@onmax/nuxt-better-auth 0.0.2-alpha.13 → 0.0.2-alpha.15

package/dist/module.json

@@ -1,10 +1,10 @@
 {
   "name": "@onmax/nuxt-better-auth",
+  "version": "0.0.2-alpha.15",
   "configKey": "auth",
   "compatibility": {
     "nuxt": ">=3.0.0"
   },
-  "version": "0.0.2-alpha.13",
   "builder": {
     "@nuxt/module-builder": "1.0.2",
     "unbuild": "3.6.1"

package/dist/module.mjs

@@ -1,13 +1,17 @@
-import { existsSync } from 'node:fs';
+import { randomBytes } from 'node:crypto';
+import { existsSync, writeFileSync, readFileSync } from 'node:fs';
 import { mkdir, writeFile } from 'node:fs/promises';
-import { defineNuxtModule, createResolver, hasNuxtModule, addTemplate, addTypeTemplate, updateTemplates, addServerImportsDir, addServerImports, addServerScanDir, addServerHandler, addImportsDir, addPlugin, addComponentsDir, extendPages } from '@nuxt/kit';
+import { defineNuxtModule, createResolver, hasNuxtModule, addTemplate, addTypeTemplate, updateTemplates, addServerImportsDir, addServerImports, addServerScanDir, addServerHandler, addImportsDir, addPlugin, addComponentsDir, installModule, extendPages } from '@nuxt/kit';
 import { consola as consola$1 } from 'consola';
 import { defu } from 'defu';
-import { join } from 'pathe';
+import { join, dirname } from 'pathe';
 import { toRouteMatcher, createRouter } from 'radix3';
-import pluralize from 'pluralize';
+import { isCI, isTest } from 'std-env';
+import { generateDrizzleSchema as generateDrizzleSchema$1 } from '@better-auth/cli/api';
 export { defineClientAuth, defineServerAuth } from '../dist/runtime/config.js';
 
+const version = "0.0.2-alpha.15";
+
 function setupDevTools(nuxt) {
   nuxt.hook("devtools:customTabs", (tabs) => {
     tabs.push({
@@ -23,160 +27,51 @@ function setupDevTools(nuxt) {
   });
 }
 
