@neondatabase/auth 0.4.0-beta → 0.4.2-beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,4 +1,4 @@
1
- import { t as NeonAuthAdapterCore } from "./adapter-core-Bt4M5I2g.mjs";
1
+ import { t as NeonAuthAdapterCore } from "./adapter-core-D4V1J06B.mjs";
2
2
  import { createAuthClient } from "better-auth/react";
3
3
 
4
4
  //#region src/adapters/better-auth-react/better-auth-react-adapter.ts
package/dist/index.d.mts CHANGED
@@ -1,6 +1,6 @@
1
- import { S as ReactBetterAuthClient, k as VanillaBetterAuthClient } from "./adapter-core-BWM7cWOp.mjs";
2
- import { n as BetterAuthReactAdapterInstance } from "./better-auth-react-adapter-BDxJ65mF.mjs";
3
- import { r as SupabaseAuthAdapterInstance, s as BetterAuthVanillaAdapterInstance } from "./supabase-adapter-BGwV0Vu2.mjs";
1
+ import { A as VanillaBetterAuthClient, C as ReactBetterAuthClient } from "./adapter-core-BiYHR4I-.mjs";
2
+ import { n as BetterAuthReactAdapterInstance } from "./better-auth-react-adapter-D53HN_n5.mjs";
3
+ import { r as SupabaseAuthAdapterInstance, s as BetterAuthVanillaAdapterInstance } from "./supabase-adapter-X2YsFZi4.mjs";
4
4
  import { a as isAuthError, i as isAuthApiError, n as AuthError, t as AuthApiError } from "./auth-interface-Clz-oWq1.mjs";
5
5
 
6
6
  //#region src/neon-auth.d.ts
package/dist/index.mjs CHANGED
@@ -1,5 +1,5 @@
1
- import "./adapter-core-Bt4M5I2g.mjs";
1
+ import "./adapter-core-D4V1J06B.mjs";
2
2
  import { c as isAuthApiError, l as isAuthError, o as AuthApiError, s as AuthError } from "./better-auth-helpers-Bkezghej.mjs";
3
- import { n as createInternalNeonAuth, t as createAuthClient } from "./neon-auth-CS4FpK2X.mjs";
3
+ import { n as createInternalNeonAuth, t as createAuthClient } from "./neon-auth-BEYvHA5c.mjs";
4
4
 
5
5
  export { AuthApiError, AuthError, createAuthClient, createInternalNeonAuth, isAuthApiError, isAuthError };
@@ -1,4 +1,4 @@
1
- import { n as BetterAuthVanillaAdapter } from "./supabase-adapter-DBt4LJJd.mjs";
1
+ import { n as BetterAuthVanillaAdapter } from "./supabase-adapter-BbSvEBy0.mjs";
2
2
 
3
3
  //#region src/neon-auth.ts
4
4
  /**
@@ -1284,6 +1284,110 @@ declare function createAuthClient(): {
1284
1284
  message?: string | undefined;
1285
1285
  }, FetchOptions["throw"] extends true ? true : false>>;
1286
1286
  };
1287
+ } & {
1288
+ signIn: {
1289
+ phoneNumber: <FetchOptions extends better_auth0.ClientFetchOption<Partial<{
1290
+ phoneNumber: string;
1291
+ password: string;
1292
+ rememberMe?: boolean | undefined;
1293
+ }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth0.Prettify<{
1294
+ phoneNumber: string;
1295
+ password: string;
1296
+ rememberMe?: boolean | undefined;
1297
+ } & {
1298
+ fetchOptions?: FetchOptions | undefined;
1299
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch0.BetterFetchResponse<{
1300
+ token: string;
1301
+ user: better_auth_plugins0.UserWithPhoneNumber;
1302
+ }, {
1303
+ code?: string | undefined;
1304
+ message?: string | undefined;
1305
+ }, FetchOptions["throw"] extends true ? true : false>>;
1306
+ };
1307
+ } & {
1308
+ phoneNumber: {
1309
+ sendOtp: <FetchOptions extends better_auth0.ClientFetchOption<Partial<{
