npm - @take-out/better-auth-utils - Versions diffs - 0.1.27 → 0.1.28 - Mend

@take-out/better-auth-utils 0.1.27 → 0.1.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/package.json +3 -3
package/types/createAuthClient.d.ts.map +2 -2
package/types/index.d.ts.map +2 -2
package/types/server.d.ts.map +2 -2

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@take-out/better-auth-utils",
-  "version": "0.1.27",
+  "version": "0.1.28",
   "description": "Better auth utilities and client for React/React Native applications",
   "sideEffects": false,
   "type": "module",
@@ -41,7 +41,7 @@
     }
   },
   "dependencies": {
-    "@take-out/helpers": "0.1.27",
+    "@take-out/helpers": "0.1.28",
     "jose": "^6.0.10"
   },
   "peerDependencies": {
@@ -49,7 +49,7 @@
     "react": "*"
   },
   "devDependencies": {
-    "@tamagui/build": "2.0.0-rc.11",
+    "@tamagui/build": "2.0.0-rc.15",
     "@types/node": "24.0.3",
     "@types/react": "^19.0.8",
     "oxfmt": "^0.16.0",

package/types/createAuthClient.d.ts.map CHANGED Viewed

@@ -4,8 +4,8 @@
   "sources": [
     "src/createAuthClient.ts"
   ],
+  "version": 3,
   "sourcesContent": [
     "/**\n * Better-auth helpers for React / React Native applications\n *\n * Features:\n *  - Session persistence in local storage\n *  - State management with emitters\n *  - Automatic retry on errors\n *  - Optional JWT support (for Tauri, React Native)\n */\n\nimport {\n  createEmitter,\n  createStorageValue,\n  type Emitter,\n  isEqualDeepLite,\n  useEmitterValue,\n} from '@take-out/helpers'\nimport { type BetterAuthClientOptions, createAuthClient } from 'better-auth/client'\n\nimport type { Session, User } from 'better-auth'\n\nexport interface StorageKeys {\n  token: string\n  session: string\n}\n\nexport type AuthState<U extends User = User> = {\n  state: 'loading' | 'logged-in' | 'logged-out'\n  session: Session | null\n  user: U | null\n  /** JWT token - only populated when useJWT is enabled */\n  token: string | null\n}\n\nexport interface BetterAuthClientProps<\n  TUser extends User = User,\n> extends BetterAuthClientOptions {\n  /**\n   * Callback to transform and type the user object\n   * @default (user) => user\n   */\n  createUser?: (user: User) => TUser\n\n  /**\n   * Optional callback when authentication state changes\n   */\n  onAuthStateChange?: (state: AuthState<TUser>) => void\n\n  /**\n   * Optional callback for handling auth errors\n   */\n  onAuthError?: (error: any) => void\n\n  /**\n   * Storage key prefix for local storage\n   * @default 'auth'\n   */\n  storagePrefix?: string\n\n  /**\n   * Retry delay in milliseconds after auth errors\n   * @default 4000\n   */\n  retryDelay?: number\n\n  /**\n   * Enable JWT token management for native apps (Tauri, React Native)\n   * When false (default), auth uses session cookies forwarded by the server\n   * When true, fetches and manages JWT tokens for Authorization header auth\n   * @default false\n   */\n  useJWT?: boolean\n\n  /**\n   * Cookie names to clear on auth invalidation\n   * @default ['better-auth.jwt', 'better-auth.session_token']\n   */\n  authCookieNames?: string[]\n}\n\nexport interface BetterAuthClientReturn<U extends User = User, TClient = any> {\n  clearState: () => void\n  authState: ReturnType<typeof createEmitter<AuthState<U>>>\n  authClient: TClient\n  setAuthClientToken: (props: { token: string; session: string }) => Promise<void>\n  clearAuthClientToken: () => void\n  clearAllAuth: () => void\n  useAuth: () => AuthState<U>\n  getAuth: () => AuthState<U> & { loggedIn: boolean }\n  getValidToken: () => Promise<string | undefined>\n  updateAuthClient: (session: string) => void\n  authClientVersion: Emitter<number>\n}\n\ntype InferUser<T> = T extends { createUser?: (user: User) => infer R }\n  ? R extends User\n    ? R\n    : User\n  : User\n\nexport function createBetterAuthClient<const Opts extends BetterAuthClientProps<any>>(\n  options: Opts\n): BetterAuthClientReturn<InferUser<Opts>, ReturnType<typeof createAuthClient<Opts>>> {\n  type TUser = InferUser<Opts>\n  const {\n    onAuthStateChange,\n    onAuthError,\n    createUser,\n    storagePrefix = 'auth',\n    retryDelay = 4000,\n    useJWT = false,\n    authCookieNames = ['better-auth.jwt', 'better-auth.session_token'],\n    ...authClientOptions\n  } = options\n\n  const empty: AuthState<TUser> = {\n    state: 'logged-out',\n    session: null,\n    user: null,\n    token: null,\n  }\n\n  const keysStorage = createStorageValue<StorageKeys>(`${storagePrefix}-keys`)\n  const stateStorage = createStorageValue<AuthState<TUser>>(`${storagePrefix}-state`)\n\n  const createAuthClientWithSession = (session: string) => {\n    return createAuthClient({\n      ...authClientOptions,\n      fetchOptions: {\n        credentials: 'include',\n        headers: session ? { Authorization: `Bearer ${session}` } : undefined,\n      },\n    })\n  }\n\n  let authClient = (() => {\n    const existingSession = keysStorage.get()?.session\n    return existingSession\n      ? createAuthClientWithSession(existingSession)\n      : createAuthClient({\n          ...authClientOptions,\n          fetchOptions: { credentials: 'include' },\n        } as Opts)\n  })()\n\n  const authState = createEmitter<AuthState<TUser>>(\n    'authState',\n    stateStorage.get() || empty,\n    { comparator: isEqualDeepLite }\n  )\n\n  const authClientVersion = createEmitter<number>('authClientVersion', 0)\n\n  const setState = (update: Partial<AuthState<TUser>>) => {\n    const current = authState.value!\n    const next = { ...current, ...update }\n    stateStorage.set(next)\n    authState.emit(next)\n\n    // update storage keys\n    if (next.token && next.session) {\n      keysStorage.set({\n        token: next.token,\n        session: next.session.token,\n      })\n    } else if (next.session) {\n      keysStorage.set({\n        token: '',\n        session: next.session.token,\n      })\n    } else {\n      keysStorage.set({ token: '', session: '' })\n    }\n\n    onAuthStateChange?.(next)\n  }\n\n  const setAuthClientToken = async (props: { token: string; session: string }) => {\n    keysStorage.set(props)\n    updateAuthClient(props.session)\n  }\n\n  function updateAuthClient(session: string) {\n    authClient = createAuthClientWithSession(session)\n    authClientVersion.emit(Math.random())\n    subscribeToAuthEffect()\n  }\n\n  let dispose: Function | null = null\n  let retryTimer: ReturnType<typeof setTimeout> | null = null\n\n  function subscribeToAuthEffect() {\n    dispose?.()\n\n    dispose = authClient.useSession.subscribe(async (props) => {\n      const { data: dataGeneric, isPending, error } = props\n\n      if (error) {\n        onAuthError?.(error)\n        scheduleAuthRetry(retryDelay)\n        return\n      }\n\n      const data = dataGeneric as\n        | undefined\n        | {\n            session?: AuthState<TUser>['session']\n            user?: AuthState<TUser>['user']\n          }\n\n      // if we have a persisted session but server hasn't confirmed yet, stay loading\n      const hasPersistedSession = !!keysStorage.get()?.session\n      const nextState = isPending\n        ? 'loading'\n        : data?.session\n          ? 'logged-in'\n          : hasPersistedSession && data === undefined\n            ? 