@velajs/better-auth 0.5.0 → 0.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -1
- package/dist/better-auth.service-BMkyFX-w.js +63 -0
- package/dist/better-auth.service-BMkyFX-w.js.map +1 -0
- package/dist/index.d.ts +270 -12
- package/dist/index.js +364 -15
- package/dist/index.js.map +1 -0
- package/dist/testing/index.d.ts +50 -0
- package/dist/testing/index.js +60 -0
- package/dist/testing/index.js.map +1 -0
- package/package.json +60 -39
- package/dist/better-auth.controller.d.ts +0 -21
- package/dist/better-auth.controller.js +0 -68
- package/dist/better-auth.module.d.ts +0 -52
- package/dist/better-auth.module.js +0 -138
- package/dist/better-auth.service.d.ts +0 -42
- package/dist/better-auth.service.js +0 -51
- package/dist/better-auth.tokens.d.ts +0 -5
- package/dist/better-auth.tokens.js +0 -4
- package/dist/better-auth.types.d.ts +0 -11
- package/dist/better-auth.types.js +0 -1
- package/dist/decorators/current-session.decorator.d.ts +0 -1
- package/dist/decorators/current-session.decorator.js +0 -7
- package/dist/decorators/current-user.decorator.d.ts +0 -1
- package/dist/decorators/current-user.decorator.js +0 -7
- package/dist/decorators/optional-auth.decorator.d.ts +0 -2
- package/dist/decorators/optional-auth.decorator.js +0 -5
- package/dist/decorators/public.decorator.d.ts +0 -2
- package/dist/decorators/public.decorator.js +0 -5
- package/dist/decorators/roles.decorator.d.ts +0 -2
- package/dist/decorators/roles.decorator.js +0 -5
- package/dist/guards/auth.guard.d.ts +0 -10
- package/dist/guards/auth.guard.js +0 -68
- package/dist/guards/roles.guard.d.ts +0 -5
- package/dist/guards/roles.guard.js +0 -36
package/package.json
CHANGED
|
@@ -1,65 +1,86 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@velajs/better-auth",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.6.1",
|
|
4
4
|
"description": "better-auth integration for the Vela framework",
|
|
5
|
-
"type": "module",
|
|
6
|
-
"main": "./dist/index.js",
|
|
7
|
-
"types": "./dist/index.d.ts",
|
|
8
|
-
"exports": {
|
|
9
|
-
".": {
|
|
10
|
-
"types": "./dist/index.d.ts",
|
|
11
|
-
"import": "./dist/index.js"
|
|
12
|
-
}
|
|
13
|
-
},
|
|
14
|
-
"files": [
|
|
15
|
-
"dist",
|
|
16
|
-
"README.md",
|
|
17
|
-
"LICENSE",
|
|
18
|
-
"CHANGELOG.md"
|
|
19
|
-
],
|
|
20
|
-
"sideEffects": false,
|
|
21
5
|
"keywords": [
|
|
22
|
-
"vela",
|
|
23
|
-
"better-auth",
|
|
24
6
|
"auth",
|
|
25
7
|
"authentication",
|
|
26
|
-
"
|
|
27
|
-
"oauth",
|
|
8
|
+
"better-auth",
|
|
28
9
|
"edge",
|
|
29
|
-
"framework"
|
|
10
|
+
"framework",
|
|
11
|
+
"oauth",
|
|
12
|
+
"session",
|
|
13
|
+
"vela"
|
|
30
14
|
],
|
|
31
|
-
"
|
|
15
|
+
"homepage": "https://github.com/velajs/better-auth#readme",
|
|
16
|
+
"bugs": {
|
|
17
|
+
"url": "https://github.com/velajs/better-auth/issues"
|
|
18
|
+
},
|
|
32
19
|
"license": "MIT",
|
|
20
|
+
"author": "ksh",
|
|
33
21
|
"repository": {
|
|
34
22
|
"type": "git",
|
|
35
23
|
"url": "git+https://github.com/velajs/better-auth.git"
|
|
36
24
|
},
|
|
37
|
-
"
|
|
38
|
-
|
|
39
|
-
"
