@revealui/auth 0.0.1-pre.0

package/dist/better-auth/plugin/lib/build-collections/users/index.js

@@ -0,0 +1,341 @@
+import { checkPluginExists } from "@/better-auth/plugin/helpers/check-plugin-exists";
+import { baModelFieldKeys, baModelKey, defaults, supportedBAPluginIds } from "../../../constants";
+import { getAllRoleOptions } from "../../../helpers/get-all-roles";
+import { assertAllSchemaFields, getSchemaCollectionSlug, getSchemaFieldName } from "../utils/collection-schema";
+import { filterDuplicateFields } from "../utils/filter-duplicate-fields";
+import { isAdminOrCurrentUserUpdateWithAllowedFields, isAdminOrCurrentUserWithRoles, isAdminWithRoles } from "../utils/payload-access";
+import { getCollectionFields } from "../utils/transform-schema-fields-to-payload";
+import { betterAuthStrategy } from "./better-auth-strategy";
+import { getGenerateInviteUrlEndpoint, getRefreshTokenEndpoint, getSendInviteUrlEndpoint, getSetAdminRoleEndpoint } from "./endpoints";
+import { getAfterLoginHook, getAfterLogoutHook, getBeforeDeleteHook, getBeforeLoginHook, getOnVerifiedChangeHook, getSyncAccountHook } from "./hooks";
+export function buildUsersCollection({ incomingCollections, pluginOptions, resolvedSchemas }) {
+    const userSlug = getSchemaCollectionSlug(resolvedSchemas, baModelKey.user);
+    const passkeySlug = getSchemaCollectionSlug(resolvedSchemas, baModelKey.passkey);
+    const passkeyUserIdFieldName = getSchemaFieldName(resolvedSchemas, baModelKey.passkey, baModelFieldKeys.passkey.userId);
+    const userSchema = resolvedSchemas[baModelKey.user];
+    const adminRoles = pluginOptions.users?.adminRoles ?? [
+        defaults.adminRole
+    ];
+    const allRoleOptions = getAllRoleOptions(pluginOptions);
+    const hasUsernamePlugin = checkPluginExists(pluginOptions.betterAuthOptions ?? {}, supportedBAPluginIds.username);
+    const existingUserCollection = incomingCollections.find((collection)=>collection.slug === userSlug);
+    // Fields that users can update in their own profile (non-admin users)
+    // Admins can update any field, but regular users are restricted to these fields
+    const allowedFields = pluginOptions.users?.allowedFields ?? [
+        'name',
+        'image'
+    ];
+    const userFieldRules = [
+        {
+            condition: (field)=>field.fieldName === 'createdAt' || field.fieldName === 'updatedAt',
+            transform: (field)=>({
+                    ...field,
+                    saveToJWT: false,
+                    admin: {
+                        disableBulkEdit: true,
+                        hidden: true
+                    },
+                    index: true,
+                    // Using any because PayloadCMS label function receives translation function with dynamic type
+                    label: ({ t })=>field.fieldName === 'createdAt' ? t('general:createdAt') : t('general:updatedAt')
+                })
+        }
+    ];
+    const fieldOverrides = {
+        role: (field)=>({
+                type: 'select',
+                options: allRoleOptions,
+                defaultValue: field.defaultValue ?? defaults.userRole,
+                saveToJWT: true,
+                admin: {
+                    description: 'The role of the user'
+                }
+            }),
+        email: ()=>{
+            // Don't add email field if it already exists in the collection
+            // The filterDuplicateFields function will handle this, but we can skip the override
+            // to avoid any potential conflicts
+            return {
+                index: true,
+                admin: {
+                    description: 'The email of the user'
+                }
+            };
+        },
+        emailVerified: (field)=>({
+                defaultValue: field.defaultValue ?? false,
+                saveToJWT: true,
+                admin: {
+                    description: 'Whether the email of the user has been verified'
+                }
+            }),
+        name: ()=>({
+                saveToJWT: true,
+                admin: {
+                    description: 'Users chosen display name'
+                }
+            }),
+        image: ()=>({
+                saveToJWT: false,
+                admin: {
+                    description: 'The image of the user'
+                }
+            }),
+        twoFactorEnabled: ()=>({
+                defaultValue: false,
+                admin: {
+                    description: 'Whether the user has two factor authentication enabled',
+                    components: {
+                        Field: {
+                            path: 'payload-auth/better-auth/plugin/client#TwoFactorAuth'
+                        }
+                    }
+                }
+            }),
+        username: ()=>({
+                admin: {
+                    description: 'The username of the user'
+                }
+            }),
+        displayUsername: ()=>({
+                admin: {
+                    description: 'The display username of the user'
+                }
+            }),
+        isAnonymous: ()=>({
+                defaultValue: false,
+                admin: {
+                    description: 'Whether the user is anonymous.'
+                }
+            }),
+        phoneNumber: ()=>({
+                admin: {
+                    description: 'The phone number of the user'
+                }
+            }),
+        phoneNumberVerified: ()=>({
+                defaultValue: false,
+                admin: {
+                    description: 'Whether the phone number of the user has been verified'
+                }
+            }),
+        banned: ()=>({
+                defaultValue: false,
+                admin: {
+                    description: 'Whether the user is banned from the platform'
+                }
+            }),
+        banReason: ()=>({
+                admin: {
+                    description: 'The reason for the ban'
+                }
+            }),
+        banExpires: ()=>({
+                admin: {
+                    description: 'The date and time when the ban will expire'
+                }
+            }),
+        normalizedEmail: ()=>({
+                admin: {
+                    readOnly: true,
+                    description: 'The normalized email of the user'
+                }
+            }),
+        stripeCustomerId: ()=>({
+                admin: {
+                    readOnly: true,
+                    description: 'The Stripe customer ID of the user'
+                }
+            })
+    };
+    // Get collection fields from Better Auth schema
+    let collectionFields = getCollectionFields({
+        schema: userSchema,
+        fieldRules: userFieldRules,
+        additionalProperties: fieldOverrides
+    });
+    // Pre-filter email field if it already exists in the collection
+    // This is a safety check before the main filterDuplicateFields call
+    if (existingUserCollection?.fields) {
+        const hasEmailField = existingUserCollection.fields.some((field)=>{
+            if ('name' in field && field.name === 'email') {
+                return true;
+            }
+            if (field.custom && typeof field.custom === 'object' && 'betterAuthFieldKey' in field.custom && field.custom.betterAuthFieldKey === 'email') {
+                return true;
+            }
+            return false;
+        });
+        if (hasEmailField && collectionFields) {
+            collectionFields = collectionFields.filter((field)=>{
+                if ('name' in field && field.name === 'email') {
+                    // Check if this is the Better Auth email field
+                    if (field.custom && typeof field.custom === 'object' && 'betterAuthFieldKey' in field.custom && field.custom.betterAuthFieldKey === 'email') {
+                        return false; // Filter out Better Auth's email field
+                    }
+                }
+                return true;
+            });
+        }
+    }
+    let usersCollection = {
+        ...existingUserCollection,
+        slug: userSlug,
+        admin: {
+            defaultColumns: [
+                'email'
+            ],
+            useAsTitle: 'email',
+            group: pluginOptions?.collectionAdminGroup ?? 'Auth',
+            ...existingUserCollection?.admin,
+            hidden: pluginOptions.users?.hidden ?? false,
+            components: {
+                Description: {
+                    path: 'payload-auth/better-auth/plugin/client#AdminInviteButton',
+                    clientProps: {
+                        roles: allRoleOptions
+                    }
+                },
+                views: {
+                    edit: {
+                        adminButtons: {
+                            tab: {
+                                Component: {
+                                    path: 'payload-auth/better-auth/plugin/client#AdminButtons',
+                                    clientProps: {
+                                        userSlug,
+                                        baseURL: pluginOptions.betterAuthOptions?.baseURL,
+                                        basePath: pluginOptions.betterAuthOptions?.basePath
+                                    }
+                                },
+                                condition: ()=>{
+                                    // Only show the impersonate button if the admin plugin is enabled
+                                    return checkPluginExists(pluginOptions.betterAuthOptions ?? {}, supportedBAPluginIds.admin);
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        },
+        access: {
+            admin: ({ req })=>adminRoles.includes(req.user?.role ?? 'user'),
+            read: isAdminOrCurrentUserWithRoles({
+                adminRoles,
+                idField: 'id'
+            }),
+            create: isAdminWithRoles({
+                adminRoles
+            }),
+            delete: isAdminOrCurrentUserWithRoles({
+                adminRoles,
+                idField: 'id'
+            }),
+            update: isAdminOrCurrentUserUpdateWithAllowedFields({
+                allowedFields,
+                adminRoles,
+                userSlug
+            }),
+            ...existingUserCollection?.access ?? {}
+        },
+        custom: {
+            ...existingUserCollection?.custom ?? {},
+            betterAuthModelKey: baModelKey.user
+        },
+        endpoints: [
+            ...existingUserCollection?.endpoints ? existingUserCollection.endpoints : [],
+            getRefreshTokenEndpoint(userSlug),
+            getSetAdminRoleEndpoint(pluginOptions, userSlug),
+            getGenerateInviteUrlEndpoint({
+                roles: allRoleOptions,
+                pluginOptions
+            }),
+            getSendInviteUrlEndpoint(pluginOptions)
+        ],
+        hooks: {
+            beforeChange: [
+                ...existingUserCollection?.hooks?.beforeChange ?? [],
+                ...pluginOptions.disableDefaultPayloadAuth ? [] : [
+                    getOnVerifiedChangeHook()
+                ]
+            ],
+            afterChange: [
+                ...existingUserCollection?.hooks?.afterChange ?? [],
+                ...pluginOptions.disableDefaultPayloadAuth ? [] : [
+                    getSyncAccountHook()
+                ]
+            ],
+            beforeLogin: [
+                ...existingUserCollection?.hooks?.beforeLogin ?? [],
+                ...pluginOptions.disableDefaultPayloadAuth ? [] : [
+                    getBeforeLoginHook(pluginOptions.betterAuthOptions ?? {})
+                ]
+            ],
+            afterLogin: [
+                ...existingUserCollection?.hooks?.afterLogin ?? [],
+                ...pluginOptions.disableDefaultPayloadAuth ? [] : [
+                    getAfterLoginHook()
+                ]
+            ],
+            afterLogout: [
+                ...existingUserCollection?.hooks?.afterLogout ?? [],
+                getAfterLogoutHook()
+            ],
+            beforeDelete: [
+                ...existingUserCollection?.hooks?.beforeDelete ?? [],
+                getBeforeDeleteHook()
+            ]
+        },
+        auth: {
+            ...existingUserCollection && typeof existingUserCollection.auth === 'object' ? existingUserCollection.auth : {},
+            ...pluginOptions.disableDefaultPayloadAuth && {
+                disableLocalStrategy: true
+            },
+            ...hasUsernamePlugin && {
+                loginWithUsername: {
+                    allowEmailLogin: true,
+                    requireEmail: true,
+                    requireUsername: false
+                }
+            },
+            strategies: [
+                betterAuthStrategy(userSlug)
+            ]
+        },
+        fields: [
+            ...existingUserCollection?.fields ?? [],
+            // Filter out fields that already exist to prevent duplicates
+            // Check both by name and betterAuthFieldKey to catch all duplicates
+            // This is critical to prevent "DuplicateFieldName" errors from PayloadCMS
+            ...collectionFields ? filterDuplicateFields(existingUserCollection?.fields, collectionFields) : [],
+            ...checkPluginExists(pluginOptions.betterAuthOptions ?? {}, supportedBAPluginIds.passkey) ? [
+                {
+                    name: 'managePasskeys',
+                    type: 'ui',
+                    admin: {
+                        disableBulkEdit: true,
+                        components: {
+                            Field: {
+                                path: 'payload-auth/better-auth/plugin/rsc#Passkeys',
+                                serverProps: {
+                                    passkeyUserIdFieldName,
+                                    passkeySlug,
+                                    pluginOptions
+                                }
+                            }
+                        }
+                    }
+                }
+            ] : []
+        ]
+    };
+    if (pluginOptions.users?.collectionOverrides) {
+        usersCollection = pluginOptions.users.collectionOverrides({
+            collection: usersCollection
+        });
+    }
+    assertAllSchemaFields(usersCollection, userSchema);
+    return usersCollection;
+}
+
+//# sourceMappingURL=index.js.map

