better-auth 0.2.3-beta.3 → 0.2.3-beta.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters.d.ts +1 -1
- package/dist/adapters.js +6 -6
- package/dist/api.d.ts +1 -1
- package/dist/api.js +3 -3
- package/dist/cli.js +3 -3
- package/dist/client/plugins.d.ts +3 -3
- package/dist/client.d.ts +1 -1
- package/dist/{index-3B6zGicM.d.ts → index-CmzUOocy.d.ts} +1 -1
- package/dist/{index-BMYcrOqA.d.ts → index-gO-yM4kI.d.ts} +5 -7
- package/dist/index.d.ts +1 -1
- package/dist/index.js +4 -4
- package/dist/next-js.d.ts +1 -1
- package/dist/node.d.ts +1 -1
- package/dist/plugins.d.ts +3 -3
- package/dist/react.d.ts +1 -1
- package/dist/solid-start.d.ts +1 -1
- package/dist/solid.d.ts +1 -1
- package/dist/svelte-kit.d.ts +1 -1
- package/dist/svelte.d.ts +1 -1
- package/dist/types.d.ts +2 -2
- package/dist/utils.d.ts +2 -2
- package/dist/vue.d.ts +1 -1
- package/package.json +2 -2
package/dist/adapters.d.ts
CHANGED
package/dist/adapters.js
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
var
|
|
2
|
-
`)}}),
|
|
1
|
+
var Z=Object.defineProperty,ee=Object.defineProperties;var te=Object.getOwnPropertyDescriptors;var R=Object.getOwnPropertySymbols;var F=Object.prototype.hasOwnProperty,U=Object.prototype.propertyIsEnumerable;var I=(e,t,a)=>t in e?Z(e,t,{enumerable:!0,configurable:!0,writable:!0,value:a}):e[t]=a,m=(e,t)=>{for(var a in t||(t={}))F.call(t,a)&&I(e,a,t[a]);if(R)for(var a of R(t))U.call(t,a)&&I(e,a,t[a]);return e},C=(e,t)=>ee(e,te(t));var S=(e,t)=>{var a={};for(var s in e)F.call(e,s)&&t.indexOf(s)<0&&(a[s]=e[s]);if(e!=null&&R)for(var s of R(e))t.indexOf(s)<0&&U.call(e,s)&&(a[s]=e[s]);return a};var f=(e,t,a)=>new Promise((s,i)=>{var n=l=>{try{o(a.next(l))}catch(c){i(c)}},r=l=>{try{o(a.throw(l))}catch(c){i(c)}},o=l=>l.done?s(l.value):Promise.resolve(l.value).then(n,r);o((a=a.apply(e,t)).next())});import{existsSync as oe}from"fs";import z from"path";var $=e=>{var l,c,u,h,b,A;let t=(l=e.plugins)==null?void 0:l.reduce((p,y)=>{var g;let w=y.schema;if(!w)return p;for(let[x,k]of Object.entries(w))p[x]={fields:m(m({},(g=p[x])==null?void 0:g.fields),k.fields),tableName:x};return p},{}),a=((c=e.rateLimit)==null?void 0:c.storage)==="database",s={rateLimit:{tableName:((u=e.rateLimit)==null?void 0:u.tableName)||"rateLimit",fields:{key:{type:"string"},count:{type:"number"},lastRequest:{type:"number"}}}},d=t||{},{user:i,session:n,account:r}=d,o=S(d,["user","session","account"]);return m(m({user:{tableName:((h=e.user)==null?void 0:h.modelName)||"user",fields:m({name:{type:"string",required:!0},email:{type:"string",unique:!0,required:!0},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0},image:{type:"string",required:!1},createdAt:{type:"date",defaultValue:()=>new Date,required:!0},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0}},i==null?void 0:i.fields),order:0},session:{tableName:((b=e.session)==null?void 0:b.modelName)||"session",fields:m({expiresAt:{type:"date",required:!0},ipAddress:{type:"string",required:!1},userAgent:{type:"string",required:!1},userId:{type:"string",references:{model:"user",field:"id",onDelete:"cascade"},required:!0}},n==null?void 0:n.fields),order:1},account:{tableName:((A=e.account)==null?void 0:A.modelName)||"account",fields:m({accountId:{type:"string",required:!0},providerId:{type:"string",required:!0},userId:{type:"string",references:{model:"user",field:"id",onDelete:"cascade"},required:!0},accessToken:{type:"string",required:!1},refreshToken:{type:"string",required:!1},idToken:{type:"string",required:!1},expiresAt:{type:"date",required:!1},password:{type:"string",required:!1}},r==null?void 0:r.fields),order:2}},o),a?s:{})};import se from"fs/promises";import{produceSchema as ae}from"@mrleebo/prisma-ast";var O=class extends Error{constructor(t,a,s){super(t),this.name="BetterAuthError",this.message=t,this.cause=a}};import{TimeSpan as Ne}from"oslo";import{alphabet as Le,generateRandomString as Ie}from"oslo/crypto";import{createConsola as re}from"consola";var q=re({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),ne=e=>({log:(...t)=>{!(e!=null&&e.disabled)&&q.log("",...t)},error:(...t)=>{!(e!=null&&e.disabled)&&q.error("",...t)},warn:(...t)=>{!(e!=null&&e.disabled)&&q.warn("",...t)},info:(...t)=>{!(e!=null&&e.disabled)&&q.info("",...t)},debug:(...t)=>{!(e!=null&&e.disabled)&&q.debug("",...t)},box:(...t)=>{!(e!=null&&e.disabled)&&q.box("",...t)},success:(...t)=>{!(e!=null&&e.disabled)&&q.success("",...t)},break:(...t)=>{!(e!=null&&e.disabled)&&console.log(`
|
|
2
|
+
`)}}),M=ne();function j(e){return e.charAt(0).toUpperCase()+e.slice(1)}import{generateState as Je}from"oslo/oauth2";import{z as Ye}from"zod";function N(e){if(!e)return{};if(e.length===1){let n=e[0];return n?{[n.field]:n.value}:void 0}let t=e.filter(n=>n.connector==="AND"||!n.connector),a=e.filter(n=>n.connector==="OR"),s=t.map(n=>({[n.field]:n.operator==="eq"||!n.operator?n.value:{[n.operator]:n.value}})),i=a.map(n=>({[n.field]:{[n.operator||"eq"]:n.value}}));return{AND:s.length?s:void 0,OR:i.length?i:void 0}}var xt=({db:e,provider:t})=>{let a=e;return{id:"prisma",create(i){return f(this,null,function*(){let{model:n,data:r,select:o}=i;return yield a[n].create(m({data:r},o!=null&&o.length?{select:o.reduce((l,c)=>C(m({},l),{[c]:!0}),{})}:{}))})},findOne(i){return f(this,null,function*(){let{model:n,where:r,select:o}=i,l=N(r);return yield a[n].findFirst(m({where:l},o!=null&&o.length?{select:o.reduce((c,u)=>C(m({},c),{[u]:!0}),{})}:{}))})},findMany(i){return f(this,null,function*(){let{model:n,where:r}=i,o=N(r);return yield a[n].findMany({where:o})})},update(i){return f(this,null,function*(){let{model:n,where:r,update:o}=i,l=N(r);return yield a[n].update({where:l,data:o})})},delete(i){return f(this,null,function*(){let{model:n,where:r}=i,o=N(r);return yield a[n].delete({where:o})})},createSchema(i,n){return f(this,null,function*(){let r=$(i),o=n||"./prisma/schema.prisma",l=oe(z.join(process.cwd(),o)),c="";return l?c=yield se.readFile(z.join(process.cwd(),o),"utf-8"):c=ie(t),{code:ae(c,d=>{for(let b in r){let y=function(g,x){if(g==="string")return x?"String?":"String";if(g==="number")return x?"Int?":"Int";if(g==="boolean")return x?"Boolean?":"Boolean";if(g==="date")return x?"DateTime?":"DateTime"};var h=y;let A=r[b].fields,p=r[b].tableName,w=d.findByType("model",{name:p});!w&&d.model(p).field("id","String").attribute("id");for(let g in A){let x=A[g];if(w){let k=d.findByType("field",{name:g,within:w.properties});if(console.log(g,"exists"),k)continue}d.model(p).field(g,y(x.type,!x.required)),x.unique&&d.model(p).blockAttribute(`unique([${g}])`),x.references&&d.model(p).field(j(x.references.model),x.references.model).attribute(`relation(fields: [${g}], references: [${x.references.field}], onDelete: Cascade)`)}}}),fileName:o}})}}},ie=e=>`generator client {
|
|
3
3
|
provider = "prisma-client-js"
|
|
4
4
|
}
|
|
5
5
|
|
|
6
6
|
datasource db {
|
|
7
7
|
provider = "${e}"
|
|
8
8
|
url = ${e==="sqlite"?'"file:./dev.db"':'env("DATABASE_URL")'}
|
|
9
|
-
}`;import{and as le,eq as
|
|
10
|
-
`}else d=`import { ${s}Table, text, ${u}, ${
|
|
9
|
+
}`;import{and as le,eq as L,or as ce}from"drizzle-orm";import*as V from"prettier";import{existsSync as de}from"fs";import ue from"fs/promises";function v(e,t){let a=Object.keys(t).find(s=>{let i=t[s].name;return i===i});if(!a)throw new Error("Model not found");return t[a]}function B(e,t){if(!e)return[];if(e.length===1){let o=e[0];return o?[L(t[o.field],o.value)]:[]}let a=e.filter(o=>o.connector==="AND"||!o.connector),s=e.filter(o=>o.connector==="OR"),i=le(...a.map(o=>L(t[o.field],o.value))),n=ce(...s.map(o=>L(t[o.field],o.value))),r=[];return a.length&&r.push(i),s.length&&r.push(n),r}var Rt=(e,t)=>{let a=(t==null?void 0:t.schema)||e._.schema;if(!a)throw new O("Drizzle adapter failed to initialize. Schema not found. Please provide a schema object in the adapter options object.");let s=t==null?void 0:t.provider;return{id:"drizzle",create(n){return f(this,null,function*(){let{model:r,data:o}=n,l=v(r,a);return(yield e.insert(l).values(o).returning())[0]})},findOne(n){return f(this,null,function*(){let{model:r,where:o,select:l}=n,c=v(r,a),u=B(o,c),d=null;return l!=null&&l.length?d=yield e.select(...l.map(h=>({[h]:c[h]}))).from(c).where(...u):d=yield e.select().from(c).where(...u),d.length?d[0]:null})},findMany(n){return f(this,null,function*(){let{model:r,where:o}=n,l=v(r,a),c=o?B(o,l):[];return yield e.select().from(l).findMany(...c)})},update(n){return f(this,null,function*(){let{model:r,where:o,update:l}=n,c=v(r,a),u=B(o,c);return(yield e.update(c).set(l).where(...u).returning())[0]})},delete(n){return f(this,null,function*(){let{model:r,where:o}=n,l=v(r,a),c=B(o,l);return(yield e.delete(l).where(...c))[0]})},createSchema(n,r){return f(this,null,function*(){let o=$(n),l=r||"./schema.ts",c=s!=="sqlite"?"timestamp, boolean":"",u=s==="mysql"?"int":"integer",d="",h=de(l);if(h){let p=yield ue.readFile(l,"utf-8");p.includes("import")?d=p:d=`import { ${s}Table, text, ${u}, ${c} } from "drizzle-orm/${s}-core";
|
|
10
|
+
`}else d=`import { ${s}Table, text, ${u}, ${c} } from "drizzle-orm/${s}-core";
|
|
11
11
|
`;for(let p in o){let g=function(k,T){if(T==="string")return`text('${k}')`;if(T==="number")return`${u}('${k}')`;if(T==="boolean")return s==="sqlite"?`integer('${k}', {
|
|
12
12
|
mode: "boolean"
|
|
13
13
|
})`:`boolean('${k}')`;if(T==="date")return s==="sqlite"?`integer('${k}', {
|
|
@@ -17,6 +17,6 @@ datasource db {
|
|
|
17
17
|
${Object.keys(w).map(k=>{let T=w[k];return`${k}: ${g(k,T.type)}${T.required?".notNull()":""}${T.unique?".unique()":""}${T.references?`.references(()=> ${T.references.model}.${T.references.field})`:""}`}).join()}
|
|
18
18
|
});`;d+=`
|
|
19
19
|
${x}
|
|
20
|
-
`}return{code:yield
|
|
20
|
+
`}return{code:yield V.format(d,{semi:!0,parser:"typescript",tabWidth:4}),fileName:l,append:h}})}}};function D(e){if(!e)return{};if(e.length===1){let r=e[0];return r?{[r.field]:r.value}:void 0}let t=e.filter(r=>r.connector==="AND"||!r.connector),a=e.filter(r=>r.connector==="OR"),s=t.map(r=>({[r.field]:r.operator==="eq"||!r.operator?r.value:{[r.field]:r.value}})),i=a.map(r=>({[r.field]:r.value})),n={};return s.length&&(n=C(m({},n),{$and:s})),i.length&&(n=C(m({},n),{$or:i})),n}function E(e){let s=e,{_id:t}=s;return S(s,["_id"])}function fe(e){return e.reduce((a,s)=>(a[s]=1,a),{})}var Bt=e=>{let t=e;return{id:"mongodb",create(s){return f(this,null,function*(){let{model:i,data:n}=s,o=(yield t.collection(i).insertOne(m({},n))).insertedId,l=m({id:o},n);return E(l)})},findOne(s){return f(this,null,function*(){let{model:i,where:n,select:r}=s,o=D(n),l={};r&&(l=fe(r));let u=(yield t.collection(i).find(m({},o),{projection:l}).toArray())[0];return u?E(u):null})},findMany(s){return f(this,null,function*(){let{model:i,where:n}=s,r=D(n),o=yield t.collection(i).findMany(r);return E(o)})},update(s){return f(this,null,function*(){let{model:i,where:n,update:r}=s,o=D(n),l=yield t.collection(i).findOneAndUpdate(o,{$set:r},{returnDocument:"after"});return E(l)})},delete(s){return f(this,null,function*(){let{model:i,where:n}=s,r=D(n);return yield t.collection(i).findOneAndDelete(r)})}}};import"kysely";function me(e){var a;return((a=e.plugins)==null?void 0:a.flatMap(s=>Object.keys(s.schema||{}).map(i=>{let r=(s.schema||{})[i];if(!(r!=null&&r.disableMigration))return{tableName:i,fields:r==null?void 0:r.fields}}).filter(i=>i!