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
25
|
+
"files": [
|
|
26
|
+
"dist",
|
|
27
|
+
"README.md",
|
|
28
|
+
"LICENSE",
|
|
29
|
+
"CHANGELOG.md"
|
|
30
|
+
],
|
|
31
|
+
"type": "module",
|
|
32
|
+
"sideEffects": false,
|
|
33
|
+
"main": "./dist/index.js",
|
|
34
|
+
"types": "./dist/index.d.ts",
|
|
35
|
+
"exports": {
|
|
36
|
+
".": {
|
|
37
|
+
"types": "./dist/index.d.ts",
|
|
38
|
+
"import": "./dist/index.js"
|
|
39
|
+
},
|
|
40
|
+
"./testing": {
|
|
41
|
+
"types": "./dist/testing/index.d.ts",
|
|
42
|
+
"import": "./dist/testing/index.js"
|
|
43
|
+
}
|
|
43
44
|
},
|
|
44
|
-
"
|
|
45
|
-
"@velajs/
|
|
46
|
-
"better-auth": ">=1.2.0",
|
|
47
|
-
"hono": ">=4"
|
|
45
|
+
"dependencies": {
|
|
46
|
+
"@velajs/authz": "^1.0.0"
|
|
48
47
|
},
|
|
49
48
|
"devDependencies": {
|
|
50
|
-
"@
|
|
51
|
-
"@
|
|
49
|
+
"@arethetypeswrong/cli": "^0.18.5",
|
|
50
|
+
"@changesets/cli": "^2.31.0",
|
|
51
|
+
"@swc/core": "^1.15.43",
|
|
52
52
|
"@velajs/testing": "^0.4.0",
|
|
53
53
|
"@velajs/vela": "^1.12.0",
|
|
54
54
|
"better-auth": "^1.6.20",
|
|
55
55
|
"hono": "^4.12.26",
|
|
56
|
-
"
|
|
56
|
+
"oxfmt": "^0.58.0",
|
|
57
|
+
"oxlint": "^1.73.0",
|
|
58
|
+
"publint": "^0.3.21",
|
|
59
|
+
"tsdown": "^0.22.4",
|
|
60
|
+
"typescript": "^7.0.2",
|
|
57
61
|
"unplugin-swc": "^1.5.9",
|
|
58
|
-
"vitest": "^4.1.
|
|
62
|
+
"vitest": "^4.1.10"
|
|
63
|
+
},
|
|
64
|
+
"peerDependencies": {
|
|
65
|
+
"@velajs/vela": ">=1.11.0",
|
|
66
|
+
"better-auth": ">=1.2.0",
|
|
67
|
+
"hono": ">=4"
|
|
68
|
+
},
|
|
69
|
+
"engines": {
|
|
70
|
+
"node": ">=24"
|
|
59
71
|
},
|
|
60
72
|
"scripts": {
|
|
61
|
-
"build": "
|
|
73
|
+
"build": "tsdown",
|
|
62
74
|
"test": "vitest run",
|
|
63
|
-
"typecheck": "tsc --noEmit"
|
|
75
|
+
"typecheck": "tsc --noEmit",
|
|
76
|
+
"lint": "oxlint .",
|
|
77
|
+
"format": "oxfmt .",
|
|
78
|
+
"format:check": "oxfmt --check .",
|
|
79
|
+
"publint": "publint",
|
|
80
|
+
"attw": "attw --pack . --profile esm-only",
|
|
81
|
+
"changeset": "changeset",
|
|
82
|
+
"version-packages": "changeset version",
|
|
83
|
+
"release": "pnpm build && changeset publish",
|
|
84
|
+
"verify": "pnpm lint && pnpm format:check && pnpm build && pnpm typecheck && pnpm test && pnpm publint && pnpm attw"
|
|
64
85
|
}
|
|
65
86
|
}
|
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
import { type Type } from '@velajs/vela';
|
|
2
|
-
/**
|
|
3
|
-
* Build a catch-all controller that mounts better-auth's handler at `basePath`
|
|
4
|
-
* (default `/api/auth`). This is a factory because vela reads a controller's
|
|
5
|
-
* route off the class at decoration time, so a custom base path needs its own
|
|
6
|
-
* decorated class — the path can't be parametrized on a single shared class.
|
|
7
|
-
*
|
|
8
|
-
* Two base paths to keep consistent:
|
|
9
|
-
* - this `basePath` is RELATIVE to vela's `globalPrefix` (always prepended);
|
|
10
|
-
* - better-auth routes against its OWN absolute `basePath` (the one you pass to
|
|
11
|
-
* `betterAuth({ basePath })`), which must equal `globalPrefix + basePath`.