1310
+ phoneNumber: string;
1311
+ }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth0.Prettify<{
1312
+ phoneNumber: string;
1313
+ } & {
1314
+ fetchOptions?: FetchOptions | undefined;
1315
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch0.BetterFetchResponse<{
1316
+ message: string;
1317
+ }, {
1318
+ code?: string | undefined;
1319
+ message?: string | undefined;
1320
+ }, FetchOptions["throw"] extends true ? true : false>>;
1321
+ };
1322
+ } & {
1323
+ phoneNumber: {
1324
+ verify: <FetchOptions extends better_auth0.ClientFetchOption<Partial<{
1325
+ phoneNumber: string;
1326
+ code: string;
1327
+ disableSession?: boolean | undefined;
1328
+ updatePhoneNumber?: boolean | undefined;
1329
+ }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth0.Prettify<{
1330
+ phoneNumber: string;
1331
+ code: string;
1332
+ disableSession?: boolean | undefined;
1333
+ updatePhoneNumber?: boolean | undefined;
1334
+ } & {
1335
+ fetchOptions?: FetchOptions | undefined;
1336
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch0.BetterFetchResponse<NonNullable<{
1337
+ status: boolean;
1338
+ token: string;
1339
+ user: {
1340
+ id: string;
1341
+ createdAt: Date;
1342
+ updatedAt: Date;
1343
+ email: string;
1344
+ emailVerified: boolean;
1345
+ name: string;
1346
+ image?: string | null | undefined;
1347
+ } & better_auth_plugins0.UserWithPhoneNumber;
1348
+ } | {
1349
+ status: boolean;
1350
+ token: null;
1351
+ user: better_auth_plugins0.UserWithPhoneNumber;
1352
+ }>, {
1353
+ code?: string | undefined;
1354
+ message?: string | undefined;
1355
+ }, FetchOptions["throw"] extends true ? true : false>>;
1356
+ };
1357
+ } & {
1358
+ phoneNumber: {
1359
+ requestPasswordReset: <FetchOptions extends better_auth0.ClientFetchOption<Partial<{
1360
+ phoneNumber: string;
1361
+ }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth0.Prettify<{
1362
+ phoneNumber: string;
1363
+ } & {
1364
+ fetchOptions?: FetchOptions | undefined;
1365
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch0.BetterFetchResponse<{
1366
+ status: boolean;
1367
+ }, {
1368
+ code?: string | undefined;
1369
+ message?: string | undefined;
1370
+ }, FetchOptions["throw"] extends true ? true : false>>;
1371
+ };
1372
+ } & {
1373
+ phoneNumber: {
1374
+ resetPassword: <FetchOptions extends better_auth0.ClientFetchOption<Partial<{
1375
+ otp: string;
1376
+ phoneNumber: string;
1377
+ newPassword: string;
1378
+ }> & Record<string, any>, Partial<Record<string, any>> & Record<string, any>, Record<string, any> | undefined>>(data_0: better_auth0.Prettify<{
1379
+ otp: string;
1380
+ phoneNumber: string;
1381
+ newPassword: string;
1382
+ } & {
1383
+ fetchOptions?: FetchOptions | undefined;
1384
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch0.BetterFetchResponse<{
1385
+ status: boolean;
1386
+ }, {
1387
+ code?: string | undefined;
1388
+ message?: string | undefined;
1389
+ }, FetchOptions["throw"] extends true ? true : false>>;
1390
+ };
1287
1391
  } & {
1288
1392
  signIn: {
1289
1393
  social: <FetchOptions extends better_auth0.ClientFetchOption<Partial<{
