@opensaas/stack-auth 0.21.0 → 0.23.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-build.log +1 -1
- package/CHANGELOG.md +92 -0
- package/CLAUDE.md +98 -0
- package/README.md +33 -0
- package/dist/config/adopt-better-auth-tables.d.ts +107 -0
- package/dist/config/adopt-better-auth-tables.d.ts.map +1 -0
- package/dist/config/adopt-better-auth-tables.js +70 -0
- package/dist/config/adopt-better-auth-tables.js.map +1 -0
- package/dist/config/derive-auth-lists.d.ts +50 -0
- package/dist/config/derive-auth-lists.d.ts.map +1 -0
- package/dist/config/derive-auth-lists.js +274 -0
- package/dist/config/derive-auth-lists.js.map +1 -0
- package/dist/config/index.d.ts.map +1 -1
- package/dist/config/index.js +43 -0
- package/dist/config/index.js.map +1 -1
- package/dist/config/plugin.d.ts.map +1 -1
- package/dist/config/plugin.js +52 -9
- package/dist/config/plugin.js.map +1 -1
- package/dist/config/types.d.ts +130 -3
- package/dist/config/types.d.ts.map +1 -1
- package/dist/index.d.ts +4 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +6 -0
- package/dist/index.js.map +1 -1
- package/dist/lists/index.d.ts +17 -11
- package/dist/lists/index.d.ts.map +1 -1
- package/dist/lists/index.js +34 -208
- package/dist/lists/index.js.map +1 -1
- package/dist/server/index.d.ts.map +1 -1
- package/dist/server/index.js +28 -7
- package/dist/server/index.js.map +1 -1
- package/package.json +2 -2
- package/src/config/adopt-better-auth-tables.ts +146 -0
- package/src/config/derive-auth-lists.ts +323 -0
- package/src/config/index.ts +58 -0
- package/src/config/plugin.ts +66 -9
- package/src/config/types.ts +146 -3
- package/src/index.ts +13 -0
- package/src/lists/index.ts +42 -202
- package/src/server/index.ts +31 -9
- package/tests/adopt-better-auth-tables.test.ts +183 -0
- package/tests/derive-auth-lists.test.ts +232 -0
- package/tests/plugin-derived-keys.test.ts +138 -0
- package/tests/plugin-schema-placement.test.ts +121 -0
- package/tsconfig.tsbuildinfo +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/config/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AAE7D;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG;IAC1B,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,EAAE,MAAM,CAAA;IACpB,OAAO,CAAC,EAAE,OAAO,CAAA;CAClB,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAAG;IAClC,MAAM,CAAC,EAAE,aAAa,CAAA;IACtB,MAAM,CAAC,EAAE,aAAa,CAAA;IACtB,OAAO,CAAC,EAAE,aAAa,CAAA;IACvB,OAAO,CAAC,EAAE,aAAa,CAAA;IACvB,CAAC,GAAG,EAAE,MAAM,GAAG,aAAa,GAAG,SAAS,CAAA;CACzC,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,EAAE,OAAO,CAAA;IAChB;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B;;;OAGG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAA;CAC9B,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG;IACpC,OAAO,EAAE,OAAO,CAAA;IAChB;;;OAGG;IACH,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB;;;OAGG;IACH,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,EAAE,OAAO,CAAA;IAChB;;;OAGG;IACH,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG;IAC1B;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,CAAA;CACpB,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG;IACvB;;OAEG;IACH,gBAAgB,CAAC,EAAE,mBAAmB,GAAG;QAAE,OAAO,EAAE,IAAI,CAAA;KAAE,CAAA;IAE1D;;OAEG;IACH,iBAAiB,CAAC,EAAE,uBAAuB,GAAG;QAAE,OAAO,EAAE,IAAI,CAAA;KAAE,CAAA;IAE/D;;OAEG;IACH,aAAa,CAAC,EAAE,mBAAmB,GAAG;QAAE,OAAO,EAAE,IAAI,CAAA;KAAE,CAAA;IAEvD;;OAEG;IACH,eAAe,CAAC,EAAE,qBAAqB,CAAA;IAEvC;;OAEG;IACH,OAAO,CAAC,EAAE,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/config/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AAE7D;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG;IAC1B,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,EAAE,MAAM,CAAA;IACpB,OAAO,CAAC,EAAE,OAAO,CAAA;CAClB,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAAG;IAClC,MAAM,CAAC,EAAE,aAAa,CAAA;IACtB,MAAM,CAAC,EAAE,aAAa,CAAA;IACtB,OAAO,CAAC,EAAE,aAAa,CAAA;IACvB,OAAO,CAAC,EAAE,aAAa,CAAA;IACvB,CAAC,GAAG,EAAE,MAAM,GAAG,aAAa,GAAG,SAAS,CAAA;CACzC,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,EAAE,OAAO,CAAA;IAChB;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B;;;OAGG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAA;CAC9B,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG;IACpC,OAAO,EAAE,OAAO,CAAA;IAChB;;;OAGG;IACH,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB;;;OAGG;IACH,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,EAAE,OAAO,CAAA;IAChB;;;OAGG;IACH,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG;IAC1B;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,CAAA;CACpB,CAAA;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,MAAM,eAAe,GAAG;IAC5B;;;;OAIG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;;;;;;;OAQG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAC/B;;;;;;;;;;OAUG;IACH,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG;IACvB;;OAEG;IACH,gBAAgB,CAAC,EAAE,mBAAmB,GAAG;QAAE,OAAO,EAAE,IAAI,CAAA;KAAE,CAAA;IAE1D;;OAEG;IACH,iBAAiB,CAAC,EAAE,uBAAuB,GAAG;QAAE,OAAO,EAAE,IAAI,CAAA;KAAE,CAAA;IAE/D;;OAEG;IACH,aAAa,CAAC,EAAE,mBAAmB,GAAG;QAAE,OAAO,EAAE,IAAI,CAAA;KAAE,CAAA;IAEvD;;OAEG;IACH,eAAe,CAAC,EAAE,qBAAqB,CAAA;IAEvC;;;;;;OAMG;IACH,OAAO,CAAC,EAAE,aAAa,GAAG,eAAe,CAAA;IAEzC;;;;;OAKG;IACH,IAAI,CAAC,EAAE,eAAe,CAAA;IAEtB;;OAEG;IACH,OAAO,CAAC,EAAE,eAAe,CAAA;IAEzB;;OAEG;IACH,YAAY,CAAC,EAAE,eAAe,CAAA;IAE9B;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,MAAM,CAAC,EAAE,MAAM,CAAA;IAEf;;;;;;;;;;OAUG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;IAExB;;;;;;;;;;;;OAYG;IACH,cAAc,CAAC,EAAE,oBAAoB,