|
|
12
|
-
*
|
|
13
|
-
* Both default to `/api/auth`, so the no-prefix / no-config case just works.
|
|
14
|
-
*/
|
|
15
|
-
export declare function createBetterAuthCatchallController(basePath?: string): Type;
|
|
16
|
-
/**
|
|
17
|
-
* Default-path (`/api/auth`) catch-all controller. Retained for back-compat;
|
|
18
|
-
* `BetterAuthModule` now mounts {@link createBetterAuthCatchallController} with
|
|
19
|
-
* the configured `basePath`. Prefer the factory for a custom base path.
|
|
20
|
-
*/
|
|
21
|
-
export declare const BetterAuthCatchallController: Type;
|
|
@@ -1,68 +0,0 @@
|
|
|
1
|
-
function _ts_decorate(decorators, target, key, desc) {
|
|
2
|
-
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
-
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
-
else for(var i = decorators.length - 1; i >= 0; i--)if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
-
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
-
}
|
|
7
|
-
function _ts_metadata(k, v) {
|
|
8
|
-
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
|
-
}
|
|
10
|
-
function _ts_param(paramIndex, decorator) {
|
|
11
|
-
return function(target, key) {
|
|
12
|
-
decorator(target, key, paramIndex);
|
|
13
|
-
};
|
|
14
|
-
}
|
|
15
|
-
import { All, Controller, Inject, Injectable, Req } from "@velajs/vela";
|
|
16
|
-
import { BetterAuthService } from "./better-auth.service.js";
|
|
17
|
-
import { Public } from "./decorators/public.decorator.js";
|
|
18
|
-
/**
|
|
19
|
-
* Build a catch-all controller that mounts better-auth's handler at `basePath`
|
|
20
|
-
* (default `/api/auth`). This is a factory because vela reads a controller's
|
|
21
|
-
* route off the class at decoration time, so a custom base path needs its own
|
|
22
|
-
* decorated class — the path can't be parametrized on a single shared class.
|
|
23
|
-
*
|
|
24
|
-
* Two base paths to keep consistent:
|
|
25
|
-
* - this `basePath` is RELATIVE to vela's `globalPrefix` (always prepended);
|
|
26
|
-
* - better-auth routes against its OWN absolute `basePath` (the one you pass to
|
|
27
|
-
* `betterAuth({ basePath })`), which must equal `globalPrefix + basePath`.
|
|
28
|
-
*
|
|
29
|
-
* Both default to `/api/auth`, so the no-prefix / no-config case just works.
|
|
30
|
-
*/ export function createBetterAuthCatchallController(basePath = '/api/auth') {
|
|
31
|
-
let BetterAuthCatchallController = class BetterAuthCatchallController {
|
|
32
|
-
auth;
|
|
33
|
-
// Inject the service — its `.handler` getter triggers lazy construction
|
|
34
|
-
// of the underlying betterAuth() instance on first access, AFTER any
|
|
35
|
-
// runtime adapter middleware (Cloudflare env capture) has run.
|
|
36
|
-
constructor(auth){
|
|
37
|
-
this.auth = auth;
|
|
38
|
-
}
|
|
39
|
-
async handle(c) {
|
|
40
|
-
return this.auth.handler(c.req.raw);
|
|
41
|
-
}
|
|
42
|
-
};
|
|
43
|
-
_ts_decorate([
|
|
44
|
-
All('/*'),
|
|
45
|
-
_ts_param(0, Req()),
|
|
46
|
-
_ts_metadata("design:type", Function),
|
|
47
|
-
_ts_metadata("design:paramtypes", [
|
|
48
|
-
typeof Context === "undefined" ? Object : Context
|
|
49
|
-
]),
|
|
50
|
-
_ts_metadata("design:returntype", Promise)
|
|
51
|
-
], BetterAuthCatchallController.prototype, "handle", null);
|
|
52
|
-
BetterAuthCatchallController = _ts_decorate([
|
|
53
|
-
Public(true),
|
|
54
|
-
Controller(basePath),
|
|
55
|
-
Injectable(),
|
|
56
|
-
_ts_param(0, Inject(BetterAuthService)),
|
|
57
|
-
_ts_metadata("design:type", Function),
|
|
58
|
-
_ts_metadata("design:paramtypes", [
|
|
59
|
-
typeof BetterAuthService === "undefined" ? Object : BetterAuthService
|
|
60
|
-
])
|
|
61
|
-
], BetterAuthCatchallController);
|
|
62
|
-
return BetterAuthCatchallController;
|
|
63
|
-
}
|
|
64
|
-
/**
|
|
65
|
-
* Default-path (`/api/auth`) catch-all controller. Retained for back-compat;
|
|
66
|
-
* `BetterAuthModule` now mounts {@link createBetterAuthCatchallController} with
|
|
67
|
-
* the configured `basePath`. Prefer the factory for a custom base path.
