@mframework/adapter-betterauth 0.0.1

package/README.md

@@ -0,0 +1,85 @@
+Starter Adapter Template
+=========================
+
+This package is a template to scaffold new adapter packages that integrate with Meeovi layers.
+
+Usage
+-----
+
+- From this package directory, run:
+
+```
+npm run create -- <short-name>
+```
+
+- Example:
+
+```
+npm run create -- shop
+```
+
+This creates a new adapter package at `../adapter-shop` (relative to this template) with the package name `@mframework/adapter-shop`.
+
+What you get
+------------
+
+- A ready-to-edit adapter package with `index.ts` and `src/` files for `transport`, `auth`, `commerce`, `search`, and `utils`.
+- Placeholders in files are marked as `__PACKAGE_NAME__` and `__SHORT_NAME__` to help you customize.
+
+How to edit
+-----------
+
+1. Open the new package folder.
+2. Replace placeholder endpoints and logic in `src/*` with your adapter's API.
+3. Update `package.json` fields as needed.
+4. Run `npm run build` inside the new adapter package to compile TypeScript.
+
+Notes
+-----
+
+- The scaffold script performs simple text replacements; review generated files before publishing.
+- This template is intentionally minimal — implement only the methods your backend supports.
+
+CLI Flags
+---------
+
+The starter CLI supports interactive and non-interactive modes. Flags:
+
+- `--name` / `-n`: Adapter short name (e.g. `shop`).
+- `--desc` / `-d`: Description for the generated package.
+- `--layers` / `-l`: Comma-separated list of layers to scaffold (e.g. `commerce,auth`).
+- `--dest`: Destination path for the generated package.
+- `--no-install`: Skip running `npm install` after scaffolding.
+
+Examples
+--------
+
+- Interactive:
+
+```
+npm run create:interactive
+```
+
+- Non-interactive (with install):
+
+```
+npm run create:interactive -- --name shop --desc "Shop adapter" --layers commerce,auth
+```
+
+- Non-interactive (skip install):
+
+```
+npm run create:interactive -- --name shop --layers commerce --no-install
+```
+
+Repo-level wrapper
+------------------
+
+From the repo root you can use the provided script:
+
+```
+scripts/create-adapter --name shop --layers commerce --no-install
+```
+
+
+Note: adapter credentials and endpoints can be centrally configured in your main app's `.env` file. See the repository `.env.example` for recommended variable names.

package/dist/index.d.ts

@@ -0,0 +1,15 @@
+export declare const installAuthAdapter: (config: {
+    baseUrl: string;
+    apiKey?: string;
+}) => void;
+export { auth, Auth } from './src/betterauth';
+export { default as BetterAuthProvider } from './src/provider';
+export { getAuthPlugins } from './src/plugins';
+export * from './src/types';
+export * from './src/auth';
+export * from './src/utils';
+export * from './src/transport';
+export * from './src/framework';
+export * from './src/registry';
+export * from './src/validation';
+export * from './src/config';

package/dist/index.js

@@ -0,0 +1,21 @@
+import { setAuthAdapter } from '@mframework/sdk';
+import { createAuthTransport } from './src/transport';
+import { createAuthAdapter } from './src/auth';
+export const installAuthAdapter = (config) => {
+    const transport = createAuthTransport(config);
+    setAuthAdapter(createAuthAdapter(transport));
+};
+// Export the server-side BetterAuth instance (if present) so other layers can
+// import the runtime `auth` instance from this package. The file is optional
+// and will only exist when BetterAuth is configured for the adapter.
+export { auth } from './src/betterauth';
+export { default as BetterAuthProvider } from './src/provider';
+export { getAuthPlugins } from './src/plugins';
+export * from './src/types';
+export * from './src/auth';
+export * from './src/utils';
+export * from './src/transport';
+export * from './src/framework';
+export * from './src/registry';
+export * from './src/validation';
+export * from './src/config';

package/dist/src/auth.d.ts

@@ -0,0 +1,2 @@
+import type { AuthAdapter, TransportAdapter } from '@mframework/sdk';
+export declare const createAuthAdapter: (transport: TransportAdapter) => AuthAdapter;

