGE" | "UNAVAILABLE_FOR_LEGAL_REASONS" | "INTERNAL_SERVER_ERROR" | "NOT_IMPLEMENTED" | "BAD_GATEWAY" | "SERVICE_UNAVAILABLE" | "GATEWAY_TIMEOUT" | "HTTP_VERSION_NOT_SUPPORTED" | "VARIANT_ALSO_NEGOTIATES" | "INSUFFICIENT_STORAGE" | "LOOP_DETECTED" | "NOT_EXTENDED" | "NETWORK_AUTHENTICATION_REQUIRED") | better_call.Status;
3083
+ body: ({
3084
+ message?: string;
3085
+ code?: string;
3086
+ cause?: unknown;
3087
+ } & Record<string, any>) | undefined;
3088
+ headers: HeadersInit;
3089
+ statusCode: number;
3090
+ name: string;
3091
+ message: string;
3092
+ stack?: string;
3093
+ cause?: unknown;
3094
+ }, {
3095
+ code?: string | undefined;
3096
+ message?: string | undefined;
3097
+ }, FetchOptions["throw"] extends true ? true : true>>;
3098
+ } & {
3099
+ handshake: {
3100
+ noncePayload: <FetchOptions extends better_auth.ClientFetchOption<never, Partial<{
3101
+ nonce: string;
3102
+ }> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth_client_plugins.Prettify<{
3103
+ query: {
3104
+ nonce: string;
3105
+ };
3106
+ fetchOptions?: FetchOptions | undefined;
3107
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
3108
+ token: string;
3109
+ }, {
3110
+ code?: string | undefined;
3111
+ message?: string | undefined;
3112
+ }, FetchOptions["throw"] extends true ? true : true>>;
3113
+ };
2681
3114
  } & {
2682
3115
  organization: {
2683
3116
  create: <FetchOptions extends better_auth.ClientFetchOption<Partial<{
@@ -3929,6 +4362,208 @@ declare const stub: {
3929
4362
  code?: string | undefined;
3930
4363
  message?: string | undefined;
3931
4364
  }, FetchOptions["throw"] extends true ? true : true>>;
4365
+ } & {
4366
+ apiKey: {
4367
+ create: <FetchOptions extends better_auth.ClientFetchOption<Partial<{
4368
+ name?: string | undefined;
4369
+ expiresIn?: number | null | undefined;
4370
+ userId?: unknown;
4371
+ prefix?: string | undefined;
4372
+ remaining?: number | null | undefined;
4373
+ metadata?: any;
4374
+ refillAmount?: number | undefined;
4375
+ refillInterval?: number | undefined;
4376
+ rateLimitTimeWindow?: number | undefined;
4377
+ rateLimitMax?: number | undefined;
4378
+ rateLimitEnabled?: boolean | undefined;
4379
+ permissions?: Record<string, string[]> | undefined;
4380
+ }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0?: better_auth_client_plugins.Prettify<{
4381
+ name?: string | undefined;
4382
+ expiresIn?: number | null | undefined;
4383
+ userId?: unknown;
4384
+ prefix?: string | undefined;
4385
+ remaining?: number | null | undefined;
4386
+ metadata?: any;
4387
+ refillAmount?: number | undefined;
4388
+ refillInterval?: number | undefined;
4389
+ rateLimitTimeWindow?: number | undefined;
4390
+ rateLimitMax?: number | undefined;
4391
+ rateLimitEnabled?: boolean | undefined;
4392
+ permissions?: Record<string, string[]> | undefined;
4393
+ } & {
4394
+ fetchOptions?: FetchOptions | undefined;
4395
+ }> | undefined, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
4396
+ key: string;
4397
+ metadata: any;
4398
+ permissions: any;
4399
+ id: string;
4400
+ name: string | null;
4401
+ start: string | null;
4402
+ prefix: string | null;
4403
+ userId: string;
4404
+ refillInterval: number | null;
4405
+ refillAmount: number | null;
4406
+ lastRefillAt: Date | null;
4407
+ enabled: boolean;
4408
+ rateLimitEnabled: boolean;
4409
+ rateLimitTimeWindow: number | null;
4410
+ rateLimitMax: number | null;
4411
+ requestCount: number;
4412
+ remaining: number | null;
4413
+ lastRequest: Date | null;
4414
+ expiresAt: Date | null;
4415
+ createdAt: Date;
4416
+ updatedAt: Date;
4417
+ }, {
4418
+ code?: string | undefined;
4419
+ message?: string | undefined;
4420
+ }, FetchOptions["throw"] extends true ? true : true>>;
4421
+ };
4422
+ } & {
4423
+ apiKey: {
4424
+ get: <FetchOptions extends better_auth.ClientFetchOption<never, Partial<{
4425
