npm - better-auth - Versions diffs - 0.2.2 → 0.2.3-beta.2 - Mend

better-auth 0.2.2 → 0.2.3-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

package/dist/adapters.d.ts +32 -6
package/dist/adapters.js +22 -1
package/dist/api.d.ts +2 -4
package/dist/cli.js +4 -2
package/dist/client/plugins.d.ts +5 -7
package/dist/client.d.ts +3 -5
package/dist/{index-DsEvbKjm.d.ts → index-3B6zGicM.d.ts} +10 -2
package/dist/{index-D_ohe9r9.d.ts → index-BMYcrOqA.d.ts} +72 -113
package/dist/index-CE92ti2Z.d.ts +827 -0
package/dist/index.d.ts +4 -6
package/dist/index.js +5 -3
package/dist/next-js.d.ts +2 -4
package/dist/node.d.ts +4 -6
package/dist/plugins.d.ts +6 -8
package/dist/plugins.js +1 -1
package/dist/react.d.ts +3 -5
package/dist/social.d.ts +3 -742
package/dist/solid-start.d.ts +4 -6
package/dist/solid.d.ts +3 -5
package/dist/svelte-kit.d.ts +4 -6
package/dist/svelte.d.ts +3 -5
package/dist/types.d.ts +3 -5
package/dist/utils.d.ts +5 -7
package/dist/vue.d.ts +3 -5
package/package.json +7 -5
package/dist/.DS_Store +0 -0
package/dist/adapter-D-m9-hQp.d.ts +0 -54
package/dist/schema-D9o3OF80.d.ts +0 -88

package/dist/index.d.ts CHANGED Viewed

@@ -1,9 +1,7 @@
-export { d as Auth, $ as betterAuth } from './index-D_ohe9r9.js';
+export { d as Auth, a2 as betterAuth } from './index-BMYcrOqA.js';
 import 'kysely';
-import './schema-D9o3OF80.js';
+import './index-CE92ti2Z.js';
+import 'arctic';
 import 'zod';
-import 'better-call';
 import './helper-C1ihmerM.js';
-import './social.js';
-import 'arctic';
-import './adapter-D-m9-hQp.js';
+import 'better-call';

package/dist/index.js CHANGED Viewed

@@ -1,5 +1,5 @@
-var Ot=Object.defineProperty,_t=Object.defineProperties;var Et=Object.getOwnPropertyDescriptors;var K=Object.getOwnPropertySymbols;var Re=Object.prototype.hasOwnProperty,Te=Object.prototype.propertyIsEnumerable;var ke=(e,t,n)=>t in e?Ot(e,t,{enumerable:!0,configurable:!0,writable:!0,value:n}):e[t]=n,g=(e,t)=>{for(var n in t||(t={}))Re.call(t,n)&&ke(e,n,t[n]);if(K)for(var n of K(t))Te.call(t,n)&&ke(e,n,t[n]);return e},k=(e,t)=>_t(e,Et(t));var W=(e,t)=>{var n={};for(var o in e)Re.call(e,o)&&t.indexOf(o)<0&&(n[o]=e[o]);if(e!=null&&K)for(var o of K(e))t.indexOf(o)<0&&Te.call(e,o)&&(n[o]=e[o]);return n};var u=(e,t,n)=>new Promise((o,r)=>{var s=d=>{try{a(n.next(d))}catch(l){r(l)}},i=d=>{try{a(n.throw(d))}catch(l){r(l)}},a=d=>d.done?o(d.value):Promise.resolve(d.value).then(s,i);a((n=n.apply(e,t)).next())});import{APIError as xr,createRouter as Pr}from"better-call";import{APIError as Pe}from"better-call";import{z as ve}from"zod";import{xchacha20poly1305 as Vr}from"@noble/ciphers/chacha";import{bytesToHex as Mr,hexToBytes as Hr,utf8ToBytes as Gr}from"@noble/ciphers/utils";import{managedNonce as Wr}from"@noble/ciphers/webcrypto";import{sha256 as Zr}from"@noble/hashes/sha256";function J(e,t){return u(this,null,function*(){let n=new TextEncoder,o={name:"HMAC",hash:"SHA-256"},r=yield crypto.subtle.importKey("raw",n.encode(e),o,!1,["sign","verify"]),s=yield crypto.subtle.sign(o.name,r,n.encode(t));return btoa(String.fromCharCode(...new Uint8Array(s)))})}import{createEndpointCreator as Ct,createMiddleware as Ue,createMiddlewareCreator as Bt}from"better-call";var xe=Ue(()=>u(void 0,null,function*(){return{}})),Z=Bt({use:[xe,Ue(()=>u(void 0,null,function*(){return{}}))]}),y=Ct({use:[xe]});var Ie=Z({body:ve.object({csrfToken:ve.string().optional()}).optional()},e=>u(void 0,null,function*(){var a,d,l,c;if(((a=e.request)==null?void 0:a.method)!=="POST"||(d=e.context.options.advanced)!=null&&d.disableCSRFCheck)return;let t=new URL(e.request.url);if(t.origin===new URL(e.context.baseURL).origin||(l=e.context.options.trustedOrigins)!=null&&l.includes(t.origin))return;let n=(c=e.body)==null?void 0:c.csrfToken,o=yield e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret),[r,s]=(o==null?void 0:o.split("!"))||[null,null];if(!n||!o||!r||!s||o!==n)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new Pe("UNAUTHORIZED",{message:"Invalid CSRF Token"});let i=yield J(e.context.secret,r);if(s!==i)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new Pe("UNAUTHORIZED",{message:"Invalid CSRF Token"})}));import{APIError as C}from"better-call";import{generateCodeVerifier as nr}from"oslo/oauth2";import{z as S}from"zod";import"arctic";import{parseJWT as $t}from"oslo/jwt";import"@better-fetch/fetch";var I=class extends Error{constructor(t,n,o){super(t),this.name="BetterAuthError",this.message=t,this.cause=n}};import{OAuth2Tokens as Dt}from"arctic";function jt(e){try{return new URL(e).pathname!=="/"}catch(t){throw new I(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function ne(e,t="/api/auth"){return jt(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function Q(e,t){if(e)return ne(e,t);let n=(process==null?void 0:process.env)||{},o=n.BETTER_AUTH_URL||n.NEXT_PUBLIC_BETTER_AUTH_URL||n.PUBLIC_BETTER_AUTH_URL||n.NUXT_PUBLIC_BETTER_AUTH_URL||n.NUXT_PUBLIC_AUTH_URL||(n.BASE_URL!=="/"?n.BASE_URL:void 0);if(o)return ne(o,t);if(typeof window!="undefined")return ne(window.location.origin,t)}import{betterFetch as qt}from"@better-fetch/fetch";function R(e,t){return t||`${Q()}/callback/${e}`}function x(s){return u(this,arguments,function*({code:e,codeVerifier:t,redirectURI:n,options:o,tokenEndpoint:r}){let i=new URLSearchParams;i.set("grant_type","authorization_code"),i.set("code",e),t&&i.set("code_verifier",t),i.set("redirect_uri",n),i.set("client_id",o.clientId),i.set("client_secret",o.clientSecret);let{data:a,error:d}=yield qt(r,{method:"POST",body:i,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(d)throw d;return new Dt(a)})}var Se=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:o,scopes:r,redirectURI:s}){let i=r||["email","name","openid"];return new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${s||e.redirectURI}&scope=${i.join(" ")}&state=${o}`)},validateAuthorizationCode:(o,r,s)=>u(void 0,null,function*(){return x({code:o,codeVerifier:r,redirectURI:s||R("apple",e.redirectURI),options:e,tokenEndpoint:t})}),getUserInfo(o){return u(this,null,function*(){var s;let r=(s=$t(o.idToken()))==null?void 0:s.payload;return r?{user:{id:r.sub,name:r.name,email:r.email,emailVerified:r.email_verified==="true"},data:r}:null})}}};import{betterFetch as Nt}from"@better-fetch/fetch";import{Discord as Ft}from"arctic";var Le=e=>{let t=new Ft(e.clientId,e.clientSecret,R("discord",e.redirectURI));return{id:"discord",name:"Discord",createAuthorizationURL({state:o,scopes:r}){let s=r||["email"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>u(void 0,null,function*(){return x({code:o,codeVerifier:r,redirectURI:s||R("discord",e.redirectURI),options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"})}),getUserInfo(o){return u(this,null,function*(){let{data:r,error:s}=yield Nt("https://discord.com/api/users/@me",{auth:{type:"Bearer",token:o.accessToken()}});return s?null:{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified},data:r}})}}};import{betterFetch as Vt}from"@better-fetch/fetch";import{Facebook as zt}from"arctic";var Oe=e=>{let t=new zt(e.clientId,e.clientSecret,R("facebook",e.redirectURI));return{id:"facebook",name:"Facebook",createAuthorizationURL({state:o,scopes:r}){let s=r||["email","public_profile"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>u(void 0,null,function*(){return x({code:o,codeVerifier:r,redirectURI:s||R("facebook",e.redirectURI),options:e,tokenEndpoint:"https://graph.facebook.com/v16.0/oauth/access_token"})}),getUserInfo(o){return u(this,null,function*(){let{data:r,error:s}=yield Vt("https://graph.facebook.com/me",{auth:{type:"Bearer",token:o.accessToken()}});return s?null:{user:{id:r.id,name:r.name,email:r.email,emailVerified:r.email_verified},data:r}})}}};import{betterFetch as _e}from"@better-fetch/fetch";import{GitHub as Mt}from"arctic";var Ee=({clientId:e,clientSecret:t,redirectURI:n})=>{let o=new Mt(e,t,R("github",n));return{id:"github",name:"Github",createAuthorizationURL({state:s,scopes:i}){let a=i||["user:email"];return o.createAuthorizationURL(s,a)},validateAuthorizationCode:s=>u(void 0,null,function*(){return yield o.validateAuthorizationCode(s)}),getUserInfo(s){return u(this,null,function*(){var l,c,p,m;let{data:i,error:a}=yield _e("https://api.github.com/user",{auth:{type:"Bearer",token:s.accessToken()}});if(a)return null;let d=!1;if(!i.email){let{data:f,error:h}=yield _e("https://api.github.com/user/emails",{auth:{type:"Bearer",token:s.accessToken()}});h||(i.email=(c=(l=f.find(w=>w.primary))!=null?l:f[0])==null?void 0:c.email,d=(m=(p=f.find(w=>w.email===i.email))==null?void 0:p.verified)!=null?m:!1)}return{user:{id:i.id,name:i.name,email:i.email,image:i.avatar_url,emailVerified:d,createdAt:new Date,updatedAt:new Date},data:i}})}}};import{Google as Gt}from"arctic";import{parseJWT as Kt}from"oslo/jwt";import{createConsola as Ht}from"consola";var q=Ht({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),se=e=>({log:(...t)=>{!(e!=null&&e.disabled)&&q.log("",...t)},error:(...t)=>{!(e!=null&&e.disabled)&&q.error("",...t)},warn:(...t)=>{!(e!=null&&e.disabled)&&q.warn("",...t)},info:(...t)=>{!(e!=null&&e.disabled)&&q.info("",...t)},debug:(...t)=>{!(e!=null&&e.disabled)&&q.debug("",...t)},box:(...t)=>{!(e!=null&&e.disabled)&&q.box("",...t)},success:(...t)=>{!(e!=null&&e.disabled)&&q.success("",...t)},break:(...t)=>{!(e!=null&&e.disabled)&&console.log(`
-`)}}),O=se();var Ce=e=>{let t=new Gt(e.clientId,e.clientSecret,R("google",e.redirectURI));return{id:"google",name:"Google",createAuthorizationURL({state:o,scopes:r,codeVerifier:s,redirectURI:i}){if(!e.clientId||!e.clientSecret)throw O.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new I("CLIENT_ID_AND_SECRET_REQUIRED");if(!s)throw new I("codeVerifier is required for Google");let a=r||["email","profile"];return t.createAuthorizationURL(o,s,a)},validateAuthorizationCode:(o,r,s)=>u(void 0,null,function*(){return x({code:o,codeVerifier:r,redirectURI:s||R("google",e.redirectURI),options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"})}),getUserInfo(o){return u(this,null,function*(){var s;if(!o.idToken)return null;let r=(s=Kt(o.idToken()))==null?void 0:s.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}})}}};import{betterFetch as Wt}from"@better-fetch/fetch";import{Spotify as Jt}from"arctic";var Be=e=>{let t=new Jt(e.clientId,e.clientSecret,R("spotify",e.redirectURI));return{id:"spotify",name:"Spotify",createAuthorizationURL({state:o,scopes:r}){let s=r||["user-read-email"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>u(void 0,null,function*(){return x({code:o,codeVerifier:r,redirectURI:s||R("spotify",e.redirectURI),options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"})}),getUserInfo(o){return u(this,null,function*(){var i;let{data:r,error:s}=yield Wt("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s?null:{user:{id:r.id,name:r.display_name,email:r.email,image:(i=r.images[0])==null?void 0:i.url,emailVerified:!1},data:r}})}}};import{betterFetch as Zt}from"@better-fetch/fetch";import{Twitch as Qt}from"arctic";var je=e=>{let t=new Qt(e.clientId,e.clientSecret,R("twitch",e.redirectURI));return{id:"twitch",name:"Twitch",createAuthorizationURL({state:o,scopes:r}){let s=r||["activity:write","read"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>u(void 0,null,function*(){return x({code:o,codeVerifier:r,redirectURI:s||R("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"})}),getUserInfo(o){return u(this,null,function*(){let{data:r,error:s}=yield Zt("https://api.twitch.tv/helix/users",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s?null:{user:{id:r.sub,name:r.preferred_username,email:r.email,image:r.picture,emailVerified:!1},data:r}})}}};import{betterFetch as Xt}from"@better-fetch/fetch";import{Twitter as Yt}from"arctic";var De=e=>{let t=new Yt(e.clientId,e.clientSecret,R("twitter",e.redirectURI));return{id:"twitter",name:"Twitter",createAuthorizationURL(o){let r=o.scopes||["account_info.read"];return t.createAuthorizationURL(o.state,o.codeVerifier,r)},validateAuthorizationCode:(o,r,s)=>u(void 0,null,function*(){return x({code:o,codeVerifier:r,redirectURI:s||R("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"})}),getUserInfo(o){return u(this,null,function*(){let{data:r,error:s}=yield Xt("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}})}}};import"arctic";var ie={apple:Se,discord:Le,facebook:Oe,github:Ee,google:Ce,spotify:Be,twitch:je,twitter:De},qe=Object.keys(ie);import{generateState as er}from"oslo/oauth2";import{z}from"zod";function $e(e,t,n){let o=er();return{state:JSON.stringify({code:o,callbackURL:e,currentURL:t,dontRememberMe:n}),code:o}}function ae(e){return z.object({code:z.string(),callbackURL:z.string().optional(),currentURL:z.string().optional(),dontRememberMe:z.boolean().optional()}).safeParse(JSON.parse(e))}import{APIError as rr}from"better-call";var M=(e,t=!1)=>{let n=new Date;return new Date(n.getTime()+(t?e*1e3:e))};import{TimeSpan as tr}from"oslo";function Ne(e){var s;let n=!!((s=e.advanced)!=null&&s.useSecureCookies)||process.env.NODE_ENV!=="development"&&process.env.NODE_ENV!=="test"?"__Secure-":"",o="better-auth",r=new tr(7,"d").seconds();return{sessionToken:{name:`${n}${o}.session_token`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:r}},csrfToken:{name:`${n?"__Host-":""}${o}.csrf_token`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*60*24*7}},state:{name:`${n}${o}.state`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*15}},pkCodeVerifier:{name:`${n}${o}.pk_code_verifier`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*15}},dontRememberToken:{name:`${n}${o}.dont_remember`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n}},nonce:{name:`${n}${o}.nonce`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*15}}}}function Fe(e){var s;let n=!!