@onmax/nuxt-better-auth 0.0.2-alpha.1 → 0.0.2-alpha.11

package/dist/module.json

@@ -4,7 +4,7 @@
   "compatibility": {
     "nuxt": ">=3.0.0"
   },
-  "version": "0.0.2-alpha.1",
+  "version": "0.0.2-alpha.11",
   "builder": {
     "@nuxt/module-builder": "1.0.2",
     "unbuild": "3.6.1"

package/dist/module.mjs

@@ -1,10 +1,11 @@
 import { existsSync } from 'node:fs';
 import { mkdir, writeFile } from 'node:fs/promises';
-import { defineNuxtModule, createResolver, hasNuxtModule, addTemplate, addTypeTemplate, updateTemplates, addServerImportsDir, addServerScanDir, addServerHandler, addImportsDir, addPlugin, addComponentsDir, extendPages } from '@nuxt/kit';
+import { defineNuxtModule, createResolver, hasNuxtModule, addTemplate, addTypeTemplate, updateTemplates, addServerImportsDir, addServerImports, addServerScanDir, addServerHandler, addImportsDir, addPlugin, addComponentsDir, extendPages } from '@nuxt/kit';
 import { consola as consola$1 } from 'consola';
 import { defu } from 'defu';
 import { join } from 'pathe';
 import { toRouteMatcher, createRouter } from 'radix3';
+import pluralize from 'pluralize';
 export { defineClientAuth, defineServerAuth } from '../dist/runtime/config.js';
 
 function setupDevTools(nuxt) {
@@ -22,46 +23,65 @@ function setupDevTools(nuxt) {
   });
 }
 
-function generateDrizzleSchema(tables, dialect) {
-  const imports = getImports(dialect);
-  const tableDefinitions = Object.entries(tables).map(([tableName, table]) => generateTable(tableName, table, dialect, tables)).join("\n\n");
+function toSnakeCase(str) {
+  return str.replace(/([A-Z]+)([A-Z][a-z])/g, "$1_$2").replace(/([a-z\d])([A-Z])/g, "$1_$2").toLowerCase();
+}
+function generateDrizzleSchema(tables, dialect, options) {
+  const typedTables = tables;
+  const imports = getImports(dialect, options);
+  const tableDefinitions = Object.entries(typedTables).map(([tableName, table]) => generateTable(tableName, table, dialect, typedTables, options)).join("\n\n");
   return `${imports}
 
