@velajs/better-auth 0.2.2 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +5 -0
- package/README.md +7 -5
- package/dist/better-auth.controller.d.ts +21 -7
- package/dist/better-auth.controller.js +50 -30
- package/dist/better-auth.module.d.ts +21 -27
- package/dist/better-auth.module.js +117 -123
- package/dist/index.d.ts +1 -1
- package/dist/index.js +1 -1
- package/package.json +10 -10
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 0.4.0 (2026-07-04)
|
|
4
|
+
|
|
5
|
+
- Rebuilt on vela 1.11 `defineModule` + `lazyProvider` + `provideGlobal` (lazy auth-builder deferral preserved; public API unchanged). Requires `@velajs/vela >=1.11.0`.
|
|
6
|
+
|
|
7
|
+
|
|
3
8
|
All notable changes to `@velajs/better-auth` are documented here. The format
|
|
4
9
|
follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
|
|
5
10
|
|
package/README.md
CHANGED
|
@@ -145,15 +145,15 @@ class AppModule {}
|
|
|
145
145
|
|
|
146
146
|
## Calling better-auth from services & controllers
|
|
147
147
|
|
|
148
|
-
Inject the auth instance
|
|
148
|
+
Inject `BetterAuthService` — a normal `@Injectable()` exposing the underlying better-auth instance plus convenience getters for `.api` and `.handler`. The full `auth.api.*` surface is available: list sessions, revoke, impersonate, anything better-auth exposes server-side.
|
|
149
149
|
|
|
150
150
|
```ts
|
|
151
151
|
import { Inject, Injectable } from '@velajs/vela';
|
|
152
|
-
import {
|
|
152
|
+
import { BetterAuthService } from '@velajs/better-auth';
|
|
153
153
|
|
|
154
154
|
@Injectable()
|
|
155
155
|
class AdminUserService {
|
|
156
|
-
constructor(@Inject(
|
|
156
|
+
constructor(@Inject(BetterAuthService) private readonly auth: BetterAuthService) {}
|
|
157
157
|
|
|
158
158
|
listSessions(userId: string) {
|
|
159
159
|
return this.auth.api.listUserSessions({ userId });
|
|
@@ -164,6 +164,8 @@ class AdminUserService {
|
|
|
164
164
|
}
|
|
165
165
|
```
|
|
166
166
|
|
|
167
|
+
Under `forRootAsync`, the underlying `betterAuth({...})` instance is constructed **lazily on first `.auth` / `.api` / `.handler` access**. That's what makes Cloudflare bindings (D1, KV, R2) work: the user factory only runs after request-time middleware has populated env. No proxies, no lifecycle hooks — just a service with a cached field.
|
|
168
|
+
|
|
167
169
|
## Decorators
|
|
168
170
|
|
|
169
171
|
| Decorator | Purpose |
|
|
@@ -210,13 +212,13 @@ Set `mountHandler: false` and mount the catch-all yourself if you need a base pa
|
|
|
210
212
|
|
|
211
213
|
```ts
|
|
212
214
|
import { Controller, All, Req, Inject, Injectable } from '@velajs/vela';
|
|
213
|
-
import {
|
|
215
|
+
import { BetterAuthService, Public } from '@velajs/better-auth';
|
|
214
216
|
|
|
215
217
|
@Public(true)
|
|
216
218
|
@Controller('/auth')
|
|
217
219
|
@Injectable()
|
|
218
220
|
class CustomCatchallController {
|
|
219
|
-
constructor(@Inject(
|
|
221
|
+
constructor(@Inject(BetterAuthService) private auth: BetterAuthService) {}
|
|
220
222
|
@All('/*') handle(@Req() c: Context) { return this.auth.handler(c.req.raw); }
|
|
221
223
|
}
|
|
222
224
|
```
|
|
@@ -1,7 +1,21 @@
|
|
|
1
|
-
import type
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
1
|
+
import { type Type } from '@velajs/vela';
|
|
2
|
+
/**
|
|
3
|
+
* Build a catch-all controller that mounts better-auth's handler at `basePath`
|
|
4
|
+
* (default `/api/auth`). This is a factory because vela reads a controller's
|
|
5
|
+
* route off the class at decoration time, so a custom base path needs its own
|
|
6
|
+
* decorated class — the path can't be parametrized on a single shared class.
