@payez/next-mvp 4.0.18 → 4.0.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/auth/better-auth.js
CHANGED
|
@@ -160,6 +160,7 @@ function createBetterAuthInstance(idpConfig) {
|
|
|
160
160
|
}
|
|
161
161
|
// Store IDP tokens in the BA Redis session
|
|
162
162
|
if (baData) {
|
|
163
|
+
const requiresTwoFactor = result.user?.requiresTwoFactor ?? result.requiresTwoFactor ?? false;
|
|
163
164
|
baData.idpTokens = {
|
|
164
165
|
idpAccessToken: result.access_token,
|
|
165
166
|
idpRefreshToken: result.refresh_token,
|
|
@@ -170,6 +171,7 @@ function createBetterAuthInstance(idpConfig) {
|
|
|
170
171
|
email: result.user?.email || result.email || email,
|
|
171
172
|
name: result.user?.full_name || result.user?.name || result.name || name,
|
|
172
173
|
roles: result.user?.roles || result.roles || [],
|
|
174
|
+
mfaVerified: !requiresTwoFactor,
|
|
173
175
|
};
|
|
174
176
|
await (0, redis_1.getRedis)().setex(baKey, 7 * 24 * 60 * 60, JSON.stringify(baData));
|
|
175
177
|
console.log('[BETTER_AUTH] IDP tokens stored in session for', email);
|
|
@@ -53,18 +53,10 @@ const startup_init_1 = require("../lib/startup-init");
|
|
|
53
53
|
*/
|
|
54
54
|
async function tryBetterAuthSession(requestCookies) {
|
|
55
55
|
try {
|
|
56
|
-
const {
|
|
57
|
-
// getBetterAuthHandler initializes the instance; we need the raw instance
|
|
58
|
-
const { default: getBetterAuthInstanceFn } = await Promise.resolve().then(() => __importStar(require('../auth/better-auth'))).then(m => ({ default: m.getBetterAuthInstance || null }))
|
|
59
|
-
.catch(() => ({ default: null }));
|
|
60
|
-
// Access the cached instance via the module's internal getter
|
|
56
|
+
const { getBetterAuthInstance } = await Promise.resolve().then(() => __importStar(require('../auth/better-auth')));
|
|
61
57
|
let auth = null;
|
|
62
58
|
try {
|
|
63
|
-
|
|
64
|
-
await getBetterAuthHandler();
|
|
65
|
-
// The instance is cached in the module — re-import to access it
|
|
66
|
-
const mod = await Promise.resolve().then(() => __importStar(require('../auth/better-auth')));
|
|
67
|
-
auth = mod.__betterAuthInstance;
|
|
59
|
+
auth = await getBetterAuthInstance();
|
|
68
60
|
}
|
|
69
61
|
catch {
|
|
70
62
|
return null;
|
|
@@ -122,9 +114,18 @@ async function tryBetterAuthSession(requestCookies) {
|
|
|
122
114
|
idpRefreshToken: idpTokens?.idpRefreshToken,
|
|
123
115
|
idpAccessTokenExpires: idpTokens?.idpAccessTokenExpires
|
|
124
116
|
|| (result.session.expiresAt ? new Date(result.session.expiresAt).getTime() : Date.now() + 24 * 60 * 60 * 1000),
|
|
125
|
-
mfaVerified:
|
|
117
|
+
mfaVerified: idpTokens?.mfaVerified ?? false,
|
|
126
118
|
oauthProvider: 'google',
|
|
127
119
|
};
|
|
120
|
+
// Backwards compat: session.user.email works alongside session.email
|
|
121
|
+
sessionData.user = {
|
|
122
|
+
id: sessionData.userId,
|
|
123
|
+
email: sessionData.email,
|
|
124
|
+
name: sessionData.name,
|
|
125
|
+
roles: sessionData.roles,
|
|
126
|
+
image: result.user.image,
|
|
127
|
+
oauthProvider: sessionData.oauthProvider,
|
|
128
|
+
};
|
|
128
129
|
const jwtPayload = {
|
|
129
130
|
sub: result.user.id,
|
|
130
131
|
email: result.user.email,
|
|
@@ -189,6 +190,15 @@ async function decodeSession(requestCookies) {
|
|
|
189
190
|
if (!sessionData) {
|
|
190
191
|
return null;
|
|
191
192
|
}
|
|
193
|
+
// Backwards compat: session.user.email works alongside session.email
|
|
194
|
+
if (!sessionData.user) {
|
|
195
|
+
sessionData.user = {
|
|
196
|
+
id: sessionData.userId,
|
|
197
|
+
email: sessionData.email,
|
|
198
|
+
name: sessionData.name,
|
|
199
|
+
roles: sessionData.roles,
|
|
200
|
+
};
|
|
201
|
+
}
|
|
192
202
|
return {
|
|
193
203
|
sessionData,
|
|
194
204
|
jwtPayload: payload,
|
