better-auth-organization-member 1.0.0

package/README.md

@@ -0,0 +1,245 @@
+# better-auth-organization-member
+
+A Better Auth plugin that extends the organization plugin with additional member management capabilities.
+
+## Features
+
+- **Update Member Endpoint**: `/organization/update-member` - Update member information including role AND additional fields (firstName, lastName, avatar, and any custom fields)
+- **Automatic Hook Injection**: Automatically adds `afterAcceptInvitation` hook to the organization plugin to transfer invitation data from invitations to member records
+- **Before/After Update Hooks**: Lifecycle hooks for member updates
+- **Full Type Inference**: Automatically infers member additional fields from organization plugin schema
+
+## Requirements
+
+- `better-auth` >= 1.4.9
+- `organization` plugin must be enabled
+
+## Installation
+
+This is a workspace package. It's already included in the monorepo.
+
+## Usage
+
+### Server Setup
+
+Simply add the plugin after the organization plugin. **No manual hooks required!**
+
+```typescript
+import { betterAuth } from 'better-auth';
+import { organization } from 'better-auth/plugins';
+import { organizationMember } from 'better-auth-organization-member';
+
+export const auth = betterAuth({
+  // ... other config
+  plugins: [
+    organization({
+      // organization config
+      schema: {
+        member: {
+          additionalFields: {
+            firstName: { type: 'string', input: true, required: false },
+            lastName: { type: 'string', input: true, required: false },
+            avatar: { type: 'string', input: true, required: false },
+          },
+        },
+        invitation: {
+          additionalFields: {
+            firstName: { type: 'string', input: true, required: false },
+            lastName: { type: 'string', input: true, required: false },
+            avatar: { type: 'string', input: true, required: false },
+          },
+        },
+      },
+    }),
+    // This plugin automatically injects the afterAcceptInvitation hook
+    organizationMember({
+      organizationMemberHooks: {
+        // Optional: Hook before member update
+        async beforeUpdateMember(data) {
+          console.log('Updating member:', data.member.id);
+          // You can modify the updates here
+          return {
+            data: {
+              ...data.updates,
+              // Add custom logic
+            },
+          };
+        },
+        // Optional: Hook after member update
+        async afterUpdateMember(data) {
+          console.log('Member updated:', data.member.id);
+        },
+      },
+    }),
+  ],
+});
+```
+
+### What Happens Automatically
+
+When the `organizationMember` plugin is added:
+
+1. ✅ It automatically injects an `afterAcceptInvitation` hook into the organization plugin
+2. ✅ When an invitation is accepted, the hook transfers `firstName`, `lastName`, and `avatar` from the invitation to the member record
+3. ✅ No need to manually add hooks in your provider configuration!
+
+### Client Usage
+
+```typescript
+import { createAuthClient } from 'better-auth/client';
+import { organizationMemberClient } from 'better-auth-organization-member/client';
+
+const client = createAuthClient({
+  plugins: [organizationMemberClient()],
+});
+
+// Update member information (role + additional fields)
+await client.organization.updateMember({
+  memberId: 'member-id',
+  role: 'admin', // Can update role
+  firstName: 'John',
+  lastName: 'Doe',
+  avatar: 'https://example.com/avatar.jpg',
+  // any other custom fields defined in your member schema
+});
+```
+
+## API
+
+### Endpoint: `/organization/update-member`
+
+Updates member information in an organization. Follows the **exact same permission logic** as `/organization/update-member-role` but accepts additional fields.
+
+**Method**: `POST`
+
+**Body**:
+```typescript
+{
+  memberId: string;                    // Required: ID of the member to update
+  role: string | string[];             // Required: Role(s) to assign
+  organizationId?: string;             // Optional: defaults to active organization
+  teamId?: string;                     // Optional: team ID (if teams are enabled)
+  // ... any additional fields defined in member.additionalFields
+  // Examples: firstName, lastName, avatar, etc.
