better-auth 0.0.8-beta.22 → 0.0.8-beta.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -2,14 +2,14 @@ import * as nanostores from 'nanostores';
2
2
  import { A as AccessControl, S as StatementsPrimitive, R as Role } from '../statement-D6SPoYOh.js';
3
3
  import * as _better_fetch_fetch from '@better-fetch/fetch';
4
4
  import { BetterFetchOption } from '@better-fetch/fetch';
5
- import { o as organization, M as Member, I as Invitation, u as username } from '../index-Dwhjsk4l.js';
6
- export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-Dwhjsk4l.js';
5
+ import { o as organization, M as Member, I as Invitation, u as username } from '../index-DoXcqf3v.js';
6
+ export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-DoXcqf3v.js';
7
7
  import '../helper-D8dhRz72.js';
8
8
  import '../index-CcxejJTH.js';
9
9
  import 'arctic';
10
10
  import 'zod';
11
11
  import 'better-call';
12
- import '../internal-adapter-CVKQ4XR9.js';
12
+ import '../internal-adapter-B6xQsmUU.js';
13
13
  import 'kysely';
14
14
  import '@simplewebauthn/types';
15
15
 
package/dist/client.d.ts CHANGED
@@ -1,10 +1,10 @@
1
1
  import * as zod from 'zod';
2
2
  import * as _better_fetch_fetch from '@better-fetch/fetch';
3
3
  import * as nanostores from 'nanostores';
4
- import { B as BetterAuthOptions, F as FieldAttribute, I as InferFieldOutput } from './internal-adapter-CVKQ4XR9.js';
4
+ import { B as BetterAuthOptions, F as FieldAttribute, I as InferFieldOutput } from './internal-adapter-B6xQsmUU.js';
5
5
  import { Auth } from './index.js';
6
6
  import { U as UnionToIntersection } from './helper-D8dhRz72.js';
7
- import { C as ClientOptions, I as InferClientAPI, a as InferActions, A as AuthClientPlugin, b as IsSignal } from './types-D4WrjKeJ.js';
7
+ import { C as ClientOptions, I as InferClientAPI, a as InferActions, A as AuthClientPlugin, b as IsSignal } from './types-B-mnB1YO.js';
8
8
  import 'kysely';
9
9
  import './index-CcxejJTH.js';
10
10
  import 'arctic';
@@ -4,7 +4,7 @@ import { A as AccessControl, R as Role, S as StatementsPrimitive, g as defaultRo
4
4
  import { z, ZodObject, ZodOptional, ZodArray, ZodLiteral } from 'zod';
5
5
  import * as _better_fetch_fetch from '@better-fetch/fetch';
6
6
  import { BetterFetch } from '@better-fetch/fetch';
7
- import { H as HookEndpointContext } from './internal-adapter-CVKQ4XR9.js';
7
+ import { H as HookEndpointContext } from './internal-adapter-B6xQsmUU.js';
8
8
  import * as _simplewebauthn_types from '@simplewebauthn/types';
9
9
  import { CredentialDeviceType, PublicKeyCredentialCreationOptionsJSON } from '@simplewebauthn/types';
10
10
 
package/dist/index.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import { U as UnionToIntersection } from './helper-D8dhRz72.js';
2
- import { A as AuthContext, B as BetterAuthOptions, F as FieldAttribute, I as InferFieldOutput } from './internal-adapter-CVKQ4XR9.js';
3
- export { g as FieldAttributeConfig, e as FieldType, f as InferValueType, b as InternalAdapter, d as createFieldAttribute, c as createInternalAdapter } from './internal-adapter-CVKQ4XR9.js';
2
+ import { A as AuthContext, B as BetterAuthOptions, F as FieldAttribute, I as InferFieldOutput } from './internal-adapter-B6xQsmUU.js';
3
+ export { g as FieldAttributeConfig, e as FieldType, f as InferValueType, b as InternalAdapter, d as createFieldAttribute, c as createInternalAdapter } from './internal-adapter-B6xQsmUU.js';
4
4
  import * as zod from 'zod';
5
5
  import * as better_call from 'better-call';
6
6
  import { Context } from 'better-call';
package/dist/index.js CHANGED
@@ -11,12 +11,13 @@ import { betterFetch } from '@better-fetch/fetch';
11
11
  import { createOAuth2Request, sendTokenRequest } from 'arctic/dist/request';
12
12
  import { createConsola } from 'consola';
13
13
  import { TimeSpan } from 'oslo';
14
- import { generateRandomString, alphabet } from 'oslo/crypto';
14
+ import { generateRandomString, alphabet, constantTimeEqual } from 'oslo/crypto';
15
15
  import Database from 'better-sqlite3';
16
16
  import { Kysely, MysqlDialect, PostgresDialect, SqliteDialect } from 'kysely';
17
17
  import { createPool } from 'mysql2';
18
18
  import pg from 'pg';
19
- import { Argon2id } from 'oslo/password';
19
+ import { scrypt } from 'node:crypto';
20
+ import { encodeHex, decodeHex } from 'oslo/encoding';
20
21
 