'loading'\n            : 'logged-out'\n\n      // only update session/user when we have definitive data\n      const sessionUpdate =\n        nextState === 'loading'\n          ? {}\n          : {\n              session: data?.session ?? null,\n              user: data?.user ? (createUser ? createUser(data.user) : data.user) : null,\n            }\n\n      // detect new session\n      const previousSession = authState.value?.session\n      const isNewSession =\n        data?.session &&\n        (!previousSession ||\n          previousSession.id !== data.session.id ||\n          previousSession.userId !== data.session.userId)\n\n      setState({\n        state: nextState,\n        ...sessionUpdate,\n      })\n\n      // fetch JWT token when useJWT is enabled (for native/tauri apps)\n      if (useJWT && data?.session && (isNewSession || !authState.value.token)) {\n        if (isNewSession && authState.value.token) {\n          setState({ token: null })\n        }\n\n        getValidToken().then((token) => {\n          if (token) {\n            setState({ token })\n          }\n        })\n      }\n    })\n  }\n\n  function scheduleAuthRetry(delayMs: number) {\n    if (retryTimer) clearTimeout(retryTimer)\n    retryTimer = setTimeout(() => {\n      retryTimer = null\n      subscribeToAuthEffect()\n    }, delayMs)\n  }\n\n  async function getValidToken(): Promise<string | undefined> {\n    const res = await authClient.$fetch('/token')\n    if (res.error) {\n      console.error(`Error fetching token: ${res.error.statusText}`)\n      return undefined\n    }\n    return (res.data as any)?.token as string | undefined\n  }\n\n  const clearAuthClientToken = () => {\n    keysStorage.remove()\n  }\n\n  function clearAuthCookies() {\n    if (typeof document === 'undefined') return\n\n    for (const cookieName of authCookieNames) {\n      document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/`\n      const domain = window.location.hostname\n      document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=${domain}`\n      if (domain.startsWith('.')) {\n        document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=${domain.slice(1)}`\n      }\n    }\n  }\n\n  function clearAllAuth() {\n    clearAuthCookies()\n    clearState()\n  }\n\n  const getAuth = () => {\n    const state = authState?.value || empty\n    return { ...state, loggedIn: !!state.session }\n  }\n\n  const useAuth = () => {\n    return useEmitterValue(authState) || empty\n  }\n\n  function clearState() {\n    keysStorage.remove()\n    stateStorage.remove()\n    setState(empty)\n  }\n\n  subscribeToAuthEffect()\n\n  if (typeof window !== 'undefined' && window.addEventListener) {\n    const cleanup = () => {\n      dispose?.()\n      if (retryTimer) clearTimeout(retryTimer)\n    }\n    window.addEventListener('beforeunload', cleanup)\n  }\n\n  const proxiedAuthClient = new Proxy(authClient, {\n    get(_target, key) {\n      if (key === 'signOut') {\n        return () => {\n          clearState()\n          // @ts-expect-error better-auth type issue\n          authClient.signOut?.()\n          if (typeof window !== 'undefined') {\n            window.location?.reload?.()\n          }\n        }\n      }\n      return Reflect.get(authClient, key)\n    },\n  }) as ReturnType<typeof createAuthClient<Opts>>\n\n  return {\n    authClientVersion,\n    clearState,\n    authState,\n    authClient: proxiedAuthClient,\n    setAuthClientToken,\n    clearAuthClientToken,\n    clearAllAuth,\n    useAuth,\n    getAuth,\n    getValidToken,\n    updateAuthClient,\n  }\n}\n"
-  ],
-  "version": 3
+  ]
 }