CAAA;IAErC;;;;;;;;;;OAUG;IACH,SAAS,CAAC,EAAE,CAAC,MAAM,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAEpF;;;;;;;;;;;;OAYG;IAEH,iBAAiB,CAAC,EAAE,GAAG,EAAE,CAAA;IAEzB;;;;;;;;;;;;;;;;;;OAkBG;IACH,SAAS,CAAC,EAAE;QACV,OAAO,EAAE,OAAO,CAAA;QAChB;;;WAGG;QACH,MAAM,CAAC,EAAE,MAAM,CAAA;QACf;;;WAGG;QACH,GAAG,CAAC,EAAE,MAAM,CAAA;KACb,CAAA;CACF,CAAA;AAED;;;;;;GAMG;AACH,MAAM,MAAM,yBAAyB,GAAG;IACtC,SAAS,EAAE,MAAM,CAAA;IACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB,CAAA;AAED;;;GAGG;AACH,MAAM,MAAM,oBAAoB,GAAG;IACjC,IAAI,EAAE,yBAAyB,CAAA;IAC/B,OAAO,EAAE,yBAAyB,CAAA;IAClC,OAAO,EAAE,yBAAyB,CAAA;IAClC,YAAY,EAAE,yBAAyB,CAAA;CACxC,CAAA;AAED;;;GAGG;AACH,MAAM,MAAM,oBAAoB,GAAG,QAAQ,CACzC,IAAI,CACF,UAAU,EACR,kBAAkB,GAClB,mBAAmB,GACnB,eAAe,GACf,mBAAmB,GACnB,WAAW,GACX,SAAS,GACT,MAAM,GACN,SAAS,GACT,cAAc,GACd,QAAQ,CACX,CACF,GAAG;IACF,gBAAgB,EAAE,QAAQ,CAAC,mBAAmB,CAAC,CAAA;IAC/C,iBAAiB,EAAE,QAAQ,CAAC,uBAAuB,CAAC,CAAA;IACpD,aAAa,EAAE,QAAQ,CAAC,mBAAmB,CAAC,CAAA;IAC5C,oFAAoF;IACpF,OAAO,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAA;IAChC,sGAAsG;IACtG,MAAM,EAAE,oBAAoB,CAAA;IAC5B;;;;OAIG;IACH,MAAM,CAAC,EAAE,MAAM,CAAA;IAEf,iBAAiB,EAAE,GAAG,EAAE,CAAA;IACxB,SAAS,CAAC,EAAE;QACV,OAAO,EAAE,OAAO,CAAA;QAChB,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,GAAG,CAAC,EAAE,MAAM,CAAA;KACb,CAAA;CACF,CAAA"}
|
package/dist/index.d.ts
CHANGED
|
@@ -31,6 +31,10 @@ export { normalizeAuthConfig } from './config/index.js';
|
|
|
31
31
|
export { authPlugin } from './config/plugin.js';
|
|
32
32
|
export type { AuthConfig, NormalizedAuthConfig } from './config/index.js';
|
|
33
33
|
export type * from './config/types.js';
|
|
34
|
+
export { deriveAuthLists } from './config/derive-auth-lists.js';
|
|
35
|
+
export type { DerivedAuthLists } from './config/derive-auth-lists.js';
|
|
36
|
+
export { adoptBetterAuthTables } from './config/adopt-better-auth-tables.js';
|
|
37
|
+
export type { AdoptBetterAuthTablesOptions, AdoptBetterAuthTablesConfig, } from './config/adopt-better-auth-tables.js';
|
|
34
38
|
export type { AuthRuntimeServices } from './runtime/types.js';
|
|
35
39
|
export { getAuthLists, createUserList, createSessionList, createAccountList, createVerificationList, } from './lists/index.js';
|
|
36
40
|
export type { ExtendUserListConfig } from './lists/index.js';
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAGH,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAA;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAA;AAC/C,YAAY,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AACzE,mBAAmB,mBAAmB,CAAA;AAGtC,YAAY,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAA;AAG7D,OAAO,EACL,YAAY,EACZ,cAAc,EACd,iBAAiB,EACjB,iBAAiB,EACjB,sBAAsB,GACvB,MAAM,kBAAkB,CAAA;AACzB,YAAY,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAGH,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAA;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAA;AAC/C,YAAY,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AACzE,mBAAmB,mBAAmB,CAAA;AAGtC,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAA;AAC/D,YAAY,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAA;AAKrE,OAAO,EAAE,qBAAqB,EAAE,MAAM,sCAAsC,CAAA;AAC5E,YAAY,EACV,4BAA4B,EAC5B,2BAA2B,GAC5B,MAAM,sCAAsC,CAAA;AAG7C,YAAY,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAA;AAG7D,OAAO,EACL,YAAY,EACZ,cAAc,EACd,iBAAiB,EACjB,iBAAiB,EACjB,sBAAsB,GACvB,MAAM,kBAAkB,CAAA;AACzB,YAAY,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -30,6 +30,12 @@
|
|
|
30
30
|
// Config exports
|
|
31
31
|
export { normalizeAuthConfig } from './config/index.js';
|
|
32
32
|
export { authPlugin } from './config/plugin.js';
|
|
33
|
+
// Pure better-auth config -> Auth lists derivation (advanced use cases)
|
|
34
|
+
export { deriveAuthLists } from './config/derive-auth-lists.js';
|
|
35
|
+
// "Adopt existing better-auth tables" recipe — sets the model/schema knobs that
|
|
36
|
+
// match a pre-existing separate-schema better-auth install so a migrating
|
|
37
|
+
// project reaches Schema parity without rebuilding the config by hand.
|
|
38
|
+
export { adoptBetterAuthTables } from './config/adopt-better-auth-tables.js';
|
|
33
39
|
// List generators (for advanced use cases)
|
|
34
40
|
export { getAuthLists, createUserList, createSessionList, createAccountList, createVerificationList, } from './lists/index.js';
|
|
35
41
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,iBAAiB;AACjB,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAA;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,iBAAiB;AACjB,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAA;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAA;AAI/C,wEAAwE;AACxE,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAA;AAG/D,gFAAgF;AAChF,0EAA0E;AAC1E,uEAAuE;AACvE,OAAO,EAAE,qBAAqB,EAAE,MAAM,sCAAsC,CAAA;AAS5E,2CAA2C;AAC3C,OAAO,EACL,YAAY,EACZ,cAAc,EACd,iBAAiB,EACjB,iBAAiB,EACjB,sBAAsB,GACvB,MAAM,kBAAkB,CAAA"}
|
package/dist/lists/index.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import type { ListConfig, FieldConfig } from '@opensaas/stack-core';
|
|
2
|
+
import type { NormalizedAuthModels } from '../config/types.js';
|
|
2
3
|
/**
|
|
3
4
|
* Configuration for extending the auto-generated User list
|
|
4
5
|
*/
|
|
@@ -19,28 +20,33 @@ export type ExtendUserListConfig = {
|
|
|
19
20
|
hooks?: ListConfig<any>['hooks'];
|
|
20
21
|
};
|
|
21
22
|
/**
|
|
22
|
-
* Create the base User list with better-auth required fields
|
|
23
|
-
*
|
|
23
|
+
* Create the base User list with better-auth required fields.