package/dist/src/auth.js

@@ -0,0 +1,31 @@
+import { unwrap } from './utils';
+export const createAuthAdapter = (transport) => ({
+    async login(input) {
+        const res = await transport.request('POST', '/login', {
+            body: input
+        });
+        return unwrap(res);
+    },
+    async register(input) {
+        const res = await transport.request('POST', '/register', {
+            body: input
+        });
+        return unwrap(res);
+    },
+    async logout() {
+        const res = await transport.request('POST', '/logout');
+        return unwrap({ ...res, data: true });
+    },
+    async getSession() {
+        const res = await transport.request('GET', '/session');
+        return unwrap(res);
+    },
+    async refresh() {
+        const res = await transport.request('POST', '/refresh');
+        return unwrap(res);
+    },
+    async getUser() {
+        const res = await transport.request('GET', '/user');
+        return unwrap(res);
+    }
+});

package/dist/src/betterauth.d.ts

@@ -0,0 +1,11 @@
+import "dotenv/config";
+export declare const auth: import("better-auth").Auth<{
+    experimental: {
+        joins: true;
+    };
+    database: (options: import("better-auth").BetterAuthOptions) => import("better-auth").DBAdapter<import("better-auth").BetterAuthOptions>;
+    emailAndPassword: {
+        enabled: true;
+    };
+}>;
+export type Auth = typeof auth;

package/dist/src/betterauth.js

@@ -0,0 +1,12 @@
+import "dotenv/config";
+import { betterAuth } from "better-auth";
+import { prismaAdapter } from "better-auth/adapters/prisma";
+import { prisma } from "@mframework/api";
+// Create and export the BetterAuth runtime instance using the centralized
+// Prisma client exported from packages/modules/api. Layers can import `auth`
+// from this package to get the configured auth instance.
+export const auth = betterAuth({
+    experimental: { joins: true },
+    database: prismaAdapter(prisma, { provider: 'postgresql' }),
+    emailAndPassword: { enabled: true }
+});

package/dist/src/config.d.ts

@@ -0,0 +1,8 @@
+export interface AuthConfig {
+    baseUrl: any;
+    authProvider: string;
+    authUrl?: string;
+    sessionCookieName?: string;
+}
+export declare function setAuthConfig(newConfig: Partial<AuthConfig>): void;
+export declare function getAuthConfig(): AuthConfig;

package/dist/src/config.js

@@ -0,0 +1,12 @@
+let config = {
+    authProvider: 'better-auth',
+    authUrl: '',
+    sessionCookieName: 'session',
+    baseUrl: undefined
+};
+export function setAuthConfig(newConfig) {
+    config = { ...config, ...newConfig };
+}
+export function getAuthConfig() {
+    return config;
+}

package/dist/src/framework.d.ts

@@ -0,0 +1,17 @@
+export interface FrameworkContext {
+    getRequestURL?(): string;
+    getRequestHeaders?(): Record<string, string>;
+    getConfig?(): any;
+    reloadApp?(): void;
+    state?<T>(key: string, init: () => T): {
+        value: T;
+    };
+}
+/**
+ * Frameworks (Nuxt, React, etc.) call this once during initialization.
+ */
+export declare function setFrameworkContext(newCtx: FrameworkContext): void;
+/**
+ * Auth providers use this to access framework-specific helpers.
+ */
+export declare function getFrameworkContext(): FrameworkContext;

package/dist/src/framework.js

@@ -0,0 +1,13 @@
+let ctx = {};
+/**
+ * Frameworks (Nuxt, React, etc.) call this once during initialization.
+ */
+export function setFrameworkContext(newCtx) {
+    ctx = { ...ctx, ...newCtx };
+}
+/**
+ * Auth providers use this to access framework-specific helpers.
+ */
+export function getFrameworkContext() {
+    return ctx;
+}

package/dist/src/plugins.d.ts

@@ -0,0 +1,5 @@
+export type AuthPluginOptions = {
+    subscription?: boolean;
+};
+export declare function getAuthPlugins(opts?: AuthPluginOptions): any[];
+export default getAuthPlugins;