@@ -1369,7 +1473,9 @@ declare function createAuthClient(): {
1369
1473
  image?: string | undefined;
1370
1474
  callbackURL?: string | undefined;
1371
1475
  fetchOptions?: FetchOptions | undefined;
1372
- } & {} & {}>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch0.BetterFetchResponse<NonNullable<{
1476
+ } & {} & {} & {} & {
1477
+ phoneNumber?: string | null | undefined;
1478
+ }>, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch0.BetterFetchResponse<NonNullable<{
1373
1479
  token: null;
1374
1480
  user: {
1375
1481
  id: string;
@@ -1525,7 +1631,9 @@ declare function createAuthClient(): {
1525
1631
  image?: (string | null) | undefined;
1526
1632
  name?: string | undefined;
1527
1633
  fetchOptions?: FetchOptions | undefined;
1528
- } & Partial<{} & {}>> | undefined, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch0.BetterFetchResponse<{
1634
+ } & Partial<{} & {} & {} & {
1635
+ phoneNumber?: string | null | undefined;
1636
+ }>> | undefined, data_1?: FetchOptions | undefined) => Promise<_better_fetch_fetch0.BetterFetchResponse<{
1529
1637
  status: boolean;
1530
1638
  }, {
1531
1639
  code?: string | undefined;
@@ -1803,6 +1911,8 @@ declare function createAuthClient(): {
1803
1911
  role?: string | null | undefined;
1804
1912
  banReason?: string | null | undefined;
1805
1913
  banExpires?: Date | null | undefined;
1914
+ phoneNumber?: string | null | undefined;
1915
+ phoneNumberVerified?: boolean | null | undefined;
1806
1916
  };
1807
1917
  session: {
1808
1918
  id: string;
@@ -1976,6 +2086,8 @@ declare function createAuthClient(): {
1976
2086
  role?: string | null | undefined;
1977
2087
  banReason?: string | null | undefined;
1978
2088
  banExpires?: Date | null | undefined;
2089
+ phoneNumber?: string | null | undefined;
2090
+ phoneNumberVerified?: boolean | null | undefined;
1979
2091
  };
1980
2092
  session: {
1981
2093
  id: string;
@@ -2011,6 +2123,8 @@ declare function createAuthClient(): {
2011
2123
  role?: string | null | undefined;
2012
2124
  banReason?: string | null | undefined;
2013
2125
  banExpires?: Date | null | undefined;
2126
+ phoneNumber?: string | null | undefined;
2127
+ phoneNumberVerified?: boolean | null | undefined;
2014
2128
  };
2015
2129
  session: {
2016
2130
  id: string;
@@ -2178,6 +2292,15 @@ declare function createAuthClient(): {
2178
2292
  readonly OTP_EXPIRED: "OTP expired";
2179
2293
  readonly INVALID_OTP: "Invalid OTP";
2180
2294
  readonly TOO_MANY_ATTEMPTS: "Too many attempts";
2295
+ readonly INVALID_PHONE_NUMBER: "Invalid phone number";
2296
+ readonly PHONE_NUMBER_EXIST: "Phone number already exists";
2297
+ readonly PHONE_NUMBER_NOT_EXIST: "phone number isn't registered";
2298
+ readonly INVALID_PHONE_NUMBER_OR_PASSWORD: "Invalid phone number or password";
2299
+ readonly UNEXPECTED_ERROR: "Unexpected error";
2300
+ readonly OTP_NOT_FOUND: "OTP not found";
2301
+ readonly PHONE_NUMBER_NOT_VERIFIED: "Phone number not verified";
2302
+ readonly PHONE_NUMBER_CANNOT_BE_UPDATED: "Phone number cannot be updated";
2303
+ readonly SEND_OTP_NOT_IMPLEMENTED: "sendOTP not implemented";
2181
2304
  readonly USER_NOT_FOUND: "User not found";