((s=e.advanced)!=null&&s.useSecureCookies)||process.env.NODE_ENV==="production"?"__Secure-":"",o="better-auth";function r(i,a){return{name:process.env.NODE_ENV==="production"?`${n}${o}.${i}`:`${o}.${i}`,options:g({secure:!!n,sameSite:"lax",path:"/",maxAge:60*15},a)}}return r}function _(e,t,n,o){return u(this,null,function*(){let r=e.context.authCookies.sessionToken.options;r.maxAge=n?void 0:r.maxAge,yield e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,r),n&&(yield e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options))})}function H(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}import{z as Ve}from"zod";function X(e){let t="127.0.0.1";if(process.env.NODE_ENV==="test")return t;let n=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"];for(let o of n){let r=e.headers.get(o);if(typeof r=="string"){let s=r.split(",")[0].trim();if(s)return s}}return null}var de=new Map;function or(e,t){if(!e.request)return"";let{method:n,url:o,headers:r}=e.request,s=e.request.headers.get("User-Agent")||"",i=X(e.request)||"",a=JSON.stringify(r);return`${n}:${o}:${a}:${s}:${i}:${t}`}var ce=()=>y("/session",{method:"GET",requireHeaders:!0},e=>u(void 0,null,function*(){try{let t=yield e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let n=or(e,t),o=de.get(n);if(o){if(o.expiresAt>Date.now())return e.json(o.data);de.delete(n)}let r=yield e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return H(e),r&&(yield e.context.internalAdapter.deleteSession(r.session.id)),e.json(null,{status:401});if(yield e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let i=e.context.sessionConfig.expiresIn,a=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-i*1e3+a*1e3<=Date.now()){let c=yield e.context.internalAdapter.updateSession(r.session.id,{expiresAt:M(e.context.sessionConfig.expiresIn,!0)});if(!c)return H(e),e.json(null,{status:401});let p=(c.expiresAt.valueOf()-Date.now())/1e3;return yield _(e,c.id,!1,{maxAge:p}),e.json({session:c,user:r.user})}return de.set(n,{data:r,expiresAt:Date.now()+5e3}),e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}})),ue=e=>u(void 0,null,function*(){return yield ce()(k(g({},e),{_flag:void 0}))}),$=Z(e=>u(void 0,null,function*(){let t=yield ue(e);if(!(t!=null&&t.session))throw new rr("UNAUTHORIZED");return{session:t}})),ze=()=>y("/user/list-sessions",{method:"GET",use:[$],requireHeaders:!0},e=>u(void 0,null,function*(){let n=(yield e.context.adapter.findMany({model:e.context.tables.session.tableName,where:[{field:"userId",value:e.context.session.user.id}]})).filter(o=>o.expiresAt>new Date);return e.json(n)})),Me=y("/user/revoke-session",{method:"POST",body:Ve.object({id:Ve.string()}),use:[$],requireHeaders:!0},e=>u(void 0,null,function*(){let t=e.body.id,n=yield e.context.internalAdapter.findSession(t);if(!n)return e.json(null,{status:400});if(n.session.userId!==e.context.session.user.id)return e.json(null,{status:403});try{yield e.context.internalAdapter.deleteSession(t)}catch(o){return e.context.logger.error(o),e.json(null,{status:500})}return e.json({status:!0})})),He=y("/user/revoke-sessions",{method:"POST",use:[$],requireHeaders:!0},e=>u(void 0,null,function*(){try{yield e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}return e.json({status:!0})}));var Ge=y("/sign-in/social",{method:"POST",requireHeaders:!0,query:S.object({currentURL:S.string().optional()}).optional(),body:S.object({callbackURL:S.string().optional(),provider:S.enum(qe),dontRememberMe:S.boolean().default(!1).optional()})},e=>u(void 0,null,function*(){var i,a,d,l;let t=e.context.socialProviders.find(c=>c.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider to your auth config",{provider:e.body.provider}),new C("NOT_FOUND",{message:"Provider not found"});let n=e.context.authCookies,o=(i=e.query)!=null&&i.currentURL?new URL((a=e.query)==null?void 0:a.currentURL):null,r=(d=e.body.callbackURL)!=null&&d.startsWith("http")?e.body.callbackURL:`${o==null?void 0:o.origin}${e.body.callbackURL||""}`,s=$e(r||(o==null?void 0:o.origin)||e.context.baseURL,(l=e.query)==null?void 0:l.currentURL);try{yield e.setSignedCookie(n.state.name,s.code,e.context.secret,n.state.options);let c=nr();yield e.setSignedCookie(n.pkCodeVerifier.name,c,e.context.secret,n.pkCodeVerifier.options);let p=t.createAuthorizationURL({state:s.state,codeVerifier:c});return p.searchParams.set("redirect_uri",`${e.context.baseURL}/callback/${e.body.provider}`),{url:p.toString(),state:s.state,codeVerifier:c,redirect:!0}}catch(c){throw new C("INTERNAL_SERVER_ERROR")}})),Ke=y("/sign-in/email",{method:"POST",body:S.object({email:S.string().email(),password:S.string(),callbackURL:S.string().optional(),dontRememberMe:S.boolean().default(!1).optional()})},e=>u(void 0,null,function*(){var c,p;if(!((p=(c=e.context.options)==null?void 0:c.emailAndPassword)!=null&&p.enabled))throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new C("BAD_REQUEST",{message:"Email and password is not enabled"});let t=yield ue(e);t&&(yield e.context.internalAdapter.deleteSession(t.session.id));let{email:n,password:o}=e.body;if(!S.string().email().safeParse(n).success)throw new C("BAD_REQUEST",{message:"Invalid email"});let s=yield e.context.internalAdapter.findUserByEmail(n);if(!s)throw yield e.context.password.hash(o),e.context.logger.error("User not found",{email:n}),new C("UNAUTHORIZED",{message:"Invalid email or password"});let i=s.accounts.find(m=>m.providerId==="credential");if(!i)throw e.context.logger.error("Credential account not found",{email:n}),new C("UNAUTHORIZED",{message:"Invalid email or password"});let a=i==null?void 0:i.password;if(!a)throw e.context.logger.error("Password not found",{email:n}),new C("UNAUTHORIZED",{message:"Unexpected error"});if(!(yield e.context.password.verify(a,o)))throw e.context.logger.error("Invalid password"),new C("UNAUTHORIZED",{message:"Invalid email or password"});let l=yield e.context.internalAdapter.createSession(s.user.id,e.headers,e.body.dontRememberMe);if(!l)throw e.context.logger.error("Failed to create session"),new C("INTERNAL_SERVER_ERROR");return yield _(e,l.id,e.body.dontRememberMe),e.json({user:s.user,session:l,redirect:!!e.body.callbackURL,url:e.body.callbackURL})}));import{APIError as ar}from"better-call";import{z as Y}from"zod";import{z as A}from"zod";var ds=A.object({id:A.string(),providerId:A.string(),accountId:A.string(),userId:A.string(),accessToken:A.string().nullable().optional(),refreshToken:A.string().nullable().optional(),idToken:A.string().nullable().optional(),expiresAt:A.date().nullable().optional(),password:A.string().optional().nullable()}),We=A.object({id:A.string(),email:A.string().transform(e=>e.toLowerCase()),emailVerified:A.boolean().default(!1),name:A.string(),image:A.string().optional(),createdAt:A.date().default(new Date),updatedAt:A.date().default(new Date)}),cs=A.object({id:A.string(),userId:A.string(),expiresAt:A.date(),ipAddress:A.string().optional(),userAgent:A.string().optional()});import{alphabet as sr,generateRandomString as ir}from"oslo/crypto";var Je=()=>ir(36,sr("a-z","0-9"));var D={isAction:!1};function le(e){let t=e.accessToken(),n=e.hasRefreshToken()?e.refreshToken():void 0,o;try{o=e.accessTokenExpiresAt()}catch(r){}return{accessToken:t,refreshToken:n,expiresAt:o}}var Ze=y("/callback/:id",{method:"GET",query:Y.object({state:Y.string(),code:Y.string().optional(),error:Y.string().optional()}),metadata:D},e=>u(void 0,null,function*(){var h,w,U;if(e.query.error||!e.query.code){let T=((h=ae(e.query.state).data)==null?void 0:h.callbackURL)||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${T}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(b=>b.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let n=yield e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),o;try{o=yield t.validateAuthorizationCode(e.query.code,n,`${e.context.baseURL}/callback/${t.id}`)}catch(b){throw e.context.logger.error(b),e.redirect(`${e.context.baseURL}/error?error=oauth_code_verification_failed`)}let r=yield t.getUserInfo(o).then(b=>b==null?void 0:b.user),s=Je(),i=We.safeParse(k(g({},r),{id:s})),a=ae(e.query.state);if(!a.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=invalid_state_parameter`);let{callbackURL:d,currentURL:l,dontRememberMe:c}=a.data;if(!r||i.success===!1)throw e.redirect(`${e.context.baseURL}/error?error=oauth_validation_failed`);if(!d)throw e.redirect(`${e.context.baseURL}/error?error=oauth_callback_url_not_found`);let p=yield e.context.internalAdapter.findUserByEmail(r.email),m=p==null?void 0:p.user.id;if(p){let b=p.accounts.find(v=>v.providerId===t.id),T=(U=(w=e.context.options.account)==null?void 0:w.accountLinking)==null?void 0:U.trustedProviders,P=T?T.includes(t.id):!0;if(!b&&(!r.emailVerified||!P)){let v;try{v=new URL(l||d),v.searchParams.set("error","account_not_linked")}catch(oe){throw e.redirect(`${e.context.baseURL}/error?error=account_not_linked`)}throw e.redirect(v.toString())}if(!b)try{yield e.context.internalAdapter.linkAccount(g({providerId:t.id,accountId:r.id,id:`${t.id}:${r.id}`,userId:p.user.id},le(o)))}catch(v){throw console.log(v),e.redirect(`${e.context.baseURL}/error?error=failed_linking_account`)}}else try{yield e.context.internalAdapter.createOAuthUser(i.data,k(g({},le(o)),{id:`${t.id}:${r.id}`,providerId:t.id,accountId:r.id,userId:s}))}catch(b){let T=new URL(l||d);throw T.searchParams.set("error","unable_to_create_user"),e.setHeader("Location",T.toString()),e.redirect(T.toString())}if(!m&&!s)throw new ar("INTERNAL_SERVER_ERROR",{message:"Unable to create user"});let f=yield e.context.internalAdapter.createSession(m||s,e.request,c);if(!f){let b=new URL(l||d);throw b.searchParams.set("error","unable_to_create_session"),e.redirect(b.toString())}try{yield _(e,f.id,c)}catch(b){e.context.logger.error("Unable to set session cookie",b);let T=new URL(l||d);throw T.searchParams.set("error","unable_to_create_session"),e.redirect(T.toString())}throw e.redirect(d)}));import{z as pe}from"zod";var Qe=y("/sign-out",{method:"POST",body:pe.optional(pe.object({callbackURL:pe.string().optional()}))},e=>u(void 0,null,function*(){var n,o;let t=yield e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);return t?(yield e.context.internalAdapter.deleteSession(t),H(e),e.json(null,{body:{redirect:!!((n=e.body)!=null&&n.callbackURL),url:(o=e.body)==null?void 0:o.callbackURL}})):e.json(null)}));import{TimeSpan as dr}from"oslo";import{createJWT as cr,parseJWT as ur}from"oslo/jwt";import{validateJWT as Xe}from"oslo/jwt";import{z as L}from"zod";var Ye=y("/forget-password",{method:"POST",body:L.object({email:L.string().email(),redirectTo:L.string()})},e=>u(void 0,null,function*(){var s;if(!((s=e.context.options.emailAndPassword)!=null&&s.sendResetPassword))return e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function to your auth config!"),e.json(null,{status:400,statusText:"RESET_PASSWORD_EMAIL_NOT_SENT",body:{message:"Reset password isn't enabled"}});let{email:t}=e.body,n=yield e.context.internalAdapter.findUserByEmail(t);if(!n)return e.json({status:!1},{body:{status:!0}});let o=yield cr("HS256",Buffer.from(e.context.secret),{email:n.user.email,redirectTo:e.body.redirectTo},{expiresIn:new dr(1,"h"),issuer:"better-auth",subject:"forget-password",audiences:[n.user.email],includeIssuedTimestamp:!0}),r=`${e.context.baseURL}/reset-password/${o}`;return yield e.context.options.emailAndPassword.sendResetPassword(r,n.user),e.json({status:!0})})),et=y("/reset-password/:token",{method:"GET"},e=>u(void 0,null,function*(){var s;let{token:t}=e.params,n,o=L.object({email:L.string(),redirectTo:L.string()});try{if(n=yield Xe("HS256",Buffer.from(e.context.secret),t),!n.expiresAt||n.expiresAt<new Date)throw Error("Token expired")}catch(i){let a=ur(t),d=o.safeParse(a==null?void 0:a.payload);throw d.success?e.redirect(`${(s=d.data)==null?void 0:s.redirectTo}?error=invalid_token`):e.redirect(`${e.context.baseURL}/error?error=invalid_token`)}let{redirectTo:r}=o.parse(n.payload);throw e.redirect(`${r}?token=${t}`)})),tt=y("/reset-password",{method:"POST",query:L.object({currentURL:L.string()}).optional(),body:L.object({newPassword:L.string(),callbackURL:L.string().optional()})},e=>u(void 0,null,function*(){var o,r,s;let t=(o=e.query)==null?void 0:o.currentURL.split("?token=")[1];if(!t)return e.json({error:"Invalid token",data:null},{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}});let{newPassword:n}=e.body;try{let i=yield Xe("HS256",Buffer.from(e.context.secret),t),a=L.string().email().parse(i.payload.email),d=yield e.context.internalAdapter.findUserByEmail(a);if(!d)return e.json({error:"User not found",data:null},{status:400,body:{message:"failed to reset password"}});if(n.length<(((r=e.context.options.emailAndPassword)==null?void 0:r.minPasswordLength)||8)||n.length>(((s=e.context.options.emailAndPassword)==null?void 0:s.maxPasswordLength)||32))return e.json({data:null,error:"password is too short or too long"},{status:400,statusText:"INVALID_PASSWORD_LENGTH",body:{message:"password is too short or too long"}});let l=yield e.context.password.hash(n);return(yield e.context.internalAdapter.updatePassword(d.user.id,l))?e.json({error:null,data:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}},{body:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}}):e.json(null,{status:400,statusText:"USER_NOT_FOUND",body:{message:"User doesn't have a credential account"}})}catch(i){return console.log(i),e.json({error:"Invalid token",data:null},{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}})}}));import{TimeSpan as lr}from"oslo";import{createJWT as pr,validateJWT as mr}from"oslo/jwt";import{z as E}from"zod";function me(e,t){return u(this,null,function*(){return yield pr("HS256",Buffer.from(e),{email:t.toLowerCase()},{expiresIn:new lr(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})})}var rt=y("/send-verification-email",{method:"POST",query:E.object({currentURL:E.string().optional()}).optional(),body:E.object({email:E.string().email(),callbackURL:E.string().optional()})},e=>u(void 0,null,function*(){var r,s;if(!