package/dist/src/plugins.js

@@ -0,0 +1,19 @@
+import { stripeClient } from '@better-auth/stripe/client';
+import { polarClient } from '@polar-sh/better-auth';
+import { adminClient, inferAdditionalFields } from 'better-auth/client/plugins';
+export function getAuthPlugins(opts = {}) {
+    const { subscription = true } = opts;
+    return [
+        inferAdditionalFields({
+            user: {
+                polarCustomerId: {
+                    type: 'string'
+                }
+            }
+        }),
+        adminClient(),
+        polarClient(),
+        stripeClient({ subscription })
+    ];
+}
+export default getAuthPlugins;

package/dist/src/provider.d.ts

@@ -0,0 +1,2 @@
+declare const BetterAuthProvider: any;
+export default BetterAuthProvider;

package/dist/src/provider.js

@@ -0,0 +1,84 @@
+import * as BetterAuth from 'better-auth';
+import { getAuthConfig } from './config';
+import { getFrameworkContext } from './framework';
+// Create a single shared Better Auth client instance
+let client = null;
+function resolveClientFactory() {
+    return BetterAuth.Client ?? BetterAuth.default ?? BetterAuth;
+}
+function getClient() {
+    if (client)
+        return client;
+    const config = getAuthConfig();
+    const ctx = getFrameworkContext();
+    const Client = resolveClientFactory();
+    client = Client({
+        baseURL: config.baseUrl,
+        fetch: async (url, options = {}) => {
+            const baseHeaders = ctx.getRequestHeaders?.() || {};
+            let optionHeaders = {};
+            if (options.headers instanceof Headers) {
+                options.headers.forEach((value, key) => {
+                    optionHeaders[key] = value;
+                });
+            }
+            else if (Array.isArray(options.headers)) {
+                for (const [k, v] of options.headers) {
+                    optionHeaders[k] = v;
+                }
+            }
+            else if (typeof options.headers === 'object' && options.headers !== null) {
+                optionHeaders = options.headers;
+            }
+            const headers = {
+                ...baseHeaders,
+                ...optionHeaders
+            };
+            return fetch(url, { ...options, headers });
+        }
+    });
+    return client;
+}
+const BetterAuthProvider = {
+    async login(credentials) {
+        const client = getClient();
+        const result = await client.signIn(credentials);
+        if (result.error) {
+            throw new Error(result.error.message || 'Login failed');
+        }
+        return result.data;
+    },
+    async logout() {
+        const client = getClient();
+        await client.signOut();
+        const ctx = getFrameworkContext();
+        ctx.reloadApp?.();
+    },
+    async session() {
+        const client = getClient();
+        const result = await client.session();
+        if (result.error) {
+            return null;
+        }
+        return result.data;
+    },
+    async register(data) {
+        const client = getClient();
+        const result = await client.signUp(data);
+        if (result.error) {
+            throw new Error(result.error.message || 'Registration failed');
+        }
+        return result.data;
+    },
+    async refresh() {
+        const client = getClient();
+        const result = await client.refresh();
+        if (result.error) {
+            throw new Error(result.error.message || 'Session refresh failed');
+        }
+        return result.data;
+    }
+};
+// Register the provider under the canonical name so other layers can discover
+// it using the existing registry mechanism.
+export default BetterAuthProvider;

package/dist/src/registry.d.ts

@@ -0,0 +1,4 @@
+import type { AuthProvider } from './types';
+export declare function registerAuthProvider(name: string, provider: AuthProvider): void;
+export declare function setActiveAuthProvider(name: string): void;
+export declare function getAuthProvider(): AuthProvider;

package/dist/src/registry.js

@@ -0,0 +1,21 @@
+// allow missing entries in the map so TypeScript understands runtime checks
+const providers = {};
+let activeProvider = null;
+export function registerAuthProvider(name, provider) {
+    providers[name] = provider;
+}
+export function setActiveAuthProvider(name) {
+    if (!providers[name]) {
+        throw new Error(`Auth provider "${name}" is not registered`);
+    }
+    activeProvider = name;
+}
+export function getAuthProvider() {
+    if (!activeProvider) {
+        throw new Error('No active auth provider has been set');
+    }
+    const prov = providers[activeProvider];
+    if (!prov)
+        throw new Error(`Auth provider "${activeProvider}" not found`);
+    return prov;
+}