|
|
7
|
+
*
|
|
8
|
+
* Two base paths to keep consistent:
|
|
9
|
+
* - this `basePath` is RELATIVE to vela's `globalPrefix` (always prepended);
|
|
10
|
+
* - better-auth routes against its OWN absolute `basePath` (the one you pass to
|
|
11
|
+
* `betterAuth({ basePath })`), which must equal `globalPrefix + basePath`.
|
|
12
|
+
*
|
|
13
|
+
* Both default to `/api/auth`, so the no-prefix / no-config case just works.
|
|
14
|
+
*/
|
|
15
|
+
export declare function createBetterAuthCatchallController(basePath?: string): Type;
|
|
16
|
+
/**
|
|
17
|
+
* Default-path (`/api/auth`) catch-all controller. Retained for back-compat;
|
|
18
|
+
* `BetterAuthModule` now mounts {@link createBetterAuthCatchallController} with
|
|
19
|
+
* the configured `basePath`. Prefer the factory for a custom base path.
|
|
20
|
+
*/
|
|
21
|
+
export declare const BetterAuthCatchallController: Type;
|
|
@@ -15,34 +15,54 @@ function _ts_param(paramIndex, decorator) {
|
|
|
15
15
|
import { All, Controller, Inject, Injectable, Req } from "@velajs/vela";
|
|
16
16
|
import { BetterAuthService } from "./better-auth.service.js";
|
|
17
17
|
import { Public } from "./decorators/public.decorator.js";
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
18
|
+
/**
|
|
19
|
+
* Build a catch-all controller that mounts better-auth's handler at `basePath`
|
|
20
|
+
* (default `/api/auth`). This is a factory because vela reads a controller's
|
|
21
|
+
* route off the class at decoration time, so a custom base path needs its own
|
|
22
|
+
* decorated class — the path can't be parametrized on a single shared class.
|
|
23
|
+
*
|
|
24
|
+
* Two base paths to keep consistent:
|
|
25
|
+
* - this `basePath` is RELATIVE to vela's `globalPrefix` (always prepended);
|
|
26
|
+
* - better-auth routes against its OWN absolute `basePath` (the one you pass to
|
|
27
|
+
* `betterAuth({ basePath })`), which must equal `globalPrefix + basePath`.
|
|
28
|
+
*
|
|
29
|
+
* Both default to `/api/auth`, so the no-prefix / no-config case just works.
|
|
30
|
+
*/ export function createBetterAuthCatchallController(basePath = '/api/auth') {
|
|
31
|
+
let BetterAuthCatchallController = class BetterAuthCatchallController {
|
|
32
|
+
auth;
|
|
33
|
+
// Inject the service — its `.handler` getter triggers lazy construction
|
|
34
|
+
// of the underlying betterAuth() instance on first access, AFTER any
|
|
35
|
+
// runtime adapter middleware (Cloudflare env capture) has run.
