@payez/next-mvp 4.0.21 → 4.0.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth/better-auth.js +1 -1
- package/dist/client/AuthContext.d.ts +1 -2
- package/dist/client/AuthContext.js +2 -2
- package/dist/client/better-auth-client.d.ts +8 -0
- package/dist/client/better-auth-client.js +15 -0
- package/dist/components/account/MobileNavDrawer.js +1 -1
- package/dist/hooks/useAvailableProviders.d.ts +4 -5
- package/dist/hooks/useAvailableProviders.js +7 -8
- package/dist/hooks/usePublicAuthSettings.d.ts +4 -4
- package/dist/hooks/usePublicAuthSettings.js +6 -6
- package/dist/lib/idp-client-config.d.ts +4 -0
- package/dist/lib/idp-client-config.js +14 -0
- package/dist/lib/startup-init.js +21 -19
- package/dist/routes/auth/settings.d.ts +1 -1
- package/dist/routes/auth/settings.js +2 -2
- package/dist/server/auth.js +1 -1
- package/package.json +1 -1
- package/src/auth/better-auth.ts +271 -271
- package/src/client/AuthContext.tsx +3 -4
- package/src/client/better-auth-client.ts +14 -0
- package/src/components/account/MobileNavDrawer.tsx +2 -2
- package/src/hooks/useAvailableProviders.ts +5 -7
- package/src/hooks/usePublicAuthSettings.ts +6 -6
- package/src/lib/idp-client-config.ts +539 -526
- package/src/lib/startup-init.ts +246 -243
- package/src/routes/auth/settings.ts +3 -3
- package/src/server/auth.ts +81 -81
package/src/server/auth.ts
CHANGED
|
@@ -1,81 +1,81 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Server-side auth utilities for Better Auth (v4.0)
|
|
3
|
-
*
|
|
4
|
-
* Replaces:
|
|
5
|
-
* - getToken() from next-auth/jwt
|
|
6
|
-
* - getServerSession() from next-auth
|
|
7
|
-
*
|
|
8
|
-
* All server-side auth flows go through the Better Auth instance.
|
|
9
|
-
*/
|
|
10
|
-
|
|
11
|
-
import 'server-only';
|
|
12
|
-
import { createBetterAuthInstance } from '../auth/better-auth';
|
|
13
|
-
import { getIDPClientConfig } from '../lib/idp-client-config';
|
|
14
|
-
|
|
15
|
-
let authInstance: ReturnType<typeof createBetterAuthInstance> | null = null;
|
|
16
|
-
let authInitPromise: Promise<ReturnType<typeof createBetterAuthInstance>> | null = null;
|
|
17
|
-
|
|
18
|
-
/**
|
|
19
|
-
* Get the initialized Better Auth instance (singleton).
|
|
20
|
-
*/
|
|
21
|
-
export async function getAuthInstance() {
|
|
22
|
-
if (authInstance) return authInstance;
|
|
23
|
-
if (!authInitPromise) {
|
|
24
|
-
authInitPromise = getIDPClientConfig().then(config => {
|
|
25
|
-
authInstance = createBetterAuthInstance(config);
|
|
26
|
-
return authInstance;
|
|
27
|
-
});
|
|
28
|
-
}
|
|
29
|
-
return authInitPromise;
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
/**
|
|
33
|
-
* Get the current session from a request.
|
|
34
|
-
* Replaces getToken() and getServerSession().
|
|
35
|
-
*
|
|
36
|
-
* Returns the session object or null if not authenticated.
|
|
37
|
-
*/
|
|
38
|
-
export async function getSession(request?: Request): Promise<any> {
|
|
39
|
-
const auth = await getAuthInstance();
|
|
40
|
-
if (!request) return null;
|
|
41
|
-
|
|
42
|
-
try {
|
|
43
|
-
const session = await auth.api.getSession({ headers: request.headers });
|
|
44
|
-
if (!session?.session?.token || !session?.user) return session;
|
|
45
|
-
|
|
46
|
-
// Enrich with IDP tokens from Redis (stored by post-login hook)
|
|
47
|
-
try {
|
|
48
|
-
const { getRedis } = await import('../lib/redis');
|
|
49
|
-
const { getAppSlug } = await import('../lib/app-slug');
|
|
50
|
-
const baKey = `ba:${getAppSlug()}:${session.session.token}`;
|
|
51
|
-
const baRaw = await getRedis().get(baKey);
|
|
52
|
-
if (baRaw) {
|
|
53
|
-
const baData = JSON.parse(baRaw);
|
|
54
|
-
if (baData.idpTokens) {
|
|
55
|
-
const u = session.user as any;
|
|
56
|
-
u.roles = baData.idpTokens.roles || [];
|
|
57
|
-
u.userId = baData.idpTokens.userId;
|
|
58
|
-
u.idpAccessToken = baData.idpTokens.idpAccessToken;
|
|
59
|
-
u.idpRefreshToken = baData.idpTokens.idpRefreshToken;
|
|
60
|
-
u.idpAccessTokenExpires = baData.idpTokens.idpAccessTokenExpires;
|
|
61
|
-
}
|
|
62
|
-
}
|
|
63
|
-
} catch { /* Redis unavailable */ }
|
|
64
|
-
|
|
65
|
-
return session;
|
|
66
|
-
} catch {
|
|
67
|
-
return null;
|
|
68
|
-
}
|
|
69
|
-
}
|
|
70
|
-
|
|
71
|
-
/**
|
|
72
|
-
* Get the current session, throwing if not authenticated.
