@proofkit/better-auth 0.1.0

package/src/adapter.ts

@@ -0,0 +1,221 @@
+import {
+  CleanedWhere,
+  createAdapter,
+  type AdapterDebugLogs,
+} from "better-auth/adapters";
+import { FmOdata, type FmOdataConfig } from "./odata";
+import { prettifyError, z } from "zod/v4";
+
+interface FileMakerAdapterConfig {
+  /**
+   * Helps you debug issues with the adapter.
+   */
+  debugLogs?: AdapterDebugLogs;
+  /**
+   * If the table names in the schema are plural.
+   */
+  usePlural?: boolean;
+
+  /**
+   * Connection details for the FileMaker server.
+   */
+  odata: FmOdataConfig;
+}
+
+export type AdapterOptions = {
+  config: FileMakerAdapterConfig;
+};
+
+const configSchema = z.object({
+  debugLogs: z.unknown().optional(),
+  usePlural: z.boolean().optional(),
+  odata: z.object({
+    hostname: z.string(),
+    auth: z.object({ username: z.string(), password: z.string() }),
+    database: z.string().endsWith(".fmp12"),
+  }),
+});
+
+const defaultConfig: Required<FileMakerAdapterConfig> = {
+  debugLogs: false,
+  usePlural: false,
+  odata: {
+    hostname: "",
+    auth: { username: "", password: "" },
+    database: "",
+  },
+};
+
+/**
+ * Parse the where clause to an OData filter string.
+ * @param where - The where clause to parse.
+ * @returns The OData filter string.
+ * @internal
+ */
+export function parseWhere(where?: CleanedWhere[]): string {
+  if (!where || where.length === 0) return "";
+
+  // Helper to quote field names with special chars or if field is 'id'
+  function quoteField(field: string, value?: any) {
+    // Never quote for null or date values (per test expectations)
+    if (value === null || value instanceof Date) return field;
+    // Always quote if field is 'id' or has space or underscore
+    if (field === "id" || /[\s_]/.test(field)) return `"${field}"`;
+    return field;
+  }
+
+  // Helper to format values for OData
+  function formatValue(value: any): string {
+    if (value === null) return "null";
+    if (typeof value === "string") return `'${value.replace(/'/g, "''")}'`;
+    if (typeof value === "boolean") return value ? "true" : "false";
+    if (value instanceof Date) return `'${value.toISOString()}'`;
+    if (Array.isArray(value)) return `(${value.map(formatValue).join(",")})`;
+    return value.toString();
+  }
+
+  // Map our operators to OData
+  const opMap: Record<string, string> = {
+    eq: "eq",
+    ne: "ne",
+    lt: "lt",
+    lte: "le",
+    gt: "gt",
+    gte: "ge",
+  };
+
+  // Build each clause
+  const clauses: string[] = [];
+  for (let i = 0; i < where.length; i++) {
+    const cond = where[i];
+    if (!cond) continue;
+    const field = quoteField(cond.field, cond.value);
+    let clause = "";
+    switch (cond.operator) {
+      case "eq":
+      case "ne":
+      case "lt":
+      case "lte":
+      case "gt":
+      case "gte":
+        clause = `${field} ${opMap[cond.operator!]} ${formatValue(cond.value)}`;
+        break;
+      case "in":
+        if (Array.isArray(cond.value)) {
+          clause = cond.value
+            .map((v) => `${field} eq ${formatValue(v)}`)
+            .join(" or ");
+          clause = `(${clause})`;
+        }
+        break;
+      case "contains":
+        clause = `contains(${field}, ${formatValue(cond.value)})`;
+        break;
+      case "starts_with":
+        clause = `startswith(${field}, ${formatValue(cond.value)})`;
+        break;
+      case "ends_with":
+        clause = `endswith(${field}, ${formatValue(cond.value)})`;
+        break;
+      default:
+        clause = `${field} eq ${formatValue(cond.value)}`;
+    }
+    clauses.push(clause);
+    // Add connector if not last
+    if (i < where.length - 1) {
+      clauses.push((cond.connector || "and").toLowerCase());
+    }
+  }
+  return clauses.join(" ");
+}
+
+export const FileMakerAdapter = (
+  _config: FileMakerAdapterConfig = defaultConfig,
+) => {
+  const parsed = configSchema.loose().safeParse(_config);
+
+  if (!parsed.success) {
+    throw new Error(`Invalid configuration: ${prettifyError(parsed.error)}`);
+  }
+  const config = parsed.data;
+
+  const odata =
+    config.odata instanceof FmOdata ? config.odata : new FmOdata(config.odata);
+  const db = odata.database;
+
+  return createAdapter({
+    config: {
+      adapterId: "filemaker",
+      adapterName: "FileMaker",
+      usePlural: config.usePlural ?? false, // Whether the table names in the schema are plural.
+      debugLogs: config.debugLogs ?? false, // Whether to enable debug logs.
+      supportsJSON: false, // Whether the database supports JSON. (Default: false)
+      supportsDates: false, // Whether the database supports dates. (Default: true)
+      supportsBooleans: false, // Whether the database supports booleans. (Default: true)
+      supportsNumericIds: false, // Whether the database supports auto-incrementing numeric IDs. (Default: true)
+    },
+    adapter: ({ options }) => {
+      return {
+        options: { config },
+        create: async ({ data, model, select }) => {
+          const row = await db.table(model).create(data);
+          return row as unknown as typeof data;
+        },
+        count: async ({ model, where }) => {
+          const count = await db.table(model).count(parseWhere(where));
+          return count;
+        },
+        findOne: async ({ model, where }) => {
+          const row = await db.table(model).query({
+            filter: parseWhere(where),
+            top: 1,
+          });
+          return (row[0] as any) ?? null;
+        },
+        findMany: async ({ model, where, limit, offset, sortBy }) => {
+          const filter = parseWhere(where);
+
+          const rows = await db.table(model).query({
+            filter,
+            top: limit,
+            skip: offset,
+            orderBy: sortBy,
+          });
+          return rows.map((row) => row as any);
+        },
+        delete: async ({ model, where }) => {
+          const rows = await db.table(model).query({
+            filter: parseWhere(where),
+            top: 1,
+            select: [`"id"`],
+          });
+          const row = rows[0] as { id: string } | undefined;
+          if (!row) return;
+          await db.table(model).delete(row.id);
+        },
+        deleteMany: async ({ model, where }) => {
+          const filter = parseWhere(where);
+          const count = await db.table(model).count(filter);
+          await db.table(model).deleteMany(filter);
+          return count;
+        },
+        update: async ({ model, where, update }) => {
+          const rows = await db.table(model).query({
+            filter: parseWhere(where),
+            top: 1,
+            select: [`"id"`],
+          });
+          const row = rows[0] as { id: string } | undefined;
+          if (!row) return null;
+          const result = await db.table(model).update(row["id"], update as any);
+          return result as any;
+        },
+        updateMany: async ({ model, where, update }) => {
+          const filter = parseWhere(where);
+          const rows = await db.table(model).updateMany(filter, update as any);
+          return rows.length;
+        },
+      };
+    },
+  });
+};