|
|
36
|
+
constructor(auth){
|
|
37
|
+
this.auth = auth;
|
|
38
|
+
}
|
|
39
|
+
async handle(c) {
|
|
40
|
+
return this.auth.handler(c.req.raw);
|
|
41
|
+
}
|
|
42
|
+
};
|
|
43
|
+
_ts_decorate([
|
|
44
|
+
All('/*'),
|
|
45
|
+
_ts_param(0, Req()),
|
|
46
|
+
_ts_metadata("design:type", Function),
|
|
47
|
+
_ts_metadata("design:paramtypes", [
|
|
48
|
+
typeof Context === "undefined" ? Object : Context
|
|
49
|
+
]),
|
|
50
|
+
_ts_metadata("design:returntype", Promise)
|
|
51
|
+
], BetterAuthCatchallController.prototype, "handle", null);
|
|
52
|
+
BetterAuthCatchallController = _ts_decorate([
|
|
53
|
+
Public(true),
|
|
54
|
+
Controller(basePath),
|
|
55
|
+
Injectable(),
|
|
56
|
+
_ts_param(0, Inject(BetterAuthService)),
|
|
57
|
+
_ts_metadata("design:type", Function),
|
|
58
|
+
_ts_metadata("design:paramtypes", [
|
|
59
|
+
typeof BetterAuthService === "undefined" ? Object : BetterAuthService
|
|
60
|
+
])
|
|
61
|
+
], BetterAuthCatchallController);
|
|
62
|
+
return BetterAuthCatchallController;
|
|
29
63
|
}
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
typeof Context === "undefined" ? Object : Context
|
|
36
|
-
]),
|
|
37
|
-
_ts_metadata("design:returntype", Promise)
|
|
38
|
-
], BetterAuthCatchallController.prototype, "handle", null);
|
|
39
|
-
BetterAuthCatchallController = _ts_decorate([
|
|
40
|
-
Public(true),
|
|
41
|
-
Controller('/api/auth'),
|
|
42
|
-
Injectable(),
|
|
43
|
-
_ts_param(0, Inject(BetterAuthService)),
|
|
44
|
-
_ts_metadata("design:type", Function),
|
|
45
|
-
_ts_metadata("design:paramtypes", [
|
|
46
|
-
typeof BetterAuthService === "undefined" ? Object : BetterAuthService
|
|
47
|
-
])
|
|
48
|
-
], BetterAuthCatchallController);
|
|
64
|
+
/**
|
|
65
|
+
* Default-path (`/api/auth`) catch-all controller. Retained for back-compat;
|
|
66
|
+
* `BetterAuthModule` now mounts {@link createBetterAuthCatchallController} with
|
|
67
|
+
* the configured `basePath`. Prefer the factory for a custom base path.
|
|
68
|
+
*/ export const BetterAuthCatchallController = createBetterAuthCatchallController();
|
|
@@ -3,22 +3,17 @@ import type { BetterAuthInstance, BetterAuthModuleOptions } from './better-auth.
|
|
|
3
3
|
/**
|
|
4
4
|
* Options for {@link BetterAuthModule.forRootAsync}.
|
|
5
5
|
*
|
|
6
|
-
* The `Inject` type parameter captures the literal `inject` tuple at the
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
* No `as const`, no `(...deps: any[])` workaround:
|
|
6
|
+
* The `Inject` type parameter captures the literal `inject` tuple at the call
|
|
7
|
+
* site (via `const` inference) so `useFactory` parameters are typed from the
|
|
8
|
+
* inject array, position-by-position — no `as const`, no `(...deps: any[])`:
|
|
10
9
|
*
|
|
11
10
|
* ```ts
|
|
12
11
|
* BetterAuthModule.forRootAsync({
|
|
13
12
|
* inject: [D1Service, ConfigService], // captured as readonly tuple
|
|
14
|
-
* useFactory: (d1, config) =>
|
|
13
|
+
* useFactory: (d1, config) => // d1: D1Service, config: ConfigService
|
|
15
14
|
* betterAuth({ database: drizzleAdapter(drizzle(d1.database), ...) }),
|
|
16
15
|
* });
|
|
17
16
|
* ```
|
|
18
|
-
*
|
|
19
|
-
* When `inject` isn't a literal tuple (or is omitted), `Inject` falls back
|
|
20
|
-
* to `readonly Token<unknown>[]` and `useFactory` accepts variadic
|
|
21
|
-
* `unknown[]` — the historical loose-typing behavior.