-function toSnakeCase(str) {
-  return str.replace(/([A-Z]+)([A-Z][a-z])/g, "$1_$2").replace(/([a-z\d])([A-Z])/g, "$1_$2").toLowerCase();
-}
-function generateDrizzleSchema(tables, dialect, options) {
-  const typedTables = tables;
-  const imports = getImports(dialect, options);
-  const tableDefinitions = Object.entries(typedTables).map(([tableName, table]) => generateTable(tableName, table, dialect, typedTables, options)).join("\n\n");
-  return `${imports}
-
-${tableDefinitions}
-`;
-}
-function getImports(dialect, options) {
-  switch (dialect) {
-    case "sqlite":
-      return `import { integer, sqliteTable, text } from 'drizzle-orm/sqlite-core'`;
-    case "postgresql":
-      return options?.useUuid ? `import { boolean, integer, pgTable, text, timestamp, uuid } from 'drizzle-orm/pg-core'` : `import { boolean, integer, pgTable, text, timestamp } from 'drizzle-orm/pg-core'`;
-    case "mysql":
-      return `import { boolean, int, mysqlTable, text, timestamp, varchar } from 'drizzle-orm/mysql-core'`;
-  }
-}
-function generateTable(tableName, table, dialect, allTables, options) {
-  const tableFunc = dialect === "sqlite" ? "sqliteTable" : dialect === "postgresql" ? "pgTable" : "mysqlTable";
-  const hasCustomModelName = table.modelName && table.modelName !== tableName;
-  let dbTableName = hasCustomModelName ? table.modelName : tableName;
-  if (options?.casing === "snake_case" && !hasCustomModelName)
-    dbTableName = toSnakeCase(dbTableName);
-  if (options?.usePlural && !hasCustomModelName)
-    dbTableName = pluralize(dbTableName);
-  const fields = Object.entries(table.fields).map(([fieldName, field]) => generateField(fieldName, field, dialect, allTables, options)).join(",\n    ");
-  const idField = generateIdField(dialect, options);
-  return `export const ${tableName} = ${tableFunc}('${dbTableName}', {
-    ${idField},
-    ${fields}
-  })`;
-}
-function generateIdField(dialect, options) {
-  switch (dialect) {
-    case "sqlite":
-      if (options?.useUuid)
-        consola$1.warn("[@onmax/nuxt-better-auth] useUuid ignored for SQLite (no native uuid type). Using text.");
-      return `id: text('id').primaryKey()`;
-    case "postgresql":
-      return options?.useUuid ? `id: uuid('id').defaultRandom().primaryKey()` : `id: text('id').primaryKey()`;
-    case "mysql":
-      return `id: varchar('id', { length: 36 }).primaryKey()`;
-  }
-}
-function generateField(fieldName, field, dialect, allTables, options) {
-  const dbFieldName = options?.casing === "snake_case" ? toSnakeCase(fieldName) : fieldName;
-  const isFkToId = options?.useUuid && field.references?.field === "id";
-  let fieldDef;
-  if (isFkToId && dialect === "postgresql")
-    fieldDef = `uuid('${dbFieldName}')`;
-  else if (isFkToId && dialect === "mysql")
-    fieldDef = `varchar('${dbFieldName}', { length: 36 })`;
-  else
-    fieldDef = getFieldType(field.type, dialect, dbFieldName);
-  if (field.required && field.defaultValue === void 0)
-    fieldDef += ".notNull()";
-  if (field.unique)
-    fieldDef += ".unique()";
-  if (field.defaultValue !== void 0) {
-    if (typeof field.defaultValue === "boolean")
-      fieldDef += `.default(${field.defaultValue})`;
-    else if (typeof field.defaultValue === "string")
-      fieldDef += `.default('${field.defaultValue}')`;
-    else if (typeof field.defaultValue === "function")
-      fieldDef += `.$defaultFn(${field.defaultValue})`;
-    else
-      fieldDef += `.default(${field.defaultValue})`;
-    if (field.required)
-      fieldDef += ".notNull()";
-  }
-  if (typeof field.onUpdate === "function" && field.type === "date")
-    fieldDef += `.$onUpdate(${field.onUpdate})`;
-  if (field.references) {
-    const refTable = field.references.model;
-    if (allTables[refTable])
-      fieldDef += `.references(() => ${refTable}.${field.references.field})`;
-  }
-  return `${fieldName}: ${fieldDef}`;
+function dialectToProvider(dialect) {
+  return dialect === "postgresql" ? "pg" : dialect;
 }
-function getFieldType(type, dialect, fieldName) {
-  const normalizedType = Array.isArray(type) ? "string" : type;