==void 0)))||[]}function G(e){let t=$(e),a=me(e);return[t.user,t.session,t.account,...a].reduce((i,n)=>{var r;return i[n.tableName]={fields:m(m({},(r=i[n.tableName])==null?void 0:r.fields),n.fields)},i},{})}import{Kysely as pe}from"kysely";import{MysqlDialect as K,PostgresDialect as W,SqliteDialect as H}from"kysely";var ye=e=>f(void 0,null,function*(){var a,s;if(!e.database)return;if("createDriver"in e.database)return e.database;let t;if("provider"in e.database){let i=e.database.provider,n=(s=(a=e.database)==null?void 0:a.url)==null?void 0:s.trim();if(i==="postgres"){let o=(yield import("pg").catch(l=>{throw new O("Please install `pg` to use postgres database")})).Pool;t=new W({pool:new o({connectionString:n})})}if(i==="mysql")try{let{createPool:r}=yield import("mysql2/promise").catch(c=>{throw new O("Please install `mysql2` to use mysql database")}),o=new URL(n),l=r({host:o.hostname,user:o.username,password:o.password,database:o.pathname.split("/")[1],port:Number(o.port)});t=new K({pool:l})}catch(r){if(r instanceof TypeError)throw new O("Invalid database URL")}if(i==="sqlite"){let{default:r}=yield import("better-sqlite3").catch(l=>{throw new O("Please install `better-sqlite3` to use sqlite database")}),o=new r(n);t=new H({database:o})}}return t}),X=e=>f(void 0,null,function*(){let t=yield ye(e);return t&&new pe({dialect:t})}),J=e=>{if("provider"in e.database)return e.database.provider;if("dialect"in e.database){if(e.database.dialect instanceof W)return"postgres";if(e.database.dialect instanceof K)return"mysql";if(e.database.dialect instanceof H)return"sqlite"}return"sqlite"};var he={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},be={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},ge={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},Ae={postgres:he,mysql:be,sqlite:ge};function xe(e,t,a){return Ae[a][t].map(r=>r.toLowerCase()).includes(e.toLowerCase())}function Q(e){return f(this,null,function*(){let t=G(e),a=J(e),s=yield X(e);s||(M.error("Invalid database configuration."),process.exit(1));let i=yield s.introspection.getTables(),n=[],r=[];for(let[d,h]of Object.entries(t)){let b=i.find(p=>p.name===d);if(!b){let p=n.findIndex(g=>g.table===d),y={table:d,fields:h.fields,order:h.order||1/0},w=n.findIndex(g=>(g.order||1/0)>y.order);w===-1?p===-1?n.push(y):n[p].fields=m(m({},n[p].fields),h.fields):n.splice(w,0,y);continue}let A={};for(let[p,y]of Object.entries(h.fields)){let w=b.columns.find(g=>g.name===p);if(!w){A[p]=y;continue}xe(w.dataType,y.type,a)||M.warn(`Field ${p} in table ${d} has a different type in the database. Expected ${y.type} but got ${w.dataType}.`)}Object.keys(A).length>0&&r.push({table:d,fields:A,order:h.order||1/0})}let o=[];function l(d){let h={string:"text",boolean:"boolean",number:"integer",date:"date"};return a==="mysql"&&d==="string"?"varchar(255)":h[d]}if(r.length)for(let d of r)for(let[h,b]of Object.entries(d.fields)){let A=l(b.type),p=s.schema.alterTable(d.table).addColumn(h,A,y=>(y=b.required!==!1?y.notNull():y,b.references&&(y=y.references(`${b.references.model}.${b.references.field}`)),y));o.push(p)}if(n.length)for(let d of n){let h=s.schema.createTable(d.table).addColumn("id",l("string"),b=>b.primaryKey());for(let[b,A]of Object.entries(d.fields)){let p=l(A.type);h=h.addColumn(b,p,y=>(y=A.required!==!1?y.notNull():y,A.references&&(y=y.references(`${A.references.model}.${A.references.field}`)),A.unique&&(y=y.unique()),y))}o.push(h)}function c(){return f(this,null,function*(){for(let d of o)yield d.execute()})}function u(){return f(this,null,function*(){return o.map(h=>h.compile().sql).join(`;
|
|
21
21
|
|
|
22
|
-
`)})}return{toBeCreated:n,toBeAdded:r,runMigrations:
|
|
22
|
+
`)})}return{toBeCreated:n,toBeAdded:r,runMigrations:c,compileMigrations:u}})}function P(e){if(!e)return{and:null,or:null};let t=e==null?void 0:e.filter(s=>s.connector==="AND"||!s.connector).reduce((s,i)=>C(m({},s),{[i.field]:i.value}),{}),a=e==null?void 0:e.filter(s=>s.connector==="OR").reduce((s,i)=>C(m({},s),{[i.field]:i.value}),{});return{and:Object.keys(t).length?t:null,or:Object.keys(a).length?a:null}}function _(e,t,a){var s,i,n;for(let r in e)e[r]===0&&((s=t[r])==null?void 0:s.type)==="boolean"&&(a!=null&&a.boolean)&&(e[r]=!1),e[r]===1&&((i=t[r])==null?void 0:i.type)==="boolean"&&(a!=null&&a.boolean)&&(e[r]=!0),((n=t[r])==null?void 0:n.type)==="date"&&(e[r]instanceof Date||(e[r]=new Date(e[r])));return e}function Y(e,t){for(let a in e)typeof e[a]=="boolean"&&(t!=null&&t.boolean)&&(e[a]=e[a]?1:0),e[a]instanceof Date&&(e[a]=e[a].toISOString());return e}var Qt=(e,t)=>({id:"kysely",create(s){return f(this,null,function*(){let{model:i,data:n,select:r}=s;t!=null&&t.transform&&(n=Y(n,t.transform));let o=yield e.insertInto(i).values(n).returningAll().executeTakeFirst();if(t!=null&&t.transform){let l=t.transform.schema[i];o=l?_(n,l,t.transform):o}return r!=null&&r.length&&(o=o?r.reduce((c,u)=>o!=null&&o[u]?C(m({},c),{[u]:o[u]}):c,{}):null),o})},findOne(s){return f(this,null,function*(){let{model:i,where:n,select:r}=s,{and:o,or:l}=P(n),c=e.selectFrom(i).selectAll();l&&(c=c.where(d=>d.or(l))),o&&(c=c.where(d=>d.and(o)));let u=yield c.executeTakeFirst();if(r!=null&&r.length&&(u=u?r.reduce((h,b)=>u!=null&&u[b]?C(m({},h),{[b]:u[b]}):h,{}):null),t!=null&&t.transform){let d=t.transform.schema[i];return u=u&&d?_(u,d,t.transform):u,u||null}return u||null})},findMany(s){return f(this,null,function*(){let{model:i,where:n}=s,r=e.selectFrom(i),{and:o,or:l}=P(n);o&&(r=r.where(u=>u.and(o))),l&&(r=r.where(u=>u.or(l)));let c=yield r.selectAll().execute();if(t!=null&&t.transform){let u=t.transform.schema[i];return u?c.map(d=>_(d,u,t.transform)):c}return c})},update(s){return f(this,null,function*(){let{model:i,where:n,update:r}=s,{and:o,or:l}=P(n);t!=null&&t.transform&&(r=Y(r,t.transform));let c=e.updateTable(i).set(r);o&&(c=c.where(d=>d.and(o))),l&&(c=c.where(d=>d.or(l)));let u=(yield c.returningAll().executeTakeFirst())||null;if(t!=null&&t.transform){let d=t.transform.schema[i];return d?_(u,d,t.transform):u}return u})},delete(s){return f(this,null,function*(){let{model:i,where:n}=s,{and:r,or:o}=P(n),l=e.deleteFrom(i);r&&(l=l.where(c=>c.and(r))),o&&(l=l.where(c=>c.or(o))),yield l.execute()})},createSchema(s){return f(this,null,function*(){let{compileMigrations:i}=yield Q(s);return console.log(i),{code:yield i(),fileName:`./better-auth_migrations/${new Date().toISOString()}.sql`}})}});export{Rt as drizzleAdapter,Qt as kyselyAdapter,Bt as mongodbAdapter,xt as prismaAdapter};
|
package/dist/api.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { A as AuthEndpoint, b as AuthMiddleware, y as callbackOAuth, X as changePassword, a as createAuthEndpoint, c as createAuthMiddleware, Q as createEmailVerificationToken, a1 as csrfMiddleware, _ as error, M as forgetPassword, N as forgetPasswordCallback, Z as getCSRFToken, u as getEndpoints, z as getSession, C as getSessionFromCtx, E as listSessions, $ as ok, o as optionsMiddleware, O as resetPassword, J as revokeSession, K as revokeSessions, v as router, T as sendVerificationEmail, D as sessionMiddleware, Y as setPassword, x as signInEmail, w as signInOAuth, L as signOut, a0 as signUpEmail, V as updateUser, U as verifyEmail } from './index-
|
|
1
|
+
export { A as AuthEndpoint, b as AuthMiddleware, y as callbackOAuth, X as changePassword, a as createAuthEndpoint, c as createAuthMiddleware, Q as createEmailVerificationToken, a1 as csrfMiddleware, _ as error, M as forgetPassword, N as forgetPasswordCallback, Z as getCSRFToken, u as getEndpoints, z as getSession, C as getSessionFromCtx, E as listSessions, $ as ok, o as optionsMiddleware, O as resetPassword, J as revokeSession, K as revokeSessions, v as router, T as sendVerificationEmail, D as sessionMiddleware, Y as setPassword, x as signInEmail, w as signInOAuth, L as signOut, a0 as signUpEmail, V as updateUser, U as verifyEmail } from './index-gO-yM4kI.js';
|
|
2
2
|
import 'zod';
|
|
3
3
|
import './helper-C1ihmerM.js';
|
|
4
4
|
import 'better-call';
|
package/dist/api.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
var Je=Object.defineProperty,Ze=Object.defineProperties;var Ke=Object.getOwnPropertyDescriptors;var te=Object.getOwnPropertySymbols;var Qe=Object.prototype.hasOwnProperty,Xe=Object.prototype.propertyIsEnumerable;var re=(e,t,n)=>t in e?Je(e,t,{enumerable:!0,configurable:!0,writable:!0,value:n}):e[t]=n,g=(e,t)=>{for(var n in t||(t={}))Qe.call(t,n)&&re(e,n,t[n]);if(te)for(var n of te(t))Xe.call(t,n)&&re(e,n,t[n]);return e},A=(e,t)=>Ze(e,Ke(t));var a=(e,t,n)=>new Promise((o,r)=>{var s=c=>{try{d(n.next(c))}catch(u){r(u)}},i=c=>{try{d(n.throw(c))}catch(u){r(u)}},d=c=>c.done?o(c.value):Promise.resolve(c.value).then(s,i);d((n=n.apply(e,t)).next())});import{APIError as Ft,createRouter as Gt}from"better-call";import{APIError as se}from"better-call";import{z as ie}from"zod";import{xchacha20poly1305 as Qt}from"@noble/ciphers/chacha";import{bytesToHex as Yt,hexToBytes as er,utf8ToBytes as tr}from"@noble/ciphers/utils";import{managedNonce as or}from"@noble/ciphers/webcrypto";import{sha256 as sr}from"@noble/hashes/sha256";function
|
|
2
|
-
`)}}),_=ut();var fe=e=>{let t=new pt(e.clientId,e.clientSecret,w("google",e.redirectURI));return{id:"google",name:"Google",createAuthorizationURL({state:o,scopes:r,codeVerifier:s,redirectURI:i}){if(!e.clientId||!e.clientSecret)throw _.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new D("CLIENT_ID_AND_SECRET_REQUIRED");if(!s)throw new D("codeVerifier is required for Google");let d=r||["email","profile"];return t.createAuthorizationURL(o,s,d)},validateAuthorizationCode:(o,r,s)=>a(void 0,null,function*(){return k({code:o,codeVerifier:r,redirectURI:s||w("google",e.redirectURI),options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"})}),getUserInfo(o){return a(this,null,function*(){var s;if(!o.idToken)return null;let r=(s=mt(o.idToken()))==null?void 0:s.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}})}}};import{betterFetch as ft}from"@better-fetch/fetch";import{Spotify as gt}from"arctic";var ge=e=>{let t=new gt(e.clientId,e.clientSecret,w("spotify",e.redirectURI));return{id:"spotify",name:"Spotify",createAuthorizationURL({state:o,scopes:r}){let s=r||["user-read-email"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>a(void 0,null,function*(){return k({code:o,codeVerifier:r,redirectURI:s||w("spotify",e.redirectURI),options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"})}),getUserInfo(o){return a(this,null,function*(){var i;let{data:r,error:s}=yield ft("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s?null:{user:{id:r.id,name:r.display_name,email:r.email,image:(i=r.images[0])==null?void 0:i.url,emailVerified:!1},data:r}})}}};import{betterFetch as ht}from"@better-fetch/fetch";import{Twitch as yt}from"arctic";var he=e=>{let t=new yt(e.clientId,e.clientSecret,w("twitch",e.redirectURI));return{id:"twitch",name:"Twitch",createAuthorizationURL({state:o,scopes:r}){let s=r||["activity:write","read"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>a(void 0,null,function*(){return k({code:o,codeVerifier:r,redirectURI:s||w("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"})}),getUserInfo(o){return a(this,null,function*(){let{data:r,error:s}=yield ht("https://api.twitch.tv/helix/users",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s?null:{user:{id:r.sub,name:r.preferred_username,email:r.email,image:r.picture,emailVerified:!1},data:r}})}}};import{betterFetch as wt}from"@better-fetch/fetch";import{Twitter as bt}from"arctic";var ye=e=>{let t=new bt(e.clientId,e.clientSecret,w("twitter",e.redirectURI));return{id:"twitter",name:"Twitter",createAuthorizationURL(o){let r=o.scopes||["account_info.read"];return t.createAuthorizationURL(o.state,o.codeVerifier,r)},validateAuthorizationCode:(o,r,s)=>a(void 0,null,function*(){return