((r=e.context.options.emailAndPassword)!=null&&r.sendVerificationEmail))return e.context.logger.error("Verification email isn't enabled. Pass `sendVerificationEmail` in `emailAndPassword` options to enable it."),e.json(null,{status:400,statusText:"VERIFICATION_EMAIL_NOT_SENT",body:{message:"Verification email isn't enabled"}});let{email:t}=e.body,n=yield me(e.context.secret,t),o=`${e.context.baseURL}/verify-email?token=${n}&callbackURL=${e.body.callbackURL||((s=e.query)==null?void 0:s.currentURL)||"/"}`;return yield e.context.options.emailAndPassword.sendVerificationEmail(t,o,n),e.json({status:!0})})),ot=y("/verify-email",{method:"GET",query:E.object({token:E.string(),callbackURL:E.string().optional()})},e=>u(void 0,null,function*(){let{token:t}=e.query,n;try{n=yield mr("HS256",Buffer.from(e.context.secret),t)}catch(a){return e.context.logger.error("Failed to verify email",a),e.json(null,{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}})}let r=E.object({email:E.string().email()}).parse(n.payload),s=yield e.context.internalAdapter.findUserByEmail(r.email);if(!s)return e.json(null,{status:400,statusText:"USER_NOT_FOUND",body:{message:"User not found"}});if(!s.accounts.find(a=>a.providerId==="credential"))throw e.redirect;if(yield e.context.internalAdapter.updateUserByEmail(r.email,{emailVerified:!0}),e.query.callbackURL)throw console.log("Redirecting to",e.query.callbackURL),e.redirect("/");return e.json({status:!0})}));import{z as B}from"zod";import{alphabet as fr,generateRandomString as gr}from"oslo/crypto";import"better-call";var nt=y("/user/update",{method:"POST",body:B.object({name:B.string().optional(),image:B.string().optional()}),use:[$]},e=>u(void 0,null,function*(){let{name:t,image:n}=e.body,o=e.context.session;if(!n&&!t)return e.json(o.user);let r=yield e.context.internalAdapter.updateUserByEmail(o.user.email,{name:t,image:n});return e.json(r)})),st=y("/user/change-password",{method:"POST",body:B.object({newPassword:B.string(),currentPassword:B.string(),revokeOtherSessions:B.boolean().optional()}),use:[$]},e=>u(void 0,null,function*(){let{newPassword:t,currentPassword:n,revokeOtherSessions:o}=e.body,r=e.context.session,s=e.context.password.config.minPasswordLength;if(t.length<s)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let i=e.context.password.config.maxPasswordLength;if(t.length>i)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let d=(yield e.context.internalAdapter.findAccounts(r.user.id)).find(p=>p.providerId==="credential"&&p.password);if(!d||!d.password)return e.json(null,{status:400,body:{message:"User does not have a password"}});let l=yield e.context.password.hash(t);if(!(yield e.context.password.verify(d.password,n)))return e.json(null,{status:400,body:{message:"Invalid password"}});if(yield e.context.internalAdapter.updateAccount(d.id,{password:l}),o){yield e.context.internalAdapter.deleteSessions(r.user.id);let p=yield e.context.internalAdapter.createSession(r.user.id,e.headers);if(!p)return e.json(null,{status:500,body:{message:"Failed to create session"}});yield _(e,p.id)}return e.json(r.user)})),it=y("/user/set-password",{method:"POST",body:B.object({newPassword:B.string()}),use:[$]},e=>u(void 0,null,function*(){let{newPassword:t}=e.body,n=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let r=e.context.password.config.maxPasswordLength;if(t.length>r)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let i=(yield e.context.internalAdapter.findAccounts(n.user.id)).find(d=>d.providerId==="credential"&&d.password),a=yield e.context.password.hash(t);return i?e.json(null,{status:400,body:{message:"User already has a password"}}):(yield e.context.internalAdapter.linkAccount({id:gr(32,fr("a-z","0-9","A-Z")),userId:n.user.id,providerId:"credential",accountId:n.user.id,password:a}),e.json(n.user))}));import{alphabet as hr,generateRandomString as yr}from"oslo/crypto";var at=y("/csrf",{method:"GET",metadata:D},e=>u(void 0,null,function*(){let t=yield e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t)return{csrfToken:t};let n=yr(32,hr("a-z","0-9","A-Z")),o=yield J(e.context.secret,n),r=`${n}!${o}`;return yield e.setSignedCookie(e.context.authCookies.csrfToken.name,r,e.context.secret,e.context.authCookies.csrfToken.options),{csrfToken:n}}));var br=(e="Unknown")=>`<!DOCTYPE html>
+var Ct=Object.defineProperty,_t=Object.defineProperties;var Bt=Object.getOwnPropertyDescriptors;var W=Object.getOwnPropertySymbols;var Te=Object.prototype.hasOwnProperty,xe=Object.prototype.propertyIsEnumerable;var Re=(e,t,n)=>t in e?Ct(e,t,{enumerable:!0,configurable:!0,writable:!0,value:n}):e[t]=n,g=(e,t)=>{for(var n in t||(t={}))Te.call(t,n)&&Re(e,n,t[n]);if(W)for(var n of W(t))xe.call(t,n)&&Re(e,n,t[n]);return e},T=(e,t)=>_t(e,Bt(t));var qt=(e=>typeof require!="undefined"?require:typeof Proxy!="undefined"?new Proxy(e,{get:(t,n)=>(typeof require!="undefined"?require:t)[n]}):e)(function(e){if(typeof require!="undefined")return require.apply(this,arguments);throw Error('Dynamic require of "'+e+'" is not supported')});var J=(e,t)=>{var n={};for(var o in e)Te.call(e,o)&&t.indexOf(o)<0&&(n[o]=e[o]);if(e!=null&&W)for(var o of W(e))t.indexOf(o)<0&&xe.call(e,o)&&(n[o]=e[o]);return n};var c=(e,t,n)=>new Promise((o,r)=>{var s=d=>{try{a(n.next(d))}catch(p){r(p)}},i=d=>{try{a(n.throw(d))}catch(p){r(p)}},a=d=>d.done?o(d.value):Promise.resolve(d.value).then(s,i);a((n=n.apply(e,t)).next())});import{APIError as Ir,createRouter as Sr}from"better-call";import{APIError as ve}from"better-call";import{z as Ie}from"zod";import{xchacha20poly1305 as Zr}from"@noble/ciphers/chacha";import{bytesToHex as Xr,hexToBytes as Yr,utf8ToBytes as eo}from"@noble/ciphers/utils";import{managedNonce as ro}from"@noble/ciphers/webcrypto";import{sha256 as no}from"@noble/hashes/sha256";function Z(e,t){return c(this,null,function*(){let n=new TextEncoder,o={name:"HMAC",hash:"SHA-256"},r=yield crypto.subtle.importKey("raw",n.encode(e),o,!1,["sign","verify"]),s=yield crypto.subtle.sign(o.name,r,n.encode(t));return btoa(String.fromCharCode(...new Uint8Array(s)))})}import{createEndpointCreator as jt,createMiddleware as Ue,createMiddlewareCreator as Dt}from"better-call";var Pe=Ue(()=>c(void 0,null,function*(){return{}})),Q=Dt({use:[Pe,Ue(()=>c(void 0,null,function*(){return{}}))]}),A=jt({use:[Pe]});var Se=Q({body:Ie.object({csrfToken:Ie.string().optional()}).optional()},e=>c(void 0,null,function*(){var a,d,p,l;if(((a=e.request)==null?void 0:a.method)!=="POST"||(d=e.context.options.advanced)!=null&&d.disableCSRFCheck)return;let t=new URL(e.request.url);if(t.origin===new URL(e.context.baseURL).origin||(p=e.context.options.trustedOrigins)!=null&&p.includes(t.origin))return;let n=(l=e.body)==null?void 0:l.csrfToken,o=yield e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret),[r,s]=(o==null?void 0:o.split("!"))||[null,null];if(!n||!o||!r||!s||o!==n)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new ve("UNAUTHORIZED",{message:"Invalid CSRF Token"});let i=yield Z(e.context.secret,r);if(s!==i)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new ve("UNAUTHORIZED",{message:"Invalid CSRF Token"})}));import{APIError as _}from"better-call";import{generateCodeVerifier as ar}from"oslo/oauth2";import{z as O}from"zod";import"arctic";import{parseJWT as Vt}from"oslo/jwt";import"@better-fetch/fetch";var S=class extends Error{constructor(t,n,o){super(t),this.name="BetterAuthError",this.message=t,this.cause=n}};import{OAuth2Tokens as $t}from"arctic";function Nt(e){try{return new URL(e).pathname!=="/"}catch(t){throw new S(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function se(e,t="/api/auth"){return Nt(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function X(e,t){if(e)return se(e,t);let n=(process==null?void 0:process.env)||{},o=n.BETTER_AUTH_URL||n.NEXT_PUBLIC_BETTER_AUTH_URL||n.PUBLIC_BETTER_AUTH_URL||n.NUXT_PUBLIC_BETTER_AUTH_URL||n.NUXT_PUBLIC_AUTH_URL||(n.BASE_URL!=="/"?n.BASE_URL:void 0);if(o)return se(o,t);if(typeof window!="undefined")return se(window.location.origin,t)}import{betterFetch as Ft}from"@better-fetch/fetch";function x(e,t){return t||`${X()}/callback/${e}`}function U(s){return c(this,arguments,function*({code:e,codeVerifier:t,redirectURI:n,options:o,tokenEndpoint:r}){let i=new URLSearchParams;i.set("grant_type","authorization_code"),i.set("code",e),t&&i.set("code_verifier",t),i.set("redirect_uri",n),i.set("client_id",o.clientId),i.set("client_secret",o.clientSecret);let{data:a,error:d}=yield Ft(r,{method:"POST",body:i,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(d)throw d;return new $t(a)})}var Oe=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:o,scopes:r,redirectURI:s}){let i=r||["email","name","openid"];return new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${s||e.redirectURI}&scope=${i.join(" ")}&state=${o}`)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return U({code:o,codeVerifier:r,redirectURI:s||x("apple",e.redirectURI),options:e,tokenEndpoint:t})}),getUserInfo(o){return c(this,null,function*(){var s;let r=(s=Vt(o.idToken()))==null?void 0:s.payload;return r?{user:{id:r.sub,name:r.name,email:r.email,emailVerified:r.email_verified==="true"},data:r}:null})}}};import{betterFetch as zt}from"@better-fetch/fetch";import{Discord as Mt}from"arctic";var Le=e=>{let t=new Mt(e.clientId,e.clientSecret,x("discord",e.redirectURI));return{id:"discord",name:"Discord",createAuthorizationURL({state:o,scopes:r}){let s=r||["email"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return U({code:o,codeVerifier:r,redirectURI:s||x("discord",e.redirectURI),options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"})}),getUserInfo(o){return c(this,null,function*(){let{data:r,error:s}=yield zt("https://discord.com/api/users/@me",{auth:{type:"Bearer",token:o.accessToken()}});return s?null:{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified},data:r}})}}};import{betterFetch as Ht}from"@better-fetch/fetch";import{Facebook as Gt}from"arctic";var Ee=e=>{let t=new Gt(e.clientId,e.clientSecret,x("facebook",e.redirectURI));return{id:"facebook",name:"Facebook",createAuthorizationURL({state:o,scopes:r}){let s=r||["email","public_profile"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return U({code:o,codeVerifier:r,redirectURI:s||x("facebook",e.redirectURI),options:e,tokenEndpoint:"https://graph.facebook.com/v16.0/oauth/access_token"})}),getUserInfo(o){return c(this,null,function*(){let{data:r,error:s}=yield Ht("https://graph.facebook.com/me",{auth:{type:"Bearer",token:o.accessToken()}});return s?null:{user:{id:r.id,name:r.name,email:r.email,emailVerified:r.email_verified},data:r}})}}};import{betterFetch as Ce}from"@better-fetch/fetch";import{GitHub as Kt}from"arctic";var _e=({clientId:e,clientSecret:t,redirectURI:n})=>{let o=new Kt(e,t,x("github",n));return{id:"github",name:"Github",createAuthorizationURL({state:s,scopes:i}){let a=i||["user:email"];return o.createAuthorizationURL(s,a)},validateAuthorizationCode:s=>c(void 0,null,function*(){return yield o.validateAuthorizationCode(s)}),getUserInfo(s){return c(this,null,function*(){var p,l,u,m;let{data:i,error:a}=yield Ce("https://api.github.com/user",{auth:{type:"Bearer",token:s.accessToken()}});if(a)return null;let d=!1;if(!i.email){let{data:f,error:h}=yield Ce("https://api.github.com/user/emails",{auth:{type:"Bearer",token:s.accessToken()}});h||(i.email=(l=(p=f.find(y=>y.primary))!=null?p:f[0])==null?void 0:l.email,d=(m=(u=f.find(y=>y.email===i.email))==null?void 0:u.verified)!=null?m:!1)}return{user:{id:i.id,name:i.name,email:i.email,image:i.avatar_url,emailVerified:d,createdAt:new Date,updatedAt:new Date},data:i}})}}};import{Google as Jt}from"arctic";import{parseJWT as Zt}from"oslo/jwt";import{createConsola as Wt}from"consola";var N=Wt({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),ie=e=>({log:(...t)=>{!(e!=null&&e.disabled)&&N.log("",...t)},error:(...t)=>{!(e!=null&&e.disabled)&&N.error("",...t)},warn:(...t)=>{!(e!=null&&e.disabled)&&N.warn("",...t)},info:(...t)=>{!(e!=null&&e.disabled)&&N.info("",...t)},debug:(...t)=>{!(e!=null&&e.disabled)&&N.debug("",...t)},box:(...t)=>{!(e!=null&&e.disabled)&&N.box("",...t)},success:(...t)=>{!(e!=null&&e.disabled)&&N.success("",...t)},break:(...t)=>{!(e!=null&&e.disabled)&&console.log(`