2182
2305
  readonly FAILED_TO_CREATE_SESSION: "Failed to create session";
2183
2306
  readonly FAILED_TO_UPDATE_USER: "Failed to update user";
@@ -1,7 +1,7 @@
1
- import "../adapter-core-Bt4M5I2g.mjs";
1
+ import "../adapter-core-D4V1J06B.mjs";
2
2
  import { c as isAuthApiError, l as isAuthError, o as AuthApiError, s as AuthError } from "../better-auth-helpers-Bkezghej.mjs";
3
- import { t as BetterAuthReactAdapter } from "../better-auth-react-adapter-aMv8WeDb.mjs";
4
- import { t as createAuthClient$1 } from "../neon-auth-CS4FpK2X.mjs";
3
+ import { t as BetterAuthReactAdapter } from "../better-auth-react-adapter-DswZ_kCQ.mjs";
4
+ import { t as createAuthClient$1 } from "../neon-auth-BEYvHA5c.mjs";
5
5
 
6
6
  //#region src/next/index.ts
7
7
  function createAuthClient() {
@@ -1,11 +1,49 @@
1
- import { k as VanillaBetterAuthClient } from "../../adapter-core-BWM7cWOp.mjs";
1
+ import { A as VanillaBetterAuthClient } from "../../adapter-core-BiYHR4I-.mjs";
2
2
  import { a as isAuthError, i as isAuthApiError, n as AuthError, t as AuthApiError } from "../../auth-interface-Clz-oWq1.mjs";
3
3
  import { NextRequest, NextResponse } from "next/server";
4
4
 
5
- //#region src/server/config.d.ts
5
+ //#region src/server/logger.d.ts
6
+ /**
7
+ * Framework-agnostic logging for Neon Auth server-side proxy and middleware.
8
+ */
9
+ /** Supported Neon Auth log levels (`'silent'` disables all Neon Auth SDK `console` output). */
10
+ type NeonAuthLogLevel = 'error' | 'warn' | 'info' | 'debug' | 'silent';
11
+ /**
12
+ * Optional injectable logger. Omitted methods fall back to `console`.
13
+ *
14
+ * Custom implementations may receive structured fields such as `err` (the raw caught value)
15
+ * alongside `detail` for richer sinks (Sentry, OTel).
16
+ */
17
+ type NeonAuthLogger = Partial<{
18
+ error(message: string, meta?: Record<string, unknown>): void;
19
+ warn(message: string, meta?: Record<string, unknown>): void;
20
+ info(message: string, meta?: Record<string, unknown>): void;
21
+ debug(message: string, meta?: Record<string, unknown>): void;
22
+ }>;
23
+ /** Resolved sink after merging defaults and level filtering (same shape as {@link NeonAuthLogger} with all methods required). */
24
+ type ResolvedNeonAuthLogging = Required<NeonAuthLogger>;
25
+ /**
26
+ * Logger / level options for Neon Auth server surfaces.
27
+ *
28
+ * When **`logLevel`** is **`'silent'`**, any **`logger`** is ignored at runtime (full mute).
29
+ */
30
+ type NeonAuthLoggingInput = {
31
+ logger?: NeonAuthLogger;
32
+ /**
33
+ * Minimum level for Neon Auth logs. **`'silent'`** disables all Neon Auth `console` output.
34
+ * @default 'warn' — emits `error` and `warn` only
35
+ */
36
+ logLevel?: NeonAuthLogLevel;
37
+ };
6
38
  /**
7
- * Framework-agnostic configuration types for Neon Auth
39
+ * Merges user logger with `console`, applies {@link NeonAuthLoggingInput} level rules.
40
+ *
41
+ * **Opt-out:** Defaults to `warn` (structured `error` / `warn` to `console`). Set **`logLevel: 'silent'`**
42
+ * to disable completely. Custom **`logger`** overrides `console` per level when not silent.