k({code:o,codeVerifier:r,redirectURI:s||w("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"})}),getUserInfo(o){return a(this,null,function*(){let{data:r,error:s}=yield wt("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}})}}};import"arctic";var At={apple:ce,discord:le,facebook:ue,github:me,google:fe,spotify:ge,twitch:he,twitter:ye},we=Object.keys(At);import{generateState as kt}from"oslo/oauth2";import{z as q}from"zod";function be(e,t,n){let o=kt();return{state:JSON.stringify({code:o,callbackURL:e,currentURL:t,dontRememberMe:n}),code:o}}function W(e){return q.object({code:q.string(),callbackURL:q.string().optional(),currentURL:q.string().optional(),dontRememberMe:q.boolean().optional()}).safeParse(JSON.parse(e))}import{APIError as Rt}from"better-call";var Ae=(e,t=!1)=>{let n=new Date;return new Date(n.getTime()+(t?e*1e3:e))};import{TimeSpan as Jo}from"oslo";function S(e,t,n,o){return a(this,null,function*(){let r=e.context.authCookies.sessionToken.options;r.maxAge=n?void 0:r.maxAge,yield e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,r),n&&(yield e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options))})}function V(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}import{z as ke}from"zod";function N(e){let t="127.0.0.1";if(process.env.NODE_ENV==="test")return t;let n=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"];for(let o of n){let r=e.headers.get(o);if(typeof r=="string"){let s=r.split(",")[0].trim();if(s)return s}}return null}var J=new Map;function Ut(e,t){if(!e.request)return"";let{method:n,url:o,headers:r}=e.request,s=e.request.headers.get("User-Agent")||"",i=N(e.request)||"",d=JSON.stringify(r);return`${n}:${o}:${d}:${s}:${i}:${t}`}var Z=()=>f("/session",{method:"GET",requireHeaders:!0},e=>a(void 0,null,function*(){try{let t=yield e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let n=Ut(e,t),o=J.get(n);if(o){if(o.expiresAt>Date.now())return e.json(o.data);J.delete(n)}let r=yield e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return V(e),r&&(yield e.context.internalAdapter.deleteSession(r.session.id)),e.json(null,{status:401});if(yield e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let i=e.context.sessionConfig.expiresIn,d=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-i*1e3+d*1e3<=Date.now()){let l=yield e.context.internalAdapter.updateSession(r.session.id,{expiresAt:Ae(e.context.sessionConfig.expiresIn,!0)});if(!l)return V(e),e.json(null,{status:401});let p=(l.expiresAt.valueOf()-Date.now())/1e3;return yield S(e,l.id,!1,{maxAge:p}),e.json({session:l,user:r.user})}return J.set(n,{data:r,expiresAt:Date.now()+5e3}),e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}})),K=e=>a(void 0,null,function*(){return yield Z()(A(g({},e),{_flag:void 0}))}),B=H(e=>a(void 0,null,function*(){let t=yield K(e);if(!(t!=null&&t.session))throw new Rt("UNAUTHORIZED");return{session:t}})),Re=()=>f("/user/list-sessions",{method:"GET",use:[B],requireHeaders:!0},e=>a(void 0,null,function*(){let n=(yield e.context.adapter.findMany({model:e.context.tables.session.tableName,where:[{field:"userId",value:e.context.session.user.id}]})).filter(o=>o.expiresAt>new Date);return e.json(n)})),Ue=f("/user/revoke-session",{method:"POST",body:ke.object({id:ke.string()}),use:[B],requireHeaders:!0},e=>a(void 0,null,function*(){let t=e.body.id,n=yield e.context.internalAdapter.findSession(t);if(!n)return e.json(null,{status:400});if(n.session.userId!==e.context.session.user.id)return e.json(null,{status:403});try{yield e.context.internalAdapter.deleteSession(t)}catch(o){return e.context.logger.error(o),e.json(null,{status:500})}return e.json({status:!0})})),Te=f("/user/revoke-sessions",{method:"POST",use:[B],requireHeaders:!0},e=>a(void 0,null,function*(){try{yield e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}return e.json({status:!0})}));var Pe=f("/sign-in/social",{method:"POST",requireHeaders:!0,query:P.object({currentURL:P.string().optional()}).optional(),body:P.object({callbackURL:P.string().optional(),provider:P.enum(we),dontRememberMe:P.boolean().default(!1).optional()})},e=>a(void 0,null,function*(){var i,d,c,u;let t=e.context.socialProviders.find(l=>l.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider to your auth config",{provider:e.body.provider}),new I("NOT_FOUND",{message:"Provider not found"});let n=e.context.authCookies,o=(i=e.query)!=null&&i.currentURL?new URL((d=e.query)==null?void 0:d.currentURL):null,r=(c=e.body.callbackURL)!=null&&c.startsWith("http")?e.body.callbackURL:`${o==null?void 0:o.origin}${e.body.callbackURL||""}`,s=be(r||(o==null?void 0:o.origin)||e.context.baseURL,(u=e.query)==null?void 0:u.currentURL);try{yield e.setSignedCookie(n.state.name,s.code,e.context.secret,n.state.options);let l=Tt();yield e.setSignedCookie(n.pkCodeVerifier.name,l,e.context.secret,n.pkCodeVerifier.options);let p=t.createAuthorizationURL({state:s.state,codeVerifier:l});return p.searchParams.set("redirect_uri",`${e.context.baseURL}/callback/${e.body.provider}`),{url:p.toString(),state:s.state,codeVerifier:l,redirect:!0}}catch(l){throw new I("INTERNAL_SERVER_ERROR")}})),ve=f("/sign-in/email",{method:"POST",body:P.object({email:P.string().email(),password:P.string(),callbackURL:P.string().optional(),dontRememberMe:P.boolean().default(!1).optional()})},e=>a(void 0,null,function*(){var l,p;if(!((p=(l=e.context.options)==null?void 0:l.emailAndPassword)!=null&&p.enabled))throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new I("BAD_REQUEST",{message:"Email and password is not enabled"});let t=yield K(e);t&&(yield e.context.internalAdapter.deleteSession(t.session.id));let{email:n,password:o}=e.body;if(!P.string().email().safeParse(n).success)throw new I("BAD_REQUEST",{message:"Invalid email"});let s=yield e.context.internalAdapter.findUserByEmail(n);if(!s)throw yield e.context.password.hash(o),e.context.logger.error("User not found",{email:n}),new I("UNAUTHORIZED",{message:"Invalid email or password"});let i=s.accounts.find(m=>m.providerId==="credential");if(!i)throw e.context.logger.error("Credential account not found",{email:n}),new I("UNAUTHORIZED",{message:"Invalid email or password"});let d=i==null?void 0:i.password;if(!d)throw e.context.logger.error("Password not found",{email:n}),new I("UNAUTHORIZED",{message:"Unexpected error"});if(!(yield e.context.password.verify(d,o)))throw e.context.logger.error("Invalid password"),new I("UNAUTHORIZED",{message:"Invalid email or password"});let u=yield e.context.internalAdapter.createSession(s.user.id,e.headers,e.body.dontRememberMe);if(!u)throw e.context.logger.error("Failed to create session"),new I("INTERNAL_SERVER_ERROR");return yield S(e,u.id,e.body.dontRememberMe),e.json({user:s.user,session:u,redirect:!!e.body.callbackURL,url:e.body.callbackURL})}));import{APIError as St}from"better-call";import{z as F}from"zod";import{z as h}from"zod";var wn=h.object({id:h.string(),providerId:h.string(),accountId:h.string(),userId:h.string(),accessToken:h.string().nullable().optional(),refreshToken:h.string().nullable().optional(),idToken:h.string().nullable().optional(),expiresAt:h.date().nullable().optional(),password:h.string().optional().nullable()}),Se=h.object({id:h.string(),email:h.string().transform(e=>e.toLowerCase()),emailVerified:h.boolean().default(!1),name:h.string(),image:h.string().optional(),createdAt:h.date().default(new Date),updatedAt:h.date().default(new Date)}),bn=h.object({id:h.string(),userId:h.string(),expiresAt:h.date(),ipAddress:h.string().optional(),userAgent:h.string().optional()});import{alphabet as Pt,generateRandomString as vt}from"oslo/crypto";var xe=()=>vt(36,Pt("a-z","0-9"));var C={isAction:!1};function Q(e){let t=e.accessToken(),n=e.hasRefreshToken()?e.refreshToken():void 0,o;try{o=e.accessTokenExpiresAt()}catch(r){}return{accessToken:t,refreshToken:n,expiresAt:o}}var _e=f("/callback/:id",{method:"GET",query:F.object({state:F.string(),code:F.string().optional(),error:F.string().optional()}),metadata:C},e=>a(void 0,null,function*(){var U,T,O;if(e.query.error||!e.query.code){let R=((U=W(e.query.state).data)==null?void 0:U.callbackURL)||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${R}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(b=>b.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let n=yield e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),o;try{o=yield t.validateAuthorizationCode(e.query.code,n,`${e.context.baseURL}/callback/${t.id}`)}catch(b){throw e.context.logger.error(b),e.redirect(`${e.context.baseURL}/error?error=oauth_code_verification_failed`)}let r=yield t.getUserInfo(o).then(b=>b==null?void 0:b.user),s=xe(),i=Se.safeParse(A(g({},r),{id:s})),d=W(e.query.state);if(!d.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=invalid_state_parameter`);let{callbackURL:c,currentURL:u,dontRememberMe:l}=d.data;if(!r||i.success===!1)throw e.redirect(`${e.context.baseURL}/error?error=oauth_validation_failed`);if(!c)throw e.redirect(`${e.context.baseURL}/error?error=oauth_callback_url_not_found`);let p=yield e.context.internalAdapter.findUserByEmail(r.email),m=p==null?void 0:p.user.id;if(p){let b=p.accounts.find(j=>j.providerId===t.id),R=(O=(T=e.context.options.account)==null?void 0:T.accountLinking)==null?void 0:O.trustedProviders,z=R?R.includes(t.id):!0;if(!b&&(!r.emailVerified||!z)){let j;try{j=new URL(u||c),j.searchParams.set("error","account_not_linked")}catch(Jt){throw e.redirect(`${e.context.baseURL}/error?error=account_not_linked`)}throw e.redirect(j.toString())}if(!b)try{yield e.context.internalAdapter.linkAccount(g({providerId:t.id,accountId:r.id,id:`${t.id}:${r.id}`,userId:p.user.id},Q(o)))}catch(j){throw console.log(j),e.redirect(`${e.context.baseURL}/error?error=failed_linking_account`)}}else try{yield e.context.internalAdapter.createOAuthUser(i.data,A(g({},Q(o)),{id:`${t.id}:${r.id}`,providerId:t.id,accountId:r.id,userId:s}))}catch(b){let R=new URL(u||c);throw R.searchParams.set("error","unable_to_create_user"),e.setHeader("Location",R.toString()),e.redirect(R.toString())}if(!m&&!s)throw new St("INTERNAL_SERVER_ERROR",{message:"Unable to create user"});let y=yield e.context.internalAdapter.createSession(m||s,e.request,l);if(!y){let b=new URL(u||c);throw b.searchParams.set("error","unable_to_create_session"),e.redirect(b.toString())}try{yield S(e,y.id,l)}catch(b){e.context.logger.error("Unable to set session cookie",b);let R=new URL(u||c);throw R.searchParams.set("error","unable_to_create_session"),e.redirect(R.toString())}throw e.redirect(c)}));import{z as X}from"zod";var Ie=f("/sign-out",{method:"POST",body:X.optional(X.object({callbackURL:X.string().optional()}))},e=>a(void 0,null,function*(){var n,o;let t=yield e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);return t?(yield e.context.internalAdapter.deleteSession(t),V(e),e.json(null,{body:{redirect:!!((n=e.body)!=null&&n.callbackURL),url:(o=e.body)==null?void 0:o.callbackURL}})):e.json(null)}));import{TimeSpan as xt}from"oslo";import{createJWT as _t,parseJWT as It}from"oslo/jwt";import{validateJWT as Ee}from"oslo/jwt";import{z as v}from"zod";var Le=f("/forget-password",{method:"POST",body:v.object({email:v.string().email(),redirectTo:v.string()})},e=>a(void 0,null,function*(){var s;if(!((s=e.context.options.emailAndPassword)!