package/dist/src/transport.d.ts

@@ -0,0 +1,5 @@
+import type { TransportAdapter } from '@mframework/core';
+export declare const createAuthTransport: (config: {
+    baseUrl: string;
+    apiKey?: string;
+}) => TransportAdapter;

package/dist/src/transport.js

@@ -0,0 +1,42 @@
+export const createAuthTransport = (config) => {
+    return {
+        async request(method, path, options = {}) {
+            try {
+                const url = new URL(path, config.baseUrl);
+                if (options.query) {
+                    Object.entries(options.query).forEach(([key, value]) => {
+                        url.searchParams.set(key, String(value));
+                    });
+                }
+                const res = await fetch(url.toString(), {
+                    method,
+                    headers: {
+                        'Content-Type': 'application/json',
+                        ...(config.apiKey ? { Authorization: `Bearer ${config.apiKey}` } : {}),
+                        ...(options.headers || {})
+                    },
+                    body: options.body ? JSON.stringify(options.body) : undefined
+                });
+                const data = await res.json().catch(() => null);
+                if (!res.ok) {
+                    return {
+                        status: res.status,
+                        data: null,
+                        error: data?.message || 'Unknown error'
+                    };
+                }
+                return {
+                    status: res.status,
+                    data
+                };
+            }
+            catch (err) {
+                return {
+                    status: 500,
+                    data: null,
+                    error: err.message || 'Transport error'
+                };
+            }
+        }
+    };
+};

package/dist/src/types.d.ts

@@ -0,0 +1,29 @@
+export interface AuthSession {
+    user: {
+        id: string;
+        email?: string;
+        name?: string;
+        avatarUrl?: string;
+        [key: string]: any;
+    };
+    expiresAt?: string;
+    [key: string]: any;
+}
+export interface AuthCredentials {
+    email: string;
+    password: string;
+    [key: string]: any;
+}
+export interface AuthRegistration {
+    email: string;
+    password: string;
+    name?: string;
+    [key: string]: any;
+}
+export interface AuthProvider {
+    login(credentials: AuthCredentials): Promise<AuthSession>;
+    logout(): Promise<void>;
+    session(): Promise<AuthSession | null>;
+    register?(data: AuthRegistration): Promise<AuthSession>;
+    refresh?(): Promise<AuthSession>;
+}

package/dist/src/types.js

@@ -0,0 +1 @@
+export {};

package/dist/src/utils.d.ts

@@ -0,0 +1,2 @@
+import type { APIResponse, Result } from '@mframework/core';
+export declare const unwrap: <T>(response: APIResponse<T>) => Result<T>;

package/dist/src/utils.js

@@ -0,0 +1,12 @@
+export const unwrap = (response) => {
+    if (response.error) {
+        return {
+            ok: false,
+            error: response.error
+        };
+    }
+    return {
+        ok: true,
+        data: response.data
+    };
+};

package/dist/src/validation.d.ts

@@ -0,0 +1,22 @@
+import { z } from 'zod';
+export declare const loginSchema: z.ZodObject<{
+    email: z.ZodString;
+    password: z.ZodString;
+}, z.core.$strip>;
+export type LoginInput = z.infer<typeof loginSchema>;
+export declare const registerSchema: z.ZodObject<{
+    email: z.ZodString;
+    password: z.ZodString;
+    confirmPassword: z.ZodString;
+}, z.core.$strip>;
+export type RegisterInput = z.infer<typeof registerSchema>;
+export declare const forgotPasswordSchema: z.ZodObject<{
+    email: z.ZodString;
+}, z.core.$strip>;
+export type ForgotPasswordInput = z.infer<typeof forgotPasswordSchema>;
+export declare const resetPasswordSchema: z.ZodObject<{
+    token: z.ZodString;
+    password: z.ZodString;
+    confirmPassword: z.ZodString;
+}, z.core.$strip>;
+export type ResetPasswordInput = z.infer<typeof resetPasswordSchema>;