 ${tableDefinitions}
 `;
 }
-function getImports(dialect) {
+function getImports(dialect, options) {
   switch (dialect) {
     case "sqlite":
       return `import { integer, sqliteTable, text } from 'drizzle-orm/sqlite-core'`;
     case "postgresql":
-      return `import { boolean, pgTable, text, timestamp, integer } from 'drizzle-orm/pg-core'`;
+      return options?.useUuid ? `import { boolean, integer, pgTable, text, timestamp, uuid } from 'drizzle-orm/pg-core'` : `import { boolean, integer, pgTable, text, timestamp } from 'drizzle-orm/pg-core'`;
     case "mysql":
       return `import { boolean, int, mysqlTable, text, timestamp, varchar } from 'drizzle-orm/mysql-core'`;
   }
 }
-function generateTable(tableName, table, dialect, allTables) {
+function generateTable(tableName, table, dialect, allTables, options) {
   const tableFunc = dialect === "sqlite" ? "sqliteTable" : dialect === "postgresql" ? "pgTable" : "mysqlTable";
-  const dbTableName = table.modelName || tableName;
-  const fields = Object.entries(table.fields).map(([fieldName, field]) => generateField(fieldName, field, dialect, allTables)).join(",\n    ");
-  const idField = generateIdField(dialect);
+  const hasCustomModelName = table.modelName && table.modelName !== tableName;
+  let dbTableName = hasCustomModelName ? table.modelName : tableName;
+  if (options?.casing === "snake_case" && !hasCustomModelName)
+    dbTableName = toSnakeCase(dbTableName);
+  if (options?.usePlural && !hasCustomModelName)
+    dbTableName = pluralize(dbTableName);
+  const fields = Object.entries(table.fields).map(([fieldName, field]) => generateField(fieldName, field, dialect, allTables, options)).join(",\n    ");
+  const idField = generateIdField(dialect, options);
   return `export const ${tableName} = ${tableFunc}('${dbTableName}', {
     ${idField},
     ${fields}
   })`;
 }
-function generateIdField(dialect) {
+function generateIdField(dialect, options) {
   switch (dialect) {
     case "sqlite":
-    case "postgresql":
+      if (options?.useUuid)
+        consola$1.warn("[@onmax/nuxt-better-auth] useUuid ignored for SQLite (no native uuid type). Using text.");
       return `id: text('id').primaryKey()`;
+    case "postgresql":
+      return options?.useUuid ? `id: uuid('id').defaultRandom().primaryKey()` : `id: text('id').primaryKey()`;
     case "mysql":
       return `id: varchar('id', { length: 36 }).primaryKey()`;
   }
 }
-function generateField(fieldName, field, dialect, allTables) {
-  const dbFieldName = fieldName;
-  let fieldDef = getFieldType(field.type, dialect, dbFieldName);
+function generateField(fieldName, field, dialect, allTables, options) {
+  const dbFieldName = options?.casing === "snake_case" ? toSnakeCase(fieldName) : fieldName;
+  const isFkToId = options?.useUuid && field.references?.field === "id";
+  let fieldDef;
+  if (isFkToId && dialect === "postgresql")
+    fieldDef = `uuid('${dbFieldName}')`;
+  else if (isFkToId && dialect === "mysql")
+    fieldDef = `varchar('${dbFieldName}', { length: 36 })`;
+  else
+    fieldDef = getFieldType(field.type, dialect, dbFieldName);
   if (field.required && field.defaultValue === void 0)
     fieldDef += ".notNull()";
   if (field.unique)
@@ -71,11 +91,15 @@ function generateField(fieldName, field, dialect, allTables) {
       fieldDef += `.default(${field.defaultValue})`;
     else if (typeof field.defaultValue === "string")
       fieldDef += `.default('${field.defaultValue}')`;
+    else if (typeof field.defaultValue === "function")
+      fieldDef += `.$defaultFn(${field.defaultValue})`;
     else
       fieldDef += `.default(${field.defaultValue})`;
     if (field.required)
       fieldDef += ".notNull()";
   }
+  if (typeof field.onUpdate === "function" && field.type === "date")
+    fieldDef += `.$onUpdate(${field.onUpdate})`;
   if (field.references) {
     const refTable = field.references.model;
     if (allTables[refTable])
@@ -136,22 +160,55 @@ function getMysqlType(type, fieldName) {
       return `text('${fieldName}')`;
   }
 }
-async function loadUserAuthConfig(configPath) {
+async function loadUserAuthConfig(configPath, throwOnError = false) {
   const { createJiti } = await import('jiti');
-  const jiti = createJiti(import.meta.url, { interopDefault: true });
+  const { defineServerAuth } = await import('../dist/runtime/config.js');
+  const jiti = createJiti(import.meta.url, { interopDefault: true, moduleCache: false });
+  const key = "defineServerAuth";
+  const g = globalThis;
+  if (!g[key]) {
+    defineServerAuth._count = 0;
+    g[key] = defineServerAuth;
+  }
+  g[key]._count++;
   try {
     const mod = await jiti.import(configPath);
-    const configFn = mod.default || mod;
+    const configFn = typeof mod === "object" && mod !== null && "default" in mod ? mod.default : mod;
     if (typeof configFn === "function") {
       return configFn({ runtimeConfig: {}, db: null });
     }
+    if (throwOnError) {
+      throw new Error("auth.config.ts must export default defineServerAuth(...)");
+    }
     return {};
   } catch (error) {
+    if (throwOnError) {
+      throw new Error(`Failed to load auth config: ${error instanceof Error ? error.message : error}`);
+    }
     consola$1.error("[@onmax/nuxt-better-auth] Failed to load auth config for schema generation. Schema may be incomplete:", error);
     return {};
+  } finally {
+    g[key]._count--;
+    if (!g[key]._count) {
+      delete g[key];
+    }
   }
 }
 
