better-auth 0.0.2-beta.7 → 0.0.2

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/cookies/index.ts","../src/crypto/hmac.ts","../src/crypto/random.ts","../src/plugins/csrf-check.ts","../src/plugins/utils.ts","../src/routes/session.ts","../../shared/src/error.ts","../src/routes/signin.ts","../src/oauth2/signin.ts","../src/crypto/sha.ts","../src/oauth2/utils.ts","../src/providers/utils.ts","../src/routes/signout.ts","../src/actions/index.ts","../src/utils/time.ts","../src/adapters/internal-adapter.ts","../src/adapters/utils.ts","../src/cookies/cookies.ts","../src/routes/callback.ts","../src/oauth2/tokens.ts","../src/routes/signup.ts","../src/routes/index.ts","../src/utils/request.ts","../src/utils/secret.ts","../src/auth.ts"],"sourcesContent":["import type { Context } from \"../routes/types\";\nimport type { CookieSerializeOptions } from \"./types\";\n\nexport function serialize(\n\tname: string,\n\tvalue: string,\n\tattributes: CookieSerializeOptions,\n) {\n\tconst keyValueEntries: Array<[string, string] | [string]> = [];\n\tkeyValueEntries.push([encodeURIComponent(name), encodeURIComponent(value)]);\n\tif (attributes?.domain !== undefined) {\n\t\tkeyValueEntries.push([\"Domain\", attributes.domain]);\n\t}\n\tif (attributes?.expires !== undefined) {\n\t\tkeyValueEntries.push([\"Expires\", attributes.expires.toUTCString()]);\n\t}\n\tif (attributes?.httpOnly) {\n\t\tkeyValueEntries.push([\"HttpOnly\"]);\n\t}\n\tif (attributes?.maxAge !== undefined) {\n\t\tkeyValueEntries.push([\"Max-Age\", attributes.maxAge.toString()]);\n\t}\n\tif (attributes?.path !== undefined) {\n\t\tkeyValueEntries.push([\"Path\", attributes.path]);\n\t}\n\tif (attributes?.sameSite === \"lax\") {\n\t\tkeyValueEntries.push([\"SameSite\", \"Lax\"]);\n\t}\n\tif (attributes?.sameSite === \"none\") {\n\t\tkeyValueEntries.push([\"SameSite\", \"None\"]);\n\t}\n\tif (attributes?.sameSite === \"strict\") {\n\t\tkeyValueEntries.push([\"SameSite\", \"Strict\"]);\n\t}\n\tif (attributes?.secure) {\n\t\tkeyValueEntries.push([\"Secure\"]);\n\t}\n\treturn keyValueEntries.map((pair) => pair.join(\"=\")).join(\"; \");\n}\n\nexport function parse(header: string): Map<string, string> {\n\tconst cookies = new Map<string, string>();\n\tconst items = header.split(\"; \");\n\tfor (const item of items) {\n\t\tconst pair = item.split(\"=\");\n\t\tconst rawKey = pair[0];\n\t\tconst rawValue = pair[1] ?? \"\";\n\t\tif (!rawKey) continue;\n\t\tcookies.set(decodeURIComponent(rawKey), decodeURIComponent(rawValue));\n\t}\n\treturn cookies;\n}\n\nexport const cookieManager = (header: Headers): CookieManager => {\n\treturn {\n\t\tset(name: string, value: string, options = {}) {\n\t\t\tconst cookieStr = serialize(name, value, options);\n\t\t\theader.append(\"set-cookie\", cookieStr);\n\t\t},\n\t\tget(name: string) {\n\t\t\tconst cookie = header.get(\"cookie\");\n\t\t\tif (!cookie) return null;\n\t\t\tconst cookies = parse(cookie);\n\t\t\tconst value = cookies.get(name);\n\t\t\treturn value;\n\t\t},\n\t};\n};\n\nexport type CookieManager = {\n\tset: (name: string, value: string, options?: CookieSerializeOptions) => void;\n\tget: (name: string) => string | null | undefined;\n};\n\nexport function setSessionCookie(context: Context, sessionId: string) {\n\tcontext.request.cookies.set(\n\t\tcontext.cookies.sessionToken.name,\n\t\tsessionId,\n\t\tcontext.cookies.sessionToken.options,\n\t);\n}\n\nexport function deleteSessionCooke(context: Context) {\n\tcontext.request.cookies.set(context.cookies.sessionToken.name, \"\", {\n\t\t...context.cookies.sessionToken.options,\n\t\tmaxAge: 0,\n\t});\n}\n","export async function hmac(secretKey: string, message: string) {\n\tconst enc = new TextEncoder();\n\tconst algorithm = { name: \"HMAC\", hash: \"SHA-256\" };\n\tconst key = await crypto.subtle.importKey(\n\t\t\"raw\",\n\t\tenc.encode(secretKey),\n\t\talgorithm,\n\t\tfalse,\n\t\t[\"sign\", \"verify\"],\n\t);\n\tconst signature = await crypto.subtle.sign(\n\t\talgorithm.name,\n\t\tkey,\n\t\tenc.encode(message),\n\t);\n\treturn btoa(String.fromCharCode(...new Uint8Array(signature)));\n}\n","export function generateRandomString(size: number) {\n\tconst i2hex = (i: number) => `0${i.toString(16)}`.slice(-2);\n\tconst r = (a: string, i: number): string => a + i2hex(i);\n\tconst bytes = crypto.getRandomValues(new Uint8Array(size));\n\treturn Array.from(bytes).reduce(r, \"\");\n}\n","import { hmac } from \"../crypto/hmac\";\nimport type { BetterAuthPlugin } from \"./types\";\n\nimport { generateRandomString } from \"../crypto/random\";\nimport type { Context, InternalResponse } from \"../routes/types\";\n\nconst csrfHandler = async (context: Context) => {\n\tconst csrfToken = context.request.cookies.get(context.cookies.csrfToken.name);\n\tif (csrfToken) {\n\t\treturn {\n\t\t\tstatus: 200,\n\t\t\tbody: {\n\t\t\t\tcsrfToken,\n\t\t\t},\n\t\t};\n\t}\n\tconst token = generateRandomString(32);\n\tconst hash = await hmac(context.secret, token);\n\tconst cookie = `${token}!${hash}`;\n\tcontext.request.cookies.set(\n\t\tcontext.cookies.csrfToken.name,\n\t\tcookie,\n\t\tcontext.cookies.csrfToken.options,\n\t);\n\treturn {\n\t\tstatus: 200,\n\t\tbody: {\n\t\t\tcsrfToken: cookie,\n\t\t},\n\t} satisfies InternalResponse;\n};\n\nexport const CSRFCheckPlugin = (): BetterAuthPlugin => {\n\treturn {\n\t\tid: \"csrf\",\n\t\tname: \"CSRF Check\",\n\t\tversion: \"1.0.0\",\n\t\thooks: {\n\t\t\tmatcher: (context) => !context.disableCSRF,\n\t\t\tbefore: async (context) => {\n\t\t\t\tconst csrfToken = context.request.body.csrfToken;\n\t\t\t\tconst csrfCookie = context.request.cookies.get(\n\t\t\t\t\tcontext.cookies.csrfToken.name,\n\t\t\t\t);\n\t\t\t\tconst [token, hash] = csrfCookie?.split(\"!\") || [null, null];\n\t\t\t\tif (\n\t\t\t\t\t!csrfToken ||\n\t\t\t\t\t!csrfCookie ||\n\t\t\t\t\t!token ||\n\t\t\t\t\t!hash ||\n\t\t\t\t\tcsrfCookie !== csrfToken\n\t\t\t\t) {\n\t\t\t\t\tcontext.request.cookies.set(context.cookies.csrfToken.name, \"\", {\n\t\t\t\t\t\t...context.cookies.csrfToken.options,\n\t\t\t\t\t\tmaxAge: 0,\n\t\t\t\t\t});\n\t\t\t\t\treturn {\n\t\t\t\t\t\tresponse: {\n\t\t\t\t\t\t\tstatus: 403,\n\t\t\t\t\t\t\tstatusText: \"Invalid CSRF Token\",\n\t\t\t\t\t\t},\n\t\t\t\t\t};\n\t\t\t\t}\n\t\t\t\tconst expectedHash = await hmac(context.secret, token);\n\n\t\t\t\tif (hash !== expectedHash) {\n\t\t\t\t\tcontext.request.cookies.set(context.cookies.csrfToken.name, \"\", {\n\t\t\t\t\t\t...context.cookies.csrfToken.options,\n\t\t\t\t\t\tmaxAge: 0,\n\t\t\t\t\t});\n\t\t\t\t\treturn {\n\t\t\t\t\t\tresponse: {\n\t\t\t\t\t\t\tstatus: 403,\n\t\t\t\t\t\t\tstatusText: \"Invalid CSRF Token\",\n\t\t\t\t\t\t},\n\t\t\t\t\t};\n\t\t\t\t}\n\t\t\t\treturn null;\n\t\t\t},\n\t\t},\n\t\thandler: csrfHandler,\n\t};\n};\n","import type { BetterAuthOptions } from \"../options\";\nimport type {\n\tContext,\n\tGenericHandler,\n\tHandlerHooks,\n\tInternalResponse,\n} from \"../routes/types\";\nimport { CSRFCheckPlugin } from \"./csrf-check\";\nimport type {\n\tAfterHookHandler,\n\tBeforeHookHandler,\n\tBetterAuthPlugin,\n} from \"./types\";\n\nexport const getPlugins = (options: BetterAuthOptions) => {\n\tconst plugins: {\n\t\tpost: BetterAuthPlugin[];\n\t\tpre: BetterAuthPlugin[];\n\t\tunordered: BetterAuthPlugin[];\n\t} = {\n\t\tpost: [],\n\t\tpre: [],\n\t\tunordered: [],\n\t};\n\tfor (const plugin of options.plugins || []) {\n\t\tplugins[plugin.order || \"unordered\"].push(plugin);\n\t}\n\tconst internalPlugins = [CSRFCheckPlugin()];\n\treturn [\n\t\t...plugins.pre,\n\t\t...plugins.unordered,\n\t\t...internalPlugins,\n\t\t...plugins.post,\n\t];\n};\n\nexport const usePlugins = (context: Context, ignorePlugins?: string[]) => {\n\tconst plugins = context.plugins.filter(\n\t\t(pl) => pl.hooks && !ignorePlugins?.includes(pl.id),\n\t);\n\tconst hooks = plugins.map((plugin) => {\n\t\treturn plugin.hooks as HandlerHooks;\n\t});\n\tconst before: BeforeHookHandler[] = [];\n\tconst after: AfterHookHandler[] = [];\n\tfor (const hook of hooks) {\n\t\tif (hook.matcher(context)) {\n\t\t\thook.before && before.push(hook.before);\n\t\t\thook.after && after.push(hook.after);\n\t\t}\n\t}\n\treturn {\n\t\tbefore: async (context: Context) => {\n\t\t\tlet ctx: Context | undefined = context;\n\t\t\tlet response: InternalResponse | undefined;\n\t\t\tfor (const hook of before) {\n\t\t\t\tconst res = await hook(ctx);\n\t\t\t\tif (res?.context) {\n\t\t\t\t\tctx = res.context;\n\t\t\t\t}\n\t\t\t\tif (res?.response) {\n\t\t\t\t\tresponse = res.response;\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tcontext: ctx,\n\t\t\t\tresponse,\n\t\t\t};\n\t\t},\n\t\tafter: async (context: Context, fnResponse: InternalResponse) => {\n\t\t\tlet ctx: Context | undefined = context;\n\t\t\tlet response: InternalResponse | undefined;\n\t\t\tfor (const hook of after) {\n\t\t\t\tconst res = await hook(ctx, fnResponse);\n\t\t\t\tif (res?.context) {\n\t\t\t\t\tctx = res.context;\n\t\t\t\t}\n\t\t\t\tif (res?.response) {\n\t\t\t\t\tresponse = res.response;\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tcontext: ctx,\n\t\t\t\tresponse,\n\t\t\t};\n\t\t},\n\t};\n};\n\nexport const withPlugins = <T extends GenericHandler<any, any, any>>(\n\tfn: T,\n\t/**\n\t * A list of plugins id to ignore.\n\t */\n\tignorePlugins?: string[],\n) => {\n\treturn async (ctx: Parameters<T>[\"0\"]) => {\n\t\tconst { before, after } = usePlugins(ctx, ignorePlugins);\n\t\tconst { context, response } = await before(ctx);\n\t\tif (response) {\n\t\t\treturn response;\n\t\t}\n\t\tconst res = await fn(context);\n\t\tconst { response: afterResponse } = await after(context, res);\n\t\tif (afterResponse) {\n\t\t\treturn afterResponse;\n\t\t}\n\t\treturn res as ReturnType<T>;\n\t};\n};\n","import { deleteSessionCooke } from \"../cookies\";\nimport { withPlugins } from \"../plugins/utils\";\nimport type { Context, InternalResponse } from \"./types\";\n\nexport type SessionContext = Context;\n\nexport type SessionResponse = Omit<\n\tAwaited<ReturnType<typeof session>> extends infer B\n\t\t? B extends { status: 200; body: infer Body }\n\t\t\t? Body\n\t\t\t: never\n\t\t: never,\n\t\"error\"\n>;\n\nexport const session = async (context: SessionContext) => {\n\tconst session = await getServerSession(context);\n\tif (!session) {\n\t\treturn {\n\t\t\tstatus: 401,\n\t\t\tstatusText: \"Unauthorize\",\n\t\t} satisfies InternalResponse;\n\t}\n\treturn {\n\t\tstatus: 200 as const,\n\t\tbody: session,\n\t} satisfies InternalResponse;\n};\n\nexport const getServerSession = async (context: Context) => {\n\tconst sessionFromCookie = context.request.cookies.get(\n\t\tcontext.cookies.sessionToken.name,\n\t);\n\tif (!sessionFromCookie) {\n\t\treturn null;\n\t}\n\tconst session = await context.adapter.findSession(sessionFromCookie, context);\n\tif (!session || session.expiresAt < new Date()) {\n\t\tsession && (await context.adapter.deleteSession(session.id, context));\n\t\tdeleteSessionCooke(context);\n\t\treturn null;\n\t}\n\tconst user = await context.adapter.findUserById(session.userId, context);\n\tif (!user) {\n\t\treturn null;\n\t}\n\tconst updatedSession = await context.adapter.updateSession(session, context);\n\tcontext.request.cookies.set(context.cookies.sessionToken.name, session.id, {\n\t\t...context.cookies.sessionToken.options,\n\t\tmaxAge: updatedSession.expiresAt.valueOf() - Date.now(),\n\t});\n\tsessionFromCookie;\n\treturn {\n\t\tuser,\n\t\texpiresAt: session.expiresAt,\n\t};\n};\n\nexport const sessionHandler = withPlugins(session);\n","export type BetterAuthErrorResponse = {\n\tmessage: string;\n\tdetails: string;\n\tcode: number;\n};\n\nexport class BetterAuthError extends Error {\n\tconstructor(message: string) {\n\t\tsuper(`${message}`);\n\t\tthis.name = this.constructor.name;\n\t\tObject.setPrototypeOf(this, new.target.prototype);\n\t\tError.captureStackTrace(this, this.constructor);\n\t}\n}\n\nexport class MissingSecret extends BetterAuthError {\n\tconstructor() {\n\t\tsuper(\"Missing Secret: A secret is required in a production environment.\");\n\t}\n}\n\nexport class InvalidURL extends BetterAuthError {\n\tconstructor(message?: string) {\n\t\tsuper(\n\t\t\tmessage ||\n\t\t\t\t\"Please make sure your config includes valid base URL and base PATH.\",\n\t\t);\n\t}\n}\n\nexport class InvalidRequest extends BetterAuthError {\n\tconstructor() {\n\t\tsuper(\"Post requests must include a valid JSON parsable body.\");\n\t}\n}\n\nexport class ProviderMissing extends BetterAuthError {\n\tconstructor(id: string) {\n\t\tsuper(`Provider ${id} is missing on your configuration.`);\n\t}\n}\n\nexport class ProviderError extends BetterAuthError {}\n\nexport class CallbackError extends BetterAuthError {}\n\nexport class BaseURLMissing extends BetterAuthError {\n\tconstructor() {\n\t\tsuper(\n\t\t\t\"base url is required. Please provide a base url in your config or pass it as an environment variable.\",\n\t\t);\n\t}\n}\n","import { ProviderError, ProviderMissing } from \"@better-auth/shared/error\";\nimport { z } from \"zod\";\nimport { parseUser } from \"../adapters/utils\";\nimport { setSessionCookie } from \"../cookies\";\nimport { signInOAuth } from \"../oauth2/signin\";\nimport { withPlugins } from \"../plugins/utils\";\nimport { getProvider } from \"../providers/utils\";\nimport type { Context, InternalResponse } from \"./types\";\n\nexport const bodySchema = z.object({\n\tprovider: z.string(),\n\tdata: z.record(z.string(), z.any()).optional(),\n\tcallbackURL: z.string().optional(),\n\tcurrentURL: z.string(),\n});\n\nexport type SignInContext = Context<z.infer<typeof bodySchema>>;\n\nexport type SignInHooks = {\n\tbefore?: (ctx: SignInContext) => Promise<Context<any>>;\n\tafter?: (ctx: SignInContext) => Promise<InternalResponse<any> | undefined>;\n};\n\nexport const signIn = async (context: SignInContext) => {\n\tconst data = bodySchema.parse(context.request.body);\n\tconst provider = getProvider(context, data.provider);\n\tif (!provider) {\n\t\tthrow new ProviderMissing(data.provider);\n\t}\n\tif (provider.type === \"oauth\" || provider.type === \"oidc\") {\n\t\tconst url = await signInOAuth(context, provider);\n\t\treturn {\n\t\t\tstatus: 200,\n\t\t\tbody: {\n\t\t\t\turl,\n\t\t\t\tredirect: true,\n\t\t\t},\n\t\t};\n\t}\n\tif (provider.type === \"custom\") {\n\t\tif (!provider.signIn) {\n\t\t\tthrow new ProviderError(\"Sign in method not implemented\");\n\t\t}\n\t\tconst response = await provider.signIn(context);\n\t\treturn response;\n\t}\n\tthrow new ProviderError(\"Invalid provider type\");\n};\n\nexport const signInHandler = withPlugins(signIn);\n","import { ProviderError } from \"@better-auth/shared/error\";\nimport { base64url } from \"jose\";\nimport { generateRandomString } from \"../crypto/random\";\nimport { sha256 } from \"../crypto/sha\";\nimport type { OAuthProvider, OIDCProvider } from \"../providers/types\";\nimport type { SignInContext } from \"../routes/signin\";\nimport { discoveryRequest } from \"./utils\";\n\nexport async function signInOAuth(\n\tcontext: SignInContext,\n\tprovider: OAuthProvider | OIDCProvider,\n\t{\n\t\tonlySignUp,\n\t\tautoCreateSession,\n\t}: {\n\t\tautoCreateSession: boolean;\n\t\t/**\n\t\t * If onlySignUp is true, it will only sign up the\n\t\t * user. If the user exists, it will throw an error\n\t\t * on the callback.\n\t\t */\n\t\tonlySignUp: boolean;\n\t} = {\n\t\tautoCreateSession: true,\n\t\tonlySignUp: false,\n\t},\n) {\n\tif (!provider.params.clientId) {\n\t\tthrow new ProviderError(\"clientId is required\");\n\t}\n\tconst scopes = Array.from(new Set(provider?.scopes ?? []));\n\tconst { currentURL, callbackURL, data } = context.request.body;\n\tconst state = generateState(\n\t\tcurrentURL,\n\t\tcallbackURL,\n\t\tdata,\n\t\tautoCreateSession,\n\t\tonlySignUp,\n\t);\n\tlet url = provider.params.authorizationEndpoint;\n\tif (!url) {\n\t\tconst discovery = await discoveryRequest(context, provider);\n\t\tif (!discovery.authorization_endpoint)\n\t\t\tthrow new ProviderError(\"Missing authorization endpoint\");\n\t\turl = discovery.authorization_endpoint as string;\n\t}\n\tconst authorizationUrl = new URL(url);\n\tauthorizationUrl.searchParams.set(\"response_type\", \"code\");\n\tauthorizationUrl.searchParams.set(\"client_id\", provider.params.clientId);\n\tauthorizationUrl.searchParams.set(\"state\", state);\n\tauthorizationUrl.searchParams.set(\"scope\", scopes.join(\" \"));\n\tauthorizationUrl.searchParams.set(\n\t\t\"redirect_uri\",\n\t\tprovider.params.redirectURL ||\n\t\t\t`${context.request.url.toString()}/callback/${\n\t\t\t\tcontext.request.body.provider\n\t\t\t}`,\n\t);\n\n\tif (provider.type === \"oidc\") {\n\t\t/**\n\t\t * If the provider is an OIDC provider, we need to add the nonce parameter\n\t\t * to the authorization URL. The nonce parameter is a string value used to\n\t\t * associate a client session with an ID Token, and to mitigate replay attacks.\n\t\t */\n\t\tif (provider.nonce) {\n\t\t\tconst nonce = generateRandomString(24);\n\t\t\tauthorizationUrl.searchParams.set(\"nonce\", nonce);\n\t\t\tcontext.request.cookies.set(\n\t\t\t\tcontext.cookies.nonce.name,\n\t\t\t\tnonce,\n\t\t\t\tcontext.cookies.nonce.options,\n\t\t\t);\n\t\t}\n\t}\n\tprovider.params.responseMode &&\n\t\tauthorizationUrl.searchParams.set(\n\t\t\t\"response_mode\",\n\t\t\tprovider.params.responseMode,\n\t\t);\n\n\tif (provider.params.extra) {\n\t\tconst extra = Object.entries(provider.params.extra);\n\t\tfor (const [key, value] of extra) {\n\t\t\tauthorizationUrl.searchParams.set(key, value);\n\t\t}\n\t}\n\tconst codeVerifier = provider.pkCodeVerifier\n\t\t? generateCodeVerifier()\n\t\t: undefined;\n\tif (provider.pkCodeVerifier && codeVerifier) {\n\t\tconst codeChallengeMethod = provider?.codeChallengeMethod ?? \"S256\";\n\t\tif (codeChallengeMethod === \"S256\") {\n\t\t\tconst codeChallengeBuffer = await sha256(\n\t\t\t\tnew TextEncoder().encode(codeVerifier),\n\t\t\t);\n\t\t\tconst codeChallenge = base64url.encode(\n\t\t\t\tnew Uint8Array(codeChallengeBuffer),\n\t\t\t);\n\t\t\tauthorizationUrl.searchParams.set(\"code_challenge\", codeChallenge);\n\t\t\tauthorizationUrl.searchParams.set(\"code_challenge_method\", \"S256\");\n\t\t} else {\n\t\t\tauthorizationUrl.searchParams.set(\"code_challenge\", codeVerifier);\n\t\t\tauthorizationUrl.searchParams.set(\"code_challenge_method\", \"plain\");\n\t\t}\n\t}\n\tcontext.request.cookies.set(\n\t\tcontext.cookies.state.name,\n\t\tstate,\n\t\tcontext.cookies.state.options,\n\t);\n\tif (codeVerifier) {\n\t\tcontext.request.cookies.set(\n\t\t\tcontext.cookies.pkCodeVerifier.name,\n\t\t\tcodeVerifier,\n\t\t\tcontext.cookies.pkCodeVerifier.options,\n\t\t);\n\t}\n\treturn authorizationUrl.toString();\n}\n\nexport function generateCodeVerifier(): string {\n\tconst randomValues = new Uint8Array(32);\n\tcrypto.getRandomValues(randomValues);\n\treturn base64url.encode(randomValues);\n}\n\n/**\n * The callbackURL is the URL that the provider will\n * redirect to after the user. If not provided, it will\n * redirect to the current URL. If any error occurs, if error\n * page isn't specified on the config, it will redirect to\n * the current URL with the error query parameter.\n */\nexport function generateState(\n\tcurrentURL: string,\n\tcallbackURL?: string,\n\tsignUp?: Record<string, any>,\n\tautoCreateSession?: boolean,\n\tonlySignUp?: boolean,\n): string {\n\tlet state = generateRandomString(24);\n\tstate += `!${currentURL}`;\n\tstate += `!${callbackURL || currentURL}`;\n\tstate += `!${JSON.stringify({\n\t\tdata: signUp,\n\t\tautoCreateSession,\n\t\tonlySignUp,\n\t})}`;\n\treturn state;\n}\n\nexport function getState(state: string): {\n\thash: string;\n\tcurrentURL: string;\n\tcallbackURL: string;\n\tsignUp: {\n\t\tdata: Record<string, any>;\n\t\tautoCreateSession: boolean | undefined;\n\t\tonlySignUp: boolean | undefined;\n\t};\n} {\n\tconst [hash, currentURL, callbackURL, signUpString] = state.split(\"!\");\n\tif (!hash || !currentURL || !callbackURL) {\n\t\tthrow new ProviderError(\"Invalid state\");\n\t}\n\tconst signUp = signUpString ? JSON.parse(signUpString) : undefined;\n\treturn {\n\t\thash,\n\t\tcurrentURL,\n\t\tcallbackURL,\n\t\tsignUp: {\n\t\t\tdata: signUp?.data,\n\t\t\tautoCreateSession: signUp?.autoCreateSession,\n\t\t\tonlySignUp: signUp?.onlySignUp,\n\t\t},\n\t};\n}\n","export async function sha256(data: ArrayBuffer): Promise<ArrayBuffer> {\n\treturn await crypto.subtle.digest(\"SHA-256\", data);\n}\n","import type { OAuthProvider, OIDCProvider } from \"../providers\";\nimport type { CallbackContext } from \"../routes/callback\";\nimport type { SignInContext } from \"../routes/signin\";\n\nexport async function discoveryRequest(\n\tcontext: SignInContext | CallbackContext,\n\tprovider: OAuthProvider | OIDCProvider,\n): Promise<{\n\tauthorization_endpoint?: string;\n\ttoken_endpoint?: string;\n\tuserinfo_endpoint?: string;\n}> {\n\tconst issuerIdentifier = new URL(provider.issuer as string);\n\tif (!(issuerIdentifier instanceof URL)) {\n\t\tthrow new TypeError('\"issuerIdentifier\" must be an instance of URL');\n\t}\n\tif (\n\t\tissuerIdentifier.protocol !== \"https:\" &&\n\t\tissuerIdentifier.protocol !== \"http:\"\n\t) {\n\t\tthrow new TypeError('\"issuer.protocol\" must be \"https:\" or \"http:\"');\n\t}\n\n\tconst url = new URL(issuerIdentifier.href);\n\n\tswitch (provider.type) {\n\t\tcase undefined:\n\t\tcase \"oidc\":\n\t\t\turl.pathname = `${url.pathname}/.well-known/openid-configuration`.replace(\n\t\t\t\t\"//\",\n\t\t\t\t\"/\",\n\t\t\t);\n\t\t\tbreak;\n\t\tcase \"oauth\":\n\t\t\tif (url.pathname === \"/\") {\n\t\t\t\turl.pathname = \".well-known/oauth-authorization-server\";\n\t\t\t} else {\n\t\t\t\turl.pathname =\n\t\t\t\t\t`.well-known/oauth-authorization-server/${url.pathname}`.replace(\n\t\t\t\t\t\t\"//\",\n\t\t\t\t\t\t\"/\",\n\t\t\t\t\t);\n\t\t\t}\n\t\t\tbreak;\n\t\tdefault:\n\t\t\tthrow new TypeError(`\"provider.type\" must be \"oidc\" or \"oauth\"`);\n\t}\n\n\tconst headers = new Headers(context.request.headers);\n\theaders.set(\"accept\", \"application/json\");\n\n\treturn fetch(url.href, {\n\t\theaders: Object.fromEntries(headers.entries()),\n\t\tmethod: \"GET\",\n\t\tredirect: \"manual\",\n\t}).then((res) => {\n\t\tif (!res.ok) {\n\t\t\tthrow new Error(`HTTP error! status: ${res.status}`);\n\t\t}\n\t\treturn res.json();\n\t});\n}\n","import type { Context } from \"../routes/types\";\nimport type { Provider } from \"./types\";\n\nexport const getProvider = (\n\tcontext: Context,\n\tproviderId: string,\n): Provider | undefined => {\n\tconst providers = context.providers;\n\tconst provider = providers.find((provider) => provider.id === providerId);\n\treturn provider;\n};\n","import { deleteSessionCooke } from \"../cookies\";\nimport { withPlugins } from \"../plugins/utils\";\nimport type { Context } from \"./types\";\n\nexport type SignOutContext = Context;\n\nexport const signOut = async (context: SignOutContext) => {\n\tconst session = context.request.cookies.get(\n\t\tcontext.cookies.sessionToken.name,\n\t);\n\tdeleteSessionCooke(context);\n\tif (session) {\n\t\ttry {\n\t\t\tawait context.adapter.deleteSession(session, context);\n\t\t} catch (e) {}\n\t}\n\treturn {\n\t\tstatus: 200,\n\t};\n};\n\nexport const signOutHandler = withPlugins(signOut);\n","import { type HandlerOptions, toContext, toResponse } from \"..\";\nimport type { BetterAuthOptions } from \"../options\";\nimport { getServerSession } from \"../routes/session\";\nimport { signInHandler } from \"../routes/signin\";\nimport { signOutHandler } from \"../routes/signout\";\nimport type { InferProviderSignin, InferSession } from \"./types\";\n\nconst wait = (ms: number) => new Promise((resolve) => setTimeout(resolve, ms));\n\nexport function getActions<O extends BetterAuthOptions>(\n\toptions: O,\n\thandlerOptions?: HandlerOptions,\n) {\n\tconst actions = {\n\t\t/**\n\t\t * Sign in with a provider. This action will return response object. If\n\t\t * it's oauth, it will redirect to the provider. If it's custom, it\n\t\t * will return the response object and it'll set the cookies.\n\t\t *\n\t\t * ► In most cases you should just be using\n\t\t * client sdk  for sign in instead unless you\n\t\t * have a good reason to use this.\n\t\t */\n\t\tsignIn: async <\n\t\t\tT extends InferProviderSignin<O[\"providers\"]>,\n\t\t\tK extends keyof T,\n\t\t>(\n\t\t\trequest: Request | Headers,\n\t\t\tinput: {\n\t\t\t\tprovider: K;\n\t\t\t\tdata?: T[K][\"input\"];\n\t\t\t},\n\t\t) => {\n\t\t\tconst url =\n\t\t\t\trequest instanceof Headers\n\t\t\t\t\t? (request.get(\"referer\") as string)\n\t\t\t\t\t: request.url;\n\t\t\tconst req = new Request(url, {\n\t\t\t\tbody: JSON.stringify(input),\n\t\t\t\tmethod: \"POST\",\n\t\t\t});\n\t\t\tconst context = await toContext(options, req);\n\t\t\tcontext.disableCSRF = true;\n\t\t\tcontext.request.body = {\n\t\t\t\tcurrentURL: url,\n\t\t\t\tprovider: input.provider,\n\t\t\t};\n\t\t\tconst response = await signInHandler(context);\n\t\t\tif (response.body.redirect) {\n\t\t\t\treturn toResponse(\n\t\t\t\t\t{\n\t\t\t\t\t\tstatus: 302,\n\t\t\t\t\t\theaders: {\n\t\t\t\t\t\t\tLocation: response.body.url,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tcontext,\n\t\t\t\t) as Response;\n\t\t\t}\n\t\t\treturn toResponse(response, context, handlerOptions) as Response;\n\t\t},\n\t\t/**\n\t\t * Get the current logged in user session.\n\t\t */\n\t\tgetSession: async (request: Request | Headers) => {\n\t\t\t/**\n\t\t\t * If the request is a Headers object, we'll get the referer or origin from the headers.\n\t\t\t * If we fail to get the referer or origin, we'll default to \"http://localhost\".\n\t\t\t */\n\t\t\tconst url =\n\t\t\t\trequest instanceof Headers\n\t\t\t\t\t? (request.get(\"referer\") as string) ||\n\t\t\t\t\t\t(request.get(\"x-forwarded-host\") as string) ||\n\t\t\t\t\t\t\"http://localhost\"\n\t\t\t\t\t: request.url;\n\t\t\tconst req =\n\t\t\t\trequest instanceof Request\n\t\t\t\t\t? request\n\t\t\t\t\t: new Request(url, {\n\t\t\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\t\t\tbody: JSON.stringify({}),\n\t\t\t\t\t\t\theaders: request,\n\t\t\t\t\t\t});\n\t\t\tconst context = await toContext(options, req);\n\t\t\tcontext.disableCSRF = true;\n\t\t\tconst response = await getServerSession(context);\n\t\t\treturn response as InferSession<O>;\n\t\t},\n\t\t/**\n\t\t * Signout the current user.\n\t\t * Delete the session and clear the cookies.