package/dist/src/validation.js

@@ -0,0 +1,21 @@
+import { z } from 'zod';
+export const loginSchema = z.object({
+    email: z.string().email(),
+    password: z.string().min(8)
+});
+export const registerSchema = z.object({
+    email: z.string().email(),
+    password: z.string().min(8),
+    confirmPassword: z.string().min(8)
+}).refine((data) => data.password === data.confirmPassword, {
+    message: 'Passwords do not match',
+    path: ['confirmPassword']
+});
+export const forgotPasswordSchema = z.object({
+    email: z.string().email()
+});
+export const resetPasswordSchema = z.object({
+    token: z.string(),
+    password: z.string().min(8),
+    confirmPassword: z.string().min(8)
+});

package/index.ts

@@ -0,0 +1,28 @@
+import {
+  setAuthAdapter
+} from '@mframework/sdk'
+
+import { createAuthTransport } from './src/transport'
+import { createAuthAdapter } from './src/auth'
+
+export const installAuthAdapter = (config: { baseUrl: string; apiKey?: string }) => {
+  const transport = createAuthTransport(config)
+
+  setAuthAdapter(createAuthAdapter(transport))
+}
+
+// Export the server-side BetterAuth instance (if present) so other layers can
+// import the runtime `auth` instance from this package. The file is optional
+// and will only exist when BetterAuth is configured for the adapter.
+export { auth, Auth } from './src/betterauth'
+export { default as BetterAuthProvider } from './src/provider'
+export { getAuthPlugins } from './src/plugins'
+
+export * from './src/types'
+export * from './src/auth'
+export * from './src/utils'
+export * from './src/transport'
+export * from './src/framework'
+export * from './src/registry'
+export * from './src/validation'
+export * from './src/config'

package/package.json

@@ -0,0 +1,45 @@
+{
+  "name": "@mframework/adapter-betterauth",
+  "version": "0.0.1",
+  "description": "Official Better-Auth adapter for M Framework Auth Layer",
+  "main": "index.ts",
+  "types": "module",
+  "exports": {
+    ".": {
+      "import": "./src/index.ts",
+      "types": "./src/types.d.ts"
+    }
+  },
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "build": "tsc -p tsconfig.json",
+    "create": "node ./scripts/init-adapter.js",
+    "create:interactive": "node ./scripts/create-adapter-cli.cjs"
+  },
+  "keywords": [
+    "meeovi",
+    "adapter",
+    "starter"
+  ],
+  "author": "M Framework",
+  "license": "MIT",
+  "type": "module",
+  "dependencies": {
+    "@better-auth/cli": "^1.4.10",
+    "@better-auth/oauth-provider": "^1.4.12",
+    "@better-auth/passkey": "^1.4.10",
+    "@better-auth/scim": "^1.4.15",
+    "@better-auth/sso": "^1.4.12",
+    "@better-auth/stripe": "^1.4.15",
+    "@mframework/core": "^0.0.1",
+    "@mframework/sdk": "^0.0.2",
+    "@polar-sh/better-auth": "^1.6.3",
+    "better-auth": "^1.4.12",
+    "typescript": "^5.9.3"
+  },
+  "files": [
+    "dist",
+    "src",
+    "README.md"
+  ]
+}

package/src/auth.ts

@@ -0,0 +1,52 @@
+import type {
+  AuthAdapter,
+  TransportAdapter
+} from '@mframework/sdk'
+
+import type {
+  LoginInput,
+  RegisterInput,
+  Result,
+  Session,
+  User
+} from '@mframework/core'
+
+import { unwrap } from './utils'
+
+export const createAuthAdapter = (
+  transport: TransportAdapter
+): AuthAdapter => ({
+  async login(input: LoginInput): Promise<Result<Session>> {
+    const res = await transport.request<Session>('POST', '/login', {
+      body: input
+    })
+    return unwrap(res)
+  },
+
+  async register(input: RegisterInput): Promise<Result<Session>> {
+    const res = await transport.request<Session>('POST', '/register', {
+      body: input
+    })
+    return unwrap(res)
+  },
+
+  async logout(): Promise<Result<true>> {
+    const res = await transport.request('POST', '/logout')
+    return unwrap({ ...res, data: true })
+  },
+
+  async getSession(): Promise<Result<Session>> {
+    const res = await transport.request<Session>('GET', '/session')
+    return unwrap(res)
+  },
+
+  async refresh(): Promise<Result<Session>> {
+    const res = await transport.request<Session>('POST', '/refresh')
+    return unwrap(res)
+  },
+
+  async getUser(): Promise<Result<User>> {
+    const res = await transport.request<User>('GET', '/user')
+    return unwrap(res)
+  }
+})