+}
+```
+
+**Response**:
+```typescript
+{
+  id: string;
+  userId: string;
+  organizationId: string;
+  role: string;
+  user: {
+    id: string;
+    email: string;
+    name: string | null;
+    image: string | null;
+  };
+  // ... all additional fields
+}
+```
+
+**Permissions**: Same as `updateMemberRole` - requires `member:update` permission or owner/admin role.
+
+**Role Logic** (same as `updateMemberRole`):
+- ✅ Owners can update any member
+- ✅ Admins with `member:update` permission can update members
+- ❌ Non-creators cannot update creators
+- ❌ Last owner cannot demote themselves
+- ❌ Same permission checks as the built-in role update
+
+## Hooks
+
+### `beforeUpdateMember`
+
+Called before a member's information is updated. Can modify the update data.
+
+```typescript
+beforeUpdateMember?: (data: {
+  member: Member;
+  updates: Record<string, any>;
+  user: User;
+  organization: Organization;
+}) => Promise<void | { data: Record<string, any> }>;
+```
+
+### `afterUpdateMember`
+
+Called after a member's information is updated.
+
+```typescript
+afterUpdateMember?: (data: {
+  member: Member;
+  previousData: Record<string, any>;
+  user: User;
+  organization: Organization;
+}) => Promise<void>;
+```
+
+### Automatic `afterAcceptInvitation` Hook
+
+This hook is **automatically injected** into the organization plugin when you add `organizationMember()`. It:
+
+1. Extracts **all additional fields** from `invitation.additionalFields` 
+2. Automatically transfers them to the newly created member record
+3. Works with any custom fields you define in both invitation and member schemas
+4. Logs the update (or errors if they occur)
+5. Does not fail the invitation acceptance if the update fails
+
+## Comparison with `updateMemberRole`
+
+### Built-in `updateMemberRole` (organization plugin)
+
+```typescript
+// Only updates the role field
+await client.organization.updateMemberRole({
+  memberId: 'member-id',
+  role: 'admin',
+});
+```
+
+### This Plugin's `updateMember`
+
+```typescript
+// Updates role AND additional fields in one call
+await client.organization.updateMember({
+  memberId: 'member-id',
+  role: 'admin',                                    // ✅ Can update role
+  firstName: 'John',                                // ✅ Plus additional fields
+  lastName: 'Doe',
+  avatar: 'https://example.com/avatar.jpg',
+  customField: 'value',                             // ✅ Plus any custom fields
+});
+```
+
+**Key Features:**
+- ✅ **Exact same permission logic** as `updateMemberRole` (identical role checks)
+- ✅ **Same validation** for role updates (creator protection, owner checks, etc.)
+- ✅ **Additional field support** - Update member additional fields in the same request
+- ✅ **Full type inference** - TypeScript autocomplete for all additional fields
+- ✅ **Automatic schema validation** - Uses `toZodSchema` to validate additional fields
+
+## Implementation Details
+
+This plugin:
+
+1. **Extends `updateMemberRole`**: Uses the exact same permission logic, role validation, and error handling as `updateMemberRole`, but accepts additional fields via `toZodSchema`
+2. **Auto-injects hooks**: Uses the plugin's `init()` method to inject `afterAcceptInvitation` into the organization plugin's hooks
+3. **Type-safe**: Full TypeScript support with `InferAdditionalFieldsFromPluginOptions` for automatic type inference of all additional fields
+4. **Uses `getOrgAdapter`**: Leverages the organization plugin's adapter utilities for consistent behavior
+5. **Dynamic field transfer**: Automatically detects and transfers all fields defined in `invitation.additionalFields` to member records
+6. **Production-ready**: Follows Better Auth best practices and patterns
+
+### How It Works
+
+1. **At initialization**: The plugin reads the organization plugin's schema to get member additional fields
+2. **Schema generation**: Uses `toZodSchema` to generate validation schema from `member.additionalFields`
+3. **Endpoint creation**: Creates the `/organization/update-member` endpoint with merged schemas (base + additional fields)
+4. **Hook injection**: Injects `afterAcceptInvitation` to automatically transfer invitation fields to member
+5. **Type inference**: TypeScript automatically infers all additional fields for full autocomplete support
+
+## License
+
+UNLICENSED