|
|
22
17
|
*/
|
|
23
18
|
interface ForRootAsyncOptions<Inject extends readonly Token<unknown>[] = readonly Token<unknown>[]> {
|
|
24
19
|
inject?: Inject;
|
|
@@ -32,26 +27,25 @@ interface ForRootAsyncOptions<Inject extends readonly Token<unknown>[] = readonl
|
|
|
32
27
|
}
|
|
33
28
|
export declare class BetterAuthModule {
|
|
34
29
|
/**
|
|
35
|
-
* Synchronous registration. The auth instance is constructed by the
|
|
36
|
-
*
|
|
37
|
-
*
|
|
38
|
-
*
|
|
30
|
+
* Synchronous registration. The auth instance is constructed by the consumer
|
|
31
|
+
* at module-load time and passed in directly. Use this when the inputs to
|
|
32
|
+
* `betterAuth({...})` are available at startup (Node apps with a static DB
|
|
33
|
+
* connection, in-memory adapters, etc.).
|
|
39
34
|
*/
|
|
40
|
-
static forRoot(options: BetterAuthModuleOptions
|
|
35
|
+
static forRoot(options: BetterAuthModuleOptions & {
|
|
36
|
+
isGlobal?: boolean;
|
|
37
|
+
key?: string;
|
|
38
|
+
}): DynamicModule;
|
|
41
39
|
/**
|
|
42
|
-
* Deferred / DI-driven registration. The user factory runs **lazily**, on
|
|
43
|
-
*
|
|
44
|
-
*
|
|
45
|
-
*
|
|
46
|
-
*
|
|
47
|
-
*
|
|
48
|
-
*
|
|
49
|
-
*
|
|
50
|
-
*
|
|
51
|
-
* Inject deps are resolved at module load (cheap; e.g. D1Service is a
|
|
52
|
-
* thin BindingRef wrapper). Their *values* are read at first auth use,
|
|
53
|
-
* inside your factory body — `(d1: D1Service) => betterAuth({ database:
|
|
54
|
-
* drizzleAdapter(drizzle(d1.database), ...) })`.
|
|
40
|
+
* Deferred / DI-driven registration. The user factory runs **lazily**, on the
|
|
41
|
+
* first time anything reads `BetterAuthService.auth` (or `.api` / `.handler`).
|
|
42
|
+
* In normal request handling that's `AuthGuard.canActivate` or the catch-all
|
|
43
|
+
* controller's `.handle`. At module load the factory does NOT run — it's only
|
|
44
|
+
* captured behind {@link lazyProvider}'s memoized thunk. This is what makes
|
|
45
|
+
* Cloudflare bindings (D1, KV, R2) work: the binding isn't ready at boot, but
|
|
46
|
+
* it IS by the time a request flows through and the guard / catch-all reads
|
|
47
|
+
* the service. Inject deps resolve at module load (cheap BindingRef wrappers);
|
|
48
|
+
* their *values* are read at first auth use, inside your factory body.
|
|
55
49
|
*/
|
|
56
50
|
static forRootAsync<const Inject extends readonly Token<unknown>[] = readonly Token<unknown>[]>(options: ForRootAsyncOptions<Inject>): DynamicModule;
|
|
57
51
|
}
|
|
@@ -1,144 +1,138 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import {
|
|
1
|
+
import { defineModule, lazyProvider, provideGlobal, stableHash } from "@velajs/vela";
|
|
2
|
+
import { createBetterAuthCatchallController } from "./better-auth.controller.js";
|
|
3
3
|
import { BetterAuthService, BETTER_AUTH_BUILDER } from "./better-auth.service.js";
|
|
4
4
|
import { BETTER_AUTH_OPTIONS } from "./better-auth.tokens.js";
|
|
5
5
|
import { AuthGuard } from "./guards/auth.guard.js";
|
|
6
6
|
import { RolesGuard } from "./guards/roles.guard.js";
|
|
7
7
|
const DEFAULT_BASE_PATH = '/api/auth';
|
|
8
|
+
function normalize(options) {
|
|
9
|
+
return {
|
|
10
|
+
basePath: options.basePath ?? DEFAULT_BASE_PATH,