package/src/betterauth.ts

@@ -0,0 +1,15 @@
+import "dotenv/config"
+import { betterAuth } from "better-auth"
+import { prismaAdapter } from "better-auth/adapters/prisma"
+import { prisma } from "@mframework/api"
+
+// Create and export the BetterAuth runtime instance using the centralized
+// Prisma client exported from packages/modules/api. Layers can import `auth`
+// from this package to get the configured auth instance.
+export const auth = betterAuth({
+  experimental: { joins: true },
+  database: prismaAdapter(prisma as any, { provider: 'postgresql' }),
+  emailAndPassword: { enabled: true }
+})
+
+export type Auth = typeof auth

package/src/config.ts

@@ -0,0 +1,22 @@
+
+export interface AuthConfig {
+  baseUrl: any
+  authProvider: string
+  authUrl?: string
+  sessionCookieName?: string
+}
+
+let config: AuthConfig = {
+  authProvider: 'better-auth',
+  authUrl: '',
+  sessionCookieName: 'session',
+  baseUrl: undefined
+}
+
+export function setAuthConfig(newConfig: Partial<AuthConfig>) {
+  config = { ...config, ...newConfig }
+}
+
+export function getAuthConfig(): AuthConfig {
+  return config
+}

package/src/framework.ts

@@ -0,0 +1,24 @@
+
+export interface FrameworkContext {
+  getRequestURL?(): string
+  getRequestHeaders?(): Record<string, string>
+  getConfig?(): any
+  reloadApp?(): void
+  state?<T>(key: string, init: () => T): { value: T }
+}
+
+let ctx: FrameworkContext = {}
+
+/**
+ * Frameworks (Nuxt, React, etc.) call this once during initialization.
+ */
+export function setFrameworkContext(newCtx: FrameworkContext) {
+  ctx = { ...ctx, ...newCtx }
+}
+
+/**
+ * Auth providers use this to access framework-specific helpers.
+ */
+export function getFrameworkContext(): FrameworkContext {
+  return ctx
+}

package/src/plugins.ts

@@ -0,0 +1,26 @@
+import { stripeClient } from '@better-auth/stripe/client'
+import { polarClient } from '@polar-sh/better-auth'
+import { adminClient, inferAdditionalFields } from 'better-auth/client/plugins'
+
+export type AuthPluginOptions = {
+  subscription?: boolean
+}
+
+export function getAuthPlugins(opts: AuthPluginOptions = {}): any[] {
+  const { subscription = true } = opts
+
+  return [
+    inferAdditionalFields({
+      user: {
+        polarCustomerId: {
+          type: 'string'
+        }
+      }
+    }),
+    adminClient(),
+    polarClient(),
+    stripeClient({ subscription })
+  ]
+}
+
+export default getAuthPlugins