+ id: string;
4426
+ }> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth_client_plugins.Prettify<{
4427
+ query: {
4428
+ id: string;
4429
+ };
4430
+ fetchOptions?: FetchOptions | undefined;
4431
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
4432
+ permissions: {
4433
+ [key: string]: string[];
4434
+ } | null;
4435
+ id: string;
4436
+ name: string | null;
4437
+ start: string | null;
4438
+ prefix: string | null;
4439
+ userId: string;
4440
+ refillInterval: number | null;
4441
+ refillAmount: number | null;
4442
+ lastRefillAt: Date | null;
4443
+ enabled: boolean;
4444
+ rateLimitEnabled: boolean;
4445
+ rateLimitTimeWindow: number | null;
4446
+ rateLimitMax: number | null;
4447
+ requestCount: number;
4448
+ remaining: number | null;
4449
+ lastRequest: Date | null;
4450
+ expiresAt: Date | null;
4451
+ createdAt: Date;
4452
+ updatedAt: Date;
4453
+ metadata: Record<string, any> | null;
4454
+ }, {
4455
+ code?: string | undefined;
4456
+ message?: string | undefined;
4457
+ }, FetchOptions["throw"] extends true ? true : true>>;
4458
+ };
4459
+ } & {
4460
+ apiKey: {
4461
+ update: <FetchOptions extends better_auth.ClientFetchOption<Partial<{
4462
+ keyId: string;
4463
+ userId?: unknown;
4464
+ name?: string | undefined;
4465
+ enabled?: boolean | undefined;
4466
+ remaining?: number | undefined;
4467
+ refillAmount?: number | undefined;
4468
+ refillInterval?: number | undefined;
4469
+ metadata?: any;
4470
+ expiresIn?: number | null | undefined;
4471
+ rateLimitEnabled?: boolean | undefined;
4472
+ rateLimitTimeWindow?: number | undefined;
4473
+ rateLimitMax?: number | undefined;
4474
+ permissions?: Record<string, string[]> | null | undefined;
4475
+ }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth_client_plugins.Prettify<{
4476
+ keyId: string;
4477
+ userId?: unknown;
4478
+ name?: string | undefined;
4479
+ enabled?: boolean | undefined;
4480
+ remaining?: number | undefined;
4481
+ refillAmount?: number | undefined;
4482
+ refillInterval?: number | undefined;
4483
+ metadata?: any;
4484
+ expiresIn?: number | null | undefined;
4485
+ rateLimitEnabled?: boolean | undefined;
4486
+ rateLimitTimeWindow?: number | undefined;
4487
+ rateLimitMax?: number | undefined;
4488
+ permissions?: Record<string, string[]> | null | undefined;
4489
+ } & {
4490
+ fetchOptions?: FetchOptions | undefined;
4491
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
4492
+ permissions: {
4493
+ [key: string]: string[];
4494
+ } | null;
4495
+ id: string;
4496
+ name: string | null;
4497
+ start: string | null;
4498
+ prefix: string | null;
4499
+ userId: string;
4500
+ refillInterval: number | null;
4501
+ refillAmount: number | null;
4502
+ lastRefillAt: Date | null;
4503
+ enabled: boolean;
4504
+ rateLimitEnabled: boolean;
4505
+ rateLimitTimeWindow: number | null;
4506
+ rateLimitMax: number | null;
4507
+ requestCount: number;
4508
+ remaining: number | null;
4509
+ lastRequest: Date | null;
4510
+ expiresAt: Date | null;
4511
+ createdAt: Date;
4512
+ updatedAt: Date;
4513
+ metadata: Record<string, any> | null;
4514
+ }, {
4515
+ code?: string | undefined;
4516
+ message?: string | undefined;
4517
+ }, FetchOptions["throw"] extends true ? true : true>>;
4518
+ };
4519
+ } & {
4520
+ apiKey: {
4521
+ delete: <FetchOptions extends better_auth.ClientFetchOption<Partial<{
4522
+ keyId: string;
4523
+ }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth_client_plugins.Prettify<{
4524
+ keyId: string;
4525
+ } & {
4526
+ fetchOptions?: FetchOptions | undefined;
4527
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
4528
+ success: boolean;
4529
+ }, {
4530
+ code?: string | undefined;
4531
+ message?: string | undefined;
4532
+ }, FetchOptions["throw"] extends true ? true : true>>;
4533
+ };
4534
+ } & {
4535
+ apiKey: {
4536