package/dist/better-auth/plugin/lib/build-collections/users/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../../../src/better-auth/plugin/lib/build-collections/users/index.ts"],"sourcesContent":["import { checkPluginExists } from '@/better-auth/plugin/helpers/check-plugin-exists';\nimport { baModelFieldKeys, baModelKey, defaults, supportedBAPluginIds } from '../../../constants';\nimport { getAllRoleOptions } from '../../../helpers/get-all-roles';\nimport {\n  assertAllSchemaFields,\n  getSchemaCollectionSlug,\n  getSchemaFieldName,\n} from '../utils/collection-schema';\nimport { filterDuplicateFields } from '../utils/filter-duplicate-fields';\nimport {\n  isAdminOrCurrentUserUpdateWithAllowedFields,\n  isAdminOrCurrentUserWithRoles,\n  isAdminWithRoles,\n} from '../utils/payload-access';\nimport { getCollectionFields } from '../utils/transform-schema-fields-to-payload';\nimport { betterAuthStrategy } from './better-auth-strategy';\nimport {\n  getGenerateInviteUrlEndpoint,\n  getRefreshTokenEndpoint,\n  getSendInviteUrlEndpoint,\n  getSetAdminRoleEndpoint,\n} from './endpoints';\nimport {\n  getAfterLoginHook,\n  getAfterLogoutHook,\n  getBeforeDeleteHook,\n  getBeforeLoginHook,\n  getOnVerifiedChangeHook,\n  getSyncAccountHook,\n} from './hooks';\n\nimport type { User } from '@/better-auth/generated-types';\nimport type { CollectionConfig, Field, UIField } from 'payload';\nimport type { BuildCollectionProps, FieldOverrides, FieldRule } from '../../../types';\n\nexport function buildUsersCollection({\n  incomingCollections,\n  pluginOptions,\n  resolvedSchemas,\n}: BuildCollectionProps): CollectionConfig {\n  const userSlug = getSchemaCollectionSlug(resolvedSchemas, baModelKey.user);\n  const passkeySlug = getSchemaCollectionSlug(resolvedSchemas, baModelKey.passkey);\n  const passkeyUserIdFieldName = getSchemaFieldName(\n    resolvedSchemas,\n    baModelKey.passkey,\n    baModelFieldKeys.passkey.userId\n  );\n  const userSchema = resolvedSchemas[baModelKey.user];\n  const adminRoles = pluginOptions.users?.adminRoles ?? [defaults.adminRole];\n  const allRoleOptions = getAllRoleOptions(pluginOptions);\n  const hasUsernamePlugin = checkPluginExists(\n    pluginOptions.betterAuthOptions ?? {},\n    supportedBAPluginIds.username\n  );\n  const existingUserCollection = incomingCollections.find(\n    collection => collection.slug === userSlug\n  ) as CollectionConfig | undefined;\n\n  // Fields that users can update in their own profile (non-admin users)\n  // Admins can update any field, but regular users are restricted to these fields\n  const allowedFields = pluginOptions.users?.allowedFields ?? ['name', 'image'];\n\n  const userFieldRules: FieldRule[] = [\n    {\n      condition: field => field.fieldName === 'createdAt' || field.fieldName === 'updatedAt',\n      transform: field => ({\n        ...field,\n        saveToJWT: false,\n        admin: {\n          disableBulkEdit: true,\n          hidden: true,\n        },\n        index: true,\n        // Using any because PayloadCMS label function receives translation function with dynamic type\n        label: ({ t }: any) =>\n          field.fieldName === 'createdAt' ? t('general:createdAt') : t('general:updatedAt'),\n      }),\n    },\n  ];\n\n  const fieldOverrides: FieldOverrides<keyof User> = {\n    role: field => ({\n      type: 'select',\n      options: allRoleOptions,\n      defaultValue: field.defaultValue ?? defaults.userRole,\n      saveToJWT: true,\n      admin: { description: 'The role of the user' },\n    }),\n    email: () => {\n      // Don't add email field if it already exists in the collection\n      // The filterDuplicateFields function will handle this, but we can skip the override\n      // to avoid any potential conflicts\n      return {\n        index: true,\n        admin: { description: 'The email of the user' },\n      };\n    },\n    emailVerified: field => ({\n      defaultValue: field.defaultValue ?? false,\n      saveToJWT: true,\n      admin: { description: 'Whether the email of the user has been verified' },\n    }),\n    name: () => ({\n      saveToJWT: true,\n      admin: { description: 'Users chosen display name' },\n    }),\n    image: () => ({\n      saveToJWT: false,\n      admin: { description: 'The image of the user' },\n    }),\n    twoFactorEnabled: () => ({\n      defaultValue: false,\n      admin: {\n        description: 'Whether the user has two factor authentication enabled',\n        components: {\n          Field: {\n            path: 'payload-auth/better-auth/plugin/client#TwoFactorAuth',\n          },\n        },\n      },\n    }),\n    username: () => ({\n      admin: { description: 'The username of the user' },\n    }),\n    displayUsername: () => ({\n      admin: { description: 'The display username of the user' },\n    }),\n    isAnonymous: () => ({\n      defaultValue: false,\n      admin: { description: 'Whether the user is anonymous.' },\n    }),\n    phoneNumber: () => ({\n      admin: { description: 'The phone number of the user' },\n    }),\n    phoneNumberVerified: () => ({\n      defaultValue: false,\n      admin: { description: 'Whether the phone number of the user has been verified' },\n    }),\n    banned: () => ({\n      defaultValue: false,\n      admin: { description: 'Whether the user is banned from the platform' },\n    }),\n    banReason: () => ({\n      admin: { description: 'The reason for the ban' },\n    }),\n    banExpires: () => ({\n      admin: { description: 'The date and time when the ban will expire' },\n    }),\n    normalizedEmail: () => ({\n      admin: {\n        readOnly: true,\n        description: 'The normalized email of the user',\n      },\n    }),\n    stripeCustomerId: () => ({\n      admin: {\n        readOnly: true,\n        description: 'The Stripe customer ID of the user',\n      },\n    }),\n  };\n\n  // Get collection fields from Better Auth schema\n  let collectionFields = getCollectionFields({\n    schema: userSchema,\n    fieldRules: userFieldRules,\n    additionalProperties: fieldOverrides,\n  });\n\n  // Pre-filter email field if it already exists in the collection\n  // This is a safety check before the main filterDuplicateFields call\n  if (existingUserCollection?.fields) {\n    const hasEmailField = existingUserCollection.fields.some((field: Field) => {\n      if ('name' in field && field.name === 'email') {\n        return true;\n      }\n      if (\n        field.custom &&\n        typeof field.custom === 'object' &&\n        'betterAuthFieldKey' in field.custom &&\n        (field.custom as { betterAuthFieldKey: string }).betterAuthFieldKey === 'email'\n      ) {\n        return true;\n      }\n      return false;\n    });\n\n    if (hasEmailField && collectionFields) {\n      collectionFields = collectionFields.filter((field: Field) => {\n        if ('name' in field && field.name === 'email') {\n          // Check if this is the Better Auth email field\n          if (\n            field.custom &&\n            typeof field.custom === 'object' &&\n            'betterAuthFieldKey' in field.custom &&\n            (field.custom as { betterAuthFieldKey: string }).betterAuthFieldKey === 'email'\n          ) {\n            return false; // Filter out Better Auth's email field\n          }\n        }\n        return true;\n      });\n    }\n  }\n\n  let usersCollection: CollectionConfig = {\n    ...existingUserCollection,\n    slug: userSlug,\n    admin: {\n      defaultColumns: ['email'],\n      useAsTitle: 'email',\n      group: pluginOptions?.collectionAdminGroup ?? 'Auth',\n      ...existingUserCollection?.admin,\n      hidden: pluginOptions.users?.hidden ?? false,\n      components: {\n        Description: {\n          path: 'payload-auth/better-auth/plugin/client#AdminInviteButton',\n          clientProps: {\n            roles: allRoleOptions,\n          },\n        },\n        views: {\n          edit: {\n            adminButtons: {\n              tab: {\n                Component: {\n                  path: 'payload-auth/better-auth/plugin/client#AdminButtons',\n                  clientProps: {\n                    userSlug,\n                    baseURL: pluginOptions.betterAuthOptions?.baseURL,\n                    basePath: pluginOptions.betterAuthOptions?.basePath,\n                  },\n                },\n                condition: () => {\n                  // Only show the impersonate button if the admin plugin is enabled\n                  return checkPluginExists(\n                    pluginOptions.betterAuthOptions ?? {},\n                    supportedBAPluginIds.admin\n                  );\n                },\n              },\n            },\n          },\n        },\n      },\n    },\n    access: {\n      admin: ({ req }) => adminRoles.includes((req.user?.role as string) ?? 'user'),\n      read: isAdminOrCurrentUserWithRoles({ adminRoles, idField: 'id' }),\n      create: isAdminWithRoles({ adminRoles }),\n      delete: isAdminOrCurrentUserWithRoles({ adminRoles, idField: 'id' }),\n      update: isAdminOrCurrentUserUpdateWithAllowedFields({\n        allowedFields,\n        adminRoles,\n        userSlug,\n      }),\n      ...(existingUserCollection?.access ?? {}),\n    },\n    custom: {\n      ...(existingUserCollection?.custom ?? {}),\n      betterAuthModelKey: baModelKey.user,\n    },\n    endpoints: [\n      ...(existingUserCollection?.endpoints ? existingUserCollection.endpoints : []),\n      getRefreshTokenEndpoint(userSlug),\n      getSetAdminRoleEndpoint(pluginOptions, userSlug),\n      getGenerateInviteUrlEndpoint({\n        roles: allRoleOptions,\n        pluginOptions,\n      }),\n      getSendInviteUrlEndpoint(pluginOptions),\n    ],\n    hooks: {\n      beforeChange: [\n        ...(existingUserCollection?.hooks?.beforeChange ?? []),\n        ...(pluginOptions.disableDefaultPayloadAuth ? [] : [getOnVerifiedChangeHook()]),\n      ],\n      afterChange: [\n        ...(existingUserCollection?.hooks?.afterChange ?? []),\n        ...(pluginOptions.disableDefaultPayloadAuth ? [] : [getSyncAccountHook()]),\n      ],\n      beforeLogin: [\n        ...(existingUserCollection?.hooks?.beforeLogin ?? []),\n        ...(pluginOptions.disableDefaultPayloadAuth\n          ? []\n          : [getBeforeLoginHook(pluginOptions.betterAuthOptions ?? {})]),\n      ],\n      afterLogin: [\n        ...(existingUserCollection?.hooks?.afterLogin ?? []),\n        ...