@saacms/auth-better-auth 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapter.d.ts +48 -0
- package/dist/adapter.d.ts.map +1 -0
- package/dist/index.d.ts +13 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +42 -0
- package/package.json +42 -0
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Better Auth → saacms `AuthAdapter` shim.
|
|
3
|
+
*
|
|
4
|
+
* Wraps a Better Auth instance and projects its session/user representation
|
|
5
|
+
* onto saacms's `User` shape (per `core/src/types/user.ts`). The runtime's
|
|
6
|
+
* `auth-middleware` calls `getSession(request)` once per request; this shim
|
|
7
|
+
* never throws out of that call — transport failures degrade to anonymous so
|
|
8
|
+
* routes can still serve public content.
|
|
9
|
+
*
|
|
10
|
+
* The package does NOT import `better-auth` at runtime. `BetterAuthLike` is
|
|
11
|
+
* a structural subset of the BA instance covering just the surface we use,
|
|
12
|
+
* which lets the package compile and test without pinning a BA version.
|
|
13
|
+
* The host supplies the real `betterAuth({...})` result via `opts.auth`.
|
|
14
|
+
*/
|
|
15
|
+
import type { AuthAdapter } from "@saacms/core";
|
|
16
|
+
/**
|
|
17
|
+
* Structural subset of a Better Auth instance. We mirror only what we use
|
|
18
|
+
* (`api.getSession`) so this package isn't pinned to a specific BA version.
|
|
19
|
+
* Any object with this shape works; the real `betterAuth({...})` return
|
|
20
|
+
* value satisfies it.
|
|
21
|
+
*/
|
|
22
|
+
export interface BetterAuthLike {
|
|
23
|
+
readonly api: {
|
|
24
|
+
getSession(args: {
|
|
25
|
+
readonly headers: Headers;
|
|
26
|
+
}): Promise<{
|
|
27
|
+
readonly user?: {
|
|
28
|
+
readonly id: string;
|
|
29
|
+
readonly email?: string | null;
|
|
30
|
+
readonly role?: string | null;
|
|
31
|
+
readonly [k: string]: unknown;
|
|
32
|
+
};
|
|
33
|
+
readonly session?: {
|
|
34
|
+
readonly id: string;
|
|
35
|
+
readonly [k: string]: unknown;
|
|
36
|
+
};
|
|
37
|
+
readonly [k: string]: unknown;
|
|
38
|
+
} | null | undefined>;
|
|
39
|
+
};
|
|
40
|
+
}
|
|
41
|
+
export interface BetterAuthAdapterOptions {
|
|
42
|
+
/** The Better Auth instance — typically the result of `betterAuth({...})`. */
|
|
43
|
+
readonly auth: BetterAuthLike;
|
|
44
|
+
/** Optional async claims loader; called once per session resolution. */
|
|
45
|
+
readonly claimsLoader?: (userId: string) => Promise<Readonly<Record<string, unknown>>>;
|
|
46
|
+
}
|
|
47
|
+
export declare function betterAuthAdapter(opts: BetterAuthAdapterOptions): AuthAdapter;
|
|
48
|
+
//# sourceMappingURL=adapter.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"adapter.d.ts","sourceRoot":"","sources":["../src/adapter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAc,MAAM,cAAc,CAAA;AAK3D;;;;;GAKG;AACH,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,GAAG,EAAE;QACZ,UAAU,CAAC,IAAI,EAAE;YAAE,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAA;SAAE,GAAG,OAAO,CACpD;YACE,QAAQ,CAAC,IAAI,CAAC,EAAE;gBACd,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAA;gBACnB,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;gBAC9B,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;gBAC7B,QAAQ,EAAE,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;aAC9B,CAAA;YACD,QAAQ,CAAC,OAAO,CAAC,EAAE;gBAAE,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;gBAAC,QAAQ,EAAE,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;aAAE,CAAA;YACzE,QAAQ,EAAE,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;SAC9B,GACD,IAAI,GACJ,SAAS,CACZ,CAAA;KACF,CAAA;CACF;AAED,MAAM,WAAW,wBAAwB;IACvC,8EAA8E;IAC9E,QAAQ,CAAC,IAAI,EAAE,cAAc,CAAA;IAC7B,wEAAwE;IACxE,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,CAAA;CACvF;AAED,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,wBAAwB,GAAG,WAAW,CA2B7E"}
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @saacms/auth-better-auth — public surface.
|
|
3
|
+
*
|
|
4
|
+
* A thin shim adapting Better Auth's session-resolution API to saacms's
|
|
5
|
+
* `AuthAdapter` interface (per ADR 0008 + ADR 0020). Hosts wire this up so
|
|
6
|
+
* the runtime's `auth-middleware` can populate `c.set("user", user)` per
|
|
7
|
+
* request.