|
|
68
|
-
*/ export const BetterAuthCatchallController = createBetterAuthCatchallController();
|
|
@@ -1,52 +0,0 @@
|
|
|
1
|
-
import { type DynamicModule, type InferTokens, type Token } from '@velajs/vela';
|
|
2
|
-
import type { BetterAuthInstance, BetterAuthModuleOptions } from './better-auth.types';
|
|
3
|
-
/**
|
|
4
|
-
* Options for {@link BetterAuthModule.forRootAsync}.
|
|
5
|
-
*
|
|
6
|
-
* The `Inject` type parameter captures the literal `inject` tuple at the call
|
|
7
|
-
* site (via `const` inference) so `useFactory` parameters are typed from the
|
|
8
|
-
* inject array, position-by-position — no `as const`, no `(...deps: any[])`:
|
|
9
|
-
*
|
|
10
|
-
* ```ts
|
|
11
|
-
* BetterAuthModule.forRootAsync({
|
|
12
|
-
* inject: [D1Service, ConfigService], // captured as readonly tuple
|
|
13
|
-
* useFactory: (d1, config) => // d1: D1Service, config: ConfigService
|
|
14
|
-
* betterAuth({ database: drizzleAdapter(drizzle(d1.database), ...) }),
|
|
15
|
-
* });
|
|
16
|
-
* ```
|
|
17
|
-
*/
|
|
18
|
-
interface ForRootAsyncOptions<Inject extends readonly Token<unknown>[] = readonly Token<unknown>[]> {
|
|
19
|
-
inject?: Inject;
|
|
20
|
-
imports?: DynamicModule['imports'];
|
|
21
|
-
useFactory: (...deps: InferTokens<Inject>) => BetterAuthInstance;
|
|
22
|
-
isGlobal?: boolean;
|
|
23
|
-
mountHandler?: boolean;
|
|
24
|
-
basePath?: string;
|
|
25
|
-
defaultPolicy?: 'deny' | 'allow';
|
|
26
|
-
key?: string;
|
|
27
|
-
}
|
|
28
|
-
export declare class BetterAuthModule {
|
|
29
|
-
/**
|
|
30
|
-
* Synchronous registration. The auth instance is constructed by the consumer
|
|
31
|
-
* at module-load time and passed in directly. Use this when the inputs to
|
|
32
|
-
* `betterAuth({...})` are available at startup (Node apps with a static DB
|
|
33
|
-
* connection, in-memory adapters, etc.).
|
|
34
|
-
*/
|
|
35
|
-
static forRoot(options: BetterAuthModuleOptions & {
|
|
36
|
-
isGlobal?: boolean;
|
|
37
|
-
key?: string;
|
|
38
|
-
}): DynamicModule;
|
|
39
|
-
/**
|
|
40
|
-
* Deferred / DI-driven registration. The user factory runs **lazily**, on the
|
|
41
|
-
* first time anything reads `BetterAuthService.auth` (or `.api` / `.handler`).
|
|
42
|
-
* In normal request handling that's `AuthGuard.canActivate` or the catch-all
|
|
43
|
-
* controller's `.handle`. At module load the factory does NOT run — it's only
|
|
44
|
-
* captured behind {@link lazyProvider}'s memoized thunk. This is what makes
|
|
45
|
-
* Cloudflare bindings (D1, KV, R2) work: the binding isn't ready at boot, but
|
|
46
|
-
* it IS by the time a request flows through and the guard / catch-all reads
|
|
47
|
-
* the service. Inject deps resolve at module load (cheap BindingRef wrappers);
|
|
48
|
-
* their *values* are read at first auth use, inside your factory body.