\n\t\t */\n\t\tsignOut: async (request: Request | Headers): Promise<Response> => {\n\t\t\tconst url =\n\t\t\t\trequest instanceof Headers\n\t\t\t\t\t? (request.get(\"referer\") as string)\n\t\t\t\t\t: request.url;\n\t\t\tconst req =\n\t\t\t\trequest instanceof Request\n\t\t\t\t\t? request\n\t\t\t\t\t: new Request(url, {\n\t\t\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\t\t\tbody: JSON.stringify({}),\n\t\t\t\t\t\t\theaders: request,\n\t\t\t\t\t\t});\n\t\t\tconst context = await toContext(options, req);\n\t\t\tcontext.disableCSRF = true;\n\t\t\tconst response = await signOutHandler(context);\n\t\t\treturn toResponse(response, context, handlerOptions);\n\t\t},\n\t};\n\treturn actions;\n}\n\nexport * from \"./types\";\n","type TimeSpan<\n\tT extends number = number,\n\tP extends string = \"w\" | \"d\" | \"hr\" | \"m\" | \"s\",\n> = `${T}${P}`;\n\nexport const timeSpan = (span: TimeSpan) => {\n\tconst [time, unit] = span;\n\tconst timeInMs = Number.parseInt(time as string) * 1000;\n\tswitch (unit) {\n\t\tcase \"s\":\n\t\t\treturn timeInMs;\n\t\tcase \"m\":\n\t\t\treturn timeInMs * 60;\n\t\tcase \"hr\":\n\t\t\treturn timeInMs * 60 * 60;\n\t\tcase \"d\":\n\t\t\treturn timeInMs * 60 * 60 * 24;\n\t\tcase \"w\":\n\t\t\treturn timeInMs * 60 * 60 * 24 * 7;\n\t\tdefault:\n\t\t\treturn 0;\n\t}\n};\n\nexport const getDate = (span: TimeSpan | number) => {\n\tconst sec = typeof span === \"number\" ? span : timeSpan(span);\n\tconst date = new Date();\n\treturn new Date(date.getTime() + sec);\n};\n","import { generateRandomString } from \"../crypto/random\";\nimport type { Context } from \"../routes/types\";\nimport { getDate } from \"../utils/time\";\nimport type { Account, Adapter, Session, User } from \"./types\";\n\nexport const createInternalAdapter = (db: Adapter) => {\n\treturn {\n\t\tcreateSession: async (userId: string, context: Context) => {\n\t\t\tif (context.sessionAdapter) {\n\t\t\t\treturn context.sessionAdapter.create({\n\t\t\t\t\tuserId,\n\t\t\t\t\texpiresAt: new Date(Date.now() + context.session.expiresIn),\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst session = await db.create<Session>({\n\t\t\t\tmodel: context.session.modelName,\n\t\t\t\tdata: {\n\t\t\t\t\tid: generateRandomString(32),\n\t\t\t\t\tuserId,\n\t\t\t\t\texpiresAt:\n\t\t\t\t\t\tdb.config?.dateFormat === \"number\"\n\t\t\t\t\t\t\t? Date.now() + context.session.expiresIn\n\t\t\t\t\t\t\t: new Date(Date.now() + context.session.expiresIn),\n\t\t\t\t},\n\t\t\t\tselect: context.session.selectFields,\n\t\t\t});\n\t\t\treturn session;\n\t\t},\n\t\tupdateSession: async (session: Session, context: Context) => {\n\t\t\tconst updateDate =\n\t\t\t\tcontext.session.updateAge === 0\n\t\t\t\t\t? 0\n\t\t\t\t\t: getDate(context.session.updateAge).valueOf();\n\t\t\tconst maxAge = getDate(context.session.expiresIn);\n\t\t\tconst shouldBeUpdated =\n\t\t\t\tsession.expiresAt.valueOf() - maxAge.valueOf() + updateDate <=\n\t\t\t\tDate.now();\n\t\t\tif (shouldBeUpdated) {\n\t\t\t\tif (context.sessionAdapter) {\n\t\t\t\t\treturn context.sessionAdapter.update({\n\t\t\t\t\t\tid: session.id,\n\t\t\t\t\t\tuserId: session.userId,\n\t\t\t\t\t\texpiresAt: new Date(Date.now() + context.session.expiresIn),\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t\tconst updatedSession = await db.update<Session>({\n\t\t\t\t\tmodel: context.session.modelName,\n\t\t\t\t\twhere: [\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t\t\tvalue: session.id,\n\t\t\t\t\t\t},\n\t\t\t\t\t],\n\t\t\t\t\tupdate: {\n\t\t\t\t\t\texpiresAt:\n\t\t\t\t\t\t\tdb.config?.dateFormat === \"number\"\n\t\t\t\t\t\t\t\t? Date.now() + context.session.expiresIn\n\t\t\t\t\t\t\t\t: new Date(Date.now() + context.session.expiresIn),\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t\treturn updatedSession;\n\t\t\t}\n\t\t\treturn session;\n\t\t},\n\t\tdeleteSession: async (id: string, context: Context) => {\n\t\t\tconst session = await db.delete<Session>({\n\t\t\t\tmodel: context.session.modelName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t\tvalue: id,\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t});\n\t\t\treturn session;\n\t\t},\n\t\tcreateUser: async (\n\t\t\tdata: {\n\t\t\t\tuser: Record<string, any>;\n\t\t\t\taccount: {\n\t\t\t\t\tproviderId: string;\n\t\t\t\t\taccountId: string;\n\t\t\t\t\t[key: string]: any;\n\t\t\t\t};\n\t\t\t},\n\t\t\tcontext: Context,\n\t\t) => {\n\t\t\tconst user = await db.create<User>({\n\t\t\t\tmodel: context.user.modelName,\n\t\t\t\tdata: {\n\t\t\t\t\tid: generateRandomString(32),\n\t\t\t\t\t...data.user,\n\t\t\t\t},\n\t\t\t\tselect: context.user.selectFields,\n\t\t\t});\n\t\t\tconst account = await db.create<Account>({\n\t\t\t\tmodel: context.account.modelName,\n\t\t\t\tdata: {\n\t\t\t\t\t...data.account,\n\t\t\t\t\tuserId: user.id,\n\t\t\t\t\tproviderId: data.account.providerId.toString(),\n\t\t\t\t\taccountId: data.account.accountId.toString(),\n\t\t\t\t},\n\t\t\t});\n\t\t\treturn { user, account };\n\t\t},\n\t\tupdateUserByEmail: async (\n\t\t\temail: string,\n\t\t\tdata: Record<string, any>,\n\t\t\tcontext: Context,\n\t\t) => {\n\t\t\tconst user = await db.update<User>({\n\t\t\t\tmodel: context.user.modelName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tfield: \"email\",\n\t\t\t\t\t\tvalue: email,\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tupdate: data,\n\t\t\t});\n\t\t\treturn user;\n\t\t},\n\t\tfindUserByEmail: async (email: string, context: Context) => {\n\t\t\tconst user = await db.findOne<User | null>({\n\t\t\t\tmodel: context.user.modelName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tfield: \"email\",\n\t\t\t\t\t\tvalue: email,\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tselect: context.user.selectFields,\n\t\t\t});\n\t\t\treturn user;\n\t\t},\n\t\tfindSession: async (id: string, context: Context) => {\n\t\t\tif (context.sessionAdapter) {\n\t\t\t\treturn context.sessionAdapter.findOne({\n\t\t\t\t\tuserId: id,\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst session = await db.findOne<Session | null>({\n\t\t\t\tmodel: context.session.modelName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t\tvalue: id,\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tselect: context.session.selectFields,\n\t\t\t});\n\t\t\treturn session;\n\t\t},\n\t\tfindUserById: async (id: string, context: Context) => {\n\t\t\tconst user = await db.findOne<User | null>({\n\t\t\t\tmodel: context.user.modelName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t\tvalue: id,\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tselect: context.user.selectFields,\n\t\t\t});\n\t\t\treturn user;\n\t\t},\n\t\tfindAccount: async (\n\t\t\tinput: { providerId: string; accountId: string },\n\t\t\tcontext: Context,\n\t\t) => {\n\t\t\tconst account = await db.findOne<Account | null>({\n\t\t\t\tmodel: context.account.modelName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tfield: \"providerId\",\n\t\t\t\t\t\tvalue: input.providerId.toString(),\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tfield: \"accountId\",\n\t\t\t\t\t\tvalue: input.accountId.toString(),\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tselect: context.account.selectFields,\n\t\t\t});\n\t\t\treturn account;\n\t\t},\n\t\tlinkAccount: async (\n\t\t\tinput: {\n\t\t\t\tuserId: string;\n\t\t\t\tproviderId: string;\n\t\t\t\taccountId: string;\n\t\t\t},\n\t\t\tcontext: Context,\n\t\t) => {\n\t\t\tconst { userId, providerId, accountId } = input;\n\t\t\tconst account = await db.create<Account>({\n\t\t\t\tmodel: context.account.modelName,\n\t\t\t\tdata: {\n\t\t\t\t\tuserId,\n\t\t\t\t\tproviderId: providerId.toString(),\n\t\t\t\t\taccountId: accountId.toString(),\n\t\t\t\t},\n\t\t\t});\n\t\t\treturn account;\n\t\t},\n\t};\n};\n\nexport type InternalAdapter = ReturnType<typeof createInternalAdapter>;\n","import { z } from \"zod\";\nimport type { Context } from \"../routes/types\";\nimport type { FieldAttributes, InternalFieldAttributes } from \"./types\";\n\nexport function toInternalFields(fields: Record<string, any>) {\n\tconst internalFields: Record<string, InternalFieldAttributes> = {};\n\tfor (const field in fields) {\n\t\tconst { type, required, returned, hashValue, transform } = fields[\n\t\t\tfield\n\t\t] as FieldAttributes;\n\t\tinternalFields[field] = {\n\t\t\trequired: required ?? false,\n\t\t\treturned: returned ?? true,\n\t\t\thashValue: hashValue ?? false,\n\t\t\tvalidator: z[type]().transform(transform || ((x) => x)),\n\t\t};\n\t}\n\treturn internalFields;\n}\n\nexport function getSelectFields(\n\tfields: {\n\t\t[key: string]: FieldAttributes;\n\t},\n\ttable: \"session\" | \"user\" | \"account\",\n) {\n\tconst select = Object.keys(fields).filter((column) => {\n\t\treturn fields[column]?.returned !== false;\n\t});\n\tconst defaultSelect = {\n\t\tsession: [\"id\", \"userId\", \"expiresAt\"],\n\t\tuser: [\"id\", \"email\", \"emailVerified\"],\n\t\taccount: [\"providerId\", \"accountId\", \"userId\"],\n\t};\n\treturn [...defaultSelect[table], ...select];\n}\n\nexport const parseUser = (data: Record<string, any>, context: Context) => {\n\tconst user = Object.keys(data)\n\t\t.map((key) => {\n\t\t\tconst parsed = context.user.fields[key]?.validator.safeParse(data?.[key]);\n\t\t\treturn { key, value: parsed?.success ? parsed.data : data?.[key] };\n\t\t})\n\t\t.reduce(\n\t\t\t(acc, { key, value }) => {\n\t\t\t\tacc[key] = value;\n\t\t\t\treturn acc;\n\t\t\t},\n\t\t\t{} as Record<string, any>,\n\t\t);\n\treturn user;\n};\n","import type { BetterAuthOptions } from \"../options\";\nimport { timeSpan } from \"../utils/time\";\nimport type { CookieSerializeOptions } from \"./types\";\n\nexport function getCookies(options: BetterAuthOptions) {\n\tconst secure = !!options.advanced?.useSecureCookies;\n\tconst secureCookiePrefix = secure ? \"__Secure-\" : \"\";\n\tconst cookiePrefix = \"better-auth\";\n\treturn {\n\t\tsessionToken: {\n\t\t\tname: `${secureCookiePrefix}${cookiePrefix}.session_token`,\n\t\t\toptions: {\n\t\t\t\thttpOnly: true,\n\t\t\t\tsameSite: \"lax\",\n\t\t\t\tpath: \"/\",\n\t\t\t\tsecure,\n\t\t\t\tmaxAge: options.session?.expiresIn || timeSpan(\"7d\"),\n\t\t\t\t...options.advanced?.sessionCookie,\n\t\t\t} satisfies CookieSerializeOptions,\n\t\t},\n\t\tcsrfToken: {\n\t\t\tname: `${secureCookiePrefix}${cookiePrefix}.csrf_token`,\n\t\t\toptions: {\n\t\t\t\thttpOnly: true,\n\t\t\t\tsameSite: \"lax\",\n\t\t\t\tpath: \"/\",\n\t\t\t\tsecure,\n\t\t\t} satisfies CookieSerializeOptions,\n\t\t},\n\t\tstate: {\n\t\t\tname: `${secureCookiePrefix}${cookiePrefix}.state`,\n\t\t\toptions: {\n\t\t\t\thttpOnly: true,\n\t\t\t\tsameSite: \"lax\",\n\t\t\t\tpath: \"/\",\n\t\t\t\tsecure,\n\t\t\t\tmaxAge: 60 * 15, // 15 minutes in seconds\n\t\t\t} satisfies CookieSerializeOptions,\n\t\t},\n\t\tpkCodeVerifier: {\n\t\t\tname: `${secureCookiePrefix}${cookiePrefix}.pk_code_verifier`,\n\t\t\toptions: {\n\t\t\t\thttpOnly: true,\n\t\t\t\tsameSite: \"lax\",\n\t\t\t\tpath: \"/\",\n\t\t\t\tsecure,\n\t\t\t\tmaxAge: 60 * 15, // 15 minutes in seconds\n\t\t\t} as CookieSerializeOptions,\n\t\t},\n\t\tnonce: {\n\t\t\tname: `${secureCookiePrefix}${cookiePrefix}.nonce`,\n\t\t\toptions: {\n\t\t\t\thttpOnly: true,\n\t\t\t\tsameSite: \"lax\",\n\t\t\t\tpath: \"/\",\n\t\t\t\tsecure,\n\t\t\t\tmaxAge: 60 * 15, // 15 minutes in seconds\n\t\t\t} as CookieSerializeOptions,\n\t\t},\n\t};\n}\n\nexport type BetterAuthCookies = ReturnType<typeof getCookies>;\n","import { ProviderError } from \"@better-auth/shared/error\";\nimport { z } from \"zod\";\nimport type { User } from \"../adapters/types\";\nimport { parseUser } from \"../adapters/utils\";\nimport { setSessionCookie } from \"../cookies\";\nimport { getState } from \"../oauth2/signin\";\nimport { getTokens } from \"../oauth2/tokens\";\nimport { withPlugins } from \"../plugins/utils\";\nimport { getProvider } from \"../providers/utils\";\nimport type { Context, InternalResponse } from \"./types\";\n\nconst callbackQuerySchema = z.object({\n\tcode: z.string(),\n\tstate: z.string(),\n\tprovider: z.string(),\n});\n\nexport type CallbackContext = Context<{}, z.infer<typeof callbackQuerySchema>>;\nexport const callback = async (context: CallbackContext) => {\n\tconst parsedQuery = callbackQuerySchema.safeParse(context.request.query);\n\tif (!parsedQuery.success) {\n\t\tconst error = context.request.url.searchParams.get(\"error\");\n\t\tconst errorDesc = context.request.url.searchParams.get(\"error_description\");\n\t\tconst state = context.request.url.searchParams.get(\"state\");\n\t\tif (!state) {\n\t\t\tthrow new ProviderError(\n\t\t\t\t`state is not returned from ${context.request.url.searchParams.get(\n\t\t\t\t\t\"provider\",\n\t\t\t\t)}`,\n\t\t\t);\n\t\t}\n\t\tconst { currentURL } = getState(state);\n\t\treturn {\n\t\t\tstatus: 302,\n\t\t\theaders: {\n\t\t\t\tLocation: `${currentURL}?error=${error}&error_description=${errorDesc}`,\n\t\t\t},\n\t\t} satisfies InternalResponse;\n\t}\n\n\tconst provider = getProvider(context, parsedQuery.data.provider);\n\tif (provider?.type === \"oauth\" || provider?.type === \"oidc\") {\n\t\tconst storedState = context.request.cookies.get(context.cookies.state.name);\n\t\tconst state = parsedQuery.data.state;\n\t\tconst { currentURL } = getState(state);\n\t\tif (storedState !== state) {\n\t\t\treturn {\n\t\t\t\tstatus: 302,\n\t\t\t\theaders: {\n\t\t\t\t\tLocation: `${currentURL}?error=invalid_state`,\n\t\t\t\t},\n\t\t\t} satisfies InternalResponse;\n\t\t}\n\t\tconst tokens = await getTokens(context, provider);\n\t\tif (tokens.error) {\n\t\t\treturn {\n\t\t\t\tstatus: 302,\n\t\t\t\theaders: {\n\t\t\t\t\tLocation: `${currentURL}?error=${tokens.error}`,\n\t\t\t\t},\n\t\t\t} satisfies InternalResponse;\n\t\t}\n\t\tif (provider.type === \"oauth\" || provider.type === \"oidc\") {\n\t\t\tconst profile = await provider.getUserInfo(tokens as any);\n\n\t\t\tconst {\n\t\t\t\tcallbackURL,\n\t\t\t\tcurrentURL,\n\t\t\t\tsignUp: { data, autoCreateSession, onlySignUp },\n\t\t\t} = getState(state);\n\t\t\tlet userAccount = await context.adapter.findAccount(\n\t\t\t\t{\n\t\t\t\t\tproviderId: provider.id,\n\t\t\t\t\taccountId: profile.id,\n\t\t\t\t},\n\t\t\t\tcontext,\n\t\t\t);\n\n\t\t\t/**\n\t\t\t * If the provider is oidc we should check the nonce\n\t\t\t */\n\t\t\tif (provider.type === \"oidc\") {\n\t\t\t\tif (profile.nonce) {\n\t\t\t\t\tconst nonce = context.request.cookies.get(context.cookies.nonce.name);\n\t\t\t\t\tif (profile.nonce !== nonce) {\n\t\t\t\t\t\treturn {\n\t\t\t\t\t\t\tstatus: 302,\n\t\t\t\t\t\t\theaders: {\n\t\t\t\t\t\t\t\tLocation: `${currentURL}?error=invalid_nonce`,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t} satisfies InternalResponse;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\t/**\n\t\t\t * If the request is only to signup a new user we should return error if the user exist\n\t\t\t */\n\t\t\tif (onlySignUp && userAccount) {\n\t\t\t\treturn {\n\t\t\t\t\tstatus: 302,\n\t\t\t\t\theaders: {\n\t\t\t\t\t\tLocation: `${currentURL}?error=user_already_exist`,\n\t\t\t\t\t},\n\t\t\t\t} satisfies InternalResponse;\n\t\t\t}\n\t\t\tlet userData: Record<string, any> | null = null;\n\t\t\tif (!userAccount) {\n\t\t\t\t/**\n\t\t\t\t * If account linking is on we first try to link the user\n\t\t\t\t */\n\t\t\t\tif (provider.params.linkAccounts) {\n\t\t\t\t\tconst shouldLink = provider.params.linkAccounts.enabler\n\t\t\t\t\t\t? await provider.params.linkAccounts.enabler(profile)\n\t\t\t\t\t\t: true;\n\t\t\t\t\tif (shouldLink) {\n\t\t\t\t\t\tconst { field, key } = provider.params.linkAccounts;\n\t\t\t\t\t\tconst user = await context._db.findOne<User>({\n\t\t\t\t\t\t\tmodel: context.user.modelName,\n\t\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\t\tfield,\n\t\t\t\t\t\t\t\t\tvalue: profile[key as keyof typeof profile],\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t],\n\t\t\t\t\t\t});\n\t\t\t\t\t\tif (user) {\n\t\t\t\t\t\t\tuserAccount = await context.adapter.linkAccount(\n\t\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\t\tuserId: user.id,\n\t\t\t\t\t\t\t\t\tproviderId: provider.id,\n\t\t\t\t\t\t\t\t\taccountId: profile.id,\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tcontext,\n\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\tuserData = user;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\t/**\n\t\t\t\t * If the request is only to signin we should return error\n\t\t\t\t */\n\t\t\t\tif (!userData && !data) {\n\t\t\t\t\treturn {\n\t\t\t\t\t\tstatus: 302,\n\t\t\t\t\t\theaders: {\n\t\t\t\t\t\t\tLocation: `${callbackURL}?error=user_not_found`,\n\t\t\t\t\t\t},\n\t\t\t\t\t} satisfies InternalResponse;\n\t\t\t\t}\n\n\t\t\t\t/**\n\t\t\t\t * If the user wasn't linked we'll create a new user with the signup data\n\t\t\t\t */\n\t\t\t\tif (!userData) {\n\t\t\t\t\tlet signUpData: Record<string, any> = {};\n\t\t\t\t\tfor (const key in data) {\n\t\t\t\t\t\tif (typeof data[key] === \"string\") {\n\t\t\t\t\t\t\tconst constructedKey = (data[key] as string).split(\".\");\n\t\t\t\t\t\t\tlet value: any = profile;\n\t\t\t\t\t\t\tfor (const k of constructedKey) {\n\t\t\t\t\t\t\t\tvalue = value[k as keyof typeof value];\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\tsignUpData[key] = value;\n\t\t\t\t\t\t} else if (\"value\" in data[key]) {\n\t\t\t\t\t\t\tsignUpData[key] = data[key].value;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\t/**\n\t\t\t\t\t * Parse the user data\n\t\t\t\t\t */\n\t\t\t\t\tsignUpData = parseUser(signUpData, context);\n\n\t\t\t\t\tconst accountData: {\n\t\t\t\t\t\tproviderId: string;\n\t\t\t\t\t\taccountId: string;\n\t\t\t\t\t\t[key: string]: any;\n\t\t\t\t\t} = {\n\t\t\t\t\t\tproviderId: provider.id,\n\t\t\t\t\t\taccountId: profile.id,\n\t\t\t\t\t};\n\n\t\t\t\t\tfor (const key in context.account.additionalFields) {\n\t\t\t\t\t\taccountData[key] =\n\t\t\t\t\t\t\ttokens[\n\t\t\t\t\t\t\t\tcontext.account.additionalFields[key] as keyof typeof tokens\n\t\t\t\t\t\t\t];\n\t\t\t\t\t}\n\n\t\t\t\t\ttry {\n\t\t\t\t\t\tconst { user, account } = await context.adapter.createUser(\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\tuser: signUpData,\n\t\t\t\t\t\t\t\taccount: accountData,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tcontext,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tuserAccount = account;\n\t\t\t\t\t\tuserData = user;\n\t\t\t\t\t} catch (e) {\n\t\t\t\t\t\treturn {\n\t\t\t\t\t\t\tstatus: 302,\n\t\t\t\t\t\t\theaders: {\n\t\t\t\t\t\t\t\tLocation: `${currentURL}?error=user_already_exist`,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t};\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (!userData) {\n\t\t\t\tuserData = await context.adapter.findUserById(\n\t\t\t\t\tuserAccount?.userId as string,\n\t\t\t\t\tcontext,\n\t\t\t\t);\n\t\t\t}\n\t\t\t/**\n\t\t\t * This is to handler if the user specified not creating sessions on signup\n\t\t\t */\n\t\t\tif (autoCreateSession) {\n\t\t\t\tconst session = await context.adapter.createSession(\n\t\t\t\t\tuserData?.id as string,\n\t\t\t\t\tcontext,\n\t\t\t\t);\n\t\t\t\tsetSessionCookie(context, session.id);\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tstatus: 302,\n\t\t\t\theaders: {\n\t\t\t\t\tLocation: callbackURL,\n\t\t\t\t},\n\t\t\t} satisfies InternalResponse;\n\t\t}\n\t\treturn {\n\t\t\tstatus: 200,\n\t\t} satisfies InternalResponse;\n\t}\n\tthrow new ProviderError(\"Invalid provider type\");\n};\n\nexport const callbackHandler = withPlugins(callback, [\"csrf\"]);\n","import { base64url } from \"jose\";\nimport type { OAuthProvider, OIDCProvider } from \"../providers\";\nimport type { CallbackContext } from \"../routes/callback\";\nimport { discoveryRequest } from \"./utils\";\n\nexport async function getTokens(\n\tcontext: CallbackContext,\n\tprovider: OIDCProvider | OAuthProvider,\n) {\n\tconst redirectURL =\n\t\tprovider.params.redirectURL ||\n\t\t`${context.baseURL}${context.basePath}/callback/${provider.id}`;\n\tconst headers = new Headers();\n\theaders.set(\"Content-Type\", \"application/x-www-form-urlencoded\");\n\theaders.set(\"Accept\", \"application/json\");\n\theaders.set(\"User-Agent\", \"better-auth\");\n\tconst encodedCredentials = base64url.encode(\n\t\t`${provider.params.clientId}:${provider.params.clientSecret}`,\n\t);\n\theaders.set(\"Authorization\", `Basic ${encodedCredentials}`);\n\tconst body = new URLSearchParams();\n\tbody.set(\"grant_type\", \"authorization_code\");\n\tbody.set(\"code\", context.request.query.code);\n\tbody.set(\"redirect_uri\", redirectURL);\n\tif (provider.pkCodeVerifier) {\n\t\tconst codeVerifier = context.request.cookies.get(\n\t\t\tcontext.cookies.pkCodeVerifier.name,\n\t\t);\n\t\t//TODO: maybe it should throw if it's not available\n\t\tcodeVerifier && body.set(\"code_verifier\", codeVerifier);\n\t}\n\tbody.set(\"client_id\", provider.params.clientId);\n\tbody.set(\"client_secret\", provider.params.clientSecret);\n\tlet url = provider.params.tokenEndpoint;\n\tif (!url) {\n\t\tconst discovery = await discoveryRequest(context, provider);\n\t\tif (!discovery.token_endpoint) {\n\t\t\tthrow new Error(\"Missing token endpoint\");\n\t\t}\n\t\turl = discovery.token_endpoint;\n\t}\n\tconst response = await fetch(url, {\n\t\tmethod: \"POST\",\n\t\tbody,\n\t\theaders,\n\t});\n\tconst data: TokenResponse | TokenErrorResponse = await response.json();\n\treturn data;\n}\n\nexport interface TokenResponse {\n\taccess_token: string;\n\ttoken_type?: string;\n\texpires_in?: number;\n\trefresh_token?: string;\n\tscope?: string;\n\terror: undefined;\n}\n\nexport interface TokenErrorResponse {\n\terror: string;\n\terror_description?: string;\n}\n","import { ProviderError, ProviderMissing } from \"@better-auth/shared/error\";\nimport { z } from \"zod\";\nimport { parseUser } from \"../adapters/utils\";\nimport { signInOAuth } from \"../oauth2/signin\";\nimport { withPlugins } from \"../plugins/utils\";\nimport { getProvider } from \"../providers/utils\";\nimport type { Context } from \"./types\";\n\nconst signUpSchema = z.object({\n\tdata: z.record(z.string(), z.any()).optional(),\n\tprovider: z.string(),\n\tcurrentURL: z.string(),\n\tcallbackURL: z.string().optional(),\n\tautoCreateSession: z.boolean().optional(),\n});\n\nexport type SignUpContext = Context<z.infer<typeof signUpSchema>>;\n\nexport const signUp = async (context: SignUpContext) => {\n\tconst data = signUpSchema.parse(context.request.body);\n\n\tconst provider = getProvider(context, data.provider);\n\tif (!provider) {\n\t\tthrow new ProviderMissing(data.provider);\n\t}\n\tif (provider?.type === \"oauth\" || provider?.type === \"oidc\") {\n\t\t// @ts-expect-error - sign up should be added to the request body\n\t\tcontext.request.body.signUp = context.request.body.data;\n\t\tconst url = await signInOAuth(context, provider, {\n\t\t\tautoCreateSession: data.autoCreateSession ?? true,\n\t\t\tonlySignUp: true,\n\t\t});\n\t\treturn {\n\t\t\tstatus: 200,\n\t\t\tbody: {\n\t\t\t\turl,\n\t\t\t\tredirect: true,\n\t\t\t},\n\t\t};\n\t}\n\n\tif (!provider.signUp) {\n\t\tthrow new ProviderError(\"Sign up method not implemented\");\n\t}\n\n\treturn await provider.signUp(context);\n};\n\nexport const signUpHandler = withPlugins(signUp);\n","import type { CustomProvider } from \"../providers\";\nimport { callbackHandler } from \"./callback\";\nimport { sessionHandler } from \"./session\";\nimport { signInHandler } from \"./signin\";\nimport { signOutHandler } from \"./signout\";\nimport { signUpHandler } from \"./signup\";\nimport type { Context, InternalResponse } from \"./types\";\n\ntype RouterContext = Context<any>;\n\nexport const router = async (\n\tcontext: RouterContext,\n): Promise<InternalResponse> => {\n\tconst action = context.request.action;\n\tswitch (action) {\n\t\tcase \"signin\":\n\t\t\treturn signInHandler(context);\n\t\tcase \"callback\":\n\t\t\treturn await callbackHandler(context);\n\t\tcase \"signup\":\n\t\t\treturn await signUpHandler(context);\n\t\tcase \"signout\":\n\t\t\treturn await signOutHandler(context);\n\t\tcase \"session\":\n\t\t\treturn await sessionHandler(context);\n\t\tdefault: {\n\t\t\tconst plugin = context.plugins.find((plugin) => {\n\t\t\t\treturn action.startsWith(plugin.id);\n\t\t\t});\n\t\t\tconst providerHandler = context.providers.find((provider) => {\n\t\t\t\treturn provider.type === \"custom\" && provider.handler?.matcher(context);\n\t\t\t}) as CustomProvider | undefined;\n\t\t\tif (plugin?.handler) {\n\t\t\t\treturn await plugin.handler(context);\n\t\t\t}\n\t\t\tif (providerHandler?.handler) {\n\t\t\t\treturn await providerHandler.handler.handler(context);\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tstatus: 404,\n\t\t\t};\n\t\t}\n\t}\n};\n","import { type IncomingHttpHeaders, IncomingMessage } from \"node:http\";\nimport { InvalidRequest, InvalidURL } from \"@better-auth/shared/error\";\nimport { z } from \"zod\";\nimport type { BetterAuthOptions } from \"../options\";\n\nexport async function getBody<T>(request: IncomingMessage | Request) {\n\ttry {\n\t\tif (request instanceof Request) return await request.json();\n\t\treturn new Promise<T>((resolve) => {\n\t\t\tconst bodyParts: any[] = [];\n\t\t\tlet body: string;\n\t\t\trequest\n\t\t\t\t.on(\"data\", (chunk) => {\n\t\t\t\t\tbodyParts.push(chunk);\n\t\t\t\t})\n\t\t\t\t.on(\"end\", () => {\n\t\t\t\t\tbody = Buffer.concat(bodyParts).toString();\n\t\t\t\t\tresolve(JSON.parse(body));\n\t\t\t\t});\n\t\t});\n\t} catch {\n\t\tthrow new InvalidRequest();\n\t}\n}\n\nexport const toRequestHeader = (\n\tincomingHeaders: IncomingHttpHeaders | Headers,\n): Headers => {\n\tif (incomingHeaders instanceof Headers) return incomingHeaders;\n\tconst headers = new Headers();\n\tfor (const [key, value] of Object.entries(incomingHeaders)) {\n\t\tif (Array.isArray(value)) {\n\t\t\tfor (const val of value) {\n\t\t\t\theaders.append(key, val);\n\t\t\t}\n\t\t} else if (value) {\n\t\t\theaders.append(key, value);\n\t\t}\n\t}\n\treturn headers;\n};\nfunction getUrl(request: IncomingMessage | Request) {\n\tconst url =\n\t\trequest instanceof IncomingMessage\n\t\t\t? `${request.headers.host}${(request as any).originalUrl}`\n\t\t\t: request.url;\n\treturn new URL(url);\n}\n\nexport function isValidHttpMethod(method?: string) {\n\tif (method?.toUpperCase() !== \"POST\" && method?.toUpperCase() !== \"GET\") {\n\t\treturn false;\n\t}\n\treturn true;\n}\n\nexport type InternalURL = {\n\torigin: string;\n\thost: string;\n\tpath: string;\n\tbase: string;\n\ttoString: () => string;\n};\nexport function parseUrl(\n\trequest: IncomingMessage | Request,\n\toptions: BetterAuthOptions,\n) {\n\tlet requestStringURL =\n\t\trequest instanceof IncomingMessage\n\t\t\t? `${request.headers.host}${request.url}`\n\t\t\t: request.url;\n\tif (!requestStringURL.startsWith(\"http\")) {\n\t\tif (requestStringURL.startsWith(\"localhost\")) {\n\t\t\trequestStringURL = `http://${requestStringURL}`;\n\t\t} else {\n\t\t\trequestStringURL = `https://${requestStringURL}`;\n\t\t}\n\t}\n\tconst requestURL = new URL(requestStringURL);\n\tconst baseURL = requestURL.origin;\n\tconst basePath = options.basePath || \"/api/auth\";\n\tlet urlString = `${baseURL}${basePath}`;\n\tif (!urlString.startsWith(\"http\")) {\n\t\turlString = `https://${urlString}`;\n\t}\n\tconst isValidURL = z.string().url().safeParse(urlString);\n\tlet action = requestURL.pathname.split(basePath)[1] || \"\";\n\t//replace the first / in the action\n\taction = action.replace(\"/\", \"\");\n\tif (isValidURL.error) {\n\t\tthrow new InvalidURL();\n\t}\n\t/**\n\t * If the action is a callback, we need to extract the\n\t * provider form the URL.\n\t */\n\tif (action.startsWith(\"callback\")) {\n\t\tconst provider = action.split(\"/\")[1];\n\t\tif (!provider) throw new InvalidURL(\"Provider is missing in the URL.\");\n\t\taction = \"callback\";\n\t\trequestURL.searchParams.set(\"provider\", provider);\n\t}\n\tconst url = new URL(urlString);\n\trequestURL.searchParams.forEach((value, key) => {\n\t\turl.searchParams.set(key, value);\n\t});\n\treturn {\n\t\turl,\n\t\taction,\n\t};\n}\n\nexport function isAuthPath(url: string, options: BetterAuthOptions) {\n\tconst _url = new URL(url);\n\tconst baseURL = new URL(options.baseURL || _url.origin);\n\tconst basePath = options.basePath || \"/api/auth\";\n\tif (_url.origin !== baseURL.origin) return false;\n\tif (!_url.pathname.startsWith(basePath)) return false;\n\treturn true;\n}\n","import { MissingSecret } from \"@better-auth/shared/error\";\n\nexport const DEFAULT_SECRET = \"better-auth-secret-key-123456789\";\nexport const getSecret = (secret?: string) => {\n\tsecret = secret || process.env.BETTER_AUTH_SECRET || process.env.AUTH_SECRET;\n\tif (process.env.NODE_ENV === \"production\" && !secret) {\n\t\tthrow new MissingSecret();\n\t}\n\treturn secret || DEFAULT_SECRET;\n};\n","import type { IncomingMessage } from \"node:http\";\nimport { getActions } from \"./actions\";\nimport { createInternalAdapter } from \"./adapters\";\nimport { getSelectFields, toInternalFields } from \"./adapters/utils\";\nimport { type CookieManager, cookieManager } from \"./cookies\";\nimport { getCookies } from \"./cookies/cookies\";\nimport type { BetterAuthOptions } from \"./options\";\nimport type { BetterAuthPlugin } from \"./plugins\";\nimport { getPlugins } from \"./plugins/utils\";\nimport { router } from \"./routes\";\nimport type { Context, InternalResponse } from \"./routes/types\";\nimport {\n\tgetBody,\n\tisValidHttpMethod,\n\tparseUrl,\n\ttoRequestHeader,\n} from \"./utils/request\";\nimport { getSecret } from \"./utils/secret\";\nimport { timeSpan } from \"./utils/time\";\nimport type { UnionToIntersection } from \"./utils/types\";\n\nexport interface HandlerOptions<R = any> {\n\tcookieManager?: CookieManager;\n\ttoResponse?: (res: InternalResponse, context: Context) => R;\n}\n\nexport const betterAuth = <O extends BetterAuthOptions>(options: O) => {\n\tconst defaultActions = getActions(options);\n\ttype Actions = O[\"plugins\"] extends Array<BetterAuthPlugin>\n\t\t? UnionToIntersection<\n\t\t\t\tReturnType<\n\t\t\t\t\tO[\"plugins\"][number] extends { getActions: Function }\n\t\t\t\t\t\t? O[\"plugins\"][number][\"getActions\"]\n\t\t\t\t\t\t: never\n\t\t\t\t>\n\t\t\t>\n\t\t: {};\n\tconst auth = {\n\t\t/**\n\t\t * The handler for the better auth routes.\n\t\t */\n\t\thandler: async <R = Response>(\n\t\t\trequest: Request | IncomingMessage,\n\t\t\topts?: HandlerOptions<R>,\n\t\t): Promise<R> => {\n\t\t\tconst context = await toContext(options, request, opts);\n\t\t\tif (!isValidHttpMethod(request.method)) {\n\t\t\t\treturn toResponse({ status: 200 }, context, opts);\n\t\t\t}\n\t\t\tconst response = await router(context);\n\t\t\treturn toResponse(response, context, opts);\n\t\t},\n\t\tcaller: {\n\t\t\t...defaultActions,\n\t\t\t...options.plugins?.map((plugin) => plugin.getActions?.