|
|
24
|
+
*
|
|
25
|
+
* Backwards-compatible helper: derives the default `User` list (keyed `User`,
|
|
26
|
+
* default field shapes) via {@link deriveAuthLists}.
|
|
24
27
|
*/
|
|
25
28
|
export declare function createUserList(config?: ExtendUserListConfig): ListConfig<any>;
|
|
26
29
|
/**
|
|
27
|
-
* Create the Session list for better-auth
|
|
28
|
-
* Stores active user sessions
|
|
30
|
+
* Create the Session list for better-auth (default `Session` key).
|
|
29
31
|
*/
|
|
30
32
|
export declare function createSessionList(): ListConfig<any>;
|
|
31
33
|
/**
|
|
32
|
-
* Create the Account list for better-auth
|
|
33
|
-
* Stores OAuth provider accounts and credentials
|
|
34
|
+
* Create the Account list for better-auth (default `Account` key).
|
|
34
35
|
*/
|
|
35
36
|
export declare function createAccountList(): ListConfig<any>;
|
|
36
37
|
/**
|
|
37
|
-
* Create the Verification list for better-auth
|
|
38
|
-
* Stores email verification tokens, password reset tokens, etc.
|
|
38
|
+
* Create the Verification list for better-auth (default `Verification` key).
|
|
39
39
|
*/
|
|
40
40
|
export declare function createVerificationList(): ListConfig<any>;
|
|
41
41
|
/**
|
|
42
|
-
* Get all auth lists required by better-auth
|
|
43
|
-
*
|
|
42
|
+
* Get all auth lists required by better-auth.
|
|
43
|
+
*
|
|
44
|
+
* Derives the Auth lists from the resolved better-auth model config. When no
|
|
45
|
+
* `models` are supplied (or none carry overrides), the result is the historical
|
|
46
|
+
* default set keyed `User`/`Session`/`Account`/`Verification`.
|
|
47
|
+
*
|
|
48
|
+
* @param userConfig - Extra User-list fields/access/hooks (from `extendUserList`)
|
|
49
|
+
* @param models - Resolved better-auth model config; defaults to the better-auth defaults
|
|
44
50
|
*/
|
|
45
|
-
export declare function getAuthLists(userConfig?: ExtendUserListConfig): Record<string, ListConfig<any>>;
|
|
51
|
+
export declare function getAuthLists(userConfig?: ExtendUserListConfig, models?: NormalizedAuthModels): Record<string, ListConfig<any>>;
|
|
46
52
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/lists/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/lists/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAA;AACnE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAA;AAG9D;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAAG;IACjC;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAA;IACpC;;;OAGG;IAEH,MAAM,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAA;IAClC;;OAEG;IAEH,KAAK,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,CAAA;CACjC,CAAA;AAeD;;;;;GAKG;AACH,wBAAgB,cAAc,CAC5B,MAAM,CAAC,EAAE,oBAAoB,GAE5B,UAAU,CAAC,GAAG,CAAC,CAEjB;AAED;;GAEG;AAEH,wBAAgB,iBAAiB,IAAI,UAAU,CAAC,GAAG,CAAC,CAEnD;AAED;;GAEG;AAEH,wBAAgB,iBAAiB,IAAI,UAAU,CAAC,GAAG,CAAC,CAEnD;AAED;;GAEG;AAEH,wBAAgB,sBAAsB,IAAI,UAAU,CAAC,GAAG,CAAC,CAExD;AAED;;;;;;;;;GASG;AACH,wBAAgB,YAAY,CAC1B,UAAU,CAAC,EAAE,oBAAoB,EACjC,MAAM,GAAE,oBAAqC,GAE5C,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAEjC"}
|
package/dist/lists/index.js
CHANGED
|
@@ -1,231 +1,57 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { text, timestamp, checkbox, relationship } from '@opensaas/stack-core/fields';
|
|
1
|
+
import { deriveAuthLists } from '../config/derive-auth-lists.js';
|
|
3
2
|
/**
|
|
4
|
-
*
|
|
5
|
-
*
|
|
3
|
+
* The default better-auth model config (no `modelName`/`fields` overrides).
|
|
4
|
+
* Produces the historical `User`/`Session`/`Account`/`Verification` keys with
|
|
5
|
+
* their original field shapes. Used by the backwards-compatible
|
|
6
|
+
* `createUserList`/`getAuthLists` helpers.
|
|
7
|
+
*/
|
|
8
|
+
const DEFAULT_MODELS = {
|
|
9
|
+
user: { modelName: 'User', fields: {} },
|
|
10
|
+
session: { modelName: 'Session', fields: {} },
|
|
11
|
+
account: { modelName: 'Account', fields: {} },
|
|
12
|
+
verification: { modelName: 'Verification', fields: {} },
|
|
13
|
+
};
|
|
14
|
+
/**
|
|
15
|
+
* Create the base User list with better-auth required fields.
|
|
16
|
+
*
|
|
17
|
+
* Backwards-compatible helper: derives the default `User` list (keyed `User`,
|
|
18
|
+
* default field shapes) via {@link deriveAuthLists}.
|
|
6
19
|
*/
|
|
7
20
|
export function createUserList(config) {
|
|
8
|
-
return
|
|
9
|
-
fields: {
|
|
10
|
-
// Better-auth required fields
|
|
11
|
-
name: text({
|
|
12
|
-
validation: { isRequired: true },
|
|
13
|
-
}),
|
|
14
|
-
email: text({
|
|
15
|
-
validation: { isRequired: true },
|
|
16
|
-
isIndexed: 'unique',
|
|
17
|
-
}),
|
|
18
|
-
emailVerified: checkbox({
|
|
19
|
-
defaultValue: false,
|
|
20
|
-
}),
|
|
21
|
-
image: text(),
|
|
22
|
-
// Relationships to other auth tables
|
|
23
|
-
sessions: relationship({
|
|
24
|
-
ref: 'Session.user',
|
|
25
|
-
many: true,
|
|
26
|
-
}),
|
|
27
|
-
accounts: relationship({
|
|
28
|
-
ref: 'Account.user',
|
|
29
|
-
many: true,
|
|
30
|
-
}),
|
|
31
|
-
// Custom fields from user config
|
|
32
|
-
...(config?.fields || {}),
|
|
33
|
-
},
|
|
34
|
-
access: config?.access || {
|
|
35
|
-
operation: {
|
|
36
|
-
// Anyone can query users (for displaying names, etc.)