package/src/provider.ts

@@ -0,0 +1,106 @@
+import * as BetterAuth from 'better-auth'
+import { getAuthConfig } from './config'
+import { getFrameworkContext } from './framework'
+
+// Create a single shared Better Auth client instance
+let client: any = null
+
+function resolveClientFactory() {
+  return (BetterAuth as any).Client ?? (BetterAuth as any).default ?? BetterAuth
+}
+
+function getClient() {
+  if (client) return client
+
+  const config = getAuthConfig()
+  const ctx = getFrameworkContext()
+
+  const Client = resolveClientFactory()
+  client = Client({
+    baseURL: config.baseUrl,
+    fetch: async (url: string | Request | URL, options: RequestInit = {}) => {
+      const baseHeaders = ctx.getRequestHeaders?.() || {}
+
+      let optionHeaders: Record<string, string> = {}
+
+      if (options.headers instanceof Headers) {
+        options.headers.forEach((value, key) => {
+          optionHeaders[key] = value
+        })
+      } else if (Array.isArray(options.headers)) {
+        for (const [k, v] of options.headers) {
+          optionHeaders[k] = v
+        }
+      } else if (typeof options.headers === 'object' && options.headers !== null) {
+        optionHeaders = options.headers as Record<string, string>
+      }
+
+      const headers = {
+        ...baseHeaders,
+        ...optionHeaders
+      }
+
+      return fetch(url, { ...options, headers })
+    }
+  })
+
+  return client
+}
+
+const BetterAuthProvider: any = {
+  async login(credentials: any) {
+    const client = getClient()
+    const result = await client.signIn(credentials)
+
+    if (result.error) {
+      throw new Error(result.error.message || 'Login failed')
+    }
+
+    return result.data
+  },
+
+  async logout() {
+    const client = getClient()
+    await client.signOut()
+
+    const ctx = getFrameworkContext()
+    ctx.reloadApp?.()
+  },
+
+  async session() {
+    const client = getClient()
+    const result = await client.session()
+
+    if (result.error) {
+      return null
+    }
+
+    return result.data
+  },
+
+  async register(data: any) {
+    const client = getClient()
+    const result = await client.signUp(data)
+
+    if (result.error) {
+      throw new Error(result.error.message || 'Registration failed')
+    }
+
+    return result.data
+  },
+
+  async refresh() {
+    const client = getClient()
+    const result = await client.refresh()
+
+    if (result.error) {
+      throw new Error(result.error.message || 'Session refresh failed')
+    }
+
+    return result.data
+  }
+}
+
+// Register the provider under the canonical name so other layers can discover
+// it using the existing registry mechanism.
+export default BetterAuthProvider

package/src/registry.ts

@@ -0,0 +1,25 @@
+import type { AuthProvider } from './types'
+
+// allow missing entries in the map so TypeScript understands runtime checks
+const providers: Record<string, AuthProvider | undefined> = {}
+let activeProvider: any | null = null
+
+export function registerAuthProvider(name: string, provider: AuthProvider) {
+  providers[name] = provider
+}
+
+export function setActiveAuthProvider(name: string) {
+  if (!providers[name]) {
+    throw new Error(`Auth provider "${name}" is not registered`)
+  }
+  activeProvider = name
+}
+
+export function getAuthProvider(): AuthProvider {
+  if (!activeProvider) {
+    throw new Error('No active auth provider has been set')
+  }
+  const prov = providers[activeProvider!]
+  if (!prov) throw new Error(`Auth provider "${activeProvider}" not found`)
+  return prov
+}

package/src/transport.ts

@@ -0,0 +1,48 @@
+import type { TransportAdapter, RequestOptions, APIResponse } from '@mframework/core'
+
+export const createAuthTransport = (config: { baseUrl: string; apiKey?: string }): TransportAdapter => {
+  return {
+    async request<T>(method: any, path: string | URL, options: RequestOptions = {}): Promise<APIResponse<T>> {
+      try {
+        const url = new URL(path, config.baseUrl)
+
+        if (options.query) {
+          Object.entries(options.query).forEach(([key, value]) => {
+            url.searchParams.set(key, String(value))
+          })
+        }
+
+        const res = await fetch(url.toString(), {
+          method,
+          headers: {
+            'Content-Type': 'application/json',
+            ...(config.apiKey ? { Authorization: `Bearer ${config.apiKey}` } : {}),
+            ...(options.headers || {})
+          },
+          body: options.body ? JSON.stringify(options.body) : undefined
+        })
+
+        const data = await res.json().catch(() => null)
+
+        if (!res.ok) {
+          return {
+            status: res.status,
+            data: (null as any) as T,
+            error: data?.message || 'Unknown error'
+          }
+        }
+
+        return {
+          status: res.status,
+          data
+        }
+      } catch (err: any) {
+        return {
+          status: 500,
+          data: (null as any) as T,
+          error: err.message || 'Transport error'
+        }
+      }
+    }
+  }
+}