(pluginOptions.disableDefaultPayloadAuth ? [] : [getAfterLoginHook()]),\n      ],\n      afterLogout: [...(existingUserCollection?.hooks?.afterLogout ?? []), getAfterLogoutHook()],\n      beforeDelete: [...(existingUserCollection?.hooks?.beforeDelete ?? []), getBeforeDeleteHook()],\n    },\n    auth: {\n      ...(existingUserCollection && typeof existingUserCollection.auth === 'object'\n        ? existingUserCollection.auth\n        : {}),\n      ...(pluginOptions.disableDefaultPayloadAuth && { disableLocalStrategy: true }),\n      ...(hasUsernamePlugin && {\n        loginWithUsername: {\n          allowEmailLogin: true,\n          requireEmail: true,\n          requireUsername: false,\n        },\n      }),\n      strategies: [betterAuthStrategy(userSlug)],\n    },\n    fields: [\n      ...(existingUserCollection?.fields ?? []),\n      // Filter out fields that already exist to prevent duplicates\n      // Check both by name and betterAuthFieldKey to catch all duplicates\n      // This is critical to prevent \"DuplicateFieldName\" errors from PayloadCMS\n      ...(collectionFields\n        ? filterDuplicateFields(existingUserCollection?.fields, collectionFields)\n        : []),\n      ...(checkPluginExists(pluginOptions.betterAuthOptions ?? {}, supportedBAPluginIds.passkey)\n        ? [\n            {\n              name: 'managePasskeys',\n              type: 'ui' as const,\n              admin: {\n                disableBulkEdit: true,\n                components: {\n                  Field: {\n                    path: 'payload-auth/better-auth/plugin/rsc#Passkeys',\n                    serverProps: {\n                      passkeyUserIdFieldName,\n                      passkeySlug,\n                      pluginOptions,\n                    },\n                  },\n                },\n              },\n            } as UIField,\n          ]\n        : []),\n    ],\n  };\n\n  if (pluginOptions.users?.collectionOverrides) {\n    usersCollection = pluginOptions.users.collectionOverrides({\n      collection: usersCollection,\n    });\n  }\n\n  assertAllSchemaFields(usersCollection, userSchema);\n\n  return usersCollection;\n}\n"],"names":["checkPluginExists","baModelFieldKeys","baModelKey","defaults","supportedBAPluginIds","getAllRoleOptions","assertAllSchemaFields","getSchemaCollectionSlug","getSchemaFieldName","filterDuplicateFields","isAdminOrCurrentUserUpdateWithAllowedFields","isAdminOrCurrentUserWithRoles","isAdminWithRoles","getCollectionFields","betterAuthStrategy","getGenerateInviteUrlEndpoint","getRefreshTokenEndpoint","getSendInviteUrlEndpoint","getSetAdminRoleEndpoint","getAfterLoginHook","getAfterLogoutHook","getBeforeDeleteHook","getBeforeLoginHook","getOnVerifiedChangeHook","getSyncAccountHook","buildUsersCollection","incomingCollections","pluginOptions","resolvedSchemas","userSlug","user","passkeySlug","passkey","passkeyUserIdFieldName","userId","userSchema","adminRoles","users","adminRole","allRoleOptions","hasUsernamePlugin","betterAuthOptions","username","existingUserCollection","find","collection","slug","allowedFields","userFieldRules","condition","field","fieldName","transform","saveToJWT","admin","disableBulkEdit","hidden","index","label","t","fieldOverrides","role","type","options","defaultValue","userRole","description","email","emailVerified","name","image","twoFactorEnabled","components","Field","path","displayUsername","isAnonymous","phoneNumber","phoneNumberVerified","banned","banReason","banExpires","normalizedEmail","readOnly","stripeCustomerId","collectionFields","schema","fieldRules","additionalProperties","fields","hasEmailField","some","custom","betterAuthFieldKey","filter","usersCollection","defaultColumns","useAsTitle","group","collectionAdminGroup","Description","clientProps","roles","views","edit","adminButtons","tab","Component","baseURL","basePath","access","req","includes","read","idField","create","delete","update","betterAuthModelKey","endpoints","hooks","beforeChange","disableDefaultPayloadAuth","afterChange","beforeLogin","afterLogin","afterLogout","beforeDelete","auth","disableLocalStrategy","loginWithUsername","allowEmailLogin","requireEmail","requireUsername","strategies","serverProps","collectionOverrides"],"mappings":"AAAA,SAASA,iBAAiB,QAAQ,mDAAmD;AACrF,SAASC,gBAAgB,EAAEC,UAAU,EAAEC,QAAQ,EAAEC,oBAAoB,QAAQ,qBAAqB;AAClG,SAASC,iBAAiB,QAAQ,iCAAiC;AACnE,SACEC,qBAAqB,EACrBC,uBAAuB,EACvBC,kBAAkB,QACb,6BAA6B;AACpC,SAASC,qBAAqB,QAAQ,mCAAmC;AACzE,SACEC,2CAA2C,EAC3CC,6BAA6B,EAC7BC,gBAAgB,QACX,0BAA0B;AACjC,SAASC,mBAAmB,QAAQ,8CAA8C;AAClF,SAASC,kBAAkB,QAAQ,yBAAyB;AAC5D,SACEC,4BAA4B,EAC5BC,uBAAuB,EACvBC,wBAAwB,EACxBC,uBAAuB,QAClB,cAAc;AACrB,SACEC,iBAAiB,EACjBC,kBAAkB,EAClBC,mBAAmB,EACnBC,kBAAkB,EAClBC,uBAAuB,EACvBC,kBAAkB,QACb,UAAU;AAMjB,OAAO,SAASC,qBAAqB,EACnCC,mBAAmB,EACnBC,aAAa,EACbC,eAAe,EACM;IACrB,MAAMC,WAAWtB,wBAAwBqB,iBAAiB1B,WAAW4B,IAAI;IACzE,MAAMC,cAAcxB,wBAAwBqB,iBAAiB1B,WAAW8B,OAAO;IAC/E,MAAMC,yBAAyBzB,mBAC7BoB,iBACA1B,WAAW8B,OAAO,EAClB/B,iBAAiB+B,OAAO,CAACE,MAAM;IAEjC,MAAMC,aAAaP,eAAe,CAAC1B,WAAW4B,IAAI,CAAC;IACnD,MAAMM,aAAaT,cAAcU,KAAK,EAAED,cAAc;QAACjC,SAASmC,SAAS;KAAC;IAC1E,MAAMC,iBAAiBlC,kBAAkBsB;IACzC,MAAMa,oBAAoBxC,kBACxB2B,cAAcc,iBAAiB,IAAI,CAAC,GACpCrC,qBAAqBsC,QAAQ;IAE/B,MAAMC,yBAAyBjB,oBAAoBkB,IAAI,CACrDC,CAAAA,aAAcA,WAAWC,IAAI,KAAKjB;IAGpC,sEAAsE;IACtE,gFAAgF;IAChF,MAAMkB,gBAAgBpB,cAAcU,KAAK,EAAEU,iBAAiB;QAAC;QAAQ;KAAQ;IAE7E,MAAMC,iBAA8B;QAClC;YACEC,WAAWC,CAAAA,QAASA,MAAMC,SAAS,KAAK,eAAeD,MAAMC,SAAS,KAAK;YAC3EC,WAAWF,CAAAA,QAAU,CAAA;oBACnB,GAAGA,KAAK;oBACRG,WAAW;oBACXC,OAAO;wBACLC,iBAAiB;wBACjBC,QAAQ;oBACV;oBACAC,OAAO;oBACP,8FAA8F;oBAC9FC,OAAO,CAAC,EAAEC,CAAC,EAAO,GAChBT,MAAMC,SAAS,KAAK,cAAcQ,EAAE,uBAAuBA,EAAE;gBACjE,CAAA;QACF;KACD;IAED,MAAMC,iBAA6C;QACjDC,MAAMX,CAAAA,QAAU,CAAA;gBACdY,MAAM;gBACNC,SAASxB;gBACTyB,cAAcd,MAAMc,YAAY,IAAI7D,SAAS8D,QAAQ;gBACrDZ,WAAW;gBACXC,OAAO;oBAAEY,aAAa;gBAAuB;YAC/C,CAAA;QACAC,OAAO;YACL,+DAA+D;YAC/D,oFAAoF;YACpF,mCAAmC;YACnC,OAAO;gBACLV,OAAO;gBACPH,OAAO;oBAAEY,aAAa;gBAAwB;YAChD;QACF;QACAE,eAAelB,CAAAA,QAAU,CAAA;gBACvBc,cAAcd,MAAMc,YAAY,IAAI;gBACpCX,WAAW;gBACXC,OAAO;oBAAEY,aAAa;gBAAkD;YAC1E,CAAA;QACAG,MAAM,IAAO,CAAA;gBACXhB,WAAW;gBACXC,OAAO;oBAAEY,aAAa;gBAA4B;YACpD,CAAA;QACAI,OAAO,IAAO,CAAA;gBACZjB,WAAW;gBACXC,OAAO;oBAAEY,aAAa;gBAAwB;YAChD,CAAA;QACAK,kBAAkB,IAAO,CAAA;gBACvBP,cAAc;gBACdV,OAAO;oBACLY,aAAa;oBACbM,YAAY;wBACVC,OAAO;4BACLC,MAAM;wBACR;oBACF;gBACF;YACF,CAAA;QACAhC,UAAU,IAAO,CAAA;gBACfY,OAAO;oBAAEY,aAAa;gBAA2B;YACnD,CAAA;QACAS,iBAAiB,IAAO,CAAA;gBACtBrB,OAAO;oBAAEY,aAAa;gBAAmC;YAC3D,CAAA;QACAU,aAAa,IAAO,CAAA;gBAClBZ,cAAc;gBACdV,OAAO;oBAAEY,aAAa;gBAAiC;YACzD,CAAA;QACAW,aAAa,IAAO,CAAA;gBAClBvB,OAAO;oBAAEY,aAAa;gBAA+B;YACvD,CAAA;QACAY,qBAAqB,IAAO,CAAA;gBAC1Bd,cAAc;gBACdV,OAAO;oBAAEY,aAAa;gBAAyD;YACjF,CAAA;QACAa,QAAQ,IAAO,CAAA;gBACbf,cAAc;gBACdV,OAAO;oBAAEY,aAAa;gBAA+C;YACvE,CAAA;QACAc,WAAW,IAAO,CAAA;gBAChB1B,OAAO;oBAAEY,aAAa;gBAAyB;YACjD,CAAA;QACAe,YAAY,IAAO,CAAA;gBACjB3B,OAAO;oBAAEY,aAAa;gBAA6C;YACrE,CAAA;QACAgB,iBAAiB,IAAO,CAAA;gBACtB5B,OAAO;oBACL6B,UAAU;oBACVjB,aAAa;gBACf;YACF,CAAA;QACAkB,kBAAkB,IAAO,CAAA;gBACvB9B,OAAO;oBACL6B,UAAU;oBACVjB,aAAa;gBACf;YACF,CAAA;IACF;IAEA,gDAAgD;IAChD,IAAImB,mBAAmBxE,oBAAoB;QACzCyE,QAAQnD;QACRoD,YAAYvC;QACZwC,sBAAsB5B;IACxB;IAEA,gEAAgE;IAChE,oEAAoE;IACpE,IAAIjB,wBAAwB8C,QAAQ;QAClC,MAAMC,gBAAgB/C,uBAAuB8C,MAAM,CAACE,IAAI,CAAC,CAACzC;YACxD,IAAI,UAAUA,SAASA,MAAMmB,IAAI,KAAK,SAAS;gBAC7C,OAAO;YACT;YACA,IACEnB,MAAM0C,MAAM,IACZ,OAAO1C,MAAM0C,MAAM,KAAK,YACxB,wBAAwB1C,MAAM0C,MAAM,IACpC,AAAC1C,MAAM0C,MAAM,CAAoCC,kBAAkB,KAAK,SACxE;gBACA,OAAO;YACT;YACA,OAAO;QACT;QAEA,IAAIH,iBAAiBL,kBAAkB;YACrCA,mBAAmBA,iBAAiBS,MAAM,CAAC,CAAC5C;gBAC1C,IAAI,UAAUA,SAASA,MAAMmB,IAAI,KAAK,SAAS;oBAC7C,+CAA+C;oBAC/C,IACEnB,MAAM0C,MAAM,IACZ,OAAO1C,MAAM0C,MAAM,KAAK,YACxB,wBAAwB1C,MAAM0C,MAAM,IACpC,AAAC1C,MAAM0C,MAAM,CAAoCC,kBAAkB,KAAK,SACxE;wBACA,OAAO,OAAO,uCAAuC;oBACvD;gBACF;gBACA,OAAO;YACT;QACF;IACF;IAEA,IAAIE,kBAAoC;QACtC,GAAGpD,sBAAsB;QACzBG,MAAMjB;QACNyB,OAAO;YACL0C,gBAAgB;gBAAC;aAAQ;YACzBC,YAAY;YACZC,OAAOvE,eAAewE,wBAAwB;YAC9C,GAAGxD,wBAAwBW,KAAK;YAChCE,QAAQ7B,cAAcU,KAAK,EAAEmB,UAAU;YACvCgB,YAAY;gBACV4B,aAAa;oBACX1B,MAAM;oBACN2B,aAAa;wBACXC,OAAO/D;oBACT;gBACF;gBACAgE,OAAO;oBACLC,MAAM;wBACJC,cAAc;4BACZC,KAAK;gCACHC,WAAW;oCACTjC,MAAM;oCACN2B,aAAa;wCACXxE;wCACA+E,SAASjF,cAAcc,iBAAiB,EAAEmE;wCAC1CC,UAAUlF,cAAcc,iBAAiB,EAAEoE;oCAC7C;gCACF;gCACA5D,WAAW;oCACT,kEAAkE;oCAClE,OAAOjD,kBACL2B,cAAcc,iBAAiB,IAAI,CAAC,GACpCrC,qBAAqBkD,KAAK;gCAE9B;4BACF;wBACF;oBACF;gBACF;YACF;QACF;QACAwD,QAAQ;YACNxD,OAAO,CAAC,EAAEyD,GAAG,EAAE,GAAK3E,WAAW4E,QAAQ,CAAC,AAACD,IAAIjF,IAAI,EAAE+B,QAAmB;YACtEoD,MAAMtG,8BAA8B;gBAAEyB;gBAAY8E,SAAS;YAAK;YAChEC,QAAQvG,iBAAiB;gBAAEwB;YAAW;YACtCgF,QAAQzG,8BAA8B;gBAAEyB;gBAAY8E,SAAS;YAAK;YAClEG,QAAQ3G,4CAA4C;gBAClDqC;gBACAX;gBACAP;YACF;YACA,GAAIc,wBAAwBmE,UAAU,CAAC,CAAC;QAC1C;QACAlB,QAAQ;YACN,GAAIjD,wBAAwBiD,UAAU,CAAC,CAAC;YACxC0B,oBAAoBpH,WAAW4B,IAAI;QACrC;QACAyF,WAAW;eACL5E,wBAAwB4E,YAAY5E,uBAAuB4E,SAAS,GAAG,EAAE;YAC7EvG,wBAAwBa;YACxBX,wBAAwBS,eAAeE;YACvCd,6BAA6B;gBAC3BuF,OAAO/D;gBACPZ;YACF;YACAV,yBAAyBU;SAC1B;QACD6F,OAAO;YACLC,cAAc;mBACR9E,wBAAwB6E,OAAOC,gBAAgB,EAAE;mBACjD9F,cAAc+F,yBAAyB,GAAG,EAAE,GAAG;oBAACnG;iBAA0B;aAC/E;YACDoG,aAAa;mBACPhF,wBAAwB6E,OAAOG,eAAe,EAAE;mBAChDhG,cAAc+F,yBAAyB,GAAG,EAAE,GAAG;oBAAClG;iBAAqB;aAC1E;YACDoG,aAAa;mBACPjF,wBAAwB6E,OAAOI,eAAe,EAAE;mBAChDjG,cAAc+F,yBAAyB,GACvC,EAAE,GACF;oBAACpG,mBAAmBK,cAAcc,iBAAiB,IAAI,CAAC;iBAAG;aAChE;YACDoF,YAAY;mBACNlF,wBAAwB6E,OAAOK,cAAc,EAAE;mBAC/ClG,cAAc+F,yBAAyB,GAAG,EAAE,GAAG;oBAACvG;iBAAoB;aACzE;YACD2G,aAAa;mBAAKnF,wBAAwB6E,OAAOM,eAAe,EAAE;gBAAG1G;aAAqB;YAC1F2G,cAAc;mBAAKpF,wBAAwB6E,OAAOO,gBAAgB,EAAE;gBAAG1G;aAAsB;QAC/F;QACA2G,MAAM;YACJ,GAAIrF,0BAA0B,OAAOA,uBAAuBqF,IAAI,KAAK,WACjErF,uBAAuBqF,IAAI,GAC3B,CAAC,CAAC;YACN,GAAIrG,cAAc+F,yBAAyB,IAAI;gBAAEO,sBAAsB;YAAK,CAAC;YAC7E,GAAIzF,qBAAqB;gBACvB0F,mBAAmB;oBACjBC,iBAAiB;oBACjBC,cAAc;oBACdC,iBAAiB;gBACnB;YACF,CAAC;YACDC,YAAY;gBAACxH,mBAAmBe;aAAU;QAC5C;QACA4D,QAAQ;eACF9C,wBAAwB8C,UAAU,EAAE;YACxC,6DAA6D;YAC7D,oEAAoE;YACpE,0EAA0E;eACtEJ,mBACA5E,sBAAsBkC,wBAAwB8C,QAAQJ,oBACtD,EAAE;eACFrF,kBAAkB2B,cAAcc,iBAAiB,IAAI,CAAC,GAAGrC,qBAAqB4B,OAAO,IACrF;gBACE;oBACEqC,MAAM;oBACNP,MAAM;oBACNR,OAAO;wBACLC,iBAAiB;wBACjBiB,YAAY;4BACVC,OAAO;gCACLC,MAAM;gCACN6D,aAAa;oCACXtG;oCACAF;oCACAJ;gCACF;4BACF;wBACF;oBACF;gBACF;aACD,GACD,EAAE;SACP;IACH;IAEA,IAAIA,cAAcU,KAAK,EAAEmG,qBAAqB;QAC5CzC,kBAAkBpE,cAAcU,KAAK,CAACmG,mBAAmB,CAAC;YACxD3F,YAAYkD;QACd;IACF;IAEAzF,sBAAsByF,iBAAiB5D;IAEvC,OAAO4D;AACT"}