|
|
37
|
-
query: () => true,
|
|
38
|
-
// Anyone can create a user (sign up)
|
|
39
|
-
create: () => true,
|
|
40
|
-
// Only update your own user record
|
|
41
|
-
update: ({ session, item }) => {
|
|
42
|
-
if (!session)
|
|
43
|
-
return false;
|
|
44
|
-
const userId = session.userId;
|
|
45
|
-
const itemId = item?.id;
|
|
46
|
-
return userId === itemId;
|
|
47
|
-
},
|
|
48
|
-
// Only delete your own user record
|
|
49
|
-
delete: ({ session, item }) => {
|
|
50
|
-
if (!session)
|
|
51
|
-
return false;
|
|
52
|
-
const userId = session.userId;
|
|
53
|
-
const itemId = item?.id;
|
|
54
|
-
return userId === itemId;
|
|
55
|
-
},
|
|
56
|
-
},
|
|
57
|
-
},
|
|
58
|
-
hooks: config?.hooks,
|
|
59
|
-
});
|
|
21
|
+
return deriveAuthLists(DEFAULT_MODELS, config).lists.User;
|
|
60
22
|
}
|
|
61
23
|
/**
|
|
62
|
-
* Create the Session list for better-auth
|
|
63
|
-
* Stores active user sessions
|
|
24
|
+
* Create the Session list for better-auth (default `Session` key).
|
|
64
25
|
*/
|
|
65
26
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- ListConfig must accept any TypeInfo
|
|
66
27
|
export function createSessionList() {
|
|
67
|
-
return
|
|
68
|
-
fields: {
|
|
69
|
-
// Session token (stored in cookie, used as primary key)
|
|
70
|
-
token: text({
|
|
71
|
-
validation: { isRequired: true },
|
|
72
|
-
isIndexed: 'unique',
|
|
73
|
-
}),
|
|
74
|
-
// Expiration timestamp
|
|
75
|
-
expiresAt: timestamp(),
|
|
76
|
-
// Optional: IP address for security
|
|
77
|
-
ipAddress: text(),
|
|
78
|
-
// Optional: User agent for security
|
|
79
|
-
userAgent: text(),
|
|
80
|
-
// Relationship to user (userId will be auto-generated)
|
|
81
|
-
user: relationship({
|
|
82
|
-
ref: 'User.sessions',
|
|
83
|
-
}),
|
|
84
|
-
},
|
|
85
|
-
access: {
|
|
86
|
-
operation: {
|
|
87
|
-
// Only the session owner can query their sessions
|
|
88
|
-
query: ({ session }) => {
|
|
89
|
-
if (!session)
|
|
90
|
-
return false;
|
|
91
|
-
const userId = session.userId;
|
|
92
|
-
if (!userId)
|
|
93
|
-
return false;
|
|
94
|
-
// Return Prisma filter for nested relationship
|
|
95
|
-
return {
|
|
96
|
-
user: {
|
|
97
|
-
id: { equals: userId },
|
|
98
|
-
},
|
|
99
|
-
};
|
|
100
|
-
},
|
|
101
|
-
// Better-auth handles session creation
|
|
102
|
-
create: () => true,
|
|
103
|
-
// No manual updates
|
|
104
|
-
update: () => false,
|
|
105
|
-
// Better-auth handles session deletion (logout)
|
|
106
|
-
delete: ({ session, item }) => {
|
|
107
|
-
if (!session)
|
|
108
|
-
return false;
|
|
109
|
-
const userId = session.userId;
|
|
110
|
-
const itemUserId = item?.user?.id;
|
|
111
|
-
return userId === itemUserId;
|
|
112
|
-
},
|
|
113
|
-
},
|
|
114
|
-
},
|
|
115
|
-
});
|
|
28
|
+
return deriveAuthLists(DEFAULT_MODELS).lists.Session;
|
|
116
29
|
}
|
|
117
30
|
/**
|
|
118
|
-
* Create the Account list for better-auth
|
|
119
|
-
* Stores OAuth provider accounts and credentials
|
|
31
|
+
* Create the Account list for better-auth (default `Account` key).
|
|
120
32
|
*/
|
|
121
33
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- ListConfig must accept any TypeInfo
|
|
122
34
|
export function createAccountList() {
|
|
123
|
-
return
|
|
124
|
-
fields: {
|
|
125
|
-
// Account identifier from provider
|
|
126
|
-
accountId: text({
|
|
127
|
-
validation: { isRequired: true },
|
|
128
|
-
}),
|
|
129
|
-
// Provider identifier (e.g., 'github', 'google', 'credentials')
|
|
130
|
-
providerId: text({
|
|
131
|
-
validation: { isRequired: true },
|
|
132
|
-
}),
|
|
133
|
-
// Relationship to user (userId will be auto-generated)
|
|
134
|
-
user: relationship({
|
|
135
|
-
ref: 'User.accounts',
|
|
136
|
-
}),
|
|
137
|
-
// OAuth tokens
|
|
138
|
-
accessToken: text(),
|
|
139
|
-
refreshToken: text(),
|
|
140
|
-
accessTokenExpiresAt: timestamp(),
|
|
141
|
-
refreshTokenExpiresAt: timestamp(),
|
|
142
|
-
scope: text(),
|
|
143
|
-
idToken: text(),
|
|
144
|
-
// Password hash for credential provider (better-auth stores in account table)
|
|
145
|
-
password: text(),
|
|
146
|
-
},
|
|
147
|
-
access: {
|
|
148
|
-
operation: {
|
|
149
|
-
// Only the account owner can query their accounts
|
|
150
|
-
query: ({ session }) => {
|
|
151
|
-
if (!session)
|
|
152
|
-
return false;
|
|
153
|
-
const userId = session.userId;
|
|
154
|
-
if (!userId)
|
|
155
|
-
return false;
|
|
156
|
-
// Return Prisma filter for nested relationship
|
|
157
|
-
return {
|
|
158
|
-
user: {
|
|
159
|
-
id: { equals: userId },
|
|
160
|
-
},
|
|
161
|
-
};
|
|
162
|
-
},
|
|
163
|
-
// Better-auth handles account creation
|
|
164
|
-
create: () => true,
|
|
165
|
-
// Better-auth handles account updates (token refresh)
|
|
166
|
-
update: ({ session, item }) => {
|
|
167
|
-
if (!session)
|
|
168
|
-
return false;
|
|
169
|
-
const userId = session.userId;
|
|
170
|
-
const itemUserId = item?.user?.id;
|
|
171
|
-
return userId === itemUserId;
|
|
172
|
-
},
|
|
173
|
-
// Account owner can delete their accounts
|
|
174
|
-
delete: ({ session, item }) => {
|
|
175
|
-
if (!session)
|
|
176
|
-
return false;
|
|
177
|
-
const userId = session.userId;
|
|
178
|
-
const itemUserId = item?.user?.id;
|
|
179
|
-
return userId === itemUserId;
|
|
180
|
-
},
|
|
181
|
-
},
|
|
182
|
-
},
|
|
183
|
-
});
|
|
35
|
+
return deriveAuthLists(DEFAULT_MODELS).lists.Account;
|
|
184
36
|
}
|
|
185
37
|
/**
|
|
186
|
-
* Create the Verification list for better-auth
|
|
187
|
-
* Stores email verification tokens, password reset tokens, etc.