21
22
  // src/api/index.ts
22
23
  async function hs256(secretKey, message) {
@@ -1904,17 +1905,17 @@ function transformFrom(val, transform) {
1904
1905
  }
1905
1906
  return val;
1906
1907
  }
1907
- var kyselyAdapter = (db, config) => {
1908
+ var kyselyAdapter = (db, config2) => {
1908
1909
  return {
1909
1910
  async create(data) {
1910
1911
  let { model, data: val, select } = data;
1911
- if (config?.transform) {
1912
- val = transformFrom(val, config.transform);
1912
+ if (config2?.transform) {
1913
+ val = transformFrom(val, config2.transform);
1913
1914
  }
1914
1915
  let res = await db.insertInto(model).values(val).returningAll().executeTakeFirst();
1915
- if (config?.transform) {
1916
- const schema = config.transform.schema[model];
1917
- res = schema ? transformTo(val, schema, config.transform) : res;
1916
+ if (config2?.transform) {
1917
+ const schema = config2.transform.schema[model];
1918
+ res = schema ? transformTo(val, schema, config2.transform) : res;
1918
1919
  }
1919
1920
  if (select?.length) {
1920
1921
  const data2 = res ? select.reduce((acc, cur) => {
@@ -1953,9 +1954,9 @@ var kyselyAdapter = (db, config) => {
1953
1954
  }, {}) : null;
1954
1955
  res = data2;
1955
1956
  }
1956
- if (config?.transform) {
1957
- const schema = config.transform.schema[model];
1958
- res = res && schema ? transformTo(res, schema, config.transform) : res;
1957
+ if (config2?.transform) {
1958
+ const schema = config2.transform.schema[model];
1959
+ res = res && schema ? transformTo(res, schema, config2.transform) : res;
1959
1960
  return res || null;
1960
1961
  }
1961
1962
  return res || null;
@@ -1971,17 +1972,17 @@ var kyselyAdapter = (db, config) => {
1971
1972
  query = query.where((eb) => eb.or(or));
1972
1973
  }
1973
1974
  const res = await query.selectAll().execute();
1974
- if (config?.transform) {
1975
- const schema = config.transform.schema[model];
1976
- return schema ? res.map((v) => transformTo(v, schema, config.transform)) : res;
1975
+ if (config2?.transform) {
1976
+ const schema = config2.transform.schema[model];
1977
+ return schema ? res.map((v) => transformTo(v, schema, config2.transform)) : res;
1977
1978
  }
1978
1979
  return res;
1979
1980
  },
1980
1981
  async update(data) {
1981
1982
  let { model, where, update: val } = data;
1982
1983
  const { and, or } = convertWhere(where);
1983
- if (config?.transform) {
1984
- val = transformFrom(val, config.transform);
1984
+ if (config2?.transform) {
1985
+ val = transformFrom(val, config2.transform);
1985
1986
  }
1986
1987
  let query = db.updateTable(model).set(val);
1987
1988
  if (and) {
@@ -1991,9 +1992,9 @@ var kyselyAdapter = (db, config) => {
1991
1992
  query = query.where((eb) => eb.or(or));
1992
1993
  }
1993
1994
  const res = await query.returningAll().executeTakeFirst() || null;
1994
- if (config?.transform) {
1995
- const schema = config.transform.schema[model];
1996
- return schema ? transformTo(res, schema, config.transform) : res;
1995
+ if (config2?.transform) {
1996
+ const schema = config2.transform.schema[model];
1997
+ return schema ? transformTo(res, schema, config2.transform) : res;
1997
1998
  }
1998
1999
  return res;
1999
2000
  },
@@ -2011,17 +2012,17 @@ var kyselyAdapter = (db, config) => {
2011
2012
  }
2012
2013
  };
2013
2014
  };
2014
- var getDialect = (config) => {
2015
- if (!config.database) {
2015
+ var getDialect = (config2) => {
2016
+ if (!config2.database) {
2016
2017
  return null;
2017
2018
  }
2018
- if (config.database instanceof MysqlDialect || config.database instanceof PostgresDialect || config.database instanceof SqliteDialect) {
2019
- return config.database;
2019
+ if (config2.database instanceof MysqlDialect || config2.database instanceof PostgresDialect || config2.database instanceof SqliteDialect) {
2020
+ return config2.database;
2020
2021
  }
2021
2022
  let dialect = null;
2022
- if ("provider" in config.database) {
2023
- const provider = config.database.provider;
2024
- const connectionString = config.database?.url?.trim();
2023
+ if ("provider" in config2.database) {
2024
+ const provider = config2.database.provider;
2025
+ const connectionString = config2.database?.url?.trim();
2025
2026
  if (provider === "postgres") {
2026
2027
  const pool = new Pool({
2027
2028
  connectionString
@@ -2050,8 +2051,8 @@ var getDialect = (config) => {
2050
2051
  }
2051
2052
  return dialect;
2052
2053
  };
2053
- var createKyselyAdapter = (config) => {
2054
- const dialect = getDialect(config);
2054
+ var createKyselyAdapter = (config2) => {
2055
+ const dialect = getDialect(config2);
2055
2056
  if (!dialect) {
2056
2057
  return null;
2057
2058
  }
@@ -2060,18 +2061,18 @@ var createKyselyAdapter = (config) => {
2060
2061
  });
2061
2062
  return db;
2062
2063
  };
2063
- var getDatabaseType = (config) => {
2064
- if ("provider" in config.database) {
2065
- return config.database.provider;
2064
+ var getDatabaseType = (config2) => {
2065
+ if ("provider" in config2.database) {
2066
+ return config2.database.provider;
2066
2067
  }
2067
- if ("dialect" in config.database) {
2068
- if (config.database.dialect instanceof PostgresDialect) {
2068
+ if ("dialect" in config2.database) {
2069
+ if (config2.database.dialect instanceof PostgresDialect) {
2069
2070
  return "postgres";
2070
2071
  }
2071
- if (config.database.dialect instanceof MysqlDialect) {
2072
+ if (config2.database.dialect instanceof MysqlDialect) {
2072
2073
  return "mysql";
2073
2074
  }
2074
- if (config.database.dialect instanceof SqliteDialect) {
2075
+ if (config2.database.dialect instanceof SqliteDialect) {
2075
2076
  return "sqlite";
2076
2077
  }
2077
2078
  }
@@ -2208,9 +2209,45 @@ function getAdapter(options) {
2208
2209
  }
2209
2210
  });
2210
2211
  }
2211
- var bcrypt = new Argon2id();
2212
- var hashPassword = bcrypt.hash;
2213
- var verifyPassword = bcrypt.verify;
2212
+ var config = {
2213
+ N: 16384,
2214
+ r: 16,
2215
+ p: 1,
2216
+ dkLen: 64
2217
+ };
2218
+ async function generateKey(password, salt) {
2219
+ return await new Promise((resolve, reject) => {
2220
+ scrypt(
2221
+ password.normalize("NFKC"),
2222
+ salt,
2223
+ config.dkLen,
2224
+ {
2225
+ N: config.N,
2226
+ p: config.p,
2227
+ r: config.r,
2228
+ // errors when 128 * N * r > `maxmem` (approximately)
2229
+ maxmem: 128 * config.N * config.r * 2
2230
+ },
2231
+ (err, buff) => {
2232
+ if (err) return reject(err);
2233
+ return resolve(buff);
2234
+ }
2235
+ );
2236
+ });
2237
+ }
2238
+ function getPasswordHasher(secret) {
2239
+ const hashPassword = async (password) => {
2240
+ const salt = encodeHex(crypto.getRandomValues(new Uint8Array(16)));
2241
+ const key = await generateKey(password, salt);
2242
+ return `${salt}:${encodeHex(key)}`;
2243
+ };
2244
+ const verifyPassword = async (password, hash) => {
2245
+ const [salt, key] = hash.split(":");
2246
+ const targetKey = await generateKey(password, salt);
2247
+ return constantTimeEqual(targetKey, decodeHex(key));
2248
+ };
2249
+ return { hashPassword, verifyPassword };
2250
+ }
2214
2251
  var createInternalAdapter = (adapter, options) => {
2215
2252
  const sessionExpiration = options.session?.expiresIn || 60 * 60 * 24 * 7;
2216
2253
  const tables = getAuthTables(options);
@@ -2395,10 +2432,10 @@ var createInternalAdapter = (adapter, options) => {
2395
2432
  };
2396
2433
 