-  switch (dialect) {
-    case "sqlite":
-      return getSqliteType(normalizedType, fieldName);
-    case "postgresql":
-      return getPostgresType(normalizedType, fieldName);
-    case "mysql":
-      return getMysqlType(normalizedType, fieldName);
-  }
-}
-function getSqliteType(type, fieldName) {
-  switch (type) {
-    case "string":
-      return `text('${fieldName}')`;
-    case "boolean":
-      return `integer('${fieldName}', { mode: 'boolean' })`;
-    case "date":
-      return `integer('${fieldName}', { mode: 'timestamp' })`;
-    case "number":
-      return `integer('${fieldName}')`;
-    default:
-      return `text('${fieldName}')`;
-  }
-}
-function getPostgresType(type, fieldName) {
-  switch (type) {
-    case "string":
-      return `text('${fieldName}')`;
-    case "boolean":
-      return `boolean('${fieldName}')`;
-    case "date":
-      return `timestamp('${fieldName}')`;
-    case "number":
-      return `integer('${fieldName}')`;
-    default:
-      return `text('${fieldName}')`;
-  }
-}
-function getMysqlType(type, fieldName) {
-  switch (type) {
-    case "string":
-      return `text('${fieldName}')`;
-    case "boolean":
-      return `boolean('${fieldName}')`;
-    case "date":
-      return `timestamp('${fieldName}')`;
-    case "number":
-      return `int('${fieldName}')`;
-    default:
-      return `text('${fieldName}')`;
+async function generateDrizzleSchema(authOptions, dialect, schemaOptions) {
+  const provider = dialectToProvider(dialect);
+  const options = {
+    ...authOptions,
+    advanced: {
+      ...authOptions.advanced,
+      database: {
+        ...authOptions.advanced?.database,
+        ...schemaOptions?.useUuid && { generateId: "uuid" }
+      }
+    }
+  };
+  const adapter = {
+    id: "drizzle",
+    options: {
+      provider,
+      camelCase: schemaOptions?.casing !== "snake_case",
+      adapterConfig: { usePlural: schemaOptions?.usePlural ?? false }
+    }
+  };
+  const result = await generateDrizzleSchema$1({ adapter, options });
+  if (!result.code) {
+    throw new Error(`Schema generation returned empty result for ${dialect}`);
   }
+  return result.code;
 }
 async function loadUserAuthConfig(configPath, throwOnError = false) {
   const { createJiti } = await import('jiti');
   const { defineServerAuth } = await import('../dist/runtime/config.js');
   const jiti = createJiti(import.meta.url, { interopDefault: true, moduleCache: false });
-  const key = "defineServerAuth";
-  const g = globalThis;
-  if (!g[key]) {
+  if (!globalThis.defineServerAuth) {
     defineServerAuth._count = 0;
-    g[key] = defineServerAuth;
+    globalThis.defineServerAuth = defineServerAuth;
   }
-  g[key]._count++;
+  globalThis.defineServerAuth._count++;
   try {
     const mod = await jiti.import(configPath);
-    const configFn = typeof mod === "object" && mod !== null && "default" in mod ? mod.default : mod;
+    const configFn = mod.default;
     if (typeof configFn === "function") {
       return configFn({ runtimeConfig: {}, db: null });
     }
+    consola$1.warn("[@onmax/nuxt-better-auth] auth.config.ts does not export default. Expected: export default defineServerAuth(...)");
     if (throwOnError) {
       throw new Error("auth.config.ts must export default defineServerAuth(...)");
     }
@@ -188,9 +83,9 @@ async function loadUserAuthConfig(configPath, throwOnError = false) {
     consola$1.error("[@onmax/nuxt-better-auth] Failed to load auth config for schema generation. Schema may be incomplete:", error);
     return {};
   } finally {
-    g[key]._count--;
-    if (!g[key]._count) {
-      delete g[key];
+    globalThis.defineServerAuth._count--;
+    if (!globalThis.defineServerAuth._count) {
+      globalThis.defineServerAuth = void 0;
     }
   }
 }
@@ -210,8 +105,72 @@ function getHubCasing(hub) {
   return hub.db.casing;
 }
 const consola = consola$1.withTag("nuxt-better-auth");
+const generateSecret = () => randomBytes(32).toString("hex");
+function readEnvFile(rootDir) {
+  const envPath = join(rootDir, ".env");
+  return existsSync(envPath) ? readFileSync(envPath, "utf-8") : "";