|
|
38
|
+
* Create the Verification list for better-auth (default `Verification` key).
|
|
188
39
|
*/
|
|
189
40
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- ListConfig must accept any TypeInfo
|
|
190
41
|
export function createVerificationList() {
|
|
191
|
-
return
|
|
192
|
-
fields: {
|
|
193
|
-
// Identifier (e.g., email address)
|
|
194
|
-
identifier: text({
|
|
195
|
-
validation: { isRequired: true },
|
|
196
|
-
}),
|
|
197
|
-
// Token value
|
|
198
|
-
value: text({
|
|
199
|
-
validation: { isRequired: true },
|
|
200
|
-
}),
|
|
201
|
-
// Expiration timestamp
|
|
202
|
-
expiresAt: timestamp(),
|
|
203
|
-
},
|
|
204
|
-
access: {
|
|
205
|
-
operation: {
|
|
206
|
-
// No public querying (better-auth handles verification internally)
|
|
207
|
-
query: () => false,
|
|
208
|
-
// Better-auth creates verification tokens
|
|
209
|
-
create: () => true,
|
|
210
|
-
// No updates
|
|
211
|
-
update: () => false,
|
|
212
|
-
// Better-auth deletes used/expired tokens
|
|
213
|
-
delete: () => true,
|
|
214
|
-
},
|
|
215
|
-
},
|
|
216
|
-
});
|
|
42
|
+
return deriveAuthLists(DEFAULT_MODELS).lists.Verification;
|
|
217
43
|
}
|
|
218
44
|
/**
|
|
219
|
-
* Get all auth lists required by better-auth
|
|
220
|
-
*
|
|
45
|
+
* Get all auth lists required by better-auth.
|
|
46
|
+
*
|
|
47
|
+
* Derives the Auth lists from the resolved better-auth model config. When no
|
|
48
|
+
* `models` are supplied (or none carry overrides), the result is the historical
|
|
49
|
+
* default set keyed `User`/`Session`/`Account`/`Verification`.
|
|
50
|
+
*
|
|
51
|
+
* @param userConfig - Extra User-list fields/access/hooks (from `extendUserList`)
|
|
52
|
+
* @param models - Resolved better-auth model config; defaults to the better-auth defaults
|
|
221
53
|
*/
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
return {
|
|
225
|
-
User: createUserList(userConfig),
|
|
226
|
-
Session: createSessionList(),
|
|
227
|
-
Account: createAccountList(),
|
|
228
|
-
Verification: createVerificationList(),
|
|
229
|
-
};
|
|
54
|
+
export function getAuthLists(userConfig, models = DEFAULT_MODELS) {
|
|
55
|
+
return deriveAuthLists(models, userConfig || {}).lists;
|
|
230
56
|
}
|
|
231
57
|
//# sourceMappingURL=index.js.map
|
package/dist/lists/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/lists/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/lists/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAA;AAwBhE;;;;;GAKG;AACH,MAAM,cAAc,GAAyB;IAC3C,IAAI,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE;IACvC,OAAO,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE;IAC7C,OAAO,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE;IAC7C,YAAY,EAAE,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,EAAE,EAAE,EAAE;CACxD,CAAA;AAED;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAC5B,MAA6B;IAG7B,OAAO,eAAe,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,IAAI,CAAA;AAC3D,CAAC;AAED;;GAEG;AACH,qGAAqG;AACrG,MAAM,UAAU,iBAAiB;IAC/B,OAAO,eAAe,CAAC,cAAc,CAAC,CAAC,KAAK,CAAC,OAAO,CAAA;AACtD,CAAC;AAED;;GAEG;AACH,qGAAqG;AACrG,MAAM,UAAU,iBAAiB;IAC/B,OAAO,eAAe,CAAC,cAAc,CAAC,CAAC,KAAK,CAAC,OAAO,CAAA;AACtD,CAAC;AAED;;GAEG;AACH,qGAAqG;AACrG,MAAM,UAAU,sBAAsB;IACpC,OAAO,eAAe,CAAC,cAAc,CAAC,CAAC,KAAK,CAAC,YAAY,CAAA;AAC3D,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,YAAY,CAC1B,UAAiC,EACjC,SAA+B,cAAc;IAG7C,OAAO,eAAe,CAAC,MAAM,EAAE,UAAU,IAAI,EAAE,CAAC,CAAC,KAAK,CAAA;AACxD,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAExC,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AACpD,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAExC,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AACpD,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAA;AAgCzE;;;;;;;;;;;;;GAaG;AACH,wBAAgB,UAAU,CACxB,cAAc,EAAE,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC,EACxD,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC,iDAyIhD;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CAAC,EACnC,aAAa,EAAE,MAAM,EAAE,2CA0BxB;AAED,YAAY,EAAE,iBAAiB,EAAE,CAAA"}
|
package/dist/server/index.js
CHANGED
|
@@ -8,6 +8,21 @@ function getDatabaseConfig(dbConfig, context) {
|
|
|
8
8
|
provider: dbConfig.provider,
|
|
9
9
|
});
|
|
10
10
|
}
|
|
11
|
+
/**
|
|
12
|
+
* Translate a normalized OpenSaaS auth model config into the better-auth
|
|
13
|
+
* per-model options (`modelName` + `fields` column map). Returns `undefined`
|
|
14
|
+
* when there is nothing to override so the running auth instance keeps
|
|
15
|
+
* better-auth's own defaults untouched.
|
|
16
|
+
*/
|
|
17
|
+
function toBetterAuthModelOptions(model) {
|
|
18
|
+
const hasFields = Object.keys(model.fields).length > 0;
|
|
19
|
+
const options = {};
|
|
20
|
+
if (model.modelName)
|
|
21
|
+
options.modelName = model.modelName;
|
|
22
|
+
if (hasFields)
|
|
23
|
+
options.fields = model.fields;
|
|
24
|
+
return Object.keys(options).length > 0 ? options : undefined;
|
|
25
|
+
}
|
|
11
26
|
/**
|
|
12
27
|
* Create a better-auth instance from OpenSaas config
|
|
13
28
|
* This should be called once at app startup
|
|
@@ -44,6 +59,19 @@ export function createAuth(opensaasConfig, context) {
|
|
|
44
59
|
// Build better-auth configuration
|
|
45
60
|
const betterAuthConfig = {
|
|
46
61
|
database: getDatabaseConfig(resolvedConfig.db, resolvedContext),
|
|
62
|
+
// Mirror the per-model config (modelName + field column maps) back to
|
|
63
|
+
// better-auth so the running auth instance reads/writes the same
|
|
64
|
+
// tables/columns the OpenSaaS Auth lists were derived from.
