npm - @playcademy/better-auth - Versions diffs - 0.0.1 → 0.0.2 - Mend

@playcademy/better-auth 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/client.js CHANGED Viewed

@@ -118,12 +118,24 @@ function playcademyExchangePlugin(_opts) {
         if (!canProceed) {
           return;
         }
-        await fetch("/api/auth/playcademy", {
-          method: "POST",
-          headers: { Authorization: `Bearer ${token}` },
-          credentials: "include"
-        });
-        exchangeComplete = true;
+        try {
+          const headers = { Authorization: `Bearer ${token}` };
+          if (isPlatformMode()) {
+            headers["X-Playcademy-Mode"] = "platform";
+          }
+          const response = await fetch("/api/auth/playcademy", {
+            method: "POST",
+            headers,
+            credentials: "include"
+          });
+          if (response.status === 204) {
+            exchangeComplete = true;
+          } else if (response.status !== 200 && response.status !== 500) {
+            console.warn(`[Playcademy Auth] Unexpected response status: ${response.status}`);
+          }
+        } catch (error) {
+          console.warn("[Playcademy Auth] Network error during token exchange:", error);
+        }
       })();
       await exchangePromise;
       return { url, options };

package/dist/server.d.ts CHANGED Viewed

@@ -17,7 +17,7 @@
  * 1. **Platform Mode (iframe)**:
  *    - Game receives JWT token from Playcademy platform
  *    - Client exchanges token via `/api/auth/playcademy` endpoint
- *    - Server verifies token with platform API
+ *    - Server verifies token with platform API (uses PLAYCADEMY_BASE_URL env var)
  *    - Creates or links Better Auth user by `playcademyUserId`
  *    - Returns session cookie with CHIPS support
  *
@@ -30,6 +30,15 @@
  *    - If a user exists with that `playcademyUserId`, sessions merge
  *    - Enables seamless switching between platform and standalone
  *
+ * **Development/Testing**:
+ *
+ * To test deployed games against a local platform API, set the `PLAYCADEMY_AUTH_API_URL`
+ * environment variable to override the platform URL (e.g., using a tunnel service):
+ *
+ * ```bash
+ * PLAYCADEMY_AUTH_API_URL=https://your-tunnel.dev
+ * ```
+ *
  * **Cookie Configuration**:
  *
  * For cross-origin iframe authentication to work, you MUST configure cookies:

package/dist/server.js CHANGED Viewed

@@ -20473,7 +20473,6 @@ Please set the PLAYCADEMY_BASE_URL environment variable`);
 // src/server.ts
 var DEFAULT_SESSION_MAX_AGE = 60 * 60 * 24 * 7;
 var DEFAULT_COOKIE_PATH = "/";
-var DEV_TUNNEL_URL = "https://hbauer.playcademy.dev";
 function extractGameToken(authHeader) {
   if (!authHeader?.startsWith("Bearer ")) {
     throw new Error("Missing or invalid Authorization header");
@@ -20602,50 +20601,66 @@ var playcademy = () => {
       }, async (ctx) => {
         const authHeader = ctx.request?.headers.get("authorization");
         const gameToken = extractGameToken(authHeader ?? "");
-        const isLocalDev = ctx.request?.url.includes("localhost");
-        const platformApiUrl = isLocalDev ? undefined : DEV_TUNNEL_URL;
+        const authApiUrl = process.env.PLAYCADEMY_AUTH_API_URL || undefined;
         let verified = null;
         try {
-          verified = await verifyGameToken(gameToken, {
-            baseUrl: platformApiUrl
+          verified = await verifyGameToken(gameToken, { baseUrl: authApiUrl });
+        } catch (error4) {
+          const errorMessage = error4 instanceof Error ? error4.message : String(error4);
+          const platformMode = ctx.request?.headers.get("x-playcademy-mode");
+          if (platformMode === "platform") {
+            console.error("[Playcademy Auth] Token verification failed:", {
+              error: errorMessage,
+              hasAuthApiOverride: !!authApiUrl
+            });
+          }
+          return new Response(JSON.stringify({ ok: false, code: "invalid_token" }), {
+            status: 200,
+            headers: { "Content-Type": "application/json" }
           });
-        } catch {
-          return new Response(null, { status: 204 });
-        }
-        const user = await findOrCreateUser(ctx.context.adapter, verified.user);
-        if (!user) {
-          throw new Error("Failed to find or create user");
         }
-        const cookieName = ctx.context.authCookies.sessionToken.name;
-        const cookieHeader = ctx.request?.headers.get("cookie") ?? null;
-        const ctxSecret = ctx.context.secret;
-        const existingSession = await readSignedSessionCookie(cookieHeader, cookieName, ctxSecret);
-        if (existingSession) {
-          const isValid = await hasValidSession(ctx.context.adapter, existingSession.token, user.id);
-          if (isValid) {
-            return new Response(null, { status: 204 });
+        try {
+          const user = await findOrCreateUser(ctx.context.adapter, verified.user);
+          if (!user) {
+            throw new Error("Failed to find or create user");
           }
-        }
-        const session = await ctx.context.internalAdapter.createSession(user.id, ctx);
-        if (!session) {
-          throw new Error("Failed to create session");
-        }
-        const cookieOpts = ctx.context.authCookies.sessionToken.options;
-        const setCookieValue = await buildCrossSiteCookie({
-          cookieName,
-          sessionToken: session.token,
-          secret: ctxSecret,
-          maxAge: cookieOpts.maxAge ?? DEFAULT_SESSION_MAX_AGE,
-          path: cookieOpts.path ?? DEFAULT_COOKIE_PATH,
-          userAgent: ctx.request?.headers.get("user-agent") ?? null
-        });
-        return new Response(null, {
-          status: 200,
-          headers: {
-            "Set-Cookie": setCookieValue,
-            "Content-Type": "application/json"
+          const cookieName = ctx.context.authCookies.sessionToken.name;
+          const cookieHeader = ctx.request?.headers.get("cookie") ?? null;
+          const ctxSecret = ctx.context.secret;
+          const existingSession = await readSignedSessionCookie(cookieHeader, cookieName, ctxSecret);
+          if (existingSession) {
+            const isValid = await hasValidSession(ctx.context.adapter, existingSession.token, user.id);
+            if (isValid) {
+              return new Response(null, { status: 204 });
+            }
           }
-        });
+          const session = await ctx.context.internalAdapter.createSession(user.id, ctx);
+          if (!session) {
+            throw new Error("Failed to create session");
+          }
+          const cookieOpts = ctx.context.authCookies.sessionToken.options;
+          const setCookieValue = await buildCrossSiteCookie({
+            cookieName,
+            sessionToken: session.token,
+            secret: ctxSecret,
+            maxAge: cookieOpts.maxAge ?? DEFAULT_SESSION_MAX_AGE,
+            path: cookieOpts.path ?? DEFAULT_COOKIE_PATH,
+            userAgent: ctx.request?.headers.get("user-agent") ?? null
+          });
+          return new Response(null, {
+            status: 204,
+            headers: {
+              "Set-Cookie": setCookieValue
+            }
+          });
+        } catch (error4) {
+          const errorMessage = error4 instanceof Error ? error4.message : String(error4);
+          console.error("[Playcademy Auth] Internal error during token exchange/session setup:", { error: errorMessage });
+          return new Response(JSON.stringify({ ok: false, code: "internal_error" }), {
+            status: 500,
+            headers: { "Content-Type": "application/json" }
+          });
+        }
       })
     }
   };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@playcademy/better-auth",
-    "version": "0.0.1",
+    "version": "0.0.2",
     "type": "module",
     "exports": {
         "./server": {
@@ -28,7 +28,7 @@
     },
     "devDependencies": {
         "@inquirer/prompts": "^7.9.0",
-        "@playcademy/sdk": "0.1.14",
+        "@playcademy/sdk": "0.1.18",
         "@playcademy/utils": "0.0.1",
         "@types/bun": "latest",
         "typescript": "^5.7.2"