+}
+function hasEnvSecret(rootDir) {
+  const match = readEnvFile(rootDir).match(/^BETTER_AUTH_SECRET=(.+)$/m);
+  return !!match && !!match[1] && match[1].trim().length > 0;
+}
+function appendSecretToEnv(rootDir, secret) {
+  const envPath = join(rootDir, ".env");
+  let content = readEnvFile(rootDir);
+  if (content.length > 0 && !content.endsWith("\n"))
+    content += "\n";
+  content += `BETTER_AUTH_SECRET=${secret}
+`;
+  writeFileSync(envPath, content, "utf-8");
+}
+async function promptForSecret(rootDir) {
+  if (process.env.BETTER_AUTH_SECRET || hasEnvSecret(rootDir))
+    return void 0;
+  if (isCI || isTest) {
+    const secret2 = generateSecret();
+    appendSecretToEnv(rootDir, secret2);
+    consola.info("Generated BETTER_AUTH_SECRET and added to .env (CI mode)");
+    return secret2;
+  }
+  consola.box("BETTER_AUTH_SECRET is required for authentication.\nThis will be appended to your .env file.");
+  const choice = await consola.prompt("How do you want to set it?", {
+    type: "select",
+    options: [
+      { label: "Generate for me", value: "generate", hint: "uses crypto.randomBytes(32)" },
+      { label: "Enter manually", value: "paste" },
+      { label: "Skip", value: "skip", hint: "will fail in production" }
+    ],
+    cancel: "null"
+  });
+  if (typeof choice === "symbol" || choice === "skip") {
+    consola.warn("Skipping BETTER_AUTH_SECRET. Auth will fail without it in production.");
+    return void 0;
+  }
+  let secret;
+  if (choice === "generate") {
+    secret = generateSecret();
+  } else {
+    const input = await consola.prompt("Paste your secret (min 32 chars):", { type: "text", cancel: "null" });
+    if (typeof input === "symbol" || !input || input.length < 32) {
+      consola.warn("Invalid secret. Skipping.");
+      return void 0;
+    }
+    secret = input;
+  }
+  const preview = `${secret.slice(0, 8)}...${secret.slice(-4)}`;
+  const confirm = await consola.prompt(`Add to .env:
+BETTER_AUTH_SECRET=${preview}
+Proceed?`, { type: "confirm", initial: true, cancel: "null" });
+  if (typeof confirm === "symbol" || !confirm) {
+    consola.info("Cancelled. Secret not written.");
+    return void 0;
+  }
+  appendSecretToEnv(rootDir, secret);
+  consola.success("Added BETTER_AUTH_SECRET to .env");
+  return secret;
+}
 const module$1 = defineNuxtModule({
-  meta: { name: "@onmax/nuxt-better-auth", configKey: "auth", compatibility: { nuxt: ">=3.0.0" } },
+  meta: { name: "@onmax/nuxt-better-auth", version, configKey: "auth", compatibility: { nuxt: ">=3.0.0" } },
   defaults: {
     clientOnly: false,
     serverConfig: "server/auth.config",
@@ -219,8 +178,40 @@ const module$1 = defineNuxtModule({
     redirects: { login: "/login", guest: "/" },
     secondaryStorage: false
   },
+  async onInstall(nuxt) {
+    const generatedSecret = await promptForSecret(nuxt.options.rootDir);
+    if (generatedSecret)
+      process.env.BETTER_AUTH_SECRET = generatedSecret;
+    const serverPath = join(nuxt.options.rootDir, "server/auth.config.ts");
+    const clientPath = join(nuxt.options.srcDir, "auth.config.ts");
+    const serverTemplate = `import { defineServerAuth } from '@onmax/nuxt-better-auth/config'
+
+export default defineServerAuth({
+  emailAndPassword: { enabled: true },
+})
+`;
+    const clientTemplate = `import { defineClientAuth } from '@onmax/nuxt-better-auth/config'
+
+export default defineClientAuth({})
+`;
+    if (!existsSync(serverPath)) {
+      await mkdir(dirname(serverPath), { recursive: true });
+      await writeFile(serverPath, serverTemplate);
+      consola.success("Created server/auth.config.ts");
+    }
+    if (!existsSync(clientPath)) {
+      await mkdir(dirname(clientPath), { recursive: true });
+      await writeFile(clientPath, clientTemplate);
+      const relativePath = clientPath.replace(`${nuxt.options.rootDir}/`, "");
+      consola.success(`Created ${relativePath}`);
+    }
+  },
   async setup(options, nuxt) {
     const resolver = createResolver(import.meta.url);
+    if (options.clientConfig === "app/auth.config") {