2397
2434
  // src/db/field.ts
2398
- var createFieldAttribute = (type, config) => {
2435
+ var createFieldAttribute = (type, config2) => {
2399
2436
  return {
2400
2437
  type,
2401
- ...config
2438
+ ...config2
2402
2439
  };
2403
2440
  };
2404
2441
 
@@ -2410,6 +2447,8 @@ var init = (options) => {
2410
2447
  const adapter = getAdapter(options);
2411
2448
  const db = createKyselyAdapter(options);
2412
2449
  const baseURL = getBaseURL(options.baseURL, options.basePath);
2450
+ const secret = options.secret || process.env.BETTER_AUTH_SECRET || process.env.AUTH_SECRET || DEFAULT_SECRET;
2451
+ const { hashPassword, verifyPassword } = getPasswordHasher();
2413
2452
  return {
2414
2453
  options: {
2415
2454
  ...options,
@@ -2423,7 +2462,7 @@ var init = (options) => {
2423
2462
  expiresIn: options.session?.expiresIn || 60 * 60 * 24 * 7
2424
2463
  // 7 days
2425
2464
  },
2426
- secret: options.secret || process.env.BETTER_AUTH_SECRET || process.env.AUTH_SECRET || DEFAULT_SECRET,
2465
+ secret,
2427
2466
  authCookies: getCookies(options),
2428
2467
  logger: createLogger({
2429
2468
  disabled: options.disableLog