|
|
65
|
+
user: toBetterAuthModelOptions(authConfig.models.user),
|
|
66
|
+
session: {
|
|
67
|
+
...toBetterAuthModelOptions(authConfig.models.session),
|
|
68
|
+
expiresIn: authConfig.session.expiresIn || 604800,
|
|
69
|
+
updateAge: authConfig.session.updateAge
|
|
70
|
+
? (authConfig.session.expiresIn || 604800) / 10
|
|
71
|
+
: 0,
|
|
72
|
+
},
|
|
73
|
+
account: toBetterAuthModelOptions(authConfig.models.account),
|
|
74
|
+
verification: toBetterAuthModelOptions(authConfig.models.verification),
|
|
47
75
|
// Enable email and password if configured
|
|
48
76
|
emailAndPassword: authConfig.emailAndPassword.enabled
|
|
49
77
|
? {
|
|
@@ -51,13 +79,6 @@ export function createAuth(opensaasConfig, context) {
|
|
|
51
79
|
requireEmailVerification: authConfig.emailVerification.enabled,
|
|
52
80
|
}
|
|
53
81
|
: undefined,
|
|
54
|
-
// Configure session
|
|
55
|
-
session: {
|
|
56
|
-
expiresIn: authConfig.session.expiresIn || 604800,
|
|
57
|
-
updateAge: authConfig.session.updateAge
|
|
58
|
-
? (authConfig.session.expiresIn || 604800) / 10
|
|
59
|
-
: 0,
|
|
60
|
-
},
|
|
61
82
|
// Trust host (required for production)
|
|
62
83
|
trustedOrigins: process.env.BETTER_AUTH_TRUSTED_ORIGINS?.split(',') || [],
|
|
63
84
|
// Social providers
|
package/dist/server/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAA;AAM3D;;GAEG;AACH,SAAS,iBAAiB,CACxB,QAAwB,EACxB,OAAsB;IAEtB,OAAO,aAAa,CAAC,OAAO,CAAC,MAAM,EAAE;QACnC,QAAQ,EAAE,QAAQ,CAAC,QAAQ;KAC5B,CAAC,CAAA;AACJ,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,UAAU,CACxB,cAAwD,EACxD,OAA+C;IAE/C,4CAA4C;IAC5C,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;IACrD,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAE/C,0CAA0C;IAC1C,IAAI,YAAY,GAAyC,IAAI,CAAA;IAC7D,IAAI,WAAW,GAAkD,IAAI,CAAA;IAErE,KAAK,UAAU,eAAe;QAC5B,IAAI,YAAY;YAAE,OAAO,YAAY,CAAA;QAErC,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,WAAW,GAAG,CAAC,KAAK,IAAI,EAAE;gBACxB,MAAM,cAAc,GAAG,MAAM,aAAa,CAAA;gBAC1C,MAAM,eAAe,GAAG,MAAM,cAAc,CAAA;gBAE5C,uCAAuC;gBACvC,MAAM,UAAU,GAAG,cAAc,CAAC,WAAW,EAAE,IAAwC,CAAA;gBAEvF,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,MAAM,IAAI,KAAK,CACb,iFAAiF,CAClF,CAAA;gBACH,CAAC;gBAED,kCAAkC;gBAClC,MAAM,gBAAgB,GAAsB;oBAC1C,QAAQ,EAAE,iBAAiB,CAAC,cAAc,CAAC,EAAE,EAAE,eAAe,CAAC;oBAE/D,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAA;AAM3D;;GAEG;AACH,SAAS,iBAAiB,CACxB,QAAwB,EACxB,OAAsB;IAEtB,OAAO,aAAa,CAAC,OAAO,CAAC,MAAM,EAAE;QACnC,QAAQ,EAAE,QAAQ,CAAC,QAAQ;KAC5B,CAAC,CAAA;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAS,wBAAwB,CAC/B,KAAgC;IAEhC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,MAAM,GAAG,CAAC,CAAA;IACtD,MAAM,OAAO,GAA4D,EAAE,CAAA;IAC3E,IAAI,KAAK,CAAC,SAAS;QAAE,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,CAAA;IACxD,IAAI,SAAS;QAAE,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAA;IAC5C,OAAO,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;AAC9D,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,UAAU,CACxB,cAAwD,EACxD,OAA+C;IAE/C,4CAA4C;IAC5C,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;IACrD,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAE/C,0CAA0C;IAC1C,IAAI,YAAY,GAAyC,IAAI,CAAA;IAC7D,IAAI,WAAW,GAAkD,IAAI,CAAA;IAErE,KAAK,UAAU,eAAe;QAC5B,IAAI,YAAY;YAAE,OAAO,YAAY,CAAA;QAErC,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,WAAW,GAAG,CAAC,KAAK,IAAI,EAAE;gBACxB,MAAM,cAAc,GAAG,MAAM,aAAa,CAAA;gBAC1C,MAAM,eAAe,GAAG,MAAM,cAAc,CAAA;gBAE5C,uCAAuC;gBACvC,MAAM,UAAU,GAAG,cAAc,CAAC,WAAW,EAAE,IAAwC,CAAA;gBAEvF,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,MAAM,IAAI,KAAK,CACb,iFAAiF,CAClF,CAAA;gBACH,CAAC;gBAED,kCAAkC;gBAClC,MAAM,gBAAgB,GAAsB;oBAC1C,QAAQ,EAAE,iBAAiB,CAAC,cAAc,CAAC,EAAE,EAAE,eAAe,CAAC;oBAE/D,sEAAsE;oBACtE,iEAAiE;oBACjE,4DAA4D;oBAC5D,IAAI,EAAE,wBAAwB,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC;oBACtD,OAAO,EAAE;wBACP,GAAG,wBAAwB,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC;wBACtD,SAAS,EAAE,UAAU,CAAC,OAAO,CAAC,SAAS,IAAI,MAAM;wBACjD,SAAS,EAAE,UAAU,CAAC,OAAO,CAAC,SAAS;4BACrC,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,IAAI,MAAM,CAAC,GAAG,EAAE;4BAC/C,CAAC,CAAC,CAAC;qBACN;oBACD,OAAO,EAAE,wBAAwB,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC;oBAC5D,YAAY,EAAE,wBAAwB,CAAC,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC;oBAEtE,0CAA0C;oBAC1C,gBAAgB,EAAE,UAAU,CAAC,gBAAgB,CAAC,OAAO;wBACnD,CAAC,CAAC;4BACE,OAAO,EAAE,IAAI;4BACb,wBAAwB,EAAE,UAAU,CAAC,iBAAiB,CAAC,OAAO;yBAC/D;wBACH,CAAC,CAAC,SAAS;oBAEb,uCAAuC;oBACvC,cAAc,EAAE,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE;oBAEzE,mBAAmB;oBACnB,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,eAAe,CAAC;yBACxD,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,KAAK,CAAC;yBAClD,MAAM,CACL,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE;wBAC1B,IAAI,MAAM,EAAE,CAAC;4BACX,GAAG,CAAC,QAAQ,CAAC,GAAG;gCACd,QAAQ,EAAE,MAAM,CAAC,QAAQ;gCACzB,YAAY,EAAE,MAAM,CAAC,YAAY;6BAClC