package/src/better-auth-cli/README.md

@@ -0,0 +1 @@
+This utility folder is a copy of code from the better-auth/cli package, since the "getConfig" function is not exported, and it doesn't support custom migrations for non-SQL databases.

package/src/better-auth-cli/utils/add-svelte-kit-env-modules.ts

@@ -0,0 +1,108 @@
+export function addSvelteKitEnvModules(aliases: Record<string, string>) {
+	aliases["$env/dynamic/private"] = createDataUriModule(
+		createDynamicEnvModule(),
+	);
+	aliases["$env/dynamic/public"] = createDataUriModule(
+		createDynamicEnvModule(),
+	);
+	aliases["$env/static/private"] = createDataUriModule(
+		createStaticEnvModule(filterPrivateEnv("PUBLIC_", "")),
+	);
+	aliases["$env/static/public"] = createDataUriModule(
+		createStaticEnvModule(filterPublicEnv("PUBLIC_", "")),
+	);
+}
+
+function createDataUriModule(module: string) {
+	return `data:text/javascript;charset=utf-8,${encodeURIComponent(module)}`;
+}
+
+function createStaticEnvModule(env: Record<string, string>) {
+	const declarations = Object.keys(env)
+		.filter((k) => validIdentifier.test(k) && !reserved.has(k))
+		.map((k) => `export const ${k} = ${JSON.stringify(env[k])};`);
+
+	return `
+  ${declarations.join("\n")}
+  // jiti dirty hack: .unknown
+  `;
+}
+
+function createDynamicEnvModule() {
+	return `
+  export const env = process.env;
+  // jiti dirty hack: .unknown
+  `;
+}
+
+export function filterPrivateEnv(publicPrefix: string, privatePrefix: string) {
+	return Object.fromEntries(
+		Object.entries(process.env).filter(
+			([k]) =>
+				k.startsWith(privatePrefix) &&
+				(publicPrefix === "" || !k.startsWith(publicPrefix)),
+		),
+	) as Record<string, string>;
+}
+
+export function filterPublicEnv(publicPrefix: string, privatePrefix: string) {
+	return Object.fromEntries(
+		Object.entries(process.env).filter(
+			([k]) =>
+				k.startsWith(publicPrefix) &&
+				(privatePrefix === "" || !k.startsWith(privatePrefix)),
+		),
+	) as Record<string, string>;
+}
+
+const validIdentifier = /^[a-zA-Z_$][a-zA-Z0-9_$]*$/;
+const reserved = new Set([
+	"do",
+	"if",
+	"in",
+	"for",
+	"let",
+	"new",
+	"try",
+	"var",
+	"case",
+	"else",
+	"enum",
+	"eval",
+	"null",
+	"this",
+	"true",
+	"void",
+	"with",
+	"await",
+	"break",
+	"catch",
+	"class",
+	"const",
+	"false",
+	"super",
+	"throw",
+	"while",
+	"yield",
+	"delete",
+	"export",
+	"import",
+	"public",
+	"return",
+	"static",
+	"switch",
+	"typeof",
+	"default",
+	"extends",
+	"finally",
+	"package",
+	"private",
+	"continue",
+	"debugger",
+	"function",
+	"arguments",
+	"interface",
+	"protected",
+	"implements",
+	"instanceof",
+]);