+function getHubDialect(hub) {
+  if (!hub?.db)
+    return void 0;
+  if (typeof hub.db === "string")
+    return hub.db;
+  if (typeof hub.db === "object" && hub.db !== null)
+    return hub.db.dialect;
+  return void 0;
+}
+function getHubCasing(hub) {
+  if (!hub?.db || typeof hub.db !== "object" || hub.db === null)
+    return void 0;
+  return hub.db.casing;
+}
 const consola = consola$1.withTag("nuxt-better-auth");
 const module$1 = defineNuxtModule({
   meta: { name: "@onmax/nuxt-better-auth", configKey: "auth", compatibility: { nuxt: ">=3.0.0" } },
@@ -186,14 +243,24 @@ const module$1 = defineNuxtModule({
       redirects: { login: options.redirects?.login ?? "/login", guest: options.redirects?.guest ?? "/" },
       useDatabase: hasHubDb
     });
-    nuxt.options.runtimeConfig.betterAuthSecret ||= process.env.BETTER_AUTH_SECRET || process.env.NUXT_BETTER_AUTH_SECRET || "";
+    const betterAuthSecret = process.env.BETTER_AUTH_SECRET || process.env.NUXT_BETTER_AUTH_SECRET || nuxt.options.runtimeConfig.betterAuthSecret || "";
+    if (!nuxt.options.dev && !betterAuthSecret) {
+      throw new Error("[nuxt-better-auth] BETTER_AUTH_SECRET is required in production. Set BETTER_AUTH_SECRET or NUXT_BETTER_AUTH_SECRET environment variable.");
+    }
+    if (betterAuthSecret && betterAuthSecret.length < 32) {
+      throw new Error("[nuxt-better-auth] BETTER_AUTH_SECRET must be at least 32 characters for security");
+    }
+    nuxt.options.runtimeConfig.betterAuthSecret = betterAuthSecret;
     nuxt.options.runtimeConfig.auth = defu(nuxt.options.runtimeConfig.auth, {
       secondaryStorage: secondaryStorageEnabled
     });
     nuxt.options.alias["#nuxt-better-auth"] = resolver.resolve("./runtime/types/augment");
     nuxt.options.alias["#auth/server"] = serverConfigPath;
     nuxt.options.alias["#auth/client"] = clientConfigPath;
-    const secondaryStorageCode = secondaryStorageEnabled ? `import { kv } from 'hub:kv'
+    if (secondaryStorageEnabled && !nuxt.options.alias["hub:kv"]) {
+      throw new Error("[nuxt-better-auth] hub:kv not found. Ensure @nuxthub/core is loaded before this module and hub.kv is enabled.");
+    }
+    const secondaryStorageCode = secondaryStorageEnabled ? `import { kv } from '../hub/kv.mjs'
 export function createSecondaryStorage() {
   return {
     get: async (key) => kv.get(\`_auth:\${key}\`),
@@ -203,10 +270,13 @@ export function createSecondaryStorage() {
 }` : `export function createSecondaryStorage() { return undefined }`;
     const secondaryStorageTemplate = addTemplate({ filename: "better-auth/secondary-storage.mjs", getContents: () => secondaryStorageCode, write: true });
     nuxt.options.alias["#auth/secondary-storage"] = secondaryStorageTemplate.dst;
-    const hubDbPath = nuxt.options.alias["hub:db"];
-    const databaseCode = hasHubDb && hubDbPath ? `import { db, schema } from '${hubDbPath}'
+    if (hasHubDb && !nuxt.options.alias["hub:db"]) {
+      throw new Error("[nuxt-better-auth] hub:db not found. Ensure @nuxthub/core is loaded before this module and hub.db is configured.");
+    }
+    const hubDialect = getHubDialect(hub) ?? "sqlite";
+    const databaseCode = hasHubDb ? `import { db, schema } from '../hub/db.mjs'
 import { drizzleAdapter } from 'better-auth/adapters/drizzle'
-const rawDialect = '${hub?.db?.dialect ?? "sqlite"}'
+const rawDialect = '${hubDialect}'
 const dialect = rawDialect === 'postgresql' ? 'pg' : rawDialect
 export function createDatabase() { return drizzleAdapter(db, { provider: dialect, schema }) }
 export { db }` : `export function createDatabase() { return undefined }
@@ -260,6 +330,18 @@ declare module '#nuxt-better-auth' {
     ${hasHubDb ? `db: typeof import('hub:db')['db']` : ""}
   }
 }
+
+// Augment the config module to use the extended ServerAuthContext
+interface _AugmentedServerAuthContext {
+  runtimeConfig: RuntimeConfig
+  ${hasHubDb ? `db: typeof import('hub:db')['db']` : "db: unknown"}
+}
+
+declare module '@onmax/nuxt-better-auth/config' {
+  import type { BetterAuthOptions } from 'better-auth'
+  type ServerAuthConfig = Omit<BetterAuthOptions, 'database' | 'secret' | 'baseURL'>
+  export function defineServerAuth<T extends ServerAuthConfig>(config: (ctx: _AugmentedServerAuthContext) => T): (ctx: _AugmentedServerAuthContext) => T
+}
 `
     });
     addTypeTemplate({
@@ -274,19 +356,32 @@ declare module '#nuxt-better-auth' {
     addTypeTemplate({
       filename: "types/nuxt-better-auth-nitro.d.ts",
       getContents: () => `
+declare module 'nitropack' {
+  interface NitroRouteRules {