+ list: <FetchOptions extends better_auth.ClientFetchOption<never, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0?: better_auth_client_plugins.Prettify<{
4537
+ query?: Record<string, any> | undefined;
4538
+ fetchOptions?: FetchOptions | undefined;
4539
+ }> | undefined, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch.BetterFetchResponse<{
4540
+ permissions: {
4541
+ [key: string]: string[];
4542
+ } | null;
4543
+ id: string;
4544
+ name: string | null;
4545
+ start: string | null;
4546
+ prefix: string | null;
4547
+ userId: string;
4548
+ refillInterval: number | null;
4549
+ refillAmount: number | null;
4550
+ lastRefillAt: Date | null;
4551
+ enabled: boolean;
4552
+ rateLimitEnabled: boolean;
4553
+ rateLimitTimeWindow: number | null;
4554
+ rateLimitMax: number | null;
4555
+ requestCount: number;
4556
+ remaining: number | null;
4557
+ lastRequest: Date | null;
4558
+ expiresAt: Date | null;
4559
+ createdAt: Date;
4560
+ updatedAt: Date;
4561
+ metadata: Record<string, any> | null;
4562
+ }[], {
4563
+ code?: string | undefined;
4564
+ message?: string | undefined;
4565
+ }, FetchOptions["throw"] extends true ? true : true>>;
4566
+ };
3932
4567
  } & {
3933
4568
  admin: {
3934
4569
  setRole: <FetchOptions extends better_auth.ClientFetchOption<Partial<{
@@ -4963,7 +5598,7 @@ declare const stub: {
4963
5598
  impersonatedBy?: string | null | undefined;
4964
5599
  };
4965
5600
  };
4966
- error: BetterFetchError | null;
5601
+ error: _better_fetch_fetch.BetterFetchError | null;
4967
5602
  isPending: boolean;
4968
5603
  }>;
4969
5604
  $fetch: _better_fetch_fetch.BetterFetch<{
@@ -5133,175 +5768,6 @@ type TeamMember = {
5133
5768
  createdAt: Date;
5134
5769
  };
5135
5770
 
5136
- declare const ac: {
5137
- newRole<K extends "member" | "access" | "organization" | "invitation" | "team" | "ac">(statements: better_auth_client.Subset<K, {
5138
- access: string[];
5139
- organization: readonly ["update", "delete"];
5140
- member: readonly ["create", "update", "delete"];
5141
- invitation: readonly ["create", "cancel"];
5142
- team: readonly ["create", "update", "delete"];
5143
- ac: readonly ["create", "read", "update", "delete"];
5144
- }>): {
5145
- authorize<K_1 extends K>(request: K_1 extends infer T extends K_2 ? { [key in T]?: better_auth_client.Subset<K, {
5146
- access: string[];
5147
- organization: readonly ["update", "delete"];
5148
- member: readonly ["create", "update", "delete"];
5149
- invitation: readonly ["create", "cancel"];
5150
- team: readonly ["create", "update", "delete"];
5151
- ac: readonly ["create", "read", "update", "delete"];
5152
- }>[key] | {
5153
- actions: better_auth_client.Subset<K, {
5154
- access: string[];
5155
- organization: readonly ["update", "delete"];
5156
- member: readonly ["create", "update", "delete"];
5157
- invitation: readonly ["create", "cancel"];
5158
- team: readonly ["create", "update", "delete"];
5159
- ac: readonly ["create", "read", "update", "delete"];
5160
- }>[key];
5161
- connector: "OR" | "AND";
5162
- } | undefined; } : never, connector?: "OR" | "AND"): better_auth_client.AuthorizeResponse;
5163
- statements: better_auth_client.Subset<K, {
5164
- access: string[];
5165
- organization: readonly ["update", "delete"];
5166
- member: readonly ["create", "update", "delete"];
5167
- invitation: readonly ["create", "cancel"];
5168
- team: readonly ["create", "update", "delete"];
5169
- ac: readonly ["create", "read", "update", "delete"];
5170
- }>;
5171
- };
5172
- statements: {
5173
- access: string[];
5174
- organization: readonly ["update", "delete"];
5175
- member: readonly ["create", "update", "delete"];
5176
- invitation: readonly ["create", "cancel"];
5177
- team: readonly ["create", "update", "delete"];
5178
- ac: readonly ["create", "read", "update", "delete"];
5179
- };
5180
- };
5181
- /**
5182
- * Predefined organization roles.