+`)}}),P=ie();var Be=e=>{let t=new Jt(e.clientId,e.clientSecret,x("google",e.redirectURI));return{id:"google",name:"Google",createAuthorizationURL({state:o,scopes:r,codeVerifier:s,redirectURI:i}){if(!e.clientId||!e.clientSecret)throw P.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new S("CLIENT_ID_AND_SECRET_REQUIRED");if(!s)throw new S("codeVerifier is required for Google");let a=r||["email","profile"];return t.createAuthorizationURL(o,s,a)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return U({code:o,codeVerifier:r,redirectURI:s||x("google",e.redirectURI),options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"})}),getUserInfo(o){return c(this,null,function*(){var s;if(!o.idToken)return null;let r=(s=Zt(o.idToken()))==null?void 0:s.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}})}}};import{betterFetch as Qt}from"@better-fetch/fetch";import{Spotify as Xt}from"arctic";var qe=e=>{let t=new Xt(e.clientId,e.clientSecret,x("spotify",e.redirectURI));return{id:"spotify",name:"Spotify",createAuthorizationURL({state:o,scopes:r}){let s=r||["user-read-email"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return U({code:o,codeVerifier:r,redirectURI:s||x("spotify",e.redirectURI),options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"})}),getUserInfo(o){return c(this,null,function*(){var i;let{data:r,error:s}=yield Qt("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s?null:{user:{id:r.id,name:r.display_name,email:r.email,image:(i=r.images[0])==null?void 0:i.url,emailVerified:!1},data:r}})}}};import{betterFetch as Yt}from"@better-fetch/fetch";import{Twitch as er}from"arctic";var je=e=>{let t=new er(e.clientId,e.clientSecret,x("twitch",e.redirectURI));return{id:"twitch",name:"Twitch",createAuthorizationURL({state:o,scopes:r}){let s=r||["activity:write","read"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return U({code:o,codeVerifier:r,redirectURI:s||x("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"})}),getUserInfo(o){return c(this,null,function*(){let{data:r,error:s}=yield Yt("https://api.twitch.tv/helix/users",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s?null:{user:{id:r.sub,name:r.preferred_username,email:r.email,image:r.picture,emailVerified:!1},data:r}})}}};import{betterFetch as tr}from"@better-fetch/fetch";import{Twitter as rr}from"arctic";var De=e=>{let t=new rr(e.clientId,e.clientSecret,x("twitter",e.redirectURI));return{id:"twitter",name:"Twitter",createAuthorizationURL(o){let r=o.scopes||["account_info.read"];return t.createAuthorizationURL(o.state,o.codeVerifier,r)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return U({code:o,codeVerifier:r,redirectURI:s||x("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"})}),getUserInfo(o){return c(this,null,function*(){let{data:r,error:s}=yield tr("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}})}}};import"arctic";var ae={apple:Oe,discord:Le,facebook:Ee,github:_e,google:Be,spotify:qe,twitch:je,twitter:De},Ne=Object.keys(ae);import{generateState as or}from"oslo/oauth2";import{z as M}from"zod";function $e(e,t,n){let o=or();return{state:JSON.stringify({code:o,callbackURL:e,currentURL:t,dontRememberMe:n}),code:o}}function de(e){return M.object({code:M.string(),callbackURL:M.string().optional(),currentURL:M.string().optional(),dontRememberMe:M.boolean().optional()}).safeParse(JSON.parse(e))}import{APIError as sr}from"better-call";var H=(e,t=!1)=>{let n=new Date;return new Date(n.getTime()+(t?e*1e3:e))};import{TimeSpan as nr}from"oslo";function Fe(e){var s;let n=!!((s=e.advanced)!=null&&s.useSecureCookies)||process.env.NODE_ENV!=="development"&&process.env.NODE_ENV!=="test"?"__Secure-":"",o="better-auth",r=new nr(7,"d").seconds();return{sessionToken:{name:`${n}${o}.session_token`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:r}},csrfToken:{name:`${n?"__Host-":""}${o}.csrf_token`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*60*24*7}},state:{name:`${n}${o}.state`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*15}},pkCodeVerifier:{name:`${n}${o}.pk_code_verifier`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*15}},dontRememberToken:{name:`${n}${o}.dont_remember`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n}},nonce:{name:`${n}${o}.nonce`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*15}}}}function Ve(e){var s;let n=!!((s=e.advanced)!=null&&s.useSecureCookies)||process.env.NODE_ENV==="production"?"__Secure-":"",o="better-auth";function r(i,a){return{name:process.env.NODE_ENV==="production"?`${n}${o}.${i}`:`${o}.${i}`,options:g({secure:!!n,sameSite:"lax",path:"/",maxAge:60*15},a)}}return r}function E(e,t,n,o){return c(this,null,function*(){let r=e.context.authCookies.sessionToken.options;r.maxAge=n?void 0:r.maxAge,yield e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,r),n&&(yield e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options))})}function G(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}import{z as ze}from"zod";function Y(e){let t="127.0.0.1";if(process.env.NODE_ENV==="test")return t;let n=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"];for(let o of n){let r=e.headers.get(o);if(typeof r=="string"){let s=r.split(",")[0].trim();if(s)return s}}return null}var ce=new Map;function ir(e,t){if(!e.request)return"";let{method:n,url:o,headers:r}=e.request,s=e.request.headers.get("User-Agent")||"",i=Y(e.request)||"",a=JSON.stringify(r);return`${n}:${o}:${a}:${s}:${i}:${t}`}var le=()=>A("/session",{method:"GET",requireHeaders:!0},e=>c(void 0,null,function*(){try{let t=yield e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let n=ir(e,t),o=ce.get(n);if(o){if(o.expiresAt>Date.now())return e.json(o.data);ce.delete(n)}let r=yield e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return G(e),r&&(yield e.context.internalAdapter.deleteSession(r.session.id)),e.json(null,{status:401});if(yield e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let i=e.context.sessionConfig.expiresIn,a=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-i*1e3+a*1e3<=Date.now()){let l=yield e.context.internalAdapter.updateSession(r.session.id,{expiresAt:H(e.context.sessionConfig.expiresIn,!0)});if(!l)return G(e),e.json(null,{status:401});let u=(l.expiresAt.valueOf()-Date.now())/1e3;return yield E(e,l.id,!1,{maxAge:u}),e.json({session:l,user:r.user})}return ce.set(n,{data:r,expiresAt:Date.now()+5e3}),e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}})),ue=e=>c(void 0,null,function*(){return yield le()(T(g({},e),{_flag:void 0}))}),$=Q(e=>c(void 0,null,function*(){let t=yield ue(e);if(!(t!=null&&t.session))throw new sr("UNAUTHORIZED");return{session:t}})),Me=()=>A("/user/list-sessions",{method:"GET",use:[$],requireHeaders:!0},e=>c(void 0,null,function*(){let n=(yield e.context.adapter.findMany({model:e.context.tables.session.tableName,where:[{field:"userId",value:e.context.session.user.id}]})).filter(o=>o.expiresAt>new Date);return e.json(n)})),He=A("/user/revoke-session",{method:"POST",body:ze.object({id:ze.string()}),use:[$],requireHeaders:!0},e=>c(void 0,null,function*(){let t=e.body.id,n=yield e.context.internalAdapter.findSession(t);if(!n)return e.json(null,{status:400});if(n.session.userId!==e.context.session.user.id)return e.json(null,{status:403});try{yield e.context.internalAdapter.deleteSession(t)}catch(o){return e.context.logger.error(o),e.json(null,{status:500})}return e.json({status:!0})})),Ge=A("/user/revoke-sessions",{method:"POST",use:[$],requireHeaders:!0},e=>c(void 0,null,function*(){try{yield e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}return e.json({status:!0})}));var Ke=A("/sign-in/social",{method:"POST",requireHeaders:!0,query:O.object({currentURL:O.string().optional()}).optional(),body:O.object({callbackURL:O.string().optional(),provider:O.enum(Ne),dontRememberMe:O.boolean().default(!1).optional()})},e=>c(void 0,null,function*(){var i,a,d,p;let t=e.context.socialProviders.find(l=>l.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider to your auth config",{provider:e.body.provider}),new _("NOT_FOUND",{message:"Provider not found"});let n=e.context.authCookies,o=(i=e.query)!=null&&i.currentURL?new URL((a=e.query)==null?void 0:a.currentURL):null,r=(d=e.body.callbackURL)!=null&&d.startsWith("http")?e.body.callbackURL:`${o==null?void 0:o.origin}${e.body.callbackURL||""}`,s=$e(r||(o==null?void 0:o.origin)||e.context.baseURL,(p=e.query)==null?void 0:p.currentURL);try{yield e.setSignedCookie(n.state.name,s.code,e.context.secret,n.state.options);let l=ar();yield e.setSignedCookie(n.pkCodeVerifier.name,l,e.context.secret,n.pkCodeVerifier.options);let u=t.createAuthorizationURL({state:s.state,codeVerifier:l});return u.searchParams.set("redirect_uri",`${e.context.baseURL}/callback/${e.body.provider}`),{url:u.toString(),state:s.state,codeVerifier:l,redirect:!0}}catch(l){throw new _("INTERNAL_SERVER_ERROR")}})),We=A("/sign-in/email",{method:"POST",body:O.object({email:O.string().email(),password:O.string(),callbackURL:O.string().optional(),dontRememberMe:O.boolean().default(!1).optional()})},e=>c(void 0,null,function*(){var l,u;if(!((u=(l=e.context.options)==null?void 0:l.emailAndPassword)!=null&&u.enabled))throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new _("BAD_REQUEST",{message:"Email and password is not enabled"});let t=yield ue(e);t&&(yield e.context.internalAdapter.deleteSession(t.session.id));let{email:n,password:o}=e.body;if(!O.string().email().safeParse(n).success)throw new _("BAD_REQUEST",{message:"Invalid email"});let s=yield e.context.internalAdapter.findUserByEmail(n);if(!s)throw yield e.context.password.hash(o),e.context.logger.error("User not found",{email:n}),new _("UNAUTHORIZED",{message:"Invalid email or password"});let i=s.accounts.find(m=>m.providerId==="credential");if(!i)throw e.context.logger.error("Credential account not found",{email:n}),new _("UNAUTHORIZED",{message:"Invalid email or password"});let a=i==null?void 0:i.password;if(!a)throw e.context.logger.error("Password not found",{email:n}),new _("UNAUTHORIZED",{message:"Unexpected error"});if(!(yield e.context.password.verify(a,o)))throw e.context.logger.error("Invalid password"),new _("UNAUTHORIZED",{message:"Invalid email or password"});let p=yield e.context.internalAdapter.createSession(s.user.id,e.headers,e.body.dontRememberMe);if(!p)throw e.context.logger.error("Failed to create session"),new _("INTERNAL_SERVER_ERROR");return yield E(e,p.id,e.body.dontRememberMe),e.json({user:s.user,session:p,redirect:!!e.body.callbackURL,url:e.body.callbackURL})}));import{APIError as lr}from"better-call";import{z as ee}from"zod";import{z as R}from"zod";var hs=R.object({id:R.string(),providerId:R.string(),accountId:R.string(),userId:R.string(),accessToken:R.string().nullable().optional(),refreshToken:R.string().nullable().optional(),idToken:R.string().nullable().optional(),expiresAt:R.date().nullable().optional(),password:R.string().optional().nullable()}),Je=R.object({id:R.string(),email:R.string().transform(e=>e.toLowerCase()),emailVerified:R.boolean().default(!1),name:R.string(),image:R.string().optional(),createdAt:R.date().default(new Date),updatedAt:R.date().default(new Date)}),ys=R.object({id:R.string(),userId:R.string(),expiresAt:R.date(),ipAddress:R.string().optional(),userAgent:R.string().optional()});import{alphabet as dr,generateRandomString as cr}from"oslo/crypto";var Ze=()=>cr(36,dr("a-z","0-9"));var j={isAction:!1};function pe(e){let t=e.accessToken(),n=e.hasRefreshToken()?e.refreshToken():void 0,o;try{o=e.accessTokenExpiresAt()}catch(r){}return{accessToken:t,refreshToken:n,expiresAt:o}}var Qe=A("/callback/:id",{method:"GET",query:ee.object({state:ee.string(),code:ee.string().optional(),error:ee.string().optional()}),metadata:j},e=>c(void 0,null,function*(){var h,y,b;if(e.query.error||!e.query.code){let k=((h=de(e.query.state).data)==null?void 0:h.callbackURL)||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${k}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(w=>w.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let n=yield e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),o;try{o=yield t.validateAuthorizationCode(e.query.code,n,`${e.context.baseURL}/callback/${t.id}`)}catch(w){throw e.context.logger.error(w),e.redirect(`${e.context.baseURL}/error?error=oauth_code_verification_failed`)}let r=yield t.getUserInfo(o).then(w=>w==null?void 0:w.user),s=Ze(),i=Je.safeParse(T(g({},r),{id:s})),a=de(e.query.state);if(!a.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=invalid_state_parameter`);let{callbackURL:d,currentURL:p,dontRememberMe:l}=a.data;if(!r||i.success===!1)throw e.redirect(`${e.context.baseURL}/error?error=oauth_validation_failed`);if(!d)throw e.redirect(`${e.context.baseURL}/error?error=oauth_callback_url_not_found`);let u=yield e.context.internalAdapter.findUserByEmail(r.email),m=u==null?void 0:u.user.id;if(u){let w=u.accounts.find(I=>I.providerId===t.id),k=(b=(y=e.context.options.account)==null?void 0:y.accountLinking)==null?void 0:b.trustedProviders,v=k?k.includes(t.id):!0;if(!w&&(!r.emailVerified||!v)){let I;try{I=new URL(p||d),I.searchParams.set("error","account_not_linked")}catch(ne){throw e.redirect(`${e.context.baseURL}/error?error=account_not_linked`)}throw e.redirect(I.toString())}if(!w)try{yield e.context.internalAdapter.linkAccount(g({providerId:t.id,accountId:r.id,id:`${t.id}:${r.id}`,userId:u.user.id},pe(o)))}catch(I){throw console.log(I),e.redirect(`${e.context.baseURL}/error?error=failed_linking_account`)}}else try{yield e.context.internalAdapter.createOAuthUser(i.data,T(g({},pe(o)),{id:`${t.id}:${r.id}`,providerId:t.id,accountId:r.id,userId:s}))}catch(w){let k=new URL(p||d);throw k.searchParams.set("error","unable_to_create_user"),e.setHeader("Location",k.toString()),e.redirect(k.toString())}if(!m&&!s)throw new lr("INTERNAL_SERVER_ERROR",{message:"Unable to create user"});let f=yield e.context.internalAdapter.createSession(m||s,e.request,l);if(!f){let w=new URL(p||d);throw w.searchParams.set("error","unable_to_create_session"),e.redirect(w.toString())}try{yield E(e,f.id,l)}catch(w){e.context.logger.error("Unable to set session cookie",w);let k=new URL(p||d);throw k.searchParams.set("error","unable_to_create_session"),e.redirect(k.toString())}throw e.redirect(d)}));import{z as me}from"zod";var Xe=A("/sign-out",{method:"POST",body:me.optional(me.object({callbackURL:me.string().optional()}))},e=>c(void 0,null,function*(){var n,o;let t=yield e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);return t?