+    auth?: import('${resolver.resolve("./runtime/types")}').AuthMeta
+  }
+  interface NitroRouteConfig {
+    auth?: import('${resolver.resolve("./runtime/types")}').AuthMeta
+  }
+}
 declare module 'nitropack/types' {
   interface NitroRouteRules {
     auth?: import('${resolver.resolve("./runtime/types")}').AuthMeta
   }
+  interface NitroRouteConfig {
+    auth?: import('${resolver.resolve("./runtime/types")}').AuthMeta
+  }
 }
+export {}
 `
-    });
+    }, { nuxt: true, nitro: true, node: true });
     nuxt.hook("builder:watch", async (_event, relativePath) => {
       if (relativePath.includes("auth.config")) {
         await updateTemplates({ filter: (t) => t.filename.includes("nuxt-better-auth") });
       }
     });
     addServerImportsDir(resolver.resolve("./runtime/server/utils"));
+    addServerImports([{ name: "defineServerAuth", from: resolver.resolve("./runtime/config") }]);
     addServerScanDir(resolver.resolve("./runtime/server/middleware"));
     addServerHandler({ route: "/api/auth/**", handler: resolver.resolve("./runtime/server/api/auth/[...all]") });
     addImportsDir(resolver.resolve("./runtime/app/composables"));
@@ -298,9 +393,10 @@ declare module 'nitropack/types' {
       app.middleware.push({ name: "auth", path: resolver.resolve("./runtime/app/middleware/auth.global"), global: true });
     });
     if (hasHubDb) {
-      await setupBetterAuthSchema(nuxt, serverConfigPath);
+      await setupBetterAuthSchema(nuxt, serverConfigPath, options);
     }
-    if (nuxt.options.dev && process.env.NODE_ENV !== "production") {
+    const isProduction = process.env.NODE_ENV === "production" || !nuxt.options.dev;
+    if (!isProduction) {
       setupDevTools(nuxt);
       addServerHandler({ route: "/api/_better-auth/config", method: "get", handler: resolver.resolve("./runtime/server/api/_better-auth/config.get") });
       if (hasHubDb) {
@@ -333,22 +429,35 @@ declare module 'nitropack/types' {
     });
   }
 });
-async function setupBetterAuthSchema(nuxt, serverConfigPath) {
+async function setupBetterAuthSchema(nuxt, serverConfigPath, options) {
   const hub = nuxt.options.hub;
-  const dialect = typeof hub.db === "string" ? hub.db : hub.db?.dialect;
+  const dialect = getHubDialect(hub);
   if (!dialect || !["sqlite", "postgresql", "mysql"].includes(dialect)) {
     consola.warn(`Unsupported database dialect: ${dialect}`);
     return;
   }
+  const isProduction = !nuxt.options.dev;
   try {
     const configFile = `${serverConfigPath}.ts`;
-    const userConfig = await loadUserAuthConfig(configFile);
+    const userConfig = await loadUserAuthConfig(configFile, isProduction);
     const extendedConfig = {};
     await nuxt.callHook("better-auth:config:extend", extendedConfig);
     const plugins = [...userConfig.plugins || [], ...extendedConfig.plugins || []];
     const { getAuthTables } = await import('better-auth/db');
-    const tables = getAuthTables({ plugins });
-    const schemaCode = generateDrizzleSchema(tables, dialect);
+    const tables = getAuthTables({
+      plugins,
+      secondaryStorage: options.secondaryStorage ? {
+        get: async (_key) => null,
+        set: async (_key, _value, _ttl) => {
+        },
+        delete: async (_key) => {
+        }
+      } : void 0
+    });
+    const useUuid = userConfig.advanced?.database?.generateId === "uuid";
+    const hubCasing = getHubCasing(hub);
+    const schemaOptions = { ...options.schema, useUuid, casing: options.schema?.casing ?? hubCasing };
+    const schemaCode = generateDrizzleSchema(tables, dialect, schemaOptions);
     const schemaDir = join(nuxt.options.buildDir, "better-auth");
     const schemaPath = join(schemaDir, `schema.${dialect}.ts`);
     await mkdir(schemaDir, { recursive: true });
@@ -356,12 +465,16 @@ async function setupBetterAuthSchema(nuxt, serverConfigPath) {
     addTemplate({ filename: `better-auth/schema.${dialect}.ts`, getContents: () => schemaCode, write: true });
     consola.info(`Generated ${dialect} schema with ${Object.keys(tables).length} tables`);
   } catch (error) {
+    if (isProduction) {
+      throw error;
+    }
     consola.error("Failed to generate schema:", error);
   }
-  nuxt.hook("hub:db:schema:extend", ({ paths, dialect: hookDialect }) => {
+  const nuxtWithHubHooks = nuxt;
+  nuxtWithHubHooks.hook("hub:db:schema:extend", ({ paths, dialect: hookDialect }) => {
     const schemaPath = join(nuxt.options.buildDir, "better-auth", `schema.${hookDialect}.ts`);
     if (existsSync(schemaPath)) {
-      paths.push(schemaPath);
+      paths.unshift(schemaPath);
     }
   });
 }