8
43
  */
44
+ declare function resolveNeonAuthLogging(input?: NeonAuthLoggingInput): ResolvedNeonAuthLogging;
45
+ //#endregion
46
+ //#region src/server/config.d.ts
9
47
  /** Allowed values for the `SameSite` attribute on Neon Auth cookies. */
10
48
  type SessionCookieSameSite = 'strict' | 'lax' | 'none';
11
49
  /**
@@ -54,10 +92,7 @@ interface SessionCookieConfig {
54
92
  */
55
93
  sameSite?: SessionCookieSameSite;
56
94
  }
57
- /**
58
- * Base configuration for Neon Auth server utilities
59
- */
60
- interface NeonAuthConfig {
95
+ type NeonAuthBase = {
61
96
  /**
62
97
  * Base URL for the Neon Auth server
63
98
  * @example 'https://ep-xxxx.neonauth.us-east-1.aws.neon.tech'
@@ -67,18 +102,27 @@ interface NeonAuthConfig {
67
102
  * Cookie configuration
68
103
  */
69
104
  cookies: SessionCookieConfig;
70
- }
105
+ };
71
106
  /**
72
- * Configuration for Neon Auth middleware
73
- * Extends base config with middleware-specific options
107
+ * Base configuration for Neon Auth server utilities.
108
+ *
109
+ * Combines connection settings with {@link NeonAuthLoggingInput} (`logger`, `logLevel`, including `'silent'`).
74
110
  */
75
- interface NeonAuthMiddlewareConfig extends NeonAuthConfig {
111
+ type NeonAuthConfig = NeonAuthBase & NeonAuthLoggingInput;
112
+ /**
113
+ * Configuration for Neon Auth middleware.
114
+ */
115
+ type NeonAuthMiddlewareConfig = NeonAuthConfig & {
76
116
  /**
77
117
  * URL to redirect to when user is not authenticated
78
118
  * @default '/auth/sign-in'
79
119
  */
80
120
  loginUrl?: string;
81
- }
121
+ /**
122
+ * Pre-resolved sink from {@link resolveNeonAuthLogging}. Set by {@link createNeonAuth} so middleware shares the same logging configuration as the API handler without resolving per request.
123
+ */
124
+ log?: ResolvedNeonAuthLogging;
125
+ };
82
126
  //#endregion
83
127
  //#region src/next/server/handler.d.ts
84
128
  type Params = {
@@ -148,6 +192,9 @@ declare function authApiHandler(config: NeonAuthConfig): {
148
192
  * @param config.cookies - Cookie configuration
149
193
  * @param config.cookies.secret - Secret for signing session cookies (minimum 32 characters)
150
194
  * @param config.cookies.sessionDataTtl - Optional TTL for session cache in seconds (default: 300)
195
+ * @param config.logger - Optional structured logger; omitted methods fall back to `console`
196
+ * @param config.logLevel - Minimum log level; `'silent'` disables Neon Auth console output (default: `warn`)
197
+ * @param config.log - Pre-resolved logging sink (set by {@link createNeonAuth})
151
198
  * @param config.loginUrl - The URL to redirect to when the user is not authenticated (default: '/auth/sign-in')
152
199
  * @returns A middleware function that can be used in the Next.js app.
153
200
  * @throws Error if `cookies.secret` is less than 32 characters
@@ -443,7 +490,53 @@ declare const API_ENDPOINTS: {
443
490
  };
444
491
  };
445
492
  //#endregion
493
+ //#region src/server/network-error.d.ts
494
+ /**
495
+ * Classifies failed upstream `fetch` calls for clearer client responses and logs.
496
+ */
497
+ /**
498
+ * Semver-stable transport error codes surfaced as JSON `code` on synthetic HTTP responses
499
+ * (for example 502 from the proxy) and in logs. Treat adding values as non-breaking;
500
+ * renaming or removing values is a breaking change.