|
|
11
|
+
isGlobal: options.isGlobal ?? false,
|
|
12
|
+
defaultPolicy: options.defaultPolicy ?? 'deny',
|
|
13
|
+
mountHandler: options.mountHandler ?? true
|
|
14
|
+
};
|
|
15
|
+
}
|
|
16
|
+
/** Providers, controllers, and exports shared by both entry points. */ function commonContributions(n) {
|
|
17
|
+
return {
|
|
18
|
+
providers: [
|
|
19
|
+
BetterAuthService,
|
|
20
|
+
AuthGuard,
|
|
21
|
+
RolesGuard
|
|
22
|
+
],
|
|
23
|
+
controllers: n.mountHandler ? [
|
|
24
|
+
createBetterAuthCatchallController(n.basePath)
|
|
25
|
+
] : [],
|
|
26
|
+
exports: [
|
|
27
|
+
BetterAuthService,
|
|
28
|
+
BETTER_AUTH_OPTIONS,
|
|
29
|
+
AuthGuard,
|
|
30
|
+
RolesGuard
|
|
31
|
+
]
|
|
32
|
+
};
|
|
33
|
+
}
|
|
34
|
+
/**
|
|
35
|
+
* The blessed engine generates `forRoot`. `setup` runs once per instance at
|
|
36
|
+
* call time: it re-provides {@link BETTER_AUTH_OPTIONS} with defaults applied,
|
|
37
|
+
* derives the auth builder from those options, mounts the catch-all controller,
|
|
38
|
+
* and — via the `global:` slot — registers the app-wide guard when `isGlobal`.
|
|
39
|
+
*
|
|
40
|
+
* `isGlobal` here means "apply AuthGuard app-wide", NOT "make this a global
|
|
41
|
+
* module", so the default `isGlobal → global: true` extras transform is
|
|
42
|
+
* replaced with identity; the flag reaches `setup` through the options bag.
|
|
43
|
+
*/ const authModuleHost = defineModule({
|
|
44
|
+
name: 'BetterAuth',
|
|
45
|
+
optionsToken: BETTER_AUTH_OPTIONS,
|
|
46
|
+
transform: (definition)=>definition,
|
|
47
|
+
// The auth instance is a stateful value — key off the structural subset only.
|
|
48
|
+
key: (options)=>stableHash(normalize(options)),
|
|
49
|
+
setup: ({ OPTIONS, options })=>{
|
|
50
|
+
const n = normalize(options);
|
|
51
|
+
const common = commonContributions(n);
|
|
52
|
+
const auth = options.auth;
|
|
53
|
+
return {
|
|
54
|
+
providers: [
|
|
55
|
+
// Override the auto-provided raw bag with the normalized shape so
|
|
56
|
+
// BETTER_AUTH_OPTIONS consumers always see defaults + the auth instance.
|
|
57
|
+
{
|
|
58
|
+
provide: OPTIONS,
|
|
59
|
+
useValue: {
|
|
60
|
+
...n,
|
|
61
|
+
auth
|
|
62
|
+
}
|
|
63
|
+
},
|
|
64
|
+
// Eager auth: the builder hands back the instance the caller passed in.
|
|
65
|
+
lazyProvider({
|
|
66
|
+
provide: BETTER_AUTH_BUILDER,
|
|
67
|
+
inject: [
|
|
68
|
+
OPTIONS
|
|
69
|
+
],
|
|
70
|
+
useFactory: (o)=>o.auth
|
|
71
|
+
}),
|
|
72
|
+
...common.providers
|
|
73
|
+
],
|
|
74
|
+
controllers: common.controllers,
|
|
75
|
+
exports: common.exports,
|
|
76
|
+
global: n.isGlobal ? {
|
|
77
|
+
guards: [
|
|
78
|
+
AuthGuard
|
|
79
|
+
]
|
|
80
|
+
} : undefined
|
|
81
|
+
};
|
|
82
|
+
}
|
|
83
|
+
});
|
|
8
84
|
export class BetterAuthModule {
|
|
9
85
|
/**
|
|
10
|
-
* Synchronous registration. The auth instance is constructed by the
|
|
11
|
-
*
|
|
12
|
-
*
|
|
13
|
-
*
|
|
86
|
+
* Synchronous registration. The auth instance is constructed by the consumer
|
|
87
|
+
* at module-load time and passed in directly. Use this when the inputs to
|
|
88
|
+
* `betterAuth({...})` are available at startup (Node apps with a static DB
|
|
89
|
+
* connection, in-memory adapters, etc.).