(options)),\n\t\t} as typeof defaultActions & Actions,\n\t\toptions,\n\t};\n\n\treturn auth;\n};\n\nexport const toContext = async (\n\toptions: BetterAuthOptions,\n\trequest: Request | IncomingMessage,\n\thandlerOptions?: HandlerOptions,\n): Promise<Context> => {\n\tconst basePath = options.basePath || \"/api/auth\";\n\tconst headers = toRequestHeader(request.headers);\n\tconst { url, action } = parseUrl(request, options);\n\tconst body =\n\t\trequest.method?.toUpperCase() === \"POST\" ? await getBody(request) : null;\n\treturn {\n\t\tbaseURL: url.origin,\n\t\tbasePath,\n\t\trequest: {\n\t\t\tmethod: request.method as string,\n\t\t\turl,\n\t\t\tquery: Object.fromEntries(url.searchParams),\n\t\t\taction,\n\t\t\tbody,\n\t\t\theaders: headers,\n\t\t\tcookies: handlerOptions?.cookieManager || cookieManager(headers),\n\t\t},\n\t\t_db: options.adapter,\n\t\tproviders: options.providers,\n\t\tsecret: getSecret(options.secret),\n\t\tadapter: createInternalAdapter(options.adapter),\n\t\tplugins: getPlugins(options),\n\t\tcookies: getCookies(options),\n\t\tdisableCSRF: options.advanced?.skipCSRFCheck || false,\n\t\tsession: {\n\t\t\tmodelName: options.session?.modelName || \"session\",\n\t\t\tupdateAge:\n\t\t\t\toptions.session?.updateAge === undefined\n\t\t\t\t\t? timeSpan(\"1d\")\n\t\t\t\t\t: options.session.updateAge,\n\t\t\texpiresIn: options.session?.expiresIn || timeSpan(\"1w\"),\n\t\t\tadditionalFields: options.session?.additionalFields\n\t\t\t\t? toInternalFields(options.session.additionalFields)\n\t\t\t\t: {},\n\t\t\tselectFields: getSelectFields(\n\t\t\t\toptions.session?.additionalFields || {},\n\t\t\t\t\"session\",\n\t\t\t),\n\t\t},\n\t\tuser: {\n\t\t\tmodelName: options.user?.modelName || \"user\",\n\t\t\tfields: options.user?.fields ? toInternalFields(options.user.fields) : {},\n\t\t\tselectFields: getSelectFields(options.user?.fields || {}, \"user\"),\n\t\t},\n\t\taccount: {\n\t\t\tmodelName: options.account?.modelName || \"account\",\n\t\t\tadditionalFields: options.account?.additionalFields || {},\n\t\t\tselectFields: [\n\t\t\t\t...Object.keys(options.account?.additionalFields || {}),\n\t\t\t\t\"userId\",\n\t\t\t\t\"providerId\",\n\t\t\t\t\"accountId\",\n\t\t\t],\n\t\t},\n\t\tsessionAdapter: options.sessionAdapter,\n\t};\n};\n\nexport const toResponse = (\n\tres: InternalResponse,\n\tcontext: Context,\n\thandlerOptions?: HandlerOptions,\n) => {\n\tif (handlerOptions?.toResponse) {\n\t\treturn handlerOptions.toResponse(res, context);\n\t}\n\tcontext.request.headers.set(\"content-type\", \"application/json\");\n\tconst response = new Response(res.body ? JSON.stringify(res.body) : null, {\n\t\theaders: {\n\t\t\t...context.request.headers,\n\t\t\t\"Set-Cookie\": context.request.headers.get(\"Set-Cookie\") ?? \"\",\n\t\t\t...res.headers,\n\t\t},\n\t\tstatus: res.status,\n\t\tstatusText: res.statusText,\n\t});\n\treturn response;\n};\n\nexport type BetterAuthHandler = ReturnType<typeof betterAuth>[\"handler\"];\nexport type BetterAuth = ReturnType<typeof betterAuth>;\n"],"mappings":";AAGO,SAAS,UACf,MACA,OACA,YACC;AACD,QAAM,kBAAsD,CAAC;AAC7D,kBAAgB,KAAK,CAAC,mBAAmB,IAAI,GAAG,mBAAmB,KAAK,CAAC,CAAC;AAC1E,MAAI,YAAY,WAAW,QAAW;AACrC,oBAAgB,KAAK,CAAC,UAAU,WAAW,MAAM,CAAC;AAAA,EACnD;AACA,MAAI,YAAY,YAAY,QAAW;AACtC,oBAAgB,KAAK,CAAC,WAAW,WAAW,QAAQ,YAAY,CAAC,CAAC;AAAA,EACnE;AACA,MAAI,YAAY,UAAU;AACzB,oBAAgB,KAAK,CAAC,UAAU,CAAC;AAAA,EAClC;AACA,MAAI,YAAY,WAAW,QAAW;AACrC,oBAAgB,KAAK,CAAC,WAAW,WAAW,OAAO,SAAS,CAAC,CAAC;AAAA,EAC/D;AACA,MAAI,YAAY,SAAS,QAAW;AACnC,oBAAgB,KAAK,CAAC,QAAQ,WAAW,IAAI,CAAC;AAAA,EAC/C;AACA,MAAI,YAAY,aAAa,OAAO;AACnC,oBAAgB,KAAK,CAAC,YAAY,KAAK,CAAC;AAAA,EACzC;AACA,MAAI,YAAY,aAAa,QAAQ;AACpC,oBAAgB,KAAK,CAAC,YAAY,MAAM,CAAC;AAAA,EAC1C;AACA,MAAI,YAAY,aAAa,UAAU;AACtC,oBAAgB,KAAK,CAAC,YAAY,QAAQ,CAAC;AAAA,EAC5C;AACA,MAAI,YAAY,QAAQ;AACvB,oBAAgB,KAAK,CAAC,QAAQ,CAAC;AAAA,EAChC;AACA,SAAO,gBAAgB,IAAI,CAAC,SAAS,KAAK,KAAK,GAAG,CAAC,EAAE,KAAK,IAAI;AAC/D;AAEO,SAAS,MAAM,QAAqC;AAC1D,QAAM,UAAU,oBAAI,IAAoB;AACxC,QAAM,QAAQ,OAAO,MAAM,IAAI;AAC/B,aAAW,QAAQ,OAAO;AACzB,UAAM,OAAO,KAAK,MAAM,GAAG;AAC3B,UAAM,SAAS,KAAK,CAAC;AACrB,UAAM,WAAW,KAAK,CAAC,KAAK;AAC5B,QAAI,CAAC;AAAQ;AACb,YAAQ,IAAI,mBAAmB,MAAM,GAAG,mBAAmB,QAAQ,CAAC;AAAA,EACrE;AACA,SAAO;AACR;AAEO,IAAM,gBAAgB,CAAC,WAAmC;AAChE,SAAO;AAAA,IACN,IAAI,MAAc,OAAe,UAAU,CAAC,GAAG;AAC9C,YAAM,YAAY,UAAU,MAAM,OAAO,OAAO;AAChD,aAAO,OAAO,cAAc,SAAS;AAAA,IACtC;AAAA,IACA,IAAI,MAAc;AACjB,YAAM,SAAS,OAAO,IAAI,QAAQ;AAClC,UAAI,CAAC;AAAQ,eAAO;AACpB,YAAM,UAAU,MAAM,MAAM;AAC5B,YAAM,QAAQ,QAAQ,IAAI,IAAI;AAC9B,aAAO;AAAA,IACR;AAAA,EACD;AACD;AAOO,SAAS,iBAAiB,SAAkB,WAAmB;AACrE,UAAQ,QAAQ,QAAQ;AAAA,IACvB,QAAQ,QAAQ,aAAa;AAAA,IAC7B;AAAA,IACA,QAAQ,QAAQ,aAAa;AAAA,EAC9B;AACD;AAEO,SAAS,mBAAmB,SAAkB;AACpD,UAAQ,QAAQ,QAAQ,IAAI,QAAQ,QAAQ,aAAa,MAAM,IAAI;AAAA,IAClE,GAAG,QAAQ,QAAQ,aAAa;AAAA,IAChC,QAAQ;AAAA,EACT,CAAC;AACF;;;ACvFA,eAAsB,KAAK,WAAmB,SAAiB;AAC9D,QAAM,MAAM,IAAI,YAAY;AAC5B,QAAM,YAAY,EAAE,MAAM,QAAQ,MAAM,UAAU;AAClD,QAAM,MAAM,MAAM,OAAO,OAAO;AAAA,IAC/B;AAAA,IACA,IAAI,OAAO,SAAS;AAAA,IACpB;AAAA,IACA;AAAA,IACA,CAAC,QAAQ,QAAQ;AAAA,EAClB;AACA,QAAM,YAAY,MAAM,OAAO,OAAO;AAAA,IACrC,UAAU;AAAA,IACV;AAAA,IACA,IAAI,OAAO,OAAO;AAAA,EACnB;AACA,SAAO,KAAK,OAAO,aAAa,GAAG,IAAI,WAAW,SAAS,CAAC,CAAC;AAC9D;;;AChBO,SAAS,qBAAqB,MAAc;AAClD,QAAM,QAAQ,CAAC,MAAc,IAAI,EAAE,SAAS,EAAE,CAAC,GAAG,MAAM,EAAE;AAC1D,QAAM,IAAI,CAAC,GAAW,MAAsB,IAAI,MAAM,CAAC;AACvD,QAAM,QAAQ,OAAO,gBAAgB,IAAI,WAAW,IAAI,CAAC;AACzD,SAAO,MAAM,KAAK,KAAK,EAAE,OAAO,GAAG,EAAE;AACtC;;;ACCA,IAAM,cAAc,OAAO,YAAqB;AAC/C,QAAM,YAAY,QAAQ,QAAQ,QAAQ,IAAI,QAAQ,QAAQ,UAAU,IAAI;AAC5E,MAAI,WAAW;AACd,WAAO;AAAA,MACN,QAAQ;AAAA,MACR,MAAM;AAAA,QACL;AAAA,MACD;AAAA,IACD;AAAA,EACD;AACA,QAAM,QAAQ,qBAAqB,EAAE;AACrC,QAAM,OAAO,MAAM,KAAK,QAAQ,QAAQ,KAAK;AAC7C,QAAM,SAAS,GAAG,KAAK,IAAI,IAAI;AAC/B,UAAQ,QAAQ,QAAQ;AAAA,IACvB,QAAQ,QAAQ,UAAU;AAAA,IAC1B;AAAA,IACA,QAAQ,QAAQ,UAAU;AAAA,EAC3B;AACA,SAAO;AAAA,IACN,QAAQ;AAAA,IACR,MAAM;AAAA,MACL,WAAW;AAAA,IACZ;AAAA,EACD;AACD;AAEO,IAAM,kBAAkB,MAAwB;AACtD,SAAO;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,SAAS;AAAA,IACT,OAAO;AAAA,MACN,SAAS,CAAC,YAAY,CAAC,QAAQ;AAAA,MAC/B,QAAQ,OAAO,YAAY;AAC1B,cAAM,YAAY,QAAQ,QAAQ,KAAK;AACvC,cAAM,aAAa,QAAQ,QAAQ,QAAQ;AAAA,UAC1C,QAAQ,QAAQ,UAAU;AAAA,QAC3B;AACA,cAAM,CAAC,OAAO,IAAI,IAAI,YAAY,MAAM,GAAG,KAAK,CAAC,MAAM,IAAI;AAC3D,YACC,CAAC,aACD,CAAC,cACD,CAAC,SACD,CAAC,QACD,eAAe,WACd;AACD,kBAAQ,QAAQ,QAAQ,IAAI,QAAQ,QAAQ,UAAU,MAAM,IAAI;AAAA,YAC/D,GAAG,QAAQ,QAAQ,UAAU;AAAA,YAC7B,QAAQ;AAAA,UACT,CAAC;AACD,iBAAO;AAAA,YACN,UAAU;AAAA,cACT,QAAQ;AAAA,cACR,YAAY;AAAA,YACb;AAAA,UACD;AAAA,QACD;AACA,cAAM,eAAe,MAAM,KAAK,QAAQ,QAAQ,KAAK;AAErD,YAAI,SAAS,cAAc;AAC1B,kBAAQ,QAAQ,QAAQ,IAAI,QAAQ,QAAQ,UAAU,MAAM,IAAI;AAAA,YAC/D,GAAG,QAAQ,QAAQ,UAAU;AAAA,YAC7B,QAAQ;AAAA,UACT,CAAC;AACD,iBAAO;AAAA,YACN,UAAU;AAAA,cACT,QAAQ;AAAA,cACR,YAAY;AAAA,YACb;AAAA,UACD;AAAA,QACD;AACA,eAAO;AAAA,MACR;AAAA,IACD;AAAA,IACA,SAAS;AAAA,EACV;AACD;;;ACpEO,IAAM,aAAa,CAAC,YAA+B;AACzD,QAAM,UAIF;AAAA,IACH,MAAM,CAAC;AAAA,IACP,KAAK,CAAC;AAAA,IACN,WAAW,CAAC;AAAA,EACb;AACA,aAAW,UAAU,QAAQ,WAAW,CAAC,GAAG;AAC3C,YAAQ,OAAO,SAAS,WAAW,EAAE,KAAK,MAAM;AAAA,EACjD;AACA,QAAM,kBAAkB,CAAC,gBAAgB,CAAC;AAC1C,SAAO;AAAA,IACN,GAAG,QAAQ;AAAA,IACX,GAAG,QAAQ;AAAA,IACX,GAAG;AAAA,IACH,GAAG,QAAQ;AAAA,EACZ;AACD;AAEO,IAAM,aAAa,CAAC,SAAkB,kBAA6B;AACzE,QAAM,UAAU,QAAQ,QAAQ;AAAA,IAC/B,CAAC,OAAO,GAAG,SAAS,CAAC,eAAe,SAAS,GAAG,EAAE;AAAA,EACnD;AACA,QAAM,QAAQ,QAAQ,IAAI,CAAC,WAAW;AACrC,WAAO,OAAO;AAAA,EACf,CAAC;AACD,QAAM,SAA8B,CAAC;AACrC,QAAM,QAA4B,CAAC;AACnC,aAAW,QAAQ,OAAO;AACzB,QAAI,KAAK,QAAQ,OAAO,GAAG;AAC1B,WAAK,UAAU,OAAO,KAAK,KAAK,MAAM;AACtC,WAAK,SAAS,MAAM,KAAK,KAAK,KAAK;AAAA,IACpC;AAAA,EACD;AACA,SAAO;AAAA,IACN,QAAQ,OAAOA,aAAqB;AACnC,UAAI,MAA2BA;AAC/B,UAAI;AACJ,iBAAW,QAAQ,QAAQ;AAC1B,cAAM,MAAM,MAAM,KAAK,GAAG;AAC1B,YAAI,KAAK,SAAS;AACjB,gBAAM,IAAI;AAAA,QACX;AACA,YAAI,KAAK,UAAU;AAClB,qBAAW,IAAI;AACf;AAAA,QACD;AAAA,MACD;AACA,aAAO;AAAA,QACN,SAAS;AAAA,QACT;AAAA,MACD;AAAA,IACD;AAAA,IACA,OAAO,OAAOA,UAAkB,eAAiC;AAChE,UAAI,MAA2BA;AAC/B,UAAI;AACJ,iBAAW,QAAQ,OAAO;AACzB,cAAM,MAAM,MAAM,KAAK,KAAK,UAAU;AACtC,YAAI,KAAK,SAAS;AACjB,gBAAM,IAAI;AAAA,QACX;AACA,YAAI,KAAK,UAAU;AAClB,qBAAW,IAAI;AACf;AAAA,QACD;AAAA,MACD;AACA,aAAO;AAAA,QACN,SAAS;AAAA,QACT;AAAA,MACD;AAAA,IACD;AAAA,EACD;AACD;AAEO,IAAM,cAAc,CAC1B,IAIA,kBACI;AACJ,SAAO,OAAO,QAA4B;AACzC,UAAM,EAAE,QAAQ,MAAM,IAAI,WAAW,KAAK,aAAa;AACvD,UAAM,EAAE,SAAS,SAAS,IAAI,MAAM,OAAO,GAAG;AAC9C,QAAI,UAAU;AACb,aAAO;AAAA,IACR;AACA,UAAM,MAAM,MAAM,GAAG,OAAO;AAC5B,UAAM,EAAE,UAAU,cAAc,IAAI,MAAM,MAAM,SAAS,GAAG;AAC5D,QAAI,eAAe;AAClB,aAAO;AAAA,IACR;AACA,WAAO;AAAA,EACR;AACD;;;AChGO,IAAM,UAAU,OAAO,YAA4B;AACzD,QAAMC,WAAU,MAAM,iBAAiB,OAAO;AAC9C,MAAI,CAACA,UAAS;AACb,WAAO;AAAA,MACN,QAAQ;AAAA,MACR,YAAY;AAAA,IACb;AAAA,EACD;AACA,SAAO;AAAA,IACN,QAAQ;AAAA,IACR,MAAMA;AAAA,EACP;AACD;AAEO,IAAM,mBAAmB,OAAO,YAAqB;AAC3D,QAAM,oBAAoB,QAAQ,QAAQ,QAAQ;AAAA,IACjD,QAAQ,QAAQ,aAAa;AAAA,EAC9B;AACA,MAAI,CAAC,mBAAmB;AACvB,WAAO;AAAA,EACR;AACA,QAAMA,WAAU,MAAM,QAAQ,QAAQ,YAAY,mBAAmB,OAAO;AAC5E,MAAI,CAACA,YAAWA,SAAQ,YAAY,oBAAI,KAAK,GAAG;AAC/C,IAAAA,YAAY,MAAM,QAAQ,QAAQ,cAAcA,SAAQ,IAAI,OAAO;AACnE,uBAAmB,OAAO;AAC1B,WAAO;AAAA,EACR;AACA,QAAM,OAAO,MAAM,QAAQ,QAAQ,aAAaA,SAAQ,QAAQ,OAAO;AACvE,MAAI,CAAC,MAAM;AACV,WAAO;AAAA,EACR;AACA,QAAM,iBAAiB,MAAM,QAAQ,QAAQ,cAAcA,UAAS,OAAO;AAC3E,UAAQ,QAAQ,QAAQ,IAAI,QAAQ,QAAQ,aAAa,MAAMA,SAAQ,IAAI;AAAA,IAC1E,GAAG,QAAQ,QAAQ,aAAa;AAAA,IAChC,QAAQ,eAAe,UAAU,QAAQ,IAAI,KAAK,IAAI;AAAA,EACvD,CAAC;AACD;AACA,SAAO;AAAA,IACN;AAAA,IACA,WAAWA,SAAQ;AAAA,EACpB;AACD;AAEO,IAAM,iBAAiB,YAAY,OAAO;;;ACpD1C,IAAM,kBAAN,cAA8B,MAAM;AAAA,EAC1C,YAAY,SAAiB;AAC5B,UAAM,GAAG,OAAO,EAAE;AAClB,SAAK,OAAO,KAAK,YAAY;AAC7B,WAAO,eAAe,MAAM,WAAW,SAAS;AAChD,UAAM,kBAAkB,MAAM,KAAK,WAAW;AAAA,EAC/C;AACD;AAEO,IAAM,gBAAN,cAA4B,gBAAgB;AAAA,EAClD,cAAc;AACb,UAAM,mEAAmE;AAAA,EAC1E;AACD;AAEO,IAAM,aAAN,cAAyB,gBAAgB;AAAA,EAC/C,YAAY,SAAkB;AAC7B;AAAA,MACC,WACC;AAAA,IACF;AAAA,EACD;AACD;AAEO,IAAM,iBAAN,cAA6B,gBAAgB;AAAA,EACnD,cAAc;AACb,UAAM,wDAAwD;AAAA,EAC/D;AACD;AAEO,IAAM,kBAAN,cAA8B,gBAAgB;AAAA,EACpD,YAAY,IAAY;AACvB,UAAM,YAAY,EAAE,oCAAoC;AAAA,EACzD;AACD;AAEO,IAAM,gBAAN,cAA4B,gBAAgB;AAAC;;;ACzCpD,SAAS,SAAS;;;ACAlB,SAAS,iBAAiB;;;ACD1B,eAAsB,OAAO,MAAyC;AACrE,SAAO,MAAM,OAAO,OAAO,OAAO,WAAW,IAAI;AAClD;;;ACEA,eAAsB,iBACrB,SACA,UAKE;AACF,QAAM,mBAAmB,IAAI,IAAI,SAAS,MAAgB;AAC1D,MAAI,EAAE,4BAA4B,MAAM;AACvC,UAAM,IAAI,UAAU,+CAA+C;AAAA,EACpE;AACA,MACC,iBAAiB,aAAa,YAC9B,iBAAiB,aAAa,SAC7B;AACD,UAAM,IAAI,UAAU,+CAA+C;AAAA,EACpE;AAEA,QAAM,MAAM,IAAI,IAAI,iBAAiB,IAAI;AAEzC,UAAQ,SAAS,MAAM;AAAA,IACtB,KAAK;AAAA,IACL,KAAK;AACJ,UAAI,WAAW,GAAG,IAAI,QAAQ,oCAAoC;AAAA,QACjE;AAAA,QACA;AAAA,MACD;AACA;AAAA,IACD,KAAK;AACJ,UAAI,IAAI,aAAa,KAAK;AACzB,YAAI,WAAW;AAAA,MAChB,OAAO;AACN,YAAI,WACH,0CAA0C,IAAI,QAAQ,GAAG;AAAA,UACxD;AAAA,UACA;AAAA,QACD;AAAA,MACF;AACA;AAAA,IACD;AACC,YAAM,IAAI,UAAU,2CAA2C;AAAA,EACjE;AAEA,QAAM,UAAU,IAAI,QAAQ,QAAQ,QAAQ,OAAO;AACnD,UAAQ,IAAI,UAAU,kBAAkB;AAExC,SAAO,MAAM,IAAI,MAAM;AAAA,IACtB,SAAS,OAAO,YAAY,QAAQ,QAAQ,CAAC;AAAA,IAC7C,QAAQ;AAAA,IACR,UAAU;AAAA,EACX,CAAC,EAAE,KAAK,CAAC,QAAQ;AAChB,QAAI,CAAC,IAAI,IAAI;AACZ,YAAM,IAAI,MAAM,uBAAuB,IAAI,MAAM,EAAE;AAAA,IACpD;AACA,WAAO,IAAI,KAAK;AAAA,EACjB,CAAC;AACF;;;AFrDA,eAAsB,YACrB,SACA,UACA;AAAA,EACC;AAAA,EACA;AACD,IAQI;AAAA,EACH,mBAAmB;AAAA,EACnB,YAAY;AACb,GACC;AACD,MAAI,CAAC,SAAS,OAAO,UAAU;AAC9B,UAAM,IAAI,cAAc,sBAAsB;AAAA,EAC/C;AACA,QAAM,SAAS,MAAM,KAAK,IAAI,IAAI,UAAU,UAAU,CAAC,CAAC,CAAC;AACzD,QAAM,EAAE,YAAY,aAAa,KAAK,IAAI,QAAQ,QAAQ;AAC1D,QAAM,QAAQ;AAAA,IACb;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACD;AACA,MAAI,MAAM,SAAS,OAAO;AAC1B,MAAI,CAAC,KAAK;AACT,UAAM,YAAY,MAAM,iBAAiB,SAAS,QAAQ;AAC1D,QAAI,CAAC,UAAU;AACd,YAAM,IAAI,cAAc,gCAAgC;AACzD,UAAM,UAAU;AAAA,EACjB;AACA,QAAM,mBAAmB,IAAI,IAAI,GAAG;AACpC,mBAAiB,aAAa,IAAI,iBAAiB,MAAM;AACzD,mBAAiB,aAAa,IAAI,aAAa,SAAS,OAAO,QAAQ;AACvE,mBAAiB,aAAa,IAAI,SAAS,KAAK;AAChD,mBAAiB,aAAa,IAAI,SAAS,OAAO,KAAK,GAAG,CAAC;AAC3D,mBAAiB,aAAa;AAAA,IAC7B;AAAA,IACA,SAAS,OAAO,eACf,GAAG,QAAQ,QAAQ,IAAI,SAAS,CAAC,aAChC,QAAQ,QAAQ,KAAK,QACtB;AAAA,EACF;AAEA,MAAI,SAAS,SAAS,QAAQ;AAM7B,QAAI,SAAS,OAAO;AACnB,YAAM,QAAQ,qBAAqB,EAAE;AACrC,uBAAiB,aAAa,IAAI,SAAS,KAAK;AAChD,cAAQ,QAAQ,QAAQ;AAAA,QACvB,QAAQ,QAAQ,MAAM;AAAA,QACtB;AAAA,QACA,QAAQ,QAAQ,MAAM;AAAA,MACvB;AAAA,IACD;AAAA,EACD;AACA,WAAS,OAAO,gBACf,iBAAiB,aAAa;AAAA,IAC7B;AAAA,IACA,SAAS,OAAO;AAAA,EACjB;AAED,MAAI,SAAS,OAAO,OAAO;AAC1B,UAAM,QAAQ,OAAO,QAAQ,SAAS,OAAO,KAAK;AAClD,eAAW,CAAC,KAAK,KAAK,KAAK,OAAO;AACjC,uBAAiB,aAAa,IAAI,KAAK,KAAK;AAAA,IAC7C;AAAA,EACD;AACA,QAAM,eAAe,SAAS,iBAC3B,qBAAqB,IACrB;AACH,MAAI,SAAS,kBAAkB,cAAc;AAC5C,UAAM,sBAAsB,UAAU,uBAAuB;AAC7D,QAAI,wBAAwB,QAAQ;AACnC,YAAM,sBAAsB,MAAM;AAAA,QACjC,IAAI,YAAY,EAAE,OAAO,YAAY;AAAA,MACtC;AACA,YAAM,gBAAgB,UAAU;AAAA,QAC/B,IAAI,WAAW,mBAAmB;AAAA,MACnC;AACA,uBAAiB,aAAa,IAAI,kBAAkB,aAAa;AACjE,uBAAiB,aAAa,IAAI,yBAAyB,MAAM;AAAA,IAClE,OAAO;AACN,uBAAiB,aAAa,IAAI,kBAAkB,YAAY;AAChE,uBAAiB,aAAa,IAAI,yBAAyB,OAAO;AAAA,IACnE;AAAA,EACD;AACA,UAAQ,QAAQ,QAAQ;AAAA,IACvB,QAAQ,QAAQ,MAAM;AAAA,IACtB;AAAA,IACA,QAAQ,QAAQ,MAAM;AAAA,EACvB;AACA,MAAI,cAAc;AACjB,YAAQ,QAAQ,QAAQ;AAAA,MACvB,QAAQ,QAAQ,eAAe;AAAA,MAC/B;AAAA,MACA,QAAQ,QAAQ,eAAe;AAAA,IAChC;AAAA,EACD;AACA,SAAO,iBAAiB,SAAS;AAClC;AAEO,SAAS,uBAA+B;AAC9C,QAAM,eAAe,IAAI,WAAW,EAAE;AACtC,SAAO,gBAAgB,YAAY;AACnC,SAAO,UAAU,OAAO,YAAY;AACrC;AASO,SAAS,cACf,YACA,aACAC,SACA,mBACA,YACS;AACT,MAAI,QAAQ,qBAAqB,EAAE;AACnC,WAAS,IAAI,UAAU;AACvB,WAAS,IAAI,eAAe,UAAU;AACtC,WAAS,IAAI,KAAK,UAAU;AAAA,IAC3B,MAAMA;AAAA,IACN;AAAA,IACA;AAAA,EACD,CAAC,CAAC;AACF,SAAO;AACR;AAEO,SAAS,SAAS,OASvB;AACD,QAAM,CAAC,MAAM,YAAY,aAAa,YAAY,IAAI,MAAM,MAAM,GAAG;AACrE,MAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,aAAa;AACzC,UAAM,IAAI,cAAc,eAAe;AAAA,EACxC;AACA,QAAMA,UAAS,eAAe,KAAK,MAAM,YAAY,IAAI;AACzD,SAAO;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,IACA,QAAQ;AAAA,MACP,MAAMA,SAAQ;AAAA,MACd,mBAAmBA,SAAQ;AAAA,MAC3B,YAAYA,SAAQ;AAAA,IACrB;AAAA,EACD;AACD;;;AG9KO,IAAM,cAAc,CAC1B,SACA,eAC0B;AAC1B,QAAM,YAAY,QAAQ;AAC1B,QAAM,WAAW,UAAU,KAAK,CAACC,cAAaA,UAAS,OAAO,UAAU;AACxE,SAAO;AACR;;;AJDO,IAAM,aAAa,EAAE,OAAO;AAAA,EAClC,UAAU,EAAE,OAAO;AAAA,EACnB,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,EAC7C,aAAa,EAAE,OAAO,EAAE,SAAS;AAAA,EACjC,YAAY,EAAE,OAAO;AACtB,CAAC;AASM,IAAM,SAAS,OAAO,YAA2B;AACvD,QAAM,OAAO,WAAW,MAAM,QAAQ,QAAQ,IAAI;AAClD,QAAM,WAAW,YAAY,SAAS,KAAK,QAAQ;AACnD,MAAI,CAAC,UAAU;AACd,UAAM,IAAI,gBAAgB,KAAK,QAAQ;AAAA,EACxC;AACA,MAAI,SAAS,SAAS,WAAW,SAAS,SAAS,QAAQ;AAC1D,UAAM,MAAM,MAAM,YAAY,SAAS,QAAQ;AAC/C,WAAO;AAAA,MACN,QAAQ;AAAA,MACR,MAAM;AAAA,QACL;AAAA,QACA,UAAU;AAAA,MACX;AAAA,IACD;AAAA,EACD;AACA,MAAI,SAAS,SAAS,UAAU;AAC/B,QAAI,CAAC,SAAS,QAAQ;AACrB,YAAM,IAAI,cAAc,gCAAgC;AAAA,IACzD;AACA,UAAM,WAAW,MAAM,SAAS,OAAO,OAAO;AAC9C,WAAO;AAAA,EACR;AACA,QAAM,IAAI,cAAc,uBAAuB;AAChD;AAEO,IAAM,gBAAgB,YAAY,MAAM;;;AK3CxC,IAAM,UAAU,OAAO,YAA4B;AACzD,QAAMC,WAAU,QAAQ,QAAQ,QAAQ;AAAA,IACvC,QAAQ,QAAQ,aAAa;AAAA,EAC9B;AACA,qBAAmB,OAAO;AAC1B,MAAIA,UAAS;AACZ,QAAI;AACH,YAAM,QAAQ,QAAQ,cAAcA,UAAS,OAAO;AAAA,IACrD,SAAS,GAAG;AAAA,IAAC;AAAA,EACd;AACA,SAAO;AAAA,IACN,QAAQ;AAAA,EACT;AACD;AAEO,IAAM,iBAAiB,YAAY,OAAO;;;ACZ1C,SAAS,WACf,SACA,gBACC;AACD,QAAM,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUf,QAAQ,OAIP,SACA,UAII;AACJ,YAAM,MACL,mBAAmB,UACf,QAAQ,IAAI,SAAS,IACtB,QAAQ;AACZ,YAAM,MAAM,IAAI,QAAQ,KAAK;AAAA,QAC5B,MAAM,KAAK,UAAU,KAAK;AAAA,QAC1B,QAAQ;AAAA,MACT,CAAC;AACD,YAAM,UAAU,MAAM,UAAU,SAAS,GAAG;AAC5C,cAAQ,cAAc;AACtB,cAAQ,QAAQ,OAAO;AAAA,QACtB,YAAY;AAAA,QACZ,UAAU,MAAM;AAAA,MACjB;AACA,YAAM,WAAW,MAAM,cAAc,OAAO;AAC5C,UAAI,SAAS,KAAK,UAAU;AAC3B,eAAO;AAAA,UACN;AAAA,YACC,QAAQ;AAAA,YACR,SAAS;AAAA,cACR,UAAU,SAAS,KAAK;AAAA,YACzB;AAAA,UACD;AAAA,UACA;AAAA,QACD;AAAA,MACD;AACA,aAAO,WAAW,UAAU,SAAS,cAAc;AAAA,IACpD;AAAA;AAAA;AAAA;AAAA,IAIA,YAAY,OAAO,YAA+B;AAKjD,YAAM,MACL,mBAAmB,UACf,QAAQ,IAAI,SAAS,KACtB,QAAQ,IAAI,kBAAkB,KAC/B,qBACC,QAAQ;AACZ,YAAM,MACL,mBAAmB,UAChB,UACA,IAAI,QAAQ,KAAK;AAAA,QACjB,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,CAAC,CAAC;AAAA,QACvB,SAAS;AAAA,MACV,CAAC;AACJ,YAAM,UAAU,MAAM,UAAU,SAAS,GAAG;AAC5C,cAAQ,cAAc;AACtB,YAAM,WAAW,MAAM,iBAAiB,OAAO;AAC/C,aAAO;AAAA,IACR;AAAA;AAAA;AAAA;AAAA;AAAA,IAKA,SAAS,OAAO,YAAkD;AACjE,YAAM,MACL,mBAAmB,UACf,QAAQ,IAAI,SAAS,IACtB,QAAQ;AACZ,YAAM,MACL,mBAAmB,UAChB,UACA,IAAI,QAAQ,KAAK;AAAA,QACjB,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,CAAC,CAAC;AAAA,QACvB,SAAS;AAAA,MACV,CAAC;AACJ,YAAM,UAAU,MAAM,UAAU,SAAS,GAAG;AAC5C,cAAQ,cAAc;AACtB,YAAM,WAAW,MAAM,eAAe,OAAO;AAC7C,aAAO,WAAW,UAAU,SAAS,cAAc;AAAA,IACpD;AAAA,EACD;AACA,SAAO;AACR;;;AC3GO,IAAM,WAAW,CAAC,SAAmB;AAC3C,QAAM,CAAC,MAAM,IAAI,IAAI;AACrB,QAAM,WAAW,OAAO,SAAS,IAAc,IAAI;AACnD,UAAQ,MAAM;AAAA,IACb,KAAK;AACJ,aAAO;AAAA,IACR,KAAK;AACJ,aAAO,WAAW;AAAA,IACnB,KAAK;AACJ,aAAO,WAAW,KAAK;AAAA,IACxB,KAAK;AACJ,aAAO,WAAW,KAAK,KAAK;AAAA,IAC7B,KAAK;AACJ,aAAO,WAAW,KAAK,KAAK,KAAK;AAAA,IAClC;AACC,aAAO;AAAA,EACT;AACD;AAEO,IAAM,UAAU,CAAC,SAA4B;AACnD,QAAM,MAAM,OAAO,SAAS,WAAW,OAAO,SAAS,IAAI;AAC3D,QAAM,OAAO,oBAAI,KAAK;AACtB,SAAO,IAAI,KAAK,KAAK,QAAQ,IAAI,GAAG;AACrC;;;ACvBO,IAAM,wBAAwB,CAAC,OAAgB;AACrD,SAAO;AAAA,IACN,eAAe,OAAO,QAAgB,YAAqB;AAC1D,UAAI,QAAQ,gBAAgB;AAC3B,eAAO,QAAQ,eAAe,OAAO;AAAA,UACpC;AAAA,UACA,WAAW,IAAI,KAAK,KAAK,IAAI,IAAI,QAAQ,QAAQ,SAAS;AAAA,QAC3D,CAAC;AAAA,MACF;AACA,YAAMC,WAAU,MAAM,GAAG,OAAgB;AAAA,QACxC,OAAO,QAAQ,QAAQ;AAAA,QACvB,MAAM;AAAA,UACL,IAAI,qBAAqB,EAAE;AAAA,UAC3B;AAAA,UACA,WACC,GAAG,QAAQ,eAAe,WACvB,KAAK,IAAI,IAAI,QAAQ,QAAQ,YAC7B,IAAI,KAAK,KAAK,IAAI,IAAI,QAAQ,QAAQ,SAAS;AAAA,QACpD;AAAA,QACA,QAAQ,QAAQ,QAAQ;AAAA,MACzB,CAAC;AACD,aAAOA;AAAA,IACR;AAAA,IACA,eAAe,OAAOA,UAAkB,YAAqB;AAC5D,YAAM,aACL,QAAQ,QAAQ,cAAc,IAC3B,IACA,QAAQ,QAAQ,QAAQ,SAAS,EAAE,QAAQ;AAC/C,YAAM,SAAS,QAAQ,QAAQ,QAAQ,SAAS;AAChD,YAAM,kBACLA,SAAQ,UAAU,QAAQ,IAAI,OAAO,QAAQ,IAAI,cACjD,KAAK,IAAI;AACV,UAAI,iBAAiB;AACpB,YAAI,QAAQ,gBAAgB;AAC3B,iBAAO,QAAQ,eAAe,OAAO;AAAA,YACpC,IAAIA,SAAQ;AAAA,YACZ,QAAQA,SAAQ;AAAA,YAChB,WAAW,IAAI,KAAK,KAAK,IAAI,IAAI,QAAQ,QAAQ,SAAS;AAAA,UAC3D,CAAC;AAAA,QACF;AACA,cAAM,iBAAiB,MAAM,GAAG,OAAgB;AAAA,UAC/C,OAAO,QAAQ,QAAQ;AAAA,UACvB,OAAO;AAAA,YACN;AAAA,cACC,OAAO;AAAA,cACP,OAAOA,SAAQ;AAAA,YAChB;AAAA,UACD;AAAA,UACA,QAAQ;AAAA,YACP,WACC,GAAG,QAAQ,eAAe,WACvB,KAAK,IAAI,IAAI,QAAQ,QAAQ,YAC7B,IAAI,KAAK,KAAK,IAAI,IAAI,QAAQ,QAAQ,SAAS;AAAA,UACpD;AAAA,QACD,CAAC;AACD,eAAO;AAAA,MACR;AACA,aAAOA;AAAA,IACR;AAAA,IACA,eAAe,OAAO,IAAY,YAAqB;AACtD,YAAMA,WAAU,MAAM,GAAG,OAAgB;AAAA,QACxC,OAAO,QAAQ,QAAQ;AAAA,QACvB,OAAO;AAAA,UACN;AAAA,YACC,OAAO;AAAA,YACP,OAAO;AAAA,UACR;AAAA,QACD;AAAA,MACD,CAAC;AACD,aAAOA;AAAA,IACR;AAAA,IACA,YAAY,OACX,MAQA,YACI;AACJ,YAAM,OAAO,MAAM,GAAG,OAAa;AAAA,QAClC,OAAO,QAAQ,KAAK;AAAA,QACpB,MAAM;AAAA,UACL,IAAI,qBAAqB,EAAE;AAAA,UAC3B,GAAG,KAAK;AAAA,QACT;AAAA,QACA,QAAQ,QAAQ,KAAK;AAAA,MACtB,CAAC;AACD,YAAM,UAAU,MAAM,GAAG,OAAgB;AAAA,QACxC,OAAO,QAAQ,QAAQ;AAAA,QACvB,MAAM;AAAA,UACL,GAAG,KAAK;AAAA,UACR,QAAQ,KAAK;AAAA,UACb,YAAY,KAAK,QAAQ,WAAW,SAAS;AAAA,UAC7C,WAAW,KAAK,QAAQ,UAAU,SAAS;AAAA,QAC5C;AAAA,MACD,CAAC;AACD,aAAO,EAAE,MAAM,QAAQ;AAAA,IACxB;AAAA,IACA,mBAAmB,OAClB,OACA,MACA,YACI;AACJ,YAAM,OAAO,MAAM,GAAG,OAAa;AAAA,QAClC,OAAO,QAAQ,KAAK;AAAA,QACpB,OAAO;AAAA,UACN;AAAA,YACC,OAAO;AAAA,YACP,OAAO;AAAA,UACR;AAAA,QACD;AAAA,QACA,QAAQ;AAAA,MACT,CAAC;AACD,aAAO;AAAA,IACR;AAAA,IACA,iBAAiB,OAAO,OAAe,YAAqB;AAC3D,YAAM,OAAO,MAAM,GAAG,QAAqB;AAAA,QAC1C,OAAO,QAAQ,KAAK;AAAA,QACpB,OAAO;AAAA,UACN;AAAA,YACC,OAAO;AAAA,YACP,OAAO;AAAA,UACR;AAAA,QACD;AAAA,QACA,QAAQ,QAAQ,KAAK;AAAA,MACtB,CAAC;AACD,aAAO;AAAA,IACR;AAAA,IACA,aAAa,OAAO,IAAY,YAAqB;AACpD,UAAI,QAAQ,gBAAgB;AAC3B,eAAO,QAAQ,eAAe,QAAQ;AAAA,UACrC,QAAQ;AAAA,QACT,CAAC;AAAA,MACF;AACA,YAAMA,WAAU,MAAM,GAAG,QAAwB;AAAA,QAChD,OAAO,QAAQ,QAAQ;AAAA,QACvB,OAAO;AAAA,UACN;AAAA,YACC,OAAO;AAAA,YACP,OAAO;AAAA,UACR;AAAA,QACD;AAAA,QACA,QAAQ,QAAQ,QAAQ;AAAA,MACzB,CAAC;AACD,aAAOA;AAAA,IACR;AAAA,IACA,cAAc,OAAO,IAAY,YAAqB;AACrD,YAAM,OAAO,MAAM,GAAG,QAAqB;AAAA,QAC1C,OAAO,QAAQ,KAAK;AAAA,QACpB,OAAO;AAAA,UACN;AAAA,YACC,OAAO;AAAA,YACP,OAAO;AAAA,UACR;AAAA,QACD;AAAA,QACA,QAAQ,QAAQ,KAAK;AAAA,MACtB,CAAC;AACD,aAAO;AAAA,IACR;AAAA,IACA,aAAa,OACZ,OACA,YACI;AACJ,YAAM,UAAU,MAAM,GAAG,QAAwB;AAAA,QAChD,OAAO,QAAQ,QAAQ;AAAA,QACvB,OAAO;AAAA,UACN;AAAA,YACC,OAAO;AAAA,YACP,OAAO,MAAM,WAAW,SAAS;AAAA,UAClC;AAAA,UACA;AAAA,YACC,OAAO;AAAA,YACP,OAAO,MAAM,UAAU,SAAS;AAAA,UACjC;AAAA,QACD;AAAA,QACA,QAAQ,QAAQ,QAAQ;AAAA,MACzB,CAAC;AACD,aAAO;AAAA,IACR;AAAA,IACA,aAAa,OACZ,OAKA,YACI;AACJ,YAAM,EAAE,QAAQ,YAAY,UAAU,IAAI;AAC1C,YAAM,UAAU,MAAM,GAAG,OAAgB;AAAA,QACxC,OAAO,QAAQ,QAAQ;AAAA,QACvB,MAAM;AAAA,UACL;AAAA,UACA,YAAY,WAAW,SAAS;AAAA,UAChC,WAAW,UAAU,SAAS;AAAA,QAC/B;AAAA,MACD,CAAC;AACD,aAAO;AAAA,IACR;AAAA,EACD;AACD;;;AC/MA,SAAS,KAAAC,UAAS;AAIX,SAAS,iBAAiB,QAA6B;AAC7D,QAAM,iBAA0D,CAAC;AACjE,aAAW,SAAS,QAAQ;AAC3B,UAAM,EAAE,MAAM,UAAU,UAAU,WAAW,UAAU,IAAI,OAC1D,KACD;AACA,mBAAe,KAAK,IAAI;AAAA,MACvB,UAAU,YAAY;AAAA,MACtB,UAAU,YAAY;AAAA,MACtB,WAAW,aAAa;AAAA,MACxB,WAAWA,GAAE,IAAI,EAAE,EAAE,UAAU,cAAc,CAAC,MAAM,EAAE;AAAA,IACvD;AAAA,EACD;AACA,SAAO;AACR;AAEO,SAAS,gBACf,QAGA,OACC;AACD,QAAM,SAAS,OAAO,KAAK,MAAM,EAAE,OAAO,CAAC,WAAW;AACrD,WAAO,OAAO,MAAM,GAAG,aAAa;AAAA,EACrC,CAAC;AACD,QAAM,gBAAgB;AAAA,IACrB,SAAS,CAAC,MAAM,UAAU,WAAW;AAAA,IACrC,MAAM,CAAC,MAAM,SAAS,eAAe;AAAA,IACrC,SAAS,CAAC,cAAc,aAAa,QAAQ;AAAA,EAC9C;AACA,SAAO,CAAC,GAAG,cAAc,KAAK,GAAG,GAAG,MAAM;AAC3C;AAEO,IAAM,YAAY,CAAC,MAA2B,YAAqB;AACzE,QAAM,OAAO,OAAO,KAAK,IAAI,EAC3B,IAAI,CAAC,QAAQ;AACb,UAAM,SAAS,QAAQ,KAAK,OAAO,GAAG,GAAG,UAAU,UAAU,OAAO,GAAG,CAAC;AACxE,WAAO,EAAE,KAAK,OAAO,QAAQ,UAAU,OAAO,OAAO,OAAO,GAAG,EAAE;AAAA,EAClE,CAAC,EACA;AAAA,IACA,CAAC,KAAK,EAAE,KAAK,MAAM,MAAM;AACxB,UAAI,GAAG,IAAI;AACX,aAAO;AAAA,IACR;AAAA,IACA,CAAC;AAAA,EACF;AACD,SAAO;AACR;;;AC/CO,SAAS,WAAW,SAA4B;AACtD,QAAM,SAAS,CAAC,CAAC,QAAQ,UAAU;AACnC,QAAM,qBAAqB,SAAS,cAAc;AAClD,QAAM,eAAe;AACrB,SAAO;AAAA,IACN,cAAc;AAAA,MACb,MAAM,GAAG,kBAAkB,GAAG,YAAY;AAAA,MAC1C,SAAS;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,QACN;AAAA,QACA,QAAQ,QAAQ,SAAS,aAAa,SAAS,IAAI;AAAA,QACnD,GAAG,QAAQ,UAAU;AAAA,MACtB;AAAA,IACD;AAAA,IACA,WAAW;AAAA,MACV,MAAM,GAAG,kBAAkB,GAAG,YAAY;AAAA,MAC1C,SAAS;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,QACN;AAAA,MACD;AAAA,IACD;AAAA,IACA,OAAO;AAAA,MACN,MAAM,GAAG,kBAAkB,GAAG,YAAY;AAAA,MAC1C,SAAS;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,QACN;AAAA,QACA,QAAQ,KAAK;AAAA;AAAA,MACd;AAAA,IACD;AAAA,IACA,gBAAgB;AAAA,MACf,MAAM,GAAG,kBAAkB,GAAG,YAAY;AAAA,MAC1C,SAAS;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,QACN;AAAA,QACA,QAAQ,KAAK;AAAA;AAAA,MACd;AAAA,IACD;AAAA,IACA,OAAO;AAAA,MACN,MAAM,GAAG,kBAAkB,GAAG,YAAY;AAAA,MAC1C,SAAS;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,QACN;AAAA,QACA,QAAQ,KAAK;AAAA;AAAA,MACd;AAAA,IACD;AAAA,EACD;AACD;;;AC3DA,SAAS,KAAAC,UAAS;;;ACDlB,SAAS,aAAAC,kBAAiB;AAK1B,eAAsB,UACrB,SACA,UACC;AACD,QAAM,cACL,SAAS,OAAO,eAChB,GAAG,QAAQ,OAAO,GAAG,QAAQ,QAAQ,aAAa,SAAS,EAAE;AAC9D,QAAM,UAAU,IAAI,QAAQ;AAC5B,UAAQ,IAAI,gBAAgB,mCAAmC;AAC/D,UAAQ,IAAI,UAAU,kBAAkB;AACxC,UAAQ,IAAI,cAAc,aAAa;AACvC,QAAM,qBAAqBC,WAAU;AAAA,IACpC,GAAG,SAAS,OAAO,QAAQ,IAAI,SAAS,OAAO,YAAY;AAAA,EAC5D;AACA,UAAQ,IAAI,iBAAiB,SAAS,kBAAkB,EAAE;AAC1D,QAAM,OAAO,IAAI,gBAAgB;AACjC,OAAK,IAAI,cAAc,oBAAoB;AAC3C,OAAK,IAAI,QAAQ,QAAQ,QAAQ,MAAM,IAAI;AAC3C,OAAK,IAAI,gBAAgB,WAAW;AACpC,MAAI,SAAS,gBAAgB;AAC5B,UAAM,eAAe,QAAQ,QAAQ,QAAQ;AAAA,MAC5C,QAAQ,QAAQ,eAAe;AAAA,IAChC;AAEA,oBAAgB,KAAK,IAAI,iBAAiB,YAAY;AAAA,EACvD;AACA,OAAK,IAAI,aAAa,SAAS,OAAO,QAAQ;AAC9C,OAAK,IAAI,iBAAiB,SAAS,OAAO,YAAY;AACtD,MAAI,MAAM,SAAS,OAAO;AAC1B,MAAI,CAAC,KAAK;AACT,UAAM,YAAY,MAAM,iBAAiB,SAAS,QAAQ;AAC1D,QAAI,CAAC,UAAU,gBAAgB;AAC9B,YAAM,IAAI,MAAM,wBAAwB;AAAA,IACzC;AACA,UAAM,UAAU;AAAA,EACjB;AACA,QAAM,WAAW,MAAM,MAAM,KAAK;AAAA,IACjC,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,EACD,CAAC;AACD,QAAM,OAA2C,MAAM,SAAS,KAAK;AACrE,SAAO;AACR;;;ADrCA,IAAM,sBAAsBC,GAAE,OAAO;AAAA,EACpC,MAAMA,GAAE,OAAO;AAAA,EACf,OAAOA,GAAE,OAAO;AAAA,EAChB,UAAUA,GAAE,OAAO;AACpB,CAAC;AAGM,IAAM,WAAW,OAAO,YAA6B;AAC3D,QAAM,cAAc,oBAAoB,UAAU,QAAQ,QAAQ,KAAK;AACvE,MAAI,CAAC,YAAY,SAAS;AACzB,UAAM,QAAQ,QAAQ,QAAQ,IAAI,aAAa,IAAI,OAAO;AAC1D,UAAM,YAAY,QAAQ,QAAQ,IAAI,aAAa,IAAI,mBAAmB;AAC1E,UAAM,QAAQ,QAAQ,QAAQ,IAAI,aAAa,IAAI,OAAO;AAC1D,QAAI,CAAC,OAAO;AACX,YAAM,IAAI;AAAA,QACT,8BAA8B,QAAQ,QAAQ,IAAI,aAAa;AAAA,UAC9D;AAAA,QACD,CAAC;AAAA,MACF;AAAA,IACD;AACA,UAAM,EAAE,WAAW,IAAI,SAAS,KAAK;AACrC,WAAO;AAAA,MACN,QAAQ;AAAA,MACR,SAAS;AAAA,QACR,UAAU,GAAG,UAAU,UAAU,KAAK,sBAAsB,SAAS;AAAA,MACtE;AAAA,IACD;AAAA,EACD;AAEA,QAAM,WAAW,YAAY,SAAS,YAAY,KAAK,QAAQ;AAC/D,MAAI,UAAU,SAAS,WAAW,UAAU,SAAS,QAAQ;AAC5D,UAAM,cAAc,QAAQ,QAAQ,QAAQ,IAAI,QAAQ,QAAQ,MAAM,IAAI;AAC1E,UAAM,QAAQ,YAAY,KAAK;AAC/B,UAAM,EAAE,WAAW,IAAI,SAAS,KAAK;AACrC,QAAI,gBAAgB,OAAO;AAC1B,aAAO;AAAA,QACN,QAAQ;AAAA,QACR,SAAS;AAAA,UACR,UAAU,GAAG,UAAU;AAAA,QACxB;AAAA,MACD;AAAA,IACD;AACA,UAAM,SAAS,MAAM,UAAU,SAAS,QAAQ;AAChD,QAAI,OAAO,OAAO;AACjB,aAAO;AAAA,QACN,QAAQ;AAAA,QACR,SAAS;AAAA,UACR,UAAU,GAAG,UAAU,UAAU,OAAO,KAAK;AAAA,QAC9C;AAAA,MACD;AAAA,IACD;AACA,QAAI,SAAS,SAAS,WAAW,SAAS,SAAS,QAAQ;AAC1D,YAAM,UAAU,MAAM,SAAS,YAAY,MAAa;AAExD,YAAM;AAAA,QACL;AAAA,QACA,YAAAC;AAAA,QACA,QAAQ,EAAE,MAAM,mBAAmB,WAAW;AAAA,MAC/C,IAAI,SAAS,KAAK;AAClB,UAAI,cAAc,MAAM,QAAQ,QAAQ;AAAA,QACvC;AAAA,UACC,YAAY,SAAS;AAAA,UACrB,WAAW,QAAQ;AAAA,QACpB;AAAA,QACA;AAAA,MACD;AAKA,UAAI,SAAS,SAAS,QAAQ;AAC7B,YAAI,QAAQ,OAAO;AAClB,gBAAM,QAAQ,QAAQ,QAAQ,QAAQ,IAAI,QAAQ,QAAQ,MAAM,IAAI;AACpE,cAAI,QAAQ,UAAU,OAAO;AAC5B,mBAAO;AAAA,cACN,QAAQ;AAAA,cACR,SAAS;AAAA,gBACR,UAAU,GAAGA,WAAU;AAAA,cACxB;AAAA,YACD;AAAA,UACD;AAAA,QACD;AAAA,MACD;AAKA,UAAI,cAAc,aAAa;AAC9B,eAAO;AAAA,UACN,QAAQ;AAAA,UACR,SAAS;AAAA,YACR,UAAU,GAAGA,WAAU;AAAA,UACxB;AAAA,QACD;AAAA,MACD;AACA,UAAI,WAAuC;AAC3C,UAAI,CAAC,aAAa;AAIjB,YAAI,SAAS,OAAO,cAAc;AACjC,gBAAM,aAAa,SAAS,OAAO,aAAa,UAC7C,MAAM,SAAS,OAAO,aAAa,QAAQ,OAAO,IAClD;AACH,cAAI,YAAY;AACf,kBAAM,EAAE,OAAO,IAAI,IAAI,SAAS,OAAO;AACvC,kBAAM,OAAO,MAAM,QAAQ,IAAI,QAAc;AAAA,cAC5C,OAAO,QAAQ,KAAK;AAAA,cACpB,OAAO;AAAA,gBACN;AAAA,kBACC;AAAA,kBACA,OAAO,QAAQ,GAA2B;AAAA,gBAC3C;AAAA,cACD;AAAA,YACD,CAAC;AACD,gBAAI,MAAM;AACT,4BAAc,MAAM,QAAQ,QAAQ;AAAA,gBACnC;AAAA,kBACC,QAAQ,KAAK;AAAA,kBACb,YAAY,SAAS;AAAA,kBACrB,WAAW,QAAQ;AAAA,gBACpB;AAAA,gBACA;AAAA,cACD;AACA,yBAAW;AAAA,YACZ;AAAA,UACD;AAAA,QACD;AAKA,YAAI,CAAC,YAAY,CAAC,MAAM;AACvB,iBAAO;AAAA,YACN,QAAQ;AAAA,YACR,SAAS;AAAA,cACR,UAAU,GAAG,WAAW;AAAA,YACzB;AAAA,UACD;AAAA,QACD;AAKA,YAAI,CAAC,UAAU;AACd,cAAI,aAAkC,CAAC;AACvC,qBAAW,OAAO,MAAM;AACvB,gBAAI,OAAO,KAAK,GAAG,MAAM,UAAU;AAClC,oBAAM,iBAAkB,KAAK,GAAG,EAAa,MAAM,GAAG;AACtD,kBAAI,QAAa;AACjB,yBAAW,KAAK,gBAAgB;AAC/B,wBAAQ,MAAM,CAAuB;AAAA,cACtC;AACA,yBAAW,GAAG,IAAI;AAAA,YACnB,WAAW,WAAW,KAAK,GAAG,GAAG;AAChC,yBAAW,GAAG,IAAI,KAAK,GAAG,EAAE;AAAA,YAC7B;AAAA,UACD;AAIA,uBAAa,UAAU,YAAY,OAAO;AAE1C,gBAAM,cAIF;AAAA,YACH,YAAY,SAAS;AAAA,YACrB,WAAW,QAAQ;AAAA,UACpB;AAEA,qBAAW,OAAO,QAAQ,QAAQ,kBAAkB;AACnD,wBAAY,GAAG,IACd,OACC,QAAQ,QAAQ,iBAAiB,GAAG,CACrC;AAAA,UACF;AAEA,cAAI;AACH,kBAAM,EAAE,MAAM,QAAQ,IAAI,MAAM,QAAQ,QAAQ;AAAA,cAC/C;AAAA,gBACC,MAAM;AAAA,gBACN,SAAS;AAAA,cACV;AAAA,cACA;AAAA,YACD;AACA,0BAAc;AACd,uBAAW;AAAA,UACZ,SAAS,GAAG;AACX,mBAAO;AAAA,cACN,QAAQ;AAAA,cACR,SAAS;AAAA,gBACR,UAAU,GAAGA,WAAU;AAAA,cACxB;AAAA,YACD;AAAA,UACD;AAAA,QACD;AAAA,MACD;AAEA,UAAI,CAAC,UAAU;AACd,mBAAW,MAAM,QAAQ,QAAQ;AAAA,UAChC,aAAa;AAAA,UACb;AAAA,QACD;AAAA,MACD;AAIA,UAAI,mBAAmB;AACtB,cAAMC,WAAU,MAAM,QAAQ,QAAQ;AAAA,UACrC,UAAU;AAAA,UACV;AAAA,QACD;AACA,yBAAiB,SAASA,SAAQ,EAAE;AAAA,MACrC;AACA,aAAO;AAAA,QACN,QAAQ;AAAA,QACR,SAAS;AAAA,UACR,UAAU;AAAA,QACX;AAAA,MACD;AAAA,IACD;AACA,WAAO;AAAA,MACN,QAAQ;AAAA,IACT;AAAA,EACD;AACA,QAAM,IAAI,cAAc,uBAAuB;AAChD;AAEO,IAAM,kBAAkB,YAAY,UAAU,CAAC,MAAM,CAAC;;;AEhP7D,SAAS,KAAAC,UAAS;AAOlB,IAAM,eAAeC,GAAE,OAAO;AAAA,EAC7B,MAAMA,GAAE,OAAOA,GAAE,OAAO,GAAGA,GAAE,IAAI,CAAC,EAAE,SAAS;AAAA,EAC7C,UAAUA,GAAE,OAAO;AAAA,EACnB,YAAYA,GAAE,OAAO;AAAA,EACrB,aAAaA,GAAE,OAAO,EAAE,SAAS;AAAA,EACjC,mBAAmBA,GAAE,QAAQ,EAAE,SAAS;AACzC,CAAC;AAIM,IAAM,SAAS,OAAO,YAA2B;AACvD,QAAM,OAAO,aAAa,MAAM,QAAQ,QAAQ,IAAI;AAEpD,QAAM,WAAW,YAAY,SAAS,KAAK,QAAQ;AACnD,MAAI,CAAC,UAAU;AACd,UAAM,IAAI,gBAAgB,KAAK,QAAQ;AAAA,EACxC;AACA,MAAI,UAAU,SAAS,WAAW,UAAU,SAAS,QAAQ;AAE5D,YAAQ,QAAQ,KAAK,SAAS,QAAQ,QAAQ,KAAK;AACnD,UAAM,MAAM,MAAM,YAAY,SAAS,UAAU;AAAA,MAChD,mBAAmB,KAAK,qBAAqB;AAAA,MAC7C,YAAY;AAAA,IACb,CAAC;AACD,WAAO;AAAA,MACN,QAAQ;AAAA,MACR,MAAM;AAAA,QACL;AAAA,QACA,UAAU;AAAA,MACX;AAAA,IACD;AAAA,EACD;AAEA,MAAI,CAAC,SAAS,QAAQ;AACrB,UAAM,IAAI,cAAc,gCAAgC;AAAA,EACzD;AAEA,SAAO,MAAM,SAAS,OAAO,OAAO;AACrC;AAEO,IAAM,gBAAgB,YAAY,MAAM;;;ACtCxC,IAAM,SAAS,OACrB,YAC+B;AAC/B,QAAM,SAAS,QAAQ,QAAQ;AAC/B,UAAQ,QAAQ;AAAA,IACf,KAAK;AACJ,aAAO,cAAc,OAAO;AAAA,IAC7B,KAAK;AACJ,aAAO,MAAM,gBAAgB,OAAO;AAAA,IACrC,KAAK;AACJ,aAAO,MAAM,cAAc,OAAO;AAAA,IACnC,KAAK;AACJ,aAAO,MAAM,eAAe,OAAO;AAAA,IACpC,KAAK;AACJ,aAAO,MAAM,eAAe,OAAO;AAAA,IACpC,SAAS;AACR,YAAM,SAAS,QAAQ,QAAQ,KAAK,CAACC,YAAW;AAC/C,eAAO,OAAO,WAAWA,QAAO,EAAE;AAAA,MACnC,CAAC;AACD,YAAM,kBAAkB,QAAQ,UAAU,KAAK,CAAC,aAAa;AAC5D,eAAO,SAAS,SAAS,YAAY,SAAS,SAAS,QAAQ,OAAO;AAAA,MACvE,CAAC;AACD,UAAI,QAAQ,SAAS;AACpB,eAAO,MAAM,OAAO,QAAQ,OAAO;AAAA,MACpC;AACA,UAAI,iBAAiB,SAAS;AAC7B,eAAO,MAAM,gBAAgB,QAAQ,QAAQ,OAAO;AAAA,MACrD;AACA,aAAO;AAAA,QACN,QAAQ;AAAA,MACT;AAAA,IACD;AAAA,EACD;AACD;;;AC3CA,SAAmC,uBAAuB;AAE1D,SAAS,KAAAC,UAAS;AAGlB,eAAsB,QAAW,SAAoC;AACpE,MAAI;AACH,QAAI,mBAAmB;AAAS,aAAO,MAAM,QAAQ,KAAK;AAC1D,WAAO,IAAI,QAAW,CAAC,YAAY;AAClC,YAAM,YAAmB,CAAC;AAC1B,UAAI;AACJ,cACE,GAAG,QAAQ,CAAC,UAAU;AACtB,kBAAU,KAAK,KAAK;AAAA,MACrB,CAAC,EACA,GAAG,OAAO,MAAM;AAChB,eAAO,OAAO,OAAO,SAAS,EAAE,SAAS;AACzC,gBAAQ,KAAK,MAAM,IAAI,CAAC;AAAA,MACzB,CAAC;AAAA,IACH,CAAC;AAAA,EACF,QAAQ;AACP,UAAM,IAAI,eAAe;AAAA,EAC1B;AACD;AAEO,IAAM,kBAAkB,CAC9B,oBACa;AACb,MAAI,2BAA2B;AAAS,WAAO;AAC/C,QAAM,UAAU,IAAI,QAAQ;AAC5B,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,eAAe,GAAG;AAC3D,QAAI,MAAM,QAAQ,KAAK,GAAG;AACzB,iBAAW,OAAO,OAAO;AACxB,gBAAQ,OAAO,KAAK,GAAG;AAAA,MACxB;AAAA,IACD,WAAW,OAAO;AACjB,cAAQ,OAAO,KAAK,KAAK;AAAA,IAC1B;AAAA,EACD;AACA,SAAO;AACR;AASO,SAAS,kBAAkB,QAAiB;AAClD,MAAI,QAAQ,YAAY,MAAM,UAAU,QAAQ,YAAY,MAAM,OAAO;AACxE,WAAO;AAAA,EACR;AACA,SAAO;AACR;AASO,SAAS,SACf,SACA,SACC;AACD,MAAI,mBACH,mBAAmB,kBAChB,GAAG,QAAQ,QAAQ,IAAI,GAAG,QAAQ,GAAG,KACrC,QAAQ;AACZ,MAAI,CAAC,iBAAiB,WAAW,MAAM,GAAG;AACzC,QAAI,iBAAiB,WAAW,WAAW,GAAG;AAC7C,yBAAmB,UAAU,gBAAgB;AAAA,IAC9C,OAAO;AACN,yBAAmB,WAAW,gBAAgB;AAAA,IAC/C;AAAA,EACD;AACA,QAAM,aAAa,IAAI,IAAI,gBAAgB;AAC3C,QAAM,UAAU,WAAW;AAC3B,QAAM,WAAW,QAAQ,YAAY;AACrC,MAAI,YAAY,GAAG,OAAO,GAAG,QAAQ;AACrC,MAAI,CAAC,UAAU,WAAW,MAAM,GAAG;AAClC,gBAAY,WAAW,SAAS;AAAA,EACjC;AACA,QAAM,aAAaC,GAAE,OAAO,EAAE,IAAI,EAAE,UAAU,SAAS;AACvD,MAAI,SAAS,WAAW,SAAS,MAAM,QAAQ,EAAE,CAAC,KAAK;AAEvD,WAAS,OAAO,QAAQ,KAAK,EAAE;AAC/B,MAAI,WAAW,OAAO;AACrB,UAAM,IAAI,WAAW;AAAA,EACtB;AAKA,MAAI,OAAO,WAAW,UAAU,GAAG;AAClC,UAAM,WAAW,OAAO,MAAM,GAAG,EAAE,CAAC;AACpC,QAAI,CAAC;AAAU,YAAM,IAAI,WAAW,iCAAiC;AACrE,aAAS;AACT,eAAW,aAAa,IAAI,YAAY,QAAQ;AAAA,EACjD;AACA,QAAM,MAAM,IAAI,IAAI,SAAS;AAC7B,aAAW,aAAa,QAAQ,CAAC,OAAO,QAAQ;AAC/C,QAAI,aAAa,IAAI,KAAK,KAAK;AAAA,EAChC,CAAC;AACD,SAAO;AAAA,IACN;AAAA,IACA;AAAA,EACD;AACD;;;AC5GO,IAAM,iBAAiB;AACvB,IAAM,YAAY,CAAC,WAAoB;AAC7C,WAAS,UAAU,QAAQ,IAAI,sBAAsB,QAAQ,IAAI;AACjE,MAAI,QAAQ,IAAI,aAAa,gBAAgB,CAAC,QAAQ;AACrD,UAAM,IAAI,cAAc;AAAA,EACzB;AACA,SAAO,UAAU;AAClB;;;ACiBO,IAAM,aAAa,CAA8B,YAAe;AACtE,QAAM,iBAAiB,WAAW,OAAO;AAUzC,QAAM,OAAO;AAAA;AAAA;AAAA;AAAA,IAIZ,SAAS,OACR,SACA,SACgB;AAChB,YAAM,UAAU,MAAM,UAAU,SAAS,SAAS,IAAI;AACtD,UAAI,CAAC,kBAAkB,QAAQ,MAAM,GAAG;AACvC,eAAO,WAAW,EAAE,QAAQ,IAAI,GAAG,SAAS,IAAI;AAAA,MACjD;AACA,YAAM,WAAW,MAAM,OAAO,OAAO;AACrC,aAAO,WAAW,UAAU,SAAS,IAAI;AAAA,IAC1C;AAAA,IACA,QAAQ;AAAA,MACP,GAAG;AAAA,MACH,GAAG,QAAQ,SAAS,IAAI,CAAC,WAAW,OAAO,aAAa,OAAO,CAAC;AAAA,IACjE;AAAA,IACA;AAAA,EACD;AAEA,SAAO;AACR;AAEO,IAAM,YAAY,OACxB,SACA,SACA,mBACsB;AACtB,QAAM,WAAW,QAAQ,YAAY;AACrC,QAAM,UAAU,gBAAgB,QAAQ,OAAO;AAC/C,QAAM,EAAE,KAAK,OAAO,IAAI,SAAS,SAAS,OAAO;AACjD,QAAM,OACL,QAAQ,QAAQ,YAAY,MAAM,SAAS,MAAM,QAAQ,OAAO,IAAI;AACrE,SAAO;AAAA,IACN,SAAS,IAAI;AAAA,IACb;AAAA,IACA,SAAS;AAAA,MACR,QAAQ,QAAQ;AAAA,MAChB;AAAA,MACA,OAAO,OAAO,YAAY,IAAI,YAAY;AAAA,MAC1C;AAAA,MACA;AAAA,MACA;AAAA,MACA,SAAS,gBAAgB,iBAAiB,cAAc,OAAO;AAAA,IAChE;AAAA,IACA,KAAK,QAAQ;AAAA,IACb,WAAW,QAAQ;AAAA,IACnB,QAAQ,UAAU,QAAQ,MAAM;AAAA,IAChC,SAAS,sBAAsB,QAAQ,OAAO;AAAA,IAC9C,SAAS,WAAW,OAAO;AAAA,IAC3B,SAAS,WAAW,OAAO;AAAA,IAC3B,aAAa,QAAQ,UAAU,iBAAiB;AAAA,IAChD,SAAS;AAAA,MACR,WAAW,QAAQ,SAAS,aAAa;AAAA,MACzC,WACC,QAAQ,SAAS,cAAc,SAC5B,SAAS,IAAI,IACb,QAAQ,QAAQ;AAAA,MACpB,WAAW,QAAQ,SAAS,aAAa,SAAS,IAAI;AAAA,MACtD,kBAAkB,QAAQ,SAAS,mBAChC,iBAAiB,QAAQ,QAAQ,gBAAgB,IACjD,CAAC;AAAA,MACJ,cAAc;AAAA,QACb,QAAQ,SAAS,oBAAoB,CAAC;AAAA,QACtC;AAAA,MACD;AAAA,IACD;AAAA,IACA,MAAM;AAAA,MACL,WAAW,QAAQ,MAAM,aAAa;AAAA,MACtC,QAAQ,QAAQ,MAAM,SAAS,iBAAiB,QAAQ,KAAK,MAAM,IAAI,CAAC;AAAA,MACxE,cAAc,gBAAgB,QAAQ,MAAM,UAAU,CAAC,GAAG,MAAM;AAAA,IACjE;AAAA,IACA,SAAS;AAAA,MACR,WAAW,QAAQ,SAAS,aAAa;AAAA,MACzC,kBAAkB,QAAQ,SAAS,oBAAoB,CAAC;AAAA,MACxD,cAAc;AAAA,QACb,GAAG,OAAO,KAAK,QAAQ,SAAS,oBAAoB,CAAC,CAAC;AAAA,QACtD;AAAA,QACA;AAAA,QACA;AAAA,MACD;AAAA,IACD;AAAA,IACA,gBAAgB,QAAQ;AAAA,EACzB;AACD;AAEO,IAAM,aAAa,CACzB,KACA,SACA,mBACI;AACJ,MAAI,gBAAgB,YAAY;AAC/B,WAAO,eAAe,WAAW,KAAK,OAAO;AAAA,EAC9C;AACA,UAAQ,QAAQ,QAAQ,IAAI,gBAAgB,kBAAkB;AAC9D,QAAM,WAAW,IAAI,SAAS,IAAI,OAAO,KAAK,UAAU,IAAI,IAAI,IAAI,MAAM;AAAA,IACzE,SAAS;AAAA,MACR,GAAG,QAAQ,QAAQ;AAAA,MACnB,cAAc,QAAQ,QAAQ,QAAQ,IAAI,YAAY,KAAK;AAAA,MAC3D,GAAG,IAAI;AAAA,IACR;AAAA,IACA,QAAQ,IAAI;AAAA,IACZ,YAAY,IAAI;AAAA,EACjB,CAAC;AACD,SAAO;AACR;","names":["context","session","signUp","provider","session","session","z","z","base64url","base64url","z","currentURL","session","z","z","plugin","z","z"]}