package/src/better-auth-cli/utils/get-config.ts

@@ -0,0 +1,220 @@
+import { loadConfig } from "c12";
+import type { BetterAuthOptions } from "better-auth";
+import { logger } from "better-auth";
+import path from "path";
+// @ts-expect-error not typed
+import babelPresetTypeScript from "@babel/preset-typescript";
+// @ts-expect-error not typed
+import babelPresetReact from "@babel/preset-react";
+import fs, { existsSync } from "fs";
+import { BetterAuthError } from "better-auth";
+import { addSvelteKitEnvModules } from "./add-svelte-kit-env-modules";
+import { getTsconfigInfo } from "./get-tsconfig-info";
+
+let possiblePaths = [
+  "auth.ts",
+  "auth.tsx",
+  "auth.js",
+  "auth.jsx",
+  "auth.server.js",
+  "auth.server.ts",
+];
+
+possiblePaths = [
+  ...possiblePaths,
+  ...possiblePaths.map((it) => `lib/server/${it}`),
+  ...possiblePaths.map((it) => `server/${it}`),
+  ...possiblePaths.map((it) => `lib/${it}`),
+  ...possiblePaths.map((it) => `utils/${it}`),
+];
+possiblePaths = [
+  ...possiblePaths,
+  ...possiblePaths.map((it) => `src/${it}`),
+  ...possiblePaths.map((it) => `app/${it}`),
+];
+
+function getPathAliases(cwd: string): Record<string, string> | null {
+  const tsConfigPath = path.join(cwd, "tsconfig.json");
+  if (!fs.existsSync(tsConfigPath)) {
+    return null;
+  }
+  try {
+    const tsConfig = getTsconfigInfo(cwd);
+    const { paths = {}, baseUrl = "." } = tsConfig.compilerOptions || {};
+    const result: Record<string, string> = {};
+    const obj = Object.entries(paths) as [string, string[]][];
+    for (const [alias, aliasPaths] of obj) {
+      for (const aliasedPath of aliasPaths) {
+        const resolvedBaseUrl = path.join(cwd, baseUrl);
+        const finalAlias = alias.slice(-1) === "*" ? alias.slice(0, -1) : alias;
+        const finalAliasedPath =
+          aliasedPath.slice(-1) === "*"
+            ? aliasedPath.slice(0, -1)
+            : aliasedPath;
+
+        result[finalAlias || ""] = path.join(resolvedBaseUrl, finalAliasedPath);
+      }
+    }
+    addSvelteKitEnvModules(result);
+    return result;
+  } catch (error) {
+    console.error(error);
+    throw new BetterAuthError("Error parsing tsconfig.json");
+  }
+}
+/**
+ * .tsx files are not supported by Jiti.
+ */
+const jitiOptions = (cwd: string) => {
+  const alias = getPathAliases(cwd) || {};
+  return {
+    transformOptions: {
+      babel: {
+        presets: [
+          [
+            babelPresetTypeScript,
+            {
+              isTSX: true,
+              allExtensions: true,
+            },
+          ],
+          [babelPresetReact, { runtime: "automatic" }],
+        ],
+      },
+    },
+    extensions: [".ts", ".tsx", ".js", ".jsx"],
+    alias,
+  };
+};
+export async function getConfig({
+  cwd,
+  configPath,
+  shouldThrowOnError = false,
+}: {
+  cwd: string;
+  configPath?: string;
+  shouldThrowOnError?: boolean;
+}) {
+  try {
+    let configFile: BetterAuthOptions | null = null;
+    if (configPath) {
+      let resolvedPath: string = path.join(cwd, configPath);
+      if (existsSync(configPath)) resolvedPath = configPath; // If the configPath is a file, use it as is, as it means the path wasn't relative.
+      const { config } = await loadConfig<{
+        auth: {
+          options: BetterAuthOptions;
+        };
+        default?: {
+          options: BetterAuthOptions;
+        };
+      }>({
+        configFile: resolvedPath,
+        dotenv: true,
+        jitiOptions: jitiOptions(cwd),
+      });
+      if (!config.auth && !config.default) {
+        if (shouldThrowOnError) {
+          throw new Error(
+            `Couldn't read your auth config in ${resolvedPath}. Make sure to default export your auth instance or to export as a variable named auth.`,