|
|
49
|
-
*/
|
|
50
|
-
static forRootAsync<const Inject extends readonly Token<unknown>[] = readonly Token<unknown>[]>(options: ForRootAsyncOptions<Inject>): DynamicModule;
|
|
51
|
-
}
|
|
52
|
-
export {};
|
|
@@ -1,138 +0,0 @@
|
|
|
1
|
-
import { defineModule, lazyProvider, provideGlobal, stableHash } from "@velajs/vela";
|
|
2
|
-
import { createBetterAuthCatchallController } from "./better-auth.controller.js";
|
|
3
|
-
import { BetterAuthService, BETTER_AUTH_BUILDER } from "./better-auth.service.js";
|
|
4
|
-
import { BETTER_AUTH_OPTIONS } from "./better-auth.tokens.js";
|
|
5
|
-
import { AuthGuard } from "./guards/auth.guard.js";
|
|
6
|
-
import { RolesGuard } from "./guards/roles.guard.js";
|
|
7
|
-
const DEFAULT_BASE_PATH = '/api/auth';
|
|
8
|
-
function normalize(options) {
|
|
9
|
-
return {
|
|
10
|
-
basePath: options.basePath ?? DEFAULT_BASE_PATH,
|
|
11
|
-
isGlobal: options.isGlobal ?? false,
|
|
12
|
-
defaultPolicy: options.defaultPolicy ?? 'deny',
|
|
13
|
-
mountHandler: options.mountHandler ?? true
|
|
14
|
-
};
|
|
15
|
-
}
|
|
16
|
-
/** Providers, controllers, and exports shared by both entry points. */ function commonContributions(n) {
|
|
17
|
-
return {
|
|
18
|
-
providers: [
|
|
19
|
-
BetterAuthService,
|
|
20
|
-
AuthGuard,
|
|
21
|
-
RolesGuard
|
|
22
|
-
],
|
|
23
|
-
controllers: n.mountHandler ? [
|
|
24
|
-
createBetterAuthCatchallController(n.basePath)
|
|
25
|
-
] : [],
|
|
26
|
-
exports: [
|
|
27
|
-
BetterAuthService,
|
|
28
|
-
BETTER_AUTH_OPTIONS,
|
|
29
|
-
AuthGuard,
|
|
30
|
-
RolesGuard
|
|
31
|
-
]
|
|
32
|
-
};
|
|
33
|
-
}
|
|
34
|
-
/**
|
|
35
|
-
* The blessed engine generates `forRoot`. `setup` runs once per instance at
|
|
36
|
-
* call time: it re-provides {@link BETTER_AUTH_OPTIONS} with defaults applied,
|
|
37
|
-
* derives the auth builder from those options, mounts the catch-all controller,
|
|
38
|
-
* and — via the `global:` slot — registers the app-wide guard when `isGlobal`.
|
|
39
|
-
*
|
|
40
|
-
* `isGlobal` here means "apply AuthGuard app-wide", NOT "make this a global
|
|
41
|
-
* module", so the default `isGlobal → global: true` extras transform is
|
|
42
|
-
* replaced with identity; the flag reaches `setup` through the options bag.
|
|
43
|
-
*/ const authModuleHost = defineModule({
|
|
44
|
-
name: 'BetterAuth',
|
|
45
|
-
optionsToken: BETTER_AUTH_OPTIONS,
|
|
46
|
-
transform: (definition)=>definition,
|
|
47
|
-
// The auth instance is a stateful value — key off the structural subset only.
|
|
48
|
-
key: (options)=>stableHash(normalize(options)),
|
|
49
|
-
setup: ({ OPTIONS, options })=>{
|
|
50
|
-
const n = normalize(options);
|
|
51
|
-
const common = commonContributions(n);
|
|
52
|
-
const auth = options.auth;
|
|
53
|
-
return {
|
|
54
|
-
providers: [
|
|
55
|
-
// Override the auto-provided raw bag with the normalized shape so
|
|
56
|
-
// BETTER_AUTH_OPTIONS consumers always see defaults + the auth instance.
|
|
57
|
-
{
|
|
58
|
-
provide: OPTIONS,
|
|
59
|
-
useValue: {
|
|
60
|
-
...n,
|
|
61
|
-
auth
|
|
62
|
-
}
|
|
63
|
-
},
|
|
64
|
-
// Eager auth: the builder hands back the instance the caller passed in.