+      const srcDirRelative = nuxt.options.srcDir.replace(`${nuxt.options.rootDir}/`, "");
+      options.clientConfig = srcDirRelative === nuxt.options.srcDir ? "auth.config" : `${srcDirRelative}/auth.config`;
+    }
     const clientOnly = options.clientOnly;
     const serverConfigFile = options.serverConfig;
     const clientConfigFile = options.clientConfig;
@@ -229,9 +220,9 @@ const module$1 = defineNuxtModule({
     const serverConfigExists = existsSync(`${serverConfigPath}.ts`) || existsSync(`${serverConfigPath}.js`);
     const clientConfigExists = existsSync(`${clientConfigPath}.ts`) || existsSync(`${clientConfigPath}.js`);
     if (!clientOnly && !serverConfigExists)
-      throw new Error(`[nuxt-better-auth] Missing ${serverConfigFile}.ts - create with defineServerAuth()`);
+      throw new Error(`[nuxt-better-auth] Missing ${serverConfigFile}.ts - export default defineServerAuth(...)`);
     if (!clientConfigExists)
-      throw new Error(`[nuxt-better-auth] Missing ${clientConfigFile}.ts - export createAppAuthClient()`);
+      throw new Error(`[nuxt-better-auth] Missing ${clientConfigFile}.ts - export default defineClientAuth(...)`);
     const hasNuxtHub = hasNuxtModule("@nuxthub/core", nuxt);
     const hub = hasNuxtHub ? nuxt.options.hub : void 0;
     const hasHubDb = !clientOnly && hasNuxtHub && !!hub?.db;
@@ -257,14 +248,15 @@ const module$1 = defineNuxtModule({
       consola.info("clientOnly mode enabled - server utilities (serverAuth, getUserSession, requireUserSession) are not available");
     }
     if (!clientOnly) {
-      const betterAuthSecret = process.env.BETTER_AUTH_SECRET || process.env.NUXT_BETTER_AUTH_SECRET || nuxt.options.runtimeConfig.betterAuthSecret || "";
-      if (!nuxt.options.dev && !betterAuthSecret) {
+      const currentSecret = nuxt.options.runtimeConfig.betterAuthSecret;
+      nuxt.options.runtimeConfig.betterAuthSecret = currentSecret || process.env.BETTER_AUTH_SECRET || "";
+      const betterAuthSecret = nuxt.options.runtimeConfig.betterAuthSecret;
+      if (!nuxt.options.dev && !nuxt.options._prepare && !betterAuthSecret) {
         throw new Error("[nuxt-better-auth] BETTER_AUTH_SECRET is required in production. Set BETTER_AUTH_SECRET or NUXT_BETTER_AUTH_SECRET environment variable.");
       }
       if (betterAuthSecret && betterAuthSecret.length < 32) {
         throw new Error("[nuxt-better-auth] BETTER_AUTH_SECRET must be at least 32 characters for security");
       }
-      nuxt.options.runtimeConfig.betterAuthSecret = betterAuthSecret;
       nuxt.options.runtimeConfig.auth = defu(nuxt.options.runtimeConfig.auth, {
         secondaryStorage: secondaryStorageEnabled
       });
@@ -291,11 +283,13 @@ export function createSecondaryStorage() {
         throw new Error("[nuxt-better-auth] hub:db not found. Ensure @nuxthub/core is loaded before this module and hub.db is configured.");
       }
       const hubDialect = getHubDialect(hub) ?? "sqlite";
+      const usePlural = options.schema?.usePlural ?? false;
+      const camelCase = (options.schema?.casing ?? getHubCasing(hub)) !== "snake_case";
       const databaseCode = hasHubDb ? `import { db, schema } from '../hub/db.mjs'
 import { drizzleAdapter } from 'better-auth/adapters/drizzle'
 const rawDialect = '${hubDialect}'
 const dialect = rawDialect === 'postgresql' ? 'pg' : rawDialect
-export function createDatabase() { return drizzleAdapter(db, { provider: dialect, schema }) }
+export function createDatabase() { return drizzleAdapter(db, { provider: dialect, schema, usePlural: ${usePlural}, camelCase: ${camelCase} }) }
 export { db }` : `export function createDatabase() { return undefined }
 export const db = undefined`;
       const databaseTemplate = addTemplate({ filename: "better-auth/database.mjs", getContents: () => databaseCode, write: true });
@@ -328,9 +322,9 @@ declare module '#auth/database' {
         getContents: () => `
 import type { InferUser, InferSession, InferPluginTypes } from 'better-auth'
 import type { RuntimeConfig } from 'nuxt/schema'
-import type configFn from '${serverConfigPath}'
+import type createServerAuth from '${serverConfigPath}'
 