package/types/index.d.ts.map CHANGED Viewed

@@ -4,8 +4,8 @@
   "sources": [
     "src/index.ts"
   ],
+  "version": 3,
   "sourcesContent": [
     "export * from './createAuthClient'\n"
-  ],
-  "version": 3
+  ]
 }

package/types/server.d.ts.map CHANGED Viewed

@@ -4,8 +4,8 @@
   "sources": [
     "src/server.ts"
   ],
+  "version": 3,
   "sourcesContent": [
     "/**\n * Server-side auth utilities for better-auth\n * - Session validation via cookies (web)\n * - JWT validation via JWKS (native apps)\n */\n\nimport { createRemoteJWKSet, jwtVerify, type JWTPayload } from 'jose'\n\nexport interface ValidateTokenOptions {\n  /** base URL for the auth server (e.g., https://myapp.com) */\n  baseUrl?: string\n  /** optional issuer override for CI/test environments */\n  forceIssuer?: string\n  /** JWKS endpoint path, defaults to /api/auth/jwks */\n  jwksPath?: string\n}\n\nexport interface AuthData {\n  id: string\n  email?: string\n  role: 'admin' | undefined\n}\n\nexport class NotAuthenticatedError extends Error {}\nexport class InvalidTokenError extends Error {}\n\nexport type AuthServer = {\n  api: {\n    getSession: (opts: { headers: Headers }) =>\n      | Promise<{\n          user: { id: string; email?: string | null; role?: string | null }\n        } | null>\n      | Promise<any>\n  }\n}\n\n/**\n * Get auth data from request - tries session cookies first, then JWT header\n * Session: web apps with cookies forwarded by zero\n * JWT: native apps (Tauri, React Native) using Authorization header\n */\nexport async function getAuthDataFromRequest(\n  authServer: AuthServer,\n  req: Request,\n  tokenOptions?: ValidateTokenOptions\n): Promise<AuthData | null> {\n  // from react native, better auth doesnt send cookie but insteead only the Authorization\n  // but better auth wants to find the cookie here, so re-route it:\n\n  const authHeader = req.headers.get('authorization')\n  const cookie = authHeader?.split('Bearer ')[1]\n\n  const newHeaders = new Headers(req.headers)\n  if (cookie) {\n    newHeaders.set('Cookie', cookie)\n  }\n\n  // try session-based auth first (web - cookies forwarded by zero)\n  try {\n    const session = await authServer.api.getSession({ headers: newHeaders })\n    if (session?.user) {\n      return {\n        id: session.user.id,\n        email: session.user.email || undefined,\n        role: session.user.role === 'admin' ? 'admin' : undefined,\n      }\n    }\n  } catch {\n    // session auth failed, try JWT\n  }\n\n  // try authorization header (token-based auth for native/tauri)\n\n  const jwtToken = authHeader?.replace('Bearer ', '')\n\n  if (jwtToken) {\n    try {\n      const payload = await validateToken(jwtToken, tokenOptions)\n      const userId = (payload as any)?.id || payload?.sub\n      if (userId) {\n        return {\n          id: userId as string,\n          email: (payload as any).email as string | undefined,\n          role: (payload as any).role === 'admin' ? 'admin' : undefined,\n        }\n      }\n    } catch (err) {\n      if (!(err instanceof InvalidTokenError)) {\n        throw err\n      }\n    }\n  }\n\n  return null\n}\n\n// jwt validation for native apps\n\nexport async function validateToken(\n  token: string,\n  options?: ValidateTokenOptions\n): Promise<JWTPayload> {\n  const {\n    baseUrl = process.env.ONE_SERVER_URL,\n    forceIssuer = process.env.FORCE_ISSUER || '',\n    jwksPath = '/api/auth/jwks',\n  } = options || {}\n\n  if (!baseUrl) {\n    throw new Error(`No baseURL!`)\n  }\n\n  const normalizedBaseUrl = removeTrailingSlash(baseUrl)\n  const url = `${forceIssuer || normalizedBaseUrl}${jwksPath}`\n\n  // create fresh JWKS fetcher each time to avoid stale key cache issues\n  const JWKS = createRemoteJWKSet(new URL(url))\n\n  try {\n    const verifyOptions = forceIssuer\n      ? {}\n      : {\n          issuer: normalizedBaseUrl,\n          audience: normalizedBaseUrl,\n        }\n\n    const { payload } = await jwtVerify(token, JWKS, verifyOptions)\n\n    return payload\n  } catch (error) {\n    throw new InvalidTokenError(`${error}`)\n  }\n}\n\nexport async function isValidJWT(\n  token: string,\n  options: ValidateTokenOptions\n): Promise<boolean> {\n  try {\n    await validateToken(token, options)\n    return true\n  } catch {\n    return false\n  }\n}\n\nfunction removeTrailingSlash(str: string) {\n  return str.replace(/\\/$/, '')\n}\n"
-  ],
-  "version": 3
+  ]
 }