+          );
+        }
+        logger.error(
+          `[#better-auth]: Couldn't read your auth config in ${resolvedPath}. Make sure to default export your auth instance or to export as a variable named auth.`,
+        );
+        process.exit(1);
+      }
+      configFile = config.auth?.options || config.default?.options || null;
+    }
+
+    if (!configFile) {
+      for (const possiblePath of possiblePaths) {
+        try {
+          const { config } = await loadConfig<{
+            auth: {
+              options: BetterAuthOptions;
+            };
+            default?: {
+              options: BetterAuthOptions;
+            };
+          }>({
+            configFile: possiblePath,
+            jitiOptions: jitiOptions(cwd),
+          });
+          const hasConfig = Object.keys(config).length > 0;
+          if (hasConfig) {
+            configFile =
+              config.auth?.options || config.default?.options || null;
+            if (!configFile) {
+              if (shouldThrowOnError) {
+                throw new Error(
+                  "Couldn't read your auth config. Make sure to default export your auth instance or to export as a variable named auth.",
+                );
+              }
+              logger.error("[#better-auth]: Couldn't read your auth config.");
+              console.log("");
+              logger.info(
+                "[#better-auth]: Make sure to default export your auth instance or to export as a variable named auth.",
+              );
+              process.exit(1);
+            }
+            break;
+          }
+        } catch (e) {
+          if (
+            typeof e === "object" &&
+            e &&
+            "message" in e &&
+            typeof e.message === "string" &&
+            e.message.includes(
+              "This module cannot be imported from a Client Component module",
+            )
+          ) {
+            if (shouldThrowOnError) {
+              throw new Error(
+                `Please remove import 'server-only' from your auth config file temporarily. The CLI cannot resolve the configuration with it included. You can re-add it after running the CLI.`,
+              );
+            }
+            logger.error(
+              `Please remove import 'server-only' from your auth config file temporarily. The CLI cannot resolve the configuration with it included. You can re-add it after running the CLI.`,
+            );
+            process.exit(1);
+          }
+          if (shouldThrowOnError) {
+            throw e;
+          }
+          logger.error("[#better-auth]: Couldn't read your auth config.", e);
+          process.exit(1);
+        }
+      }
+    }
+    return configFile;
+  } catch (e) {
+    if (
+      typeof e === "object" &&
+      e &&
+      "message" in e &&
+      typeof e.message === "string" &&
+      e.message.includes(
+        "This module cannot be imported from a Client Component module",
+      )
+    ) {
+      if (shouldThrowOnError) {
+        throw new Error(
+          `Please remove import 'server-only' from your auth config file temporarily. The CLI cannot resolve the configuration with it included. You can re-add it after running the CLI.`,
+        );
+      }
+      logger.error(
+        `Please remove import 'server-only' from your auth config file temporarily. The CLI cannot resolve the configuration with it included. You can re-add it after running the CLI.`,
+      );
+      process.exit(1);
+    }
+    if (shouldThrowOnError) {
+      throw e;
+    }
+
+    logger.error("Couldn't read your auth config.", e);
+    process.exit(1);
+  }
+}
+
+export { possiblePaths };

