@objectstack/plugin-auth 6.0.0 → 6.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.mts +14 -0
- package/dist/index.d.ts +14 -0
- package/dist/index.js +31 -0
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +31 -0
- package/dist/index.mjs.map +1 -1
- package/package.json +5 -4
package/dist/index.mjs
CHANGED
|
@@ -483,6 +483,7 @@ var AuthManager = class {
|
|
|
483
483
|
async createAuthInstance() {
|
|
484
484
|
const { betterAuth } = await import("better-auth");
|
|
485
485
|
const plugins = await this.buildPluginList();
|
|
486
|
+
const passwordHasher = await this.resolvePasswordHasher();
|
|
486
487
|
const betterAuthConfig = {
|
|
487
488
|
// Base configuration
|
|
488
489
|
secret: this.config.secret || this.generateSecret(),
|
|
@@ -542,6 +543,7 @@ var AuthManager = class {
|
|
|
542
543
|
// Email and password configuration
|
|
543
544
|
emailAndPassword: {
|
|
544
545
|
enabled: this.config.emailAndPassword?.enabled ?? true,
|
|
546
|
+
...passwordHasher ? { password: passwordHasher } : {},
|
|
545
547
|
...this.config.emailAndPassword?.disableSignUp != null ? { disableSignUp: this.config.emailAndPassword.disableSignUp } : {},
|
|
546
548
|
...this.config.emailAndPassword?.requireEmailVerification != null ? { requireEmailVerification: this.config.emailAndPassword.requireEmailVerification } : {},
|
|
547
549
|
...this.config.emailAndPassword?.minPasswordLength != null ? { minPasswordLength: this.config.emailAndPassword.minPasswordLength } : {},
|
|
@@ -658,6 +660,35 @@ var AuthManager = class {
|
|
|
658
660
|
};
|
|
659
661
|
return betterAuth(betterAuthConfig);
|
|
660
662
|
}
|
|
663
|
+
/**
|
|
664
|
+
* Detect WebContainer (StackBlitz) and swap in a pure-JS scrypt hasher.
|
|
665
|
+
*
|
|
666
|
+
* better-auth defaults to `@better-auth/utils/password.node`, which calls
|
|
667
|
+
* `node:crypto.scrypt`. WebContainer polyfills that API incompletely and
|
|
668
|
+
* signup throws `TypeError: y.run is not a function`. The pure-JS variant
|
|
669
|
+
* at `@better-auth/utils/password` uses `@noble/hashes/scrypt` with
|
|
670
|
+
* identical params (N=16384, r=16, p=1, dkLen=64) and emits the same
|
|
671
|
+
* `{salt}:{keyHex}` format, so existing hashes remain verifiable.
|
|
672
|
+
*
|
|
673
|
+
* Returns `undefined` outside WebContainer so production deployments keep
|
|
674
|
+
* the native (fast) hasher and never load the JS fallback.
|
|
675
|
+
*/
|
|
676
|
+
async resolvePasswordHasher() {
|
|
677
|
+
const isWebContainer = typeof globalThis !== "undefined" && (Boolean(globalThis.process?.versions?.webcontainer) || Boolean(globalThis.process?.env?.SHELL?.includes?.("jsh")) || Boolean(globalThis.process?.env?.STACKBLITZ));
|
|
678
|
+
if (!isWebContainer) return void 0;
|
|
679
|
+
try {
|
|
680
|
+
const mod = await import("@better-auth/utils/password");
|
|
681
|
+
return {
|
|
682
|
+
hash: (password) => mod.hashPassword(password),
|
|
683
|
+
verify: ({ hash, password }) => mod.verifyPassword(hash, password)
|
|
684
|
+
};
|
|
685
|
+
} catch (err) {
|
|
686
|
+
console.warn(
|
|
687
|
+
`[AuthManager] WebContainer detected but pure-JS password hasher unavailable: ${err?.message ?? err}. Falling back to default.`
|
|
688
|
+
);
|
|
689
|
+
return void 0;
|
|
690
|
+
}
|
|
691
|
+
}
|
|
661
692
|
/**
|
|
662
693
|
* Build the list of better-auth plugins based on AuthPluginConfig flags.
|
|
663
694
|
*
|