-type _Config = ReturnType<typeof configFn>
+type _Config = ReturnType<typeof createServerAuth>
 
 declare module '#nuxt-better-auth' {
   interface AuthUser extends InferUser<_Config> {}
@@ -351,7 +345,7 @@ interface _AugmentedServerAuthContext {
 declare module '@onmax/nuxt-better-auth/config' {
   import type { BetterAuthOptions } from 'better-auth'
   type ServerAuthConfig = Omit<BetterAuthOptions, 'database' | 'secret' | 'baseURL'>
-  export function defineServerAuth<T extends ServerAuthConfig>(config: (ctx: _AugmentedServerAuthContext) => T): (ctx: _AugmentedServerAuthContext) => T
+  export function defineServerAuth<T extends ServerAuthConfig>(config: T | ((ctx: _AugmentedServerAuthContext) => T)): (ctx: _AugmentedServerAuthContext) => T
 }
 `
       }, { nuxt: true, nitro: true, node: true });
@@ -388,7 +382,7 @@ export type { AuthMeta, AuthMode, AuthRouteRules, UserMatch, RequireSessionOptio
     addTypeTemplate({
       filename: "types/nuxt-better-auth-client.d.ts",
       getContents: () => `
-import type { createAppAuthClient } from '${clientConfigPath}'
+import type createAppAuthClient from '${clientConfigPath}'
 declare module '#nuxt-better-auth' {
   export type AppAuthClient = ReturnType<typeof createAppAuthClient>
 }
@@ -419,6 +413,8 @@ declare module '#nuxt-better-auth' {
     }
     const isProduction = process.env.NODE_ENV === "production" || !nuxt.options.dev;
     if (!isProduction && !clientOnly) {
+      if (!hasNuxtModule("@nuxt/ui"))
+        await installModule("@nuxt/ui");
       setupDevTools(nuxt);
       addServerHandler({ route: "/api/_better-auth/config", method: "get", handler: resolver.resolve("./runtime/server/api/_better-auth/config.get") });
       if (hasHubDb) {
@@ -465,27 +461,22 @@ async function setupBetterAuthSchema(nuxt, serverConfigPath, options) {
     const extendedConfig = {};
     await nuxt.callHook("better-auth:config:extend", extendedConfig);
     const plugins = [...userConfig.plugins || [], ...extendedConfig.plugins || []];
-    const { getAuthTables } = await import('better-auth/db');
-    const tables = getAuthTables({
+    const authOptions = {
+      ...userConfig,
       plugins,
-      secondaryStorage: options.secondaryStorage ? {
-        get: async (_key) => null,
-        set: async (_key, _value, _ttl) => {
-        },
-        delete: async (_key) => {
-        }
-      } : void 0
-    });
-    const useUuid = userConfig.advanced?.database?.generateId === "uuid";
+      secondaryStorage: options.secondaryStorage ? { get: async (_key) => null, set: async (_key, _value, _ttl) => {
+      }, delete: async (_key) => {
+      } } : void 0
+    };
     const hubCasing = getHubCasing(hub);
-    const schemaOptions = { ...options.schema, useUuid, casing: options.schema?.casing ?? hubCasing };
-    const schemaCode = generateDrizzleSchema(tables, dialect, schemaOptions);
+    const schemaOptions = { ...options.schema, useUuid: userConfig.advanced?.database?.generateId === "uuid", casing: options.schema?.casing ?? hubCasing };
+    const schemaCode = await generateDrizzleSchema(authOptions, dialect, schemaOptions);
     const schemaDir = join(nuxt.options.buildDir, "better-auth");
     const schemaPath = join(schemaDir, `schema.${dialect}.ts`);
     await mkdir(schemaDir, { recursive: true });
     await writeFile(schemaPath, schemaCode);
     addTemplate({ filename: `better-auth/schema.${dialect}.ts`, getContents: () => schemaCode, write: true });
-    consola.info(`Generated ${dialect} schema with ${Object.keys(tables).length} tables`);
+    consola.info(`Generated ${dialect} schema`);
   } catch (error) {
     if (isProduction) {
       throw error;