package/dist/runtime/app/composables/useUserSession.d.ts

@@ -1,20 +1,22 @@
-import type { AuthUser } from '#nuxt-better-auth';
+import type { AppAuthClient, AuthSession, AuthUser } from '#nuxt-better-auth';
+import type { ComputedRef, Ref } from 'vue';
 export interface SignOutOptions {
     onSuccess?: () => void | Promise<void>;
 }
-export declare function useUserSession(): {
-    client: any;
-    session: any;
-    user: any;
-    loggedIn: any;
-    ready: any;
-    signIn: any;
-    signUp: any;
-    signOut: (options?: SignOutOptions) => Promise<any>;
+export interface UseUserSessionReturn {
+    client: AppAuthClient | null;
+    session: Ref<AuthSession | null>;
+    user: Ref<AuthUser | null>;
+    loggedIn: ComputedRef<boolean>;
+    ready: ComputedRef<boolean>;
+    signIn: NonNullable<AppAuthClient>['signIn'];
+    signUp: NonNullable<AppAuthClient>['signUp'];
+    signOut: (options?: SignOutOptions) => Promise<void>;
     waitForSession: () => Promise<void>;
     fetchSession: (options?: {
         headers?: HeadersInit;
         force?: boolean;
     }) => Promise<void>;
     updateUser: (updates: Partial<AuthUser>) => void;
-};
+}
+export declare function useUserSession(): UseUserSessionReturn;