package/src/types-shims.d.ts

@@ -0,0 +1,28 @@
+declare module '@mframework/sdk' {
+  export type TransportAdapter = {
+    request<T = any>(method: string, path: string, opts?: any): Promise<any>
+  }
+  export type AuthAdapter = any
+  export type CommerceAdapter = any
+  export type SearchAdapter = any
+  export function setAuthAdapter(adapter: AuthAdapter): void
+  export function setCommerceAdapter(adapter: CommerceAdapter): void
+  export function setSearchAdapter(adapter: SearchAdapter): void
+}
+
+declare module '@mframework/core' {
+  export type LoginInput = any
+  export type RegisterInput = any
+  export type Result<T = any> = any
+  export type Session = any
+  export type User = any
+  export type TransportAdapter = import('@mframework/sdk').TransportAdapter
+  export type RequestOptions = any
+  export type APIResponse<T = any> = any
+}
+
+declare module '@mframework/api' {
+  export const prisma: any
+  export function useDB(_event?: any): Promise<any>
+  export function isValidTable(name: string): boolean
+}

package/src/types.d.ts

@@ -0,0 +1,13 @@
+// Re-export the canonical SDK/core types so consumers of this adapter can import
+// from the adapter package and still get accurate types from the source
+// modules.
+export type { TransportAdapter, AuthAdapter, CommerceAdapter, SearchAdapter } from '@mframework/sdk'
+export type { LoginInput, RegisterInput, Result, Session, User } from '@mframework/core'
+
+// Re-export prisma utilities from the api package for convenience.
+export { prisma, useDB, isValidTable } from '@mframework/api'
+
+// Adapter exports
+export function getAuthPlugins(opts?: any): any[]
+export const BetterAuthProvider: any
+export default BetterAuthProvider

package/src/types.ts

@@ -0,0 +1,33 @@
+
+export interface AuthSession {
+  user: {
+    id: string
+    email?: string
+    name?: string
+    avatarUrl?: string
+    [key: string]: any
+  }
+  expiresAt?: string
+  [key: string]: any
+}
+
+export interface AuthCredentials {
+  email: string
+  password: string
+  [key: string]: any
+}
+
+export interface AuthRegistration {
+  email: string
+  password: string
+  name?: string
+  [key: string]: any
+}
+
+export interface AuthProvider {
+  login(credentials: AuthCredentials): Promise<AuthSession>
+  logout(): Promise<void>
+  session(): Promise<AuthSession | null>
+  register?(data: AuthRegistration): Promise<AuthSession>
+  refresh?(): Promise<AuthSession>
+}

package/src/utils.ts

@@ -0,0 +1,15 @@
+import type { APIResponse, Result } from '@mframework/core'
+
+export const unwrap = <T>(response: APIResponse<T>): Result<T> => {
+  if (response.error) {
+    return {
+      ok: false,
+      error: response.error
+    }
+  }
+
+  return {
+    ok: true,
+    data: response.data
+  }
+}

package/src/validation.ts

@@ -0,0 +1,33 @@
+import { z } from 'zod'
+
+export const loginSchema = z.object({
+  email: z.string().email(),
+  password: z.string().min(8)
+})
+
+export type LoginInput = z.infer<typeof loginSchema>
+
+export const registerSchema = z.object({
+  email: z.string().email(),
+  password: z.string().min(8),
+  confirmPassword: z.string().min(8)
+}).refine((data) => data.password === data.confirmPassword, {
+  message: 'Passwords do not match',
+  path: ['confirmPassword']
+})
+
+export type RegisterInput = z.infer<typeof registerSchema>
+
+export const forgotPasswordSchema = z.object({
+  email: z.string().email()
+})
+
+export type ForgotPasswordInput = z.infer<typeof forgotPasswordSchema>
+
+export const resetPasswordSchema = z.object({
+  token: z.string(),
+  password: z.string().min(8),
+  confirmPassword: z.string().min(8)
+})
+
+export type ResetPasswordInput = z.infer<typeof resetPasswordSchema>