(yield e.context.internalAdapter.deleteSession(t),G(e),e.json(null,{body:{redirect:!!((n=e.body)!=null&&n.callbackURL),url:(o=e.body)==null?void 0:o.callbackURL}})):e.json(null)}));import{TimeSpan as ur}from"oslo";import{createJWT as pr,parseJWT as mr}from"oslo/jwt";import{validateJWT as Ye}from"oslo/jwt";import{z as L}from"zod";var et=A("/forget-password",{method:"POST",body:L.object({email:L.string().email(),redirectTo:L.string()})},e=>c(void 0,null,function*(){var s;if(!((s=e.context.options.emailAndPassword)!=null&&s.sendResetPassword))return e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function to your auth config!"),e.json(null,{status:400,statusText:"RESET_PASSWORD_EMAIL_NOT_SENT",body:{message:"Reset password isn't enabled"}});let{email:t}=e.body,n=yield e.context.internalAdapter.findUserByEmail(t);if(!n)return e.json({status:!1},{body:{status:!0}});let o=yield pr("HS256",Buffer.from(e.context.secret),{email:n.user.email,redirectTo:e.body.redirectTo},{expiresIn:new ur(1,"h"),issuer:"better-auth",subject:"forget-password",audiences:[n.user.email],includeIssuedTimestamp:!0}),r=`${e.context.baseURL}/reset-password/${o}`;return yield e.context.options.emailAndPassword.sendResetPassword(r,n.user),e.json({status:!0})})),tt=A("/reset-password/:token",{method:"GET"},e=>c(void 0,null,function*(){var s;let{token:t}=e.params,n,o=L.object({email:L.string(),redirectTo:L.string()});try{if(n=yield Ye("HS256",Buffer.from(e.context.secret),t),!n.expiresAt||n.expiresAt<new Date)throw Error("Token expired")}catch(i){let a=mr(t),d=o.safeParse(a==null?void 0:a.payload);throw d.success?e.redirect(`${(s=d.data)==null?void 0:s.redirectTo}?error=invalid_token`):e.redirect(`${e.context.baseURL}/error?error=invalid_token`)}let{redirectTo:r}=o.parse(n.payload);throw e.redirect(`${r}?token=${t}`)})),rt=A("/reset-password",{method:"POST",query:L.object({currentURL:L.string()}).optional(),body:L.object({newPassword:L.string(),callbackURL:L.string().optional()})},e=>c(void 0,null,function*(){var o,r,s;let t=(o=e.query)==null?void 0:o.currentURL.split("?token=")[1];if(!t)return e.json({error:"Invalid token",data:null},{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}});let{newPassword:n}=e.body;try{let i=yield Ye("HS256",Buffer.from(e.context.secret),t),a=L.string().email().parse(i.payload.email),d=yield e.context.internalAdapter.findUserByEmail(a);if(!d)return e.json({error:"User not found",data:null},{status:400,body:{message:"failed to reset password"}});if(n.length<(((r=e.context.options.emailAndPassword)==null?void 0:r.minPasswordLength)||8)||n.length>(((s=e.context.options.emailAndPassword)==null?void 0:s.maxPasswordLength)||32))return e.json({data:null,error:"password is too short or too long"},{status:400,statusText:"INVALID_PASSWORD_LENGTH",body:{message:"password is too short or too long"}});let p=yield e.context.password.hash(n);return(yield e.context.internalAdapter.updatePassword(d.user.id,p))?e.json({error:null,data:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}},{body:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}}):e.json(null,{status:400,statusText:"USER_NOT_FOUND",body:{message:"User doesn't have a credential account"}})}catch(i){return console.log(i),e.json({error:"Invalid token",data:null},{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}})}}));import{TimeSpan as fr}from"oslo";import{createJWT as gr,validateJWT as hr}from"oslo/jwt";import{z as C}from"zod";function fe(e,t){return c(this,null,function*(){return yield gr("HS256",Buffer.from(e),{email:t.toLowerCase()},{expiresIn:new fr(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})})}var ot=A("/send-verification-email",{method:"POST",query:C.object({currentURL:C.string().optional()}).optional(),body:C.object({email:C.string().email(),callbackURL:C.string().optional()})},e=>c(void 0,null,function*(){var r,s;if(!((r=e.context.options.emailAndPassword)!=null&&r.sendVerificationEmail))return e.context.logger.error("Verification email isn't enabled. Pass `sendVerificationEmail` in `emailAndPassword` options to enable it."),e.json(null,{status:400,statusText:"VERIFICATION_EMAIL_NOT_SENT",body:{message:"Verification email isn't enabled"}});let{email:t}=e.body,n=yield fe(e.context.secret,t),o=`${e.context.baseURL}/verify-email?token=${n}&callbackURL=${e.body.callbackURL||((s=e.query)==null?void 0:s.currentURL)||"/"}`;return yield e.context.options.emailAndPassword.sendVerificationEmail(t,o,n),e.json({status:!0})})),nt=A("/verify-email",{method:"GET",query:C.object({token:C.string(),callbackURL:C.string().optional()})},e=>c(void 0,null,function*(){let{token:t}=e.query,n;try{n=yield hr("HS256",Buffer.from(e.context.secret),t)}catch(a){return e.context.logger.error("Failed to verify email",a),e.json(null,{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}})}let r=C.object({email:C.string().email()}).parse(n.payload),s=yield e.context.internalAdapter.findUserByEmail(r.email);if(!s)return e.json(null,{status:400,statusText:"USER_NOT_FOUND",body:{message:"User not found"}});if(!s.accounts.find(a=>a.providerId==="credential"))throw e.redirect;if(yield e.context.internalAdapter.updateUserByEmail(r.email,{emailVerified:!0}),e.query.callbackURL)throw console.log("Redirecting to",e.query.callbackURL),e.redirect("/");return e.json({status:!0})}));import{z as B}from"zod";import{alphabet as yr,generateRandomString as br}from"oslo/crypto";import"better-call";var st=A("/user/update",{method:"POST",body:B.object({name:B.string().optional(),image:B.string().optional()}),use:[$]},e=>c(void 0,null,function*(){let{name:t,image:n}=e.body,o=e.context.session;if(!n&&!t)return e.json(o.user);let r=yield e.context.internalAdapter.updateUserByEmail(o.user.email,{name:t,image:n});return e.json(r)})),it=A("/user/change-password",{method:"POST",body:B.object({newPassword:B.string(),currentPassword:B.string(),revokeOtherSessions:B.boolean().optional()}),use:[$]},e=>c(void 0,null,function*(){let{newPassword:t,currentPassword:n,revokeOtherSessions:o}=e.body,r=e.context.session,s=e.context.password.config.minPasswordLength;if(t.length<s)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let i=e.context.password.config.maxPasswordLength;if(t.length>i)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let d=(yield e.context.internalAdapter.findAccounts(r.user.id)).find(u=>u.providerId==="credential"&&u.password);if(!d||!d.password)return e.json(null,{status:400,body:{message:"User does not have a password"}});let p=yield e.context.password.hash(t);if(!(yield e.context.password.verify(d.password,n)))return e.json(null,{status:400,body:{message:"Invalid password"}});if(yield e.context.internalAdapter.updateAccount(d.id,{password:p}),o){yield e.context.internalAdapter.deleteSessions(r.user.id);let u=yield e.context.internalAdapter.createSession(r.user.id,e.headers);if(!u)return e.json(null,{status:500,body:{message:"Failed to create session"}});yield E(e,u.id)}return e.json(r.user)})),at=A("/user/set-password",{method:"POST",body:B.object({newPassword:B.string()}),use:[$]},e=>c(void 0,null,function*(){let{newPassword:t}=e.body,n=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let r=e.context.password.config.maxPasswordLength;if(t.length>r)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let i=(yield e.context.internalAdapter.findAccounts(n.user.id)).find(d=>d.providerId==="credential"&&d.password),a=yield e.context.password.hash(t);return i?e.json(null,{status:400,body:{message:"User already has a password"}}):(yield e.context.internalAdapter.linkAccount({id:br(32,yr("a-z","0-9","A-Z")),userId:n.user.id,providerId:"credential",accountId:n.user.id,password:a}),e.json(n.user))}));import{alphabet as wr,generateRandomString as Ar}from"oslo/crypto";var dt=A("/csrf",{method:"GET",metadata:j},e=>c(void 0,null,function*(){let t=yield e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t)return{csrfToken:t};let n=Ar(32,wr("a-z","0-9","A-Z")),o=yield Z(e.context.secret,n),r=`${n}!${o}`;return yield e.setSignedCookie(e.context.authCookies.csrfToken.name,r,e.context.secret,e.context.authCookies.csrfToken.options),{csrfToken:n}}));var kr=(e="Unknown")=>`<!DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="UTF-8">
@@ -79,4 +79,6 @@ var Ot=Object.defineProperty,_t=Object.defineProperties;var Et=Object.getOwnProp
         <div class="error-code">Error Code: <span id="errorCode">${e}</span></div>
     </div>
 </body>
-</html>`,dt=y("/error",{method:"GET",metadata:D},e=>u(void 0,null,function*(){var n;let t=new URL(((n=e.request)==null?void 0:n.url)||"").searchParams.get("error")||"Unknown";return new Response(br(t),{headers:{"Content-Type":"text/html"}})}));var ct=y("/ok",{method:"GET",metadata:D},e=>u(void 0,null,function*(){return e.json({ok:!0})}));import{alphabet as ut,generateRandomString as lt}from"oslo/crypto";import{z as j}from"zod";var pt=y("/sign-up/email",{method:"POST",query:j.object({currentURL:j.string().optional()}).optional(),body:j.object({name:j.string(),email:j.string(),password:j.string(),image:j.string().optional(),callbackURL:j.string().optional()})},e=>u(void 0,null,function*(){var m,f,h,w;if(!((m=e.context.options.emailAndPassword)!=null&&m.enabled))return e.json(null,{status:400,body:{message:"Email and password is not enabled"}});let{name:t,email:n,password:o,image:r}=e.body;if(!j.string().email().safeParse(n).success)return e.json(null,{status:400,body:{message:"Invalid email address"}});let i=e.context.password.config.minPasswordLength;if(o.length<i)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let a=e.context.password.config.maxPasswordLength;if(o.length>a)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let d=yield e.context.internalAdapter.findUserByEmail(n),l=yield e.context.password.hash(o);if(d!=null&&d.user)return e.json(null,{status:400,body:{message:"User already exists"}});let c=yield e.context.internalAdapter.createUser({id:lt(32,ut("a-z","0-9","A-Z")),email:n.toLowerCase(),name:t,image:r,emailVerified:!1,createdAt:new Date,updatedAt:new Date});if(!c)return e.json(null,{status:400,body:{message:"Could not create user"}});yield e.context.internalAdapter.linkAccount({id:lt(32,ut("a-z","0-9","A-Z")),userId:c.id,providerId:"credential",accountId:c.id,password:l});let p=yield e.context.internalAdapter.createSession(c.id,e.request);if(!p)return e.json(null,{status:400,body:{message:"Could not create session"}});if(yield _(e,p.id),e.context.options.emailAndPassword.sendEmailVerificationOnSignUp){let U=yield me(e.context.secret,c.email),b=`${e.context.baseURL}/verify-email?token=${U}&callbackURL=${e.body.callbackURL||((f=e.query)==null?void 0:f.currentURL)||"/"}`;yield(w=(h=e.context.options.emailAndPassword).sendVerificationEmail)==null?void 0:w.call(h,c.email,b,U)}return e.json({user:c,session:p},{body:e.body.callbackURL?{url:e.body.callbackURL,redirect:!0}:{user:c,session:p}})}));import fe from"chalk";function wr(e,t,n){let o=Date.now(),r=t*1e3;return o-n.lastRequest<r&&n.count>=e}function Ar(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function kr(e,t){let n=Date.now(),o=t*1e3;return Math.ceil((e+o-n)/1e3)}function Rr(e,t){let n=t!=null?t:"rateLimit",o=e.adapter;return{get:r=>u(this,null,function*(){return yield o.findOne({model:n,where:[{field:"key",value:r}]})}),set:(r,s,i)=>u(this,null,function*(){try{i?yield o.update({model:t!=null?t:"rateLimit",where:[{field:"key",value:r}],update:{count:s.count,lastRequest:s.lastRequest}}):yield o.create({model:t!=null?t:"rateLimit",data:{key:r,count:s.count,lastRequest:s.lastRequest}})}catch(a){O.error("Error setting rate limit",a)}})}}var mt=new Map;function Tr(e){if(e.rateLimit.customStorage)return e.rateLimit.customStorage;if(e.rateLimit.storage==="memory"){let n;return{get(o){return u(this,null,function*(){return mt.get(o)})},set(o,r,s){return u(this,null,function*(){mt.set(o,r)})}}}return Rr(e,e.rateLimit.tableName)}function ft(e,t){return u(this,null,function*(){if(!t.rateLimit.enabled)return;let n=t.baseURL,o=e.url.replace(n,""),r=t.rateLimit.window,s=t.rateLimit.max,i=X(e)+o,d=Ur().find(m=>m.pathMatcher(o));d&&(r=d.window,s=d.max);for(let m of t.options.plugins||[])if(m.rateLimit){let f=m.rateLimit.find(h=>h.pathMatcher(o));if(f){r=f.window,s=f.max;break}}if(t.rateLimit.customRules){let m=t.rateLimit.customRules[o];m&&(r=m.window,s=m.max)}let l=Tr(t),c=yield l.get(i),p=Date.now();if(!c)yield l.set(i,{key:i,count:1,lastRequest:p});else{let m=p-c.lastRequest;if(wr(s,r,c)){let f=kr(c.lastRequest,r);return Ar(f)}else m>r*1e3?yield l.set(i,k(g({},c),{count:1,lastRequest:p})):yield l.set(i,k(g({},c),{count:c.count+1,lastRequest:p}))}})}function Ur(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:7}]}function ge(e,t){var a,d;let n=(a=e.options.plugins)==null?void 0:a.reduce((l,c)=>g(g({},l),c.endpoints),{}),o=((d=e.options.plugins)==null?void 0:d.map(l=>{var c;return(c=l.middlewares)==null?void 0:c.map(p=>{let m=f=>u(this,null,function*(){return p.middleware(k(g({},f),{context:g(g({},e),f.context)}))});return m.path=p.path,m.options=p.middleware.options,m.headers=p.middleware.headers,{path:p.path,middleware:m}})}).filter(l=>l!