501
+ */
502
+ declare const NEON_AUTH_NETWORK_ERROR_CODES: readonly ["NETWORK_ERROR", "NETWORK_DNS", "NETWORK_REFUSED", "NETWORK_TIMEOUT", "NETWORK_TLS", "NETWORK_RESET", "NETWORK_ABORT"];
503
+ /** @see NEON_AUTH_NETWORK_ERROR_CODES */
504
+ type NeonAuthNetworkErrorCode = (typeof NEON_AUTH_NETWORK_ERROR_CODES)[number];
505
+ /**
506
+ * Result of {@link classifyFetchFailure}: a transport failure with a stable
507
+ * {@link NeonAuthNetworkErrorCode}, or an internal/unclassified error (detail for logs only).
508
+ */
509
+ type ClassifiedFetchFailure = {
510
+ kind: 'transport';
511
+ code: NeonAuthNetworkErrorCode;
512
+ /** Safe short detail for logs (no secrets) */
513
+ detail?: string;
514
+ /** Safe message for JSON bodies returned to clients */
515
+ clientMessage: string;
516
+ } | {
517
+ kind: 'internal';
518
+ /** Truncated detail for server-side logs only */
519
+ detail?: string;
520
+ /** Generic message for JSON bodies — never echo raw `Error.message` */
521
+ clientMessage: string;
522
+ };
523
+ /**
524
+ * Inspects an error from `fetch` (including `cause` and aggregate errors) and
525
+ * returns a stable code for responses and observability.
526
+ */
527
+ declare function classifyFetchFailure(error: unknown): ClassifiedFetchFailure;
528
+ //#endregion
446
529
  //#region src/server/types.d.ts
530
+ /**
531
+ * Error shape returned from Neon Auth server API helpers (`auth.signIn`, `getSession`, etc.)
532
+ * when the upstream call fails. `code` is a transport code, `'INTERNAL_ERROR'`, or a Better Auth HTTP error code string.
533
+ */
534
+ type NeonAuthServerApiError = {
535
+ message: string;
536
+ status: number;
537
+ statusText: string;
538
+ code: NeonAuthNetworkErrorCode | 'INTERNAL_ERROR' | (string & {});
539
+ };
447
540
  /**
448
541
  * Extract top-level keys from API_ENDPOINTS.
449
542
  * For nested endpoints like signIn.email, this extracts 'signIn' (not 'email').
@@ -476,6 +569,8 @@ type NeonAuthServer = Pick<VanillaBetterAuthClient, ServerAuthMethods>;
476
569
  * @param config.cookies.secret - Secret for signing session cookies (minimum 32 characters)
477
570
  * @param config.cookies.sessionDataTtl - Optional TTL for session cache in seconds (default: 300)
478
571
  * @param config.cookies.domain - Optional cookie domain (default: current domain)
572
+ * @param config.logger - Optional structured logger; omitted methods fall back to `console` (see {@link NeonAuthLogger})
573
+ * @param config.logLevel - Minimum level; `'silent'` disables Neon Auth server console logs (default: `warn`)
479
574
  * @returns Unified auth instance with server methods, handler, and middleware
480
575
  * @throws Error if `cookies.secret` is less than 32 characters
481
576
  *
@@ -555,4 +650,4 @@ type NeonAuth = NeonAuthServer & {
555
650
  middleware: (middlewareConfig?: Pick<NeonAuthMiddlewareConfig, 'loginUrl'>) => ReturnType<typeof neonAuthMiddleware>;
556
651
  };
557
652
  //#endregion
558
- export { AuthApiError, AuthError, NeonAuth, createNeonAuth, isAuthApiError, isAuthError };
653
+ export { AuthApiError, AuthError, type ClassifiedFetchFailure, NEON_AUTH_NETWORK_ERROR_CODES, NeonAuth, type NeonAuthLogLevel, type NeonAuthLogger, type NeonAuthLoggingInput, type NeonAuthNetworkErrorCode, type NeonAuthServerApiError, type ResolvedNeonAuthLogging, classifyFetchFailure, createNeonAuth, isAuthApiError, isAuthError, resolveNeonAuthLogging };