|
|
73
|
-
* Use in API handlers that require auth.
|
|
74
|
-
*/
|
|
75
|
-
export async function requireSession(request: Request) {
|
|
76
|
-
const session = await getSession(request);
|
|
77
|
-
if (!session) {
|
|
78
|
-
throw new Error('Unauthorized');
|
|
79
|
-
}
|
|
80
|
-
return session;
|
|
81
|
-
}
|
|
1
|
+
/**
|
|
2
|
+
* Server-side auth utilities for Better Auth (v4.0)
|
|
3
|
+
*
|
|
4
|
+
* Replaces:
|
|
5
|
+
* - getToken() from next-auth/jwt
|
|
6
|
+
* - getServerSession() from next-auth
|
|
7
|
+
*
|
|
8
|
+
* All server-side auth flows go through the Better Auth instance.
|
|
9
|
+
*/
|
|
10
|
+
|
|
11
|
+
import 'server-only';
|
|
12
|
+
import { createBetterAuthInstance } from '../auth/better-auth';
|
|
13
|
+
import { getIDPClientConfig } from '../lib/idp-client-config';
|
|
14
|
+
|
|
15
|
+
let authInstance: ReturnType<typeof createBetterAuthInstance> | null = null;
|
|
16
|
+
let authInitPromise: Promise<ReturnType<typeof createBetterAuthInstance>> | null = null;
|
|
17
|
+
|
|
18
|
+
/**
|
|
19
|
+
* Get the initialized Better Auth instance (singleton).
|
|
20
|
+
*/
|
|
21
|
+
export async function getAuthInstance() {
|
|
22
|
+
if (authInstance) return authInstance;
|
|
23
|
+
if (!authInitPromise) {
|
|
24
|
+
authInitPromise = getIDPClientConfig(true).then(config => {
|
|
25
|
+
authInstance = createBetterAuthInstance(config);
|
|
26
|
+
return authInstance;
|
|
27
|
+
});
|
|
28
|
+
}
|
|
29
|
+
return authInitPromise;
|
|
30
|
+
}
|
|
31
|
+
|
|
32
|
+
/**
|
|
33
|
+
* Get the current session from a request.
|
|
34
|
+
* Replaces getToken() and getServerSession().
|
|
35
|
+
*
|
|
36
|
+
* Returns the session object or null if not authenticated.
|
|
37
|
+
*/
|
|
38
|
+
export async function getSession(request?: Request): Promise<any> {
|
|
39
|
+
const auth = await getAuthInstance();
|
|
40
|
+
if (!request) return null;
|
|
41
|
+
|
|
42
|
+
try {
|
|
43
|
+
const session = await auth.api.getSession({ headers: request.headers });
|
|
44
|
+
if (!session?.session?.token || !session?.user) return session;
|
|
45
|
+
|
|
46
|
+
// Enrich with IDP tokens from Redis (stored by post-login hook)
|
|
47
|
+
try {
|
|
48
|
+
const { getRedis } = await import('../lib/redis');
|
|
49
|
+
const { getAppSlug } = await import('../lib/app-slug');
|
|
50
|
+
const baKey = `ba:${getAppSlug()}:${session.session.token}`;
|
|
51
|
+
const baRaw = await getRedis().get(baKey);
|
|
52
|
+
if (baRaw) {
|
|
53
|
+
const baData = JSON.parse(baRaw);
|
|
54
|
+
if (baData.idpTokens) {
|
|
55
|
+
const u = session.user as any;
|
|
56
|
+
u.roles = baData.idpTokens.roles || [];
|
|
57
|
+
u.userId = baData.idpTokens.userId;
|
|
58
|
+
u.idpAccessToken = baData.idpTokens.idpAccessToken;
|
|
59
|
+
u.idpRefreshToken = baData.idpTokens.idpRefreshToken;
|
|
60
|
+
u.idpAccessTokenExpires = baData.idpTokens.idpAccessTokenExpires;
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
} catch { /* Redis unavailable */ }
|
|
64
|
+
|
|
65
|
+
return session;
|
|
66
|
+
} catch {
|
|
67
|
+
return null;
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
|
|
71
|
+
/**
|
|
72
|
+
* Get the current session, throwing if not authenticated.
|
|
73
|
+
* Use in API handlers that require auth.
|
|
74
|
+
*/
|
|
75
|
+
export async function requireSession(request: Request) {
|
|
76
|
+
const session = await getSession(request);
|
|
77
|
+
if (!session) {
|
|
78
|
+
throw new Error('Unauthorized');
|
|
79
|
+
}
|
|
80
|
+
return session;
|
|
81
|
+
}
|