+{"version":3,"sources":["../src/api/index.ts","../src/adapters/schema.ts","../src/api/middlewares/csrf.ts","../src/crypto/index.ts","../src/api/call.ts","../src/api/routes/sign-in.ts","../src/social-providers/apple.ts","../src/error/better-auth-error.ts","../src/utils/base-url.ts","../src/social-providers/utils.ts","../src/social-providers/discord.ts","../src/social-providers/facebook.ts","../src/social-providers/github.ts","../src/social-providers/google.ts","../src/social-providers/spotify.ts","../src/social-providers/twitch.ts","../src/social-providers/twitter.ts","../src/types/provider.ts","../src/social-providers/index.ts","../src/utils/state.ts","../src/api/routes/session.ts","../src/api/routes/callback.ts","../src/client/client-utils.ts","../src/utils/id.ts","../src/api/routes/sign-out.ts","../src/api/routes/forget-password.ts","../src/api/routes/verify-email.ts","../src/api/routes/csrf.ts","../src/api/routes/ok.ts","../src/api/routes/sign-up.ts","../src/api/routes/error.ts","../src/adapters/kysely.ts","../src/adapters/get-tables.ts","../src/adapters/utils.ts","../src/adapters/internal-adapter.ts","../src/utils/date.ts","../src/db/field.ts","../src/utils/cookies.ts","../src/utils/logger.ts","../src/init.ts","../src/auth.ts"],"sourcesContent":["import { type Context, type Endpoint, createRouter } from \"better-call\";\nimport { parseAccount, parseSession, parseUser } from \"../adapters/schema\";\nimport type { AuthContext } from \"../init\";\nimport type { BetterAuthOptions, InferSession, InferUser } from \"../types\";\nimport type { Prettify } from \"../types/helper\";\nimport { csrfMiddleware } from \"./middlewares/csrf\";\nimport {\n\tcallbackOAuth,\n\tforgetPassword,\n\tgetSession,\n\tresetPassword,\n\tsendVerificationEmail,\n\tsignInEmail,\n\tsignInOAuth,\n\tsignOut,\n\tverifyEmail,\n} from \"./routes\";\nimport { getCSRFToken } from \"./routes/csrf\";\nimport { ok, welcome } from \"./routes/ok\";\nimport { signUpEmail } from \"./routes/sign-up\";\nimport { error } from \"./routes/error\";\n\nexport const router = <C extends AuthContext, Option extends BetterAuthOptions>(\n\tctx: C,\n) => {\n\tconst pluginEndpoints = ctx.options.plugins?.reduce(\n\t\t(acc, plugin) => {\n\t\t\treturn {\n\t\t\t\t...acc,\n\t\t\t\t...plugin.endpoints,\n\t\t\t};\n\t\t},\n\t\t{} as Record<string, any>,\n\t);\n\n\tconst middlewares =\n\t\tctx.options.plugins\n\t\t\t?.map((plugin) =>\n\t\t\t\tplugin.middlewares?.map((m) => {\n\t\t\t\t\tconst middleware = (async (context: any) => {\n\t\t\t\t\t\treturn m.middleware({\n\t\t\t\t\t\t\t...context,\n\t\t\t\t\t\t\tcontext: {\n\t\t\t\t\t\t\t\t...ctx,\n\t\t\t\t\t\t\t\t...context.context,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t});\n\t\t\t\t\t}) as Endpoint;\n\t\t\t\t\tmiddleware.path = m.path;\n\t\t\t\t\tmiddleware.options = m.middleware.options;\n\t\t\t\t\tmiddleware.headers = m.middleware.headers;\n\t\t\t\t\treturn {\n\t\t\t\t\t\tpath: m.path,\n\t\t\t\t\t\tmiddleware,\n\t\t\t\t\t};\n\t\t\t\t}),\n\t\t\t)\n\t\t\t.filter((plugin) => plugin !== undefined)\n\t\t\t.flat() || [];\n\n\tasync function typedSession(\n\t\tctx: Context<\n\t\t\t\"/session\",\n\t\t\t{\n\t\t\t\tmethod: \"GET\";\n\t\t\t\trequireHeaders: true;\n\t\t\t}\n\t\t>,\n\t) {\n\t\tconst handler = await getSession(ctx);\n\t\treturn handler as {\n\t\t\tsession: Prettify<InferSession<Option>>;\n\t\t\tuser: Prettify<InferUser<Option>>;\n\t\t} | null;\n\t}\n\ttypedSession.path = getSession.path;\n\ttypedSession.method = getSession.method;\n\ttypedSession.options = getSession.options;\n\ttypedSession.headers = getSession.headers;\n\n\tconst baseEndpoints = {\n\t\tsignInOAuth,\n\t\tcallbackOAuth,\n\t\tgetCSRFToken,\n\t\tgetSession: typedSession,\n\t\tsignOut,\n\t\tsignUpEmail,\n\t\tsignInEmail,\n\t\tforgetPassword,\n\t\tresetPassword,\n\t\tverifyEmail,\n\t\tsendVerificationEmail,\n\t};\n\tconst endpoints = {\n\t\t...baseEndpoints,\n\t\t...pluginEndpoints,\n\t\tok,\n\t\twelcome,\n\t\terror,\n\t};\n\tlet api: Record<string, any> = {};\n\tfor (const [key, value] of Object.entries(endpoints)) {\n\t\tapi[key] = async (context: any) => {\n\t\t\tfor (const plugin of ctx.options.plugins || []) {\n\t\t\t\tif (plugin.hooks?.before) {\n\t\t\t\t\tfor (const hook of plugin.hooks.before) {\n\t\t\t\t\t\tconst match = hook.matcher({\n\t\t\t\t\t\t\t...context,\n\t\t\t\t\t\t\t...value,\n\t\t\t\t\t\t});\n\t\t\t\t\t\tif (match) {\n\t\t\t\t\t\t\tconst hookRes = await hook.handler(context);\n\t\t\t\t\t\t\tif (hookRes && \"context\" in hookRes) {\n\t\t\t\t\t\t\t\tcontext = {\n\t\t\t\t\t\t\t\t\t...context,\n\t\t\t\t\t\t\t\t\t...hookRes.context,\n\t\t\t\t\t\t\t\t\t...value,\n\t\t\t\t\t\t\t\t};\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\t//@ts-ignore\n\t\t\tconst endpointRes = value({\n\t\t\t\t...context,\n\t\t\t\tcontext: {\n\t\t\t\t\t...ctx,\n\t\t\t\t\t...context.context,\n\t\t\t\t},\n\t\t\t});\n\t\t\tlet response = endpointRes;\n\t\t\tfor (const plugin of ctx.options.plugins || []) {\n\t\t\t\tif (plugin.hooks?.after) {\n\t\t\t\t\tfor (const hook of plugin.hooks.after) {\n\t\t\t\t\t\tconst match = hook.matcher(context);\n\t\t\t\t\t\tif (match) {\n\t\t\t\t\t\t\tconst obj = Object.assign(context, {\n\t\t\t\t\t\t\t\treturned: endpointRes,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\tconst hookRes = await hook.handler(obj);\n\t\t\t\t\t\t\tif (hookRes && \"response\" in hookRes) {\n\t\t\t\t\t\t\t\tresponse = hookRes.response as any;\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn response;\n\t\t};\n\t\tapi[key].path = value.path;\n\t\tapi[key].method = value.method;\n\t\tapi[key].options = value.options;\n\t\tapi[key].headers = value.headers;\n\t}\n\treturn createRouter(api as typeof baseEndpoints, {\n\t\textraContext: ctx,\n\t\tbasePath: ctx.options.basePath,\n\t\trouterMiddleware: [\n\t\t\t{\n\t\t\t\tpath: \"/**\",\n\t\t\t\tmiddleware: csrfMiddleware,\n\t\t\t},\n\t\t\t...middlewares,\n\t\t],\n\t\t/**\n\t\t * this is to remove any sensitive data from the response\n\t\t */\n\t\tasync transformResponse(res) {\n\t\t\tlet body: Record<string, any> = {};\n\t\t\ttry {\n\t\t\t\tbody = await res.json();\n\t\t\t} catch (e) {\n\t\t\t\treturn res;\n\t\t\t}\n\t\t\tif (body?.user) {\n\t\t\t\tbody.user = parseUser(ctx.options, body.user);\n\t\t\t}\n\t\t\tif (body?.session) {\n\t\t\t\tbody.session = parseSession(ctx.options, body.session);\n\t\t\t}\n\t\t\tif (body?.account) {\n\t\t\t\tbody.account = parseAccount(ctx.options, body.account);\n\t\t\t}\n\t\t\treturn new Response(body ? JSON.stringify(body) : null, {\n\t\t\t\theaders: res.headers,\n\t\t\t\tstatus: res.status,\n\t\t\t\tstatusText: res.statusText,\n\t\t\t});\n\t\t},\n\t\tonError(e) {\n\t\t\tconsole.log(e);\n\t\t},\n\t});\n};\n","import { z } from \"zod\";\nimport type { FieldAttribute } from \"../db\";\nimport type { BetterAuthOptions } from \"../types\";\n\nexport const accountSchema = z.object({\n\tid: z.string(),\n\tproviderId: z.string(),\n\taccountId: z.string(),\n\tuserId: z.string(),\n\taccessToken: z.string().nullable().optional(),\n\trefreshToken: z.string().nullable().optional(),\n\tidToken: z.string().nullable().optional(),\n\taccessTokenExpiresAt: z.date().nullable().optional(),\n\trefreshTokenExpiresAt: z.date().nullable().optional(),\n\t/**\n\t * Password is only stored in the credential provider\n\t */\n\tpassword: z.string().optional().nullable(),\n});\n\nexport const userSchema = z.object({\n\tid: z.string(),\n\temail: z.string().transform((val) => val.toLowerCase()),\n\temailVerified: z.boolean().default(false),\n\tname: z.string(),\n\timage: z.string().optional(),\n\tcreatedAt: z.date().default(new Date()),\n\tupdatedAt: z.date().default(new Date()),\n});\n\nexport const sessionSchema = z.object({\n\tid: z.string(),\n\tuserId: z.string(),\n\texpiresAt: z.date(),\n\tipAddress: z.string().optional(),\n\tuserAgent: z.string().optional(),\n});\n\nexport type User = z.infer<typeof userSchema>;\nexport type Account = z.infer<typeof accountSchema>;\nexport type Session = z.infer<typeof sessionSchema>;\nexport interface MigrationTable {\n\tname: string;\n\ttimestamp: string;\n}\n\nexport function parseData<T extends Record<string, any>>(\n\tdata: T,\n\tschema: {\n\t\tfields: Record<string, FieldAttribute>;\n\t},\n) {\n\tconst fields = schema.fields;\n\tconst parsedData: Record<string, any> = {};\n\tfor (const key in data) {\n\t\tconst field = fields[key];\n\t\tif (!field) {\n\t\t\tparsedData[key] = data[key];\n\t\t\tcontinue;\n\t\t}\n\t\tif (field.returned === false) {\n\t\t\tcontinue;\n\t\t}\n\t\tparsedData[key] = data[key];\n\t}\n\treturn parsedData as T;\n}\n\nexport function getAllFields(options: BetterAuthOptions, table: string) {\n\tlet schema: Record<string, FieldAttribute> = {};\n\tfor (const plugin of options.plugins || []) {\n\t\tif (plugin.schema && plugin.schema[table]) {\n\t\t\tschema = {\n\t\t\t\t...schema,\n\t\t\t\t...plugin.schema[table].fields,\n\t\t\t};\n\t\t}\n\t}\n\treturn schema;\n}\n\nexport function parseUser(options: BetterAuthOptions, user: User) {\n\tconst schema = getAllFields(options, \"user\");\n\treturn parseData(user, { fields: schema });\n}\n\nexport function parseAccount(options: BetterAuthOptions, account: Account) {\n\tconst schema = getAllFields(options, \"account\");\n\treturn parseData(account, { fields: schema });\n}\n\nexport function parseSession(options: BetterAuthOptions, session: Session) {\n\tconst schema = getAllFields(options, \"session\");\n\treturn parseData(session, { fields: schema });\n}\n","import { APIError } from \"better-call\";\nimport { z } from \"zod\";\nimport { hs256 } from \"../../crypto\";\nimport { createAuthMiddleware } from \"../call\";\n\nexport const csrfMiddleware = createAuthMiddleware(\n\t{\n\t\tbody: z\n\t\t\t.object({\n\t\t\t\tcsrfToken: z.string().optional(),\n\t\t\t})\n\t\t\t.optional(),\n\t},\n\tasync (ctx) => {\n\t\tif (\n\t\t\tctx.request?.method !== \"POST\" ||\n\t\t\tctx.context.options.advanced?.disableCSRFCheck\n\t\t) {\n\t\t\treturn;\n\t\t}\n\t\tconst url = new URL(ctx.request.url);\n\t\tconsole.log(url.origin, ctx.context.options.baseURL);\n\t\t/**\n\t\t * If origin is the same as baseURL or if the\n\t\t * origin is in the trustedOrigins then we\n\t\t * don't need to check the CSRF token.\n\t\t */\n\t\tif (\n\t\t\turl.origin === ctx.context.options.baseURL ||\n\t\t\tctx.context.options.trustedOrigins?.includes(url.origin)\n\t\t) {\n\t\t\treturn;\n\t\t}\n\n\t\tconst csrfToken = ctx.body?.csrfToken;\n\t\tconst csrfCookie = await ctx.getSignedCookie(\n\t\t\tctx.context.authCookies.csrfToken.name,\n\t\t\tctx.context.secret,\n\t\t);\n\t\tconst [token, hash] = csrfCookie?.split(\"!\") || [null, null];\n\t\tif (\n\t\t\t!csrfToken ||\n\t\t\t!csrfCookie ||\n\t\t\t!token ||\n\t\t\t!hash ||\n\t\t\tcsrfCookie !== csrfToken\n\t\t) {\n\t\t\tctx.setCookie(ctx.context.authCookies.csrfToken.name, \"\", {\n\t\t\t\tmaxAge: 0,\n\t\t\t});\n\t\t\tthrow new APIError(\"UNAUTHORIZED\", {\n\t\t\t\tmessage: \"Invalid CSRF Token\",\n\t\t\t});\n\t\t}\n\t\tconst expectedHash = await hs256(ctx.context.secret, token);\n\t\tif (hash !== expectedHash) {\n\t\t\tctx.setCookie(ctx.context.authCookies.csrfToken.name, \"\", {\n\t\t\t\tmaxAge: 0,\n\t\t\t});\n\t\t\tthrow new APIError(\"UNAUTHORIZED\", {\n\t\t\t\tmessage: \"Invalid CSRF Token\",\n\t\t\t});\n\t\t}\n\t},\n);\n","import { xchacha20poly1305 } from \"@noble/ciphers/chacha\";\nimport { bytesToHex, hexToBytes, utf8ToBytes } from \"@noble/ciphers/utils\";\nimport { managedNonce } from \"@noble/ciphers/webcrypto\";\nimport { sha256 } from \"@noble/hashes/sha256\";\n\nexport async function hs256(secretKey: string, message: string) {\n\tconst enc = new TextEncoder();\n\tconst algorithm = { name: \"HMAC\", hash: \"SHA-256\" };\n\tconst key = await crypto.subtle.importKey(\n\t\t\"raw\",\n\t\tenc.encode(secretKey),\n\t\talgorithm,\n\t\tfalse,\n\t\t[\"sign\", \"verify\"],\n\t);\n\tconst signature = await crypto.subtle.sign(\n\t\talgorithm.name,\n\t\tkey,\n\t\tenc.encode(message),\n\t);\n\treturn btoa(String.fromCharCode(...new Uint8Array(signature)));\n}\n\nexport type SymmetricEncryptOptions = {\n\tkey: string;\n\tdata: string;\n};\n\nexport const symmetricEncrypt = ({ key, data }: SymmetricEncryptOptions) => {\n\tconst keyAsBytes = sha256(key);\n\tconst dataAsBytes = utf8ToBytes(data);\n\tconst chacha = managedNonce(xchacha20poly1305)(keyAsBytes);\n\treturn bytesToHex(chacha.encrypt(dataAsBytes));\n};\n\nexport type SymmetricDecryptOptions = {\n\tkey: string;\n\tdata: string;\n};\n\nexport const symmetricDecrypt = ({ key, data }: SymmetricDecryptOptions) => {\n\tconst keyAsBytes = sha256(key);\n\tconst dataAsBytes = hexToBytes(data);\n\tconst chacha = managedNonce(xchacha20poly1305)(keyAsBytes);\n\treturn chacha.decrypt(dataAsBytes);\n};\n","import {\n\ttype Endpoint,\n\ttype EndpointResponse,\n\tcreateEndpointCreator,\n\tcreateMiddleware,\n\tcreateMiddlewareCreator,\n} from \"better-call\";\nimport type { AuthContext } from \"../init\";\nimport type { BetterAuthOptions } from \"../types/options\";\n\nexport const optionsMiddleware = createMiddleware(async () => {\n\t/**\n\t * This will be passed on the instance of\n\t * the context. Used to infer the type\n\t * here.\n\t */\n\treturn {} as AuthContext;\n});\n\nexport const createAuthMiddleware = createMiddlewareCreator({\n\tuse: [optionsMiddleware],\n});\n\nexport const createAuthEndpoint = createEndpointCreator({\n\tuse: [optionsMiddleware],\n});\n\nexport type AuthEndpoint = Endpoint<\n\t(ctx: {\n\t\toptions: BetterAuthOptions;\n\t\tbody: any;\n\t\tquery: any;\n\t\theaders: Headers;\n\t}) => Promise<EndpointResponse>\n>;\n\nexport type AuthMiddleware = ReturnType<typeof createAuthMiddleware>;\n","import { APIError } from \"better-call\";\nimport { generateCodeVerifier } from \"oslo/oauth2\";\nimport { Argon2id } from \"oslo/password\";\nimport { z } from \"zod\";\nimport { oAuthProviderList } from \"../../social-providers\";\nimport { generateState } from \"../../utils/state\";\nimport { createAuthEndpoint } from \"../call\";\nimport { getSessionFromCtx } from \"./session\";\n\nexport const signInOAuth = createAuthEndpoint(\n\t\"/sign-in/social\",\n\t{\n\t\tmethod: \"POST\",\n\t\trequireHeaders: true,\n\t\tquery: z\n\t\t\t.object({\n\t\t\t\t/**\n\t\t\t\t * Redirect to the current URL after the\n\t\t\t\t * user has signed in.\n\t\t\t\t */\n\t\t\t\tcurrentURL: z.string().optional(),\n\t\t\t})\n\t\t\t.optional(),\n\t\tbody: z.object({\n\t\t\t/**\n\t\t\t * Callback URL to redirect to after the user has signed in.\n\t\t\t */\n\t\t\tcallbackURL: z.string().optional(),\n\t\t\t/**\n\t\t\t * OAuth2 provider to use`\n\t\t\t */\n\t\t\tprovider: z.enum(oAuthProviderList),\n\t\t}),\n\t},\n\tasync (c) => {\n\t\tconst provider = c.context.options.socialProvider?.find(\n\t\t\t(p) => p.id === c.body.provider,\n\t\t);\n\t\tif (!provider) {\n\t\t\tc.context.logger.error(\n\t\t\t\t\"Provider not found. Make sure to add the provider to your auth config\",\n\t\t\t\t{\n\t\t\t\t\tprovider: c.body.provider,\n\t\t\t\t},\n\t\t\t);\n\t\t\tthrow new APIError(\"NOT_FOUND\");\n\t\t}\n\t\tconst cookie = c.context.authCookies;\n\t\tconst currentURL = c.query?.currentURL\n\t\t\t? new URL(c.query?.currentURL)\n\t\t\t: null;\n\t\tconst state = generateState(\n\t\t\tc.body.callbackURL || currentURL?.origin || c.context.baseURL,\n\t\t\tc.query?.currentURL,\n\t\t);\n\t\ttry {\n\t\t\tawait c.setSignedCookie(\n\t\t\t\tcookie.state.name,\n\t\t\t\tstate.code,\n\t\t\t\tc.context.secret,\n\t\t\t\tcookie.state.options,\n\t\t\t);\n\t\t\tconst codeVerifier = generateCodeVerifier();\n\t\t\tawait c.setSignedCookie(\n\t\t\t\tcookie.pkCodeVerifier.name,\n\t\t\t\tcodeVerifier,\n\t\t\t\tc.context.secret,\n\t\t\t\tcookie.pkCodeVerifier.options,\n\t\t\t);\n\t\t\tconst url = provider.createAuthorizationURL({\n\t\t\t\tstate: state.state,\n\t\t\t\tcodeVerifier,\n\t\t\t});\n\t\t\treturn {\n\t\t\t\turl: url.toString(),\n\t\t\t\tstate: state.state,\n\t\t\t\tcodeVerifier,\n\t\t\t\tredirect: true,\n\t\t\t};\n\t\t} catch (e) {\n\t\t\tthrow new APIError(\"INTERNAL_SERVER_ERROR\");\n\t\t}\n\t},\n);\n\nexport const signInEmail = createAuthEndpoint(\n\t\"/sign-in/email\",\n\t{\n\t\tmethod: \"POST\",\n\t\tbody: z.object({\n\t\t\temail: z.string().email(),\n\t\t\tpassword: z.string(),\n\t\t\tcallbackURL: z.string().optional(),\n\t\t\t/**\n\t\t\t * If this is true the session will only be valid for the current browser session\n\t\t\t * @default false\n\t\t\t */\n\t\t\tdontRememberMe: z.boolean().default(false).optional(),\n\t\t}),\n\t},\n\tasync (ctx) => {\n\t\tif (!ctx.context.options?.emailAndPassword?.enabled) {\n\t\t\tctx.context.logger.error(\"Email and password is not enabled\");\n\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\tmessage: \"Email and password is not enabled\",\n\t\t\t});\n\t\t}\n\t\tconst currentSession = await getSessionFromCtx(ctx);\n\t\tif (currentSession) {\n\t\t\treturn ctx.json({\n\t\t\t\tuser: currentSession.user,\n\t\t\t\tsession: currentSession.session,\n\t\t\t\tredirect: !!ctx.body.callbackURL,\n\t\t\t\turl: ctx.body.callbackURL,\n\t\t\t});\n\t\t}\n\t\tconst { email, password } = ctx.body;\n\t\tconst argon2id = new Argon2id();\n\t\tconst user = await ctx.context.internalAdapter.findUserByEmail(email);\n\t\tif (!user) {\n\t\t\tawait argon2id.hash(password);\n\t\t\tctx.context.logger.error(\"User not found\", { email });\n\t\t\tthrow new APIError(\"UNAUTHORIZED\", {\n\t\t\t\tmessage: \"Invalid email or password\",\n\t\t\t});\n\t\t}\n\t\tconst credentialAccount = user.accounts.find(\n\t\t\t(a) => a.providerId === \"credential\",\n\t\t);\n\t\tif (!credentialAccount) {\n\t\t\tctx.context.logger.error(\"Credential account not found\", { email });\n\t\t\tthrow new APIError(\"UNAUTHORIZED\", {\n\t\t\t\tmessage: \"Invalid email or password\",\n\t\t\t});\n\t\t}\n\t\tconst currentPassword = credentialAccount?.password;\n\t\tif (!currentPassword) {\n\t\t\tctx.context.logger.error(\"Password not found\", { email });\n\t\t\tthrow new APIError(\"UNAUTHORIZED\", {\n\t\t\t\tmessage: \"Unexpected error\",\n\t\t\t});\n\t\t}\n\t\tconst validPassword = await argon2id.verify(currentPassword, password);\n\t\tif (!validPassword) {\n\t\t\tctx.context.logger.error(\"Invalid password\");\n\t\t\tthrow new APIError(\"UNAUTHORIZED\", {\n\t\t\t\tmessage: \"Invalid email or password\",\n\t\t\t});\n\t\t}\n\t\tconst session = await ctx.context.internalAdapter.createSession(\n\t\t\tuser.user.id,\n\t\t\tctx.request,\n\t\t);\n\t\tawait ctx.setSignedCookie(\n\t\t\tctx.context.authCookies.sessionToken.name,\n\t\t\tsession.id,\n\t\t\tctx.context.secret,\n\t\t\tctx.body.dontRememberMe\n\t\t\t\t? {\n\t\t\t\t\t\t...ctx.context.authCookies.sessionToken.options,\n\t\t\t\t\t\tmaxAge: undefined,\n\t\t\t\t\t}\n\t\t\t\t: ctx.context.authCookies.sessionToken.options,\n\t\t);\n\t\treturn ctx.json({\n\t\t\tuser: user.user,\n\t\t\tsession,\n\t\t\tredirect: !!ctx.body.callbackURL,\n\t\t\turl: ctx.body.callbackURL,\n\t\t});\n\t},\n);\n","import { OAuth2Tokens } from \"arctic\";\nimport type { OAuthProvider } from \".\";\nimport { parseJWT } from \"oslo/jwt\";\nimport { betterFetch } from \"@better-fetch/fetch\";\nimport { BetterAuthError } from \"../error/better-auth-error\";\nimport { getRedirectURI } from \"./utils\";\nexport interface AppleProfile {\n\t/**\n\t * The subject registered claim identifies the principal that’s the subject\n\t * of the identity token. Because this token is for your app, the value is\n\t * the unique identifier for the user.\n\t */\n\tsub: string;\n\t/**\n\t * A String value representing the user's email address.\n\t * The email address is either the user's real email address or the proxy\n\t * address, depending on their status private email relay service.\n\t */\n\temail: string;\n\t/**\n\t * A string or Boolean value that indicates whether the service verifies\n\t * the email. The value can either be a string (\"true\" or \"false\") or a\n\t * Boolean (true or false). The system may not verify email addresses for\n\t * Sign in with Apple at Work & School users, and this claim is \"false\" or\n\t * false for those users.\n\t */\n\temail_verified: true | \"true\";\n\t/**\n\t * A string or Boolean value that indicates whether the email that the user\n\t * shares is the proxy address. The value can either be a string (\"true\" or\n\t * \"false\") or a Boolean (true or false).\n\t */\n\tis_private_email: boolean;\n\t/**\n\t * An Integer value that indicates whether the user appears to be a real\n\t * person. Use the value of this claim to mitigate fraud. The possible\n\t * values are: 0 (or Unsupported), 1 (or Unknown), 2 (or LikelyReal). For\n\t * more information, see ASUserDetectionStatus. This claim is present only\n\t * in iOS 14 and later, macOS 11 and later, watchOS 7 and later, tvOS 14\n\t * and later. The claim isn’t present or supported for web-based apps.\n\t */\n\treal_user_status: number;\n\t/**\n\t * The user’s full name in the format provided during the authorization\n\t * process.\n\t */\n\tname: string;\n}\n\nexport interface AppleOptions {\n\tclientId: string;\n\tclientSecret: string;\n\tredirectURI?: string;\n}\n\nexport const apple = ({\n\tclientId,\n\tclientSecret,\n\tredirectURI,\n}: AppleOptions) => {\n\tconst tokenEndpoint = \"https://appleid.apple.com/auth/token\";\n\tredirectURI = getRedirectURI(\"apple\", redirectURI);\n\treturn {\n\t\tid: \"apple\",\n\t\tname: \"Apple\",\n\t\tcreateAuthorizationURL({ state, scopes }) {\n\t\t\tconst _scope = scopes || [\"email\", \"name\", \"openid\"];\n\t\t\treturn new URL(\n\t\t\t\t`https://appleid.apple.com/auth/authorize?client_id=${clientId}&response_type=code&redirect_uri=${redirectURI}&scope=${_scope.join(\n\t\t\t\t\t\" \",\n\t\t\t\t)}&state=${state}`,\n\t\t\t);\n\t\t},\n\t\tvalidateAuthorizationCode: async (code) => {\n\t\t\tconst data = await betterFetch<OAuth2Tokens>(tokenEndpoint, {\n\t\t\t\tmethod: \"POST\",\n\t\t\t\tbody: new URLSearchParams({\n\t\t\t\t\tclient_id: clientId,\n\t\t\t\t\tclient_secret: clientSecret,\n\t\t\t\t\tgrant_type: \"authorization_code\",\n\t\t\t\t\tcode,\n\t\t\t\t}),\n\t\t\t\theaders: {\n\t\t\t\t\t\"Content-Type\": \"application/x-www-form-urlencoded\",\n\t\t\t\t},\n\t\t\t});\n\t\t\tif (data.error) {\n\t\t\t\tthrow new BetterAuthError(data.error?.message || \"\");\n\t\t\t}\n\t\t\treturn data.data;\n\t\t},\n\t\tasync getUserInfo(token) {\n\t\t\tconst data = parseJWT(token.idToken())?.payload as AppleProfile | null;\n\t\t\tif (!data) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: data.sub,\n\t\t\t\t\tname: data.name,\n\t\t\t\t\temail: data.email,\n\t\t\t\t\temailVerified: data.email_verified === \"true\",\n\t\t\t\t},\n\t\t\t\tdata,\n\t\t\t};\n\t\t},\n\t} satisfies OAuthProvider<AppleProfile>;\n};\n","export class BetterAuthError extends Error {\n\tconstructor(message: string) {\n\t\tsuper(message);\n\t}\n}\n","import { BetterAuthError } from \"../error/better-auth-error\";\n\nfunction checkHasPath(url: string): boolean {\n\ttry {\n\t\tconst parsedUrl = new URL(url);\n\t\treturn parsedUrl.pathname !== \"/\";\n\t} catch (error) {\n\t\tconsole.error(\"Invalid URL:\", error);\n\t\treturn false;\n\t}\n}\n\nfunction withPath(url: string, path = \"/api/auth\") {\n\tconst hasPath = checkHasPath(url);\n\tif (hasPath) {\n\t\treturn {\n\t\t\tbaseURL: new URL(url).origin,\n\t\t\twithPath: url,\n\t\t};\n\t}\n\tpath = path.startsWith(\"/\") ? path : `/${path}`;\n\treturn {\n\t\tbaseURL: url,\n\t\twithPath: `${url}${path}`,\n\t};\n}\n\nexport function getBaseURL(url?: string, path?: string) {\n\tif (url) {\n\t\treturn withPath(url, path);\n\t}\n\t//@ts-ignore\n\tconst env: any =\n\t\ttypeof process !== \"undefined\"\n\t\t\t? process.env\n\t\t\t: typeof import.meta !== \"undefined\"\n\t\t\t\t? //@ts-ignore\n\t\t\t\t\timport.meta.env\n\t\t\t\t: {};\n\tconst fromEnv =\n\t\tenv.BETTER_AUTH_URL ||\n\t\tenv.AUTH_URL ||\n\t\tenv.NEXT_PUBLIC_AUTH_URL ||\n\t\tenv.NEXT_PUBLIC_BETTER_AUTH_URL ||\n\t\tenv.PUBLIC_AUTH_URL ||\n\t\tenv.PUBLIC_BETTER_AUTH_URL ||\n\t\tenv.NUXT_PUBLIC_BETTER_AUTH_URL ||\n\t\tenv.NUXT_PUBLIC_AUTH_URL;\n\tif (fromEnv) {\n\t\treturn withPath(fromEnv, path);\n\t}\n\n\tconst isDev =\n\t\t!fromEnv && (env.NODE_ENV === \"development\" || env.NODE_ENV === \"test\");\n\tif (isDev) {\n\t\treturn {\n\t\t\tbaseURL: \"http://localhost:3000\",\n\t\t\twithPath: \"http://localhost:3000/api/auth\",\n\t\t};\n\t}\n\tthrow new BetterAuthError(\n\t\t\"Could not infer baseURL from environment variables\",\n\t);\n}\n","import { getBaseURL } from \"../utils/base-url\";\n\nexport function getRedirectURI(providerId: string, redirectURI?: string) {\n\treturn redirectURI || `${getBaseURL()}/api/auth/callback/${providerId}`;\n}\n","import { betterFetch } from \"@better-fetch/fetch\";\nimport { Discord } from \"arctic\";\nimport type { OAuthProvider } from \".\";\nimport { getRedirectURI } from \"./utils\";\n\nexport interface DiscordProfile extends Record<string, any> {\n\t/** the user's id (i.e. the numerical snowflake) */\n\tid: string;\n\t/** the user's username, not unique across the platform */\n\tusername: string;\n\t/** the user's Discord-tag */\n\tdiscriminator: string;\n\t/** the user's display name, if it is set  */\n\tglobal_name: string | null;\n\t/**\n\t * the user's avatar hash:\n\t * https://discord.com/developers/docs/reference#image-formatting\n\t */\n\tavatar: string | null;\n\t/** whether the user belongs to an OAuth2 application */\n\tbot?: boolean;\n\t/**\n\t * whether the user is an Official Discord System user (part of the urgent\n\t * message system)\n\t */\n\tsystem?: boolean;\n\t/** whether the user has two factor enabled on their account */\n\tmfa_enabled: boolean;\n\t/**\n\t * the user's banner hash:\n\t * https://discord.com/developers/docs/reference#image-formatting\n\t */\n\tbanner: string | null;\n\n\t/** the user's banner color encoded as an integer representation of hexadecimal color code */\n\taccent_color: number | null;\n\n\t/**\n\t * the user's chosen language option:\n\t * https://discord.com/developers/docs/reference#locales\n\t */\n\tlocale: string;\n\t/** whether the email on this account has been verified */\n\tverified: boolean;\n\t/** the user's email */\n\temail: string;\n\t/**\n\t * the flags on a user's account:\n\t * https://discord.com/developers/docs/resources/user#user-object-user-flags\n\t */\n\tflags: number;\n\t/**\n\t * the type of Nitro subscription on a user's account:\n\t * https://discord.com/developers/docs/resources/user#user-object-premium-types\n\t */\n\tpremium_type: number;\n\t/**\n\t * the public flags on a user's account:\n\t * https://discord.com/developers/docs/resources/user#user-object-user-flags\n\t */\n\tpublic_flags: number;\n\t/** undocumented field; corresponds to the user's custom nickname */\n\tdisplay_name: string | null;\n\t/**\n\t * undocumented field; corresponds to the Discord feature where you can e.g.