=null&&s.sendResetPassword))return e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function to your auth config!"),e.json(null,{status:400,statusText:"RESET_PASSWORD_EMAIL_NOT_SENT",body:{message:"Reset password isn't enabled"}});let{email:t}=e.body,n=yield e.context.internalAdapter.findUserByEmail(t);if(!n)return e.json({status:!1},{body:{status:!0}});let o=yield _t("HS256",Buffer.from(e.context.secret),{email:n.user.email,redirectTo:e.body.redirectTo},{expiresIn:new xt(1,"h"),issuer:"better-auth",subject:"forget-password",audiences:[n.user.email],includeIssuedTimestamp:!0}),r=`${e.context.baseURL}/reset-password/${o}`;return yield e.context.options.emailAndPassword.sendResetPassword(r,n.user),e.json({status:!0})})),Oe=f("/reset-password/:token",{method:"GET"},e=>a(void 0,null,function*(){var s;let{token:t}=e.params,n,o=v.object({email:v.string(),redirectTo:v.string()});try{if(n=yield Ee("HS256",Buffer.from(e.context.secret),t),!n.expiresAt||n.expiresAt<new Date)throw Error("Token expired")}catch(i){let d=It(t),c=o.safeParse(d==null?void 0:d.payload);throw c.success?e.redirect(`${(s=c.data)==null?void 0:s.redirectTo}?error=invalid_token`):e.redirect(`${e.context.baseURL}/error?error=invalid_token`)}let{redirectTo:r}=o.parse(n.payload);throw e.redirect(`${r}?token=${t}`)})),Ce=f("/reset-password",{method:"POST",query:v.object({currentURL:v.string()}).optional(),body:v.object({newPassword:v.string(),callbackURL:v.string().optional()})},e=>a(void 0,null,function*(){var o,r,s;let t=(o=e.query)==null?void 0:o.currentURL.split("?token=")[1];if(!t)return e.json({error:"Invalid token",data:null},{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}});let{newPassword:n}=e.body;try{let i=yield Ee("HS256",Buffer.from(e.context.secret),t),d=v.string().email().parse(i.payload.email),c=yield e.context.internalAdapter.findUserByEmail(d);if(!c)return e.json({error:"User not found",data:null},{status:400,body:{message:"failed to reset password"}});if(n.length<(((r=e.context.options.emailAndPassword)==null?void 0:r.minPasswordLength)||8)||n.length>(((s=e.context.options.emailAndPassword)==null?void 0:s.maxPasswordLength)||32))return e.json({data:null,error:"password is too short or too long"},{status:400,statusText:"INVALID_PASSWORD_LENGTH",body:{message:"password is too short or too long"}});let u=yield e.context.password.hash(n);return(yield e.context.internalAdapter.updatePassword(c.user.id,u))?e.json({error:null,data:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}},{body:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}}):e.json(null,{status:400,statusText:"USER_NOT_FOUND",body:{message:"User doesn't have a credential account"}})}catch(i){return console.log(i),e.json({error:"Invalid token",data:null},{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}})}}));import{TimeSpan as Et}from"oslo";import{createJWT as Lt,validateJWT as Ot}from"oslo/jwt";import{z as x}from"zod";function Y(e,t){return a(this,null,function*(){return yield Lt("HS256",Buffer.from(e),{email:t.toLowerCase()},{expiresIn:new Et(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})})}var je=f("/send-verification-email",{method:"POST",query:x.object({currentURL:x.string().optional()}).optional(),body:x.object({email:x.string().email(),callbackURL:x.string().optional()})},e=>a(void 0,null,function*(){var r,s;if(!((r=e.context.options.emailAndPassword)!=null&&r.sendVerificationEmail))return e.context.logger.error("Verification email isn't enabled. Pass `sendVerificationEmail` in `emailAndPassword` options to enable it."),e.json(null,{status:400,statusText:"VERIFICATION_EMAIL_NOT_SENT",body:{message:"Verification email isn't enabled"}});let{email:t}=e.body,n=yield Y(e.context.secret,t),o=`${e.context.baseURL}/verify-email?token=${n}&callbackURL=${e.body.callbackURL||((s=e.query)==null?void 0:s.currentURL)||"/"}`;return yield e.context.options.emailAndPassword.sendVerificationEmail(t,o,n),e.json({status:!0})})),De=f("/verify-email",{method:"GET",query:x.object({token:x.string(),callbackURL:x.string().optional()})},e=>a(void 0,null,function*(){let{token:t}=e.query,n;try{n=yield Ot("HS256",Buffer.from(e.context.secret),t)}catch(d){return e.context.logger.error("Failed to verify email",d),e.json(null,{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}})}let r=x.object({email:x.string().email()}).parse(n.payload),s=yield e.context.internalAdapter.findUserByEmail(r.email);if(!s)return e.json(null,{status:400,statusText:"USER_NOT_FOUND",body:{message:"User not found"}});if(!s.accounts.find(d=>d.providerId==="credential"))throw e.redirect;if(yield e.context.internalAdapter.updateUserByEmail(r.email,{emailVerified:!0}),e.query.callbackURL)throw console.log("Redirecting to",e.query.callbackURL),e.redirect("/");return e.json({status:!0})}));import{z as E}from"zod";import{alphabet as Ct,generateRandomString as jt}from"oslo/crypto";import"better-call";var $e=f("/user/update",{method:"POST",body:E.object({name:E.string().optional(),image:E.string().optional()}),use:[B]},e=>a(void 0,null,function*(){let{name:t,image:n}=e.body,o=e.context.session;if(!n&&!t)return e.json(o.user);let r=yield e.context.internalAdapter.updateUserByEmail(o.user.email,{name:t,image:n});return e.json(r)})),Be=f("/user/change-password",{method:"POST",body:E.object({newPassword:E.string(),currentPassword:E.string(),revokeOtherSessions:E.boolean().optional()}),use:[B]},e=>a(void 0,null,function*(){let{newPassword:t,currentPassword:n,revokeOtherSessions:o}=e.body,r=e.context.session,s=e.context.password.config.minPasswordLength;if(t.length<s)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let i=e.context.password.config.maxPasswordLength;if(t.length>i)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let c=(yield e.context.internalAdapter.findAccounts(r.user.id)).find(p=>p.providerId==="credential"&&p.password);if(!c||!c.password)return e.json(null,{status:400,body:{message:"User does not have a password"}});let u=yield e.context.password.hash(t);if(!(yield e.context.password.verify(c.password,n)))return e.json(null,{status:400,body:{message:"Invalid password"}});if(yield e.context.internalAdapter.updateAccount(c.id,{password:u}),o){yield e.context.internalAdapter.deleteSessions(r.user.id);let p=yield e.context.internalAdapter.createSession(r.user.id,e.headers);if(!p)return e.json(null,{status:500,body:{message:"Failed to create session"}});yield S(e,p.id)}return e.json(r.user)})),ze=f("/user/set-password",{method:"POST",body:E.object({newPassword:E.string()}),use:[B]},e=>a(void 0,null,function*(){let{newPassword:t}=e.body,n=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let r=e.context.password.config.maxPasswordLength;if(t.length>r)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let i=(yield e.context.internalAdapter.findAccounts(n.user.id)).find(c=>c.providerId==="credential"&&c.password),d=yield e.context.password.hash(t);return i?e.json(null,{status:400,body:{message:"User already has a password"}}):(yield e.context.internalAdapter.linkAccount({id:jt(32,Ct("a-z","0-9","A-Z")),userId:n.user.id,providerId:"credential",accountId:n.user.id,password:d}),e.json(n.user))}));import{alphabet as Dt,generateRandomString as $t}from"oslo/crypto";var qe=f("/csrf",{method:"GET",metadata:C},e=>a(void 0,null,function*(){let t=yield e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t)return{csrfToken:t};let n=$t(32,Dt("a-z","0-9","A-Z")),o=yield M(e.context.secret,n),r=`${n}!${o}`;return yield e.setSignedCookie(e.context.authCookies.csrfToken.name,r,e.context.secret,e.context.authCookies.csrfToken.options),{csrfToken:n}}));var Bt=(e="Unknown")=>`<!DOCTYPE html>
|
|
1
|
+
var Je=Object.defineProperty,Ze=Object.defineProperties;var Ke=Object.getOwnPropertyDescriptors;var te=Object.getOwnPropertySymbols;var Qe=Object.prototype.hasOwnProperty,Xe=Object.prototype.propertyIsEnumerable;var re=(e,t,n)=>t in e?Je(e,t,{enumerable:!0,configurable:!0,writable:!0,value:n}):e[t]=n,g=(e,t)=>{for(var n in t||(t={}))Qe.call(t,n)&&re(e,n,t[n]);if(te)for(var n of te(t))Xe.call(t,n)&&re(e,n,t[n]);return e},A=(e,t)=>Ze(e,Ke(t));var a=(e,t,n)=>new Promise((o,r)=>{var s=c=>{try{d(n.next(c))}catch(u){r(u)}},i=c=>{try{d(n.throw(c))}catch(u){r(u)}},d=c=>c.done?o(c.value):Promise.resolve(c.value).then(s,i);d((n=n.apply(e,t)).next())});import{APIError as Ft,createRouter as Gt}from"better-call";import{APIError as se}from"better-call";import{z as ie}from"zod";import{xchacha20poly1305 as Qt}from"@noble/ciphers/chacha";import{bytesToHex as Yt,hexToBytes as er,utf8ToBytes as tr}from"@noble/ciphers/utils";import{managedNonce as or}from"@noble/ciphers/webcrypto";import{sha256 as sr}from"@noble/hashes/sha256";function V(e,t){return a(this,null,function*(){let n=new TextEncoder,o={name:"HMAC",hash:"SHA-256"},r=yield crypto.subtle.importKey("raw",n.encode(e),o,!1,["sign","verify"]),s=yield crypto.subtle.sign(o.name,r,n.encode(t));return btoa(String.fromCharCode(...new Uint8Array(s)))})}import{createEndpointCreator as Ye,createMiddleware as oe,createMiddlewareCreator as et}from"better-call";var ne=oe(()=>a(void 0,null,function*(){return{}})),M=et({use:[ne,oe(()=>a(void 0,null,function*(){return{}}))]}),f=Ye({use:[ne]});var ae=M({body:ie.object({csrfToken:ie.string().optional()}).optional()},e=>a(void 0,null,function*(){var d,c,u,l;if(((d=e.request)==null?void 0:d.method)!=="POST"||(c=e.context.options.advanced)!=null&&c.disableCSRFCheck)return;let t=new URL(e.request.url);if(t.origin===new URL(e.context.baseURL).origin||(u=e.context.options.trustedOrigins)!=null&&u.includes(t.origin))return;let n=(l=e.body)==null?void 0:l.csrfToken,o=yield e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret),[r,s]=(o==null?void 0:o.split("!"))||[null,null];if(!n||!o||!r||!s||o!==n)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new se("UNAUTHORIZED",{message:"Invalid CSRF Token"});let i=yield V(e.context.secret,r);if(s!==i)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new se("UNAUTHORIZED",{message:"Invalid CSRF Token"})}));import{APIError as E}from"better-call";import{generateCodeVerifier as Tt}from"oslo/oauth2";import{z as P}from"zod";import"arctic";import{parseJWT as nt}from"oslo/jwt";import"@better-fetch/fetch";var D=class extends Error{constructor(t,n,o){super(t),this.name="BetterAuthError",this.message=t,this.cause=n}};import{OAuth2Tokens as rt}from"arctic";function tt(e){try{return new URL(e).pathname!=="/"}catch(t){throw new D(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function G(e,t="/api/auth"){return tt(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function de(e,t){if(e)return G(e,t);let n=(process==null?void 0:process.env)||{},o=n.BETTER_AUTH_URL||n.NEXT_PUBLIC_BETTER_AUTH_URL||n.PUBLIC_BETTER_AUTH_URL||n.NUXT_PUBLIC_BETTER_AUTH_URL||n.NUXT_PUBLIC_AUTH_URL||(n.BASE_URL!=="/"?n.BASE_URL:void 0);if(o)return G(o,t);if(typeof window!="undefined")return G(window.location.origin,t)}import{betterFetch as ot}from"@better-fetch/fetch";function w(e,t){return t||`${de()}/callback/${e}`}function k(s){return a(this,arguments,function*({code:e,codeVerifier:t,redirectURI:n,options:o,tokenEndpoint:r}){let i=new URLSearchParams;i.set("grant_type","authorization_code"),i.set("code",e),t&&i.set("code_verifier",t),i.set("redirect_uri",n),i.set("client_id",o.clientId),i.set("client_secret",o.clientSecret);let{data:d,error:c}=yield ot(r,{method:"POST",body:i,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(c)throw c;return new rt(d)})}var ce=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:o,scopes:r,redirectURI:s}){let i=r||["email","name","openid"];return new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${s||e.redirectURI}&scope=${i.join(" ")}&state=${o}`)},validateAuthorizationCode:(o,r,s)=>a(void 0,null,function*(){return k({code:o,codeVerifier:r,redirectURI:s||w("apple",e.redirectURI),options:e,tokenEndpoint:t})}),getUserInfo(o){return a(this,null,function*(){var s;let r=(s=nt(o.idToken()))==null?void 0:s.payload;return r?