5183
- *
5184
- * @example
5185
- * ```typescript
5186
- * import { Roles } from '@meistrari/auth-core'
5187
- *
5188
- * // Invite user with specific role
5189
- * await authClient.organization.inviteUserToOrganization({
5190
- * userEmail: 'user@example.com',
5191
- * role: Roles.ORG_ADMIN
5192
- * })
5193
- * ```
5194
- */
5195
- declare const Roles: {
5196
- readonly ORG_ADMIN: "org:admin";
5197
- readonly ORG_MEMBER: "org:member";
5198
- readonly ORG_REVIEWER: "org:reviewer";
5199
- };
5200
- /**
5201
- * Type representing a valid organization role.
5202
- */
5203
- type Role = typeof Roles[keyof typeof Roles];
5204
- declare const rolesAccessControl: {
5205
- "org:admin": {
5206
- authorize<K_1 extends "member" | "access" | "organization" | "invitation" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_client.Subset<"member" | "access" | "organization" | "invitation" | "team", {
5207
- access: string[];
5208
- organization: readonly ["update", "delete"];
5209
- member: readonly ["create", "update", "delete"];
5210
- invitation: readonly ["create", "cancel"];
5211
- team: readonly ["create", "update", "delete"];
5212
- ac: readonly ["create", "read", "update", "delete"];
5213
- }>[key] | {
5214
- actions: better_auth_client.Subset<"member" | "access" | "organization" | "invitation" | "team", {
5215
- access: string[];
5216
- organization: readonly ["update", "delete"];
5217
- member: readonly ["create", "update", "delete"];
5218
- invitation: readonly ["create", "cancel"];
5219
- team: readonly ["create", "update", "delete"];
5220
- ac: readonly ["create", "read", "update", "delete"];
5221
- }>[key];
5222
- connector: "OR" | "AND";
5223
- } | undefined; } : never, connector?: "OR" | "AND"): better_auth_client.AuthorizeResponse;
5224
- statements: better_auth_client.Subset<"member" | "access" | "organization" | "invitation" | "team", {
5225
- access: string[];
5226
- organization: readonly ["update", "delete"];
5227
- member: readonly ["create", "update", "delete"];
5228
- invitation: readonly ["create", "cancel"];
5229
- team: readonly ["create", "update", "delete"];
5230
- ac: readonly ["create", "read", "update", "delete"];
5231
- }>;
5232
- };
5233
- "org:member": {
5234
- authorize<K_1 extends "access">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_client.Subset<"access", {
5235
- access: string[];
5236
- organization: readonly ["update", "delete"];
5237
- member: readonly ["create", "update", "delete"];
5238
- invitation: readonly ["create", "cancel"];
5239
- team: readonly ["create", "update", "delete"];
5240
- ac: readonly ["create", "read", "update", "delete"];
5241
- }>[key] | {
5242
- actions: better_auth_client.Subset<"access", {
5243
- access: string[];
5244
- organization: readonly ["update", "delete"];
5245
- member: readonly ["create", "update", "delete"];
5246
- invitation: readonly ["create", "cancel"];
5247
- team: readonly ["create", "update", "delete"];
5248
- ac: readonly ["create", "read", "update", "delete"];
5249
- }>[key];
5250
- connector: "OR" | "AND";
5251
- } | undefined; } : never, connector?: "OR" | "AND"): better_auth_client.AuthorizeResponse;
5252
- statements: better_auth_client.Subset<"access", {
5253
- access: string[];
5254
- organization: readonly ["update", "delete"];
5255
- member: readonly ["create", "update", "delete"];
5256
- invitation: readonly ["create", "cancel"];
5257
- team: readonly ["create", "update", "delete"];
5258
- ac: readonly ["create", "read", "update", "delete"];
5259
- }>;
5260
- };
5261
- "org:reviewer": {
5262
- authorize<K_1 extends "access">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_client.Subset<"access", {