,CAAA;wBACH,CAAC;wBACD,OAAO,GAAG,CAAA;oBACZ,CAAC,EACD,EAAgE,CACjE;oBAEH,8BAA8B;oBAC9B,SAAS,EAAE,UAAU,CAAC,SAAS;wBAC7B,CAAC,CAAC;4BACE,OAAO,EAAE,UAAU,CAAC,SAAS,CAAC,OAAO;4BACrC,MAAM,EAAE,UAAU,CAAC,SAAS,CAAC,MAAM;4BACnC,GAAG,EAAE,UAAU,CAAC,SAAS,CAAC,GAAG;yBAC9B;wBACH,CAAC,CAAC,SAAS;oBAEb,kDAAkD;oBAClD,OAAO,EAAE,UAAU,CAAC,iBAAiB,IAAI,EAAE;iBAC5C,CAAA;gBAED,YAAY,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAA;gBAC3C,OAAO,YAAY,CAAA;YACrB,CAAC,CAAC,EAAE,CAAA;QACN,CAAC;QAED,OAAO,WAAW,CAAA;IACpB,CAAC;IAED,2DAA2D;IAC3D,OAAO,IAAI,KAAK,CAAC,EAAmC,EAAE;QACpD,GAAG,CAAC,CAAC,EAAE,IAAI;YACT,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;gBACpB,oCAAoC;gBACpC,OAAO,SAAS,CAAA;YAClB,CAAC;YAED,iCAAiC;YACjC,MAAM,WAAW,GAAG,KAAK,EAAE,GAAG,IAAe,EAAE,EAAE;gBAC/C,MAAM,QAAQ,GAAG,MAAM,eAAe,EAAE,CAAA;gBACxC,MAAM,KAAK,GAAG,QAAQ,CAAC,IAA6B,CAAC,CAAA;gBACrD,IAAI,OAAO,KAAK,KAAK,UAAU,EAAE,CAAC;oBAChC,OAAQ,KAAyC,CAAC,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;gBACzE,CAAC;gBACD,OAAO,KAAK,CAAA;YACd,CAAC,CAAA;YAED,4EAA4E;YAC5E,OAAO,IAAI,KAAK,CAAC,WAAW,EAAE;gBAC5B,GAAG,CAAC,MAAM,EAAE,OAAO;oBACjB,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;wBACvB,qCAAqC;wBACrC,OAAO,SAAS,CAAA;oBAClB,CAAC;oBACD,4DAA4D;oBAC5D,OAAO,KAAK,EAAE,GAAG,IAAe,EAAE,EAAE;wBAClC,MAAM,QAAQ,GAAG,MAAM,eAAe,EAAE,CAAA;wBACxC,MAAM,WAAW,GAAG,QAAQ,CAAC,IAA6B,CAAC,CAAA;wBAC3D,IAAI,WAAW,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE,CAAC;4BACnD,MAAM,UAAU,GAAI,WAAuC,CAAC,OAAiB,CAAC,CAAA;4BAC9E,IAAI,OAAO,UAAU,KAAK,UAAU,EAAE,CAAC;gCACrC,OAAQ,UAA8C,CAAC,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC,CAAA;4BACjF,CAAC;4BACD,OAAO,UAAU,CAAA;wBACnB,CAAC;wBACD,MAAM,IAAI,KAAK,CACb,YAAY,MAAM,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,6BAA6B,CACzE,CAAA;oBACH,CAAC,CAAA;gBACH,CAAC;aACF,CAAC,CAAA;QACJ,CAAC;KACF,CAAC,CAAA;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,IAAmC,EACnC,aAAuB;IAEvB,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC;YACxC,OAAO,EAAE,IAAI,OAAO,EAAE;SACvB,CAAC,CAAA;QAEF,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC;YACnB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,6CAA6C;QAC7C,MAAM,MAAM,GAA4B,EAAE,CAAA;QAE1C,KAAK,MAAM,KAAK,IAAI,aAAa,EAAE,CAAC;YAClC,IAAI,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACvB,MAAM,CAAC,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,EAAE,CAAA;YACjC,CAAC;iBAAM,IAAI,KAAK,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;gBACjC,MAAM,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,KAAkC,CAAC,CAAA;YAClE,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAA;IACf,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@opensaas/stack-auth",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.23.0",
|
|
4
4
|
"description": "Better-auth integration for OpenSaas Stack",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -64,7 +64,7 @@
|
|
|
64
64
|
"react": "^19.2.4",
|
|
65
65
|
"typescript": "^5.9.3",
|
|
66
66
|
"vitest": "^4.1.0",
|
|
67
|
-
"@opensaas/stack-core": "0.
|
|
67
|
+
"@opensaas/stack-core": "0.23.0"
|
|
68
68
|
},
|
|
69
69
|
"scripts": {
|
|
70
70
|
"build": "tsc",
|
|
@@ -0,0 +1,146 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* "Adopt existing better-auth tables" recipe.
|
|
3
|
+
*
|
|
4
|
+
* A migrating project usually already has a working, hand-wired better-auth
|
|
5
|
+
* installation: its tables are `AuthUser`/`AuthSession`/`AuthAccount`/
|
|
6
|
+
* `AuthVerification`, mapped into a separate `auth` Postgres schema, and its
|
|
7
|
+
* application `User` (`public.User`) is a *different* model. Reconstructing the
|
|
8
|
+
* matching {@link AuthConfig} by hand — four `modelName`s plus a `schema` on each
|
|
9
|
+
* model — is repetitive and easy to get wrong.
|
|
10
|
+
*
|
|
11
|
+
* {@link adoptBetterAuthTables} produces that {@link AuthConfig} fragment from a
|
|
12
|
+
* couple of options so the migrator doesn't rebuild it from scratch. It only
|
|
13
|
+
* sets the *adoption* knobs (per-model `modelName` + the plugin-level `schema`);
|
|
14
|
+
* the developer composes it with the rest of their auth config (providers,
|
|
15
|
+
* session fields, `extendUserList`, etc.):
|
|
16
|
+
*
|
|
17
|
+
* ```typescript
|
|
18
|
+
* authPlugin({
|
|
19
|
+
* ...adoptBetterAuthTables(),
|
|
20
|
+
* emailAndPassword: { enabled: true },
|
|
21
|
+
* sessionFields: ['userId', 'email', 'name'],
|
|
22
|
+
* })
|
|
23
|
+
* ```
|
|
24
|
+
*
|
|
25
|
+
* Combined with the keys/field derivation (`deriveAuthLists`) and schema
|
|
26
|
+
* placement, the generated Auth lists reach **Schema parity** with the live
|
|
27
|
+
* tables — they are modelled for runtime/types without producing a destructive
|
|
28
|
+
* auth migration. The recipe never touches the application's own domain `User`:
|
|
29
|
+
* its model names are `Auth`-prefixed by default and the plugin only ever
|
|
30
|
+
* adds/extends its *derived* keys.