{user:{id:r.sub,name:r.name,email:r.email,emailVerified:r.email_verified==="true"},data:r}:null})}}};import{betterFetch as st}from"@better-fetch/fetch";import{Discord as it}from"arctic";var le=e=>{let t=new it(e.clientId,e.clientSecret,w("discord",e.redirectURI));return{id:"discord",name:"Discord",createAuthorizationURL({state:o,scopes:r}){let s=r||["email"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>a(void 0,null,function*(){return k({code:o,codeVerifier:r,redirectURI:s||w("discord",e.redirectURI),options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"})}),getUserInfo(o){return a(this,null,function*(){let{data:r,error:s}=yield st("https://discord.com/api/users/@me",{auth:{type:"Bearer",token:o.accessToken()}});return s?null:{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified},data:r}})}}};import{betterFetch as at}from"@better-fetch/fetch";import{Facebook as dt}from"arctic";var ue=e=>{let t=new dt(e.clientId,e.clientSecret,w("facebook",e.redirectURI));return{id:"facebook",name:"Facebook",createAuthorizationURL({state:o,scopes:r}){let s=r||["email","public_profile"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>a(void 0,null,function*(){return k({code:o,codeVerifier:r,redirectURI:s||w("facebook",e.redirectURI),options:e,tokenEndpoint:"https://graph.facebook.com/v16.0/oauth/access_token"})}),getUserInfo(o){return a(this,null,function*(){let{data:r,error:s}=yield at("https://graph.facebook.com/me",{auth:{type:"Bearer",token:o.accessToken()}});return s?null:{user:{id:r.id,name:r.name,email:r.email,emailVerified:r.email_verified},data:r}})}}};import{betterFetch as pe}from"@better-fetch/fetch";import{GitHub as ct}from"arctic";var me=({clientId:e,clientSecret:t,redirectURI:n})=>{let o=new ct(e,t,w("github",n));return{id:"github",name:"Github",createAuthorizationURL({state:s,scopes:i}){let d=i||["user:email"];return o.createAuthorizationURL(s,d)},validateAuthorizationCode:s=>a(void 0,null,function*(){return yield o.validateAuthorizationCode(s)}),getUserInfo(s){return a(this,null,function*(){var u,l,p,m;let{data:i,error:d}=yield pe("https://api.github.com/user",{auth:{type:"Bearer",token:s.accessToken()}});if(d)return null;let c=!1;if(!i.email){let{data:b,error:R}=yield pe("https://api.github.com/user/emails",{auth:{type:"Bearer",token:s.accessToken()}});R||(i.email=(l=(u=b.find(U=>U.primary))!=null?u:b[0])==null?void 0:l.email,c=(m=(p=b.find(U=>U.email===i.email))==null?void 0:p.verified)!=null?m:!1)}return{user:{id:i.id,name:i.name,email:i.email,image:i.avatar_url,emailVerified:c,createdAt:new Date,updatedAt:new Date},data:i}})}}};import{Google as pt}from"arctic";import{parseJWT as mt}from"oslo/jwt";import{createConsola as lt}from"consola";var $=lt({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),ut=e=>({log:(...t)=>{!(e!=null&&e.disabled)&&$.log("",...t)},error:(...t)=>{!(e!=null&&e.disabled)&&$.error("",...t)},warn:(...t)=>{!(e!=null&&e.disabled)&&$.warn("",...t)},info:(...t)=>{!(e!=null&&e.disabled)&&$.info("",...t)},debug:(...t)=>{!(e!=null&&e.disabled)&&$.debug("",...t)},box:(...t)=>{!(e!=null&&e.disabled)&&$.box("",...t)},success:(...t)=>{!(e!=null&&e.disabled)&&$.success("",...t)},break:(...t)=>{!(e!=null&&e.disabled)&&console.log(`
|
|
2
|
+
`)}}),I=ut();var fe=e=>{let t=new pt(e.clientId,e.clientSecret,w("google",e.redirectURI));return{id:"google",name:"Google",createAuthorizationURL({state:o,scopes:r,codeVerifier:s,redirectURI:i}){if(!e.clientId||!e.clientSecret)throw I.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new D("CLIENT_ID_AND_SECRET_REQUIRED");if(!s)throw new D("codeVerifier is required for Google");let d=r||["email","profile"];return t.createAuthorizationURL(o,s,d)},validateAuthorizationCode:(o,r,s)=>a(void 0,null,function*(){return k({code:o,codeVerifier:r,redirectURI:s||w("google",e.redirectURI),options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"})}),getUserInfo(o){return a(this,null,function*(){var s;if(!o.idToken)return null;let r=(s=mt(o.idToken()))==null?void 0:s.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}})}}};import{betterFetch as ft}from"@better-fetch/fetch";import{Spotify as gt}from"arctic";var ge=e=>{let t=new gt(e.clientId,e.clientSecret,w("spotify",e.redirectURI));return{id:"spotify",name:"Spotify",createAuthorizationURL({state:o,scopes:r}){let s=r||["user-read-email"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>a(void 0,null,function*(){return k({code:o,codeVerifier:r,redirectURI:s||w("spotify",e.redirectURI),options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"})}),getUserInfo(o){return a(this,null,function*(){var i;let{data:r,error:s}=yield ft("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s?null:{user:{id:r.id,name:r.display_name,email:r.email,image:(i=r.images[0])==null?void 0:i.url,emailVerified:!1},data:r}})}}};import{betterFetch as ht}from"@better-fetch/fetch";import{Twitch as yt}from"arctic";var he=e=>{let t=new yt(e.clientId,e.clientSecret,w("twitch",e.redirectURI));return{id:"twitch",name:"Twitch",createAuthorizationURL({state:o,scopes:r}){let s=r||["activity:write","read"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>a(void 0,null,function*(){return k({code:o,codeVerifier:r,redirectURI:s||w("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"})}),getUserInfo(o){return a(this,null,function*(){let{data:r,error:s}=yield ht("https://api.twitch.tv/helix/users",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s?null:{user:{id:r.sub,name:r.preferred_username,email:r.email,image:r.picture,emailVerified:!1},data:r}})}}};import{betterFetch as wt}from"@better-fetch/fetch";import{Twitter as bt}from"arctic";var ye=e=>{let t=new bt(e.clientId,e.clientSecret,w("twitter",e.redirectURI));return{id:"twitter",name:"Twitter",createAuthorizationURL(o){let r=o.scopes||["account_info.read"];return t.createAuthorizationURL(o.state,o.codeVerifier,r)},validateAuthorizationCode:(o,r,s)=>a(void 0,null,function*(){return k({code:o,codeVerifier:r,redirectURI:s||w("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"})}),getUserInfo(o){return a(this,null,function*(){let{data:r,error:s}=yield wt("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}})}}};import"arctic";var At={apple:ce,discord:le,facebook:ue,github:me,google:fe,spotify:ge,twitch:he,twitter:ye},we=Object.keys(At);import{generateState as kt}from"oslo/oauth2";import{z}from"zod";function be(e,t,n){let o=kt();return{state:JSON.stringify({code:o,callbackURL:e,currentURL:t,dontRememberMe:n}),code:o}}function W(e){return z.object({code:z.string(),callbackURL:z.string().optional(),currentURL:z.string().optional(),dontRememberMe:z.boolean().optional()}).safeParse(JSON.parse(e))}import{APIError as Rt}from"better-call";var Ae=(e,t=!1)=>{let n=new Date;return new Date(n.getTime()+(t?e*1e3:e))};import{TimeSpan as Jo}from"oslo";function S(e,t,n,o){return a(this,null,function*(){let r=e.context.authCookies.sessionToken.options;r.maxAge=n?void 0:r.maxAge,yield e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,r),n&&(yield e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options))})}function q(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}import{z as ke}from"zod";function H(e){let t="127.0.0.1";if(process.env.NODE_ENV==="test")return t;let n=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"];for(let o of n){let r=e.headers.get(o);if(typeof r=="string"){let s=r.split(",")[0].trim();if(s)return s}}return null}var J=new Map;function Ut(e,t){if(!e.request)return"";let{method:n,url:o,headers:r}=e.request,s=e.request.headers.get("User-Agent")||"",i=H(e.request)||"",d=JSON.stringify(r);return`${n}:${o}:${d}:${s}:${i}:${t}`}var Z=()=>f("/session",{method:"GET",requireHeaders:!0},e=>a(void 0,null,function*(){try{let t=yield e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let n=Ut(e,t),o=J.get(n);if(o){if(o.expiresAt>Date.now())return e.json(o.data);J.delete(n)}let r=yield e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return q(e),r&&(yield e.context.internalAdapter.deleteSession(r.session.id)),e.json(null,{status:401});if(yield e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let i=e.context.sessionConfig.expiresIn,d=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-i*1e3+d*1e3<=Date.now()){let l=yield e.context.internalAdapter.updateSession(r.session.id,{expiresAt:Ae(e.context.sessionConfig.expiresIn,!0)});if(!l)return q(e),e.json(null,{status:401});let p=(l.expiresAt.valueOf()-Date.now())/1e3;return yield S(e,l.id,!1,{maxAge:p}),e.json({session:l,user:r.user})}return J.set(n,{data:r,expiresAt:Date.now()+5e3}),e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}})),K=e=>a(void 0,null,function*(){return yield Z()(A(g({},e),{_flag:void 0}))}),B=M(e=>a(void 0,null,function*(){let t=yield K(e);if(!(t!=null&&t.session))throw new Rt("UNAUTHORIZED");return{session:t}})),Re=()=>f("/user/list-sessions",{method:"GET",use:[B],requireHeaders:!0},e=>a(void 0,null,function*(){let n=(yield e.context.adapter.findMany({model:e.context.tables.session.tableName,where:[{field:"userId",value:e.context.session.user.id}]})).filter(o=>o.expiresAt>new Date);return e.json(n)})),Ue=f("/user/revoke-session",{method:"POST",body:ke.object({id:ke.string()}),use:[B],requireHeaders:!0},e=>a(void 0,null,function*(){let t=e.body.id,n=yield e.context.internalAdapter.findSession(t);if(!n)return e.json(null,{status:400});if(n.session.userId!==e.context.session.user.id)return e.json(null,{status:403});try{yield e.context.internalAdapter.deleteSession(t)}catch(o){return e.context.logger.error(o),e.json(null,{status:500})}return e.json({status:!0})})),Te=f("/user/revoke-sessions",{method:"POST",use:[B],requireHeaders:!0},e=>a(void 0,null,function*(){try{yield e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}return e.json({status:!0})}));var Pe=f("/sign-in/social",{method:"POST",requireHeaders:!0,query:P.object({currentURL:P.string().optional()}).optional(),body:P.object({callbackURL:P.string().optional(),provider:P.enum(we),dontRememberMe:P.boolean().default(!1).optional()})},e=>a(void 0,null,function*(){var i,d,c,u;let t=e.context.socialProviders.find(l=>l.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider to your auth config",{provider:e.body.provider}),new E("NOT_FOUND",{message:"Provider not found"});let n=e.context.authCookies,o=(i=e.query)!=null&&i.currentURL?new URL((d=e.query)==null?void 0:d.currentURL):null,r=(c=e.body.callbackURL)!=null&&c.startsWith("http")?e.body.callbackURL:`${o==null?void 0:o.origin}${e.body.callbackURL||""}`,s=be(r||(o==null?void 0:o.origin)||e.context.baseURL,(u=e.query)==null?void 0:u.currentURL);try{yield e.setSignedCookie(n.state.name,s.code,e.context.secret,n.state.options);let l=Tt();yield e.setSignedCookie(n.pkCodeVerifier.name,l,e.context.secret,n.pkCodeVerifier.options);let p=t.createAuthorizationURL({state:s.state,codeVerifier:l});return p.searchParams.set("redirect_uri",`${e.context.baseURL}/callback/${e.body.provider}`),{url:p.toString(),state:s.state,codeVerifier:l,redirect:!0}}catch(l){throw new E("INTERNAL_SERVER_ERROR")}})),ve=f("/sign-in/email",{method:"POST",body:P.object({email:P.string().email(),password:P.string(),callbackURL:P.string().optional(),dontRememberMe:P.boolean().default(!1).optional()})},e=>a(void 0,null,function*(){var l,p;if(!((p=(l=e.context.options)==null?void 0:l.emailAndPassword)!