\n\t * put your avatar inside of an ice cube\n\t */\n\tavatar_decoration: string | null;\n\t/**\n\t * undocumented field; corresponds to the premium feature where you can\n\t * select a custom banner color\n\t */\n\tbanner_color: string | null;\n\t/** undocumented field; the CDN URL of their profile picture */\n\timage_url: string;\n}\n\nexport interface DiscordOptions {\n\tclientId: string;\n\tclientSecret: string;\n\tredirectURI?: string;\n}\n\nexport const discord = ({\n\tclientId,\n\tclientSecret,\n\tredirectURI,\n}: DiscordOptions) => {\n\tconst discordArctic = new Discord(\n\t\tclientId,\n\t\tclientSecret,\n\t\tgetRedirectURI(\"discord\", redirectURI),\n\t);\n\treturn {\n\t\tid: \"discord\",\n\t\tname: \"Discord\",\n\t\tcreateAuthorizationURL({ state, scopes }) {\n\t\t\tconst _scope = scopes || [\"email\"];\n\t\t\treturn discordArctic.createAuthorizationURL(state, _scope);\n\t\t},\n\t\tvalidateAuthorizationCode: discordArctic.validateAuthorizationCode,\n\t\tasync getUserInfo(token) {\n\t\t\tconst { data: profile, error } = await betterFetch<DiscordProfile>(\n\t\t\t\t\"https://discord.com/api/users/@me\",\n\t\t\t\t{\n\t\t\t\t\tauth: {\n\t\t\t\t\t\ttype: \"Bearer\",\n\t\t\t\t\t\ttoken: token.accessToken,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\t\t\tif (error) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.id,\n\t\t\t\t\tname: profile.display_name || profile.username || \"\",\n\t\t\t\t\temail: profile.email,\n\t\t\t\t\temailVerified: profile.verified,\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t} satisfies OAuthProvider<DiscordProfile>;\n};\n","import { betterFetch } from \"@better-fetch/fetch\";\nimport { Facebook } from \"arctic\";\nimport type { OAuthProvider } from \".\";\nimport { getRedirectURI } from \"./utils\";\n\nexport interface FacebookProfile {\n\tid: string;\n\tname: string;\n\temail: string;\n\temail_verified: boolean;\n\tpicture: {\n\t\tdata: {\n\t\t\theight: number;\n\t\t\tis_silhouette: boolean;\n\t\t\turl: string;\n\t\t\twidth: number;\n\t\t};\n\t};\n}\nexport interface FacebookOptions {\n\tclientId: string;\n\tclientSecret: string;\n\tredirectURI?: string;\n}\nexport const facebook = ({\n\tclientId,\n\tclientSecret,\n\tredirectURI,\n}: FacebookOptions) => {\n\tconst facebookArctic = new Facebook(\n\t\tclientId,\n\t\tclientSecret,\n\t\tgetRedirectURI(\"facebook\", redirectURI),\n\t);\n\treturn {\n\t\tid: \"facebook\",\n\t\tname: \"Facebook\",\n\t\tcreateAuthorizationURL({ state, scopes }) {\n\t\t\tconst _scopes = scopes || [\"email\", \"public_profile\"];\n\t\t\treturn facebookArctic.createAuthorizationURL(state, _scopes);\n\t\t},\n\t\tvalidateAuthorizationCode: facebookArctic.validateAuthorizationCode,\n\t\tasync getUserInfo(token) {\n\t\t\tconst { data: profile, error } = await betterFetch<FacebookProfile>(\n\t\t\t\t\"https://graph.facebook.com/me\",\n\t\t\t\t{\n\t\t\t\t\tauth: {\n\t\t\t\t\t\ttype: \"Bearer\",\n\t\t\t\t\t\ttoken: token.accessToken,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\t\t\tif (error) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.id,\n\t\t\t\t\tname: profile.name,\n\t\t\t\t\temail: profile.email,\n\t\t\t\t\temailVerified: profile.email_verified,\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t} satisfies OAuthProvider<FacebookProfile>;\n};\n","import { betterFetch } from \"@better-fetch/fetch\";\nimport { GitHub } from \"arctic\";\nimport type { OAuthProvider } from \".\";\nimport { getRedirectURI } from \"./utils\";\n\nexport interface GithubProfile {\n\tlogin: string;\n\tid: string;\n\tnode_id: string;\n\tavatar_url: string;\n\tgravatar_id: string;\n\turl: string;\n\thtml_url: string;\n\tfollowers_url: string;\n\tfollowing_url: string;\n\tgists_url: string;\n\tstarred_url: string;\n\tsubscriptions_url: string;\n\torganizations_url: string;\n\trepos_url: string;\n\tevents_url: string;\n\treceived_events_url: string;\n\ttype: string;\n\tsite_admin: boolean;\n\tname: string;\n\tcompany: string;\n\tblog: string;\n\tlocation: string;\n\temail: string;\n\thireable: boolean;\n\tbio: string;\n\ttwitter_username: string;\n\tpublic_repos: string;\n\tpublic_gists: string;\n\tfollowers: string;\n\tfollowing: string;\n\tcreated_at: string;\n\tupdated_at: string;\n\tprivate_gists: string;\n\ttotal_private_repos: string;\n\towned_private_repos: string;\n\tdisk_usage: string;\n\tcollaborators: string;\n\ttwo_factor_authentication: boolean;\n\tplan: {\n\t\tname: string;\n\t\tspace: string;\n\t\tprivate_repos: string;\n\t\tcollaborators: string;\n\t};\n\tfirst_name: string;\n\tlast_name: string;\n}\n\nexport interface GithubOptions {\n\tclientId: string;\n\tclientSecret: string;\n\tredirectURI?: string;\n}\nexport const github = ({\n\tclientId,\n\tclientSecret,\n\tredirectURI,\n}: GithubOptions) => {\n\tconst githubArctic = new GitHub(\n\t\tclientId,\n\t\tclientSecret,\n\t\tgetRedirectURI(\"github\", redirectURI),\n\t);\n\treturn {\n\t\tid: \"github\",\n\t\tname: \"Github\",\n\t\tcreateAuthorizationURL({ state, scopes }) {\n\t\t\tconst _scopes = scopes || [\"user:email\"];\n\t\t\treturn githubArctic.createAuthorizationURL(state, _scopes);\n\t\t},\n\t\tvalidateAuthorizationCode: githubArctic.validateAuthorizationCode,\n\t\tasync getUserInfo(token) {\n\t\t\tconst { data: profile, error } = await betterFetch<GithubProfile>(\n\t\t\t\t\"https://api.github.com/user\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\theaders: {\n\t\t\t\t\t\tAuthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\t\t\tif (error) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tlet emailVerified = false;\n\t\t\tif (!profile.email) {\n\t\t\t\tconst { data, error } = await betterFetch<\n\t\t\t\t\t{\n\t\t\t\t\t\temail: string;\n\t\t\t\t\t\tprimary: boolean;\n\t\t\t\t\t\tverified: boolean;\n\t\t\t\t\t\tvisibility: \"public\" | \"private\";\n\t\t\t\t\t}[]\n\t\t\t\t>(\"https://api.github.com/user/emails\", {\n\t\t\t\t\theaders: {\n\t\t\t\t\t\tAuthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t\t\"User-Agent\": \"better-auth\",\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t\tif (!error) {\n\t\t\t\t\tprofile.email = (data.find((e) => e.primary) ?? data[0])\n\t\t\t\t\t\t?.email as string;\n\t\t\t\t\temailVerified =\n\t\t\t\t\t\tdata.find((e) => e.email === profile.email)?.verified ?? false;\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.id,\n\t\t\t\t\tname: profile.name,\n\t\t\t\t\temail: profile.email,\n\t\t\t\t\timage: profile.avatar_url,\n\t\t\t\t\temailVerified,\n\t\t\t\t\tcreatedAt: new Date(),\n\t\t\t\t\tupdatedAt: new Date(),\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t} satisfies OAuthProvider<GithubProfile>;\n};\n","import { Google } from \"arctic\";\nimport { parseJWT } from \"oslo/jwt\";\nimport type { OAuthProvider } from \".\";\nimport { getRedirectURI } from \"./utils\";\nimport { BetterAuthError } from \"../error/better-auth-error\";\n\nexport interface GoogleProfile {\n\taud: string;\n\tazp: string;\n\temail: string;\n\temail_verified: boolean;\n\texp: number;\n\t/**\n\t * The family name of the user, or last name in most\n\t * Western languages.\n\t */\n\tfamily_name: string;\n\t/**\n\t * The given name of the user, or first name in most\n\t * Western languages.\n\t */\n\tgiven_name: string;\n\thd?: string;\n\tiat: number;\n\tiss: string;\n\tjti?: string;\n\tlocale?: string;\n\tname: string;\n\tnbf?: number;\n\tpicture: string;\n\tsub: string;\n}\n\nexport interface GoogleOptions {\n\tclientId: string;\n\tclientSecret: string;\n\tredirectURI?: string;\n}\n\nexport const google = ({\n\tclientId,\n\tclientSecret,\n\tredirectURI,\n}: GoogleOptions) => {\n\tconst googleArctic = new Google(\n\t\tclientId,\n\t\tclientSecret,\n\t\tgetRedirectURI(\"google\", redirectURI),\n\t);\n\treturn {\n\t\tid: \"google\",\n\t\tname: \"Google\",\n\t\tcreateAuthorizationURL({ state, scopes, codeVerifier }) {\n\t\t\tif (!codeVerifier) {\n\t\t\t\tthrow new BetterAuthError(\"codeVerifier is required for Google\");\n\t\t\t}\n\t\t\tconst _scopes = scopes || [\"email\", \"profile\"];\n\t\t\treturn googleArctic.createAuthorizationURL(state, codeVerifier, _scopes);\n\t\t},\n\t\tvalidateAuthorizationCode: async (code, codeVerifier) => {\n\t\t\tif (!codeVerifier) {\n\t\t\t\tthrow new BetterAuthError(\"codeVerifier is required for Google\");\n\t\t\t}\n\t\t\treturn googleArctic.validateAuthorizationCode(code, codeVerifier);\n\t\t},\n\t\tasync getUserInfo(token) {\n\t\t\tif (!token.idToken) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tconst user = parseJWT(token.idToken())?.payload as GoogleProfile;\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: user.sub,\n\t\t\t\t\tname: user.name,\n\t\t\t\t\temail: user.email,\n\t\t\t\t\timage: user.picture,\n\t\t\t\t\temailVerified: user.email_verified,\n\t\t\t\t},\n\t\t\t\tdata: user,\n\t\t\t};\n\t\t},\n\t} satisfies OAuthProvider<GoogleProfile>;\n};\n","import { betterFetch } from \"@better-fetch/fetch\";\nimport { Spotify } from \"arctic\";\nimport type { OAuthProvider } from \".\";\nimport { getRedirectURI } from \"./utils\";\n\nexport interface SpotifyProfile {\n\tid: string;\n\tdisplay_name: string;\n\temail: string;\n\timages: {\n\t\turl: string;\n\t}[];\n}\n\nexport interface SpotifyOptions {\n\tclientId: string;\n\tclientSecret: string;\n\tredirectURI?: string;\n}\n\nexport const spotify = ({\n\tclientId,\n\tclientSecret,\n\tredirectURI,\n}: SpotifyOptions) => {\n\tconst spotifyArctic = new Spotify(\n\t\tclientId,\n\t\tclientSecret,\n\t\tgetRedirectURI(\"spotify\", redirectURI),\n\t);\n\treturn {\n\t\tid: \"spotify\",\n\t\tname: \"Spotify\",\n\t\tcreateAuthorizationURL({ state, scopes }) {\n\t\t\tconst _scopes = scopes || [\"user-read-email\"];\n\t\t\treturn spotifyArctic.createAuthorizationURL(state, _scopes);\n\t\t},\n\t\tvalidateAuthorizationCode: spotifyArctic.validateAuthorizationCode,\n\t\tasync getUserInfo(token) {\n\t\t\tconst { data: profile, error } = await betterFetch<SpotifyProfile>(\n\t\t\t\t\"https://api.spotify.com/v1/me\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\theaders: {\n\t\t\t\t\t\tAuthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\t\t\tif (error) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.id,\n\t\t\t\t\tname: profile.display_name,\n\t\t\t\t\temail: profile.email,\n\t\t\t\t\timage: profile.images[0]?.url,\n\t\t\t\t\temailVerified: false,\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t} satisfies OAuthProvider<SpotifyProfile>;\n};\n","import { betterFetch } from \"@better-fetch/fetch\";\nimport { Twitch } from \"arctic\";\nimport type { OAuthProvider } from \".\";\nimport { getRedirectURI } from \"./utils\";\n\nexport interface TwitchProfile {\n\t/**\n\t * The sub of the user\n\t */\n\tsub: string;\n\t/**\n\t * The preferred username of the user\n\t */\n\tpreferred_username: string;\n\t/**\n\t * The email of the user\n\t */\n\temail: string;\n\t/**\n\t * The picture of the user\n\t */\n\tpicture: string;\n}\n\nexport interface TwitchOptions {\n\tclientId: string;\n\tclientSecret: string;\n\tredirectURI?: string;\n}\n\nexport const twitch = ({\n\tclientId,\n\tclientSecret,\n\tredirectURI,\n}: TwitchOptions) => {\n\tconst twitchArctic = new Twitch(\n\t\tclientId,\n\t\tclientSecret,\n\t\tgetRedirectURI(\"twitch\", redirectURI),\n\t);\n\treturn {\n\t\tid: \"twitch\",\n\t\tname: \"Twitch\",\n\t\tcreateAuthorizationURL({ state, scopes }) {\n\t\t\tconst _scopes = scopes || [\"activity:write\", \"read\"];\n\t\t\treturn twitchArctic.createAuthorizationURL(state, _scopes);\n\t\t},\n\t\tvalidateAuthorizationCode: twitchArctic.validateAuthorizationCode,\n\t\tasync getUserInfo(token) {\n\t\t\tconst { data: profile, error } = await betterFetch<TwitchProfile>(\n\t\t\t\t\"https://api.twitch.tv/helix/users\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\theaders: {\n\t\t\t\t\t\tAuthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\t\t\tif (error) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.sub,\n\t\t\t\t\tname: profile.preferred_username,\n\t\t\t\t\temail: profile.email,\n\t\t\t\t\timage: profile.picture,\n\t\t\t\t\temailVerified: false,\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t} satisfies OAuthProvider<TwitchProfile>;\n};\n","import { betterFetch } from \"@better-fetch/fetch\";\nimport { Twitter } from \"arctic\";\nimport type { OAuthProvider } from \".\";\nimport { getRedirectURI } from \"./utils\";\nimport { BetterAuthError } from \"../error/better-auth-error\";\n\nexport interface TwitterProfile {\n\tdata: {\n\t\t/**\n\t\t * Unique identifier of this user. This is returned as a string in order to avoid complications with languages and tools\n\t\t * that cannot handle large integers.\n\t\t */\n\t\tid: string;\n\t\t/** The friendly name of this user, as shown on their profile. */\n\t\tname: string;\n\t\t/** @note Email is currently unsupported by Twitter.  */\n\t\temail?: string;\n\t\t/** The Twitter handle (screen name) of this user. */\n\t\tusername: string;\n\t\t/**\n\t\t * The location specified in the user's profile, if the user provided one.\n\t\t * As this is a freeform value, it may not indicate a valid location, but it may be fuzzily evaluated when performing searches with location queries.\n\t\t *\n\t\t * To return this field, add `user.fields=location` in the authorization request's query parameter.\n\t\t */\n\t\tlocation?: string;\n\t\t/**\n\t\t * This object and its children fields contain details about text that has a special meaning in the user's description.\n\t\t *\n\t\t *To return this field, add `user.fields=entities` in the authorization request's query parameter.\n\t\t */\n\t\tentities?: {\n\t\t\t/** Contains details about the user's profile website. */\n\t\t\turl: {\n\t\t\t\t/** Contains details about the user's profile website. */\n\t\t\t\turls: Array<{\n\t\t\t\t\t/** The start position (zero-based) of the recognized user's profile website. All start indices are inclusive. */\n\t\t\t\t\tstart: number;\n\t\t\t\t\t/** The end position (zero-based) of the recognized user's profile website. This end index is exclusive. */\n\t\t\t\t\tend: number;\n\t\t\t\t\t/** The URL in the format entered by the user. */\n\t\t\t\t\turl: string;\n\t\t\t\t\t/** The fully resolved URL. */\n\t\t\t\t\texpanded_url: string;\n\t\t\t\t\t/** The URL as displayed in the user's profile. */\n\t\t\t\t\tdisplay_url: string;\n\t\t\t\t}>;\n\t\t\t};\n\t\t\t/** Contains details about URLs, Hashtags, Cashtags, or mentions located within a user's description. */\n\t\t\tdescription: {\n\t\t\t\thashtags: Array<{\n\t\t\t\t\tstart: number;\n\t\t\t\t\tend: number;\n\t\t\t\t\ttag: string;\n\t\t\t\t}>;\n\t\t\t};\n\t\t};\n\t\t/**\n\t\t * Indicate if this user is a verified Twitter user.\n\t\t *\n\t\t * To return this field, add `user.fields=verified` in the authorization request's query parameter.\n\t\t */\n\t\tverified?: boolean;\n\t\t/**\n\t\t * The text of this user's profile description (also known as bio), if the user provided one.\n\t\t *\n\t\t * To return this field, add `user.fields=description` in the authorization request's query parameter.\n\t\t */\n\t\tdescription?: string;\n\t\t/**\n\t\t * The URL specified in the user's profile, if present.\n\t\t *\n\t\t * To return this field, add `user.fields=url` in the authorization request's query parameter.\n\t\t */\n\t\turl?: string;\n\t\t/** The URL to the profile image for this user, as shown on the user's profile. */\n\t\tprofile_image_url?: string;\n\t\tprotected?: boolean;\n\t\t/**\n\t\t * Unique identifier of this user's pinned Tweet.\n\t\t *\n\t\t *  You can obtain the expanded object in `includes.tweets` by adding `expansions=pinned_tweet_id` in the authorization request's query parameter.\n\t\t */\n\t\tpinned_tweet_id?: string;\n\t\tcreated_at?: string;\n\t};\n\tincludes?: {\n\t\ttweets?: Array<{\n\t\t\tid: string;\n\t\t\ttext: string;\n\t\t}>;\n\t};\n\t[claims: string]: unknown;\n}\n\nexport interface TwitterOption {\n\tclientId: string;\n\tclientSecret: string;\n\tredirectURI?: string;\n}\n\nexport const twitter = ({\n\tclientId,\n\tclientSecret,\n\tredirectURI,\n}: TwitterOption) => {\n\tconst twitterArctic = new Twitter(\n\t\tclientId,\n\t\tclientSecret,\n\t\tgetRedirectURI(\"twitter\", redirectURI),\n\t);\n\treturn {\n\t\tid: \"twitter\",\n\t\tname: \"Twitter\",\n\t\tcreateAuthorizationURL(data) {\n\t\t\tconst _scopes = data.scopes || [\"account_info.read\"];\n\t\t\treturn twitterArctic.createAuthorizationURL(\n\t\t\t\tdata.state,\n\t\t\t\tdata.codeVerifier,\n\t\t\t\t_scopes,\n\t\t\t);\n\t\t},\n\t\tvalidateAuthorizationCode: async (code, codeVerifier) => {\n\t\t\tif (!codeVerifier) {\n\t\t\t\tthrow new BetterAuthError(\"codeVerifier is required for Twitter\");\n\t\t\t}\n\t\t\treturn twitterArctic.validateAuthorizationCode(code, codeVerifier);\n\t\t},\n\t\tasync getUserInfo(token) {\n\t\t\tconst { data: profile, error } = await betterFetch<TwitterProfile>(\n\t\t\t\t\"https://api.x.com/2/users/me?user.fields=profile_image_url\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\theaders: {\n\t\t\t\t\t\tAuthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\t\t\tif (error) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tif (!profile.data.email) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.data.id,\n\t\t\t\t\tname: profile.data.name,\n\t\t\t\t\temail: profile.data.email,\n\t\t\t\t\timage: profile.data.profile_image_url,\n\t\t\t\t\temailVerified: profile.data.verified || false,\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t} satisfies OAuthProvider<TwitterProfile>;\n};\n","import type { User } from \"../adapters/schema\";\nimport type { oAuthProviderList } from \"../social-providers\";\nimport type { LiteralString } from \"./helper\";\nimport { OAuth2Tokens } from \"arctic\";\n\nexport interface OAuthProvider<\n\tT extends Record<string, any> = Record<string, any>,\n> {\n\tid: LiteralString;\n\tcreateAuthorizationURL: (data: {\n\t\tstate: string;\n\t\tcodeVerifier: string;\n\t\tscopes?: string[];\n\t}) => URL;\n\tname: string;\n\tvalidateAuthorizationCode: (\n\t\tcode: string,\n\t\tcodeVerifier?: string,\n\t) => Promise<OAuth2Tokens>;\n\tgetUserInfo: (token: OAuth2Tokens) => Promise<{\n\t\tuser: Omit<User, \"createdAt\" | \"updatedAt\">;\n\t\tdata: T;\n\t} | null>;\n\trefreshAccessToken?: (refreshToken: string) => Promise<OAuth2Tokens>;\n\trevokeToken?: (token: string) => Promise<void>;\n}\n\nexport type OAuthProviderList = typeof oAuthProviderList;\n","import { apple } from \"./apple\";\nimport { discord } from \"./discord\";\nimport { facebook } from \"./facebook\";\nimport { github } from \"./github\";\nimport { google } from \"./google\";\nimport { spotify } from \"./spotify\";\nimport { twitch } from \"./twitch\";\nimport { twitter } from \"./twitter\";\n\nexport const oAuthProviders = {\n\tapple,\n\tdiscord,\n\tfacebook,\n\tgithub,\n\tgoogle,\n\tspotify,\n\ttwitch,\n\ttwitter,\n};\n\nexport const oAuthProviderList = Object.keys(oAuthProviders) as [\n\t\"github\",\n\t...(keyof typeof oAuthProviders)[],\n];\n\nexport * from \"./github\";\nexport * from \"./google\";\nexport * from \"./apple\";\nexport * from \"./discord\";\nexport * from \"./spotify\";\nexport * from \"./twitch\";\nexport * from \"./facebook\";\nexport * from \"./twitter\";\nexport * from \"../types/provider\";\n","import { generateState as generateStateOAuth } from \"oslo/oauth2\";\n\nexport function generateState(callbackURL?: string, currentURL?: string) {\n\tconst code = generateStateOAuth();\n\tconst state = `${code}!${callbackURL}!${currentURL}`;\n\treturn { state, code };\n}\n\nexport function parseState(state: string) {\n\tconst [code, callbackURL, currentURL] = state.split(\"!\");\n\treturn { code, callbackURL, currentURL };\n}\n","import type { Context } from \"better-call\";\nimport { createAuthEndpoint } from \"../call\";\n\nexport const getSession = createAuthEndpoint(\n\t\"/session\",\n\t{\n\t\tmethod: \"GET\",\n\t\trequireHeaders: true,\n\t},\n\tasync (ctx) => {\n\t\tconst sessionCookieToken = await ctx.getSignedCookie(\n\t\t\tctx.context.authCookies.sessionToken.name,\n\t\t\tctx.context.secret,\n\t\t);\n\t\tif (!sessionCookieToken) {\n\t\t\treturn ctx.json(null, {\n\t\t\t\tstatus: 401,\n\t\t\t});\n\t\t}\n\t\tconst session =\n\t\t\tawait ctx.context.internalAdapter.findSession(sessionCookieToken);\n\t\tif (!session || session.session.expiresAt < new Date()) {\n\t\t\tctx.setSignedCookie(\n\t\t\t\tctx.context.authCookies.sessionToken.name,\n\t\t\t\t\"\",\n\t\t\t\tctx.context.secret,\n\t\t\t\t{\n\t\t\t\t\tmaxAge: 0,\n\t\t\t\t},\n\t\t\t);\n\t\t\treturn ctx.json(null, {\n\t\t\t\tstatus: 401,\n\t\t\t});\n\t\t}\n\t\tconst updatedSession = await ctx.context.internalAdapter.updateSession(\n\t\t\tsession.session,\n\t\t);\n\n\t\tawait ctx.setSignedCookie(\n\t\t\tctx.context.authCookies.sessionToken.name,\n\t\t\tupdatedSession.id,\n\t\t\tctx.context.secret,\n\t\t\t{\n\t\t\t\t...ctx.context.authCookies.sessionToken.options,\n\t\t\t\tmaxAge: updatedSession.expiresAt.valueOf() - Date.now(),\n\t\t\t},\n\t\t);\n\t\treturn ctx.json({\n\t\t\tsession: updatedSession,\n\t\t\tuser: session.user,\n\t\t});\n\t},\n);\n\nexport const getSessionFromCtx = async (ctx: Context<any, any>) => {\n\tconst session = await getSession({\n\t\t...ctx,\n\t\t//@ts-expect-error: By default since this request context comes from a router it'll have a `router` flag which force it to be a request object\n\t\t_flag: undefined,\n\t});\n\treturn session;\n};\n","import { APIError } from \"better-call\";\nimport { z } from \"zod\";\nimport { userSchema } from \"../../adapters/schema\";\nimport { HIDE_ON_CLIENT_METADATA } from \"../../client/client-utils\";\nimport { generateId } from \"../../utils/id\";\nimport { parseState } from \"../../utils/state\";\nimport { createAuthEndpoint } from \"../call\";\n\nexport const callbackOAuth = createAuthEndpoint(\n\t\"/callback/:id\",\n\t{\n\t\tmethod: \"GET\",\n\t\tquery: z.object({\n\t\t\tstate: z.string(),\n\t\t\tcode: z.string(),\n\t\t\tcode_verifier: z.string().optional(),\n\t\t}),\n\t\tmetadata: HIDE_ON_CLIENT_METADATA,\n\t},\n\tasync (c) => {\n\t\tconst provider = c.context.options.socialProvider?.find(\n\t\t\t(p) => p.id === c.params.id,\n\t\t);\n\t\tif (!provider) {\n\t\t\tc.context.logger.error(\n\t\t\t\t\"Oauth provider with id\",\n\t\t\t\tc.params.id,\n\t\t\t\t\"not found\",\n\t\t\t);\n\t\t\tthrow new APIError(\"NOT_FOUND\");\n\t\t}\n\t\tconst tokens = await provider.validateAuthorizationCode(\n\t\t\tc.query.code,\n\t\t\tc.query.code_verifier || \"\",\n\t\t);\n\t\tif (!tokens) {\n\t\t\tc.context.logger.error(\"Code verification failed\");\n\t\t\tthrow new APIError(\"UNAUTHORIZED\");\n\t\t}\n\t\tconst user = await provider.getUserInfo(tokens).then((res) => res?.user);\n\t\tconst id = generateId();\n\t\tconst data = userSchema.safeParse({\n\t\t\t...user,\n\t\t\tid,\n\t\t});\n\t\tconst { callbackURL, currentURL } = parseState(c.query.state);\n\t\tif (!user || data.success === false) {\n\t\t\tif (currentURL) {\n\t\t\t\tthrow c.redirect(`${currentURL}?error=oauth_validation_failed`);\n\t\t\t} else {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\");\n\t\t\t}\n\t\t}\n\t\tif (!callbackURL) {\n\t\t\tc.context.logger.error(\"Callback URL not found\");\n\t\t\tthrow new APIError(\"FORBIDDEN\");\n\t\t}\n\t\t//find user in db\n\t\tconst dbUser = await c.context.internalAdapter.findUserByEmail(user.email);\n\t\tconst userId = dbUser?.user.id;\n\t\tif (dbUser) {\n\t\t\t//check if user has already linked this provider\n\t\t\tconst hasBeenLinked = dbUser.accounts.find(\n\t\t\t\t(a) => a.providerId === provider.id,\n\t\t\t);\n\t\t\tif (!hasBeenLinked && !user.emailVerified) {\n\t\t\t\tc.context.logger.error(\"User already exists\");\n\t\t\t\tconst url = new URL(currentURL || callbackURL);\n\t\t\t\turl.searchParams.set(\"error\", \"user_already_exists\");\n\t\t\t\tthrow c.redirect(url.toString());\n\t\t\t}\n\n\t\t\tif (!hasBeenLinked && user.emailVerified) {\n\t\t\t\tawait c.context.internalAdapter.linkAccount({\n\t\t\t\t\tproviderId: provider.id,\n\t\t\t\t\taccountId: user.id,\n\t\t\t\t\tid: `${provider.id}:${user.id}`,\n\t\t\t\t\tuserId: dbUser.user.id,\n\t\t\t\t\t...tokens,\n\t\t\t\t});\n\t\t\t}\n\t\t} else {\n\t\t\ttry {\n\t\t\t\tawait c.context.internalAdapter.createOAuthUser(data.data, {\n\t\t\t\t\t...tokens,\n\t\t\t\t\tid: `${provider.id}:${user.id}`,\n\t\t\t\t\tproviderId: provider.id,\n\t\t\t\t\taccountId: user.id,\n\t\t\t\t\tuserId: id,\n\t\t\t\t});\n\t\t\t} catch (e) {\n\t\t\t\tconst url = new URL(currentURL || callbackURL);\n\t\t\t\turl.searchParams.set(\"error\", \"unable_to_create_user\");\n\t\t\t\tc.setHeader(\"Location\", url.toString());\n\t\t\t\tthrow c.redirect(url.toString());\n\t\t\t}\n\t\t}\n\t\t//this should never happen\n\t\tif (!userId && !id)\n\t\t\tthrow new APIError(\"INTERNAL_SERVER_ERROR\", {\n\t\t\t\tmessage: \"Unable to create user\",\n\t\t\t});\n\t\t//create session\n\t\tconst session = await c.context.internalAdapter.createSession(\n\t\t\tuserId || id,\n\t\t\tc.request,\n\t\t);\n\t\ttry {\n\t\t\tawait c.setSignedCookie(\n\t\t\t\tc.context.authCookies.sessionToken.name,\n\t\t\t\tsession.id,\n\t\t\t\tc.context.secret,\n\t\t\t\tc.context.authCookies.sessionToken.options,\n\t\t\t);\n\t\t} catch (e) {\n\t\t\tc.context.logger.error(\"Unable to set session cookie\", e);\n\t\t\tconst url = new URL(currentURL || callbackURL);\n\t\t\turl.searchParams.set(\"error\", \"unable_to_create_session\");\n\t\t\tthrow c.redirect(url.toString());\n\t\t}\n\t\tthrow c.redirect(callbackURL);\n\t},\n);\n","export const HIDE_ON_CLIENT_METADATA = {\n\tonClient: \"hide\" as const,\n};\n","import { alphabet, generateRandomString } from \"oslo/crypto\";\nexport const generateId = () => {\n\treturn generateRandomString(36, alphabet(\"a-z\", \"0-9\"));\n};\n","import { z } from \"zod\";\nimport { createAuthEndpoint } from \"../call\";\n\nexport const signOut = createAuthEndpoint(\n\t\"/sign-out\",\n\t{\n\t\tmethod: \"POST\",\n\t\tbody: z\n\t\t\t.object({\n\t\t\t\tcallbackURL: z.string().optional(),\n\t\t\t})\n\t\t\t.optional(),\n\t},\n\tasync (ctx) => {\n\t\tconst sessionCookieToken = await ctx.getSignedCookie(\n\t\t\tctx.context.authCookies.sessionToken.name,\n\t\t\tctx.context.secret,\n\t\t);\n\t\tif (!sessionCookieToken) {\n\t\t\treturn ctx.json(null);\n\t\t}\n\t\tawait ctx.context.internalAdapter.deleteSession(sessionCookieToken);\n\t\tctx.setCookie(ctx.context.authCookies.sessionToken.name, \"\", {\n\t\t\tmaxAge: 0,\n\t\t});\n\t\treturn ctx.json(null, {\n\t\t\tbody: {\n\t\t\t\tredirect: !!ctx.body?.callbackURL,\n\t\t\t\turl: ctx.body?.callbackURL,\n\t\t\t},\n\t\t});\n\t},\n);\n","import { TimeSpan } from \"oslo\";\nimport { createJWT } from \"oslo/jwt\";\nimport { validateJWT } from \"oslo/jwt\";\nimport { Argon2id } from \"oslo/password\";\nimport { z } from \"zod\";\nimport { createAuthEndpoint } from \"../call\";\n\nexport const forgetPassword = createAuthEndpoint(\n\t\"/forget-password\",\n\t{\n\t\tmethod: \"POST\",\n\t\tbody: z.object({\n\t\t\t/**\n\t\t\t * The email address of the user to send a password reset email to.\n\t\t\t */\n\t\t\temail: z.string().email(),\n\t\t}),\n\t},\n\tasync (ctx) => {\n\t\tif (!ctx.context.options.emailAndPassword?.sendResetPasswordToken) {\n\t\t\tctx.context.logger.error(\n\t\t\t\t\"Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function to your auth config!