package/dist/better-auth/plugin/lib/build-collections/utils/collection-schema.d.ts

@@ -0,0 +1,15 @@
+import type { BetterAuthFullSchema, ModelKey } from '@/better-auth/generated-types';
+import type { BetterAuthSchemas, BuiltBetterAuthSchema } from '@/better-auth/types';
+import { type CollectionConfig } from 'payload';
+export declare function getSchemaCollectionSlug(resolvedSchemas: BetterAuthSchemas, model: ModelKey): string;
+export declare function getSchemaFieldName<M extends ModelKey>(resolvedSchemas: BetterAuthSchemas, model: M, fieldKey: Extract<keyof BetterAuthFullSchema[M], string>): string;
+/**
+ * Asserts that all field keys that exist in the schema exist in the collection
+ *
+ * It checks based on the custom.betterAuthFieldKey property.
+ *
+ * @param collection - The collection object
+ * @param schema - The schema object containing field definitions
+ * @throws {Error} If any required field is missing from the schema
+ */
+export declare function assertAllSchemaFields(collection: CollectionConfig, schema: BuiltBetterAuthSchema): void;

package/dist/better-auth/plugin/lib/build-collections/utils/collection-schema.js

@@ -0,0 +1,24 @@
+import { flattenAllFields } from "payload";
+export function getSchemaCollectionSlug(resolvedSchemas, model) {
+    return resolvedSchemas?.[model]?.modelName ?? model;
+}
+export function getSchemaFieldName(resolvedSchemas, model, fieldKey) {
+    return resolvedSchemas?.[model]?.fields?.[fieldKey]?.fieldName ?? fieldKey;
+}
+/**
+ * Asserts that all field keys that exist in the schema exist in the collection
+ *
+ * It checks based on the custom.betterAuthFieldKey property.
+ *
+ * @param collection - The collection object
+ * @param schema - The schema object containing field definitions
+ * @throws {Error} If any required field is missing from the schema
+ */ export function assertAllSchemaFields(collection, schema) {
+    const schemaFieldKeys = Object.keys(schema.fields);
+    const collectionConfigBetterAuthKeys = new Set(flattenAllFields(collection).map((field)=>field.custom?.betterAuthFieldKey).filter((key)=>typeof key === 'string'));
+    const missingFields = schemaFieldKeys.filter((key)=>!collectionConfigBetterAuthKeys.has(key));
+    if (missingFields.length === 0) return;
+    throw new Error(`Missing required custom.betterAuthFieldKeys in collection "${collection.slug}": ${missingFields.join(', ')}`);
+}
+
+//# sourceMappingURL=collection-schema.js.map

package/dist/better-auth/plugin/lib/build-collections/utils/collection-schema.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../../../src/better-auth/plugin/lib/build-collections/utils/collection-schema.ts"],"sourcesContent":["import type { BetterAuthFullSchema, ModelKey } from '@/better-auth/generated-types';\nimport type { BetterAuthSchemas, BuiltBetterAuthSchema } from '@/better-auth/types';\nimport { type CollectionConfig, flattenAllFields } from 'payload';\n\nexport function getSchemaCollectionSlug(\n  resolvedSchemas: BetterAuthSchemas,\n  model: ModelKey\n): string {\n  return resolvedSchemas?.[model]?.modelName ?? model;\n}\n\nexport function getSchemaFieldName<M extends ModelKey>(\n  resolvedSchemas: BetterAuthSchemas,\n  model: M,\n  fieldKey: Extract<keyof BetterAuthFullSchema[M], string>\n): string {\n  return resolvedSchemas?.[model]?.fields?.[fieldKey]?.fieldName ?? fieldKey;\n}\n\n/**\n * Asserts that all field keys that exist in the schema exist in the collection\n *\n * It checks based on the custom.betterAuthFieldKey property.\n *\n * @param collection - The collection object\n * @param schema - The schema object containing field definitions\n * @throws {Error} If any required field is missing from the schema\n */\n\nexport function assertAllSchemaFields(\n  collection: CollectionConfig,\n  schema: BuiltBetterAuthSchema\n): void {\n  const schemaFieldKeys = Object.keys(schema.fields);\n  const collectionConfigBetterAuthKeys = new Set(\n    flattenAllFields(collection)\n      .map(field => field.custom?.betterAuthFieldKey)\n      .filter((key): key is string => typeof key === 'string')\n  );\n\n  const missingFields = schemaFieldKeys.filter(key => !collectionConfigBetterAuthKeys.has(key));\n  if (missingFields.length === 0) return;\n\n  throw new Error(\n    `Missing required custom.betterAuthFieldKeys in collection \"${collection.slug}\": ${missingFields.join(', ')}`\n  );\n}\n"],"names":["flattenAllFields","getSchemaCollectionSlug","resolvedSchemas","model","modelName","getSchemaFieldName","fieldKey","fields","fieldName","assertAllSchemaFields","collection","schema","schemaFieldKeys","Object","keys","collectionConfigBetterAuthKeys","Set","map","field","custom","betterAuthFieldKey","filter","key","missingFields","has","length","Error","slug","join"],"mappings":"AAEA,SAAgCA,gBAAgB,QAAQ,UAAU;AAElE,OAAO,SAASC,wBACdC,eAAkC,EAClCC,KAAe;IAEf,OAAOD,iBAAiB,CAACC,MAAM,EAAEC,aAAaD;AAChD;AAEA,OAAO,SAASE,mBACdH,eAAkC,EAClCC,KAAQ,EACRG,QAAwD;IAExD,OAAOJ,iBAAiB,CAACC,MAAM,EAAEI,QAAQ,CAACD,SAAS,EAAEE,aAAaF;AACpE;AAEA;;;;;;;;CAQC,GAED,OAAO,SAASG,sBACdC,UAA4B,EAC5BC,MAA6B;IAE7B,MAAMC,kBAAkBC,OAAOC,IAAI,CAACH,OAAOJ,MAAM;IACjD,MAAMQ,iCAAiC,IAAIC,IACzChB,iBAAiBU,YACdO,GAAG,CAACC,CAAAA,QAASA,MAAMC,MAAM,EAAEC,oBAC3BC,MAAM,CAAC,CAACC,MAAuB,OAAOA,QAAQ;IAGnD,MAAMC,gBAAgBX,gBAAgBS,MAAM,CAACC,CAAAA,MAAO,CAACP,+BAA+BS,GAAG,CAACF;IACxF,IAAIC,cAAcE,MAAM,KAAK,GAAG;IAEhC,MAAM,IAAIC,MACR,CAAC,2DAA2D,EAAEhB,WAAWiB,IAAI,CAAC,GAAG,EAAEJ,cAAcK,IAAI,CAAC,OAAO;AAEjH"}

package/dist/better-auth/plugin/lib/build-collections/utils/filter-duplicate-fields.d.ts