=null&&p.enabled))throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new E("BAD_REQUEST",{message:"Email and password is not enabled"});let t=yield K(e);t&&(yield e.context.internalAdapter.deleteSession(t.session.id));let{email:n,password:o}=e.body;if(!P.string().email().safeParse(n).success)throw new E("BAD_REQUEST",{message:"Invalid email"});let s=yield e.context.internalAdapter.findUserByEmail(n);if(!s)throw yield e.context.password.hash(o),e.context.logger.error("User not found",{email:n}),new E("UNAUTHORIZED",{message:"Invalid email or password"});let i=s.accounts.find(m=>m.providerId==="credential");if(!i)throw e.context.logger.error("Credential account not found",{email:n}),new E("UNAUTHORIZED",{message:"Invalid email or password"});let d=i==null?void 0:i.password;if(!d)throw e.context.logger.error("Password not found",{email:n}),new E("UNAUTHORIZED",{message:"Unexpected error"});if(!(yield e.context.password.verify(d,o)))throw e.context.logger.error("Invalid password"),new E("UNAUTHORIZED",{message:"Invalid email or password"});let u=yield e.context.internalAdapter.createSession(s.user.id,e.headers,e.body.dontRememberMe);if(!u)throw e.context.logger.error("Failed to create session"),new E("INTERNAL_SERVER_ERROR");return yield S(e,u.id,e.body.dontRememberMe),e.json({user:s.user,session:u,redirect:!!e.body.callbackURL,url:e.body.callbackURL})}));import{APIError as xt}from"better-call";import{z as N}from"zod";import{z as h}from"zod";var wn=h.object({id:h.string(),providerId:h.string(),accountId:h.string(),userId:h.string(),accessToken:h.string().nullable().optional(),refreshToken:h.string().nullable().optional(),idToken:h.string().nullable().optional(),expiresAt:h.date().nullable().optional(),password:h.string().optional().nullable()}),xe=h.object({id:h.string(),email:h.string().transform(e=>e.toLowerCase()),emailVerified:h.boolean().default(!1),name:h.string(),image:h.string().optional(),createdAt:h.date().default(new Date),updatedAt:h.date().default(new Date)}),bn=h.object({id:h.string(),userId:h.string(),expiresAt:h.date(),ipAddress:h.string().optional(),userAgent:h.string().optional()});import{alphabet as Pt,generateRandomString as vt}from"oslo/crypto";var Se=()=>vt(36,Pt("a-z","0-9"));var j={isAction:!1};function Q(e){let t=e.accessToken(),n=e.hasRefreshToken()?e.refreshToken():void 0,o;try{o=e.accessTokenExpiresAt()}catch(r){}return{accessToken:t,refreshToken:n,expiresAt:o}}var _e=f("/callback/:id",{method:"GET",query:N.object({state:N.string(),code:N.string().optional(),error:N.string().optional()}),metadata:j},e=>a(void 0,null,function*(){var R,U,C;if(e.query.error||!e.query.code){let T=((R=W(e.query.state).data)==null?void 0:R.callbackURL)||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${T}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(y=>y.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let n=yield e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),o;try{o=yield t.validateAuthorizationCode(e.query.code,n,`${e.context.baseURL}/callback/${t.id}`)}catch(y){throw e.context.logger.error(y),e.redirect(`${e.context.baseURL}/error?error=oauth_code_verification_failed`)}let r=yield t.getUserInfo(o).then(y=>y==null?void 0:y.user),s=Se(),i=xe.safeParse(A(g({},r),{id:s})),d=W(e.query.state);if(!d.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=invalid_state_parameter`);let{callbackURL:c,currentURL:u,dontRememberMe:l}=d.data;if(!r||i.success===!1)throw e.redirect(`${e.context.baseURL}/error?error=oauth_validation_failed`);if(!c)throw e.redirect(`${e.context.baseURL}/error?error=oauth_callback_url_not_found`);let p=yield e.context.internalAdapter.findUserByEmail(r.email),m=p==null?void 0:p.user.id;if(p){let y=p.accounts.find(x=>x.providerId===t.id),T=(C=(U=e.context.options.account)==null?void 0:U.accountLinking)==null?void 0:C.trustedProviders,F=T?T.includes(t.id):!0;if(!y&&(!r.emailVerified||!F)){let x;try{x=new URL(u||c),x.searchParams.set("error","account_not_linked")}catch(Jt){throw e.redirect(`${e.context.baseURL}/error?error=account_not_linked`)}throw e.redirect(x.toString())}if(!y)try{yield e.context.internalAdapter.linkAccount(g({providerId:t.id,accountId:r.id,id:`${t.id}:${r.id}`,userId:p.user.id},Q(o)))}catch(x){throw console.log(x),e.redirect(`${e.context.baseURL}/error?error=failed_linking_account`)}}else try{yield e.context.internalAdapter.createOAuthUser(i.data,A(g({},Q(o)),{id:`${t.id}:${r.id}`,providerId:t.id,accountId:r.id,userId:s}))}catch(y){let T=new URL(u||c);throw T.searchParams.set("error","unable_to_create_user"),e.setHeader("Location",T.toString()),e.redirect(T.toString())}if(!m&&!s)throw new xt("INTERNAL_SERVER_ERROR",{message:"Unable to create user"});let b=yield e.context.internalAdapter.createSession(m||s,e.request,l);if(!b){let y=new URL(u||c);throw y.searchParams.set("error","unable_to_create_session"),e.redirect(y.toString())}try{yield S(e,b.id,l)}catch(y){e.context.logger.error("Unable to set session cookie",y);let T=new URL(u||c);throw T.searchParams.set("error","unable_to_create_session"),e.redirect(T.toString())}throw e.redirect(c)}));import{z as X}from"zod";var Ie=f("/sign-out",{method:"POST",body:X.optional(X.object({callbackURL:X.string().optional()}))},e=>a(void 0,null,function*(){var n,o;let t=yield e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);return t?(yield e.context.internalAdapter.deleteSession(t),q(e),e.json(null,{body:{redirect:!!((n=e.body)!=null&&n.callbackURL),url:(o=e.body)==null?void 0:o.callbackURL}})):e.json(null)}));import{TimeSpan as St}from"oslo";import{createJWT as _t,parseJWT as It}from"oslo/jwt";import{validateJWT as Ee}from"oslo/jwt";import{z as v}from"zod";var Le=f("/forget-password",{method:"POST",body:v.object({email:v.string().email(),redirectTo:v.string()})},e=>a(void 0,null,function*(){var s;if(!((s=e.context.options.emailAndPassword)!=null&&s.sendResetPassword))return e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function to your auth config!"),e.json(null,{status:400,statusText:"RESET_PASSWORD_EMAIL_NOT_SENT",body:{message:"Reset password isn't enabled"}});let{email:t}=e.body,n=yield e.context.internalAdapter.findUserByEmail(t);if(!n)return e.json({status:!1},{body:{status:!0}});let o=yield _t("HS256",Buffer.from(e.context.secret),{email:n.user.email,redirectTo:e.body.redirectTo},{expiresIn:new St(1,"h"),issuer:"better-auth",subject:"forget-password",audiences:[n.user.email],includeIssuedTimestamp:!0}),r=`${e.context.baseURL}/reset-password/${o}`;return yield e.context.options.emailAndPassword.sendResetPassword(r,n.user),e.json({status:!0})})),Oe=f("/reset-password/:token",{method:"GET"},e=>a(void 0,null,function*(){var s;let{token:t}=e.params,n,o=v.object({email:v.string(),redirectTo:v.string()});try{if(n=yield Ee("HS256",Buffer.from(e.context.secret),t),!n.expiresAt||n.expiresAt<new Date)throw Error("Token expired")}catch(i){let d=It(t),c=o.safeParse(d==null?void 0:d.payload);throw c.success?e.redirect(`${(s=c.data)==null?void 0:s.redirectTo}?error=invalid_token`):e.redirect(`${e.context.baseURL}/error?error=invalid_token`)}let{redirectTo:r}=o.parse(n.payload);throw e.redirect(`${r}?token=${t}`)})),Ce=f("/reset-password",{method:"POST",query:v.object({currentURL:v.string()}).optional(),body:v.object({newPassword:v.string(),callbackURL:v.string().optional()})},e=>a(void 0,null,function*(){var o,r,s;let t=(o=e.query)==null?void 0:o.currentURL.split("?token=")[1];if(!t)return e.json({error:"Invalid token",data:null},{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}});let{newPassword:n}=e.body;try{let i=yield Ee("HS256",Buffer.from(e.context.secret),t),d=v.string().email().parse(i.payload.email),c=yield e.context.internalAdapter.findUserByEmail(d);if(!c)return e.json({error:"User not found",data:null},{status:400,body:{message:"failed to reset password"}});if(n.length<(((r=e.context.options.emailAndPassword)==null?void 0:r.minPasswordLength)||8)||n.length>(((s=e.context.options.emailAndPassword)==null?void 0:s.maxPasswordLength)||32))return e.json({data:null,error:"password is too short or too long"},{status:400,statusText:"INVALID_PASSWORD_LENGTH",body:{message:"password is too short or too long"}});let u=yield e.context.password.hash(n);return(yield e.context.internalAdapter.updatePassword(c.user.id,u))?e.json({error:null,data:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}},{body:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}}):e.json(null,{status:400,statusText:"USER_NOT_FOUND",body:{message:"User doesn't have a credential account"}})}catch(i){return console.log(i),e.json({error:"Invalid token",data:null},{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}})}}));import{TimeSpan as Et}from"oslo";import{createJWT as Lt,validateJWT as Ot}from"oslo/jwt";import{z as _}from"zod";function Y(e,t){return a(this,null,function*(){return yield Lt("HS256",Buffer.from(e),{email:t.toLowerCase()},{expiresIn:new Et(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})})}var je=f("/send-verification-email",{method:"POST",query:_.object({currentURL:_.string().optional()}).optional(),body:_.object({email:_.string().email(),callbackURL:_.string().optional()})},e=>a(void 0,null,function*(){var r,s;if(!((r=e.context.options.emailAndPassword)!=null&&r.sendVerificationEmail))return e.context.logger.error("Verification email isn't enabled. Pass `sendVerificationEmail` in `emailAndPassword` options to enable it."),e.json(null,{status:400,statusText:"VERIFICATION_EMAIL_NOT_SENT",body:{message:"Verification email isn't enabled"}});let{email:t}=e.body,n=yield Y(e.context.secret,t),o=`${e.context.baseURL}/verify-email?token=${n}&callbackURL=${e.body.callbackURL||((s=e.query)==null?void 0:s.currentURL)||"/"}`;return yield e.context.options.emailAndPassword.sendVerificationEmail(t,o,n),e.json({status:!0})})),De=f("/verify-email",{method:"GET",query:_.object({token:_.string(),callbackURL:_.string().optional()})},e=>a(void 0,null,function*(){let{token:t}=e.query,n;try{n=yield Ot("HS256",Buffer.from(e.context.secret),t)}catch(d){return e.context.logger.error("Failed to verify email",d),e.json(null,{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}})}let r=_.object({email:_.string().email()}).parse(n.payload),s=yield e.context.internalAdapter.findUserByEmail(r.email);if(!s)return e.json(null,{status:400,statusText:"USER_NOT_FOUND",body:{message:"User not found"}});if(!s.accounts.find(d=>d.providerId==="credential"))throw e.redirect;if(yield e.context.internalAdapter.updateUserByEmail(r.email,{emailVerified:!0}),e.query.callbackURL)throw console.log("Redirecting to",e.query.callbackURL),e.redirect("/");return e.json({status:!0})}));import{z as L}from"zod";import{alphabet as Ct,generateRandomString as jt}from"oslo/crypto";import"better-call";var $e=f("/user/update",{method:"POST",body:L.object({name:L.string().optional(),image:L.string().optional()}),use:[B]},e=>a(void 0,null,function*(){let{name:t,image:n}=e.body,o=e.context.session;if(!n&&!t)return e.json(o.user);let r=yield e.context.internalAdapter.updateUserByEmail(o.user.email,{name:t,image:n});return e.json(r)})),Be=f("/user/change-password",{method:"POST",body:L.object({newPassword:L.string(),currentPassword:L.string(),revokeOtherSessions:L.boolean().optional()}),use:[B]},e=>a(void 0,null,function*(){let{newPassword:t,currentPassword:n,revokeOtherSessions:o}=e.body,r=e.context.session,s=e.context.password.config.minPasswordLength;if(t.length<s)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let i=e.context.password.config.maxPasswordLength;if(t.length>i)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let c=(yield e.context.internalAdapter.findAccounts(r.user.id)).find(p=>p.providerId==="credential"&&p.password);if(!c||!c.password)return e.json(null,{status:400,body:{message:"User does not have a password"}});let u=yield e.context.password.hash(t);if(!(yield e.context.password.verify(c.password,n)))return e.json(null,{status:400,body:{message:"Invalid password"}});if(yield e.context.internalAdapter.updateAccount(c.id,{password:u}),o){yield e.context.internalAdapter.deleteSessions(r.user.id);let p=yield e.context.internalAdapter.createSession(r.user.id,e.headers);if(!p)return e.json(null,{status:500,body:{message:"Failed to create session"}});yield S(e,p.id)}return e.json(r.user)})),ze=f("/user/set-password",{method:"POST",body:L.object({newPassword:L.string()}),use:[B]},e=>a(void 0,null,function*(){let{newPassword:t}=e.body,n=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let r=e.context.password.config.maxPasswordLength;if(t.length>r)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let i=(yield e.context.internalAdapter.findAccounts(n.user.id)).find(c=>c.providerId==="credential"&&c.password),d=yield e.context.password.hash(t);return i?e.json(null,{status:400,body:{message:"User already has a password"}}):(yield e.context.internalAdapter.linkAccount({id:jt(32,Ct("a-z","0-9","A-Z")),userId:n.user.id,providerId:"credential",accountId:n.user.id,password:d}),e.json(n.user))}));import{alphabet as Dt,generateRandomString as $t}from"oslo/crypto";var qe=f("/csrf",{method:"GET",metadata:j},e=>a(void 0,null,function*(){let t=yield e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t)return{csrfToken:t};let n=$t(32,Dt("a-z","0-9","A-Z")),o=yield V(e.context.secret,n),r=`${n}!${o}`;return yield e.setSignedCookie(e.context.authCookies.csrfToken.name,r,e.context.secret,e.context.authCookies.csrfToken.options),{csrfToken:n}}));var Bt=(e="Unknown")=>`<!DOCTYPE html>