\",\n\t\t\t);\n\t\t\treturn ctx.json(null, {\n\t\t\t\tstatus: 400,\n\t\t\t\tstatusText: \"RESET_PASSWORD_EMAIL_NOT_SENT\",\n\t\t\t\tbody: {\n\t\t\t\t\tmessage: \"Reset password isn't enabled\",\n\t\t\t\t},\n\t\t\t});\n\t\t}\n\t\tconst { email } = ctx.body;\n\t\tconst user = await ctx.context.internalAdapter.findUserByEmail(email);\n\t\tif (!user) {\n\t\t\treturn ctx.json(\n\t\t\t\t{\n\t\t\t\t\terror: \"User not found\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tstatus: 400,\n\t\t\t\t\tstatusText: \"USER_NOT_FOUND\",\n\t\t\t\t\tbody: {\n\t\t\t\t\t\tmessage: \"User not found\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\t\t}\n\t\tconst token = await createJWT(\n\t\t\t\"HS256\",\n\t\t\tBuffer.from(ctx.context.secret),\n\t\t\t{\n\t\t\t\temail: user.user.email,\n\t\t\t},\n\t\t\t{\n\t\t\t\texpiresIn: new TimeSpan(1, \"h\"),\n\t\t\t\tissuer: \"better-auth\",\n\t\t\t\tsubject: \"forget-password\",\n\t\t\t\taudiences: [user.user.email],\n\t\t\t\tincludeIssuedTimestamp: true,\n\t\t\t},\n\t\t);\n\t\tawait ctx.context.options.emailAndPassword.sendResetPasswordToken(\n\t\t\ttoken,\n\t\t\tuser.user,\n\t\t);\n\t\treturn ctx.json({\n\t\t\tstatus: true,\n\t\t});\n\t},\n);\n\nexport const resetPassword = createAuthEndpoint(\n\t\"/reset-password\",\n\t{\n\t\tmethod: \"POST\",\n\t\tbody: z.object({\n\t\t\ttoken: z.string(),\n\t\t\tnewPassword: z.string(),\n\t\t\tcallbackURL: z.string().optional(),\n\t\t}),\n\t},\n\tasync (ctx) => {\n\t\tconst { token, newPassword } = ctx.body;\n\t\ttry {\n\t\t\tconst jwt = await validateJWT(\n\t\t\t\t\"HS256\",\n\t\t\t\tBuffer.from(ctx.context.secret),\n\t\t\t\ttoken,\n\t\t\t);\n\t\t\tconst email = z\n\t\t\t\t.string()\n\t\t\t\t.email()\n\t\t\t\t.parse((jwt.payload as { email: string }).email);\n\t\t\tconst user = await ctx.context.internalAdapter.findUserByEmail(email);\n\t\t\tif (!user) {\n\t\t\t\treturn ctx.json(null, {\n\t\t\t\t\tstatus: 400,\n\t\t\t\t\tstatusText: \"USER_NOT_FOUND\",\n\t\t\t\t\tbody: {\n\t\t\t\t\t\tmessage: \"User not found\",\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t}\n\t\t\tif (\n\t\t\t\tnewPassword.length <\n\t\t\t\t\t(ctx.context.options.emailAndPassword?.minPasswordLength || 8) ||\n\t\t\t\tnewPassword.length >\n\t\t\t\t\t(ctx.context.options.emailAndPassword?.maxPasswordLength || 32)\n\t\t\t) {\n\t\t\t\treturn ctx.json(null, {\n\t\t\t\t\tstatus: 400,\n\t\t\t\t\tstatusText: \"INVALID_PASSWORD_LENGTH\",\n\t\t\t\t\tbody: {\n\t\t\t\t\t\tmessage: \"Password length must be between 8 and 32\",\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst argon2id = new Argon2id();\n\t\t\tconst hashedPassword = await argon2id.hash(newPassword);\n\t\t\tconst updatedUser = await ctx.context.internalAdapter.updatePassword(\n\t\t\t\tuser.user.id,\n\t\t\t\thashedPassword,\n\t\t\t);\n\t\t\tif (!updatedUser) {\n\t\t\t\treturn ctx.json(null, {\n\t\t\t\t\tstatus: 500,\n\t\t\t\t\tstatusText: \"INTERNAL_SERVER_ERROR\",\n\t\t\t\t\tbody: {\n\t\t\t\t\t\tmessage: \"Internal server error\",\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t}\n\t\t\treturn ctx.json({\n\t\t\t\tstatus: true,\n\t\t\t\turl: ctx.body.callbackURL,\n\t\t\t\tredirect: !!ctx.body.callbackURL,\n\t\t\t});\n\t\t} catch (e) {\n\t\t\tconsole.log(e);\n\t\t\treturn ctx.json(null, {\n\t\t\t\tstatus: 400,\n\t\t\t\tstatusText: \"INVALID_TOKEN\",\n\t\t\t\tbody: {\n\t\t\t\t\tmessage: \"Invalid token\",\n\t\t\t\t},\n\t\t\t});\n\t\t}\n\t},\n);\n","import { TimeSpan } from \"oslo\";\nimport { createJWT, validateJWT } from \"oslo/jwt\";\nimport { z } from \"zod\";\nimport { createAuthEndpoint } from \"../call\";\n\nexport const sendVerificationEmail = createAuthEndpoint(\n\t\"/send-verification-email\",\n\t{\n\t\tmethod: \"POST\",\n\t\tbody: z.object({\n\t\t\temail: z.string().email(),\n\t\t\tcallbackURL: z.string().optional(),\n\t\t}),\n\t},\n\tasync (ctx) => {\n\t\tif (!ctx.context.options.emailAndPassword?.sendVerificationEmail) {\n\t\t\treturn ctx.json(null, {\n\t\t\t\tstatus: 400,\n\t\t\t\tstatusText: \"VERIFICATION_EMAIL_NOT_SENT\",\n\t\t\t\tbody: {\n\t\t\t\t\tmessage: \"Verification email isn't enabled\",\n\t\t\t\t},\n\t\t\t});\n\t\t}\n\t\tconst { email } = ctx.body;\n\t\tconst token = await createJWT(\n\t\t\t\"HS256\",\n\t\t\tBuffer.from(ctx.context.secret),\n\t\t\t{\n\t\t\t\temail: email.toLowerCase(),\n\t\t\t},\n\t\t\t{\n\t\t\t\texpiresIn: new TimeSpan(1, \"h\"),\n\t\t\t\tissuer: \"better-auth\",\n\t\t\t\tsubject: \"verify-email\",\n\t\t\t\taudiences: [email],\n\t\t\t\tincludeIssuedTimestamp: true,\n\t\t\t},\n\t\t);\n\t\tconst url = `${ctx.context.baseURL}/verify-email?token=${token}?callbackURL=${ctx.body.callbackURL}`;\n\t\tawait ctx.context.options.emailAndPassword.sendVerificationEmail(\n\t\t\temail,\n\t\t\turl,\n\t\t);\n\t\treturn ctx.json({\n\t\t\tstatus: true,\n\t\t});\n\t},\n);\n\nexport const verifyEmail = createAuthEndpoint(\n\t\"/verify-email\",\n\t{\n\t\tmethod: \"GET\",\n\t\tquery: z.object({\n\t\t\ttoken: z.string(),\n\t\t\tcallbackURL: z.string(),\n\t\t}),\n\t},\n\tasync (ctx) => {\n\t\tconst { token } = ctx.query;\n\t\ttry {\n\t\t\tconst jwt = await validateJWT(\n\t\t\t\t\"HS256\",\n\t\t\t\tBuffer.from(ctx.context.secret),\n\t\t\t\ttoken,\n\t\t\t);\n\t\t\tconst schema = z.object({\n\t\t\t\temail: z.string().email(),\n\t\t\t});\n\t\t\tconst parsed = schema.parse(jwt.payload);\n\t\t\tconst user = await ctx.context.internalAdapter.findUserByEmail(\n\t\t\t\tparsed.email,\n\t\t\t);\n\t\t\tif (!user) {\n\t\t\t\treturn ctx.json(null, {\n\t\t\t\t\tstatus: 400,\n\t\t\t\t\tstatusText: \"USER_NOT_FOUND\",\n\t\t\t\t\tbody: {\n\t\t\t\t\t\tmessage: \"User not found\",\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst account = user.accounts.find((a) => a.providerId === \"credential\");\n\t\t\tif (!account) {\n\t\t\t\treturn ctx.json(null, {\n\t\t\t\t\tstatus: 400,\n\t\t\t\t\tstatusText: \"ACCOUNT_NOT_FOUND\",\n\t\t\t\t\tbody: {\n\t\t\t\t\t\tmessage: \"Account not found\",\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t}\n\t\t\tawait ctx.context.internalAdapter.updateUserByEmail(parsed.email, {\n\t\t\t\temailVerified: true,\n\t\t\t});\n\t\t\tif (ctx.query.callbackURL) {\n\t\t\t\tthrow ctx.redirect(ctx.query.callbackURL);\n\t\t\t}\n\t\t\treturn ctx.json({\n\t\t\t\tstatus: true,\n\t\t\t});\n\t\t} catch (e) {\n\t\t\treturn ctx.json(null, {\n\t\t\t\tstatus: 400,\n\t\t\t\tstatusText: \"INVALID_TOKEN\",\n\t\t\t\tbody: {\n\t\t\t\t\tmessage: \"Invalid token\",\n\t\t\t\t},\n\t\t\t});\n\t\t}\n\t},\n);\n","import { alphabet, generateRandomString } from \"oslo/crypto\";\nimport { HIDE_ON_CLIENT_METADATA } from \"../../client/client-utils\";\nimport { hs256 } from \"../../crypto\";\nimport { createAuthEndpoint } from \"../call\";\n\nexport const getCSRFToken = createAuthEndpoint(\n\t\"/csrf\",\n\t{\n\t\tmethod: \"GET\",\n\t\tmetadata: HIDE_ON_CLIENT_METADATA,\n\t},\n\tasync (ctx) => {\n\t\tconst csrfToken = await ctx.getSignedCookie(\n\t\t\tctx.context.authCookies.csrfToken.name,\n\t\t\tctx.context.secret,\n\t\t);\n\t\tif (csrfToken) {\n\t\t\treturn {\n\t\t\t\tcsrfToken,\n\t\t\t};\n\t\t}\n\t\tconst token = generateRandomString(32, alphabet(\"a-z\", \"0-9\", \"A-Z\"));\n\t\tconst hash = await hs256(ctx.context.secret, token);\n\t\tconst cookie = `${token}!${hash}`;\n\t\tawait ctx.setSignedCookie(\n\t\t\tctx.context.authCookies.csrfToken.name,\n\t\t\tcookie,\n\t\t\tctx.context.secret,\n\t\t\tctx.context.authCookies.csrfToken.options,\n\t\t);\n\t\treturn {\n\t\t\tcsrfToken: token,\n\t\t};\n\t},\n);\n","import { createAuthEndpoint } from \"../call\";\n\nexport const ok = createAuthEndpoint(\n\t\"/ok\",\n\t{\n\t\tmethod: \"GET\",\n\t},\n\tasync (ctx) => {\n\t\treturn ctx.json({\n\t\t\tok: true,\n\t\t});\n\t},\n);\n\nexport const welcome = createAuthEndpoint(\n\t\"/welcome/ok\",\n\t{\n\t\tmethod: \"GET\",\n\t},\n\tasync () => {\n\t\treturn new Response(\"Welcome to Better Auth\");\n\t},\n);\n","import { alphabet, generateRandomString } from \"oslo/crypto\";\nimport { Argon2id } from \"oslo/password\";\nimport { z } from \"zod\";\nimport { createAuthEndpoint } from \"../call\";\n\nexport const signUpEmail = createAuthEndpoint(\n\t\"/sign-up/email\",\n\t{\n\t\tmethod: \"POST\",\n\t\tbody: z.object({\n\t\t\tname: z.string(),\n\t\t\temail: z.string().email(),\n\t\t\tpassword: z.string(),\n\t\t\timage: z.string().optional(),\n\t\t\tcallbackURL: z.string().optional(),\n\t\t}),\n\t},\n\tasync (ctx) => {\n\t\tif (!ctx.context.options.emailAndPassword?.enabled) {\n\t\t\treturn ctx.json(null, {\n\t\t\t\tstatus: 400,\n\t\t\t\tbody: {\n\t\t\t\t\tmessage: \"Email and password is not enabled\",\n\t\t\t\t},\n\t\t\t});\n\t\t}\n\t\tconst { name, email, password, image } = ctx.body;\n\t\tconst minPasswordLength =\n\t\t\tctx.context.options?.emailAndPassword?.minPasswordLength || 8;\n\t\tif (password.length < minPasswordLength) {\n\t\t\tctx.context.logger.error(\"Password is too short\");\n\t\t\treturn ctx.json(null, {\n\t\t\t\tstatus: 400,\n\t\t\t\tbody: { message: \"Password is too short\" },\n\t\t\t});\n\t\t}\n\t\tconst argon2id = new Argon2id();\n\t\tconst dbUser = await ctx.context.internalAdapter.findUserByEmail(email);\n\t\t/**\n\t\t * hash first to avoid timing attacks\n\t\t */\n\t\tconst hash = await argon2id.hash(password);\n\t\tif (dbUser?.user) {\n\t\t\treturn ctx.json(null, {\n\t\t\t\tstatus: 400,\n\t\t\t\tbody: {\n\t\t\t\t\tmessage: \"User already exists\",\n\t\t\t\t},\n\t\t\t});\n\t\t}\n\t\tconst createdUser = await ctx.context.internalAdapter.createUser({\n\t\t\tid: generateRandomString(32, alphabet(\"a-z\", \"0-9\", \"A-Z\")),\n\t\t\temail: email.toLowerCase(),\n\t\t\tname,\n\t\t\timage,\n\t\t\temailVerified: false,\n\t\t\tcreatedAt: new Date(),\n\t\t\tupdatedAt: new Date(),\n\t\t});\n\t\t/**\n\t\t * Link the account to the user\n\t\t */\n\t\tawait ctx.context.internalAdapter.linkAccount({\n\t\t\tid: generateRandomString(32, alphabet(\"a-z\", \"0-9\", \"A-Z\")),\n\t\t\tuserId: createdUser.id,\n\t\t\tproviderId: \"credential\",\n\t\t\taccountId: createdUser.id,\n\t\t\tpassword: hash,\n\t\t});\n\t\tconst session = await ctx.context.internalAdapter.createSession(\n\t\t\tcreatedUser.id,\n\t\t\tctx.request,\n\t\t);\n\t\tawait ctx.setSignedCookie(\n\t\t\tctx.context.authCookies.sessionToken.name,\n\t\t\tsession.id,\n\t\t\tctx.context.secret,\n\t\t\tctx.context.authCookies.sessionToken.options,\n\t\t);\n\t\treturn ctx.json(\n\t\t\t{\n\t\t\t\tuser: createdUser,\n\t\t\t\tsession,\n\t\t\t},\n\t\t\t{\n\t\t\t\tbody: ctx.body.callbackURL\n\t\t\t\t\t? {\n\t\t\t\t\t\t\turl: ctx.body.callbackURL,\n\t\t\t\t\t\t\tredirect: true,\n\t\t\t\t\t\t}\n\t\t\t\t\t: {\n\t\t\t\t\t\t\tuser: createdUser,\n\t\t\t\t\t\t\tsession,\n\t\t\t\t\t\t},\n\t\t\t},\n\t\t);\n\t},\n);\n","import { createAuthEndpoint } from \"../call\";\n\nconst html = (errorCode: string = \"Unknown\") => `<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n    <meta charset=\"UTF-8\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <title>Authentication Error</title>\n    <style>\n        :root {\n            --bg-color: #f8f9fa;\n            --text-color: #212529;\n            --accent-color: #000000;\n            --error-color: #dc3545;\n            --border-color: #e9ecef;\n        }\n        body {\n            font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif;\n            background-color: var(--bg-color);\n            color: var(--text-color);\n            display: flex;\n            justify-content: center;\n            align-items: center;\n            height: 100vh;\n            margin: 0;\n            line-height: 1.5;\n        }\n        .error-container {\n            background-color: #ffffff;\n            border-radius: 12px;\n            box-shadow: 0 4px 6px rgba(0, 0, 0, 0.05);\n            padding: 2.5rem;\n            text-align: center;\n            max-width: 90%;\n            width: 400px;\n        }\n        h1 {\n            color: var(--error-color);\n            font-size: 1.75rem;\n            margin-bottom: 1rem;\n            font-weight: 600;\n        }\n        p {\n            margin-bottom: 1.5rem;\n            color: #495057;\n        }\n        .btn {\n            background-color: var(--accent-color);\n            color: #ffffff;\n            text-decoration: none;\n            padding: 0.75rem 1.5rem;\n            border-radius: 6px;\n            transition: all 0.3s ease;\n            display: inline-block;\n            font-weight: 500;\n            border: 2px solid var(--accent-color);\n        }\n        .btn:hover {\n            background-color: #131721;\n        }\n        .error-code {\n            font-size: 0.875rem;\n            color: #6c757d;\n            margin-top: 1.5rem;\n            padding-top: 1.5rem;\n            border-top: 1px solid var(--border-color);\n        }\n        .icon {\n            font-size: 3rem;\n            margin-bottom: 1rem;\n        }\n    </style>\n</head>\n<body>\n    <div class=\"error-container\">\n        <div class=\"icon\">⚠️</div>\n        <h1>Better Auth Error</h1>\n        <p>We encountered an issue while processing your request. Please try again or contact the application owner if the problem persists.</p>\n        <a href=\"#\" id=\"returnLink\" class=\"btn\">Return to Application</a>\n        <div class=\"error-code\">Error Code: <span id=\"errorCode\">${errorCode}</span></div>\n    </div>\n</body>\n</html>`;\n\nexport const error = createAuthEndpoint(\n\t\"/error\",\n\t{\n\t\tmethod: \"GET\",\n\t},\n\tasync (c) => {\n\t\tconst query =\n\t\t\tnew URL(c.request?.url || \"\").searchParams.get(\"error\") || \"Unknown\";\n\t\treturn new Response(html(query), {\n\t\t\theaders: {\n\t\t\t\t\"Content-Type\": \"text/html\",\n\t\t\t},\n\t\t});\n\t},\n);\n","import Database from \"better-sqlite3\";\nimport { Kysely } from \"kysely\";\nimport {\n\ttype Dialect,\n\tMysqlDialect,\n\tPostgresDialect,\n\tSqliteDialect,\n} from \"kysely\";\nimport { createPool } from \"mysql2\";\nimport pg from \"pg\";\nimport type { FieldAttribute } from \"../db\";\nimport type { BetterAuthOptions } from \"../types\";\nimport type { Adapter, Where } from \"../types/adapter\";\n\nconst { Pool } = pg;\n\nfunction convertWhere(w?: Where[]) {\n\tif (!w)\n\t\treturn {\n\t\t\tand: null,\n\t\t\tor: null,\n\t\t};\n\tconst and = w\n\t\t?.filter((w) => w.connector === \"AND\" || !w.connector)\n\t\t.reduce(\n\t\t\t(acc, w) =>\n\t\t\t\t({\n\t\t\t\t\t...acc,\n\t\t\t\t\t[w.field]: w.value,\n\t\t\t\t}) as any,\n\t\t\t{},\n\t\t);\n\tconst or = w\n\t\t?.filter((w) => w.connector === \"OR\")\n\t\t.reduce(\n\t\t\t(acc, w) =>\n\t\t\t\t({\n\t\t\t\t\t...acc,\n\t\t\t\t\t[w.field]: w.value,\n\t\t\t\t}) as any,\n\t\t\t{},\n\t\t);\n\treturn {\n\t\tand: Object.keys(and).length ? and : null,\n\t\tor: Object.keys(or).length ? or : null,\n\t};\n}\n\nfunction transformTo(\n\tval: any,\n\tfields: Record<string, FieldAttribute>,\n\ttransform: KyselyAdapterConfig[\"transform\"],\n) {\n\tfor (const key in val) {\n\t\tif (\n\t\t\tval[key] === 0 &&\n\t\t\tfields[key]?.type === \"boolean\" &&\n\t\t\ttransform?.boolean\n\t\t) {\n\t\t\tval[key] = false;\n\t\t}\n\t\tif (\n\t\t\tval[key] === 1 &&\n\t\t\tfields[key]?.type === \"boolean\" &&\n\t\t\ttransform?.boolean\n\t\t) {\n\t\t\tval[key] = true;\n\t\t}\n\t\tif (fields[key]?.type === \"date\") {\n\t\t\tif (!(val[key] instanceof Date)) {\n\t\t\t\tval[key] = new Date(val[key]);\n\t\t\t}\n\t\t}\n\t}\n\treturn val;\n}\n\nfunction transformFrom(val: any, transform: KyselyAdapterConfig[\"transform\"]) {\n\tfor (const key in val) {\n\t\tif (typeof val[key] === \"boolean\" && transform?.boolean) {\n\t\t\tval[key] = val[key] ? 1 : 0;\n\t\t}\n\t\tif (val[key] instanceof Date) {\n\t\t\tval[key] = val[key].toISOString();\n\t\t}\n\t}\n\treturn val;\n}\n\nexport interface KyselyAdapterConfig {\n\t/**\n\t * Transform dates and booleans for sqlite.\n\t */\n\ttransform?: {\n\t\tschema: {\n\t\t\t[table: string]: Record<string, FieldAttribute>;\n\t\t};\n\t\tboolean: boolean;\n\t\tdate: boolean;\n\t};\n}\n\nexport const kyselyAdapter = (\n\tdb: Kysely<any>,\n\tconfig?: KyselyAdapterConfig,\n): Adapter => {\n\treturn {\n\t\tasync create(data) {\n\t\t\tlet { model, data: val, select } = data;\n\t\t\tif (config?.transform) {\n\t\t\t\tval = transformFrom(val, config.transform);\n\t\t\t}\n\t\t\tlet res = await db\n\t\t\t\t.insertInto(model)\n\t\t\t\t.values(val as any)\n\t\t\t\t.returningAll()\n\t\t\t\t.executeTakeFirst();\n\n\t\t\tif (config?.transform) {\n\t\t\t\tconst schema = config.transform.schema[model];\n\t\t\t\tres = schema ? transformTo(val, schema, config.transform) : res;\n\t\t\t}\n\n\t\t\tif (select?.length) {\n\t\t\t\tconst data = res\n\t\t\t\t\t? select.reduce((acc, cur) => {\n\t\t\t\t\t\t\tif (res?.[cur]) {\n\t\t\t\t\t\t\t\treturn {\n\t\t\t\t\t\t\t\t\t...acc,\n\t\t\t\t\t\t\t\t\t[cur]: res[cur],\n\t\t\t\t\t\t\t\t};\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\treturn acc;\n\t\t\t\t\t\t}, {} as any)\n\t\t\t\t\t: null;\n\t\t\t\tres = data;\n\t\t\t}\n\n\t\t\treturn res as any;\n\t\t},\n\t\tasync findOne(data) {\n\t\t\tconst { model, where, select } = data;\n\t\t\tconst { and, or } = convertWhere(where);\n\t\t\tlet query = db.selectFrom(model).selectAll();\n\t\t\tif (or) {\n\t\t\t\tquery = query.where((eb) => eb.or(or));\n\t\t\t}\n\t\t\tif (and) {\n\t\t\t\tquery = query.where((eb) => eb.and(and));\n\t\t\t}\n\t\t\tlet res = await query.executeTakeFirst();\n\t\t\tif (select?.length) {\n\t\t\t\tconst data = res\n\t\t\t\t\t? select.reduce((acc, cur) => {\n\t\t\t\t\t\t\tif (res?.[cur]) {\n\t\t\t\t\t\t\t\treturn {\n\t\t\t\t\t\t\t\t\t...acc,\n\t\t\t\t\t\t\t\t\t[cur]: res[cur],\n\t\t\t\t\t\t\t\t};\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\treturn acc;\n\t\t\t\t\t\t}, {} as any)\n\t\t\t\t\t: null;\n\t\t\t\tres = data;\n\t\t\t}\n\n\t\t\tif (config?.transform) {\n\t\t\t\tconst schema = config.transform.schema[model];\n\t\t\t\tres = res && schema ? transformTo(res, schema, config.transform) : res;\n\n\t\t\t\treturn res || null;\n\t\t\t}\n\t\t\treturn (res || null) as any;\n\t\t},\n\t\tasync findMany(data) {\n\t\t\tconst { model, where } = data;\n\t\t\tlet query = db.selectFrom(model);\n\t\t\tconst { and, or } = convertWhere(where);\n\t\t\tif (and) {\n\t\t\t\tquery = query.where((eb) => eb.and(and));\n\t\t\t}\n\t\t\tif (or) {\n\t\t\t\tquery = query.where((eb) => eb.or(or));\n\t\t\t}\n\t\t\tconst res = await query.selectAll().execute();\n\t\t\tif (config?.transform) {\n\t\t\t\tconst schema = config.transform.schema[model];\n\t\t\t\treturn schema\n\t\t\t\t\t? res.map((v) => transformTo(v, schema, config.transform))\n\t\t\t\t\t: res;\n\t\t\t}\n\t\t\treturn res as any;\n\t\t},\n\t\tasync update(data) {\n\t\t\tlet { model, where, update: val } = data;\n\t\t\tconst { and, or } = convertWhere(where);\n\n\t\t\tif (config?.transform) {\n\t\t\t\tval = transformFrom(val, config.transform);\n\t\t\t}\n\n\t\t\tlet query = db.updateTable(model).set(val);\n\t\t\tif (and) {\n\t\t\t\tquery = query.where((eb) => eb.and(and));\n\t\t\t}\n\t\t\tif (or) {\n\t\t\t\tquery = query.where((eb) => eb.or(or));\n\t\t\t}\n\t\t\tconst res = await query.returningAll().executeTakeFirst();\n\t\t\tif (config?.transform) {\n\t\t\t\tconst schema = config.transform.schema[model];\n\t\t\t\treturn schema ? transformTo(res, schema, config.transform) : res;\n\t\t\t}\n\t\t\treturn res as any;\n\t\t},\n\t\tasync delete(data) {\n\t\t\tconst { model, where } = data;\n\t\t\tconst { and, or } = convertWhere(where);\n\t\t\tlet query = db.deleteFrom(model);\n\n\t\t\tif (and) {\n\t\t\t\tquery = query.where((eb) => eb.and(and));\n\t\t\t}\n\t\t\tif (or) {\n\t\t\t\tquery = query.where((eb) => eb.or(or));\n\t\t\t}\n\n\t\t\tawait query.execute();\n\t\t},\n\t};\n};\n\nexport const getDialect = (config: BetterAuthOptions) => {\n\tif (!config.database) {\n\t\treturn null;\n\t}\n\tlet dialect: Dialect | null = null;\n\tif (\"provider\" in config.database) {\n\t\tconst provider = config.database.provider;\n\t\tconst connectionString = config.database.url.trim();\n\t\tif (provider === \"postgres\") {\n\t\t\tconst pool = new Pool({\n\t\t\t\tconnectionString,\n\t\t\t});\n\t\t\tdialect = new PostgresDialect({\n\t\t\t\tpool,\n\t\t\t});\n\t\t}\n\t\tif (provider === \"mysql\") {\n\t\t\tconst params = new URL(connectionString);\n\t\t\tconst pool = createPool({\n\t\t\t\thost: params.hostname,\n\t\t\t\tuser: params.username,\n\t\t\t\tpassword: params.password,\n\t\t\t\tdatabase: params.pathname.split(\"/\")[1],\n\t\t\t\tport: Number(params.port),\n\t\t\t});\n\t\t\tdialect = new MysqlDialect({ pool });\n\t\t}\n\n\t\tif (provider === \"sqlite\") {\n\t\t\tconst db = new Database(connectionString);\n\t\t\tdialect = new SqliteDialect({\n\t\t\t\tdatabase: db,\n\t\t\t});\n\t\t}\n\t}\n\treturn dialect;\n};\n\nexport const createKyselyAdapter = (config: BetterAuthOptions) => {\n\tconst dialect = getDialect(config);\n\tif (!dialect) {\n\t\treturn null;\n\t}\n\tconst db = new Kysely<any>({\n\t\tdialect,\n\t});\n\treturn db;\n};\n\nexport const getDatabaseType = (config: BetterAuthOptions) => {\n\tif (\"provider\" in config.database) {\n\t\treturn config.database.provider;\n\t}\n\tif (\"dialect\" in config.database) {\n\t\tif (config.database.dialect instanceof PostgresDialect) {\n\t\t\treturn \"postgres\";\n\t\t}\n\t\tif (config.database.dialect instanceof MysqlDialect) {\n\t\t\treturn \"mysql\";\n\t\t}\n\t\tif (config.database.dialect instanceof SqliteDialect) {\n\t\t\treturn \"sqlite\";\n\t\t}\n\t}\n\treturn \"sqlite\";\n};\n","import type { FieldAttribute } from \"../db\";\nimport type { BetterAuthOptions } from \"../types\";\n\nexport type BetterAuthDbSchema = Record<\n\tstring,\n\t{\n\t\ttableName: string;\n\t\tfields: Record<string, FieldAttribute>;\n\t\tdisableMigrations?: boolean;\n\t}\n>;\n\nexport const getAuthTables = (options: BetterAuthOptions) => {\n\tconst pluginSchema = options.plugins?.reduce((acc, plugin) => {\n\t\tconst schema = plugin.schema;\n\t\treturn {\n\t\t\t...acc,\n\t\t\t...schema,\n\t\t};\n\t}, {});\n\n\treturn {\n\t\t...pluginSchema,\n\t\tuser: {\n\t\t\ttableName: options.user?.modelName || \"user\",\n\t\t\tfields: {\n\t\t\t\tname: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t},\n\t\t\t\temail: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t},\n\t\t\t\temailVerified: {\n\t\t\t\t\ttype: \"boolean\",\n\t\t\t\t\tdefaultValue: () => false,\n\t\t\t\t},\n\t\t\t\timage: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t\trequired: false,\n\t\t\t\t},\n\t\t\t\tcreatedAt: {\n\t\t\t\t\ttype: \"date\",\n\t\t\t\t\tdefaultValue: () => new Date(),\n\t\t\t\t},\n\t\t\t\tupdatedAt: {\n\t\t\t\t\ttype: \"date\",\n\t\t\t\t\tdefaultValue: () => new Date(),\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tsession: {\n\t\t\ttableName: options.session?.modelName || \"session\",\n\t\t\tfields: {\n\t\t\t\texpiresAt: {\n\t\t\t\t\ttype: \"date\",\n\t\t\t\t},\n\t\t\t\tipAddress: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t\trequired: false,\n\t\t\t\t},\n\t\t\t\tuserAgent: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t\trequired: false,\n\t\t\t\t},\n\t\t\t\tuserId: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t\treferences: {\n\t\t\t\t\t\tmodel: \"user\",\n\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t\tonDelete: \"cascade\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\taccount: {\n\t\t\ttableName: options.account?.modelName || \"account\",\n\t\t\tfields: {\n\t\t\t\taccountId: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t},\n\t\t\t\tproviderId: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t},\n\t\t\t\tuserId: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t\treferences: {\n\t\t\t\t\t\tmodel: \"user\",\n\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t\tonDelete: \"cascade\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\taccessToken: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t\trequired: false,\n\t\t\t\t},\n\t\t\t\trefreshToken: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t\trequired: false,\n\t\t\t\t},\n\t\t\t\tidToken: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t\trequired: false,\n\t\t\t\t},\n\t\t\t\taccessTokenExpiresAt: {\n\t\t\t\t\ttype: \"date\",\n\t\t\t\t\trequired: false,\n\t\t\t\t},\n\t\t\t\trefreshTokenExpiresAt: {\n\t\t\t\t\ttype: \"date\",\n\t\t\t\t\trequired: false,\n\t\t\t\t},\n\t\t\t\tpassword: {\n\t\t\t\t\ttype: \"string\",\n\t\t\t\t\trequired: false,\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t} satisfies BetterAuthDbSchema;\n};\n","import { BetterAuthError } from \"../error/better-auth-error\";\nimport type { BetterAuthOptions } from \"../types\";\nimport type { Adapter } from \"../types/adapter\";\nimport { getAuthTables } from \"./get-tables\";\nimport { createKyselyAdapter, getDatabaseType, kyselyAdapter } from \"./kysely\";\n\nexport function getAdapter(options: BetterAuthOptions): Adapter {\n\tif (!options.database) {\n\t\tthrow new BetterAuthError(\"Database configuration is required\");\n\t}\n\tif (\"provider\" in options.database) {\n\t\tconst db = createKyselyAdapter(options);\n\t\tif (!db) {\n\t\t\tthrow new BetterAuthError(\"Failed to initialize database adapter\");\n\t\t}\n\t\tconst tables = getAuthTables(options);\n\t\treturn kyselyAdapter(db, {\n\t\t\ttransform: {\n\t\t\t\tschema: {\n\t\t\t\t\t[tables.user.tableName]: tables.user.fields,\n\t\t\t\t\t[tables.session.tableName]: tables.session.fields,\n\t\t\t\t\t[tables.account.tableName]: tables.account.fields,\n\t\t\t\t},\n\t\t\t\tdate: true,\n\t\t\t\tboolean: getDatabaseType(options) === \"sqlite\",\n\t\t\t},\n\t\t});\n\t}\n\treturn options.database;\n}\n","import { alphabet, generateRandomString } from \"oslo/crypto\";\nimport type { BetterAuthOptions } from \"../types\";\nimport type { Adapter } from \"../types/adapter\";\nimport { getDate } from \"../utils/date\";\nimport { getAuthTables } from \"./get-tables\";\nimport type { Account, Session, User } from \"./schema\";\n\nexport const createInternalAdapter = (\n\tadapter: Adapter,\n\toptions: BetterAuthOptions,\n) => {\n\tconst sessionExpiration = options.session?.expiresIn || 60 * 60 * 24 * 7; // 7 days\n\tconst tables = getAuthTables(options);\n\treturn {\n\t\tcreateOAuthUser: async (user: User, account: Account) => {\n\t\t\ttry {\n\t\t\t\tconst createdUser = await adapter.create({\n\t\t\t\t\tmodel: tables.user.tableName,\n\t\t\t\t\tdata: user,\n\t\t\t\t});\n\t\t\t\tconst createdAccount = await adapter.create({\n\t\t\t\t\tmodel: tables.account.tableName,\n\t\t\t\t\tdata: account,\n\t\t\t\t});\n\t\t\t\treturn {\n\t\t\t\t\tuser: createdUser,\n\t\t\t\t\taccount: createdAccount,\n\t\t\t\t};\n\t\t\t} catch (e) {\n\t\t\t\tconsole.log(e);\n\t\t\t\treturn null;\n\t\t\t}\n\t\t},\n\t\tcreateUser: async (user: User) => {\n\t\t\tconst createdUser = await adapter.create<User>({\n\t\t\t\tmodel: tables.user.tableName,\n\t\t\t\tdata: user,\n\t\t\t});\n\t\t\treturn createdUser;\n\t\t},\n\t\tcreateSession: async (userId: string, request?: Request) => {\n\t\t\tconst data: Session = {\n\t\t\t\tid: generateRandomString(32, alphabet(\"a-z\", \"0-9\", \"A-Z\")),\n\t\t\t\tuserId,\n\t\t\t\texpiresAt: getDate(sessionExpiration),\n\t\t\t\tipAddress: request?.headers.get(\"x-forwarded-for\") || \"\",\n\t\t\t\tuserAgent: request?.headers.get(\"user-agent\") || \"\",\n\t\t\t};\n\t\t\tconst session = adapter.create<Session>({\n\t\t\t\tmodel: tables.session.tableName,\n\t\t\t\tdata,\n\t\t\t});\n\t\t\treturn session;\n\t\t},\n\t\tfindSession: async (sessionId: string) => {\n\t\t\tconst session = await adapter.findOne<Session>({\n\t\t\t\tmodel: tables.session.tableName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tvalue: sessionId,\n\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t});\n\t\t\tif (!session) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tconst user = await adapter.findOne<User>({\n\t\t\t\tmodel: tables.user.tableName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tvalue: session.userId,\n\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t});\n\t\t\tif (!user) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tsession,\n\t\t\t\tuser,\n\t\t\t};\n\t\t},\n\t\tupdateSession: async (session: Session) => {\n\t\t\tconst updateAge =\n\t\t\t\toptions.session?.updateAge === undefined\n\t\t\t\t\t? 1000 // 1 hour update age\n\t\t\t\t\t: options.session?.updateAge;\n\t\t\tconst updateDate = updateAge === 0 ? 0 : getDate(updateAge).valueOf();\n\t\t\tconst maxAge = getDate(sessionExpiration);\n\t\t\tconst shouldBeUpdated =\n\t\t\t\tsession.expiresAt.valueOf() - maxAge.valueOf() + updateDate <=\n\t\t\t\tDate.now();\n\t\t\tif (shouldBeUpdated) {\n\t\t\t\tconst updatedSession = await adapter.create<Session>({\n\t\t\t\t\tmodel: tables.session.tableName,\n\t\t\t\t\tdata: {\n\t\t\t\t\t\t...session,\n\t\t\t\t\t\tid: generateRandomString(32, alphabet(\"a-z\", \"0-9\", \"A-Z\")),\n\t\t\t\t\t\texpiresAt: new Date(Date.now() + sessionExpiration),\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t\tawait adapter.update<Session>({\n\t\t\t\t\tmodel: tables.session.tableName,\n\t\t\t\t\twhere: [\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t\t\tvalue: session.id,\n\t\t\t\t\t\t},\n\t\t\t\t\t],\n\t\t\t\t\tupdate: {\n\t\t\t\t\t\t/**\n\t\t\t\t\t\t * update the session to expire in 2 minute. This is to prevent\n\t\t\t\t\t\t * the session from expiring too quickly and logging the user out.