@@ -0,0 +1,10 @@
+import type { Field } from 'payload';
+/**
+ * Filters out fields from newFields that already exist in existingFields by name
+ * This prevents duplicate field errors when merging existing collection fields with Better Auth schema fields
+ *
+ * @param existingFields - Fields that already exist in the collection
+ * @param newFields - New fields to add from Better Auth schema
+ * @returns Filtered array of new fields that don't conflict with existing fields
+ */
+export declare function filterDuplicateFields(existingFields: Field[] | undefined, newFields: Field[] | null | undefined): Field[];

package/dist/better-auth/plugin/lib/build-collections/utils/filter-duplicate-fields.js

@@ -0,0 +1,67 @@
+/**
+ * Filters out fields from newFields that already exist in existingFields by name
+ * This prevents duplicate field errors when merging existing collection fields with Better Auth schema fields
+ *
+ * @param existingFields - Fields that already exist in the collection
+ * @param newFields - New fields to add from Better Auth schema
+ * @returns Filtered array of new fields that don't conflict with existing fields
+ */ export function filterDuplicateFields(existingFields, newFields) {
+    if (!newFields || !Array.isArray(newFields)) {
+        return [];
+    }
+    if (!existingFields || !Array.isArray(existingFields)) {
+        return newFields;
+    }
+    // Create Sets for O(1) lookup - check both by name and betterAuthFieldKey
+    const existingFieldNames = new Set();
+    const existingBetterAuthKeys = new Set();
+    // Recursively collect all field names and betterAuthFieldKeys from existing fields
+    const collectFieldInfo = (fields)=>{
+        for (const field of fields){
+            if (field.name) {
+                existingFieldNames.add(field.name);
+            }
+            // Also check for betterAuthFieldKey to prevent duplicates even if names differ
+            if (field.custom && typeof field.custom === 'object' && 'betterAuthFieldKey' in field.custom) {
+                const betterAuthKey = field.custom.betterAuthFieldKey;
+                if (typeof betterAuthKey === 'string') {
+                    existingBetterAuthKeys.add(betterAuthKey);
+                }
+            }
+            // Also check nested fields in groups, arrays, etc.
+            if ('fields' in field && Array.isArray(field.fields)) {
+                collectFieldInfo(field.fields);
+            }
+            // Check tabs
+            if ('tabs' in field && Array.isArray(field.tabs)) {
+                for (const tab of field.tabs){
+                    if (tab.fields && Array.isArray(tab.fields)) {
+                        collectFieldInfo(tab.fields);
+                    }
+                }
+            }
+        }
+    };
+    collectFieldInfo(existingFields);
+    // Filter out fields that already exist (by name OR by betterAuthFieldKey)
+    return newFields.filter((field)=>{
+        if (!field.name) {
+            // Keep fields without names (like UI fields, collapsibles, etc.)
+            return true;
+        }
+        // Check if field name already exists
+        if (existingFieldNames.has(field.name)) {
+            return false;
+        }
+        // Also check if betterAuthFieldKey already exists (prevents duplicates even with different names)
+        if (field.custom && typeof field.custom === 'object' && 'betterAuthFieldKey' in field.custom) {
+            const betterAuthKey = field.custom.betterAuthFieldKey;
+            if (typeof betterAuthKey === 'string' && existingBetterAuthKeys.has(betterAuthKey)) {
+                return false;
+            }
+        }
+        return true;
+    });
+}
+
+//# sourceMappingURL=filter-duplicate-fields.js.map

package/dist/better-auth/plugin/lib/build-collections/utils/filter-duplicate-fields.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../../../../src/better-auth/plugin/lib/build-collections/utils/filter-duplicate-fields.ts"],"sourcesContent":["import type {Field} from 'payload';\n\n/**\n * Filters out fields from newFields that already exist in existingFields by name\n * This prevents duplicate field errors when merging existing collection fields with Better Auth schema fields\n *\n * @param existingFields - Fields that already exist in the collection\n * @param newFields - New fields to add from Better Auth schema\n * @returns Filtered array of new fields that don't conflict with existing fields\n */\nexport function filterDuplicateFields(\n  existingFields: Field[] | undefined,\n  newFields: Field[] | null | undefined\n): Field[] {\n  if (!newFields || !Array.isArray(newFields)) {\n    return [];\n  }\n\n  if (!existingFields || !Array.isArray(existingFields)) {\n    return newFields;\n  }\n\n  // Create Sets for O(1) lookup - check both by name and betterAuthFieldKey\n  const existingFieldNames = new Set<string>();\n  const existingBetterAuthKeys = new Set<string>();\n\n  // Recursively collect all field names and betterAuthFieldKeys from existing fields\n  const collectFieldInfo = (fields: Field[]): void => {\n    for (const field of fields) {\n      if (field.name) {\n        existingFieldNames.add(field.name);\n      }\n      // Also check for betterAuthFieldKey to prevent duplicates even if names differ\n      if (field.custom && typeof field.custom === 'object' && 'betterAuthFieldKey' in field.custom) {\n        const betterAuthKey = field.custom.betterAuthFieldKey;\n        if (typeof betterAuthKey === 'string') {\n          existingBetterAuthKeys.add(betterAuthKey);\n        }\n      }\n      // Also check nested fields in groups, arrays, etc.\n      if ('fields' in field && Array.isArray(field.fields)) {\n        collectFieldInfo(field.fields);\n      }\n      // Check tabs\n      if ('tabs' in field && Array.isArray(field.tabs)) {\n        for (const tab of field.tabs) {\n          if (tab.fields && Array.isArray(tab.fields)) {\n            collectFieldInfo(tab.fields);\n          }\n        }\n      }\n    }\n  };\n\n  collectFieldInfo(existingFields);\n\n  // Filter out fields that already exist (by name OR by betterAuthFieldKey)\n  return newFields.filter(field => {\n    if (!field.name) {\n      // Keep fields without names (like UI fields, collapsibles, etc.)\n      return true;\n    }\n    \n    // Check if field name already exists\n    if (existingFieldNames.has(field.name)) {\n      return false;\n    }\n    \n    // Also check if betterAuthFieldKey already exists (prevents duplicates even with different names)\n    if (field.custom && typeof field.custom === 'object' && 'betterAuthFieldKey' in field.custom) {\n      const betterAuthKey = field.custom.betterAuthFieldKey;\n      if (typeof betterAuthKey === 'string' && existingBetterAuthKeys.has(betterAuthKey)) {\n        return false;\n      }\n    }\n    \n    return true;\n  });\n}\n"],"names":["filterDuplicateFields","existingFields","newFields","Array","isArray","existingFieldNames","Set","existingBetterAuthKeys","collectFieldInfo","fields","field","name","add","custom","betterAuthKey","betterAuthFieldKey","tabs","tab","filter","has"],"mappings":"AAEA;;;;;;;CAOC,GACD,OAAO,SAASA,sBACdC,cAAmC,EACnCC,SAAqC;IAErC,IAAI,CAACA,aAAa,CAACC,MAAMC,OAAO,CAACF,YAAY;QAC3C,OAAO,EAAE;IACX;IAEA,IAAI,CAACD,kBAAkB,CAACE,MAAMC,OAAO,CAACH,iBAAiB;QACrD,OAAOC;IACT;IAEA,0EAA0E;IAC1E,MAAMG,qBAAqB,IAAIC;IAC/B,MAAMC,yBAAyB,IAAID;IAEnC,mFAAmF;IACnF,MAAME,mBAAmB,CAACC;QACxB,KAAK,MAAMC,SAASD,OAAQ;YAC1B,IAAIC,MAAMC,IAAI,EAAE;gBACdN,mBAAmBO,GAAG,CAACF,MAAMC,IAAI;YACnC;YACA,+EAA+E;YAC/E,IAAID,MAAMG,MAAM,IAAI,OAAOH,MAAMG,MAAM,KAAK,YAAY,wBAAwBH,MAAMG,MAAM,EAAE;gBAC5F,MAAMC,gBAAgBJ,MAAMG,MAAM,CAACE,kBAAkB;gBACrD,IAAI,OAAOD,kBAAkB,UAAU;oBACrCP,uBAAuBK,GAAG,CAACE;gBAC7B;YACF;YACA,mDAAmD;YACnD,IAAI,YAAYJ,SAASP,MAAMC,OAAO,CAACM,MAAMD,MAAM,GAAG;gBACpDD,iBAAiBE,MAAMD,MAAM;YAC/B;YACA,aAAa;YACb,IAAI,UAAUC,SAASP,MAAMC,OAAO,CAACM,MAAMM,IAAI,GAAG;gBAChD,KAAK,MAAMC,OAAOP,MAAMM,IAAI,CAAE;oBAC5B,IAAIC,IAAIR,MAAM,IAAIN,MAAMC,OAAO,CAACa,IAAIR,MAAM,GAAG;wBAC3CD,iBAAiBS,IAAIR,MAAM;oBAC7B;gBACF;YACF;QACF;IACF;IAEAD,iBAAiBP;IAEjB,0EAA0E;IAC1E,OAAOC,UAAUgB,MAAM,CAACR,CAAAA;QACtB,IAAI,CAACA,MAAMC,IAAI,EAAE;YACf,iEAAiE;YACjE,OAAO;QACT;QAEA,qCAAqC;QACrC,IAAIN,mBAAmBc,GAAG,CAACT,MAAMC,IAAI,GAAG;YACtC,OAAO;QACT;QAEA,kGAAkG;QAClG,IAAID,MAAMG,MAAM,IAAI,OAAOH,MAAMG,MAAM,KAAK,YAAY,wBAAwBH,MAAMG,MAAM,EAAE;YAC5F,MAAMC,gBAAgBJ,MAAMG,MAAM,CAACE,kBAAkB;YACrD,IAAI,OAAOD,kBAAkB,YAAYP,uBAAuBY,GAAG,CAACL,gBAAgB;gBAClF,OAAO;YACT;QACF;QAEA,OAAO;IACT;AACF"}