package/dist/runtime/app/composables/useUserSession.js

@@ -1,6 +1,5 @@
 import { createAppAuthClient } from "#auth/client";
-import { computed, useRequestHeaders, useRequestURL, useRuntimeConfig, useState, watch } from "#imports";
-import { consola } from "consola";
+import { computed, nextTick, useRequestHeaders, useRequestURL, useRuntimeConfig, useState, watch } from "#imports";
 let _client = null;
 function getClient(baseURL) {
   if (!_client)
@@ -30,7 +29,8 @@ export function useUserSession() {
       () => clientSession.value,
       (newSession) => {
         if (newSession?.data?.session && newSession?.data?.user) {
-          session.value = newSession.data.session;
+          const { token: _, ...safeSession } = newSession.data.session;
+          session.value = safeSession;
           user.value = newSession.data.user;
         } else if (!newSession?.isPending) {
           clearSession();
@@ -62,6 +62,9 @@ export function useUserSession() {
   function wrapOnSuccess(cb) {
     return async (ctx) => {
       await fetchSession({ force: true });
+      if (!loggedIn.value)
+        await waitForSession();
+      await nextTick();
       await cb(ctx);
     };
   }
@@ -79,10 +82,11 @@ export function useUserSession() {
   }
   const signIn = client?.signIn ? new Proxy(client.signIn, {
     get(target, prop) {
-      const method = target[prop];
+      const targetRecord = target;
+      const method = targetRecord[prop];
       if (typeof method !== "function")
         return method;
-      return wrapAuthMethod((...args) => target[prop](...args));
+      return wrapAuthMethod((...args) => targetRecord[prop](...args));
     }
   }) : new Proxy({}, {
     get: (_, prop) => {
@@ -91,10 +95,11 @@ export function useUserSession() {
   });
   const signUp = client?.signUp ? new Proxy(client.signUp, {
     get(target, prop) {
-      const method = target[prop];
+      const targetRecord = target;
+      const method = targetRecord[prop];
       if (typeof method !== "function")
         return method;
-      return wrapAuthMethod((...args) => target[prop](...args));
+      return wrapAuthMethod((...args) => targetRecord[prop](...args));
     }
   }) : new Proxy({}, {
     get: (_, prop) => {
@@ -115,15 +120,15 @@ export function useUserSession() {
         const result = await client.getSession({ query }, fetchOptions);
         const data = result.data;
         if (data?.session && data?.user) {
-          session.value = data.session;
+          const { token: _, ...safeSession } = data.session;
+          session.value = safeSession;
           user.value = data.user;
         } else {
           clearSession();
         }
       } catch (error) {
         clearSession();
-        if (import.meta.dev)
-          consola.error("Failed to fetch auth session:", error);
+        console.error("[nuxt-better-auth] Failed to fetch session:", error);
       } finally {
         if (!authReady.value)
           authReady.value = true;
@@ -133,11 +138,10 @@ export function useUserSession() {
   async function signOut(options) {
     if (!client)
       throw new Error("signOut can only be called on client-side");
-    const response = await client.signOut();
+    await client.signOut();
     clearSession();
     if (options?.onSuccess)
       await options.onSuccess();
-    return response;
   }
   return {
     client,

package/dist/runtime/app/middleware/auth.global.js

@@ -1,6 +1,12 @@
-import { createError, defineNuxtRouteMiddleware, getRouteRules, navigateTo, useRequestHeaders, useRuntimeConfig } from "#imports";
+import { createError, defineNuxtRouteMiddleware, getRouteRules, navigateTo, useNuxtApp, useRequestHeaders, useRuntimeConfig, useUserSession } from "#imports";
 import { matchesUser } from "../../utils/match-user.js";
 export default defineNuxtRouteMiddleware(async (to) => {
+  const nuxtApp = useNuxtApp();
+  if (import.meta.client) {
+    const isPrerendered = nuxtApp.payload.prerenderedAt || nuxtApp.payload.isCached;
+    if (isPrerendered && nuxtApp.isHydrating)
+      return;
+  }
   if (to.meta.auth === void 0) {
     const rules = await getRouteRules({ path: to.path });
     if (rules.auth !== void 0)
@@ -10,8 +16,8 @@ export default defineNuxtRouteMiddleware(async (to) => {
   if (auth === void 0 || auth === false)
     return;
   const config = useRuntimeConfig().public.auth;
-  const { fetchSession, user, loggedIn, ready } = useUserSession();
-  if (!loggedIn.value && !ready.value) {
+  const { fetchSession, user, loggedIn } = useUserSession();
+  if (!loggedIn.value) {
     const headers = import.meta.server ? useRequestHeaders(["cookie"]) : void 0;
     await fetchSession({ headers });
   }

package/dist/runtime/app/plugins/session.server.js

@@ -12,7 +12,8 @@ export default defineNuxtPlugin({
         const headers = useRequestHeaders(["cookie"]);
         const data = await $fetch("/api/auth/get-session", { headers });
         if (data?.session && data?.user) {
-          session.value = data.session;
+          const { token: _, ...safeSession } = data.session;
+          session.value = safeSession;
           user.value = data.user;
         }
       } catch {

package/dist/runtime/config.d.ts

@@ -1,5 +1,6 @@
 import type { BetterAuthOptions } from 'better-auth';
 import type { ClientOptions } from 'better-auth/client';
+import type { CasingOption } from '../schema-generator.js';
 import type { ServerAuthContext } from './types/augment.js';
 export type { ServerAuthContext };
 export interface ClientAuthContext {
@@ -22,6 +23,13 @@ export interface BetterAuthModuleOptions {
     };
     /** Enable KV secondary storage for sessions. Requires hub.kv: true */
     secondaryStorage?: boolean;
+    /** Schema generation options. Must match drizzleAdapter config. */
+    schema?: {
+        /** Plural table names: user → users. Default: false */
+        usePlural?: boolean;
+        /** Column/table name casing. Explicit value takes precedence over hub.db.casing. */
+        casing?: CasingOption;
+    };
 }
 export interface AuthRuntimeConfig {
     redirects: {