\n\t\t\t\t\t\t */\n\t\t\t\t\t\texpiresAt: new Date(Date.now() + 1000 * 60 * 2),\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t\treturn updatedSession;\n\t\t\t}\n\n\t\t\treturn session;\n\t\t},\n\t\tdeleteSession: async (id: string) => {\n\t\t\tconst session = await adapter.delete<Session>({\n\t\t\t\tmodel: tables.session.tableName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t\tvalue: id,\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t});\n\t\t\treturn session;\n\t\t},\n\t\tfindUserByEmail: async (email: string) => {\n\t\t\tconst user = await adapter.findOne<User>({\n\t\t\t\tmodel: tables.user.tableName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tvalue: email.toLowerCase(),\n\t\t\t\t\t\tfield: \"email\",\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t});\n\t\t\tif (!user) return null;\n\t\t\tconst accounts = await adapter.findMany<Account>({\n\t\t\t\tmodel: tables.account.tableName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tvalue: user.id,\n\t\t\t\t\t\tfield: \"userId\",\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t});\n\t\t\treturn {\n\t\t\t\tuser,\n\t\t\t\taccounts,\n\t\t\t};\n\t\t},\n\t\tfindUserById: async (userId: string) => {\n\t\t\tconst user = await adapter.findOne<User>({\n\t\t\t\tmodel: tables.user.tableName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t\tvalue: userId,\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t});\n\t\t\treturn user;\n\t\t},\n\t\tlinkAccount: async (account: Account) => {\n\t\t\tconst _account = await adapter.create<Account>({\n\t\t\t\tmodel: tables.account.tableName,\n\t\t\t\tdata: account,\n\t\t\t});\n\t\t\treturn _account;\n\t\t},\n\t\tupdateUserByEmail: async (\n\t\t\temail: string,\n\t\t\tdata: Partial<User & Record<string, any>>,\n\t\t) => {\n\t\t\tconst user = await adapter.update<User>({\n\t\t\t\tmodel: tables.user.tableName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tvalue: email,\n\t\t\t\t\t\tfield: \"email\",\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tupdate: data,\n\t\t\t});\n\t\t\treturn user;\n\t\t},\n\t\tupdatePassword: async (userId: string, password: string) => {\n\t\t\tconst account = await adapter.update<Account>({\n\t\t\t\tmodel: tables.account.tableName,\n\t\t\t\twhere: [\n\t\t\t\t\t{\n\t\t\t\t\t\tvalue: userId,\n\t\t\t\t\t\tfield: \"userId\",\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tfield: \"providerId\",\n\t\t\t\t\t\tvalue: \"credential\",\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tupdate: {\n\t\t\t\t\tpassword,\n\t\t\t\t},\n\t\t\t});\n\t\t\treturn account;\n\t\t},\n\t};\n};\n\nexport type InternalAdapter = ReturnType<typeof createInternalAdapter>;\n","export const getDate = (span: number) => {\n\tconst date = new Date();\n\treturn new Date(date.getTime() + span);\n};\n","import type { ZodSchema } from \"zod\";\n\nexport const createFieldAttribute = <\n\tT extends FieldType,\n\tC extends Omit<FieldAttributeConfig<T>, \"type\">,\n>(\n\ttype: T,\n\tconfig?: C,\n) => {\n\treturn {\n\t\ttype,\n\t\t...config,\n\t} satisfies FieldAttribute<T>;\n};\n\nexport type FieldAttribute<T extends FieldType = FieldType> = {\n\ttype: T;\n} & FieldAttributeConfig<T>;\n\nexport type FieldType = \"string\" | \"number\" | \"boolean\" | \"date\";\n\nexport type InferValueType<T extends FieldType> = T extends \"string\"\n\t? string\n\t: T extends \"number\"\n\t\t? number\n\t\t: T extends \"boolean\"\n\t\t\t? boolean\n\t\t\t: T extends \"date\"\n\t\t\t\t? Date\n\t\t\t\t: never;\n\nexport type InferFieldOutput<T extends FieldAttribute> =\n\tT[\"returned\"] extends false\n\t\t? never\n\t\t: T[\"required\"] extends false\n\t\t\t? InferValueType<T[\"type\"]> | undefined\n\t\t\t: InferValueType<T[\"type\"]>;\n\nexport type FieldAttributeConfig<T extends FieldType = FieldType> = {\n\t/**\n\t * if the field should be required on a new record.\n\t * @default false\n\t */\n\trequired?: boolean;\n\t/**\n\t * If the value should be returned on a response body.\n\t * @default true\n\t */\n\treturned?: boolean;\n\t/**\n\t * If the value should be hashed when it's stored.\n\t * @default false\n\t */\n\thashValue?: boolean;\n\t/**\n\t * Default value for the field\n\t *\n\t * Note: This will not create a default value on the database level. It will only\n\t * be used when creating a new record.\n\t */\n\tdefaultValue?: InferValueType<T> | (() => InferValueType<T>);\n\t/**\n\t * transform the value before storing it.\n\t */\n\ttransform?: (value: InferValueType<T>) => InferValueType<T>;\n\t/**\n\t * Reference to another model.\n\t */\n\treferences?: {\n\t\t/**\n\t\t * The model to reference.\n\t\t */\n\t\tmodel: string;\n\t\t/**\n\t\t * The field on the referenced model.\n\t\t */\n\t\tfield: string;\n\t\t/**\n\t\t * The action to perform when the reference is deleted.\n\t\t * @default \"cascade\"\n\t\t */\n\t\tonDelete?:\n\t\t\t| \"no action\"\n\t\t\t| \"restrict\"\n\t\t\t| \"cascade\"\n\t\t\t| \"set null\"\n\t\t\t| \"set default\";\n\t};\n\tunique?: boolean;\n\t/**\n\t * A zod schema to validate the value.\n\t */\n\tvalidator?: ZodSchema;\n};\n","import type { CookieOptions } from \"better-call\";\nimport { TimeSpan } from \"oslo\";\nimport type { BetterAuthOptions } from \"../types/options\";\n\nexport function getCookies(options: BetterAuthOptions) {\n\tconst secure =\n\t\t!!options.advanced?.useSecureCookies ||\n\t\tprocess.env.NODE_ENV === \"production\";\n\tconst secureCookiePrefix = secure ? \"__Secure-\" : \"\";\n\tconst cookiePrefix = \"better-auth\";\n\tconst sessionMaxAge = new TimeSpan(7, \"d\").seconds();\n\treturn {\n\t\tsessionToken: {\n\t\t\tname: `${secureCookiePrefix}${cookiePrefix}.session_token`,\n\t\t\toptions: {\n\t\t\t\thttpOnly: true,\n\t\t\t\tsameSite: \"lax\",\n\t\t\t\tpath: \"/\",\n\t\t\t\tsecure,\n\t\t\t\tmaxAge: sessionMaxAge,\n\t\t\t} satisfies CookieOptions,\n\t\t},\n\t\tcsrfToken: {\n\t\t\tname: `${secureCookiePrefix ? \"__Host-\" : \"\"}${cookiePrefix}.csrf_token`,\n\t\t\toptions: {\n\t\t\t\thttpOnly: true,\n\t\t\t\tsameSite: \"lax\",\n\t\t\t\tpath: \"/\",\n\t\t\t\tsecure,\n\t\t\t\tmaxAge: 60 * 60 * 24 * 7,\n\t\t\t} satisfies CookieOptions,\n\t\t},\n\t\tstate: {\n\t\t\tname: `${secureCookiePrefix}${cookiePrefix}.state`,\n\t\t\toptions: {\n\t\t\t\thttpOnly: true,\n\t\t\t\tsameSite: \"lax\",\n\t\t\t\tpath: \"/\",\n\t\t\t\tsecure,\n\t\t\t\tmaxAge: 60 * 15, // 15 minutes in seconds\n\t\t\t} satisfies CookieOptions,\n\t\t},\n\t\tpkCodeVerifier: {\n\t\t\tname: `${secureCookiePrefix}${cookiePrefix}.pk_code_verifier`,\n\t\t\toptions: {\n\t\t\t\thttpOnly: true,\n\t\t\t\tsameSite: \"lax\",\n\t\t\t\tpath: \"/\",\n\t\t\t\tsecure,\n\t\t\t\tmaxAge: 60 * 15, // 15 minutes in seconds\n\t\t\t} as CookieOptions,\n\t\t},\n\t\tnonce: {\n\t\t\tname: `${secureCookiePrefix}${cookiePrefix}.nonce`,\n\t\t\toptions: {\n\t\t\t\thttpOnly: true,\n\t\t\t\tsameSite: \"lax\",\n\t\t\t\tpath: \"/\",\n\t\t\t\tsecure,\n\t\t\t\tmaxAge: 60 * 15, // 15 minutes in seconds\n\t\t\t} as CookieOptions,\n\t\t},\n\t};\n}\n\nexport function createCookieGetter(options: BetterAuthOptions) {\n\tconst secure =\n\t\t!!options.advanced?.useSecureCookies ||\n\t\tprocess.env.NODE_ENV === \"production\";\n\tconst secureCookiePrefix = secure ? \"__Secure-\" : \"\";\n\tconst cookiePrefix = \"better-auth\";\n\tfunction getCookie(cookieName: string, options?: CookieOptions) {\n\t\treturn {\n\t\t\tname:\n\t\t\t\tprocess.env.NODE_ENV === \"production\"\n\t\t\t\t\t? `${secureCookiePrefix}${cookiePrefix}.${cookieName}`\n\t\t\t\t\t: `${cookiePrefix}.${cookieName}`,\n\t\t\toptions: {\n\t\t\t\tsecure,\n\t\t\t\tsameSite: \"lax\",\n\t\t\t\tpath: \"/\",\n\t\t\t\tmaxAge: 60 * 15, // 15 minutes in seconds\n\t\t\t\t...options,\n\t\t\t} as CookieOptions,\n\t\t};\n\t}\n\treturn getCookie;\n}\nexport type BetterAuthCookies = ReturnType<typeof getCookies>;\n","import { createConsola } from \"consola\";\n\nconst consola = createConsola({\n\tformatOptions: {\n\t\tdate: false,\n\t},\n});\n\nexport const createLogger = (options?: {\n\tdisabled?: boolean;\n}) => {\n\treturn {\n\t\tlog: (...args: any[]) => {\n\t\t\t!options?.disabled && consola.log(\"\", ...args);\n\t\t},\n\t\terror: (...args: any[]) => {\n\t\t\t!options?.disabled && consola.error(\"\", ...args);\n\t\t},\n\t\twarn: (...args: any[]) => {\n\t\t\t!options?.disabled && consola.warn(\"\", ...args);\n\t\t},\n\t\tinfo: (...args: any[]) => {\n\t\t\t!options?.disabled && consola.info(\"\", ...args);\n\t\t},\n\t\tdebug: (...args: any[]) => {\n\t\t\t!options?.disabled && consola.debug(\"\", ...args);\n\t\t},\n\t\tbox: (...args: any[]) => {\n\t\t\t!options?.disabled && consola.box(\"\", ...args);\n\t\t},\n\t\tsuccess: (...args: any[]) => {\n\t\t\t!options?.disabled && consola.success(\"\", ...args);\n\t\t},\n\t\tbreak: (...args: any[]) => {\n\t\t\t!options?.disabled && console.log(\"\\n\");\n\t\t},\n\t};\n};\n\nexport const logger = createLogger();\n","import { createKyselyAdapter } from \"./adapters/kysely\";\nimport { getAdapter } from \"./adapters/utils\";\nimport { createInternalAdapter } from \"./db\";\nimport type { BetterAuthOptions } from \"./types\";\nimport { getBaseURL } from \"./utils/base-url\";\nimport {\n\ttype BetterAuthCookies,\n\tcreateCookieGetter,\n\tgetCookies,\n} from \"./utils/cookies\";\nimport { createLogger } from \"./utils/logger\";\n\nexport const init = (options: BetterAuthOptions) => {\n\tconst adapter = getAdapter(options);\n\tconst db = createKyselyAdapter(options);\n\tconst { baseURL, withPath } = getBaseURL(options.baseURL, options.basePath);\n\n\treturn {\n\t\toptions: {\n\t\t\t...options,\n\t\t\tbaseURL: baseURL,\n\t\t\tbasePath: options.basePath || \"/api/auth\",\n\t\t},\n\t\tbaseURL: withPath,\n\t\tsecret:\n\t\t\toptions.secret ||\n\t\t\tprocess.env.BETTER_AUTH_SECRET ||\n\t\t\tprocess.env.AUTH_SECRET ||\n\t\t\t\"better-auth-secret-123456789\",\n\t\tauthCookies: getCookies(options),\n\t\tlogger: createLogger({\n\t\t\tdisabled: options.disableLog,\n\t\t}),\n\t\tdb,\n\t\tadapter: adapter,\n\t\tinternalAdapter: createInternalAdapter(adapter, options),\n\t\tcreateAuthCookie: createCookieGetter(options),\n\t};\n};\n\nexport type AuthContext = {\n\toptions: BetterAuthOptions;\n\tbaseURL: string;\n\tauthCookies: BetterAuthCookies;\n\tlogger: ReturnType<typeof createLogger>;\n\tdb: ReturnType<typeof createKyselyAdapter>;\n\tadapter: ReturnType<typeof getAdapter>;\n\tinternalAdapter: ReturnType<typeof createInternalAdapter>;\n\tcreateAuthCookie: ReturnType<typeof createCookieGetter>;\n\tsecret: string;\n};\n","import type { UnionToIntersection } from \"./types/helper\";\nimport { router } from \"./api\";\nimport { init } from \"./init\";\nimport type { BetterAuthOptions } from \"./types/options\";\nimport type { BetterAuthPlugin } from \"./types/plugins\";\n\nexport const betterAuth = <O extends BetterAuthOptions>(options: O) => {\n\tconst authContext = init(options);\n\ttype PluginEndpoint = UnionToIntersection<\n\t\tO[\"plugins\"] extends Array<infer T>\n\t\t\t? T extends BetterAuthPlugin\n\t\t\t\t? {\n\t\t\t\t\t\t[key in T[\"id\"]]: T[\"endpoints\"];\n\t\t\t\t\t}\n\t\t\t\t: {}\n\t\t\t: {}\n\t>;\n\tconst { handler, endpoints } = router(authContext);\n\ttype Endpoint = typeof endpoints;\n\n\treturn {\n\t\thandler,\n\t\tapi: endpoints as Endpoint & PluginEndpoint,\n\t\toptions,\n\t};\n};\n\nexport type Auth = {\n\thandler: (request: Request) => Promise<Response>;\n\tapi: ReturnType<typeof router>[\"endpoints\"];\n\toptions: BetterAuthOptions;\n};\n"],"mappings":";AAAA,SAAsC,oBAAoB;;;ACA1D,SAAS,SAAS;AAIX,IAAM,gBAAgB,EAAE,OAAO;AAAA,EACrC,IAAI,EAAE,OAAO;AAAA,EACb,YAAY,EAAE,OAAO;AAAA,EACrB,WAAW,EAAE,OAAO;AAAA,EACpB,QAAQ,EAAE,OAAO;AAAA,EACjB,aAAa,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EAC5C,cAAc,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EAC7C,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACxC,sBAAsB,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,EACnD,uBAAuB,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA;AAAA;AAAA;AAAA,EAIpD,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAC1C,CAAC;AAEM,IAAM,aAAa,EAAE,OAAO;AAAA,EAClC,IAAI,EAAE,OAAO;AAAA,EACb,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC,QAAQ,IAAI,YAAY,CAAC;AAAA,EACtD,eAAe,EAAE,QAAQ,EAAE,QAAQ,KAAK;AAAA,EACxC,MAAM,EAAE,OAAO;AAAA,EACf,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,WAAW,EAAE,KAAK,EAAE,QAAQ,oBAAI,KAAK,CAAC;AAAA,EACtC,WAAW,EAAE,KAAK,EAAE,QAAQ,oBAAI,KAAK,CAAC;AACvC,CAAC;AAEM,IAAM,gBAAgB,EAAE,OAAO;AAAA,EACrC,IAAI,EAAE,OAAO;AAAA,EACb,QAAQ,EAAE,OAAO;AAAA,EACjB,WAAW,EAAE,KAAK;AAAA,EAClB,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,WAAW,EAAE,OAAO,EAAE,SAAS;AAChC,CAAC;AAUM,SAAS,UACf,MACA,QAGC;AACD,QAAM,SAAS,OAAO;AACtB,QAAM,aAAkC,CAAC;AACzC,aAAW,OAAO,MAAM;AACvB,UAAM,QAAQ,OAAO,GAAG;AACxB,QAAI,CAAC,OAAO;AACX,iBAAW,GAAG,IAAI,KAAK,GAAG;AAC1B;AAAA,IACD;AACA,QAAI,MAAM,aAAa,OAAO;AAC7B;AAAA,IACD;AACA,eAAW,GAAG,IAAI,KAAK,GAAG;AAAA,EAC3B;AACA,SAAO;AACR;AAEO,SAAS,aAAa,SAA4B,OAAe;AACvE,MAAI,SAAyC,CAAC;AAC9C,aAAW,UAAU,QAAQ,WAAW,CAAC,GAAG;AAC3C,QAAI,OAAO,UAAU,OAAO,OAAO,KAAK,GAAG;AAC1C,eAAS;AAAA,QACR,GAAG;AAAA,QACH,GAAG,OAAO,OAAO,KAAK,EAAE;AAAA,MACzB;AAAA,IACD;AAAA,EACD;AACA,SAAO;AACR;AAEO,SAAS,UAAU,SAA4B,MAAY;AACjE,QAAM,SAAS,aAAa,SAAS,MAAM;AAC3C,SAAO,UAAU,MAAM,EAAE,QAAQ,OAAO,CAAC;AAC1C;AAEO,SAAS,aAAa,SAA4B,SAAkB;AAC1E,QAAM,SAAS,aAAa,SAAS,SAAS;AAC9C,SAAO,UAAU,SAAS,EAAE,QAAQ,OAAO,CAAC;AAC7C;AAEO,SAAS,aAAa,SAA4B,SAAkB;AAC1E,QAAM,SAAS,aAAa,SAAS,SAAS;AAC9C,SAAO,UAAU,SAAS,EAAE,QAAQ,OAAO,CAAC;AAC7C;;;AC9FA,SAAS,gBAAgB;AACzB,SAAS,KAAAA,UAAS;;;ACDlB,SAAS,yBAAyB;AAClC,SAAS,YAAY,YAAY,mBAAmB;AACpD,SAAS,oBAAoB;AAC7B,SAAS,cAAc;AAEvB,eAAsB,MAAM,WAAmB,SAAiB;AAC/D,QAAM,MAAM,IAAI,YAAY;AAC5B,QAAM,YAAY,EAAE,MAAM,QAAQ,MAAM,UAAU;AAClD,QAAM,MAAM,MAAM,OAAO,OAAO;AAAA,IAC/B;AAAA,IACA,IAAI,OAAO,SAAS;AAAA,IACpB;AAAA,IACA;AAAA,IACA,CAAC,QAAQ,QAAQ;AAAA,EAClB;AACA,QAAM,YAAY,MAAM,OAAO,OAAO;AAAA,IACrC,UAAU;AAAA,IACV;AAAA,IACA,IAAI,OAAO,OAAO;AAAA,EACnB;AACA,SAAO,KAAK,OAAO,aAAa,GAAG,IAAI,WAAW,SAAS,CAAC,CAAC;AAC9D;;;ACrBA;AAAA,EAGC;AAAA,EACA;AAAA,EACA;AAAA,OACM;AAIA,IAAM,oBAAoB,iBAAiB,YAAY;AAM7D,SAAO,CAAC;AACT,CAAC;AAEM,IAAM,uBAAuB,wBAAwB;AAAA,EAC3D,KAAK,CAAC,iBAAiB;AACxB,CAAC;AAEM,IAAM,qBAAqB,sBAAsB;AAAA,EACvD,KAAK,CAAC,iBAAiB;AACxB,CAAC;;;AFpBM,IAAM,iBAAiB;AAAA,EAC7B;AAAA,IACC,MAAMC,GACJ,OAAO;AAAA,MACP,WAAWA,GAAE,OAAO,EAAE,SAAS;AAAA,IAChC,CAAC,EACA,SAAS;AAAA,EACZ;AAAA,EACA,OAAO,QAAQ;AACd,QACC,IAAI,SAAS,WAAW,UACxB,IAAI,QAAQ,QAAQ,UAAU,kBAC7B;AACD;AAAA,IACD;AACA,UAAM,MAAM,IAAI,IAAI,IAAI,QAAQ,GAAG;AACnC,YAAQ,IAAI,IAAI,QAAQ,IAAI,QAAQ,QAAQ,OAAO;AAMnD,QACC,IAAI,WAAW,IAAI,QAAQ,QAAQ,WACnC,IAAI,QAAQ,QAAQ,gBAAgB,SAAS,IAAI,MAAM,GACtD;AACD;AAAA,IACD;AAEA,UAAM,YAAY,IAAI,MAAM;AAC5B,UAAM,aAAa,MAAM,IAAI;AAAA,MAC5B,IAAI,QAAQ,YAAY,UAAU;AAAA,MAClC,IAAI,QAAQ;AAAA,IACb;AACA,UAAM,CAAC,OAAO,IAAI,IAAI,YAAY,MAAM,GAAG,KAAK,CAAC,MAAM,IAAI;AAC3D,QACC,CAAC,aACD,CAAC,cACD,CAAC,SACD,CAAC,QACD,eAAe,WACd;AACD,UAAI,UAAU,IAAI,QAAQ,YAAY,UAAU,MAAM,IAAI;AAAA,QACzD,QAAQ;AAAA,MACT,CAAC;AACD,YAAM,IAAI,SAAS,gBAAgB;AAAA,QAClC,SAAS;AAAA,MACV,CAAC;AAAA,IACF;AACA,UAAM,eAAe,MAAM,MAAM,IAAI,QAAQ,QAAQ,KAAK;AAC1D,QAAI,SAAS,cAAc;AAC1B,UAAI,UAAU,IAAI,QAAQ,YAAY,UAAU,MAAM,IAAI;AAAA,QACzD,QAAQ;AAAA,MACT,CAAC;AACD,YAAM,IAAI,SAAS,gBAAgB;AAAA,QAClC,SAAS;AAAA,MACV,CAAC;AAAA,IACF;AAAA,EACD;AACD;;;AGhEA,SAAS,YAAAC,iBAAgB;AACzB,SAAS,4BAA4B;AACrC,SAAS,gBAAgB;AACzB,SAAS,KAAAC,UAAS;;;ACHlB,OAA6B;AAE7B,SAAS,gBAAgB;AACzB,SAAS,mBAAmB;;;ACHrB,IAAM,kBAAN,cAA8B,MAAM;AAAA,EAC1C,YAAY,SAAiB;AAC5B,UAAM,OAAO;AAAA,EACd;AACD;;;ACFA,SAAS,aAAa,KAAsB;AAC3C,MAAI;AACH,UAAM,YAAY,IAAI,IAAI,GAAG;AAC7B,WAAO,UAAU,aAAa;AAAA,EAC/B,SAASC,QAAO;AACf,YAAQ,MAAM,gBAAgBA,MAAK;AACnC,WAAO;AAAA,EACR;AACD;AAEA,SAAS,SAAS,KAAa,OAAO,aAAa;AAClD,QAAM,UAAU,aAAa,GAAG;AAChC,MAAI,SAAS;AACZ,WAAO;AAAA,MACN,SAAS,IAAI,IAAI,GAAG,EAAE;AAAA,MACtB,UAAU;AAAA,IACX;AAAA,EACD;AACA,SAAO,KAAK,WAAW,GAAG,IAAI,OAAO,IAAI,IAAI;AAC7C,SAAO;AAAA,IACN,SAAS;AAAA,IACT,UAAU,GAAG,GAAG,GAAG,IAAI;AAAA,EACxB;AACD;AAEO,SAAS,WAAW,KAAc,MAAe;AACvD,MAAI,KAAK;AACR,WAAO,SAAS,KAAK,IAAI;AAAA,EAC1B;AAEA,QAAM,MACL,OAAO,YAAY,cAChB,QAAQ,MACR,OAAO,gBAAgB;AAAA;AAAA,IAEvB,YAAY;AAAA,MACX,CAAC;AACN,QAAM,UACL,IAAI,mBACJ,IAAI,YACJ,IAAI,wBACJ,IAAI,+BACJ,IAAI,mBACJ,IAAI,0BACJ,IAAI,+BACJ,IAAI;AACL,MAAI,SAAS;AACZ,WAAO,SAAS,SAAS,IAAI;AAAA,EAC9B;AAEA,QAAM,QACL,CAAC,YAAY,IAAI,aAAa,iBAAiB,IAAI,aAAa;AACjE,MAAI,OAAO;AACV,WAAO;AAAA,MACN,SAAS;AAAA,MACT,UAAU;AAAA,IACX;AAAA,EACD;AACA,QAAM,IAAI;AAAA,IACT;AAAA,EACD;AACD;;;AC7DO,SAAS,eAAe,YAAoB,aAAsB;AACxE,SAAO,eAAe,GAAG,WAAW,CAAC,sBAAsB,UAAU;AACtE;;;AHmDO,IAAM,QAAQ,CAAC;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AACD,MAAoB;AACnB,QAAM,gBAAgB;AACtB,gBAAc,eAAe,SAAS,WAAW;AACjD,SAAO;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,uBAAuB,EAAE,OAAO,OAAO,GAAG;AACzC,YAAM,SAAS,UAAU,CAAC,SAAS,QAAQ,QAAQ;AACnD,aAAO,IAAI;AAAA,QACV,sDAAsD,QAAQ,oCAAoC,WAAW,UAAU,OAAO;AAAA,UAC7H;AAAA,QACD,CAAC,UAAU,KAAK;AAAA,MACjB;AAAA,IACD;AAAA,IACA,2BAA2B,OAAO,SAAS;AAC1C,YAAM,OAAO,MAAM,YAA0B,eAAe;AAAA,QAC3D,QAAQ;AAAA,QACR,MAAM,IAAI,gBAAgB;AAAA,UACzB,WAAW;AAAA,UACX,eAAe;AAAA,UACf,YAAY;AAAA,UACZ;AAAA,QACD,CAAC;AAAA,QACD,SAAS;AAAA,UACR,gBAAgB;AAAA,QACjB;AAAA,MACD,CAAC;AACD,UAAI,KAAK,OAAO;AACf,cAAM,IAAI,gBAAgB,KAAK,OAAO,WAAW,EAAE;AAAA,MACpD;AACA,aAAO,KAAK;AAAA,IACb;AAAA,IACA,MAAM,YAAY,OAAO;AACxB,YAAM,OAAO,SAAS,MAAM,QAAQ,CAAC,GAAG;AACxC,UAAI,CAAC,MAAM;AACV,eAAO;AAAA,MACR;AACA,aAAO;AAAA,QACN,MAAM;AAAA,UACL,IAAI,KAAK;AAAA,UACT,MAAM,KAAK;AAAA,UACX,OAAO,KAAK;AAAA,UACZ,eAAe,KAAK,mBAAmB;AAAA,QACxC;AAAA,QACA;AAAA,MACD;AAAA,IACD;AAAA,EACD;AACD;;;AI3GA,SAAS,eAAAC,oBAAmB;AAC5B,SAAS,eAAe;AAkFjB,IAAM,UAAU,CAAC;AAAA,EACvB;AAAA,EACA;AAAA,EACA;AACD,MAAsB;AACrB,QAAM,gBAAgB,IAAI;AAAA,IACzB;AAAA,IACA;AAAA,IACA,eAAe,WAAW,WAAW;AAAA,EACtC;AACA,SAAO;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,uBAAuB,EAAE,OAAO,OAAO,GAAG;AACzC,YAAM,SAAS,UAAU,CAAC,OAAO;AACjC,aAAO,cAAc,uBAAuB,OAAO,MAAM;AAAA,IAC1D;AAAA,IACA,2BAA2B,cAAc;AAAA,IACzC,MAAM,YAAY,OAAO;AACxB,YAAM,EAAE,MAAM,SAAS,OAAAC,OAAM,IAAI,MAAMC;AAAA,QACtC;AAAA,QACA;AAAA,UACC,MAAM;AAAA,YACL,MAAM;AAAA,YACN,OAAO,MAAM;AAAA,UACd;AAAA,QACD;AAAA,MACD;AACA,UAAID,QAAO;AACV,eAAO;AAAA,MACR;AACA,aAAO;AAAA,QACN,MAAM;AAAA,UACL,IAAI,QAAQ;AAAA,UACZ,MAAM,QAAQ,gBAAgB,QAAQ,YAAY;AAAA,UAClD,OAAO,QAAQ;AAAA,UACf,eAAe,QAAQ;AAAA,QACxB;AAAA,QACA,MAAM;AAAA,MACP;AAAA,IACD;AAAA,EACD;AACD;;;AC7HA,SAAS,eAAAE,oBAAmB;AAC5B,SAAS,gBAAgB;AAuBlB,IAAM,WAAW,CAAC;AAAA,EACxB;AAAA,EACA;AAAA,EACA;AACD,MAAuB;AACtB,QAAM,iBAAiB,IAAI;AAAA,IAC1B;AAAA,IACA;AAAA,IACA,eAAe,YAAY,WAAW;AAAA,EACvC;AACA,SAAO;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,uBAAuB,EAAE,OAAO,OAAO,GAAG;AACzC,YAAM,UAAU,UAAU,CAAC,SAAS,gBAAgB;AACpD,aAAO,eAAe,uBAAuB,OAAO,OAAO;AAAA,IAC5D;AAAA,IACA,2BAA2B,eAAe;AAAA,IAC1C,MAAM,YAAY,OAAO;AACxB,YAAM,EAAE,MAAM,SAAS,OAAAC,OAAM,IAAI,MAAMC;AAAA,QACtC;AAAA,QACA;AAAA,UACC,MAAM;AAAA,YACL,MAAM;AAAA,YACN,OAAO,MAAM;AAAA,UACd;AAAA,QACD;AAAA,MACD;AACA,UAAID,QAAO;AACV,eAAO;AAAA,MACR;AACA,aAAO;AAAA,QACN,MAAM;AAAA,UACL,IAAI,QAAQ;AAAA,UACZ,MAAM,QAAQ;AAAA,UACd,OAAO,QAAQ;AAAA,UACf,eAAe,QAAQ;AAAA,QACxB;AAAA,QACA,MAAM;AAAA,MACP;AAAA,IACD;AAAA,EACD;AACD;;;AClEA,SAAS,eAAAE,oBAAmB;AAC5B,SAAS,cAAc;AA0DhB,IAAM,SAAS,CAAC;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AACD,MAAqB;AACpB,QAAM,eAAe,IAAI;AAAA,IACxB;AAAA,IACA;AAAA,IACA,eAAe,UAAU,WAAW;AAAA,EACrC;AACA,SAAO;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,uBAAuB,EAAE,OAAO,OAAO,GAAG;AACzC,YAAM,UAAU,UAAU,CAAC,YAAY;AACvC,aAAO,aAAa,uBAAuB,OAAO,OAAO;AAAA,IAC1D;AAAA,IACA,2BAA2B,aAAa;AAAA,IACxC,MAAM,YAAY,OAAO;AACxB,YAAM,EAAE,MAAM,SAAS,OAAAC,OAAM,IAAI,MAAMC;AAAA,QACtC;AAAA,QACA;AAAA,UACC,QAAQ;AAAA,UACR,SAAS;AAAA,YACR,eAAe,UAAU,MAAM,WAAW;AAAA,UAC3C;AAAA,QACD;AAAA,MACD;AACA,UAAID,QAAO;AACV,eAAO;AAAA,MACR;AACA,UAAI,gBAAgB;AACpB,UAAI,CAAC,QAAQ,OAAO;AACnB,cAAM,EAAE,MAAM,OAAAA,OAAM,IAAI,MAAMC,aAO5B,sCAAsC;AAAA,UACvC,SAAS;AAAA,YACR,eAAe,UAAU,MAAM,WAAW;AAAA,YAC1C,cAAc;AAAA,UACf;AAAA,QACD,CAAC;AACD,YAAI,CAACD,QAAO;AACX,kBAAQ,SAAS,KAAK,KAAK,CAAC,MAAM,EAAE,OAAO,KAAK,KAAK,CAAC,IACnD;AACH,0BACC,KAAK,KAAK,CAAC,MAAM,EAAE,UAAU,QAAQ,KAAK,GAAG,YAAY;AAAA,QAC3D;AAAA,MACD;AACA,aAAO;AAAA,QACN,MAAM;AAAA,UACL,IAAI,QAAQ;AAAA,UACZ,MAAM,QAAQ;AAAA,UACd,OAAO,QAAQ;AAAA,UACf,OAAO,QAAQ;AAAA,UACf;AAAA,UACA,WAAW,oBAAI,KAAK;AAAA,UACpB,WAAW,oBAAI,KAAK;AAAA,QACrB;AAAA,QACA,MAAM;AAAA,MACP;AAAA,IACD;AAAA,EACD;AACD;;;AC9HA,SAAS,cAAc;AACvB,SAAS,YAAAE,iBAAgB;AAsClB,IAAM,SAAS,CAAC;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AACD,MAAqB;AACpB,QAAM,eAAe,IAAI;AAAA,IACxB;AAAA,IACA;AAAA,IACA,eAAe,UAAU,WAAW;AAAA,EACrC;AACA,SAAO;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,uBAAuB,EAAE,OAAO,QAAQ,aAAa,GAAG;AACvD,UAAI,CAAC,cAAc;AAClB,cAAM,IAAI,gBAAgB,qCAAqC;AAAA,MAChE;AACA,YAAM,UAAU,UAAU,CAAC,SAAS,SAAS;AAC7C,aAAO,aAAa,uBAAuB,OAAO,cAAc,OAAO;AAAA,IACxE;AAAA,IACA,2BAA2B,OAAO,MAAM,iBAAiB;AACxD,UAAI,CAAC,cAAc;AAClB,cAAM,IAAI,gBAAgB,qCAAqC;AAAA,MAChE;AACA,aAAO,aAAa,0BAA0B,MAAM,YAAY;AAAA,IACjE;AAAA,IACA,MAAM,YAAY,OAAO;AACxB,UAAI,CAAC,MAAM,SAAS;AACnB,eAAO;AAAA,MACR;AACA,YAAM,OAAOC,UAAS,MAAM,QAAQ,CAAC,GAAG;AACxC,aAAO;AAAA,QACN,MAAM;AAAA,UACL,IAAI,KAAK;AAAA,UACT,MAAM,KAAK;AAAA,UACX,OAAO,KAAK;AAAA,UACZ,OAAO,KAAK;AAAA,UACZ,eAAe,KAAK;AAAA,QACrB;AAAA,QACA,MAAM;AAAA,MACP;AAAA,IACD;AAAA,EACD;AACD;;;AClFA,SAAS,eAAAC,oBAAmB;AAC5B,SAAS,eAAe;AAmBjB,IAAM,UAAU,CAAC;AAAA,EACvB;AAAA,EACA;AAAA,EACA;AACD,MAAsB;AACrB,QAAM,gBAAgB,IAAI;AAAA,IACzB;AAAA,IACA;AAAA,IACA,eAAe,WAAW,WAAW;AAAA,EACtC;AACA,SAAO;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,uBAAuB,EAAE,OAAO,OAAO,GAAG;AACzC,YAAM,UAAU,UAAU,CAAC,iBAAiB;AAC5C,aAAO,cAAc,uBAAuB,OAAO,OAAO;AAAA,IAC3D;AAAA,IACA,2BAA2B,cAAc;AAAA,IACzC,MAAM,YAAY,OAAO;AACxB,YAAM,EAAE,MAAM,SAAS,OAAAC,OAAM,IAAI,MAAMC;AAAA,QACtC;AAAA,QACA;AAAA,UACC,QAAQ;AAAA,UACR,SAAS;AAAA,YACR,eAAe,UAAU,MAAM,WAAW;AAAA,UAC3C;AAAA,QACD;AAAA,MACD;AACA,UAAID,QAAO;AACV,eAAO;AAAA,MACR;AACA,aAAO;AAAA,QACN,MAAM;AAAA,UACL,IAAI,QAAQ;AAAA,UACZ,MAAM,QAAQ;AAAA,UACd,OAAO,QAAQ;AAAA,UACf,OAAO,QAAQ,OAAO,CAAC,GAAG;AAAA,UAC1B,eAAe;AAAA,QAChB;AAAA,QACA,MAAM;AAAA,MACP;AAAA,IACD;AAAA,EACD;AACD;;;AC/DA,SAAS,eAAAE,oBAAmB;AAC5B,SAAS,cAAc;AA6BhB,IAAM,SAAS,CAAC;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AACD,MAAqB;AACpB,QAAM,eAAe,IAAI;AAAA,IACxB;AAAA,IACA;AAAA,IACA,eAAe,UAAU,WAAW;AAAA,EACrC;AACA,SAAO;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,uBAAuB,EAAE,OAAO,OAAO,GAAG;AACzC,YAAM,UAAU,UAAU,CAAC,kBAAkB,MAAM;AACnD,aAAO,aAAa,uBAAuB,OAAO,OAAO;AAAA,IAC1D;AAAA,IACA,2BAA2B,aAAa;AAAA,IACxC,MAAM,YAAY,OAAO;AACxB,YAAM,EAAE,MAAM,SAAS,OAAAC,OAAM,IAAI,MAAMC;AAAA,QACtC;AAAA,QACA;AAAA,UACC,QAAQ;AAAA,UACR,SAAS;AAAA,YACR,eAAe,UAAU,MAAM,WAAW;AAAA,UAC3C;AAAA,QACD;AAAA,MACD;AACA,UAAID,QAAO;AACV,eAAO;AAAA,MACR;AACA,aAAO;AAAA,QACN,MAAM;AAAA,UACL,IAAI,QAAQ;AAAA,UACZ,MAAM,QAAQ;AAAA,UACd,OAAO,QAAQ;AAAA,UACf,OAAO,QAAQ;AAAA,UACf,eAAe;AAAA,QAChB;AAAA,QACA,MAAM;AAAA,MACP;AAAA,IACD;AAAA,EACD;AACD;;;ACzEA,SAAS,eAAAE,oBAAmB;AAC5B,SAAS,eAAe;AAoGjB,IAAM,UAAU,CAAC;AAAA,EACvB;AAAA,EACA;AAAA,EACA;AACD,MAAqB;AACpB,QAAM,gBAAgB,IAAI;AAAA,IACzB;AAAA,IACA;AAAA,IACA,eAAe,WAAW,WAAW;AAAA,EACtC;AACA,SAAO;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,uBAAuB,MAAM;AAC5B,YAAM,UAAU,KAAK,UAAU,CAAC,mBAAmB;AACnD,aAAO,cAAc;AAAA,QACpB,KAAK;AAAA,QACL,KAAK;AAAA,QACL;AAAA,MACD;AAAA,IACD;AAAA,IACA,2BAA2B,OAAO,MAAM,iBAAiB;AACxD,UAAI,CAAC,cAAc;AAClB,cAAM,IAAI,gBAAgB,sCAAsC;AAAA,MACjE;AACA,aAAO,cAAc,0BAA0B,MAAM,YAAY;AAAA,IAClE;AAAA,IACA,MAAM,YAAY,OAAO;AACxB,YAAM,EAAE,MAAM,SAAS,OAAAC,OAAM,IAAI,MAAMC;AAAA,QACtC;AAAA,QACA;AAAA,UACC,QAAQ;AAAA,UACR,SAAS;AAAA,YACR,eAAe,UAAU,MAAM,WAAW;AAAA,UAC3C;AAAA,QACD;AAAA,MACD;AACA,UAAID,QAAO;AACV,eAAO;AAAA,MACR;AACA,UAAI,CAAC,QAAQ,KAAK,OAAO;AACxB,eAAO;AAAA,MACR;AACA,aAAO;AAAA,QACN,MAAM;AAAA,UACL,IAAI,QAAQ,KAAK;AAAA,UACjB,MAAM,QAAQ,KAAK;AAAA,UACnB,OAAO,QAAQ,KAAK;AAAA,UACpB,OAAO,QAAQ,KAAK;AAAA,UACpB,eAAe,QAAQ,KAAK,YAAY;AAAA,QACzC;AAAA,QACA,MAAM;AAAA,MACP;AAAA,IACD;AAAA,EACD;AACD;;;ACzJA,OAA6B;;;ACMtB,IAAM,iBAAiB;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACD;AAEO,IAAM,oBAAoB,OAAO,KAAK,cAAc;;;ACpB3D,SAAS,iBAAiB,0BAA0B;AAE7C,SAAS,cAAc,aAAsB,YAAqB;AACxE,QAAM,OAAO,mBAAmB;AAChC,QAAM,QAAQ,GAAG,IAAI,IAAI,WAAW,IAAI,UAAU;AAClD,SAAO,EAAE,OAAO,KAAK;AACtB;AAEO,SAAS,WAAW,OAAe;AACzC,QAAM,CAAC,MAAM,aAAa,UAAU,IAAI,MAAM,MAAM,GAAG;AACvD,SAAO,EAAE,MAAM,aAAa,WAAW;AACxC;;;ACRO,IAAM,aAAa;AAAA,EACzB;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,IACR,gBAAgB;AAAA,EACjB;AAAA,EACA,OAAO,QAAQ;AACd,UAAM,qBAAqB,MAAM,IAAI;AAAA,MACpC,IAAI,QAAQ,YAAY,aAAa;AAAA,MACrC,IAAI,QAAQ;AAAA,IACb;AACA,QAAI,CAAC,oBAAoB;AACxB,aAAO,IAAI,KAAK,MAAM;AAAA,QACrB,QAAQ;AAAA,MACT,CAAC;AAAA,IACF;AACA,UAAM,UACL,MAAM,IAAI,QAAQ,gBAAgB,YAAY,kBAAkB;AACjE,QAAI,CAAC,WAAW,QAAQ,QAAQ,YAAY,oBAAI,KAAK,GAAG;AACvD,UAAI;AAAA,QACH,IAAI,QAAQ,YAAY,aAAa;AAAA,QACrC;AAAA,QACA,IAAI,QAAQ;AAAA,QACZ;AAAA,UACC,QAAQ;AAAA,QACT;AAAA,MACD;AACA,aAAO,IAAI,KAAK,MAAM;AAAA,QACrB,QAAQ;AAAA,MACT,CAAC;AAAA,IACF;AACA,UAAM,iBAAiB,MAAM,IAAI,QAAQ,gBAAgB;AAAA,MACxD,QAAQ;AAAA,IACT;AAEA,UAAM,IAAI;AAAA,MACT,IAAI,QAAQ,YAAY,aAAa;AAAA,MACrC,eAAe;AAAA,MACf,IAAI,QAAQ;AAAA,MACZ;AAAA,QACC,GAAG,IAAI,QAAQ,YAAY,aAAa;AAAA,QACxC,QAAQ,eAAe,UAAU,QAAQ,IAAI,KAAK,IAAI;AAAA,MACvD;AAAA,IACD;AACA,WAAO,IAAI,KAAK;AAAA,MACf,SAAS;AAAA,MACT,MAAM,QAAQ;AAAA,IACf,CAAC;AAAA,EACF;AACD;AAEO,IAAM,oBAAoB,OAAO,QAA2B;AAClE,QAAM,UAAU,MAAM,WAAW;AAAA,IAChC,GAAG;AAAA;AAAA,IAEH,OAAO;AAAA,EACR,CAAC;AACD,SAAO;AACR;;;AfpDO,IAAM,cAAc;AAAA,EAC1B;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,IACR,gBAAgB;AAAA,IAChB,OAAOE,GACL,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA,MAKP,YAAYA,GAAE,OAAO,EAAE,SAAS;AAAA,IACjC,CAAC,EACA,SAAS;AAAA,IACX,MAAMA,GAAE,OAAO;AAAA;AAAA;AAAA;AAAA,MAId,aAAaA,GAAE,OAAO,EAAE,SAAS;AAAA;AAAA;AAAA;AAAA,MAIjC,UAAUA,GAAE,KAAK,iBAAiB;AAAA,IACnC,CAAC;AAAA,EACF;AAAA,EACA,OAAO,MAAM;AACZ,UAAM,WAAW,EAAE,QAAQ,QAAQ,gBAAgB;AAAA,MAClD,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK;AAAA,IACxB;AACA,QAAI,CAAC,UAAU;AACd,QAAE,QAAQ,OAAO;AAAA,QAChB;AAAA,QACA;AAAA,UACC,UAAU,EAAE,KAAK;AAAA,QAClB;AAAA,MACD;AACA,YAAM,IAAIC,UAAS,WAAW;AAAA,IAC/B;AACA,UAAM,SAAS,EAAE,QAAQ;AACzB,UAAM,aAAa,EAAE,OAAO,aACzB,IAAI,IAAI,EAAE,OAAO,UAAU,IAC3B;AACH,UAAM,QAAQ;AAAA,MACb,EAAE,KAAK,eAAe,YAAY,UAAU,EAAE,QAAQ;AAAA,MACtD,EAAE,OAAO;AAAA,IACV;AACA,QAAI;AACH,YAAM,EAAE;AAAA,QACP,OAAO,MAAM;AAAA,QACb,MAAM;AAAA,QACN,EAAE,QAAQ;AAAA,QACV,OAAO,MAAM;AAAA,MACd;AACA,YAAM,eAAe,qBAAqB;AAC1C,YAAM,EAAE;AAAA,QACP,OAAO,eAAe;AAAA,QACtB;AAAA,QACA,EAAE,QAAQ;AAAA,QACV,OAAO,eAAe;AAAA,MACvB;AACA,YAAM,MAAM,SAAS,uBAAuB;AAAA,QAC3C,OAAO,MAAM;AAAA,QACb;AAAA,MACD,CAAC;AACD,aAAO;AAAA,QACN,KAAK,IAAI,SAAS;AAAA,QAClB,OAAO,MAAM;AAAA,QACb;AAAA,QACA,UAAU;AAAA,MACX;AAAA,IACD,SAAS,GAAG;AACX,YAAM,IAAIA,UAAS,uBAAuB;AAAA,IAC3C;AAAA,EACD;AACD;AAEO,IAAM,cAAc;AAAA,EAC1B;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,IACR,MAAMD,GAAE,OAAO;AAAA,MACd,OAAOA,GAAE,OAAO,EAAE,MAAM;AAAA,MACxB,UAAUA,GAAE,OAAO;AAAA,MACnB,aAAaA,GAAE,OAAO,EAAE,SAAS;AAAA;AAAA;AAAA;AAAA;AAAA,MAKjC,gBAAgBA,GAAE,QAAQ,EAAE,QAAQ,KAAK,EAAE,SAAS;AAAA,IACrD,CAAC;AAAA,EACF;AAAA,EACA,OAAO,QAAQ;AACd,QAAI,CAAC,IAAI,QAAQ,SAAS,kBAAkB,SAAS;AACpD,UAAI,QAAQ,OAAO,MAAM,mCAAmC;AAC5D,YAAM,IAAIC,UAAS,eAAe;AAAA,QACjC,SAAS;AAAA,MACV,CAAC;AAAA,IACF;AACA,UAAM,iBAAiB,MAAM,kBAAkB,GAAG;AAClD,QAAI,gBAAgB;AACnB,aAAO,IAAI,KAAK;AAAA,QACf,MAAM,eAAe;AAAA,QACrB,SAAS,eAAe;AAAA,QACxB,UAAU,CAAC,CAAC,IAAI,KAAK;AAAA,QACrB,KAAK,IAAI,KAAK;AAAA,MACf,CAAC;AAAA,IACF;AACA,UAAM,EAAE,OAAO,SAAS,IAAI,IAAI;AAChC,UAAM,WAAW,IAAI,SAAS;AAC9B,UAAM,OAAO,MAAM,IAAI,QAAQ,gBAAgB,gBAAgB,KAAK;AACpE,QAAI,CAAC,MAAM;AACV,YAAM,SAAS,KAAK,QAAQ;AAC5B,UAAI,QAAQ,OAAO,MAAM,kBAAkB,EAAE,MAAM,CAAC;AACpD,YAAM,IAAIA,UAAS,gBAAgB;AAAA,QAClC,SAAS;AAAA,MACV,CAAC;AAAA,IACF;AACA,UAAM,oBAAoB,KAAK,SAAS;AAAA,MACvC,CAAC,MAAM,EAAE,eAAe;AAAA,IACzB;AACA,QAAI,CAAC,mBAAmB;AACvB,UAAI,QAAQ,OAAO,MAAM,gCAAgC,EAAE,MAAM,CAAC;AAClE,YAAM,IAAIA,UAAS,gBAAgB;AAAA,QAClC,SAAS;AAAA,MACV,CAAC;AAAA,IACF;AACA,UAAM,kBAAkB,mBAAmB;AAC3C,QAAI,CAAC,iBAAiB;AACrB,UAAI,QAAQ,OAAO,MAAM,sBAAsB,EAAE,MAAM,CAAC;AACxD,YAAM,IAAIA,UAAS,gBAAgB;AAAA,QAClC,SAAS;AAAA,MACV,CAAC;AAAA,IACF;AACA,UAAM,gBAAgB,MAAM,SAAS,OAAO,iBAAiB,QAAQ;AACrE,QAAI,CAAC,eAAe;AACnB,UAAI,QAAQ,OAAO,MAAM,kBAAkB;AAC3C,YAAM,IAAIA,UAAS,gBAAgB;AAAA,QAClC,SAAS;AAAA,MACV,CAAC;AAAA,IACF;AACA,UAAM,UAAU,MAAM,IAAI,QAAQ,gBAAgB;AAAA,MACjD,KAAK,KAAK;AAAA,MACV,IAAI;AAAA,IACL;AACA,UAAM,IAAI;AAAA,MACT,IAAI,QAAQ,YAAY,aAAa;AAAA,MACrC,QAAQ;AAAA,MACR,IAAI,QAAQ;AAAA,MACZ,IAAI,KAAK,iBACN;AAAA,QACA,GAAG,IAAI,QAAQ,YAAY,aAAa;AAAA,QACxC,QAAQ;AAAA,MACT,IACC,IAAI,QAAQ,YAAY,aAAa;AAAA,IACzC;AACA,WAAO,IAAI,KAAK;AAAA,MACf,MAAM,KAAK;AAAA,MACX;AAAA,MACA,UAAU,CAAC,CAAC,IAAI,KAAK;AAAA,MACrB,KAAK,IAAI,KAAK;AAAA,IACf,CAAC;AAAA,EACF;AACD;;;AgB3KA,SAAS,YAAAC,iBAAgB;AACzB,SAAS,KAAAC,UAAS;;;ACDX,IAAM,0BAA0B;AAAA,EACtC,UAAU;AACX;;;ACFA,SAAS,UAAU,4BAA4B;AACxC,IAAM,aAAa,MAAM;AAC/B,SAAO,qBAAqB,IAAI,SAAS,OAAO,KAAK,CAAC;AACvD;;;AFKO,IAAM,gBAAgB;AAAA,EAC5B;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,IACR,OAAOC,GAAE,OAAO;AAAA,MACf,OAAOA,GAAE,OAAO;AAAA,MAChB,MAAMA,GAAE,OAAO;AAAA,MACf,eAAeA,GAAE,OAAO,EAAE,SAAS;AAAA,IACpC,CAAC;AAAA,IACD,UAAU;AAAA,EACX;AAAA,EACA,OAAO,MAAM;AACZ,UAAM,WAAW,EAAE,QAAQ,QAAQ,gBAAgB;AAAA,MAClD,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO;AAAA,IAC1B;AACA,QAAI,CAAC,UAAU;AACd,QAAE,QAAQ,OAAO;AAAA,QAChB;AAAA,QACA,EAAE,OAAO;AAAA,QACT;AAAA,MACD;AACA,YAAM,IAAIC,UAAS,WAAW;AAAA,IAC/B;AACA,UAAM,SAAS,MAAM,SAAS;AAAA,MAC7B,EAAE,MAAM;AAAA,MACR,EAAE,MAAM,iBAAiB;AAAA,IAC1B;AACA,QAAI,CAAC,QAAQ;AACZ,QAAE,QAAQ,OAAO,MAAM,0BAA0B;AACjD,YAAM,IAAIA,UAAS,cAAc;AAAA,IAClC;AACA,UAAM,OAAO,MAAM,SAAS,YAAY,MAAM,EAAE,KAAK,CAAC,QAAQ,KAAK,IAAI;AACvE,UAAM,KAAK,WAAW;AACtB,UAAM,OAAO,WAAW,UAAU;AAAA,MACjC,GAAG;AAAA,MACH;AAAA,IACD,CAAC;