better-auth 0.0.8-beta.8 → 0.0.8-beta.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +14 -15
- package/dist/index.js.map +1 -1
- package/dist/plugins.js +14 -17
- package/dist/plugins.js.map +1 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -131,7 +131,6 @@ var csrfMiddleware = createAuthMiddleware(
|
|
|
131
131
|
// src/api/routes/sign-in.ts
|
|
132
132
|
import { APIError as APIError2 } from "better-call";
|
|
133
133
|
import { generateCodeVerifier } from "oslo/oauth2";
|
|
134
|
-
import { Argon2id } from "oslo/password";
|
|
135
134
|
import { z as z4 } from "zod";
|
|
136
135
|
|
|
137
136
|
// src/social-providers/apple.ts
|
|
@@ -937,6 +936,11 @@ var getSessionFromCtx = async (ctx) => {
|
|
|
937
936
|
return session;
|
|
938
937
|
};
|
|
939
938
|
|
|
939
|
+
// src/crypto/password.ts
|
|
940
|
+
import { Scrypt } from "oslo/password";
|
|
941
|
+
var password = new Scrypt();
|
|
942
|
+
var { hash: hashPassword, verify: verifyPassword } = password;
|
|
943
|
+
|
|
940
944
|
// src/api/routes/sign-in.ts
|
|
941
945
|
var signInOAuth = createAuthEndpoint(
|
|
942
946
|
"/sign-in/social",
|
|
@@ -1047,17 +1051,16 @@ var signInEmail = createAuthEndpoint(
|
|
|
1047
1051
|
currentSession.session.id
|
|
1048
1052
|
);
|
|
1049
1053
|
}
|
|
1050
|
-
const { email, password } = ctx.body;
|
|
1054
|
+
const { email, password: password2 } = ctx.body;
|
|
1051
1055
|
const checkEmail = z4.string().email().safeParse(email);
|
|
1052
1056
|
if (!checkEmail.success) {
|
|
1053
1057
|
throw new APIError2("BAD_REQUEST", {
|
|
1054
1058
|
message: "Invalid email"
|
|
1055
1059
|
});
|
|
1056
1060
|
}
|
|
1057
|
-
const argon2id = new Argon2id();
|
|
1058
1061
|
const user = await ctx.context.internalAdapter.findUserByEmail(email);
|
|
1059
1062
|
if (!user) {
|
|
1060
|
-
await
|
|
1063
|
+
await hashPassword(password2);
|
|
1061
1064
|
ctx.context.logger.error("User not found", { email });
|
|
1062
1065
|
throw new APIError2("UNAUTHORIZED", {
|
|
1063
1066
|
message: "Invalid email or password"
|
|
@@ -1079,7 +1082,7 @@ var signInEmail = createAuthEndpoint(
|
|
|
1079
1082
|
message: "Unexpected error"
|
|
1080
1083
|
});
|
|
1081
1084
|
}
|
|
1082
|
-
const validPassword = await
|
|
1085
|
+
const validPassword = await verifyPassword(currentPassword, password2);
|
|
1083
1086
|
if (!validPassword) {
|
|
1084
1087
|
ctx.context.logger.error("Invalid password");
|
|
1085
1088
|
throw new APIError2("UNAUTHORIZED", {
|
|
@@ -1294,7 +1297,6 @@ var signOut = createAuthEndpoint(
|
|
|
1294
1297
|
import { TimeSpan as TimeSpan2 } from "oslo";
|
|
1295
1298
|
import { createJWT } from "oslo/jwt";
|
|
1296
1299
|
import { validateJWT } from "oslo/jwt";
|
|
1297
|
-
import { Argon2id as Argon2id2 } from "oslo/password";
|
|
1298
1300
|
import { z as z7 } from "zod";
|
|
1299
1301
|
var forgetPassword = createAuthEndpoint(
|
|
1300
1302
|
"/forget-password",
|
|
@@ -1397,8 +1399,7 @@ var resetPassword = createAuthEndpoint(
|
|
|
1397
1399
|
}
|
|
1398
1400
|
});
|
|
1399
1401
|
}
|
|
1400
|
-
const
|
|
1401
|
-
const hashedPassword = await argon2id.hash(newPassword);
|
|
1402
|
+
const hashedPassword = await hashPassword(newPassword);
|
|
1402
1403
|
const updatedUser = await ctx.context.internalAdapter.updatePassword(
|
|
1403
1404
|
user.user.id,
|
|
1404
1405
|
hashedPassword
|
|
@@ -1604,7 +1605,6 @@ var welcome = createAuthEndpoint(
|
|
|
1604
1605
|
|
|
1605
1606
|
// src/api/routes/sign-up.ts
|
|
1606
1607
|
import { alphabet as alphabet3, generateRandomString as generateRandomString3 } from "oslo/crypto";
|
|
1607
|
-
import { Argon2id as Argon2id3 } from "oslo/password";
|
|
1608
1608
|
import { z as z9 } from "zod";
|
|
1609
1609
|
var signUpEmail = createAuthEndpoint(
|
|
1610
1610
|
"/sign-up/email",
|
|
@@ -1627,18 +1627,17 @@ var signUpEmail = createAuthEndpoint(
|
|
|
1627
1627
|
}
|
|
1628
1628
|
});
|
|
1629
1629
|
}
|
|
1630
|
-
const { name, email, password, image } = ctx.body;
|
|
1630
|
+
const { name, email, password: password2, image } = ctx.body;
|
|
1631
1631
|
const minPasswordLength = ctx.context.options?.emailAndPassword?.minPasswordLength || 8;
|
|
1632
|
-
if (
|
|
1632
|
+
if (password2.length < minPasswordLength) {
|
|
1633
1633
|
ctx.context.logger.error("Password is too short");
|
|
1634
1634
|
return ctx.json(null, {
|
|
1635
1635
|
status: 400,
|
|
1636
1636
|
body: { message: "Password is too short" }
|
|
1637
1637
|
});
|
|
1638
1638
|
}
|
|
1639
|
-
const argon2id = new Argon2id3();
|
|
1640
1639
|
const dbUser = await ctx.context.internalAdapter.findUserByEmail(email);
|
|
1641
|
-
const hash = await
|
|
1640
|
+
const hash = await hashPassword(password2);
|
|
1642
1641
|
if (dbUser?.user) {
|
|
1643
1642
|
return ctx.json(null, {
|
|
1644
1643
|
status: 400,
|
|
@@ -2472,7 +2471,7 @@ var createInternalAdapter = (adapter, options) => {
|
|
|
2472
2471
|
});
|
|
2473
2472
|
return user;
|
|
2474
2473
|
},
|
|
2475
|
-
updatePassword: async (userId,
|
|
2474
|
+
updatePassword: async (userId, password2) => {
|
|
2476
2475
|
const account = await adapter.update({
|
|
2477
2476
|
model: tables.account.tableName,
|
|
2478
2477
|
where: [
|
|
@@ -2486,7 +2485,7 @@ var createInternalAdapter = (adapter, options) => {
|
|
|
2486
2485
|
}
|
|
2487
2486
|
],
|
|
2488
2487
|
update: {
|
|
2489
|
-
password
|
|
2488
|
+
password: password2
|
|
2490
2489
|
}
|
|
2491
2490
|
});
|
|
2492
2491
|
return account;
|