|
|
65
|
-
lazyProvider({
|
|
66
|
-
provide: BETTER_AUTH_BUILDER,
|
|
67
|
-
inject: [
|
|
68
|
-
OPTIONS
|
|
69
|
-
],
|
|
70
|
-
useFactory: (o)=>o.auth
|
|
71
|
-
}),
|
|
72
|
-
...common.providers
|
|
73
|
-
],
|
|
74
|
-
controllers: common.controllers,
|
|
75
|
-
exports: common.exports,
|
|
76
|
-
global: n.isGlobal ? {
|
|
77
|
-
guards: [
|
|
78
|
-
AuthGuard
|
|
79
|
-
]
|
|
80
|
-
} : undefined
|
|
81
|
-
};
|
|
82
|
-
}
|
|
83
|
-
});
|
|
84
|
-
export class BetterAuthModule {
|
|
85
|
-
/**
|
|
86
|
-
* Synchronous registration. The auth instance is constructed by the consumer
|
|
87
|
-
* at module-load time and passed in directly. Use this when the inputs to
|
|
88
|
-
* `betterAuth({...})` are available at startup (Node apps with a static DB
|
|
89
|
-
* connection, in-memory adapters, etc.).
|
|
90
|
-
*/ static forRoot(options) {
|
|
91
|
-
// Delegate to the generated static, then rebrand the module identity so the
|
|
92
|
-
// public `BetterAuthModule` class is the one registered (consistent with
|
|
93
|
-
// `forRootAsync` and better diagnostics).
|
|
94
|
-
return {
|
|
95
|
-
...authModuleHost.ConfigurableModuleClass.forRoot(options),
|
|
96
|
-
module: BetterAuthModule
|
|
97
|
-
};
|
|
98
|
-
}
|
|
99
|
-
/**
|
|
100
|
-
* Deferred / DI-driven registration. The user factory runs **lazily**, on the
|
|
101
|
-
* first time anything reads `BetterAuthService.auth` (or `.api` / `.handler`).
|
|
102
|
-
* In normal request handling that's `AuthGuard.canActivate` or the catch-all
|
|
103
|
-
* controller's `.handle`. At module load the factory does NOT run — it's only
|
|
104
|
-
* captured behind {@link lazyProvider}'s memoized thunk. This is what makes
|
|
105
|
-
* Cloudflare bindings (D1, KV, R2) work: the binding isn't ready at boot, but
|
|
106
|
-
* it IS by the time a request flows through and the guard / catch-all reads
|
|
107
|
-
* the service. Inject deps resolve at module load (cheap BindingRef wrappers);
|
|
108
|
-
* their *values* are read at first auth use, inside your factory body.
|
|
109
|
-
*/ static forRootAsync(options) {
|
|
110
|
-
const n = normalize(options);
|
|
111
|
-
const common = commonContributions(n);
|
|
112
|
-
return {
|
|
113
|
-
module: BetterAuthModule,
|
|
114
|
-
key: options.key ?? stableHash({
|
|
115
|
-
...n,
|
|
116
|
-
inject: options.inject
|
|
117
|
-
}),
|
|
118
|
-
imports: options.imports ?? [],
|
|
119
|
-
providers: [
|
|
120
|
-
{
|
|
121
|
-
provide: BETTER_AUTH_OPTIONS,
|
|
122
|
-
useValue: n
|
|
123
|
-
},
|
|
124
|
-
// The deferred auth builder: `lazyProvider` wraps the user factory in a
|
|
125
|
-
// memoized thunk, replacing the hand-rolled `(...deps) => () => f(...deps)`.
|
|
126
|
-
lazyProvider({
|
|
127
|
-
provide: BETTER_AUTH_BUILDER,
|
|
128
|
-
inject: options.inject,
|
|
129
|
-
useFactory: options.useFactory
|
|
130
|
-
}),
|
|
131
|
-
...common.providers,
|
|
132
|
-
...n.isGlobal ? provideGlobal('guard', AuthGuard) : []
|
|
133
|
-
],
|
|
134
|
-
controllers: common.controllers,
|
|
135
|
-
exports: common.exports
|
|
136
|
-
};
|
|
137
|
-
}
|
|
138
|
-
}
|
|
@@ -1,42 +0,0 @@
|
|
|
1
|
-
import { InjectionToken } from '@velajs/vela';
|
|
2
|
-
import type { BetterAuthInstance } from './better-auth.types';
|
|
3
|
-
/**
|
|
4
|
-
* Internal token holding the auth-construction closure with its inject deps
|
|
5
|
-
* closed over. Resolves cheaply at module load (just captures references);
|
|
6
|
-
* the inner call happens lazily on first auth use (see `BetterAuthService`).