AACD,UAAM,EAAE,aAAa,WAAW,IAAI,WAAW,EAAE,MAAM,KAAK;AAC5D,QAAI,CAAC,QAAQ,KAAK,YAAY,OAAO;AACpC,UAAI,YAAY;AACf,cAAM,EAAE,SAAS,GAAG,UAAU,gCAAgC;AAAA,MAC/D,OAAO;AACN,cAAM,IAAIA,UAAS,aAAa;AAAA,MACjC;AAAA,IACD;AACA,QAAI,CAAC,aAAa;AACjB,QAAE,QAAQ,OAAO,MAAM,wBAAwB;AAC/C,YAAM,IAAIA,UAAS,WAAW;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,EAAE,QAAQ,gBAAgB,gBAAgB,KAAK,KAAK;AACzE,UAAM,SAAS,QAAQ,KAAK;AAC5B,QAAI,QAAQ;AAEX,YAAM,gBAAgB,OAAO,SAAS;AAAA,QACrC,CAAC,MAAM,EAAE,eAAe,SAAS;AAAA,MAClC;AACA,UAAI,CAAC,iBAAiB,CAAC,KAAK,eAAe;AAC1C,UAAE,QAAQ,OAAO,MAAM,qBAAqB;AAC5C,cAAM,MAAM,IAAI,IAAI,cAAc,WAAW;AAC7C,YAAI,aAAa,IAAI,SAAS,qBAAqB;AACnD,cAAM,EAAE,SAAS,IAAI,SAAS,CAAC;AAAA,MAChC;AAEA,UAAI,CAAC,iBAAiB,KAAK,eAAe;AACzC,cAAM,EAAE,QAAQ,gBAAgB,YAAY;AAAA,UAC3C,YAAY,SAAS;AAAA,UACrB,WAAW,KAAK;AAAA,UAChB,IAAI,GAAG,SAAS,EAAE,IAAI,KAAK,EAAE;AAAA,UAC7B,QAAQ,OAAO,KAAK;AAAA,UACpB,GAAG;AAAA,QACJ,CAAC;AAAA,MACF;AAAA,IACD,OAAO;AACN,UAAI;AACH,cAAM,EAAE,QAAQ,gBAAgB,gBAAgB,KAAK,MAAM;AAAA,UAC1D,GAAG;AAAA,UACH,IAAI,GAAG,SAAS,EAAE,IAAI,KAAK,EAAE;AAAA,UAC7B,YAAY,SAAS;AAAA,UACrB,WAAW,KAAK;AAAA,UAChB,QAAQ;AAAA,QACT,CAAC;AAAA,MACF,SAAS,GAAG;AACX,cAAM,MAAM,IAAI,IAAI,cAAc,WAAW;AAC7C,YAAI,aAAa,IAAI,SAAS,uBAAuB;AACrD,UAAE,UAAU,YAAY,IAAI,SAAS,CAAC;AACtC,cAAM,EAAE,SAAS,IAAI,SAAS,CAAC;AAAA,MAChC;AAAA,IACD;AAEA,QAAI,CAAC,UAAU,CAAC;AACf,YAAM,IAAIA,UAAS,yBAAyB;AAAA,QAC3C,SAAS;AAAA,MACV,CAAC;AAEF,UAAM,UAAU,MAAM,EAAE,QAAQ,gBAAgB;AAAA,MAC/C,UAAU;AAAA,MACV,EAAE;AAAA,IACH;AACA,QAAI;AACH,YAAM,EAAE;AAAA,QACP,EAAE,QAAQ,YAAY,aAAa;AAAA,QACnC,QAAQ;AAAA,QACR,EAAE,QAAQ;AAAA,QACV,EAAE,QAAQ,YAAY,aAAa;AAAA,MACpC;AAAA,IACD,SAAS,GAAG;AACX,QAAE,QAAQ,OAAO,MAAM,gCAAgC,CAAC;AACxD,YAAM,MAAM,IAAI,IAAI,cAAc,WAAW;AAC7C,UAAI,aAAa,IAAI,SAAS,0BAA0B;AACxD,YAAM,EAAE,SAAS,IAAI,SAAS,CAAC;AAAA,IAChC;AACA,UAAM,EAAE,SAAS,WAAW;AAAA,EAC7B;AACD;;;AG1HA,SAAS,KAAAC,UAAS;AAGX,IAAM,UAAU;AAAA,EACtB;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,IACR,MAAMC,GACJ,OAAO;AAAA,MACP,aAAaA,GAAE,OAAO,EAAE,SAAS;AAAA,IAClC,CAAC,EACA,SAAS;AAAA,EACZ;AAAA,EACA,OAAO,QAAQ;AACd,UAAM,qBAAqB,MAAM,IAAI;AAAA,MACpC,IAAI,QAAQ,YAAY,aAAa;AAAA,MACrC,IAAI,QAAQ;AAAA,IACb;AACA,QAAI,CAAC,oBAAoB;AACxB,aAAO,IAAI,KAAK,IAAI;AAAA,IACrB;AACA,UAAM,IAAI,QAAQ,gBAAgB,cAAc,kBAAkB;AAClE,QAAI,UAAU,IAAI,QAAQ,YAAY,aAAa,MAAM,IAAI;AAAA,MAC5D,QAAQ;AAAA,IACT,CAAC;AACD,WAAO,IAAI,KAAK,MAAM;AAAA,MACrB,MAAM;AAAA,QACL,UAAU,CAAC,CAAC,IAAI,MAAM;AAAA,QACtB,KAAK,IAAI,MAAM;AAAA,MAChB;AAAA,IACD,CAAC;AAAA,EACF;AACD;;;AChCA,SAAS,gBAAgB;AACzB,SAAS,iBAAiB;AAC1B,SAAS,mBAAmB;AAC5B,SAAS,YAAAC,iBAAgB;AACzB,SAAS,KAAAC,UAAS;AAGX,IAAM,iBAAiB;AAAA,EAC7B;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,IACR,MAAMC,GAAE,OAAO;AAAA;AAAA;AAAA;AAAA,MAId,OAAOA,GAAE,OAAO,EAAE,MAAM;AAAA,IACzB,CAAC;AAAA,EACF;AAAA,EACA,OAAO,QAAQ;AACd,QAAI,CAAC,IAAI,QAAQ,QAAQ,kBAAkB,wBAAwB;AAClE,UAAI,QAAQ,OAAO;AAAA,QAClB;AAAA,MACD;AACA,aAAO,IAAI,KAAK,MAAM;AAAA,QACrB,QAAQ;AAAA,QACR,YAAY;AAAA,QACZ,MAAM;AAAA,UACL,SAAS;AAAA,QACV;AAAA,MACD,CAAC;AAAA,IACF;AACA,UAAM,EAAE,MAAM,IAAI,IAAI;AACtB,UAAM,OAAO,MAAM,IAAI,QAAQ,gBAAgB,gBAAgB,KAAK;AACpE,QAAI,CAAC,MAAM;AACV,aAAO,IAAI;AAAA,QACV;AAAA,UACC,OAAO;AAAA,QACR;AAAA,QACA;AAAA,UACC,QAAQ;AAAA,UACR,YAAY;AAAA,UACZ,MAAM;AAAA,YACL,SAAS;AAAA,UACV;AAAA,QACD;AAAA,MACD;AAAA,IACD;AACA,UAAM,QAAQ,MAAM;AAAA,MACnB;AAAA,MACA,OAAO,KAAK,IAAI,QAAQ,MAAM;AAAA,MAC9B;AAAA,QACC,OAAO,KAAK,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,QACC,WAAW,IAAI,SAAS,GAAG,GAAG;AAAA,QAC9B,QAAQ;AAAA,QACR,SAAS;AAAA,QACT,WAAW,CAAC,KAAK,KAAK,KAAK;AAAA,QAC3B,wBAAwB;AAAA,MACzB;AAAA,IACD;AACA,UAAM,IAAI,QAAQ,QAAQ,iBAAiB;AAAA,MAC1C;AAAA,MACA,KAAK;AAAA,IACN;AACA,WAAO,IAAI,KAAK;AAAA,MACf,QAAQ;AAAA,IACT,CAAC;AAAA,EACF;AACD;AAEO,IAAM,gBAAgB;AAAA,EAC5B;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,IACR,MAAMA,GAAE,OAAO;AAAA,MACd,OAAOA,GAAE,OAAO;AAAA,MAChB,aAAaA,GAAE,OAAO;AAAA,MACtB,aAAaA,GAAE,OAAO,EAAE,SAAS;AAAA,IAClC,CAAC;AAAA,EACF;AAAA,EACA,OAAO,QAAQ;AACd,UAAM,EAAE,OAAO,YAAY,IAAI,IAAI;AACnC,QAAI;AACH,YAAM,MAAM,MAAM;AAAA,QACjB;AAAA,QACA,OAAO,KAAK,IAAI,QAAQ,MAAM;AAAA,QAC9B;AAAA,MACD;AACA,YAAM,QAAQA,GACZ,OAAO,EACP,MAAM,EACN,MAAO,IAAI,QAA8B,KAAK;AAChD,YAAM,OAAO,MAAM,IAAI,QAAQ,gBAAgB,gBAAgB,KAAK;AACpE,UAAI,CAAC,MAAM;AACV,eAAO,IAAI,KAAK,MAAM;AAAA,UACrB,QAAQ;AAAA,UACR,YAAY;AAAA,UACZ,MAAM;AAAA,YACL,SAAS;AAAA,UACV;AAAA,QACD,CAAC;AAAA,MACF;AACA,UACC,YAAY,UACV,IAAI,QAAQ,QAAQ,kBAAkB,qBAAqB,MAC7D,YAAY,UACV,IAAI,QAAQ,QAAQ,kBAAkB,qBAAqB,KAC5D;AACD,eAAO,IAAI,KAAK,MAAM;AAAA,UACrB,QAAQ;AAAA,UACR,YAAY;AAAA,UACZ,MAAM;AAAA,YACL,SAAS;AAAA,UACV;AAAA,QACD,CAAC;AAAA,MACF;AACA,YAAM,WAAW,IAAIC,UAAS;AAC9B,YAAM,iBAAiB,MAAM,SAAS,KAAK,WAAW;AACtD,YAAM,cAAc,MAAM,IAAI,QAAQ,gBAAgB;AAAA,QACrD,KAAK,KAAK;AAAA,QACV;AAAA,MACD;AACA,UAAI,CAAC,aAAa;AACjB,eAAO,IAAI,KAAK,MAAM;AAAA,UACrB,QAAQ;AAAA,UACR,YAAY;AAAA,UACZ,MAAM;AAAA,YACL,SAAS;AAAA,UACV;AAAA,QACD,CAAC;AAAA,MACF;AACA,aAAO,IAAI,KAAK;AAAA,QACf,QAAQ;AAAA,QACR,KAAK,IAAI,KAAK;AAAA,QACd,UAAU,CAAC,CAAC,IAAI,KAAK;AAAA,MACtB,CAAC;AAAA,IACF,SAAS,GAAG;AACX,cAAQ,IAAI,CAAC;AACb,aAAO,IAAI,KAAK,MAAM;AAAA,QACrB,QAAQ;AAAA,QACR,YAAY;AAAA,QACZ,MAAM;AAAA,UACL,SAAS;AAAA,QACV;AAAA,MACD,CAAC;AAAA,IACF;AAAA,EACD;AACD;;;ACpJA,SAAS,YAAAC,iBAAgB;AACzB,SAAS,aAAAC,YAAW,eAAAC,oBAAmB;AACvC,SAAS,KAAAC,UAAS;AAGX,IAAM,wBAAwB;AAAA,EACpC;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,IACR,MAAMC,GAAE,OAAO;AAAA,MACd,OAAOA,GAAE,OAAO,EAAE,MAAM;AAAA,MACxB,aAAaA,GAAE,OAAO,EAAE,SAAS;AAAA,IAClC,CAAC;AAAA,EACF;AAAA,EACA,OAAO,QAAQ;AACd,QAAI,CAAC,IAAI,QAAQ,QAAQ,kBAAkB,uBAAuB;AACjE,aAAO,IAAI,KAAK,MAAM;AAAA,QACrB,QAAQ;AAAA,QACR,YAAY;AAAA,QACZ,MAAM;AAAA,UACL,SAAS;AAAA,QACV;AAAA,MACD,CAAC;AAAA,IACF;AACA,UAAM,EAAE,MAAM,IAAI,IAAI;AACtB,UAAM,QAAQ,MAAMC;AAAA,MACnB;AAAA,MACA,OAAO,KAAK,IAAI,QAAQ,MAAM;AAAA,MAC9B;AAAA,QACC,OAAO,MAAM,YAAY;AAAA,MAC1B;AAAA,MACA;AAAA,QACC,WAAW,IAAIC,UAAS,GAAG,GAAG;AAAA,QAC9B,QAAQ;AAAA,QACR,SAAS;AAAA,QACT,WAAW,CAAC,KAAK;AAAA,QACjB,wBAAwB;AAAA,MACzB;AAAA,IACD;AACA,UAAM,MAAM,GAAG,IAAI,QAAQ,OAAO,uBAAuB,KAAK,gBAAgB,IAAI,KAAK,WAAW;AAClG,UAAM,IAAI,QAAQ,QAAQ,iBAAiB;AAAA,MAC1C;AAAA,MACA;AAAA,IACD;AACA,WAAO,IAAI,KAAK;AAAA,MACf,QAAQ;AAAA,IACT,CAAC;AAAA,EACF;AACD;AAEO,IAAM,cAAc;AAAA,EAC1B;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,IACR,OAAOF,GAAE,OAAO;AAAA,MACf,OAAOA,GAAE,OAAO;AAAA,MAChB,aAAaA,GAAE,OAAO;AAAA,IACvB,CAAC;AAAA,EACF;AAAA,EACA,OAAO,QAAQ;AACd,UAAM,EAAE,MAAM,IAAI,IAAI;AACtB,QAAI;AACH,YAAM,MAAM,MAAMG;AAAA,QACjB;AAAA,QACA,OAAO,KAAK,IAAI,QAAQ,MAAM;AAAA,QAC9B;AAAA,MACD;AACA,YAAM,SAASH,GAAE,OAAO;AAAA,QACvB,OAAOA,GAAE,OAAO,EAAE,MAAM;AAAA,MACzB,CAAC;AACD,YAAM,SAAS,OAAO,MAAM,IAAI,OAAO;AACvC,YAAM,OAAO,MAAM,IAAI,QAAQ,gBAAgB;AAAA,QAC9C,OAAO;AAAA,MACR;AACA,UAAI,CAAC,MAAM;AACV,eAAO,IAAI,KAAK,MAAM;AAAA,UACrB,QAAQ;AAAA,UACR,YAAY;AAAA,UACZ,MAAM;AAAA,YACL,SAAS;AAAA,UACV;AAAA,QACD,CAAC;AAAA,MACF;AACA,YAAM,UAAU,KAAK,SAAS,KAAK,CAAC,MAAM,EAAE,eAAe,YAAY;AACvE,UAAI,CAAC,SAAS;AACb,eAAO,IAAI,KAAK,MAAM;AAAA,UACrB,QAAQ;AAAA,UACR,YAAY;AAAA,UACZ,MAAM;AAAA,YACL,SAAS;AAAA,UACV;AAAA,QACD,CAAC;AAAA,MACF;AACA,YAAM,IAAI,QAAQ,gBAAgB,kBAAkB,OAAO,OAAO;AAAA,QACjE,eAAe;AAAA,MAChB,CAAC;AACD,UAAI,IAAI,MAAM,aAAa;AAC1B,cAAM,IAAI,SAAS,IAAI,MAAM,WAAW;AAAA,MACzC;AACA,aAAO,IAAI,KAAK;AAAA,QACf,QAAQ;AAAA,MACT,CAAC;AAAA,IACF,SAAS,GAAG;AACX,aAAO,IAAI,KAAK,MAAM;AAAA,QACrB,QAAQ;AAAA,QACR,YAAY;AAAA,QACZ,MAAM;AAAA,UACL,SAAS;AAAA,QACV;AAAA,MACD,CAAC;AAAA,IACF;AAAA,EACD;AACD;;;AChHA,SAAS,YAAAI,WAAU,wBAAAC,6BAA4B;AAKxC,IAAM,eAAe;AAAA,EAC3B;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,IACR,UAAU;AAAA,EACX;AAAA,EACA,OAAO,QAAQ;AACd,UAAM,YAAY,MAAM,IAAI;AAAA,MAC3B,IAAI,QAAQ,YAAY,UAAU;AAAA,MAClC,IAAI,QAAQ;AAAA,IACb;AACA,QAAI,WAAW;AACd,aAAO;AAAA,QACN;AAAA,MACD;AAAA,IACD;AACA,UAAM,QAAQC,sBAAqB,IAAIC,UAAS,OAAO,OAAO,KAAK,CAAC;AACpE,UAAM,OAAO,MAAM,MAAM,IAAI,QAAQ,QAAQ,KAAK;AAClD,UAAM,SAAS,GAAG,KAAK,IAAI,IAAI;AAC/B,UAAM,IAAI;AAAA,MACT,IAAI,QAAQ,YAAY,UAAU;AAAA,MAClC;AAAA,MACA,IAAI,QAAQ;AAAA,MACZ,IAAI,QAAQ,YAAY,UAAU;AAAA,IACnC;AACA,WAAO;AAAA,MACN,WAAW;AAAA,IACZ;AAAA,EACD;AACD;;;AChCO,IAAM,KAAK;AAAA,EACjB;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,EACT;AAAA,EACA,OAAO,QAAQ;AACd,WAAO,IAAI,KAAK;AAAA,MACf,IAAI;AAAA,IACL,CAAC;AAAA,EACF;AACD;AAEO,IAAM,UAAU;AAAA,EACtB;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,EACT;AAAA,EACA,YAAY;AACX,WAAO,IAAI,SAAS,wBAAwB;AAAA,EAC7C;AACD;;;ACtBA,SAAS,YAAAC,WAAU,wBAAAC,6BAA4B;AAC/C,SAAS,YAAAC,iBAAgB;AACzB,SAAS,KAAAC,UAAS;AAGX,IAAM,cAAc;AAAA,EAC1B;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,IACR,MAAMC,GAAE,OAAO;AAAA,MACd,MAAMA,GAAE,OAAO;AAAA,MACf,OAAOA,GAAE,OAAO,EAAE,MAAM;AAAA,MACxB,UAAUA,GAAE,OAAO;AAAA,MACnB,OAAOA,GAAE,OAAO,EAAE,SAAS;AAAA,MAC3B,aAAaA,GAAE,OAAO,EAAE,SAAS;AAAA,IAClC,CAAC;AAAA,EACF;AAAA,EACA,OAAO,QAAQ;AACd,QAAI,CAAC,IAAI,QAAQ,QAAQ,kBAAkB,SAAS;AACnD,aAAO,IAAI,KAAK,MAAM;AAAA,QACrB,QAAQ;AAAA,QACR,MAAM;AAAA,UACL,SAAS;AAAA,QACV;AAAA,MACD,CAAC;AAAA,IACF;AACA,UAAM,EAAE,MAAM,OAAO,UAAU,MAAM,IAAI,IAAI;AAC7C,UAAM,oBACL,IAAI,QAAQ,SAAS,kBAAkB,qBAAqB;AAC7D,QAAI,SAAS,SAAS,mBAAmB;AACxC,UAAI,QAAQ,OAAO,MAAM,uBAAuB;AAChD,aAAO,IAAI,KAAK,MAAM;AAAA,QACrB,QAAQ;AAAA,QACR,MAAM,EAAE,SAAS,wBAAwB;AAAA,MAC1C,CAAC;AAAA,IACF;AACA,UAAM,WAAW,IAAIC,UAAS;AAC9B,UAAM,SAAS,MAAM,IAAI,QAAQ,gBAAgB,gBAAgB,KAAK;AAItE,UAAM,OAAO,MAAM,SAAS,KAAK,QAAQ;AACzC,QAAI,QAAQ,MAAM;AACjB,aAAO,IAAI,KAAK,MAAM;AAAA,QACrB,QAAQ;AAAA,QACR,MAAM;AAAA,UACL,SAAS;AAAA,QACV;AAAA,MACD,CAAC;AAAA,IACF;AACA,UAAM,cAAc,MAAM,IAAI,QAAQ,gBAAgB,WAAW;AAAA,MAChE,IAAIC,sBAAqB,IAAIC,UAAS,OAAO,OAAO,KAAK,CAAC;AAAA,MAC1D,OAAO,MAAM,YAAY;AAAA,MACzB;AAAA,MACA;AAAA,MACA,eAAe;AAAA,MACf,WAAW,oBAAI,KAAK;AAAA,MACpB,WAAW,oBAAI,KAAK;AAAA,IACrB,CAAC;AAID,UAAM,IAAI,QAAQ,gBAAgB,YAAY;AAAA,MAC7C,IAAID,sBAAqB,IAAIC,UAAS,OAAO,OAAO,KAAK,CAAC;AAAA,MAC1D,QAAQ,YAAY;AAAA,MACpB,YAAY;AAAA,MACZ,WAAW,YAAY;AAAA,MACvB,UAAU;AAAA,IACX,CAAC;AACD,UAAM,UAAU,MAAM,IAAI,QAAQ,gBAAgB;AAAA,MACjD,YAAY;AAAA,MACZ,IAAI;AAAA,IACL;AACA,UAAM,IAAI;AAAA,MACT,IAAI,QAAQ,YAAY,aAAa;AAAA,MACrC,QAAQ;AAAA,MACR,IAAI,QAAQ;AAAA,MACZ,IAAI,QAAQ,YAAY,aAAa;AAAA,IACtC;AACA,WAAO,IAAI;AAAA,MACV;AAAA,QACC,MAAM;AAAA,QACN;AAAA,MACD;AAAA,MACA;AAAA,QACC,MAAM,IAAI,KAAK,cACZ;AAAA,UACA,KAAK,IAAI,KAAK;AAAA,UACd,UAAU;AAAA,QACX,IACC;AAAA,UACA,MAAM;AAAA,UACN;AAAA,QACD;AAAA,MACH;AAAA,IACD;AAAA,EACD;AACD;;;AC/FA,IAAM,OAAO,CAAC,YAAoB,cAAc;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,mEA6EmB,SAAS;AAAA;AAAA;AAAA;AAKrE,IAAM,QAAQ;AAAA,EACpB;AAAA,EACA;AAAA,IACC,QAAQ;AAAA,EACT;AAAA,EACA,OAAO,MAAM;AACZ,UAAM,QACL,IAAI,IAAI,EAAE,SAAS,OAAO,EAAE,EAAE,aAAa,IAAI,OAAO,KAAK;AAC5D,WAAO,IAAI,SAAS,KAAK,KAAK,GAAG;AAAA,MAChC,SAAS;AAAA,QACR,gBAAgB;AAAA,MACjB;AAAA,IACD,CAAC;AAAA,EACF;AACD;;;A9B5EO,IAAM,SAAS,CACrB,QACI;AACJ,QAAM,kBAAkB,IAAI,QAAQ,SAAS;AAAA,IAC5C,CAAC,KAAK,WAAW;AAChB,aAAO;AAAA,QACN,GAAG;AAAA,QACH,GAAG,OAAO;AAAA,MACX;AAAA,IACD;AAAA,IACA,CAAC;AAAA,EACF;AAEA,QAAM,cACL,IAAI,QAAQ,SACT;AAAA,IAAI,CAAC,WACN,OAAO,aAAa,IAAI,CAAC,MAAM;AAC9B,YAAM,aAAc,OAAO,YAAiB;AAC3C,eAAO,EAAE,WAAW;AAAA,UACnB,GAAG;AAAA,UACH,SAAS;AAAA,YACR,GAAG;AAAA,YACH,GAAG,QAAQ;AAAA,UACZ;AAAA,QACD,CAAC;AAAA,MACF;AACA,iBAAW,OAAO,EAAE;AACpB,iBAAW,UAAU,EAAE,WAAW;AAClC,iBAAW,UAAU,EAAE,WAAW;AAClC,aAAO;AAAA,QACN,MAAM,EAAE;AAAA,QACR;AAAA,MACD;AAAA,IACD,CAAC;AAAA,EACF,EACC,OAAO,CAAC,WAAW,WAAW,MAAS,EACvC,KAAK,KAAK,CAAC;AAEd,iBAAe,aACdC,MAOC;AACD,UAAM,UAAU,MAAM,WAAWA,IAAG;AACpC,WAAO;AAAA,EAIR;AACA,eAAa,OAAO,WAAW;AAC/B,eAAa,SAAS,WAAW;AACjC,eAAa,UAAU,WAAW;AAClC,eAAa,UAAU,WAAW;AAElC,QAAM,gBAAgB;AAAA,IACrB;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACD;AACA,QAAM,YAAY;AAAA,IACjB,GAAG;AAAA,IACH,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,EACD;AACA,MAAI,MAA2B,CAAC;AAChC,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,SAAS,GAAG;AACrD,QAAI,GAAG,IAAI,OAAO,YAAiB;AAClC,iBAAW,UAAU,IAAI,QAAQ,WAAW,CAAC,GAAG;AAC/C,YAAI,OAAO,OAAO,QAAQ;AACzB,qBAAW,QAAQ,OAAO,MAAM,QAAQ;AACvC,kBAAM,QAAQ,KAAK,QAAQ;AAAA,cAC1B,GAAG;AAAA,cACH,GAAG;AAAA,YACJ,CAAC;AACD,gBAAI,OAAO;AACV,oBAAM,UAAU,MAAM,KAAK,QAAQ,OAAO;AAC1C,kBAAI,WAAW,aAAa,SAAS;AACpC,0BAAU;AAAA,kBACT,GAAG;AAAA,kBACH,GAAG,QAAQ;AAAA,kBACX,GAAG;AAAA,gBACJ;AAAA,cACD;AAAA,YACD;AAAA,UACD;AAAA,QACD;AAAA,MACD;AAEA,YAAM,cAAc,MAAM;AAAA,QACzB,GAAG;AAAA,QACH,SAAS;AAAA,UACR,GAAG;AAAA,UACH,GAAG,QAAQ;AAAA,QACZ;AAAA,MACD,CAAC;AACD,UAAI,WAAW;AACf,iBAAW,UAAU,IAAI,QAAQ,WAAW,CAAC,GAAG;AAC/C,YAAI,OAAO,OAAO,OAAO;AACxB,qBAAW,QAAQ,OAAO,MAAM,OAAO;AACtC,kBAAM,QAAQ,KAAK,QAAQ,OAAO;AAClC,gBAAI,OAAO;AACV,oBAAM,MAAM,OAAO,OAAO,SAAS;AAAA,gBAClC,UAAU;AAAA,cACX,CAAC;AACD,oBAAM,UAAU,MAAM,KAAK,QAAQ,GAAG;AACtC,kBAAI,WAAW,cAAc,SAAS;AACrC,2BAAW,QAAQ;AAAA,cACpB;AAAA,YACD;AAAA,UACD;AAAA,QACD;AAAA,MACD;AACA,aAAO;AAAA,IACR;AACA,QAAI,GAAG,EAAE,OAAO,MAAM;AACtB,QAAI,GAAG,EAAE,SAAS,MAAM;AACxB,QAAI,GAAG,EAAE,UAAU,MAAM;AACzB,QAAI,GAAG,EAAE,UAAU,MAAM;AAAA,EAC1B;AACA,SAAO,aAAa,KAA6B;AAAA,IAChD,cAAc;AAAA,IACd,UAAU,IAAI,QAAQ;AAAA,IACtB,kBAAkB;AAAA,MACjB;AAAA,QACC,MAAM;AAAA,QACN,YAAY;AAAA,MACb;AAAA,MACA,GAAG;AAAA,IACJ;AAAA;AAAA;AAAA;AAAA,IAIA,MAAM,kBAAkB,KAAK;AAC5B,UAAI,OAA4B,CAAC;AACjC,UAAI;AACH,eAAO,MAAM,IAAI,KAAK;AAAA,MACvB,SAAS,GAAG;AACX,eAAO;AAAA,MACR;AACA,UAAI,MAAM,MAAM;AACf,aAAK,OAAO,UAAU,IAAI,SAAS,KAAK,IAAI;AAAA,MAC7C;AACA,UAAI,MAAM,SAAS;AAClB,aAAK,UAAU,aAAa,IAAI,SAAS,KAAK,OAAO;AAAA,MACtD;AACA,UAAI,MAAM,SAAS;AAClB,aAAK,UAAU,aAAa,IAAI,SAAS,KAAK,OAAO;AAAA,MACtD;AACA,aAAO,IAAI,SAAS,OAAO,KAAK,UAAU,IAAI,IAAI,MAAM;AAAA,QACvD,SAAS,IAAI;AAAA,QACb,QAAQ,IAAI;AAAA,QACZ,YAAY,IAAI;AAAA,MACjB,CAAC;AAAA,IACF;AAAA,IACA,QAAQ,GAAG;AACV,cAAQ,IAAI,CAAC;AAAA,IACd;AAAA,EACD,CAAC;AACF;;;A+BlMA,OAAO,cAAc;AACrB,SAAS,cAAc;AACvB;AAAA,EAEC;AAAA,EACA;AAAA,EACA;AAAA,OACM;AACP,SAAS,kBAAkB;AAC3B,OAAO,QAAQ;AAKf,IAAM,EAAE,KAAK,IAAI;AAEjB,SAAS,aAAa,GAAa;AAClC,MAAI,CAAC;AACJ,WAAO;AAAA,MACN,KAAK;AAAA,MACL,IAAI;AAAA,IACL;AACD,QAAM,MAAM,GACT,OAAO,CAACC,OAAMA,GAAE,cAAc,SAAS,CAACA,GAAE,SAAS,EACpD;AAAA,IACA,CAAC,KAAKA,QACJ;AAAA,MACA,GAAG;AAAA,MACH,CAACA,GAAE,KAAK,GAAGA,GAAE;AAAA,IACd;AAAA,IACD,CAAC;AAAA,EACF;AACD,QAAM,KAAK,GACR,OAAO,CAACA,OAAMA,GAAE,cAAc,IAAI,EACnC;AAAA,IACA,CAAC,KAAKA,QACJ;AAAA,MACA,GAAG;AAAA,MACH,CAACA,GAAE,KAAK,GAAGA,GAAE;AAAA,IACd;AAAA,IACD,CAAC;AAAA,EACF;AACD,SAAO;AAAA,IACN,KAAK,OAAO,KAAK,GAAG,EAAE,SAAS,MAAM;AAAA,IACrC,IAAI,OAAO,KAAK,EAAE,EAAE,SAAS,KAAK;AAAA,EACnC;AACD;AAEA,SAAS,YACR,KACA,QACA,WACC;AACD,aAAW,OAAO,KAAK;AACtB,QACC,IAAI,GAAG,MAAM,KACb,OAAO,GAAG,GAAG,SAAS,aACtB,WAAW,SACV;AACD,UAAI,GAAG,IAAI;AAAA,IACZ;AACA,QACC,IAAI,GAAG,MAAM,KACb,OAAO,GAAG,GAAG,SAAS,aACtB,WAAW,SACV;AACD,UAAI,GAAG,IAAI;AAAA,IACZ;AACA,QAAI,OAAO,GAAG,GAAG,SAAS,QAAQ;AACjC,UAAI,EAAE,IAAI,GAAG,aAAa,OAAO;AAChC,YAAI,GAAG,IAAI,IAAI,KAAK,IAAI,GAAG,CAAC;AAAA,MAC7B;AAAA,IACD;AAAA,EACD;AACA,SAAO;AACR;AAEA,SAAS,cAAc,KAAU,WAA6C;AAC7E,aAAW,OAAO,KAAK;AACtB,QAAI,OAAO,IAAI,GAAG,MAAM,aAAa,WAAW,SAAS;AACxD,UAAI,GAAG,IAAI,IAAI,GAAG,IAAI,IAAI;AAAA,IAC3B;AACA,QAAI,IAAI,GAAG,aAAa,MAAM;AAC7B,UAAI,GAAG,IAAI,IAAI,GAAG,EAAE,YAAY;AAAA,IACjC;AAAA,EACD;AACA,SAAO;AACR;AAeO,IAAM,gBAAgB,CAC5B,IACA,WACa;AACb,SAAO;AAAA,IACN,MAAM,OAAO,MAAM;AAClB,UAAI,EAAE,OAAO,MAAM,KAAK,OAAO,IAAI;AACnC,UAAI,QAAQ,WAAW;AACtB,cAAM,cAAc,KAAK,OAAO,SAAS;AAAA,MAC1C;AACA,UAAI,MAAM,MAAM,GACd,WAAW,KAAK,EAChB,OAAO,GAAU,EACjB,aAAa,EACb,iBAAiB;AAEnB,UAAI,QAAQ,WAAW;AACtB,cAAM,SAAS,OAAO,UAAU,OAAO,KAAK;AAC5C,cAAM,SAAS,YAAY,KAAK,QAAQ,OAAO,SAAS,IAAI;AAAA,MAC7D;AAEA,UAAI,QAAQ,QAAQ;AACnB,cAAMC,QAAO,MACV,OAAO,OAAO,CAAC,KAAK,QAAQ;AAC5B,cAAI,MAAM,GAAG,GAAG;AACf,mBAAO;AAAA,cACN,GAAG;AAAA,cACH,CAAC,GAAG,GAAG,IAAI,GAAG;AAAA,YACf;AAAA,UACD;AACA,iBAAO;AAAA,QACR,GAAG,CAAC,CAAQ,IACX;AACH,cAAMA;AAAA,MACP;AAEA,aAAO;AAAA,IACR;AAAA,IACA,MAAM,QAAQ,MAAM;AACnB,YAAM,EAAE,OAAO,OAAO,OAAO,IAAI;AACjC,YAAM,EAAE,KAAK,GAAG,IAAI,aAAa,KAAK;AACtC,UAAI,QAAQ,GAAG,WAAW,KAAK,EAAE,UAAU;AAC3C,UAAI,IAAI;AACP,gBAAQ,MAAM,MAAM,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;AAAA,MACtC;AACA,UAAI,KAAK;AACR,gBAAQ,MAAM,MAAM,CAAC,OAAO,GAAG,IAAI,GAAG,CAAC;AAAA,MACxC;AACA,UAAI,MAAM,MAAM,MAAM,iBAAiB;AACvC,UAAI,QAAQ,QAAQ;AACnB,cAAMA,QAAO,MACV,OAAO,OAAO,CAAC,KAAK,QAAQ;AAC5B,cAAI,MAAM,GAAG,GAAG;AACf,mBAAO;AAAA,cACN,GAAG;AAAA,cACH,CAAC,GAAG,GAAG,IAAI,GAAG;AAAA,YACf;AAAA,UACD;AACA,iBAAO;AAAA,QACR,GAAG,CAAC,CAAQ,IACX;AACH,cAAMA;AAAA,MACP;AAEA,UAAI,QAAQ,WAAW;AACtB,cAAM,SAAS,OAAO,UAAU,OAAO,KAAK;AAC5C,cAAM,OAAO,SAAS,YAAY,KAAK,QAAQ,OAAO,SAAS,IAAI;AAEnE,eAAO,OAAO;AAAA,MACf;AACA,aAAQ,OAAO;AAAA,IAChB;AAAA,IACA,MAAM,SAAS,MAAM;AACpB,YAAM,EAAE,OAAO,MAAM,IAAI;AACzB,UAAI,QAAQ,GAAG,WAAW,KAAK;AAC/B,YAAM,EAAE,KAAK,GAAG,IAAI,aAAa,KAAK;AACtC,UAAI,KAAK;AACR,gBAAQ,MAAM,MAAM,CAAC,OAAO,GAAG,IAAI,GAAG,CAAC;AAAA,MACxC;AACA,UAAI,IAAI;AACP,gBAAQ,MAAM,MAAM,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;AAAA,MACtC;AACA,YAAM,MAAM,MAAM,MAAM,UAAU,EAAE,QAAQ;AAC5C,UAAI,QAAQ,WAAW;AACtB,cAAM,SAAS,OAAO,UAAU,OAAO,KAAK;AAC5C,eAAO,SACJ,IAAI,IAAI,CAAC,MAAM,YAAY,GAAG,QAAQ,OAAO,SAAS,CAAC,IACvD;AAAA,MACJ;AACA,aAAO;AAAA,IACR;AAAA,IACA,MAAM,OAAO,MAAM;AAClB,UAAI,EAAE,OAAO,OAAO,QAAQ,IAAI,IAAI;AACpC,YAAM,EAAE,KAAK,GAAG,IAAI,aAAa,KAAK;AAEtC,UAAI,QAAQ,WAAW;AACtB,cAAM,cAAc,KAAK,OAAO,SAAS;AAAA,MAC1C;AAEA,UAAI,QAAQ,GAAG,YAAY,KAAK,EAAE,IAAI,GAAG;AACzC,UAAI,KAAK;AACR,gBAAQ,MAAM,MAAM,CAAC,OAAO,GAAG,IAAI,GAAG,CAAC;AAAA,MACxC;AACA,UAAI,IAAI;AACP,gBAAQ,MAAM,MAAM,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;AAAA,MACtC;AACA,YAAM,MAAM,MAAM,MAAM,aAAa,EAAE,iBAAiB;AACxD,UAAI,QAAQ,WAAW;AACtB,cAAM,SAAS,OAAO,UAAU,OAAO,KAAK;AAC5C,eAAO,SAAS,YAAY,KAAK,QAAQ,OAAO,SAAS,IAAI;AAAA,MAC9D;AACA,aAAO;AAAA,IACR;AAAA,IACA,MAAM,OAAO,MAAM;AAClB,YAAM,EAAE,OAAO,MAAM,IAAI;AACzB,YAAM,EAAE,KAAK,GAAG,IAAI,aAAa,KAAK;AACtC,UAAI,QAAQ,GAAG,WAAW,KAAK;AAE/B,UAAI,KAAK;AACR,gBAAQ,MAAM,MAAM,CAAC,OAAO,GAAG,IAAI,GAAG,CAAC;AAAA,MACxC;AACA,UAAI,IAAI;AACP,gBAAQ,MAAM,MAAM,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;AAAA,MACtC;AAEA,YAAM,MAAM,QAAQ;AAAA,IACrB;AAAA,EACD;AACD;AAEO,IAAM,aAAa,CAAC,WAA8B;AACxD,MAAI,CAAC,OAAO,UAAU;AACrB,WAAO;AAAA,EACR;AACA,MAAI,UAA0B;AAC9B,MAAI,cAAc,OAAO,UAAU;AAClC,UAAM,WAAW,OAAO,SAAS;AACjC,UAAM,mBAAmB,OAAO,SAAS,IAAI,KAAK;AAClD,QAAI,aAAa,YAAY;AAC5B,YAAM,OAAO,IAAI,KAAK;AAAA,QACrB;AAAA,MACD,CAAC;AACD,gBAAU,IAAI,gBAAgB;AAAA,QAC7B;AAAA,MACD,CAAC;AAAA,IACF;AACA,QAAI,aAAa,SAAS;AACzB,YAAM,SAAS,IAAI,IAAI,gBAAgB;AACvC,YAAM,OAAO,WAAW;AAAA,QACvB,MAAM,OAAO;AAAA,QACb,MAAM,OAAO;AAAA,QACb,UAAU,OAAO;AAAA,QACjB,UAAU,OAAO,SAAS,MAAM,GAAG,EAAE,CAAC;AAAA,QACtC,MAAM,OAAO,OAAO,IAAI;AAAA,MACzB,CAAC;AACD,gBAAU,IAAI,aAAa,EAAE,KAAK,CAAC;AAAA,IACpC;AAEA,QAAI,aAAa,UAAU;AAC1B,YAAM,KAAK,IAAI,SAAS,gBAAgB;AACxC,gBAAU,IAAI,cAAc;AAAA,QAC3B,UAAU;AAAA,MACX,CAAC;AAAA,IACF;AAAA,EACD;AACA,SAAO;AACR;AAEO,IAAM,sBAAsB,CAAC,WAA8B;AACjE,QAAM,UAAU,WAAW,MAAM;AACjC,MAAI,CAAC,SAAS;AACb,WAAO;AAAA,EACR;AACA,QAAM,KAAK,IAAI,OAAY;AAAA,IAC1B;AAAA,EACD,CAAC;AACD,SAAO;AACR;AAEO,IAAM,kBAAkB,CAAC,WAA8B;AAC7D,MAAI,cAAc,OAAO,UAAU;AAClC,WAAO,OAAO,SAAS;AAAA,EACxB;AACA,MAAI,aAAa,OAAO,UAAU;AACjC,QAAI,OAAO,SAAS,mBAAmB,iBAAiB;AACvD,aAAO;AAAA,IACR;AACA,QAAI,OAAO,SAAS,mBAAmB,cAAc;AACpD,aAAO;AAAA,IACR;AACA,QAAI,OAAO,SAAS,mBAAmB,eAAe;AACrD,aAAO;AAAA,IACR;AAAA,EACD;AACA,SAAO;AACR;;;AC7RO,IAAM,gBAAgB,CAAC,YAA+B;AAC5D,QAAM,eAAe,QAAQ,SAAS,OAAO,CAAC,KAAK,WAAW;AAC7D,UAAM,SAAS,OAAO;AACtB,WAAO;AAAA,MACN,GAAG;AAAA,MACH,GAAG;AAAA,IACJ;AAAA,EACD,GAAG,CAAC,CAAC;AAEL,SAAO;AAAA,IACN,GAAG;AAAA,IACH,MAAM;AAAA,MACL,WAAW,QAAQ,MAAM,aAAa;AAAA,MACtC,QAAQ;AAAA,QACP,MAAM;AAAA,UACL,MAAM;AAAA,QACP;AAAA,QACA,OAAO;AAAA,UACN,MAAM;AAAA,QACP;AAAA,QACA,eAAe;AAAA,UACd,MAAM;AAAA,UACN,cAAc,MAAM;AAAA,QACrB;AAAA,QACA,OAAO;AAAA,UACN,MAAM;AAAA,UACN,UAAU;AAAA,QACX;AAAA,QACA,WAAW;AAAA,UACV,MAAM;AAAA,UACN,cAAc,MAAM,oBAAI,KAAK;AAAA,QAC9B;AAAA,QACA,WAAW;AAAA,UACV,MAAM;AAAA,UACN,cAAc,MAAM,oBAAI,KAAK;AAAA,QAC9B;AAAA,MACD;AAAA,IACD;AAAA,IACA,SAAS;AAAA,MACR,WAAW,QAAQ,SAAS,aAAa;AAAA,MACzC,QAAQ;AAAA,QACP,WAAW;AAAA,UACV,MAAM;AAAA,QACP;AAAA,QACA,WAAW;AAAA,UACV,MAAM;AAAA,UACN,UAAU;AAAA,QACX;AAAA,QACA,WAAW;AAAA,UACV,MAAM;AAAA,UACN,UAAU;AAAA,QACX;AAAA,QACA,QAAQ;AAAA,UACP,MAAM;AAAA,UACN,YAAY;AAAA,YACX,OAAO;AAAA,YACP,OAAO;AAAA,YACP,UAAU;AAAA,UACX;AAAA,QACD;AAAA,MACD;AAAA,IACD;AAAA,IACA,SAAS;AAAA,MACR,WAAW,QAAQ,SAAS,aAAa;AAAA,MACzC,QAAQ;AAAA,QACP,WAAW;AAAA,UACV,MAAM;AAAA,QACP;AAAA,QACA,YAAY;AAAA,UACX,MAAM;AAAA,QACP;AAAA,QACA,QAAQ;AAAA,UACP,MAAM;AAAA,UACN,YAAY;AAAA,YACX,OAAO;AAAA,YACP,OAAO;AAAA,YACP,UAAU;AAAA,UACX;AAAA,QACD;AAAA,QACA,aAAa;AAAA,UACZ,MAAM;AAAA,UACN,UAAU;AAAA,QACX;AAAA,QACA,cAAc;AAAA,UACb,MAAM;AAAA,UACN,UAAU;AAAA,QACX;AAAA,QACA,SAAS;AAAA,UACR,MAAM;AAAA,UACN,UAAU;AAAA,QACX;AAAA,QACA,sBAAsB;AAAA,UACrB,MAAM;AAAA,UACN,UAAU;AAAA,QACX;AAAA,QACA,uBAAuB;AAAA,UACtB,MAAM;AAAA,UACN,UAAU;AAAA,QACX;AAAA,QACA,UAAU;AAAA,UACT,MAAM;AAAA,UACN,UAAU;AAAA,QACX;AAAA,MACD;AAAA,IACD;AAAA,EACD;AACD;;;AChHO,SAAS,WAAW,SAAqC;AAC/D,MAAI,CAAC,QAAQ,UAAU;AACtB,UAAM,IAAI,gBAAgB,oCAAoC;AAAA,EAC/D;AACA,MAAI,cAAc,QAAQ,UAAU;AACnC,UAAM,KAAK,oBAAoB,OAAO;AACtC,QAAI,CAAC,IAAI;AACR,YAAM,IAAI,gBAAgB,uCAAuC;AAAA,IAClE;AACA,UAAM,SAAS,cAAc,OAAO;AACpC,WAAO,cAAc,IAAI;AAAA,MACxB,WAAW;AAAA,QACV,QAAQ;AAAA,UACP,CAAC,OAAO,KAAK,SAAS,GAAG,OAAO,KAAK;AAAA,UACrC,CAAC,OAAO,QAAQ,SAAS,GAAG,OAAO,QAAQ;AAAA,UAC3C,CAAC,OAAO,QAAQ,SAAS,GAAG,OAAO,QAAQ;AAAA,QAC5C;AAAA,QACA,MAAM;AAAA,QACN,SAAS,gBAAgB,OAAO,MAAM;AAAA,MACvC;AAAA,IACD,CAAC;AAAA,EACF;AACA,SAAO,QAAQ;AAChB;;;AC7BA,SAAS,YAAAC,WAAU,wBAAAC,6BAA4B;;;ACAxC,IAAM,UAAU,CAAC,SAAiB;AACxC,QAAM,OAAO,oBAAI,KAAK;AACtB,SAAO,IAAI,KAAK,KAAK,QAAQ,IAAI,IAAI;AACtC;;;ADIO,IAAM,wBAAwB,CACpC,SACA,YACI;AACJ,QAAM,oBAAoB,QAAQ,SAAS,aAAa,KAAK,KAAK,KAAK;AACvE,QAAM,SAAS,cAAc,OAAO;AACpC,SAAO;AAAA,IACN,iBAAiB,OAAO,MAAY,YAAqB;AACxD,UAAI;AACH,cAAM,cAAc,MAAM,QAAQ,OAAO;AAAA,UACxC,OAAO,OAAO,KAAK;AAAA,UACnB,MAAM;AAAA,QACP,CAAC;AACD,cAAM,iBAAiB,MAAM,QAAQ,OAAO;AAAA,UAC3C,OAAO,OAAO,QAAQ;AAAA,UACtB,MAAM;AAAA,QACP,CAAC;AACD,eAAO;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,QACV;AAAA,MACD,SAAS,GAAG;AACX,gBAAQ,IAAI,CAAC;AACb,eAAO;AAAA,MACR;AAAA,IACD;AAAA,IACA,YAAY,OAAO,SAAe;AACjC,YAAM,cAAc,MAAM,QAAQ,OAAa;AAAA,QAC9C,OAAO,OAAO,KAAK;AAAA,QACnB,MAAM;AAAA,MACP,CAAC;AACD,aAAO;AAAA,IACR;AAAA,IACA,eAAe,OAAO,QAAgB,YAAsB;AAC3D,YAAM,OAAgB;AAAA,QACrB,IAAIC,sBAAqB,IAAIC,UAAS,OAAO,OAAO,KAAK,CAAC;AAAA,QAC1D;AAAA,QACA,WAAW,QAAQ,iBAAiB;AAAA,QACpC,WAAW,SAAS,QAAQ,IAAI,iBAAiB,KAAK;AAAA,QACtD,WAAW,SAAS,QAAQ,IAAI,YAAY,KAAK;AAAA,MAClD;AACA,YAAM,UAAU,QAAQ,OAAgB;AAAA,QACvC,OAAO,OAAO,QAAQ;AAAA,QACtB;AAAA,MACD,CAAC;AACD,aAAO;AAAA,IACR;AAAA,IACA,aAAa,OAAO,cAAsB;AACzC,YAAM,UAAU,MAAM,QAAQ,QAAiB;AAAA,QAC9C,OAAO,OAAO,QAAQ;AAAA,QACtB,OAAO;AAAA,UACN;AAAA,YACC,OAAO;AAAA,YACP,OAAO;AAAA,UACR;AAAA,QACD;AAAA,MACD,CAAC;AACD,UAAI,CAAC,SAAS;AACb,eAAO;AAAA,MACR;AACA,YAAM,OAAO,MAAM,QAAQ,QAAc;AAAA,QACxC,OAAO,OAAO,KAAK;AAAA,QACnB,OAAO;AAAA,UACN;AAAA,YACC,OAAO,QAAQ;AAAA,YACf,OAAO;AAAA,UACR;AAAA,QACD;AAAA,MACD,CAAC;AACD,UAAI,CAAC,MAAM;AACV,eAAO;AAAA,MACR;AACA,aAAO;AAAA,QACN;AAAA,QACA;AAAA,MACD;AAAA,IACD;AAAA,IACA,eAAe,OAAO,YAAqB;AAC1C,YAAM,YACL,QAAQ,SAAS,cAAc,SAC5B,MACA,QAAQ,SAAS;AACrB,YAAM,aAAa,cAAc,IAAI,IAAI,QAAQ,SAAS,EAAE,QAAQ;AACpE,YAAM,SAAS,QAAQ,iBAAiB;AACxC,YAAM,kBACL,QAAQ,UAAU,QAAQ,IAAI,OAAO,QAAQ,IAAI,cACjD,KAAK,IAAI;AACV,UAAI,iBAAiB;AACpB,cAAM,iBAAiB,MAAM,QAAQ,OAAgB;AAAA,UACpD,OAAO,OAAO,QAAQ;AAAA,UACtB,MAAM;AAAA,YACL,GAAG;AAAA,YACH,IAAID,sBAAqB,IAAIC,UAAS,OAAO,OAAO,KAAK,CAAC;AAAA,YAC1D,WAAW,IAAI,KAAK,KAAK,IAAI,IAAI,iBAAiB;AAAA,UACnD;AAAA,QACD,CAAC;AACD,cAAM,QAAQ,OAAgB;AAAA,UAC7B,OAAO,OAAO,QAAQ;AAAA,UACtB,OAAO;AAAA,YACN;AAAA,cACC,OAAO;AAAA,cACP,OAAO,QAAQ;AAAA,YAChB;AAAA,UACD;AAAA,UACA,QAAQ;AAAA;AAAA;AAAA;AAAA;AAAA,YAKP,WAAW,IAAI,KAAK,KAAK,IAAI,IAAI,MAAO,KAAK,CAAC;AAAA,UAC/C;AAAA,QACD,CAAC;AACD,eAAO;AAAA,MACR;AAEA,aAAO;AAAA,IACR;AAAA,IACA,eAAe,OAAO,OAAe;AACpC,YAAM,UAAU,MAAM,QAAQ,OAAgB;AAAA,QAC7C,OAAO,OAAO,QAAQ;AAAA,QACtB,OAAO;AAAA,UACN;AAAA,YACC,OAAO;AAAA,YACP,OAAO;AAAA,UACR;AAAA,QACD;AAAA,MACD,CAAC;AACD,aAAO;AAAA,IACR;AAAA,IACA,iBAAiB,OAAO,UAAkB;AACzC,YAAM,OAAO,MAAM,QAAQ,QAAc;AAAA,QACxC,OAAO,OAAO,KAAK;AAAA,QACnB,OAAO;AAAA,UACN;AAAA,YACC,OAAO,MAAM,YAAY;AAAA,YACzB,OAAO;AAAA,UACR;AAAA,QACD;AAAA,MACD,CAAC;AACD,UAAI,CAAC,KAAM,QAAO;AAClB,YAAM,WAAW,MAAM,QAAQ,SAAkB;AAAA,QAChD,OAAO,OAAO,QAAQ;AAAA,QACtB,OAAO;AAAA,UACN;AAAA,YACC,OAAO,KAAK;AAAA,YACZ,OAAO;AAAA,UACR;AAAA,QACD;AAAA,MACD,CAAC;AACD,aAAO;AAAA,QACN;AAAA,QACA;AAAA,MACD;AAAA,IACD;AAAA,IACA,cAAc,OAAO,WAAmB;AACvC,YAAM,OAAO,MAAM,QAAQ,QAAc;AAAA,QACxC,OAAO,OAAO,KAAK;AAAA,QACnB,OAAO;AAAA,UACN;AAAA,YACC,OAAO;AAAA,YACP,OAAO;AAAA,UACR;AAAA,QACD;AAAA,MACD,CAAC;AACD,aAAO;AAAA,IACR;AAAA,IACA,aAAa,OAAO,YAAqB;AACxC,YAAM,WAAW,MAAM,QAAQ,OAAgB;AAAA,QAC9C,OAAO,OAAO,QAAQ;AAAA,QACtB,MAAM;AAAA,MACP,CAAC;AACD,aAAO;AAAA,IACR;AAAA,IACA,mBAAmB,OAClB,OACA,SACI;AACJ,YAAM,OAAO,MAAM,QAAQ,OAAa;AAAA,QACvC,OAAO,OAAO,KAAK;AAAA,QACnB,OAAO;AAAA,UACN;AAAA,YACC,OAAO;AAAA,YACP,OAAO;AAAA,UACR;AAAA,QACD;AAAA,QACA,QAAQ;AAAA,MACT,CAAC;AACD,aAAO;AAAA,IACR;AAAA,IACA,gBAAgB,OAAO,QAAgB,aAAqB;AAC3D,YAAM,UAAU,MAAM,QAAQ,OAAgB;AAAA,QAC7C,OAAO,OAAO,QAAQ;AAAA,QACtB,OAAO;AAAA,UACN;AAAA,YACC,OAAO;AAAA,YACP,OAAO;AAAA,UACR;AAAA,UACA;AAAA,YACC,OAAO;AAAA,YACP,OAAO;AAAA,UACR;AAAA,QACD;AAAA,QACA,QAAQ;AAAA,UACP;AAAA,QACD;AAAA,MACD,CAAC;AACD,aAAO;AAAA,IACR;AAAA,EACD;AACD;;;AEtNO,IAAM,uBAAuB,CAInC,MACA,WACI;AACJ,SAAO;AAAA,IACN;AAAA,IACA,GAAG;AAAA,EACJ;AACD;;;ACZA,SAAS,YAAAC,iBAAgB;AAGlB,SAAS,WAAW,SAA4B;AACtD,QAAM,SACL,CAAC,CAAC,QAAQ,UAAU,oBACpB,QAAQ,IAAI,aAAa;AAC1B,QAAM,qBAAqB,SAAS,cAAc;AAClD,QAAM,eAAe;AACrB,QAAM,gBAAgB,IAAIA,UAAS,GAAG,GAAG,EAAE,QAAQ;AACnD,SAAO;AAAA,IACN,cAAc;AAAA,MACb,MAAM,GAAG,kBAAkB,GAAG,YAAY;AAAA,MAC1C,SAAS;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,QACN;AAAA,QACA,QAAQ;AAAA,MACT;AAAA,IACD;AAAA,IACA,WAAW;AAAA,MACV,MAAM,GAAG,qBAAqB,YAAY,EAAE,GAAG,YAAY;AAAA,MAC3D,SAAS;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,QACN;AAAA,QACA,QAAQ,KAAK,KAAK,KAAK;AAAA,MACxB;AAAA,IACD;AAAA,IACA,OAAO;AAAA,MACN,MAAM,GAAG,kBAAkB,GAAG,YAAY;AAAA,MAC1C,SAAS;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,QACN;AAAA,QACA,QAAQ,KAAK;AAAA;AAAA,MACd;AAAA,IACD;AAAA,IACA,gBAAgB;AAAA,MACf,MAAM,GAAG,kBAAkB,GAAG,YAAY;AAAA,MAC1C,SAAS;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,QACN;AAAA,QACA,QAAQ,KAAK;AAAA;AAAA,MACd;AAAA,IACD;AAAA,IACA,OAAO;AAAA,MACN,MAAM,GAAG,kBAAkB,GAAG,YAAY;AAAA,MAC1C,SAAS;AAAA,QACR,UAAU;AAAA,QACV,UAAU;AAAA,QACV,MAAM;AAAA,QACN;AAAA,QACA,QAAQ,KAAK;AAAA;AAAA,MACd;AAAA,IACD;AAAA,EACD;AACD;AAEO,SAAS,mBAAmB,SAA4B;AAC9D,QAAM,SACL,CAAC,CAAC,QAAQ,UAAU,oBACpB,QAAQ,IAAI,aAAa;AAC1B,QAAM,qBAAqB,SAAS,cAAc;AAClD,QAAM,eAAe;AACrB,WAAS,UAAU,YAAoBC,UAAyB;AAC/D,WAAO;AAAA,MACN,MACC,QAAQ,IAAI,aAAa,eACtB,GAAG,kBAAkB,GAAG,YAAY,IAAI,UAAU,KAClD,GAAG,YAAY,IAAI,UAAU;AAAA,MACjC,SAAS;AAAA,QACR;AAAA,QACA,UAAU;AAAA,QACV,MAAM;AAAA,QACN,QAAQ,KAAK;AAAA;AAAA,QACb,GAAGA;AAAA,MACJ;AAAA,IACD;AAAA,EACD;AACA,SAAO;AACR;;;ACvFA,SAAS,qBAAqB;AAE9B,IAAM,UAAU,cAAc;AAAA,EAC7B,eAAe;AAAA,IACd,MAAM;AAAA,EACP;AACD,CAAC;AAEM,IAAM,eAAe,CAAC,YAEvB;AACL,SAAO;AAAA,IACN,KAAK,IAAI,SAAgB;AACxB,OAAC,SAAS,YAAY,QAAQ,IAAI,IAAI,GAAG,IAAI;AAAA,IAC9C;AAAA,IACA,OAAO,IAAI,SAAgB;AAC1B,OAAC,SAAS,YAAY,QAAQ,MAAM,IAAI,GAAG,IAAI;AAAA,IAChD;AAAA,IACA,MAAM,IAAI,SAAgB;AACzB,OAAC,SAAS,YAAY,QAAQ,KAAK,IAAI,GAAG,IAAI;AAAA,IAC/C;AAAA,IACA,MAAM,IAAI,SAAgB;AACzB,OAAC,SAAS,YAAY,QAAQ,KAAK,IAAI,GAAG,IAAI;AAAA,IAC/C;AAAA,IACA,OAAO,IAAI,SAAgB;AAC1B,OAAC,SAAS,YAAY,QAAQ,MAAM,IAAI,GAAG,IAAI;AAAA,IAChD;AAAA,IACA,KAAK,IAAI,SAAgB;AACxB,OAAC,SAAS,YAAY,QAAQ,IAAI,IAAI,GAAG,IAAI;AAAA,IAC9C;AAAA,IACA,SAAS,IAAI,SAAgB;AAC5B,OAAC,SAAS,YAAY,QAAQ,QAAQ,IAAI,GAAG,IAAI;AAAA,IAClD;AAAA,IACA,OAAO,IAAI,SAAgB;AAC1B,OAAC,SAAS,YAAY,QAAQ,IAAI,IAAI;AAAA,IACvC;AAAA,EACD;AACD;AAEO,IAAM,SAAS,aAAa;;;AC3B5B,IAAM,OAAO,CAAC,YAA+B;AACnD,QAAM,UAAU,WAAW,OAAO;AAClC,QAAM,KAAK,oBAAoB,OAAO;AACtC,QAAM,EAAE,SAAS,UAAAC,UAAS,IAAI,WAAW,QAAQ,SAAS,QAAQ,QAAQ;AAE1E,SAAO;AAAA,IACN,SAAS;AAAA,MACR,GAAG;AAAA,MACH;AAAA,MACA,UAAU,QAAQ,YAAY;AAAA,IAC/B;AAAA,IACA,SAASA;AAAA,IACT,QACC,QAAQ,UACR,QAAQ,IAAI,sBACZ,QAAQ,IAAI,eACZ;AAAA,IACD,aAAa,WAAW,OAAO;AAAA,IAC/B,QAAQ,aAAa;AAAA,MACpB,UAAU,QAAQ;AAAA,IACnB,CAAC;AAAA,IACD;AAAA,IACA;AAAA,IACA,iBAAiB,sBAAsB,SAAS,OAAO;AAAA,IACvD,kBAAkB,mBAAmB,OAAO;AAAA,EAC7C;AACD;;;AChCO,IAAM,aAAa,CAA8B,YAAe;AACtE,QAAM,cAAc,KAAK,OAAO;AAUhC,QAAM,EAAE,SAAS,UAAU,IAAI,OAAO,WAAW;AAGjD,SAAO;AAAA,IACN;AAAA,IACA,KAAK;AAAA,IACL;AAAA,EACD;AACD;","names":["z","z","APIError","z","error","betterFetch","error","betterFetch","betterFetch","error","betterFetch","betterFetch","error","betterFetch","parseJWT","parseJWT","betterFetch","error","betterFetch","betterFetch","error","betterFetch","betterFetch","error","betterFetch","z","APIError","APIError","z","z","APIError","z","z","Argon2id","z","z","Argon2id","TimeSpan","createJWT","validateJWT","z","z","createJWT","TimeSpan","validateJWT","alphabet","generateRandomString","generateRandomString","alphabet","alphabet","generateRandomString","Argon2id","z","z","Argon2id","generateRandomString","alphabet","ctx","w","data","alphabet","generateRandomString","generateRandomString","alphabet","TimeSpan","options","withPath"]}

package/dist/next-js.d.ts

@@ -0,0 +1,14 @@
+import { A as Auth } from './index-W5nXvJ-p.js';
+import 'better-call';
+import 'zod';
+import './helper-B5_2Vzba.js';
+import './schema-BOszzrbQ.js';
+import 'arctic';
+import 'kysely';
+
+declare function toNextJsHandler(auth: Auth | Auth["handler"]): {
+    GET: (request: Request) => Promise<Response>;
+    POST: (request: Request) => Promise<Response>;
+};
+
+export { toNextJsHandler };

package/dist/next-js.js

@@ -0,0 +1,14 @@
+// src/integrations/next-js.ts
+function toNextJsHandler(auth) {
+  const handler = async (request) => {
+    return "handler" in auth ? auth.handler(request) : auth(request);
+  };
+  return {
+    GET: handler,
+    POST: handler
+  };
+}
+export {
+  toNextJsHandler
+};
+//# sourceMappingURL=next-js.js.map