package/dist/runtime/server/api/_better-auth/config.get.d.ts

@@ -9,27 +9,27 @@ declare const _default: import("h3").EventHandler<import("h3").EventHandlerReque
             useDatabase: boolean;
         };
         server: {
-            baseURL: string | undefined;
-            basePath: string;
+            baseURL: any;
+            basePath: any;
             socialProviders: string[];
-            plugins: any[];
-            trustedOrigins: string[] | ((request: Request) => string[] | Promise<string[]>);
+            plugins: any;
+            trustedOrigins: any;
             session: {
                 expiresIn: string;
                 updateAge: string;
-                cookieCache: boolean;
+                cookieCache: any;
             };
             emailAndPassword: boolean;
-            rateLimit: boolean;
+            rateLimit: any;
             advanced: {
-                useSecureCookies: string | boolean;
-                disableCSRFCheck: boolean;
+                useSecureCookies: any;
+                disableCSRFCheck: any;
             };
         };
     };
     error?: undefined;
 } | {
     config: null;
-    error: any;
+    error: string;
 }>>;
 export default _default;

package/dist/runtime/server/api/_better-auth/config.get.js

@@ -1,9 +1,9 @@
 import { defineEventHandler } from "h3";
 import { useRuntimeConfig } from "nitropack/runtime";
 import { serverAuth } from "../../utils/auth.js";
-export default defineEventHandler(async (event) => {
+export default defineEventHandler(async () => {
   try {
-    const auth = await serverAuth(event);
+    const auth = serverAuth();
     const options = auth.options;
     const runtimeConfig = useRuntimeConfig();
     const publicAuth = runtimeConfig.public?.auth;
@@ -41,6 +41,7 @@ export default defineEventHandler(async (event) => {
       }
     };
   } catch (error) {
-    return { config: null, error: error.message || "Failed to fetch config" };
+    console.error("[DevTools] Config fetch failed:", error);
+    return { config: null, error: "Failed to fetch configuration" };
   }
 });

package/dist/runtime/server/api/_better-auth/sessions.get.js

@@ -26,7 +26,16 @@ export default defineEventHandler(async (event) => {
       dbQuery.orderBy(desc(schema.session.createdAt)).limit(limit).offset(offset),
       countQuery
     ]);
-    return { sessions, total: totalResult[0]?.count ?? 0, page, limit };
+    const safeSessions = sessions.map((s) => ({
+      id: s.id,
+      userId: s.userId,
+      createdAt: s.createdAt,
+      updatedAt: s.updatedAt,
+      expiresAt: s.expiresAt,
+      ipAddress: s.ipAddress,
+      userAgent: s.userAgent
+    }));
+    return { sessions: safeSessions, total: totalResult[0]?.count ?? 0, page, limit };
   } catch (error) {
     console.error("[DevTools] Fetch sessions failed:", error);
     return { sessions: [], total: 0, error: "Failed to fetch sessions" };

package/dist/runtime/server/api/auth/[...all].js

@@ -1,6 +1,6 @@
 import { defineEventHandler, toWebRequest } from "h3";
 import { serverAuth } from "../../utils/auth.js";
 export default defineEventHandler(async (event) => {
-  const auth = await serverAuth(event);
+  const auth = serverAuth();
   return auth.handler(toWebRequest(event));
 });

package/dist/runtime/server/utils/auth.d.ts

@@ -1,10 +1,5 @@
-import type { H3Event } from 'h3';
-import { betterAuth } from 'better-auth';
-type AuthInstance = ReturnType<typeof betterAuth>;
-declare module 'h3' {
-    interface H3EventContext {
-        _betterAuth?: AuthInstance;
-    }
-}
-export declare function serverAuth(event: H3Event): Promise<AuthInstance>;
+import type { Auth } from 'better-auth';
+import createServerAuth from '#auth/server';
+type AuthInstance = Auth<ReturnType<typeof createServerAuth>>;
+export declare function serverAuth(): AuthInstance;
 export {};