package/package.json
CHANGED
package/src/auth/better-auth.ts
CHANGED
|
@@ -172,6 +172,7 @@ export function createBetterAuthInstance(idpConfig: IDPClientConfig) {
|
|
|
172
172
|
|
|
173
173
|
// Store IDP tokens in the BA Redis session
|
|
174
174
|
if (baData) {
|
|
175
|
+
const requiresTwoFactor = result.user?.requiresTwoFactor ?? result.requiresTwoFactor ?? false;
|
|
175
176
|
baData.idpTokens = {
|
|
176
177
|
idpAccessToken: result.access_token,
|
|
177
178
|
idpRefreshToken: result.refresh_token,
|
|
@@ -182,6 +183,7 @@ export function createBetterAuthInstance(idpConfig: IDPClientConfig) {
|
|
|
182
183
|
email: result.user?.email || result.email || email,
|
|
183
184
|
name: result.user?.full_name || result.user?.name || result.name || name,
|
|
184
185
|
roles: result.user?.roles || result.roles || [],
|
|
186
|
+
mfaVerified: !requiresTwoFactor,
|
|
185
187
|
};
|
|
186
188
|
await getRedis().setex(baKey, 7 * 24 * 60 * 60, JSON.stringify(baData));
|
|
187
189
|
console.log('[BETTER_AUTH] IDP tokens stored in session for', email);
|
|
@@ -26,20 +26,11 @@ async function tryBetterAuthSession(
|
|
|
26
26
|
requestCookies?: { get: (name: string) => { value: string } | undefined }
|
|
27
27
|
): Promise<DecodedSession | null> {
|
|
28
28
|
try {
|
|
29
|
-
const {
|
|
30
|
-
// getBetterAuthHandler initializes the instance; we need the raw instance
|
|
31
|
-
const { default: getBetterAuthInstanceFn } = await import('../auth/better-auth')
|
|
32
|
-
.then(m => ({ default: (m as any).getBetterAuthInstance || null }))
|
|
33
|
-
.catch(() => ({ default: null }));
|
|
29
|
+
const { getBetterAuthInstance } = await import('../auth/better-auth');
|
|
34
30
|
|
|
35
|
-
// Access the cached instance via the module's internal getter
|
|
36
31
|
let auth: any = null;
|
|
37
32
|
try {
|
|
38
|
-
|
|
39
|
-
await getBetterAuthHandler();
|
|
40
|
-
// The instance is cached in the module — re-import to access it
|
|
41
|
-
const mod = await import('../auth/better-auth');
|
|
42
|
-
auth = (mod as any).__betterAuthInstance;
|
|
33
|
+
auth = await getBetterAuthInstance();
|
|
43
34
|
} catch {
|
|
44
35
|
return null;
|
|
45
36
|
}
|
|
@@ -98,10 +89,20 @@ async function tryBetterAuthSession(
|
|
|
98
89
|
idpRefreshToken: idpTokens?.idpRefreshToken,
|
|
99
90
|
idpAccessTokenExpires: idpTokens?.idpAccessTokenExpires
|
|
100
91
|
|| (result.session.expiresAt ? new Date(result.session.expiresAt).getTime() : Date.now() + 24 * 60 * 60 * 1000),
|
|
101
|
-
mfaVerified:
|
|
92
|
+
mfaVerified: idpTokens?.mfaVerified ?? false,
|
|
102
93
|
oauthProvider: 'google',
|
|
103
94
|
};
|
|
104
95
|
|
|
96
|
+
// Backwards compat: session.user.email works alongside session.email
|
|
97
|
+
(sessionData as any).user = {
|
|
98
|
+
id: sessionData.userId,
|
|
99
|
+
email: sessionData.email,
|
|
100
|
+
name: sessionData.name,
|
|
101
|
+
roles: sessionData.roles,
|
|
102
|
+
image: result.user.image,
|
|
103
|
+
oauthProvider: sessionData.oauthProvider,
|
|
104
|
+
};
|
|
105
|
+
|
|
105
106
|
const jwtPayload: DecodedSession['jwtPayload'] = {
|
|
106
107
|
sub: result.user.id,
|
|
107
108
|
email: result.user.email,
|
|
@@ -178,6 +179,16 @@ export async function decodeSession(
|
|
|
178
179
|
return null;
|
|
179
180
|
}
|
|
180
181
|
|
|
182
|
+
// Backwards compat: session.user.email works alongside session.email
|
|
183
|
+
if (!(sessionData as any).user) {
|
|
184
|
+
(sessionData as any).user = {
|
|
185
|
+
id: sessionData.userId,
|
|
186
|
+
email: sessionData.email,
|
|
187
|
+
name: sessionData.name,
|
|
188
|
+
roles: sessionData.roles,
|
|
189
|
+
};
|
|
190
|
+
}
|
|
191
|
+
|
|
181
192
|
return {
|
|
182
193
|
sessionData,
|
|
183
194
|
jwtPayload: payload as DecodedSession['jwtPayload'],
|