|
|
3
3
|
<html lang="en">
|
|
4
4
|
<head>
|
|
5
5
|
<meta charset="UTF-8">
|
|
@@ -79,4 +79,4 @@ var Je=Object.defineProperty,Ze=Object.defineProperties;var Ke=Object.getOwnProp
|
|
|
79
79
|
<div class="error-code">Error Code: <span id="errorCode">${e}</span></div>
|
|
80
80
|
</div>
|
|
81
81
|
</body>
|
|
82
|
-
</html>`,Ve=f("/error",{method:"GET",metadata:
|
|
82
|
+
</html>`,Ve=f("/error",{method:"GET",metadata:j},e=>a(void 0,null,function*(){var n;let t=new URL(((n=e.request)==null?void 0:n.url)||"").searchParams.get("error")||"Unknown";return new Response(Bt(t),{headers:{"Content-Type":"text/html"}})}));var Me=f("/ok",{method:"GET",metadata:j},e=>a(void 0,null,function*(){return e.json({ok:!0})}));import{alphabet as He,generateRandomString as Ne}from"oslo/crypto";import{z as O}from"zod";var Fe=f("/sign-up/email",{method:"POST",query:O.object({currentURL:O.string().optional()}).optional(),body:O.object({name:O.string(),email:O.string(),password:O.string(),image:O.string().optional(),callbackURL:O.string().optional()})},e=>a(void 0,null,function*(){var m,b,R,U;if(!((m=e.context.options.emailAndPassword)!=null&&m.enabled))return e.json(null,{status:400,body:{message:"Email and password is not enabled"}});let{name:t,email:n,password:o,image:r}=e.body;if(!O.string().email().safeParse(n).success)return e.json(null,{status:400,body:{message:"Invalid email address"}});let i=e.context.password.config.minPasswordLength;if(o.length<i)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let d=e.context.password.config.maxPasswordLength;if(o.length>d)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let c=yield e.context.internalAdapter.findUserByEmail(n),u=yield e.context.password.hash(o);if(c!=null&&c.user)return e.json(null,{status:400,body:{message:"User already exists"}});let l=yield e.context.internalAdapter.createUser({id:Ne(32,He("a-z","0-9","A-Z")),email:n.toLowerCase(),name:t,image:r,emailVerified:!1,createdAt:new Date,updatedAt:new Date});if(!l)return e.json(null,{status:400,body:{message:"Could not create user"}});yield e.context.internalAdapter.linkAccount({id:Ne(32,He("a-z","0-9","A-Z")),userId:l.id,providerId:"credential",accountId:l.id,password:u});let p=yield e.context.internalAdapter.createSession(l.id,e.request);if(!p)return e.json(null,{status:400,body:{message:"Could not create session"}});if(yield S(e,p.id),e.context.options.emailAndPassword.sendEmailVerificationOnSignUp){let C=yield Y(e.context.secret,l.email),y=`${e.context.baseURL}/verify-email?token=${C}&callbackURL=${e.body.callbackURL||((b=e.query)==null?void 0:b.currentURL)||"/"}`;yield(U=(R=e.context.options.emailAndPassword).sendVerificationEmail)==null?void 0:U.call(R,l.email,y,C)}return e.json({user:l,session:p},{body:e.body.callbackURL?{url:e.body.callbackURL,redirect:!0}:{user:l,session:p}})}));import ee from"chalk";function zt(e,t,n){let o=Date.now(),r=t*1e3;return o-n.lastRequest<r&&n.count>=e}function qt(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function Vt(e,t){let n=Date.now(),o=t*1e3;return Math.ceil((e+o-n)/1e3)}function Mt(e,t){let n=t!=null?t:"rateLimit",o=e.adapter;return{get:r=>a(this,null,function*(){return yield o.findOne({model:n,where:[{field:"key",value:r}]})}),set:(r,s,i)=>a(this,null,function*(){try{i?yield o.update({model:t!=null?t:"rateLimit",where:[{field:"key",value:r}],update:{count:s.count,lastRequest:s.lastRequest}}):yield o.create({model:t!=null?t:"rateLimit",data:{key:r,count:s.count,lastRequest:s.lastRequest}})}catch(d){I.error("Error setting rate limit",d)}})}}var Ge=new Map;function Ht(e){if(e.rateLimit.customStorage)return e.rateLimit.customStorage;if(e.rateLimit.storage==="memory"){let n;return{get(o){return a(this,null,function*(){return Ge.get(o)})},set(o,r,s){return a(this,null,function*(){Ge.set(o,r)})}}}return Mt(e,e.rateLimit.tableName)}function We(e,t){return a(this,null,function*(){if(!t.rateLimit.enabled)return;let n=t.baseURL,o=e.url.replace(n,""),r=t.rateLimit.window,s=t.rateLimit.max,i=H(e)+o,c=Nt().find(m=>m.pathMatcher(o));c&&(r=c.window,s=c.max);for(let m of t.options.plugins||[])if(m.rateLimit){let b=m.rateLimit.find(R=>R.pathMatcher(o));if(b){r=b.window,s=b.max;break}}if(t.rateLimit.customRules){let m=t.rateLimit.customRules[o];m&&(r=m.window,s=m.max)}let u=Ht(t),l=yield u.get(i),p=Date.now();if(!l)yield u.set(i,{key:i,count:1,lastRequest:p});else{let m=p-l.lastRequest;if(zt(s,r,l)){let b=Vt(l.lastRequest,r);return qt(b)}else m>r*1e3?yield u.set(i,A(g({},l),{count:1,lastRequest:p})):yield u.set(i,A(g({},l),{count:l.count+1,lastRequest:p}))}})}function Nt(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:7}]}function Wt(e,t){var d,c;let n=(d=t.plugins)==null?void 0:d.reduce((u,l)=>g(g({},u),l.endpoints),{}),o=((c=t.plugins)==null?void 0:c.map(u=>{var l;return(l=u.middlewares)==null?void 0:l.map(p=>{let m=b=>a(this,null,function*(){return p.middleware(A(g({},b),{context:g(g({},e),b.context)}))});return m.path=p.path,m.options=p.middleware.options,m.headers=p.middleware.headers,{path:p.path,middleware:m}})}).filter(u=>u!==void 0).flat())||[],r={signInOAuth:Pe,callbackOAuth:_e,getCSRFToken:qe,getSession:Z(),signOut:Ie,signUpEmail:Fe,signInEmail:ve,forgetPassword:Le,resetPassword:Ce,verifyEmail:De,sendVerificationEmail:je,changePassword:Be,setPassword:ze,updateUser:$e,forgetPasswordCallback:Oe,listSessions:Re(),revokeSession:Ue,revokeSessions:Te},s=A(g(g({},r),n),{ok:Me,error:Ve}),i={};for(let[u,l]of Object.entries(s))i[u]=p=>a(this,null,function*(){var U;let m=yield e,R=yield l(A(g({},p),{context:g(g({},m),p.context)}));for(let C of t.plugins||[])if((U=C.hooks)!=null&&U.after){for(let y of C.hooks.after)if(y.matcher(p)){let F=Object.assign(p,{context:A(g({},e),{returned:R})}),x=yield y.handler(F);x&&"response"in x&&(R=x.response)}}return R}),i[u].path=l.path,i[u].method=l.method,i[u].options=l.options,i[u].headers=l.headers;return{api:i,middlewares:o}}var Ii=(e,t)=>{let{api:n,middlewares:o}=Wt(e,t),r=new URL(e.baseURL).pathname;return Gt(n,{extraContext:e,basePath:r,routerMiddleware:[{path:"/**",middleware:ae},...o],onRequest(i){return a(this,null,function*(){for(let d of e.options.plugins||[])if(d.onRequest){let c=yield d.onRequest(i,e);if(c)return c}return We(i,e)})},onResponse(i){return a(this,null,function*(){for(let d of e.options.plugins||[])if(d.onResponse){let c=yield d.onResponse(i,e);if(c)return c.response}return i})},onError(i){var c,u,l,p;let d=(c=t.logger)!=null&&c.verboseLogging?I:void 0;if(((u=t.logger)==null?void 0:u.disabled)!==!0)if(i instanceof Ft)d==null||d.warn(i);else if(typeof i=="object"&&i!==null&&"message"in i){let m=i.message;if(!m||typeof m!="string"){d==null||d.error(i);return}m.includes("no such table")?(l=I)==null||l.error(`Please run ${ee.green("npx better-auth migrate")} to create the tables. There are missing tables in your SQLite database.`):m.includes("relation")&&m.includes("does not exist")?I.error(`Please run ${ee.green("npx better-auth migrate")} to create the tables. There are missing tables in your PostgreSQL database.`):m.includes("Table")&&m.includes("doesn't exist")?(p=I)==null||p.error(`Please run ${ee.green("npx better-auth migrate")} to create the tables. There are missing tables in your MySQL database.`):d==null||d.error(i)}else d==null||d.error(i)}})};export{_e as callbackOAuth,Be as changePassword,f as createAuthEndpoint,M as createAuthMiddleware,Y as createEmailVerificationToken,ae as csrfMiddleware,Ve as error,Le as forgetPassword,Oe as forgetPasswordCallback,qe as getCSRFToken,Wt as getEndpoints,Z as getSession,K as getSessionFromCtx,Re as listSessions,Me as ok,ne as optionsMiddleware,Ce as resetPassword,Ue as revokeSession,Te as revokeSessions,Ii as router,je as sendVerificationEmail,B as sessionMiddleware,ze as setPassword,ve as signInEmail,Pe as signInOAuth,Ie as signOut,Fe as signUpEmail,$e as updateUser,De as verifyEmail};
|
package/dist/cli.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
-
var
|
|
3
|
-
`)}}),
|
|
2
|
+
var ie=Object.defineProperty,se=Object.defineProperties;var ne=Object.getOwnPropertyDescriptors;var D=Object.getOwnPropertySymbols;var K=Object.prototype.hasOwnProperty,V=Object.prototype.propertyIsEnumerable;var L=(e,t,a)=>t in e?ie(e,t,{enumerable:!0,configurable:!0,writable:!0,value:a}):e[t]=a,b=(e,t)=>{for(var a in t||(t={}))K.call(t,a)&&L(e,a,t[a]);if(D)for(var a of D(t))V.call(t,a)&&L(e,a,t[a]);return e},k=(e,t)=>se(e,ne(t));var z=(e,t)=>{var a={};for(var o in e)K.call(e,o)&&t.indexOf(o)<0&&(a[o]=e[o]);if(e!=null&&D)for(var o of D(e))t.indexOf(o)<0&&V.call(e,o)&&(a[o]=e[o]);return a};var p=(e,t,a)=>new Promise((o,s)=>{var n=l=>{try{i(a.next(l))}catch(d){s(d)}},r=l=>{try{i(a.throw(l))}catch(d){s(d)}},i=l=>l.done?o(l.value):Promise.resolve(l.value).then(n,r);i((a=a.apply(e,t)).next())});import{Command as De}from"commander";import"dotenv/config";import{Command as xe}from"commander";import{loadConfig as G}from"c12";import{createConsola as le}from"consola";var O=le({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),de=e=>({log:(...t)=>{!(e!=null&&e.disabled)&&O.log("",...t)},error:(...t)=>{!(e!=null&&e.disabled)&&O.error("",...t)},warn:(...t)=>{!(e!=null&&e.disabled)&&O.warn("",...t)},info:(...t)=>{!(e!=null&&e.disabled)&&O.info("",...t)},debug:(...t)=>{!(e!=null&&e.disabled)&&O.debug("",...t)},box:(...t)=>{!(e!=null&&e.disabled)&&O.box("",...t)},success:(...t)=>{!(e!=null&&e.disabled)&&O.success("",...t)},break:(...t)=>{!(e!=null&&e.disabled)&&console.log(`
|
|
3
|
+