|
|
7
|
-
*
|
|
8
|
-
* Not exported from the public surface — only the service consumes it.
|
|
9
|
-
*/
|
|
10
|
-
export declare const BETTER_AUTH_BUILDER: InjectionToken<() => BetterAuthInstance>;
|
|
11
|
-
/**
|
|
12
|
-
* The single injectable consumers reach for to interact with better-auth.
|
|
13
|
-
* Wraps the underlying `betterAuth({...})` instance with lazy construction:
|
|
14
|
-
*
|
|
15
|
-
* - `forRoot({ auth })` — the builder returns the eagerly-provided instance,
|
|
16
|
-
* so the first `.auth` / `.api` / `.handler` access is effectively a
|
|
17
|
-
* read-and-cache.
|
|
18
|
-
* - `forRootAsync({ inject, useFactory })` — the builder wraps the user's
|
|
19
|
-
* factory + inject deps. First access triggers `useFactory(...deps)`. This
|
|
20
|
-
* is what makes Cloudflare D1/KV bindings work: at module load the factory
|
|
21
|
-
* doesn't run; on first request (when AuthGuard or the catch-all calls
|
|
22
|
-
* `service.api` / `service.handler`), the bindings are populated and the
|
|
23
|
-
* factory can read them safely.
|
|
24
|
-
*
|
|
25
|
-
* Used directly by AuthGuard and the catch-all controller. Consumers in
|
|
26
|
-
* application code inject the same way: `@Inject(BetterAuthService)`.
|
|
27
|
-
*/
|
|
28
|
-
export declare class BetterAuthService {
|
|
29
|
-
private readonly build;
|
|
30
|
-
private cached;
|
|
31
|
-
constructor(build: () => BetterAuthInstance);
|
|
32
|
-
/**
|
|
33
|
-
* The underlying better-auth instance. Constructed once on first access.
|
|
34
|
-
* Safe to call from any request-time code path (guards, controllers,
|
|
35
|
-
* services invoked from handlers).
|
|
36
|
-
*/
|
|
37
|
-
get auth(): BetterAuthInstance;
|
|
38
|
-
/** Convenience accessor — equivalent to `service.auth.api`. */
|
|
39
|
-
get api(): BetterAuthInstance['api'];
|
|
40
|
-
/** Convenience accessor — equivalent to `service.auth.handler`. */
|
|
41
|
-
get handler(): BetterAuthInstance['handler'];
|
|
42
|
-
}
|
|
@@ -1,51 +0,0 @@
|
|
|
1
|
-
function _ts_decorate(decorators, target, key, desc) {
|
|
2
|
-
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
-
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
-
else for(var i = decorators.length - 1; i >= 0; i--)if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
-
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
-
}
|
|
7
|
-
function _ts_metadata(k, v) {
|
|
8
|
-
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
|
-
}
|
|
10
|
-
function _ts_param(paramIndex, decorator) {
|
|
11
|
-
return function(target, key) {
|
|
12
|
-
decorator(target, key, paramIndex);
|
|
13
|
-
};
|
|
14
|
-
}
|
|
15
|
-
import { Inject, Injectable, InjectionToken } from "@velajs/vela";
|
|
16
|
-
/**
|
|
17
|
-
* Internal token holding the auth-construction closure with its inject deps
|
|
18
|
-
* closed over. Resolves cheaply at module load (just captures references);
|
|
19
|
-
* the inner call happens lazily on first auth use (see `BetterAuthService`).
|
|
20
|
-
*
|
|
21
|
-
* Not exported from the public surface — only the service consumes it.
|
|
22
|
-
*/ export const BETTER_AUTH_BUILDER = new InjectionToken('vela.better-auth.Builder');
|
|
23
|
-
export class BetterAuthService {
|
|
24
|
-
build;
|
|
25
|
-
cached;
|
|
26
|
-
constructor(build){
|
|
27
|
-
this.build = build;
|
|
28
|
-
}
|
|
29
|
-
/**
|
|
30
|
-
* The underlying better-auth instance. Constructed once on first access.
|
|
31
|
-
* Safe to call from any request-time code path (guards, controllers,
|
|
32
|
-
* services invoked from handlers).