==void 0).flat())||[],r={signInOAuth:Ge,callbackOAuth:Ze,getCSRFToken:at,getSession:ce(),signOut:Qe,signUpEmail:pt,signInEmail:Ke,forgetPassword:Ye,resetPassword:tt,verifyEmail:ot,sendVerificationEmail:rt,changePassword:st,setPassword:it,updateUser:nt,forgetPasswordCallback:et,listSessions:ze(),revokeSession:Me,revokeSessions:He},s=k(g(g({},r),n),{ok:ct,error:dt}),i={};for(let[l,c]of Object.entries(s))i[l]=p=>u(this,null,function*(){var h;let f=yield c(k(g({},p),{context:g(g({},e),p.context)}));for(let w of e.options.plugins||[])if((h=w.hooks)!=null&&h.after){for(let U of w.hooks.after)if(U.matcher(p)){let T=Object.assign(p,{context:k(g({},e),{returned:f})}),P=yield U.handler(T);P&&"response"in P&&(f=P.response)}}return f}),i[l].path=c.path,i[l].method=c.method,i[l].options=c.options,i[l].headers=c.headers;return{api:i,middlewares:o}}var gt=(e,t)=>{let{api:n,middlewares:o}=ge(e,t),r=new URL(e.baseURL).pathname;return Pr(n,{extraContext:e,basePath:r,routerMiddleware:[{path:"/**",middleware:Ie},...o],onRequest(i){return u(this,null,function*(){for(let a of e.options.plugins||[])if(a.onRequest){let d=yield a.onRequest(i,e);if(d)return d}return ft(i,e)})},onResponse(i){return u(this,null,function*(){for(let a of e.options.plugins||[])if(a.onResponse){let d=yield a.onResponse(i,e);if(d)return d.response}return i})},onError(i){var d,l,c,p;let a=(d=t.logger)!=null&&d.verboseLogging?O:void 0;if(((l=t.logger)==null?void 0:l.disabled)!==!0)if(i instanceof xr)a==null||a.warn(i);else if(typeof i=="object"&&i!==null&&"message"in i){let m=i.message;if(!m||typeof m!="string"){a==null||a.error(i);return}m.includes("no such table")?(c=O)==null||c.error(`Please run ${fe.green("npx better-auth migrate")} to create the tables. There are missing tables in your SQLite database.`):m.includes("relation")&&m.includes("does not exist")?O.error(`Please run ${fe.green("npx better-auth migrate")} to create the tables. There are missing tables in your PostgreSQL database.`):m.includes("Table")&&m.includes("doesn't exist")?(p=O)==null||p.error(`Please run ${fe.green("npx better-auth migrate")} to create the tables. There are missing tables in your MySQL database.`):a==null||a.error(i)}else a==null||a.error(i)}})};var N=e=>{var d,l,c,m,f,h;let t=(d=e.plugins)==null?void 0:d.reduce((w,U)=>{var T;let b=U.schema;if(!b)return w;for(let[P,v]of Object.entries(b))w[P]={fields:g(g({},(T=w[P])==null?void 0:T.fields),v.fields),tableName:P};return w},{}),n=((l=e.rateLimit)==null?void 0:l.storage)==="database",o={rateLimit:{tableName:((c=e.rateLimit)==null?void 0:c.tableName)||"rateLimit",fields:{key:{type:"string"},count:{type:"number"},lastRequest:{type:"number"}}}},p=t||{},{user:r,session:s,account:i}=p,a=W(p,["user","session","account"]);return g(g({user:{tableName:((m=e.user)==null?void 0:m.modelName)||"user",fields:g({name:{type:"string"},email:{type:"string"},emailVerified:{type:"boolean",defaultValue:()=>!1},image:{type:"string",required:!1},createdAt:{type:"date",defaultValue:()=>new Date},updatedAt:{type:"date",defaultValue:()=>new Date}},r==null?void 0:r.fields),order:0},session:{tableName:((f=e.session)==null?void 0:f.modelName)||"session",fields:g({expiresAt:{type:"date"},ipAddress:{type:"string",required:!1},userAgent:{type:"string",required:!1},userId:{type:"string",references:{model:"user",field:"id",onDelete:"cascade"}}},s==null?void 0:s.fields),order:1},account:{tableName:((h=e.account)==null?void 0:h.modelName)||"account",fields:g({accountId:{type:"string"},providerId:{type:"string"},userId:{type:"string",references:{model:"user",field:"id",onDelete:"cascade"}},accessToken:{type:"string",required:!1},refreshToken:{type:"string",required:!1},idToken:{type:"string",required:!1},expiresAt:{type:"date",required:!1},password:{type:"string",required:!1}},i==null?void 0:i.fields),order:2}},a),n?o:{})};import vr from"better-sqlite3";import{Kysely as Ir}from"kysely";import{MysqlDialect as yt,PostgresDialect as bt,SqliteDialect as wt}from"kysely";import{createPool as Sr}from"mysql2";import Lr from"pg";var{Pool:Or}=Lr;function ee(e){if(!e)return{and:null,or:null};let t=e==null?void 0:e.filter(o=>o.connector==="AND"||!o.connector).reduce((o,r)=>k(g({},o),{[r.field]:r.value}),{}),n=e==null?void 0:e.filter(o=>o.connector==="OR").reduce((o,r)=>k(g({},o),{[r.field]:r.value}),{});return{and:Object.keys(t).length?t:null,or:Object.keys(n).length?n:null}}function te(e,t,n){var o,r,s;for(let i in e)e[i]===0&&((o=t[i])==null?void 0:o.type)==="boolean"&&(n!=null&&n.boolean)&&(e[i]=!1),e[i]===1&&((r=t[i])==null?void 0:r.type)==="boolean"&&(n!=null&&n.boolean)&&(e[i]=!0),((s=t[i])==null?void 0:s.type)==="date"&&(e[i]instanceof Date||(e[i]=new Date(e[i])));return e}function ht(e,t){for(let n in e)typeof e[n]=="boolean"&&(t!=null&&t.boolean)&&(e[n]=e[n]?1:0),e[n]instanceof Date&&(e[n]=e[n].toISOString());return e}var At=(e,t)=>({create(o){return u(this,null,function*(){let{model:r,data:s,select:i}=o;t!=null&&t.transform&&(s=ht(s,t.transform));let a=yield e.insertInto(r).values(s).returningAll().executeTakeFirst();if(t!=null&&t.transform){let d=t.transform.schema[r];a=d?te(s,d,t.transform):a}return i!=null&&i.length&&(a=a?i.reduce((l,c)=>a!=null&&a[c]?k(g({},l),{[c]:a[c]}):l,{}):null),a})},findOne(o){return u(this,null,function*(){let{model:r,where:s,select:i}=o,{and:a,or:d}=ee(s),l=e.selectFrom(r).selectAll();d&&(l=l.where(p=>p.or(d))),a&&(l=l.where(p=>p.and(a)));let c=yield l.executeTakeFirst();if(i!=null&&i.length&&(c=c?i.reduce((m,f)=>c!=null&&c[f]?k(g({},m),{[f]:c[f]}):m,{}):null),t!=null&&t.transform){let p=t.transform.schema[r];return c=c&&p?te(c,p,t.transform):c,c||null}return c||null})},findMany(o){return u(this,null,function*(){let{model:r,where:s}=o,i=e.selectFrom(r),{and:a,or:d}=ee(s);a&&(i=i.where(c=>c.and(a))),d&&(i=i.where(c=>c.or(d)));let l=yield i.selectAll().execute();if(t!=null&&t.transform){let c=t.transform.schema[r];return c?l.map(p=>te(p,c,t.transform)):l}return l})},update(o){return u(this,null,function*(){let{model:r,where:s,update:i}=o,{and:a,or:d}=ee(s);t!=null&&t.transform&&(i=ht(i,t.transform));let l=e.updateTable(r).set(i);a&&(l=l.where(p=>p.and(a))),d&&(l=l.where(p=>p.or(d)));let c=(yield l.returningAll().executeTakeFirst())||null;if(t!=null&&t.transform){let p=t.transform.schema[r];return p?te(c,p,t.transform):c}return c})},delete(o){return u(this,null,function*(){let{model:r,where:s}=o,{and:i,or:a}=ee(s),d=e.deleteFrom(r);i&&(d=d.where(l=>l.and(i))),a&&(d=d.where(l=>l.or(a))),yield d.execute()})}}),_r=e=>{var n,o;if(!e.database)return;if("createDriver"in e.database)return e.database;let t;if("provider"in e.database){let r=e.database.provider,s=(o=(n=e.database)==null?void 0:n.url)==null?void 0:o.trim();if(r==="postgres"&&(t=new bt({pool:new Or({connectionString:s})})),r==="mysql")try{let i=new URL(s),a=Sr({host:i.hostname,user:i.username,password:i.password,database:i.pathname.split("/")[1],port:Number(i.port)});t=new yt({pool:a})}catch(i){if(i instanceof TypeError)throw new I("Invalid database URL")}if(r==="sqlite"){let i=new vr(s);t=new wt({database:i})}}return t},re=e=>{let t=_r(e);return t&&new Ir({dialect:t})},kt=e=>{if("provider"in e.database)return e.database.provider;if("dialect"in e.database){if(e.database.dialect instanceof bt)return"postgres";if(e.database.dialect instanceof yt)return"mysql";if(e.database.dialect instanceof wt)return"sqlite"}return"sqlite"};function Rt(e){if(!e.database)throw new I("Database configuration is required");if("create"in e.database)return e.database;let t=re(e);if(!t)throw new I("Failed to initialize database adapter");let n=N(e),o={};for(let r of Object.values(n))o[r.tableName]=r.fields;return At(t,{transform:{schema:o,date:!0,boolean:kt(e)==="sqlite"}})}import{scrypt as Er}from"node:crypto";import{decodeHex as Cr,encodeHex as Tt}from"oslo/encoding";import{constantTimeEqual as Br}from"oslo/crypto";var F={N:16384,r:16,p:1,dkLen:64};function Ut(e,t){return u(this,null,function*(){return yield new Promise((n,o)=>{Er(e.normalize("NFKC"),t,F.dkLen,{N:F.N,p:F.p,r:F.r,maxmem:128*F.N*F.r*2},(r,s)=>r?o(r):n(s))})})}var xt=e=>u(void 0,null,function*(){let t=Tt(crypto.getRandomValues(new Uint8Array(16))),n=yield Ut(e,t);return`${t}:${Tt(n)}`}),Pt=(e,t)=>u(void 0,null,function*(){let[n,o]=e.split(":"),r=yield Ut(t,n);return Br(r,Cr(o))});import{alphabet as jr,generateRandomString as Dr}from"oslo/crypto";var vt=(e,t)=>{var i;let n=((i=t.session)==null?void 0:i.expiresIn)||604800,o=N(t),r=t.databaseHooks;function s(a,d){return u(this,null,function*(){var p,m,f,h;let l=a;if((m=(p=r==null?void 0:r[d])==null?void 0:p.create)!=null&&m.before){let w=yield r[d].create.before(a);if(w===!1)return null;l=typeof w=="object"?w.data:w}let c=yield e.create({model:d,data:a});return(h=(f=r==null?void 0:r[d])==null?void 0:f.create)!=null&&h.after&&c&&(yield r[d].create.after(c)),c})}return{createOAuthUser:(a,d)=>u(void 0,null,function*(){try{let l=yield s(a,"user"),c=yield s(d,"account");return{user:l,account:c}}catch(l){return console.log(l),null}}),createUser:a=>u(void 0,null,function*(){return yield s(a,"user")}),createSession:(a,d,l)=>u(void 0,null,function*(){let c=d instanceof Request?d.headers:d,p={id:Dr(32,jr("a-z","0-9","A-Z")),userId:a,expiresAt:l?M(1e3*60*60*24):M(n,!0),ipAddress:(c==null?void 0:c.get("x-forwarded-for"))||"",userAgent:(c==null?void 0:c.get("user-agent"))||""};return yield s(p,"session")}),findSession:a=>u(void 0,null,function*(){let d=yield e.findOne({model:o.session.tableName,where:[{value:a,field:"id"}]});if(!d)return null;let l=yield e.findOne({model:o.user.tableName,where:[{value:d.userId,field:"id"}]});return l?{session:d,user:l}:null}),updateSession:(a,d)=>u(void 0,null,function*(){var c,p,m,f;if((p=(c=r==null?void 0:r.session)==null?void 0:c.update)!=null&&p.before){let h=yield r.session.update.before(d);if(h===!1)return null;d=typeof h=="object"?h.data:h}let l=yield e.update({model:o.session.tableName,where:[{field:"id",value:a}],update:d});return(f=(m=r==null?void 0:r.session)==null?void 0:m.update)!=null&&f.after&&l&&(yield r.session.update.after(l)),l}),deleteSession:a=>u(void 0,null,function*(){return yield e.delete({model:o.session.tableName,where:[{field:"id",value:a}]})}),deleteSessions:a=>u(void 0,null,function*(){return yield e.delete({model:o.session.tableName,where:[{field:"userId",value:a}]})}),findUserByEmail:a=>u(void 0,null,function*(){let d=yield e.findOne({model:o.user.tableName,where:[{value:a.toLowerCase(),field:"email"}]});if(!d)return null;let l=yield e.findMany({model:o.account.tableName,where:[{value:d.id,field:"userId"}]});return{user:d,accounts:l}}),findUserById:a=>u(void 0,null,function*(){return yield e.findOne({model:o.user.tableName,where:[{field:"id",value:a}]})}),linkAccount:a=>u(void 0,null,function*(){return yield s(a,"account")}),updateUserByEmail:(a,d)=>u(void 0,null,function*(){var c,p,m,f;if((p=(c=r==null?void 0:r.user)==null?void 0:c.update)!=null&&p.before){let h=yield r.user.update.before(d);if(h===!1)return null;d=typeof h=="object"?h.data:h}let l=yield e.update({model:o.user.tableName,where:[{value:a,field:"email"}],update:d});return(f=(m=r==null?void 0:r.user)==null?void 0:m.update)!=null&&f.after&&l&&(yield r.user.update.after(l)),l}),updatePassword:(a,d)=>u(void 0,null,function*(){return yield e.update({model:o.account.tableName,where:[{value:a,field:"userId"},{field:"providerId",value:"credential"}],update:{password:d}})}),findAccounts:a=>u(void 0,null,function*(){return yield e.findMany({model:o.account.tableName,where:[{field:"userId",value:a}]})}),updateAccount:(a,d)=>u(void 0,null,function*(){var c,p,m,f;if((p=(c=r==null?void 0:r.account)==null?void 0:c.update)!=null&&p.before){let h=yield r.account.update.before(d);if(h===!1)return null;d=typeof h=="object"?h.data:h}let l=yield e.update({model:o.account.tableName,where:[{field:"id",value:a}],update:d});return(f=(m=r==null?void 0:r.account)==null?void 0:m.update)!=null&&f.after&&l&&(yield r.account.update.after(l)),l})}};var It="better-auth-secret-123456789";var St=e=>({id:"cross-subdomain-cookies",onResponse(n,o){return u(this,null,function*(){let r=n.headers.get("set-cookie");if(!r)return;let s=o.baseURL,i=r.split(";"),a=(e==null?void 0:e.domainName)||new URL(s).hostname,d=o.authCookies,l=[d.sessionToken.name,d.csrfToken.name,d.dontRememberToken.name];if(!l.some(p=>r.includes(p)))return;let c=i.map(p=>{if(!l.some(f=>p.toLowerCase().includes(f.toLowerCase())))return p;let m=p.trim();return m.toLowerCase().startsWith("domain=")?`Domain=${a}`:m.toLowerCase().includes("domain=")?m:`${m}; Domain=${a}`}).filter((p,m,f)=>m===f.findIndex(h=>h.split(";")[0]===p.split(";")[0])).join("; ");return n.headers.set("set-cookie",c),{response:n}})}});var Lt=e=>{var m,f,h,w,U,b,T,P,v,oe,he,ye,be,we;let{options:t,context:n}=qr(e),o=t.plugins||[],r=$r(t),s=Rt(t),i=re(t),a=Q(t.baseURL,t.basePath)||"",d=t.secret||process.env.BETTER_AUTH_SECRET||process.env.AUTH_SECRET||It,l=Ne(t),c=N(t),p=Object.keys(t.socialProviders||{}).map(V=>{var Ae;let G=(Ae=t.socialProviders)==null?void 0:Ae[V];return G.enabled===!1?null:((!G.clientId||!G.clientSecret)&&O.warn(`Social provider ${V} is missing clientId or clientSecret`),ie[V](G))}).filter(V=>V!==null);return g({appName:t.appName||"Better Auth",socialProviders:p,options:k(g({},t),{baseURL:a?new URL(a).origin:"",basePath:t.basePath||"/api/auth",plugins:o.concat(r)}),tables:c,baseURL:a,sessionConfig:{updateAge:((m=t.session)==null?void 0:m.updateAge)||24*60*60,expiresIn:((f=t.session)==null?void 0:f.expiresIn)||60*60*24*7},secret:d,rateLimit:k(g({},t.rateLimit),{enabled:(w=(h=t.rateLimit)==null?void 0:h.enabled)!=null?w:process.env.NODE_ENV!=="development",window:((U=t.rateLimit)==null?void 0:U.window)||60,max:((b=t.rateLimit)==null?void 0:b.max)||100,storage:((T=t.rateLimit)==null?void 0:T.storage)||"memory"}),authCookies:l,logger:se({disabled:((P=t.logger)==null?void 0:P.disabled)||!1}),db:i,password:{hash:((oe=(v=t.emailAndPassword)==null?void 0:v.password)==null?void 0:oe.hash)||xt,verify:((ye=(he=t.emailAndPassword)==null?void 0:he.password)==null?void 0:ye.verify)||Pt,config:{minPasswordLength:((be=t.emailAndPassword)==null?void 0:be.minPasswordLength)||8,maxPasswordLength:((we=t.emailAndPassword)==null?void 0:we.maxPasswordLength)||128}},adapter:s,internalAdapter:vt(s,t),createAuthCookie:Fe(t)},n)};function qr(e){let t=e.plugins||[],n={};for(let i of t)if(i.init){let a=i.init(e);typeof a=="object"&&(a.options&&(e=g(g({},e),a.options)),n=g({},a))}let s=n,{options:o}=s,r=W(s,["options"]);return{options:e,context:r}}function $r(e){var n,o;let t=[];return(o=(n=e.advanced)==null?void 0:n.crossSubDomainCookies)!=null&&o.enabled&&t.push(St({eligibleCookies:e.advanced.crossSubDomainCookies.eligibleCookies})),t}var Td=e=>{let t=Lt(e),{api:n}=ge(t,e);return{handler:o=>u(void 0,null,function*(){let r=t.options.basePath,s=new URL(o.url);if(!t.options.baseURL){let a=`${s.origin}/api/auth`;t.options.baseURL=a,t.baseURL=a}if(!t.options.baseURL)return new Response("Base URL not set",{status:400});if(s.pathname===r||s.pathname===`${r}/`)return new Response("Welcome to BetterAuth",{status:200});let{handler:i}=gt(t,e);return i(o)}),api:n,options:t.options,$Infer:{}}};export{Td as betterAuth};