package/dist/better-auth/plugin/lib/build-collections/utils/filter-properties.d.ts

@@ -0,0 +1,9 @@
+import type { Field } from 'payload';
+export declare const COMMON_FIELD_KEYS: readonly ["access", "admin", "custom", "defaultValue", "hidden", "hooks", "index", "label", "localized", "name", "required", "saveToJWT", "typescriptSchema", "unique", "validate", "virtual", "_sanitized"];
+export declare const TEXT_FIELD_KEYS: readonly ["access", "admin", "custom", "defaultValue", "hidden", "hooks", "index", "label", "localized", "name", "required", "saveToJWT", "typescriptSchema", "unique", "validate", "virtual", "_sanitized", "maxLength", "maxRows", "minLength", "minRows"];
+export declare const NUMBER_FIELD_KEYS: readonly ["access", "admin", "custom", "defaultValue", "hidden", "hooks", "index", "label", "localized", "name", "required", "saveToJWT", "typescriptSchema", "unique", "validate", "virtual", "_sanitized", "max", "min"];
+export declare const DATE_FIELD_KEYS: readonly ["access", "admin", "custom", "defaultValue", "hidden", "hooks", "index", "label", "localized", "name", "required", "saveToJWT", "typescriptSchema", "unique", "validate", "virtual", "_sanitized", "timezone"];
+export declare const CHECKBOX_FIELD_KEYS: readonly ["access", "admin", "custom", "defaultValue", "hidden", "hooks", "index", "label", "localized", "name", "required", "saveToJWT", "typescriptSchema", "unique", "validate", "virtual", "_sanitized"];
+export declare const RELATIONSHIP_FIELD_KEYS: readonly ["access", "admin", "custom", "defaultValue", "hidden", "hooks", "index", "label", "localized", "name", "required", "saveToJWT", "typescriptSchema", "unique", "validate", "virtual", "_sanitized", "filterOptions", "graphQL", "hasMany", "max", "maxDepth", "maxRows", "min", "minRows", "relationTo", "type"];
+export declare function getValidFieldPropertyKeysForType(type: Field['type']): ("validate" | "custom" | "type" | "defaultValue" | "required" | "name" | "hooks" | "unique" | "max" | "min" | "admin" | "index" | "hidden" | "relationTo" | "label" | "_sanitized" | "access" | "localized" | "saveToJWT" | "typescriptSchema" | "virtual" | "maxRows" | "minRows" | "maxDepth" | "hasMany" | "graphQL" | "filterOptions")[] | ("validate" | "custom" | "defaultValue" | "maxLength" | "minLength" | "required" | "name" | "hooks" | "unique" | "admin" | "index" | "hidden" | "label" | "_sanitized" | "access" | "localized" | "saveToJWT" | "typescriptSchema" | "virtual" | "maxRows" | "minRows")[] | ("validate" | "custom" | "defaultValue" | "required" | "name" | "hooks" | "unique" | "admin" | "timezone" | "index" | "hidden" | "label" | "_sanitized" | "access" | "localized" | "saveToJWT" | "typescriptSchema" | "virtual")[];
+export declare function filterProps<T extends object, K extends readonly (keyof T)[]>(obj: Partial<T>, allowed: K, extra?: readonly string[]): Partial<T>;

package/dist/better-auth/plugin/lib/build-collections/utils/filter-properties.js

@@ -0,0 +1,94 @@
+export const COMMON_FIELD_KEYS = [
+    'access',
+    'admin',
+    'custom',
+    'defaultValue',
+    'hidden',
+    'hooks',
+    'index',
+    'label',
+    'localized',
+    'name',
+    'required',
+    'saveToJWT',
+    'typescriptSchema',
+    'unique',
+    'validate',
+    'virtual',
+    '_sanitized'
+];
+export const TEXT_FIELD_KEYS = [
+    ...COMMON_FIELD_KEYS,
+    'maxLength',
+    'maxRows',
+    'minLength',
+    'minRows'
+];
+export const NUMBER_FIELD_KEYS = [
+    ...COMMON_FIELD_KEYS,
+    'max',
+    'min'
+];
+export const DATE_FIELD_KEYS = [
+    ...COMMON_FIELD_KEYS,
+    'timezone'
+];
+export const CHECKBOX_FIELD_KEYS = [
+    ...COMMON_FIELD_KEYS
+];
+export const RELATIONSHIP_FIELD_KEYS = [
+    ...COMMON_FIELD_KEYS,
+    'filterOptions',
+    'graphQL',
+    'hasMany',
+    'max',
+    'maxDepth',
+    'maxRows',
+    'min',
+    'minRows',
+    'relationTo',
+    'type'
+];
+export function getValidFieldPropertyKeysForType(type) {
+    switch(type){
+        case 'relationship':
+            return [
+                ...RELATIONSHIP_FIELD_KEYS
+            ];
+        case 'text':
+            return [
+                ...TEXT_FIELD_KEYS
+            ];
+        case 'number':
+            return [
+                ...NUMBER_FIELD_KEYS
+            ];
+        case 'date':
+            return [
+                ...DATE_FIELD_KEYS
+            ];
+        case 'checkbox':
+            return [
+                ...CHECKBOX_FIELD_KEYS
+            ];
+        default:
+            return [
+                ...COMMON_FIELD_KEYS
+            ];
+    }
+}
+export function filterProps(obj, allowed, extra = []) {
+    const allow = new Set([
+        ...allowed.map(String),
+        ...extra
+    ]);
+    // Using Record<string, unknown> because filtered object structure varies by input object type and cannot be strictly typed
+    const out = {};
+    for (const [k, v] of Object.entries(obj)){
+        if (!allow.has(k)) continue;
+        out[k] = v;
+    }
+    return out;
+}
+
+//# sourceMappingURL=filter-properties.js.map