|
|
33
|
-
*/ get auth() {
|
|
34
|
-
if (!this.cached) this.cached = this.build();
|
|
35
|
-
return this.cached;
|
|
36
|
-
}
|
|
37
|
-
/** Convenience accessor — equivalent to `service.auth.api`. */ get api() {
|
|
38
|
-
return this.auth.api;
|
|
39
|
-
}
|
|
40
|
-
/** Convenience accessor — equivalent to `service.auth.handler`. */ get handler() {
|
|
41
|
-
return this.auth.handler;
|
|
42
|
-
}
|
|
43
|
-
}
|
|
44
|
-
BetterAuthService = _ts_decorate([
|
|
45
|
-
Injectable(),
|
|
46
|
-
_ts_param(0, Inject(BETTER_AUTH_BUILDER)),
|
|
47
|
-
_ts_metadata("design:type", Function),
|
|
48
|
-
_ts_metadata("design:paramtypes", [
|
|
49
|
-
Function
|
|
50
|
-
])
|
|
51
|
-
], BetterAuthService);
|
|
@@ -1,5 +0,0 @@
|
|
|
1
|
-
import { InjectionToken } from '@velajs/vela';
|
|
2
|
-
import type { BetterAuthModuleOptions } from './better-auth.types';
|
|
3
|
-
export declare const BETTER_AUTH_OPTIONS: InjectionToken<BetterAuthModuleOptions>;
|
|
4
|
-
export declare const AUTH_USER_KEY: unique symbol;
|
|
5
|
-
export declare const AUTH_SESSION_KEY: unique symbol;
|
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
import type { Auth, Session as BASession, User as BAUser } from 'better-auth';
|
|
2
|
-
export type BetterAuthInstance = Auth<any>;
|
|
3
|
-
export interface BetterAuthModuleOptions {
|
|
4
|
-
auth: BetterAuthInstance;
|
|
5
|
-
basePath?: string;
|
|
6
|
-
isGlobal?: boolean;
|
|
7
|
-
defaultPolicy?: 'deny' | 'allow';
|
|
8
|
-
mountHandler?: boolean;
|
|
9
|
-
}
|
|
10
|
-
export type User = BAUser;
|
|
11
|
-
export type Session = BASession;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export { };
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export declare const CurrentSession: (data?: unknown, ...pipes: import("@velajs/vela").PipeType[]) => ParameterDecorator;
|
|
@@ -1,7 +0,0 @@
|
|
|
1
|
-
import { createLazyParamDecorator, REQUEST_CONTEXT } from "@velajs/vela";
|
|
2
|
-
import { AUTH_SESSION_KEY } from "../better-auth.tokens.js";
|
|
3
|
-
export const CurrentSession = createLazyParamDecorator((_data, ctx)=>{
|
|
4
|
-
const honoCtx = ctx.getContext();
|
|
5
|
-
const reqCtx = honoCtx.get('container').resolve(REQUEST_CONTEXT);
|
|
6
|
-
return reqCtx.get(AUTH_SESSION_KEY);
|
|
7
|
-
});
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export declare const CurrentUser: (data?: unknown, ...pipes: import("@velajs/vela").PipeType[]) => ParameterDecorator;
|
|
@@ -1,7 +0,0 @@
|
|
|
1
|
-
import { createLazyParamDecorator, REQUEST_CONTEXT } from "@velajs/vela";
|
|
2
|
-
import { AUTH_USER_KEY } from "../better-auth.tokens.js";
|
|
3
|
-
export const CurrentUser = createLazyParamDecorator((_data, ctx)=>{
|
|
4
|
-
const honoCtx = ctx.getContext();
|
|
5
|
-
const reqCtx = honoCtx.get('container').resolve(REQUEST_CONTEXT);
|
|
6
|
-
return reqCtx.get(AUTH_USER_KEY);
|
|
7
|
-
});
|
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
import { type CanActivate, type ExecutionContext } from '@velajs/vela';
|
|
2
|
-
import { BetterAuthService } from '../better-auth.service';
|
|
3
|
-
import type { BetterAuthModuleOptions } from '../better-auth.types';
|
|
4
|
-
export declare class AuthGuard implements CanActivate {
|
|
5
|
-
private readonly auth;
|
|
6
|
-
private readonly opts;
|
|
7
|
-
private readonly reflector;
|
|
8
|
-
constructor(auth: BetterAuthService, opts: BetterAuthModuleOptions);
|
|
9
|
-
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
10
|
-
}
|