+</html>`,ct=A("/error",{method:"GET",metadata:j},e=>c(void 0,null,function*(){var n;let t=new URL(((n=e.request)==null?void 0:n.url)||"").searchParams.get("error")||"Unknown";return new Response(kr(t),{headers:{"Content-Type":"text/html"}})}));var lt=A("/ok",{method:"GET",metadata:j},e=>c(void 0,null,function*(){return e.json({ok:!0})}));import{alphabet as ut,generateRandomString as pt}from"oslo/crypto";import{z as q}from"zod";var mt=A("/sign-up/email",{method:"POST",query:q.object({currentURL:q.string().optional()}).optional(),body:q.object({name:q.string(),email:q.string(),password:q.string(),image:q.string().optional(),callbackURL:q.string().optional()})},e=>c(void 0,null,function*(){var m,f,h,y;if(!((m=e.context.options.emailAndPassword)!=null&&m.enabled))return e.json(null,{status:400,body:{message:"Email and password is not enabled"}});let{name:t,email:n,password:o,image:r}=e.body;if(!q.string().email().safeParse(n).success)return e.json(null,{status:400,body:{message:"Invalid email address"}});let i=e.context.password.config.minPasswordLength;if(o.length<i)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let a=e.context.password.config.maxPasswordLength;if(o.length>a)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let d=yield e.context.internalAdapter.findUserByEmail(n),p=yield e.context.password.hash(o);if(d!=null&&d.user)return e.json(null,{status:400,body:{message:"User already exists"}});let l=yield e.context.internalAdapter.createUser({id:pt(32,ut("a-z","0-9","A-Z")),email:n.toLowerCase(),name:t,image:r,emailVerified:!1,createdAt:new Date,updatedAt:new Date});if(!l)return e.json(null,{status:400,body:{message:"Could not create user"}});yield e.context.internalAdapter.linkAccount({id:pt(32,ut("a-z","0-9","A-Z")),userId:l.id,providerId:"credential",accountId:l.id,password:p});let u=yield e.context.internalAdapter.createSession(l.id,e.request);if(!u)return e.json(null,{status:400,body:{message:"Could not create session"}});if(yield E(e,u.id),e.context.options.emailAndPassword.sendEmailVerificationOnSignUp){let b=yield fe(e.context.secret,l.email),w=`${e.context.baseURL}/verify-email?token=${b}&callbackURL=${e.body.callbackURL||((f=e.query)==null?void 0:f.currentURL)||"/"}`;yield(y=(h=e.context.options.emailAndPassword).sendVerificationEmail)==null?void 0:y.call(h,l.email,w,b)}return e.json({user:l,session:u},{body:e.body.callbackURL?{url:e.body.callbackURL,redirect:!0}:{user:l,session:u}})}));import ge from"chalk";function Rr(e,t,n){let o=Date.now(),r=t*1e3;return o-n.lastRequest<r&&n.count>=e}function Tr(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function xr(e,t){let n=Date.now(),o=t*1e3;return Math.ceil((e+o-n)/1e3)}function Ur(e,t){let n=t!=null?t:"rateLimit",o=e.adapter;return{get:r=>c(this,null,function*(){return yield o.findOne({model:n,where:[{field:"key",value:r}]})}),set:(r,s,i)=>c(this,null,function*(){try{i?yield o.update({model:t!=null?t:"rateLimit",where:[{field:"key",value:r}],update:{count:s.count,lastRequest:s.lastRequest}}):yield o.create({model:t!=null?t:"rateLimit",data:{key:r,count:s.count,lastRequest:s.lastRequest}})}catch(a){P.error("Error setting rate limit",a)}})}}var ft=new Map;function Pr(e){if(e.rateLimit.customStorage)return e.rateLimit.customStorage;if(e.rateLimit.storage==="memory"){let n;return{get(o){return c(this,null,function*(){return ft.get(o)})},set(o,r,s){return c(this,null,function*(){ft.set(o,r)})}}}return Ur(e,e.rateLimit.tableName)}function gt(e,t){return c(this,null,function*(){if(!t.rateLimit.enabled)return;let n=t.baseURL,o=e.url.replace(n,""),r=t.rateLimit.window,s=t.rateLimit.max,i=Y(e)+o,d=vr().find(m=>m.pathMatcher(o));d&&(r=d.window,s=d.max);for(let m of t.options.plugins||[])if(m.rateLimit){let f=m.rateLimit.find(h=>h.pathMatcher(o));if(f){r=f.window,s=f.max;break}}if(t.rateLimit.customRules){let m=t.rateLimit.customRules[o];m&&(r=m.window,s=m.max)}let p=Pr(t),l=yield p.get(i),u=Date.now();if(!l)yield p.set(i,{key:i,count:1,lastRequest:u});else{let m=u-l.lastRequest;if(Rr(s,r,l)){let f=xr(l.lastRequest,r);return Tr(f)}else m>r*1e3?yield p.set(i,T(g({},l),{count:1,lastRequest:u})):yield p.set(i,T(g({},l),{count:l.count+1,lastRequest:u}))}})}function vr(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:7}]}function he(e,t){var a,d;let n=(a=e.options.plugins)==null?void 0:a.reduce((p,l)=>g(g({},p),l.endpoints),{}),o=((d=e.options.plugins)==null?void 0:d.map(p=>{var l;return(l=p.middlewares)==null?void 0:l.map(u=>{let m=f=>c(this,null,function*(){return u.middleware(T(g({},f),{context:g(g({},e),f.context)}))});return m.path=u.path,m.options=u.middleware.options,m.headers=u.middleware.headers,{path:u.path,middleware:m}})}).filter(p=>p!==void 0).flat())||[],r={signInOAuth:Ke,callbackOAuth:Qe,getCSRFToken:dt,getSession:le(),signOut:Xe,signUpEmail:mt,signInEmail:We,forgetPassword:et,resetPassword:rt,verifyEmail:nt,sendVerificationEmail:ot,changePassword:it,setPassword:at,updateUser:st,forgetPasswordCallback:tt,listSessions:Me(),revokeSession:He,revokeSessions:Ge},s=T(g(g({},r),n),{ok:lt,error:ct}),i={};for(let[p,l]of Object.entries(s))i[p]=u=>c(this,null,function*(){var h;let f=yield l(T(g({},u),{context:g(g({},e),u.context)}));for(let y of e.options.plugins||[])if((h=y.hooks)!=null&&h.after){for(let b of y.hooks.after)if(b.matcher(u)){let k=Object.assign(u,{context:T(g({},e),{returned:f})}),v=yield b.handler(k);v&&"response"in v&&(f=v.response)}}return f}),i[p].path=l.path,i[p].method=l.method,i[p].options=l.options,i[p].headers=l.headers;return{api:i,middlewares:o}}var ht=(e,t)=>{let{api:n,middlewares:o}=he(e,t),r=new URL(e.baseURL).pathname;return Sr(n,{extraContext:e,basePath:r,routerMiddleware:[{path:"/**",middleware:Se},...o],onRequest(i){return c(this,null,function*(){for(let a of e.options.plugins||[])if(a.onRequest){let d=yield a.onRequest(i,e);if(d)return d}return gt(i,e)})},onResponse(i){return c(this,null,function*(){for(let a of e.options.plugins||[])if(a.onResponse){let d=yield a.onResponse(i,e);if(d)return d.response}return i})},onError(i){var d,p,l,u;let a=(d=t.logger)!=null&&d.verboseLogging?P:void 0;if(((p=t.logger)==null?void 0:p.disabled)!==!0)if(i instanceof Ir)a==null||a.warn(i);else if(typeof i=="object"&&i!==null&&"message"in i){let m=i.message;if(!m||typeof m!="string"){a==null||a.error(i);return}m.includes("no such table")?(l=P)==null||l.error(`Please run ${ge.green("npx better-auth migrate")} to create the tables. There are missing tables in your SQLite database.`):m.includes("relation")&&m.includes("does not exist")?P.error(`Please run ${ge.green("npx better-auth migrate")} to create the tables. There are missing tables in your PostgreSQL database.`):m.includes("Table")&&m.includes("doesn't exist")?(u=P)==null||u.error(`Please run ${ge.green("npx better-auth migrate")} to create the tables. There are missing tables in your MySQL database.`):a==null||a.error(i)}else a==null||a.error(i)}})};var D=e=>{var d,p,l,m,f,h;let t=(d=e.plugins)==null?void 0:d.reduce((y,b)=>{var k;let w=b.schema;if(!w)return y;for(let[v,I]of Object.entries(w))y[v]={fields:g(g({},(k=y[v])==null?void 0:k.fields),I.fields),tableName:v};return y},{}),n=((p=e.rateLimit)==null?void 0:p.storage)==="database",o={rateLimit:{tableName:((l=e.rateLimit)==null?void 0:l.tableName)||"rateLimit",fields:{key:{type:"string"},count:{type:"number"},lastRequest:{type:"number"}}}},u=t||{},{user:r,session:s,account:i}=u,a=J(u,["user","session","account"]);return g(g({user:{tableName:((m=e.user)==null?void 0:m.modelName)||"user",fields:g({name:{type:"string",required:!0},email:{type:"string",unique:!0,required:!0},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0},image:{type:"string",required:!1},createdAt:{type:"date",defaultValue:()=>new Date,required:!0},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0}},r==null?void 0:r.fields),order:0},session:{tableName:((f=e.session)==null?void 0:f.modelName)||"session",fields:g({expiresAt:{type:"date",required:!0},ipAddress:{type:"string",required:!1},userAgent:{type:"string",required:!1},userId:{type:"string",references:{model:"user",field:"id",onDelete:"cascade"},required:!0}},s==null?void 0:s.fields),order:1},account:{tableName:((h=e.account)==null?void 0:h.modelName)||"account",fields:g({accountId:{type:"string",required:!0},providerId:{type:"string",required:!0},userId:{type:"string",references:{model:"user",field:"id",onDelete:"cascade"},required:!0},accessToken:{type:"string",required:!1},refreshToken:{type:"string",required:!1},idToken:{type:"string",required:!1},expiresAt:{type:"date",required:!1},password:{type:"string",required:!1}},i==null?void 0:i.fields),order:2}},a),n?o:{})};import{Kysely as Or}from"kysely";import{MysqlDialect as yt,PostgresDialect as bt,SqliteDialect as wt}from"kysely";import{createPool as Lr}from"mysql2";import Er from"pg";var{Pool:Cr}=Er,_r=e=>{var n,o;if(!e.database)return;if("createDriver"in e.database)return e.database;let t;if("provider"in e.database){let r=e.database.provider,s=(o=(n=e.database)==null?void 0:n.url)==null?void 0:o.trim();if(r==="postgres"&&(t=new bt({pool:new Cr({connectionString:s})})),r==="mysql")try{let i=new URL(s),a=Lr({host:i.hostname,user:i.username,password:i.password,database:i.pathname.split("/")[1],port:Number(i.port)});t=new yt({pool:a})}catch(i){if(i instanceof TypeError)throw new S("Invalid database URL")}if(r==="sqlite"){let i=qt("better-sqlite3"),a=new i(s);t=new wt({database:a})}}return t},F=e=>{let t=_r(e);return t&&new Or({dialect:t})},te=e=>{if("provider"in e.database)return e.database.provider;if("dialect"in e.database){if(e.database.dialect instanceof bt)return"postgres";if(e.database.dialect instanceof yt)return"mysql";if(e.database.dialect instanceof wt)return"sqlite"}return"sqlite"};import"kysely";function Br(e){var n;return((n=e.plugins)==null?void 0:n.flatMap(o=>Object.keys(o.schema||{}).map(r=>{let i=(o.schema||{})[r];if(!(i!=null&&i.disableMigration))return{tableName:r,fields:i==null?void 0:i.fields}}).filter(r=>r!==void 0)))||[]}function At(e){let t=D(e),n=Br(e);return[t.user,t.session,t.account,...n].reduce((r,s)=>{var i;return r[s.tableName]={fields:g(g({},(i=r[s.tableName])==null?void 0:i.fields),s.fields)},r},{})}var qr={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},jr={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},Dr={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},Nr={postgres:qr,mysql:jr,sqlite:Dr};function $r(e,t,n){return Nr[n][t].map(i=>i.toLowerCase()).includes(e.toLowerCase())}function kt(e){return c(this,null,function*(){let t=At(e),n=te(e),o=F(e);o||(P.error("Invalid database configuration."),process.exit(1));let r=yield o.introspection.getTables(),s=[],i=[];for(let[u,m]of Object.entries(t)){let f=r.find(y=>y.name===u);if(!f){let y=s.findIndex(k=>k.table===u),b={table:u,fields:m.fields,order:m.order||1/0},w=s.findIndex(k=>(k.order||1/0)>b.order);w===-1?y===-1?s.push(b):s[y].fields=g(g({},s[y].fields),m.fields):s.splice(w,0,b);continue}let h={};for(let[y,b]of Object.entries(m.fields)){let w=f.columns.find(k=>k.name===y);if(!w){h[y]=b;continue}$r(w.dataType,b.type,n)||P.warn(`Field ${y} in table ${u} has a different type in the database. Expected ${b.type} but got ${w.dataType}.`)}Object.keys(h).length>0&&i.push({table:u,fields:h,order:m.order||1/0})}let a=[];function d(u){let m={string:"text",boolean:"boolean",number:"integer",date:"date"};return n==="mysql"&&u==="string"?"varchar(255)":m[u]}if(i.length)for(let u of i)for(let[m,f]of Object.entries(u.fields)){let h=d(f.type),y=o.schema.alterTable(u.table).addColumn(m,h,b=>(b=f.required!==!1?b.notNull():b,f.references&&(b=b.references(`${f.references.model}.${f.references.field}`)),b));a.push(y)}if(s.length)for(let u of s){let m=o.schema.createTable(u.table).addColumn("id",d("string"),f=>f.primaryKey());for(let[f,h]of Object.entries(u.fields)){let y=d(h.type);m=m.addColumn(f,y,b=>(b=h.required!==!1?b.notNull():b,h.references&&(b=b.references(`${h.references.model}.${h.references.field}`)),h.unique&&(b=b.unique()),b))}a.push(m)}function p(){return c(this,null,function*(){for(let u of a)yield u.execute()})}function l(){return c(this,null,function*(){return a.map(m=>m.compile().sql).join(`;