5263
- access: string[];
5264
- organization: readonly ["update", "delete"];
5265
- member: readonly ["create", "update", "delete"];
5266
- invitation: readonly ["create", "cancel"];
5267
- team: readonly ["create", "update", "delete"];
5268
- ac: readonly ["create", "read", "update", "delete"];
5269
- }>[key] | {
5270
- actions: better_auth_client.Subset<"access", {
5271
- access: string[];
5272
- organization: readonly ["update", "delete"];
5273
- member: readonly ["create", "update", "delete"];
5274
- invitation: readonly ["create", "cancel"];
5275
- team: readonly ["create", "update", "delete"];
5276
- ac: readonly ["create", "read", "update", "delete"];
5277
- }>[key];
5278
- connector: "OR" | "AND";
5279
- } | undefined; } : never, connector?: "OR" | "AND"): better_auth_client.AuthorizeResponse;
5280
- statements: better_auth_client.Subset<"access", {
5281
- access: string[];
5282
- organization: readonly ["update", "delete"];
5283
- member: readonly ["create", "update", "delete"];
5284
- invitation: readonly ["create", "cancel"];
5285
- team: readonly ["create", "update", "delete"];
5286
- ac: readonly ["create", "read", "update", "delete"];
5287
- }>;
5288
- };
5289
- };
5290
- declare const userAdditionalFields: {
5291
- lastActiveAt: {
5292
- type: "date";
5293
- required: false;
5294
- defaultValue: null;
5295
- };
5296
- };
5297
- declare const organizationAdditionalFields: {
5298
- settings: {
5299
- type: "json";
5300
- input: true;
5301
- required: false;
5302
- };
5303
- };
5304
-
5305
5771
  type GetOrganizationOptions = {
5306
5772
  includeMembers?: boolean;
5307
5773
  includeInvitations?: boolean;
@@ -5604,7 +6070,12 @@ declare class OrganizationService {
5604
6070
  * @param teamId - The team ID
5605
6071
  * @param userId - The user ID to add
5606
6072
  */
5607
- addTeamMember(teamId: string, userId: string): Promise<void>;
6073
+ addTeamMember(teamId: string, userId: string): Promise<{
6074
+ id: string;
6075
+ teamId: string;
6076
+ userId: string;
6077
+ createdAt: Date;
6078
+ }>;
5608
6079
  /**
5609
6080
  * Removes a user from a team.
5610
6081
  *
@@ -5647,6 +6118,49 @@ declare class SessionService {
5647
6118
  * @param apiUrl - The base URL of the authentication API
5648
6119
  */
5649
6120
  constructor(client: APIClient, apiUrl: string);
6121
+ /**
6122
+ * Retrieves the current user session.
6123
+ *
6124
+ * @returns The current user session
6125
+ */
6126
+ getSession(token?: string): Promise<{
6127
+ user: {
6128
+ id: string;
6129
+ createdAt: Date;
6130
+ updatedAt: Date;
6131
+ email: string;
6132
+ emailVerified: boolean;
6133
+ name: string;
6134
+ image?: string | null | undefined;
6135
+ twoFactorEnabled: boolean | null | undefined;
6136
+ banned: boolean | null | undefined;
6137
+ role?: string | null | undefined;
6138
+ banReason?: string | null | undefined;
6139
+ banExpires?: Date | null | undefined;
6140
+ lastActiveAt?: Date | null | undefined;
6141
+ };
6142
+ session: {
6143
+ id: string;
6144
+ createdAt: Date;
6145
+ updatedAt: Date;
6146
+ userId: string;
6147
+ expiresAt: Date;
6148
+ token: string;
6149
+ ipAddress?: string | null | undefined;
6150
+ userAgent?: string | null | undefined;
6151
+ activeOrganizationId?: string | null | undefined;
6152
+ activeTeamId?: string | null | undefined;
6153
+ impersonatedBy?: string | null | undefined;
6154
+ };
6155
+ } | null>;
6156
+ /**
6157
+ * Retrieves a valid JWT token.
6158
+ *
6159
+ * @returns The JWT token
6160
+ */
6161
+ getToken(): Promise<{
6162
+ token: string;
6163
+ }>;
5650
6164
  /**
5651
6165
  * Initiates social authentication flow with Google or Microsoft.