package/dist/runtime/app/composables/useUserSession.js

@@ -1,4 +1,4 @@
-import { createAppAuthClient } from "#auth/client";
+import createAppAuthClient from "#auth/client";
 import { computed, nextTick, useRequestHeaders, useRequestURL, useRuntimeConfig, useState, watch } from "#imports";
 let _client = null;
 function getClient(baseURL) {

package/dist/runtime/config.d.ts

@@ -2,12 +2,13 @@ import type { BetterAuthOptions } from 'better-auth';
 import type { ClientOptions } from 'better-auth/client';
 import type { CasingOption } from '../schema-generator.js';
 import type { ServerAuthContext } from './types/augment.js';
+import { createAuthClient } from 'better-auth/vue';
 export type { ServerAuthContext };
 export interface ClientAuthContext {
     siteUrl: string;
 }
-type ServerAuthConfig = Omit<BetterAuthOptions, 'database' | 'secret' | 'baseURL'>;
-type ClientAuthConfig = Omit<ClientOptions, 'baseURL'> & {
+export type ServerAuthConfig = Omit<BetterAuthOptions, 'database' | 'secret' | 'baseURL'>;
+export type ClientAuthConfig = Omit<ClientOptions, 'baseURL'> & {
     baseURL?: string;
 };
 export type ServerAuthConfigFn = (ctx: ServerAuthContext) => ServerAuthConfig;
@@ -44,5 +45,5 @@ export interface AuthRuntimeConfig {
 export interface AuthPrivateRuntimeConfig {
     secondaryStorage: boolean;
 }
-export declare function defineServerAuth<T extends ServerAuthConfig>(config: (ctx: ServerAuthContext) => T): (ctx: ServerAuthContext) => T;
-export declare function defineClientAuth(config: ClientAuthConfigFn): ClientAuthConfigFn;
+export declare function defineServerAuth<T extends ServerAuthConfig>(config: T | ((ctx: ServerAuthContext) => T)): (ctx: ServerAuthContext) => T;
+export declare function defineClientAuth<T extends ClientAuthConfig>(config: T | ((ctx: ClientAuthContext) => T)): (baseURL: string) => ReturnType<typeof createAuthClient<T>>;

package/dist/runtime/config.js

@@ -1,6 +1,11 @@
+import { createAuthClient } from "better-auth/vue";
 export function defineServerAuth(config) {
-  return config;
+  return typeof config === "function" ? config : () => config;
 }
 export function defineClientAuth(config) {
-  return config;
+  return (baseURL) => {
+    const ctx = { siteUrl: baseURL };
+    const resolved = typeof config === "function" ? config(ctx) : config;
+    return createAuthClient({ ...resolved, baseURL });
+  };
 }

package/dist/runtime/server/utils/auth.js

@@ -2,8 +2,9 @@ import { createDatabase, db } from "#auth/database";
 import { createSecondaryStorage } from "#auth/secondary-storage";
 import createServerAuth from "#auth/server";
 import { betterAuth } from "better-auth";
-import { getRequestURL } from "h3";
+import { getRequestHost, getRequestProtocol } from "h3";
 import { useRuntimeConfig } from "nitropack/runtime";
+import { withoutProtocol } from "ufo";
 let _auth = null;
 function validateURL(url) {
   try {
@@ -12,12 +13,46 @@ function validateURL(url) {
     throw new Error(`Invalid siteUrl: "${url}". Must be a valid URL.`);
   }
 }
+function getNitroOrigin(e) {
+  const cert = process.env.NITRO_SSL_CERT;
+  const key = process.env.NITRO_SSL_KEY;
+  let host = process.env.NITRO_HOST || process.env.HOST;
+  let port;
+  if (import.meta.dev)
+    port = process.env.NITRO_PORT || process.env.PORT || "3000";
+  let protocol = cert && key || !import.meta.dev ? "https" : "http";
+  try {
+    if ((import.meta.dev || import.meta.prerender) && process.env.__NUXT_DEV__) {
+      const origin = JSON.parse(process.env.__NUXT_DEV__).proxy.url;
+      host = withoutProtocol(origin);
+      protocol = origin.includes("https") ? "https" : "http";
+    } else if ((import.meta.dev || import.meta.prerender) && process.env.NUXT_VITE_NODE_OPTIONS) {
+      const origin = JSON.parse(process.env.NUXT_VITE_NODE_OPTIONS).baseURL.replace("/__nuxt_vite_node__", "");
+      host = withoutProtocol(origin);
+      protocol = origin.includes("https") ? "https" : "http";
+    } else if (e) {
+      host = getRequestHost(e, { xForwardedHost: true }) || host;
+      protocol = getRequestProtocol(e, { xForwardedProto: true }) || protocol;
+    }
+  } catch {
+  }
+  if (!host)
+    return void 0;
+  if (host.includes(":") && !host.startsWith("[")) {
+    const hostParts = host.split(":");
+    port = hostParts.pop();
+    host = hostParts.join(":");
+  }
+  const portSuffix = port ? `:${port}` : "";
+  return `${protocol}://${host}${portSuffix}`;
+}
 function getBaseURL(event) {
   const config = useRuntimeConfig();
   if (config.public.siteUrl && typeof config.public.siteUrl === "string")
     return validateURL(config.public.siteUrl);
-  if (event)
-    return getRequestURL(event).origin;
+  const nitroOrigin = getNitroOrigin(event);
+  if (nitroOrigin)
+    return validateURL(nitroOrigin);
   if (process.env.VERCEL_URL)
     return validateURL(`https://${process.env.VERCEL_URL}`);
   if (process.env.CF_PAGES_URL)