|
|
14
90
|
*/ static forRoot(options) {
|
|
15
|
-
|
|
16
|
-
|
|
91
|
+
// Delegate to the generated static, then rebrand the module identity so the
|
|
92
|
+
// public `BetterAuthModule` class is the one registered (consistent with
|
|
93
|
+
// `forRootAsync` and better diagnostics).
|
|
17
94
|
return {
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
basePath: normalized.basePath,
|
|
21
|
-
defaultPolicy: normalized.defaultPolicy,
|
|
22
|
-
isGlobal: !!options.isGlobal,
|
|
23
|
-
mountHandler: !!normalized.mountHandler
|
|
24
|
-
}),
|
|
25
|
-
providers,
|
|
26
|
-
controllers: normalized.mountHandler ? [
|
|
27
|
-
BetterAuthCatchallController
|
|
28
|
-
] : [],
|
|
29
|
-
exports: [
|
|
30
|
-
BetterAuthService,
|
|
31
|
-
BETTER_AUTH_OPTIONS,
|
|
32
|
-
AuthGuard,
|
|
33
|
-
RolesGuard
|
|
34
|
-
]
|
|
95
|
+
...authModuleHost.ConfigurableModuleClass.forRoot(options),
|
|
96
|
+
module: BetterAuthModule
|
|
35
97
|
};
|
|
36
98
|
}
|
|
37
99
|
/**
|
|
38
|
-
* Deferred / DI-driven registration. The user factory runs **lazily**, on
|
|
39
|
-
*
|
|
40
|
-
*
|
|
41
|
-
*
|
|
42
|
-
*
|
|
43
|
-
*
|
|
44
|
-
*
|
|
45
|
-
*
|
|
46
|
-
*
|
|
47
|
-
* Inject deps are resolved at module load (cheap; e.g. D1Service is a
|
|
48
|
-
* thin BindingRef wrapper). Their *values* are read at first auth use,
|
|
49
|
-
* inside your factory body — `(d1: D1Service) => betterAuth({ database:
|
|
50
|
-
* drizzleAdapter(drizzle(d1.database), ...) })`.
|
|
100
|
+
* Deferred / DI-driven registration. The user factory runs **lazily**, on the
|
|
101
|
+
* first time anything reads `BetterAuthService.auth` (or `.api` / `.handler`).
|
|
102
|
+
* In normal request handling that's `AuthGuard.canActivate` or the catch-all
|
|
103
|
+
* controller's `.handle`. At module load the factory does NOT run — it's only
|
|
104
|
+
* captured behind {@link lazyProvider}'s memoized thunk. This is what makes
|
|
105
|
+
* Cloudflare bindings (D1, KV, R2) work: the binding isn't ready at boot, but
|
|
106
|
+
* it IS by the time a request flows through and the guard / catch-all reads
|
|
107
|
+
* the service. Inject deps resolve at module load (cheap BindingRef wrappers);
|
|
108
|
+
* their *values* are read at first auth use, inside your factory body.
|
|
51
109
|
*/ static forRootAsync(options) {
|
|
52
|
-
const
|
|
53
|
-
const
|
|
54
|
-
const basePath = options.basePath ?? DEFAULT_BASE_PATH;
|
|
55
|
-
const defaultPolicy = options.defaultPolicy ?? 'deny';
|
|
56
|
-
const providers = [
|
|
57
|
-
{
|
|
58
|
-
provide: BETTER_AUTH_OPTIONS,
|
|
59
|
-
useValue: {
|
|
60
|
-
basePath,
|
|
61
|
-
defaultPolicy,
|
|
62
|
-
isGlobal,
|
|
63
|
-
mountHandler
|
|
64
|
-
}
|
|
65
|
-
},
|
|
66
|
-
{
|
|
67
|
-
// The builder is a zero-arg closure capturing the DI'd deps. It is
|
|
68
|
-
// invoked lazily by BetterAuthService.auth on first access; vela
|
|
69
|
-
// can resolve this provider at module load without running the user
|
|
70
|
-
// factory — the factory body lives behind the closure.