|
|
31
|
+
*/
|
|
32
|
+
|
|
33
|
+
import type { AuthConfig, AuthModelConfig } from './types.js'
|
|
34
|
+
|
|
35
|
+
/**
|
|
36
|
+
* Options for {@link adoptBetterAuthTables}.
|
|
37
|
+
*
|
|
38
|
+
* All options are optional and default to the conventions of a standard
|
|
39
|
+
* separate-schema better-auth install (an `auth` Postgres schema with
|
|
40
|
+
* `Auth`-prefixed model names).
|
|
41
|
+
*/
|
|
42
|
+
export type AdoptBetterAuthTablesOptions = {
|
|
43
|
+
/**
|
|
44
|
+
* The Postgres schema the live better-auth tables live in.
|
|
45
|
+
*
|
|
46
|
+
* Applied as the plugin-level {@link AuthConfig.schema}, placing every Auth
|
|
47
|
+
* list in this schema via `@@schema(...)`. Pass `'public'` (or any single
|
|
48
|
+
* schema) for an install that is not on a separate schema; pass an explicit
|
|
49
|
+
* value to match your layout.
|
|
50
|
+
*
|
|
51
|
+
* @default 'auth'
|
|
52
|
+
*/
|
|
53
|
+
schema?: string
|
|
54
|
+
|
|
55
|
+
/**
|
|
56
|
+
* Prefix applied to each better-auth model name to derive the list key /
|
|
57
|
+
* table name (e.g. prefix `'Auth'` → `AuthUser`/`AuthSession`/...).
|
|
58
|
+
*
|
|
59
|
+
* A live better-auth install with `modelName: 'AuthUser'` etc. is the common
|
|
60
|
+
* case; override this if your tables use a different prefix. Set to `''` to
|
|
61
|
+
* keep the default better-auth names (`User`/`Session`/...) — but note that an
|
|
62
|
+
* unprefixed `User` will share the app's `User` key, so prefer a prefix when
|
|
63
|
+
* your domain `User` is a separate model (see {@link AuthConfig.user}).
|
|
64
|
+
*
|
|
65
|
+
* @default 'Auth'
|
|
66
|
+
*/
|
|
67
|
+
modelNamePrefix?: string
|
|
68
|
+
|
|
69
|
+
/**
|
|
70
|
+
* Per-model better-auth field → column maps, keyed by model.
|
|
71
|
+
*
|
|
72
|
+
* Only needed when your live tables renamed columns away from the better-auth
|
|
73
|
+
* defaults (e.g. `name → full_name`). Merged into the matching model config so
|
|
74
|
+
* the derived field-level `@map`s match your live columns.
|
|
75
|
+
*
|
|
76
|
+
* @example
|
|
77
|
+
* ```typescript
|
|
78
|
+
* adoptBetterAuthTables({
|
|
79
|
+
* fields: {
|
|
80
|
+
* user: { name: 'full_name' },
|
|
81
|
+
* session: { userId: 'user_id' },
|
|
82
|
+
* },
|
|
83
|
+
* })
|
|
84
|
+
* ```
|
|
85
|
+
*/
|
|
86
|
+
fields?: {
|
|
87
|
+
user?: Record<string, string>
|
|
88
|
+
session?: Record<string, string>
|
|
89
|
+
account?: Record<string, string>
|
|
90
|
+
verification?: Record<string, string>
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
|
|
94
|
+
/** The four better-auth models and their default (unprefixed) model names. */
|
|
95
|
+
const MODEL_DEFAULT_NAMES = {
|
|
96
|
+
user: 'User',
|
|
97
|
+
session: 'Session',
|
|
98
|
+
account: 'Account',
|
|
99
|
+
verification: 'Verification',
|
|
100
|
+
} as const
|
|
101
|
+
|
|
102
|
+
/**
|
|
103
|
+
* The adoption-relevant slice of {@link AuthConfig}: the plugin-level `schema`
|
|
104
|
+
* and the per-model `modelName`/`fields`. Returned (not the full `AuthConfig`)
|
|
105
|
+
* so it spreads cleanly into the developer's own `authPlugin` config.
|
|
106
|
+
*/
|
|
107
|
+
export type AdoptBetterAuthTablesConfig = Pick<
|
|
108
|
+
AuthConfig,
|
|
109
|
+
'schema' | 'user' | 'session' | 'account' | 'verification'
|
|
110
|
+
>
|
|
111
|
+
|
|
112
|
+
/**
|
|
113
|
+
* Build the adoption {@link AuthConfig} fragment for a pre-existing better-auth
|
|
114
|
+
* installation.
|
|
115
|
+
*
|
|
116
|
+
* Returns only the model/schema knobs needed to adopt the live tables; spread it
|
|
117
|
+
* into {@link authPlugin} alongside your own auth config.
|
|
118
|
+
*
|
|
119
|
+
* @param options - Adoption conventions (schema, model-name prefix, column maps)
|
|
120
|
+
* @returns An {@link AuthConfig} fragment with `schema` + per-model `modelName`
|
|
121
|
+
* (and any field column maps) set to match the live tables
|
|
122
|
+
*/
|
|
123
|
+
export function adoptBetterAuthTables(
|
|
124
|
+
options: AdoptBetterAuthTablesOptions = {},
|
|
125
|
+
): AdoptBetterAuthTablesConfig {
|
|
126
|
+
const { schema = 'auth', modelNamePrefix = 'Auth', fields = {} } = options
|
|
127
|
+
|
|
128
|
+
const buildModel = (model: keyof typeof MODEL_DEFAULT_NAMES): AuthModelConfig => {
|
|
129
|
+
const config: AuthModelConfig = {
|
|
130
|
+
modelName: `${modelNamePrefix}${MODEL_DEFAULT_NAMES[model]}`,
|
|
131
|
+
}
|
|
132
|
+
const fieldMap = fields[model]
|
|
133
|
+
if (fieldMap && Object.keys(fieldMap).length > 0) {
|
|
134
|
+
config.fields = fieldMap
|
|
135
|
+
}
|
|
136
|
+
return config
|
|
137
|
+
}
|
|
138
|
+
|
|
139
|
+
return {
|
|
140
|
+
schema,
|
|
141
|
+
user: buildModel('user'),
|
|
142
|
+
session: buildModel('session'),
|
|
143
|
+
account: buildModel('account'),
|
|
144
|
+
verification: buildModel('verification'),
|
|
145
|
+
}
|
|
146
|
+
}
|