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@onmax/nuxt-better-auth",
   "type": "module",
-  "version": "0.0.2-alpha.13",
+  "version": "0.0.2-alpha.15",
   "packageManager": "pnpm@10.15.1",
   "description": "Nuxt module for Better Auth integration with NuxtHub, route protection, session management, and role-based access",
   "author": "onmax",
@@ -10,6 +10,14 @@
     "type": "git",
     "url": "https://github.com/onmax/nuxt-better-auth"
   },
+  "agents": {
+    "skills": [
+      {
+        "name": "nuxt-better-auth",
+        "path": "./skills/nuxt-better-auth"
+      }
+    ]
+  },
   "exports": {
     ".": {
       "types": "./dist/types.d.mts",
@@ -32,7 +40,8 @@
     }
   },
   "files": [
-    "dist"
+    "dist",
+    "skills"
   ],
   "scripts": {
     "prepack": "nuxt-module-build build",
@@ -41,7 +50,7 @@
     "dev:prepare": "nuxt-module-build build --stub && nuxi prepare playground",
     "dev:docs": "nuxi dev docs",
     "build:docs": "nuxi build docs",
-    "release": "bumpp --push",
+    "release": "bumpp --push --no-push-all",
     "lint": "eslint .",
     "lint:fix": "eslint . --fix",
     "typecheck": "vue-tsc --noEmit",
@@ -59,16 +68,17 @@
     }
   },
   "dependencies": {
+    "@better-auth/cli": "^1.5.0-beta.3",
     "@nuxt/kit": "^4.2.2",
+    "@nuxt/ui": "^4.2.1",
     "defu": "^6.1.4",
     "jiti": "^2.4.2",
     "pathe": "^2.0.3",
-    "pluralize": "^8.0.0",
-    "radix3": "^1.1.2"
+    "radix3": "^1.1.2",
+    "std-env": "^3.10.0"
   },
   "devDependencies": {
     "@antfu/eslint-config": "^4.12.0",
-    "@better-auth/cli": "^1.4.6",
     "@libsql/client": "^0.15.15",
     "@nuxt/devtools": "^3.1.1",
     "@nuxt/devtools-kit": "^3.1.1",
@@ -78,8 +88,7 @@
     "@nuxthub/core": "^0.10.3",
     "@types/better-sqlite3": "^7.6.13",
     "@types/node": "latest",
-    "@types/pluralize": "^0.0.33",
-    "better-auth": "^1.4.7",
+    "better-auth": "^1.5.0-beta.3",
     "better-sqlite3": "^11.9.1",
     "bumpp": "^10.3.2",
     "changelogen": "^0.6.2",
@@ -87,6 +96,7 @@
     "drizzle-kit": "^0.31.8",
     "drizzle-orm": "^0.38.4",
     "eslint": "^9.39.1",
+    "npm-agentskills": "https://pkg.pr.new/onmax/npm-agentskills@394499e",
     "nuxt": "^4.2.2",
     "tinyexec": "^1.0.2",
     "typescript": "~5.9.3",