|
|
71
|
-
//
|
|
72
|
-
// The inner factory is typed `unknown[]` (vela's runtime contract:
|
|
73
|
-
// deps are resolved by token order). The outer user-facing
|
|
74
|
-
// `options.useFactory` is statically typed via `InferTokens<Inject>`.
|
|
75
|
-
// We narrow at the boundary with a single cast — runtime order
|
|
76
|
-
// matches the declared `inject` order by construction.
|
|
77
|
-
provide: BETTER_AUTH_BUILDER,
|
|
78
|
-
useFactory: (...deps)=>()=>options.useFactory(...deps),
|
|
79
|
-
inject: options.inject ?? []
|
|
80
|
-
},
|
|
81
|
-
BetterAuthService,
|
|
82
|
-
AuthGuard,
|
|
83
|
-
RolesGuard
|
|
84
|
-
];
|
|
85
|
-
if (isGlobal) {
|
|
86
|
-
providers.push({
|
|
87
|
-
provide: APP_GUARD,
|
|
88
|
-
useExisting: AuthGuard
|
|
89
|
-
});
|
|
90
|
-
}
|
|
110
|
+
const n = normalize(options);
|
|
111
|
+
const common = commonContributions(n);
|
|
91
112
|
return {
|
|
92
113
|
module: BetterAuthModule,
|
|
93
114
|
key: options.key ?? stableHash({
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
mountHandler,
|
|
97
|
-
basePath,
|
|
98
|
-
defaultPolicy
|
|
115
|
+
...n,
|
|
116
|
+
inject: options.inject
|
|
99
117
|
}),
|
|
100
118
|
imports: options.imports ?? [],
|
|
101
|
-
providers
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
119
|
+
providers: [
|
|
120
|
+
{
|
|
121
|
+
provide: BETTER_AUTH_OPTIONS,
|
|
122
|
+
useValue: n
|
|
123
|
+
},
|
|
124
|
+
// The deferred auth builder: `lazyProvider` wraps the user factory in a
|
|
125
|
+
// memoized thunk, replacing the hand-rolled `(...deps) => () => f(...deps)`.
|
|
126
|
+
lazyProvider({
|
|
127
|
+
provide: BETTER_AUTH_BUILDER,
|
|
128
|
+
inject: options.inject,
|
|
129
|
+
useFactory: options.useFactory
|
|
130
|
+
}),
|
|
131
|
+
...common.providers,
|
|
132
|
+
...n.isGlobal ? provideGlobal('guard', AuthGuard) : []
|
|
133
|
+
],
|
|
134
|
+
controllers: common.controllers,
|
|
135
|
+
exports: common.exports
|
|
111
136
|
};
|
|
112
137
|
}
|
|
113
138
|
}
|
|
114
|
-
function normalize(options) {
|
|
115
|
-
return {
|
|
116
|
-
auth: options.auth,
|
|
117
|
-
basePath: options.basePath ?? DEFAULT_BASE_PATH,
|
|
118
|
-
isGlobal: options.isGlobal ?? false,
|
|
119
|
-
defaultPolicy: options.defaultPolicy ?? 'deny',
|
|
120
|
-
mountHandler: options.mountHandler ?? true
|
|
121
|
-
};
|
|
122
|
-
}
|
|
123
|
-
function buildProviders(normalized, builder) {
|
|
124
|
-
const providers = [
|
|
125
|
-
{
|
|
126
|
-
provide: BETTER_AUTH_OPTIONS,
|
|
127
|
-
useValue: normalized
|
|
128
|
-
},
|
|
129
|
-
{
|
|
130
|
-
provide: BETTER_AUTH_BUILDER,
|
|
131
|
-
useValue: builder
|
|
132
|
-
},
|
|
133
|
-
BetterAuthService,
|
|
134
|
-
AuthGuard,
