@murumets-ee/auth 0.1.0

package/dist/plugin.d.ts

@@ -0,0 +1,6 @@
+import '@murumets-ee/core';
+export { b as auth, g as getAuth } from './plugin-C-MA3A5U.js';
+import 'better-auth/plugins';
+import 'better-auth';
+import '@murumets-ee/logging';
+import 'better-auth/plugins/access';

package/dist/plugin.js

@@ -0,0 +1 @@
+import{a,b}from"./chunk-2GGGFSMD.js";export{b as auth,a as getAuth};

package/dist/server-GEU5KK6Y.js

@@ -0,0 +1 @@
+import{i as l,j as p}from"./chunk-NH6AU5Z6.js";import{sql as f}from"drizzle-orm";import{betterAuth as w}from"better-auth";import{drizzleAdapter as y}from"better-auth/adapters/drizzle";import{APIError as b,createAuthMiddleware as h}from"better-auth/api";import{nextCookies as A}from"better-auth/next-js";import{admin as I}from"better-auth/plugins";import{createAccessControl as k}from"better-auth/plugins/access";import{organization as R}from"better-auth/plugins/organization";function c(n){let s=n?.context?.session,e=s?.user;return{id:e?.id??s?.userId,name:e?.name}}var S=new Set(["updatedAt","createdAt"]);function T(n,s){function e(t){s?.log(t).catch(()=>{})}let m=null;return{user:{create:{after:async t=>{try{await n.readWrite.execute(f`UPDATE "user" SET role = 'admin' WHERE id = ${t.id} AND (SELECT COUNT(*) FROM "user") = 1`)}catch{}e({action:"auth.signup",entityType:"user",entityId:t.id,userId:t.id,userName:t.name,changes:{fields:{name:t.name,email:t.email}}})}},update:{before:async t=>{let i={};for(let[r,a]of Object.entries(t))S.has(r)||r==="id"||(i[r]=a);m=Object.keys(i).length>0?i:null},after:async(t,i)=>{let r=c(i),a=m;m=null,e({action:"auth.user.update",entityType:"user",entityId:t.id,userId:r.id,userName:r.name,changes:a?{fields:a}:void 0,metadata:{targetUser:t.name}})}},delete:{after:async(t,i)=>{let r=c(i);e({action:"auth.user.delete",entityType:"user",entityId:t.id,userId:r.id,userName:r.name,metadata:{targetUser:t.name}})}}}}}var N=["/sign-in/email","/sign-in/social"],_="/sign-out",v={"/change-password":"auth.password.change","/forget-password":"auth.password.reset_request","/reset-password":"auth.password.reset"},P={"/admin/set-role":"auth.admin.set_role","/admin/ban-user":"auth.admin.ban","/admin/unban-user":"auth.admin.unban","/admin/create-user":"auth.admin.create_user","/admin/remove-user":"auth.admin.remove_user","/admin/impersonate-user":"auth.admin.impersonate","/admin/stop-impersonating":"auth.admin.stop_impersonating","/admin/revoke-session":"auth.admin.revoke_session","/admin/revoke-sessions":"auth.admin.revoke_sessions"};function E(n){function s(e){n.log(e).catch(()=>{})}return{after:h(async e=>{if(N.some(d=>e.path.startsWith(d))){let o=e.context.returned?.status;if(!o)return;if(o>=400){let u=e.body?.email;s({action:"auth.login.failed",metadata:{...typeof u=="string"?{email:u}:{},status:o,path:e.path}})}else{let u=e.context.newSession;u?.user?.id&&s({action:"auth.login",entityType:"user",entityId:u.user.id,userId:u.user.id,userName:u.user.name})}return}if(e.path===_){let d=e.context.returned;if(!d?.status||d.status<400){let o=c(e);o.id&&s({action:"auth.logout",entityType:"user",entityId:o.id,userId:o.id,userName:o.name})}return}let t=v[e.path];if(t){let d=e.context.returned;if(!d?.status||d.status<400){let o=c(e),u=e.body;s({action:t,entityType:"user",userId:o.id,userName:o.name,metadata:{...typeof u?.email=="string"?{email:u.email}:{},path:e.path}})}return}let i=P[e.path];if(!i)return;let r=e.context.returned;if(r?.status&&r.status>=400)return;let a=c(e),g=e.body;s({action:i,entityType:"user",entityId:g?.userId??void 0,userId:a.id,userName:a.name,metadata:{targetUserId:g?.userId,...g?.role?{role:g.role}:{},path:e.path}})})}}function D(n){return h(async s=>{if(s.path!=="/sign-up/email")return;let e=await n.readWrite.execute(f`SELECT COUNT(*)::text as count FROM "user"`);if(Number(e[0]?.count)>0)throw new b("FORBIDDEN",{message:"Sign-up is closed"})})}function q(n,s,e){let m=[...s.entities.values()],t=l(m),i=k(t),r=p(i,m),a={};return n.social?.google&&(a.google=n.social.google),n.social?.github&&(a.github=n.social.github),w({database:y(s.db.readWrite,{provider:"pg",...n.schema?{schema:n.schema}:{}}),emailAndPassword:{enabled:n.providers?.includes("email")??!0},socialProviders:a,session:{expiresIn:n.session?.expiresIn??3600*2,updateAge:n.session?.updateAge??3600},rateLimit:{enabled:!0,window:60,max:100,storage:"memory",customRules:{"/sign-in/email":{window:60,max:5},"/sign-in/social":{window:60,max:10},"/sign-up/email":{window:60,max:3},"/forget-password":{window:60,max:3},"/reset-password":{window:60,max:5},"/admin/*":{window:60,max:20}}},databaseHooks:T(s.db,e),hooks:{before:D(s.db),...e?E(e):{}},plugins:[I({ac:i,roles:r,defaultRole:"authenticated"}),...n.organizations?[R({ac:i,roles:r})]:[],...n.betterAuthPlugins??[],A()]})}export{q as createAuthServer};

package/package.json

@@ -0,0 +1,47 @@
+{
+  "name": "@murumets-ee/auth",
+  "version": "0.1.0",
+  "license": "Elastic-2.0",
+  "type": "module",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    },
+    "./client": {
+      "types": "./dist/client.d.ts",
+      "import": "./dist/client.js"
+    },
+    "./plugin": {
+      "types": "./dist/plugin.d.ts",
+      "import": "./dist/plugin.js"
+    },
+    "./admin": {
+      "types": "./dist/admin/index.d.ts",
+      "import": "./dist/admin/index.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "dependencies": {
+    "better-auth": "^1.4.0",
+    "drizzle-orm": "^0.45.0",
+    "server-only": "^0.0.1",
+    "@murumets-ee/core": "0.1.0",
+    "@murumets-ee/db": "0.1.0",
+    "@murumets-ee/logging": "0.1.0",
+    "@murumets-ee/entity": "0.1.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.10.5",
+    "tsup": "^8.3.5",
+    "typescript": "^5.7.3",
+    "vitest": "^2.1.8"
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "test": "vitest"
+  }
+}