package/dist/client-B1z87oFG.d.mts

@@ -0,0 +1,26 @@
+import { i as organizationMember } from "./server-uBIvbfMk.mjs";
+
+//#region src/client.d.ts
+interface OrganizationMemberClient {
+  updateMember: <T extends Record<string, any> = {}>(data: {
+    memberId: string;
+    organizationId?: string;
+  } & T) => Promise<{
+    data: any | null;
+    error: Error | null;
+  }>;
+  updateInvitation: <T extends Record<string, any> = {}>(data: {
+    invitationId: string;
+    organizationId?: string;
+  } & T) => Promise<{
+    data: any | null;
+    error: Error | null;
+  }>;
+}
+declare const organizationMemberClient: () => {
+  id: string;
+  $InferServerPlugin: ReturnType<typeof organizationMember>;
+};
+//#endregion
+export { organizationMemberClient as n, OrganizationMemberClient as t };
+//# sourceMappingURL=client-B1z87oFG.d.mts.map

package/dist/client-B1z87oFG.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client-B1z87oFG.d.mts","names":[],"sources":["../src/client.ts"],"sourcesContent":[],"mappings":";;;UAAiB,wBAAA;2BACU;;IADV,cAAA,CAAA,EAAA,MAAwB;EACd,CAAA,GAGrB,CAHqB,EAAA,GAGf,OAHe,CAAA;IAGrB,IAAA,EAAA,GAAA,GAAA,IAAA;IAEK,KAAA,EAAA,KAAA,GAAA,IAAA;EAFC,CAAA,CAAA;EAImB,gBAAA,EAAA,CAAA,UAAA,MAAA,CAAA,MAAA,EAAA,GAAA,CAAA,GAAA,CAAA,CAAA,CAAA,CAAA,IAAA,EAAA;IAGzB,YAAA,EAAA,MAAA;IAEK,cAAA,CAAA,EAAA,MAAA;EAFC,CAAA,GAAN,CAAM,EAAA,GAAA,OAAA,CAAA;IAAO,IAAA,EAAA,GAAA,GAAA,IAAA;IAMN,KAAA,EAJF,KAIE,GAAA,IAAA;;;cAAA;;sBAGiB,kBAI7B"}

package/dist/client-PBBSie1a.mjs

@@ -0,0 +1,11 @@
+//#region src/client.ts
+const organizationMemberClient = () => {
+	return {
+		id: "organization-member",
+		$InferServerPlugin: {}
+	};
+};
+
+//#endregion
+export { organizationMemberClient as t };
+//# sourceMappingURL=client-PBBSie1a.mjs.map

package/dist/client-PBBSie1a.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"client-PBBSie1a.mjs","names":[],"sources":["../src/client.ts"],"sourcesContent":["export interface OrganizationMemberClient {\n  updateMember: <T extends Record<string, any> = {}>(data: {\n    memberId: string;\n    organizationId?: string;\n  } & T) => Promise<{\n    data: any | null;\n    error: Error | null;\n  }>;\n  updateInvitation: <T extends Record<string, any> = {}>(data: {\n    invitationId: string;\n    organizationId?: string;\n  } & T) => Promise<{\n    data: any | null;\n    error: Error | null;\n  }>;\n}\n\nexport const organizationMemberClient = () => {\n  return {\n    id: \"organization-member\",\n    $InferServerPlugin: {} as ReturnType<\n      typeof import(\"./server\").organizationMember\n    >,\n  };\n};\n"],"mappings":";AAiBA,MAAa,iCAAiC;AAC5C,QAAO;EACL,IAAI;EACJ,oBAAoB,EAAE;EAGvB"}

package/dist/client.d.mts

@@ -0,0 +1,3 @@
+import "./server-uBIvbfMk.mjs";
+import { n as organizationMemberClient, t as OrganizationMemberClient } from "./client-B1z87oFG.mjs";
+export { OrganizationMemberClient, organizationMemberClient };