+`)})}return{toBeCreated:s,toBeAdded:i,runMigrations:p,compileMigrations:l}})}function re(e){if(!e)return{and:null,or:null};let t=e==null?void 0:e.filter(o=>o.connector==="AND"||!o.connector).reduce((o,r)=>T(g({},o),{[r.field]:r.value}),{}),n=e==null?void 0:e.filter(o=>o.connector==="OR").reduce((o,r)=>T(g({},o),{[r.field]:r.value}),{});return{and:Object.keys(t).length?t:null,or:Object.keys(n).length?n:null}}function oe(e,t,n){var o,r,s;for(let i in e)e[i]===0&&((o=t[i])==null?void 0:o.type)==="boolean"&&(n!=null&&n.boolean)&&(e[i]=!1),e[i]===1&&((r=t[i])==null?void 0:r.type)==="boolean"&&(n!=null&&n.boolean)&&(e[i]=!0),((s=t[i])==null?void 0:s.type)==="date"&&(e[i]instanceof Date||(e[i]=new Date(e[i])));return e}function Rt(e,t){for(let n in e)typeof e[n]=="boolean"&&(t!=null&&t.boolean)&&(e[n]=e[n]?1:0),e[n]instanceof Date&&(e[n]=e[n].toISOString());return e}var Tt=(e,t)=>({id:"kysely",create(o){return c(this,null,function*(){let{model:r,data:s,select:i}=o;t!=null&&t.transform&&(s=Rt(s,t.transform));let a=yield e.insertInto(r).values(s).returningAll().executeTakeFirst();if(t!=null&&t.transform){let d=t.transform.schema[r];a=d?oe(s,d,t.transform):a}return i!=null&&i.length&&(a=a?i.reduce((p,l)=>a!=null&&a[l]?T(g({},p),{[l]:a[l]}):p,{}):null),a})},findOne(o){return c(this,null,function*(){let{model:r,where:s,select:i}=o,{and:a,or:d}=re(s),p=e.selectFrom(r).selectAll();d&&(p=p.where(u=>u.or(d))),a&&(p=p.where(u=>u.and(a)));let l=yield p.executeTakeFirst();if(i!=null&&i.length&&(l=l?i.reduce((m,f)=>l!=null&&l[f]?T(g({},m),{[f]:l[f]}):m,{}):null),t!=null&&t.transform){let u=t.transform.schema[r];return l=l&&u?oe(l,u,t.transform):l,l||null}return l||null})},findMany(o){return c(this,null,function*(){let{model:r,where:s}=o,i=e.selectFrom(r),{and:a,or:d}=re(s);a&&(i=i.where(l=>l.and(a))),d&&(i=i.where(l=>l.or(d)));let p=yield i.selectAll().execute();if(t!=null&&t.transform){let l=t.transform.schema[r];return l?p.map(u=>oe(u,l,t.transform)):p}return p})},update(o){return c(this,null,function*(){let{model:r,where:s,update:i}=o,{and:a,or:d}=re(s);t!=null&&t.transform&&(i=Rt(i,t.transform));let p=e.updateTable(r).set(i);a&&(p=p.where(u=>u.and(a))),d&&(p=p.where(u=>u.or(d)));let l=(yield p.returningAll().executeTakeFirst())||null;if(t!=null&&t.transform){let u=t.transform.schema[r];return u?oe(l,u,t.transform):l}return l})},delete(o){return c(this,null,function*(){let{model:r,where:s}=o,{and:i,or:a}=re(s),d=e.deleteFrom(r);i&&(d=d.where(p=>p.and(i))),a&&(d=d.where(p=>p.or(a))),yield d.execute()})},createSchema(o){return c(this,null,function*(){let{compileMigrations:r}=yield kt(o);return console.log(r),{code:yield r(),fileName:`./better-auth_migrations/${new Date().toISOString()}.sql`}})}});function xt(e){if(!e.database)throw new S("Database configuration is required");if("create"in e.database)return e.database;let t=F(e);if(!t)throw new S("Failed to initialize database adapter");let n=D(e),o={};for(let r of Object.values(n))o[r.tableName]=r.fields;return Tt(t,{transform:{schema:o,date:!0,boolean:te(e)==="sqlite"}})}import{scrypt as Fr}from"node:crypto";import{decodeHex as Vr,encodeHex as Ut}from"oslo/encoding";import{constantTimeEqual as zr}from"oslo/crypto";var V={N:16384,r:16,p:1,dkLen:64};function Pt(e,t){return c(this,null,function*(){return yield new Promise((n,o)=>{Fr(e.normalize("NFKC"),t,V.dkLen,{N:V.N,p:V.p,r:V.r,maxmem:128*V.N*V.r*2},(r,s)=>r?o(r):n(s))})})}var vt=e=>c(void 0,null,function*(){let t=Ut(crypto.getRandomValues(new Uint8Array(16))),n=yield Pt(e,t);return`${t}:${Ut(n)}`}),It=(e,t)=>c(void 0,null,function*(){let[n,o]=e.split(":"),r=yield Pt(t,n);return zr(r,Vr(o))});import{alphabet as Mr,generateRandomString as Hr}from"oslo/crypto";var St=(e,t)=>{var i;let n=((i=t.session)==null?void 0:i.expiresIn)||604800,o=D(t),r=t.databaseHooks;function s(a,d){return c(this,null,function*(){var u,m,f,h;let p=a;if((m=(u=r==null?void 0:r[d])==null?void 0:u.create)!=null&&m.before){let y=yield r[d].create.before(a);if(y===!1)return null;p=typeof y=="object"?y.data:y}let l=yield e.create({model:d,data:a});return(h=(f=r==null?void 0:r[d])==null?void 0:f.create)!=null&&h.after&&l&&(yield r[d].create.after(l)),l})}return{createOAuthUser:(a,d)=>c(void 0,null,function*(){try{let p=yield s(a,"user"),l=yield s(d,"account");return{user:p,account:l}}catch(p){return console.log(p),null}}),createUser:a=>c(void 0,null,function*(){return yield s(a,"user")}),createSession:(a,d,p)=>c(void 0,null,function*(){let l=d instanceof Request?d.headers:d,u={id:Hr(32,Mr("a-z","0-9","A-Z")),userId:a,expiresAt:p?H(1e3*60*60*24):H(n,!0),ipAddress:(l==null?void 0:l.get("x-forwarded-for"))||"",userAgent:(l==null?void 0:l.get("user-agent"))||""};return yield s(u,"session")}),findSession:a=>c(void 0,null,function*(){let d=yield e.findOne({model:o.session.tableName,where:[{value:a,field:"id"}]});if(!d)return null;let p=yield e.findOne({model:o.user.tableName,where:[{value:d.userId,field:"id"}]});return p?{session:d,user:p}:null}),updateSession:(a,d)=>c(void 0,null,function*(){var l,u,m,f;if((u=(l=r==null?void 0:r.session)==null?void 0:l.update)!=null&&u.before){let h=yield r.session.update.before(d);if(h===!1)return null;d=typeof h=="object"?h.data:h}let p=yield e.update({model:o.session.tableName,where:[{field:"id",value:a}],update:d});return(f=(m=r==null?void 0:r.session)==null?void 0:m.update)!=null&&f.after&&p&&(yield r.session.update.after(p)),p}),deleteSession:a=>c(void 0,null,function*(){return yield e.delete({model:o.session.tableName,where:[{field:"id",value:a}]})}),deleteSessions:a=>c(void 0,null,function*(){return yield e.delete({model:o.session.tableName,where:[{field:"userId",value:a}]})}),findUserByEmail:a=>c(void 0,null,function*(){let d=yield e.findOne({model:o.user.tableName,where:[{value:a.toLowerCase(),field:"email"}]});if(!d)return null;let p=yield e.findMany({model:o.account.tableName,where:[{value:d.id,field:"userId"}]});return{user:d,accounts:p}}),findUserById:a=>c(void 0,null,function*(){return yield e.findOne({model:o.user.tableName,where:[{field:"id",value:a}]})}),linkAccount:a=>c(void 0,null,function*(){return yield s(a,"account")}),updateUserByEmail:(a,d)=>c(void 0,null,function*(){var l,u,m,f;if((u=(l=r==null?void 0:r.user)==null?void 0:l.update)!=null&&u.before){let h=yield r.user.update.before(d);if(h===!1)return null;d=typeof h=="object"?h.data:h}let p=yield e.update({model:o.user.tableName,where:[{value:a,field:"email"}],update:d});return(f=(m=r==null?void 0:r.user)==null?void 0:m.update)!=null&&f.after&&p&&(yield r.user.update.after(p)),p}),updatePassword:(a,d)=>c(void 0,null,function*(){return yield e.update({model:o.account.tableName,where:[{value:a,field:"userId"},{field:"providerId",value:"credential"}],update:{password:d}})}),findAccounts:a=>c(void 0,null,function*(){return yield e.findMany({model:o.account.tableName,where:[{field:"userId",value:a}]})}),updateAccount:(a,d)=>c(void 0,null,function*(){var l,u,m,f;if((u=(l=r==null?void 0:r.account)==null?void 0:l.update)!=null&&u.before){let h=yield r.account.update.before(d);if(h===!1)return null;d=typeof h=="object"?h.data:h}let p=yield e.update({model:o.account.tableName,where:[{field:"id",value:a}],update:d});return(f=(m=r==null?void 0:r.account)==null?void 0:m.update)!=null&&f.after&&p&&(yield r.account.update.after(p)),p})}};var Ot="better-auth-secret-123456789";var Lt=e=>({id:"cross-subdomain-cookies",onResponse(n,o){return c(this,null,function*(){let r=n.headers.get("set-cookie");if(!r)return;let s=o.baseURL,i=r.split(";"),a=(e==null?void 0:e.domainName)||new URL(s).hostname,d=o.authCookies,p=[d.sessionToken.name,d.csrfToken.name,d.dontRememberToken.name];if(!p.some(u=>r.includes(u)))return;let l=i.map(u=>{if(!p.some(f=>u.toLowerCase().includes(f.toLowerCase())))return u;let m=u.trim();return m.toLowerCase().startsWith("domain=")?`Domain=${a}`:m.toLowerCase().includes("domain=")?m:`${m}; Domain=${a}`}).filter((u,m,f)=>m===f.findIndex(h=>h.split(";")[0]===u.split(";")[0])).join("; ");return n.headers.set("set-cookie",l),{response:n}})}});var Et=e=>{var m,f,h,y,b,w,k,v,I,ne,ye,be,we,Ae;let{options:t,context:n}=Gr(e),o=t.plugins||[],r=Kr(t),s=xt(t),i=F(t),a=X(t.baseURL,t.basePath)||"",d=t.secret||process.env.BETTER_AUTH_SECRET||process.env.AUTH_SECRET||Ot,p=Fe(t),l=D(t),u=Object.keys(t.socialProviders||{}).map(z=>{var ke;let K=(ke=t.socialProviders)==null?void 0:ke[z];return K.enabled===!1?null:((!K.clientId||!K.clientSecret)&&P.warn(`Social provider ${z} is missing clientId or clientSecret`),ae[z](K))}).filter(z=>z!==null);return g({appName:t.appName||"Better Auth",socialProviders:u,options:T(g({},t),{baseURL:a?new URL(a).origin:"",basePath:t.basePath||"/api/auth",plugins:o.concat(r)}),tables:l,baseURL:a,sessionConfig:{updateAge:((m=t.session)==null?void 0:m.updateAge)||24*60*60,expiresIn:((f=t.session)==null?void 0:f.expiresIn)||60*60*24*7},secret:d,rateLimit:T(g({},t.rateLimit),{enabled:(y=(h=t.rateLimit)==null?void 0:h.enabled)!=null?y:process.env.NODE_ENV!=="development",window:((b=t.rateLimit)==null?void 0:b.window)||60,max:((w=t.rateLimit)==null?void 0:w.max)||100,storage:((k=t.rateLimit)==null?void 0:k.storage)||"memory"}),authCookies:p,logger:ie({disabled:((v=t.logger)==null?void 0:v.disabled)||!1}),db:i,password:{hash:((ne=(I=t.emailAndPassword)==null?void 0:I.password)==null?void 0:ne.hash)||vt,verify:((be=(ye=t.emailAndPassword)==null?void 0:ye.password)==null?void 0:be.verify)||It,config:{minPasswordLength:((we=t.emailAndPassword)==null?void 0:we.minPasswordLength)||8,maxPasswordLength:((Ae=t.emailAndPassword)==null?void 0:Ae.maxPasswordLength)||128}},adapter:s,internalAdapter:St(s,t),createAuthCookie:Ve(t)},n)};function Gr(e){let t=e.plugins||[],n={};for(let i of t)if(i.init){let a=i.init(e);typeof a=="object"&&(a.options&&(e=g(g({},e),a.options)),n=g({},a))}let s=n,{options:o}=s,r=J(s,["options"]);return{options:e,context:r}}function Kr(e){var n,o;let t=[];return(o=(n=e.advanced)==null?void 0:n.crossSubDomainCookies)!=null&&o.enabled&&t.push(Lt({eligibleCookies:e.advanced.crossSubDomainCookies.eligibleCookies})),t}var zd=e=>{let t=Et(e),{api:n}=he(t,e);return{handler:o=>c(void 0,null,function*(){let r=t.options.basePath,s=new URL(o.url);if(!t.options.baseURL){let a=`${s.origin}/api/auth`;t.options.baseURL=a,t.baseURL=a}if(!t.options.baseURL)return new Response("Base URL not set",{status:400});if(s.pathname===r||s.pathname===`${r}/`)return new Response("Welcome to BetterAuth",{status:200});let{handler:i}=ht(t,e);return i(o)}),api:n,options:t.options,$Infer:{}}};export{zd as betterAuth};

package/dist/next-js.d.ts CHANGED Viewed

@@ -1,13 +1,11 @@
-import { d as Auth } from './index-D_ohe9r9.js';
-import { U as User, S as Session } from './schema-D9o3OF80.js';
+import { d as Auth } from './index-BMYcrOqA.js';
+import { U as User, S as Session } from './index-CE92ti2Z.js';
 import { NextRequest } from 'next/server';
 import 'kysely';
 import 'better-call';
 import 'zod';
 import './helper-C1ihmerM.js';
-import './social.js';
 import 'arctic';
-import './adapter-D-m9-hQp.js';
 declare function toNextJsHandler(auth: Auth | Auth["handler"]): {
     GET: (request: Request) => Promise<Response>;

package/dist/node.d.ts CHANGED Viewed

@@ -1,13 +1,11 @@
 import * as http from 'http';
-import { d as Auth } from './index-D_ohe9r9.js';
+import { d as Auth } from './index-BMYcrOqA.js';
 import 'kysely';
-import './schema-D9o3OF80.js';
+import './index-CE92ti2Z.js';
+import 'arctic';
 import 'zod';
-import 'better-call';
 import './helper-C1ihmerM.js';
-import './social.js';
-import 'arctic';
-import './adapter-D-m9-hQp.js';
+import 'better-call';
 declare const toNodeHandler: (auth: Auth | Auth["handler"]) => (req: http.IncomingMessage, res: http.ServerResponse) => Promise<void>;

package/dist/plugins.d.ts CHANGED Viewed

@@ -1,20 +1,18 @@
-export { O as OrganizationOptions, b as Passkey, P as PasskeyOptions, W as WebAuthnCookieType, g as getPasskeyActions, m as magicLink, o as organization, p as passkey, c as passkeyClient, t as twoFactor, a as twoFactorClient, u as username } from './index-DsEvbKjm.js';
+export { O as OrganizationOptions, b as Passkey, P as PasskeyOptions, W as WebAuthnCookieType, g as getPasskeyActions, m as magicLink, o as organization, p as passkey, c as passkeyClient, t as twoFactor, a as twoFactorClient, u as username } from './index-3B6zGicM.js';
 export { i as ac } from './index-D6NOkCRo.js';
-import { H as HookEndpointContext } from './index-D_ohe9r9.js';
-export { A as AuthEndpoint, b as AuthMiddleware, B as BetterAuthPlugin, P as PluginSchema, a as createAuthEndpoint, c as createAuthMiddleware, o as optionsMiddleware } from './index-D_ohe9r9.js';
+import { H as HookEndpointContext } from './index-BMYcrOqA.js';
+export { A as AuthEndpoint, b as AuthMiddleware, B as BetterAuthPlugin, P as PluginSchema, a as createAuthEndpoint, c as createAuthMiddleware, o as optionsMiddleware } from './index-BMYcrOqA.js';
 export { H as HIDE_METADATA } from './hide-metadata-DEHJp1rk.js';
-import './schema-D9o3OF80.js';
+import './index-CE92ti2Z.js';
+import 'arctic';
 import 'zod';
-import 'better-call';
 import './helper-C1ihmerM.js';
+import 'better-call';
 import './statement-CU-fdHXK.js';
 import '@better-fetch/fetch';
 import 'nanostores';
 import '@simplewebauthn/types';
 import 'kysely';
-import './social.js';
-import 'arctic';
-import './adapter-D-m9-hQp.js';
 /**
  * Converts bearer token to session cookie