package/src/better-auth-cli/utils/get-tsconfig-info.ts

@@ -0,0 +1,26 @@
+import path from "path";
+import fs from "fs-extra";
+
+export function stripJsonComments(jsonString: string): string {
+	return jsonString
+		.replace(/\\"|"(?:\\"|[^"])*"|(\/\/.*|\/\*[\s\S]*?\*\/)/g, (m, g) =>
+			g ? "" : m,
+		)
+		.replace(/,(?=\s*[}\]])/g, "");
+}
+export function getTsconfigInfo(cwd?: string, flatPath?: string) {
+	let tsConfigPath: string;
+	if (flatPath) {
+		tsConfigPath = flatPath;
+	} else {
+		tsConfigPath = cwd
+			? path.join(cwd, "tsconfig.json")
+			: path.join("tsconfig.json");
+	}
+	try {
+		const text = fs.readFileSync(tsConfigPath, "utf-8");
+		return JSON.parse(stripJsonComments(text));
+	} catch (error) {
+		throw error;
+	}
+}

package/src/cli/index.ts

@@ -0,0 +1,116 @@
+#!/usr/bin/env node --no-warnings
+import { Command } from "@commander-js/extra-typings";
+import fs from "fs-extra";
+
+import {
+  executeMigration,
+  planMigration,
+  prettyPrintMigrationPlan,
+} from "../migrate";
+import { getAdapter, getAuthTables } from "better-auth/db";
+import { getConfig } from "../better-auth-cli/utils/get-config";
+import { logger } from "better-auth";
+import { BasicAuth, Connection, Database } from "fm-odata-client";
+import prompts from "prompts";
+import chalk from "chalk";
+import { AdapterOptions } from "../adapter";
+import { FmOdata } from "../odata";
+
+async function main() {
+  const program = new Command();
+
+  program
+    .command("migrate", { isDefault: true })
+    .option(
+      "--cwd <path>",
+      "Path to the current working directory",
+      process.cwd(),
+    )
+    .option("--config <path>", "Path to the config file")
+    .option("-u, --username <username>", "Full Access Username")
+    .option("-p, --password <password>", "Full Access Password")
+    .option("-y, --yes", "Skip confirmation", false)
+
+    .action(async (options) => {
+      const cwd = options.cwd;
+      if (!fs.existsSync(cwd)) {
+        logger.error(`The directory "${cwd}" does not exist.`);
+        process.exit(1);
+      }
+
+      const config = await getConfig({
+        cwd,
+        configPath: options.config,
+      });
+      if (!config) {
+        logger.error(
+          "No configuration file found. Add a `auth.ts` file to your project or pass the path to the configuration file using the `--config` flag.",
+        );
+        return;
+      }
+
+      const adapter = await getAdapter(config).catch((e) => {
+        logger.error(e.message);
+        process.exit(1);
+      });
+
+      if (adapter.id !== "filemaker") {
+        logger.error(
+          "This generator is only compatible with the FileMaker adapter.",
+        );
+        return;
+      }
+
+      const betterAuthSchema = getAuthTables(config);
+
+      const adapterConfig = (adapter.options as AdapterOptions).config;
+      const db = new FmOdata({
+        ...adapterConfig.odata,
+        auth:
+          // If the username and password are provided in the CLI, use them to authenticate instead of what's in the config file.
+          options.username && options.password
+            ? {
+                username: options.username,
+                password: options.password,
+              }
+            : adapterConfig.odata.auth,
+      }).database;
+
+      const migrationPlan = await planMigration(db, betterAuthSchema);
+
+      if (migrationPlan.length === 0) {
+        logger.info("No changes to apply. Database is up to date.");
+        return;
+      }
+
+      if (!options.yes) {
+        prettyPrintMigrationPlan(migrationPlan);
+
+        if (migrationPlan.length > 0) {
+          console.log(
+            chalk.gray(
+              "💡 Tip: You can use the --yes flag to skip this confirmation.",
+            ),
+          );
+        }
+
+        const { confirm } = await prompts({
+          type: "confirm",
+          name: "confirm",
+          message: "Apply the above changes to your database?",
+        });
+        if (!confirm) {
+          logger.error("Schema changes not applied.");
+          return;
+        }
+      }
+
+      await executeMigration(db, migrationPlan);
+
+      logger.info("Migration applied successfully.");
+    });
+  await program.parseAsync(process.argv);
+  process.exit(0);
+}
+
+main().catch(console.error);

package/src/index.ts

@@ -0,0 +1 @@
+export { FileMakerAdapter } from "./adapter";