package/dist/runtime/server/utils/auth.js

@@ -2,31 +2,23 @@ import { createDatabase, db } from "#auth/database";
 import { createSecondaryStorage } from "#auth/secondary-storage";
 import createServerAuth from "#auth/server";
 import { betterAuth } from "better-auth";
-import { consola } from "consola";
-import { getRequestURL } from "h3";
 import { useRuntimeConfig } from "nitropack/runtime";
-const logger = consola.withTag("nuxt-better-auth");
-function getBaseURL(event, siteUrl) {
-  if (siteUrl)
-    return siteUrl;
-  const origin = getRequestURL(event).origin;
-  if (process.env.NODE_ENV === "production")
-    throw new Error("siteUrl must be configured in production. Set NUXT_PUBLIC_SITE_URL or configure in nuxt.config.");
-  logger.warn("siteUrl not set, auto-detected:", origin);
-  return origin;
-}
-export async function serverAuth(event) {
-  if (event.context._betterAuth)
-    return event.context._betterAuth;
+let _auth = null;
+export function serverAuth() {
+  if (_auth)
+    return _auth;
   const runtimeConfig = useRuntimeConfig();
+  const siteUrl = runtimeConfig.public.siteUrl;
+  if (!siteUrl)
+    throw new Error("siteUrl must be configured. Set NUXT_PUBLIC_SITE_URL or configure in nuxt.config.");
   const database = createDatabase();
   const userConfig = createServerAuth({ runtimeConfig, db });
-  event.context._betterAuth = betterAuth({
+  _auth = betterAuth({
     ...userConfig,
     ...database && { database },
     secondaryStorage: createSecondaryStorage(),
     secret: runtimeConfig.betterAuthSecret,
-    baseURL: getBaseURL(event, runtimeConfig.public.siteUrl)
+    baseURL: siteUrl
   });
-  return event.context._betterAuth;
+  return _auth;
 }

package/dist/runtime/server/utils/session.js

@@ -1,7 +1,8 @@
 import { createError } from "h3";
 import { matchesUser } from "../../utils/match-user.js";
+import { serverAuth } from "./auth.js";
 export async function getUserSession(event) {
-  const auth = await serverAuth(event);
+  const auth = serverAuth();
   const session = await auth.api.getSession({ headers: event.headers });
   return session;
 }

package/dist/runtime/types/augment.d.ts

@@ -37,6 +37,6 @@ export interface UserSessionComposable {
     waitForSession: () => Promise<void>;
     signOut: (options?: {
         onSuccess?: () => void | Promise<void>;
-    }) => Promise<unknown>;
+    }) => Promise<void>;
     updateUser: (updates: Partial<AuthUser>) => void;
 }

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@onmax/nuxt-better-auth",
   "type": "module",
-  "version": "0.0.2-alpha.1",
+  "version": "0.0.2-alpha.11",
   "packageManager": "pnpm@10.15.1",
   "description": "Nuxt module for Better Auth integration with NuxtHub, route protection, session management, and role-based access",
   "author": "onmax",
@@ -41,7 +41,7 @@
     "dev:prepare": "nuxt-module-build build --stub && nuxi prepare playground",
     "dev:docs": "nuxi dev docs",
     "build:docs": "nuxi build docs",
-    "release": "bumpp && git push --follow-tags",
+    "release": "bumpp --push",
     "lint": "eslint .",
     "lint:fix": "eslint . --fix",
     "typecheck": "vue-tsc --noEmit",
@@ -63,6 +63,7 @@
     "defu": "^6.1.4",
     "jiti": "^2.4.2",
     "pathe": "^2.0.3",
+    "pluralize": "^8.0.0",
     "radix3": "^1.1.2"
   },
   "devDependencies": {
@@ -77,6 +78,7 @@
     "@nuxthub/core": "^0.10.3",
     "@types/better-sqlite3": "^7.6.13",
     "@types/node": "latest",
+    "@types/pluralize": "^0.0.33",
     "better-auth": "^1.4.7",
     "better-sqlite3": "^11.9.1",
     "bumpp": "^10.3.2",
@@ -95,9 +97,11 @@
   },
   "pnpm": {
     "onlyBuiltDependencies": [
+      "@parcel/watcher",
       "better-sqlite3",
       "esbuild",
-      "@parcel/watcher"
+      "sharp",
+      "workerd"
     ],
     "patchedDependencies": {
       "@peculiar/x509@1.14.2": "patches/@peculiar__x509@1.14.2.patch",