|
|
8
|
+
*
|
|
9
|
+
* v1 alpha: scaffold. Real implementation lands via a sandcastle dispatch.
|
|
10
|
+
*/
|
|
11
|
+
export { betterAuthAdapter } from "./adapter.ts";
|
|
12
|
+
export type { BetterAuthAdapterOptions, BetterAuthLike } from "./adapter.ts";
|
|
13
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAA;AAChD,YAAY,EAAE,wBAAwB,EAAE,cAAc,EAAE,MAAM,cAAc,CAAA"}
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
// src/adapter.ts
|
|
2
|
+
import { id } from "@saacms/core";
|
|
3
|
+
var LOG_PREFIX = "[saacms/auth]";
|
|
4
|
+
function betterAuthAdapter(opts) {
|
|
5
|
+
return {
|
|
6
|
+
name: "better-auth",
|
|
7
|
+
async getSession(request) {
|
|
8
|
+
let session;
|
|
9
|
+
try {
|
|
10
|
+
session = await opts.auth.api.getSession({ headers: request.headers });
|
|
11
|
+
} catch (err) {
|
|
12
|
+
console.warn(`${LOG_PREFIX} getSession threw:`, err);
|
|
13
|
+
return null;
|
|
14
|
+
}
|
|
15
|
+
if (session == null || session.user == null) {
|
|
16
|
+
return null;
|
|
17
|
+
}
|
|
18
|
+
const baUser = session.user;
|
|
19
|
+
const claims = await loadClaims(opts.claimsLoader, baUser.id);
|
|
20
|
+
return {
|
|
21
|
+
id: id.user(baUser.id),
|
|
22
|
+
email: baUser.email ?? null,
|
|
23
|
+
role: baUser.role ?? "user",
|
|
24
|
+
claims
|
|
25
|
+
};
|
|
26
|
+
}
|
|
27
|
+
};
|
|
28
|
+
}
|
|
29
|
+
async function loadClaims(loader, userId) {
|
|
30
|
+
if (loader == null) {
|
|
31
|
+
return {};
|
|
32
|
+
}
|
|
33
|
+
try {
|
|
34
|
+
return { ...await loader(userId) };
|
|
35
|
+
} catch (err) {
|
|
36
|
+
console.warn(`${LOG_PREFIX} claimsLoader threw:`, err);
|
|
37
|
+
return {};
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
export {
|
|
41
|
+
betterAuthAdapter
|
|
42
|
+
};
|
package/package.json
ADDED
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@saacms/auth-better-auth",
|
|
3
|
+
"version": "0.1.0",
|
|
4
|
+
"type": "module",
|
|
5
|
+
"exports": {
|
|
6
|
+
".": {
|
|
7
|
+
"import": "./dist/index.js",
|
|
8
|
+
"types": "./dist/index.d.ts",
|
|
9
|
+
"default": "./dist/index.js"
|
|
10
|
+
}
|
|
11
|
+
},
|
|
12
|
+
"files": [
|
|
13
|
+
"dist",
|
|
14
|
+
"README.md"
|
|
15
|
+
],
|
|
16
|
+
"scripts": {
|
|
17
|
+
"build": "tsc --build",
|
|
18
|
+
"typecheck": "tsc --build --noEmit",
|
|
19
|
+
"prepack": "cp package.json package.json.pack-bak && bun run ../../scripts/prepack-pkg.ts",
|
|
20
|
+
"postpack": "mv package.json.pack-bak package.json"
|
|
21
|
+
},
|
|
22
|
+
"publishConfig": {
|
|
23
|
+
"access": "public"
|
|
24
|
+
},
|
|
25
|
+
"dependencies": {
|
|
26
|
+
"@saacms/core": "workspace:*"
|
|
27
|
+
},
|
|
28
|
+
"peerDependencies": {
|
|
29
|
+
"better-auth": "^1.0.0"
|
|
30
|
+
},
|
|
31
|
+
"peerDependenciesMeta": {
|
|
32
|
+
"better-auth": {
|
|
33
|
+
"optional": false
|
|
34
|
+
}
|
|
35
|
+
},
|
|
36
|
+
"devDependencies": {
|
|
37
|
+
"@types/bun": "latest",
|
|
38
|
+
"typescript": "^5.7.0"
|
|
39
|
+
},
|
|
40
|
+
"main": "./dist/index.js",
|
|
41
|
+
"types": "./dist/index.d.ts"
|
|
42
|
+
}
|