package/dist/client.d.ts

@@ -0,0 +1,21 @@
+export interface OrganizationMemberClient {
+    updateMember: <T extends Record<string, any> = {}>(data: {
+        memberId: string;
+        organizationId?: string;
+    } & T) => Promise<{
+        data: any | null;
+        error: Error | null;
+    }>;
+    updateInvitation: <T extends Record<string, any> = {}>(data: {
+        invitationId: string;
+        organizationId?: string;
+    } & T) => Promise<{
+        data: any | null;
+        error: Error | null;
+    }>;
+}
+export declare const organizationMemberClient: () => {
+    id: string;
+    $InferServerPlugin: ReturnType<typeof import("./server").organizationMember>;
+};
+//# sourceMappingURL=client.d.ts.map

package/dist/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,wBAAwB;IACvC,YAAY,EAAE,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE;QACvD,QAAQ,EAAE,MAAM,CAAC;QACjB,cAAc,CAAC,EAAE,MAAM,CAAC;KACzB,GAAG,CAAC,KAAK,OAAO,CAAC;QAChB,IAAI,EAAE,GAAG,GAAG,IAAI,CAAC;QACjB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;KACrB,CAAC,CAAC;IACH,gBAAgB,EAAE,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE;QAC3D,YAAY,EAAE,MAAM,CAAC;QACrB,cAAc,CAAC,EAAE,MAAM,CAAC;KACzB,GAAG,CAAC,KAAK,OAAO,CAAC;QAChB,IAAI,EAAE,GAAG,GAAG,IAAI,CAAC;QACjB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;KACrB,CAAC,CAAC;CACJ;AAED,eAAO,MAAM,wBAAwB;;wBAGP,UAAU,CAClC,cAAc,UAAU,EAAE,kBAAkB,CAC7C;CAEJ,CAAC"}

package/dist/client.js

@@ -0,0 +1,7 @@
+export const organizationMemberClient = () => {
+    return {
+        id: "organization-member",
+        $InferServerPlugin: {},
+    };
+};
+//# sourceMappingURL=client.js.map

package/dist/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAiBA,MAAM,CAAC,MAAM,wBAAwB,GAAG,GAAG,EAAE;IAC3C,OAAO;QACL,EAAE,EAAE,qBAAqB;QACzB,kBAAkB,EAAE,EAEnB;KACF,CAAC;AACJ,CAAC,CAAC"}

package/dist/client.mjs

@@ -0,0 +1,3 @@
+import { t as organizationMemberClient } from "./client-PBBSie1a.mjs";
+
+export { organizationMemberClient };

package/dist/index.d.mts

@@ -0,0 +1,3 @@
+import { i as organizationMember, t as OrganizationMemberOptions } from "./server-uBIvbfMk.mjs";
+import { n as organizationMemberClient, t as OrganizationMemberClient } from "./client-B1z87oFG.mjs";
+export { type OrganizationMemberClient, type OrganizationMemberOptions, organizationMember, organizationMemberClient };

package/dist/index.d.ts

@@ -0,0 +1,5 @@
+export { organizationMember } from "./server";
+export type { OrganizationMemberOptions } from "./server";
+export { organizationMemberClient } from "./client";
+export type { OrganizationMemberClient } from "./client";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAC9C,YAAY,EAAE,yBAAyB,EAAE,MAAM,UAAU,CAAC;AAC1D,OAAO,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAC;AACpD,YAAY,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAC"}

package/dist/index.js

@@ -0,0 +1,3 @@
+export { organizationMember } from "./server";
+export { organizationMemberClient } from "./client";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAE9C,OAAO,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAC"}

package/dist/index.mjs

@@ -0,0 +1,4 @@
+import { r as organizationMember } from "./server-Big_p9zG.mjs";
+import { t as organizationMemberClient } from "./client-PBBSie1a.mjs";
+
+export { organizationMember, organizationMemberClient };