|
|
135
|
-
RolesGuard
|
|
136
|
-
];
|
|
137
|
-
if (normalized.isGlobal) {
|
|
138
|
-
providers.push({
|
|
139
|
-
provide: APP_GUARD,
|
|
140
|
-
useExisting: AuthGuard
|
|
141
|
-
});
|
|
142
|
-
}
|
|
143
|
-
return providers;
|
|
144
|
-
}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
export { BetterAuthModule } from './better-auth.module';
|
|
2
2
|
export { BetterAuthService } from './better-auth.service';
|
|
3
|
-
export { BetterAuthCatchallController } from './better-auth.controller';
|
|
3
|
+
export { BetterAuthCatchallController, createBetterAuthCatchallController, } from './better-auth.controller';
|
|
4
4
|
export { BETTER_AUTH_OPTIONS, AUTH_USER_KEY, AUTH_SESSION_KEY, } from './better-auth.tokens';
|
|
5
5
|
export { AuthGuard } from './guards/auth.guard';
|
|
6
6
|
export { RolesGuard } from './guards/roles.guard';
|
package/dist/index.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
// Module
|
|
2
2
|
export { BetterAuthModule } from "./better-auth.module.js";
|
|
3
3
|
export { BetterAuthService } from "./better-auth.service.js";
|
|
4
|
-
export { BetterAuthCatchallController } from "./better-auth.controller.js";
|
|
4
|
+
export { BetterAuthCatchallController, createBetterAuthCatchallController } from "./better-auth.controller.js";
|
|
5
5
|
// Tokens & symbols
|
|
6
6
|
export { BETTER_AUTH_OPTIONS, AUTH_USER_KEY, AUTH_SESSION_KEY } from "./better-auth.tokens.js";
|
|
7
7
|
// Guards
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@velajs/better-auth",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.5.0",
|
|
4
4
|
"description": "better-auth integration for the Vela framework",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -42,20 +42,20 @@
|
|
|
42
42
|
"node": ">=20"
|
|
43
43
|
},
|
|
44
44
|
"peerDependencies": {
|
|
45
|
-
"@velajs/vela": ">=1.
|
|
45
|
+
"@velajs/vela": ">=1.11.0",
|
|
46
46
|
"better-auth": ">=1.2.0",
|
|
47
47
|
"hono": ">=4"
|
|
48
48
|
},
|
|
49
49
|
"devDependencies": {
|
|
50
|
-
"@swc/cli": "^0.8.
|
|
51
|
-
"@swc/core": "^1.15.
|
|
52
|
-
"@velajs/testing": "^0.
|
|
53
|
-
"@velajs/vela": "^1.
|
|
54
|
-
"better-auth": "^1.
|
|
55
|
-
"hono": "^4",
|
|
56
|
-
"typescript": "^
|
|
50
|
+
"@swc/cli": "^0.8.1",
|
|
51
|
+
"@swc/core": "^1.15.41",
|
|
52
|
+
"@velajs/testing": "^0.4.0",
|
|
53
|
+
"@velajs/vela": "^1.12.0",
|
|
54
|
+
"better-auth": "^1.6.20",
|
|
55
|
+
"hono": "^4.12.26",
|
|
56
|
+
"typescript": "^6.0.3",
|
|
57
57
|
"unplugin-swc": "^1.5.9",
|
|
58
|
-
"vitest": "^4.
|
|
58
|
+
"vitest": "^4.1.9"
|
|
59
59
|
},
|
|
60
60
|
"scripts": {
|
|
61
61
|
"build": "rm -rf dist && swc src -d dist --strip-leading-paths && tsc --emitDeclarationOnly",
|