5652
6166
  *
@@ -5699,6 +6213,42 @@ declare class SessionService {
5699
6213
  * @param password - The new password to set
5700
6214
  */
5701
6215
  resetPassword(token: string, password: string): Promise<void>;
6216
+ /**
6217
+ * Retrieves the JWT token for a nonce.
6218
+ *
6219
+ * @param nonce - The nonce to retrieve the token for
6220
+ * @returns The JWT token for the nonce
6221
+ */
6222
+ getNoncePayload(nonce: string): Promise<{
6223
+ token: string;
6224
+ }>;
6225
+ }
6226
+
6227
+ declare class BaseError extends Error {
6228
+ code: string;
6229
+ constructor(code: string, message: string, options?: ErrorOptions);
6230
+ }
6231
+
6232
+ /**
6233
+ * Error thrown when an invalid social provider is specified.
6234
+ */
6235
+ declare class InvalidSocialProvider extends BaseError {
6236
+ constructor(message: string);
6237
+ }
6238
+ /**
6239
+ * Error thrown when an invalid callback URL is provided.
6240
+ *
6241
+ * This error occurs when the callback URL or error callback URL
6242
+ * is malformed or not a valid URL.
6243
+ */
6244
+ declare class InvalidCallbackURL extends BaseError {
6245
+ constructor(message: string);
6246
+ }
6247
+ /**
6248
+ * Error thrown when an email is required but not provided.
6249
+ */
6250
+ declare class EmailRequired extends BaseError {
6251
+ constructor(message: string);
5702
6252
  }
5703
6253
 
5704
6254
  /**
@@ -5735,9 +6285,9 @@ declare class AuthClient {
5735
6285
  * Creates a new AuthClient instance.
5736
6286
  *
5737
6287
  * @param apiUrl - The base URL of the authentication API
5738
- * @param headers - Custom headers to include in all API requests
6288
+ * @param fetchOptions - Custom fetch options to include in all API requests
5739
6289
  */
5740
- constructor(apiUrl: string, headers?: Record<string, string>);
6290
+ constructor(apiUrl: string, fetchOptions?: BetterFetchOption);
5741
6291
  }
5742
6292
 
5743
6293
  /**
@@ -5773,6 +6323,25 @@ declare function isTokenExpired(token: string): any;
5773
6323
  * ```
5774
6324
  */
5775
6325
  declare function validateToken(token: string, apiUrl: string): Promise<boolean>;
6326
+ /**
6327
+ * Extracts and decodes the payload from a JWT token.
6328
+ *
6329
+ * **Warning:** This function does NOT validate the token's signature or check
6330
+ * if the token is valid. It only decodes the payload. Use `validateToken` if
6331
+ * you need to verify the token's authenticity.
6332
+ *
6333
+ * @param token - The JWT token string to extract the payload from
6334
+ * @returns The decoded payload as a key-value object
6335
+ *
6336
+ * @example
6337
+ * ```typescript
6338
+ * const token = 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...'
6339
+ * const payload = extractTokenPayload(token)
6340
+ * console.log(payload.sub) // user ID
6341
+ * console.log(payload.exp) // expiration timestamp
6342
+ * ```
6343
+ */
6344
+ declare function extractTokenPayload(token: string): JWTTokenPayload;
5776
6345
 
5777
- export { AuthClient, EmailRequired, InvalidCallbackURL, InvalidSocialProvider, Roles, ac, createAPIClient, isTokenExpired, organizationAdditionalFields, rolesAccessControl, userAdditionalFields, validateToken };
5778
- export type { APIClient, FullOrganization, Invitation, ExtendedMember as Member, ExtendedOrganization as Organization, Role, Session, Team, TeamMember, User };
6346
+ export { AuthClient, EmailRequired, InvalidCallbackURL, InvalidSocialProvider, Roles, ac, createAPIClient, extractTokenPayload, isTokenExpired, organizationAdditionalFields, rolesAccessControl, userAdditionalFields, validateToken };
6347
+ export type { APIClient, CreateTeamPayload, FullOrganization, GetOrganizationOptions, Invitation, InviteUserToOrganizationOptions, JWTTokenPayload, ListMembersOptions, ExtendedMember as Member, ExtendedOrganization as Organization, RemoveUserFromOrganizationOptions, Role, Session, SignInWithEmailAndPasswordOptions, SignInWithSamlOptions, SocialSignInOptions, Team, TeamMember, UpdateMemberRoleOptions, UpdateOrganizationPayload, UpdateTeamPayload, User };