`)}}),m=de();import ce from"path";import ue from"@babel/preset-typescript";import me from"@babel/preset-react";var T=["auth.ts","auth.tsx"];T=[...T,...T.map(e=>`lib/${e}`),...T.map(e=>`utils/${e}`)];T=[...T,...T.map(e=>`src/${e}`)];var W={transformOptions:{babel:{presets:[[ue,{isTSX:!0,allExtensions:!0}],[me,{runtime:"automatic"}]]}},extensions:[".ts",".tsx",".js",".jsx"]};function N(a){return p(this,arguments,function*({cwd:e,configPath:t}){var o,s,n,r;try{let i=null;if(t){let{config:l}=yield G({configFile:ce.join(e,t),dotenv:!0,jitiOptions:W});!l.auth&&!l.default&&(m.error("[#better-auth]: Couldn't read your auth config. Make sure to default export your auth instance or to export as a variable named auth."),process.exit(1)),i=((o=l.auth)==null?void 0:o.options)||((s=l.default)==null?void 0:s.options)||null}if(!i)for(let l of T)try{let{config:d}=yield G({configFile:l,jitiOptions:W});if(Object.keys(d).length>0){i=((n=d.auth)==null?void 0:n.options)||((r=d.default)==null?void 0:r.options)||null,i||(m.error("[#better-auth]: Couldn't read your auth config."),m.break(),m.info("[#better-auth]: Make sure to default export your auth instance or to export as a variable named auth."),process.exit(1));break}}catch(d){m.error(d),process.exit(1)}return i}catch(i){m.error("Error while reading your auth config.",i),process.exit(1)}})}import{z as P}from"zod";import{existsSync as qe}from"fs";import Te from"path";import{Kysely as fe}from"kysely";import{MysqlDialect as U,PostgresDialect as X,SqliteDialect as _}from"kysely";var A=class extends Error{constructor(t,a,o){super(t),this.name="BetterAuthError",this.message=t,this.cause=a}};var pe=e=>p(void 0,null,function*(){var a,o;if(!e.database)return;if("createDriver"in e.database)return e.database;let t;if("provider"in e.database){let s=e.database.provider,n=(o=(a=e.database)==null?void 0:a.url)==null?void 0:o.trim();if(s==="postgres"){let i=(yield import("pg").catch(l=>{throw new A("Please install `pg` to use postgres database")})).Pool;t=new X({pool:new i({connectionString:n})})}if(s==="mysql")try{let{createPool:r}=yield import("mysql2/promise").catch(d=>{throw new A("Please install `mysql2` to use mysql database")}),i=new URL(n),l=r({host:i.hostname,user:i.username,password:i.password,database:i.pathname.split("/")[1],port:Number(i.port)});t=new U({pool:l})}catch(r){if(r instanceof TypeError)throw new A("Invalid database URL")}if(s==="sqlite"){let{default:r}=yield import("better-sqlite3").catch(l=>{throw new A("Please install `better-sqlite3` to use sqlite database")}),i=new r(n);t=new _({database:i})}}return t}),F=e=>p(void 0,null,function*(){let t=yield pe(e);return t&&new fe({dialect:t})}),C=e=>{if("provider"in e.database)return e.database.provider;if("dialect"in e.database){if(e.database.dialect instanceof X)return"postgres";if(e.database.dialect instanceof U)return"mysql";if(e.database.dialect instanceof _)return"sqlite"}return"sqlite"};import Oe from"ora";import M from"chalk";import Be from"prompts";import"kysely";var j=e=>{var l,d,u,y,h,w;let t=(l=e.plugins)==null?void 0:l.reduce((g,f)=>{var q;let x=f.schema;if(!x)return g;for(let[$,oe]of Object.entries(x))g[$]={fields:b(b({},(q=g[$])==null?void 0:q.fields),oe.fields),tableName:$};return g},{}),a=((d=e.rateLimit)==null?void 0:d.storage)==="database",o={rateLimit:{tableName:((u=e.rateLimit)==null?void 0:u.tableName)||"rateLimit",fields:{key:{type:"string"},count:{type:"number"},lastRequest:{type:"number"}}}},c=t||{},{user:s,session:n,account:r}=c,i=z(c,["user","session","account"]);return b(b({user:{tableName:((y=e.user)==null?void 0:y.modelName)||"user",fields:b({name:{type:"string",required:!0},email:{type:"string",unique:!0,required:!0},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0},image:{type:"string",required:!1},createdAt:{type:"date",defaultValue:()=>new Date,required:!0},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0}},s==null?void 0:s.fields),order:0},session:{tableName:((h=e.session)==null?void 0:h.modelName)||"session",fields:b({expiresAt:{type:"date",required:!0},ipAddress:{type:"string",required:!1},userAgent:{type:"string",required:!1},userId:{type:"string",references:{model:"user",field:"id",onDelete:"cascade"},required:!0}},n==null?void 0:n.fields),order:1},account:{tableName:((w=e.account)==null?void 0:w.modelName)||"account",fields:b({accountId:{type:"string",required:!0},providerId:{type:"string",required:!0},userId:{type:"string",references:{model:"user",field:"id",onDelete:"cascade"},required:!0},accessToken:{type:"string",required:!1},refreshToken:{type:"string",required:!1},idToken:{type:"string",required:!1},expiresAt:{type:"date",required:!1},password:{type:"string",required:!1}},r==null?void 0:r.fields),order:2}},i),a?o:{})};function ye(e){var a;return((a=e.plugins)==null?void 0:a.flatMap(o=>Object.keys(o.schema||{}).map(s=>{let r=(o.schema||{})[s];if(!(r!=null&&r.disableMigration))return{tableName:s,fields:r==null?void 0:r.fields}}).filter(s=>s!==void 0)))||[]}function H(e){let t=j(e),a=ye(e);return[t.user,t.session,t.account,...a].reduce((s,n)=>{var r;return s[n.tableName]={fields:b(b({},(r=s[n.tableName])==null?void 0:r.fields),n.fields)},s},{})}var he={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},be={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},ge={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},we={postgres:he,mysql:be,sqlite:ge};function Ae(e,t,a){return we[a][t].map(r=>r.toLowerCase()).includes(e.toLowerCase())}function S(e){return p(this,null,function*(){let t=H(e),a=C(e),o=yield F(e);o||(m.error("Invalid database configuration."),process.exit(1));let s=yield o.introspection.getTables(),n=[],r=[];for(let[c,y]of Object.entries(t)){let h=s.find(g=>g.name===c);if(!h){let g=n.findIndex(q=>q.table===c),f={table:c,fields:y.fields,order:y.order||1/0},x=n.findIndex(q=>(q.order||1/0)>f.order);x===-1?g===-1?n.push(f):n[g].fields=b(b({},n[g].fields),y.fields):n.splice(x,0,f);continue}let w={};for(let[g,f]of Object.entries(y.fields)){let x=h.columns.find(q=>q.name===g);if(!x){w[g]=f;continue}Ae(x.dataType,f.type,a)||m.warn(`Field ${g} in table ${c} has a different type in the database. Expected ${f.type} but got ${x.dataType}.`)}Object.keys(w).length>0&&r.push({table:c,fields:w,order:y.order||1/0})}let i=[];function l(c){let y={string:"text",boolean:"boolean",number:"integer",date:"date"};return a==="mysql"&&c==="string"?"varchar(255)":y[c]}if(r.length)for(let c of r)for(let[y,h]of Object.entries(c.fields)){let w=l(h.type),g=o.schema.alterTable(c.table).addColumn(y,w,f=>(f=h.required!==!1?f.notNull():f,h.references&&(f=f.references(`${h.references.model}.${h.references.field}`)),f));i.push(g)}if(n.length)for(let c of n){let y=o.schema.createTable(c.table).addColumn("id",l("string"),h=>h.primaryKey());for(let[h,w]of Object.entries(c.fields)){let g=l(w.type);y=y.addColumn(h,g,f=>(f=w.required!==!1?f.notNull():f,w.references&&(f=f.references(`${w.references.model}.${w.references.field}`)),w.unique&&(f=f.unique()),f))}i.push(y)}function d(){return p(this,null,function*(){for(let c of i)yield c.execute()})}function u(){return p(this,null,function*(){return i.map(y=>y.compile().sql).join(`;
|
|
4
4
|
|
|
5
|
-
`)})}return{toBeCreated:n,toBeAdded:r,runMigrations:d,compileMigrations:u}})}var
|
|
5
|
+
`)})}return{toBeCreated:n,toBeAdded:r,runMigrations:d,compileMigrations:u}})}var J=new xe("migrate").option("-c, --cwd <cwd>","the working directory. defaults to the current directory.",process.cwd()).option("--config <config>","the path to the configuration file. defaults to the first configuration file found.").option("--y","").action(e=>p(void 0,null,function*(){let t=P.object({cwd:P.string(),config:P.string().optional()}).parse(e),a=Te.resolve(t.cwd);qe(a)||(m.error(`The directory "${a}" does not exist.`),process.exit(1));let o=yield N({cwd:a,configPath:t.config});if(!o){m.error("No configuration file found. Add a `auth.ts` file to your project or pass the path to the configuration file using the `--config` flag.");return}F(o)||(m.error("Invalid database configuration."),process.exit(1));let n=Oe("preparing migration...").start(),{toBeAdded:r,toBeCreated:i,runMigrations:l}=yield S(o);!r.length&&!i.length&&(n.stop(),m.success("\u{1F680} No migrations needed."),process.exit(0)),n.stop(),m.info("\u{1F511} The migration will affect the following:");for(let u of[...i,...r])m.info("->",M.magenta(Object.keys(u.fields).join(", ")),M.white("fields on"),M.yellow(`${u.table}`),M.white("table."));let{migrate:d}=yield Be({type:"confirm",name:"migrate",message:"Are you sure you want to run these migrations?",initial:!1});d||(m.info("Migration cancelled."),process.exit(0)),n==null||n.start("migrating..."),yield l(),n.stop(),m.success("\u{1F680} migration was completed successfully!"),process.exit(0)}));import{Command as Fe}from"commander";import{z as E}from"zod";import{existsSync as ee}from"fs";import B from"path";import ke from"ora";import te from"prompts";function R(e){if(!e)return{and:null,or:null};let t=e==null?void 0:e.filter(o=>o.connector==="AND"||!o.connector).reduce((o,s)=>k(b({},o),{[s.field]:s.value}),{}),a=e==null?void 0:e.filter(o=>o.connector==="OR").reduce((o,s)=>k(b({},o),{[s.field]:s.value}),{});return{and:Object.keys(t).length?t:null,or:Object.keys(a).length?a:null}}function I(e,t,a){var o,s,n;for(let r in e)e[r]===0&&((o=t[r])==null?void 0:o.type)==="boolean"&&(a!=null&&a.boolean)&&(e[r]=!1),e[r]===1&&((s=t[r])==null?void 0:s.type)==="boolean"&&(a!=null&&a.boolean)&&(e[r]=!0),((n=t[r])==null?void 0:n.type)==="date"&&(e[r]instanceof Date||(e[r]=new Date(e[r])));return e}function Q(e,t){for(let a in e)typeof e[a]=="boolean"&&(t!=null&&t.boolean)&&(e[a]=e[a]?1:0),e[a]instanceof Date&&(e[a]=e[a].toISOString());return e}var Y=(e,t)=>({id:"kysely",create(o){return p(this,null,function*(){let{model:s,data:n,select:r}=o;t!=null&&t.transform&&(n=Q(n,t.transform));let i=yield e.insertInto(s).values(n).returningAll().executeTakeFirst();if(t!=null&&t.transform){let l=t.transform.schema[s];i=l?I(n,l,t.transform):i}return r!=null&&r.length&&(i=i?r.reduce((d,u)=>i!=null&&i[u]?k(b({},d),{[u]:i[u]}):d,{}):null),i})},findOne(o){return p(this,null,function*(){let{model:s,where:n,select:r}=o,{and:i,or:l}=R(n),d=e.selectFrom(s).selectAll();l&&(d=d.where(c=>c.or(l))),i&&(d=d.where(c=>c.and(i)));let u=yield d.executeTakeFirst();if(r!=null&&r.length&&(u=u?r.reduce((y,h)=>u!=null&&u[h]?k(b({},y),{[h]:u[h]}):y,{}):null),t!=null&&t.transform){let c=t.transform.schema[s];return u=u&&c?I(u,c,t.transform):u,u||null}return u||null})},findMany(o){return p(this,null,function*(){let{model:s,where:n}=o,r=e.selectFrom(s),{and:i,or:l}=R(n);i&&(r=r.where(u=>u.and(i))),l&&(r=r.where(u=>u.or(l)));let d=yield r.selectAll().execute();if(t!=null&&t.transform){let u=t.transform.schema[s];return u?d.map(c=>I(c,u,t.transform)):d}return d})},update(o){return p(this,null,function*(){let{model:s,where:n,update:r}=o,{and:i,or:l}=R(n);t!=null&&t.transform&&(r=Q(r,t.transform));let d=e.updateTable(s).set(r);i&&(d=d.where(c=>c.and(i))),l&&(d=d.where(c=>c.or(l)));let u=(yield d.returningAll().executeTakeFirst())||null;if(t!=null&&t.transform){let c=t.transform.schema[s];return c?I(u,c,t.transform):u}return u})},delete(o){return p(this,null,function*(){let{model:s,where:n}=o,{and:r,or:i}=R(n),l=e.deleteFrom(s);r&&(l=l.where(d=>d.and(r))),i&&(l=l.where(d=>d.or(i))),yield l.execute()})},createSchema(o){return p(this,null,function*(){let{compileMigrations:s}=yield S(o);return console.log(s),{code:yield s(),fileName:`./better-auth_migrations/${new Date().toISOString()}.sql`}})}});function Z(e){return p(this,null,function*(){if(!e.database)throw new A("Database configuration is required");if("create"in e.database)return e.database;let t=yield F(e);if(!t)throw new A("Failed to initialize database adapter");let a=j(e),o={};for(let s of Object.values(a))o[s.tableName]=s.fields;return Y(t,{transform:{schema:o,date:!0,boolean:C(e)==="sqlite"}})})}import v from"fs/promises";import re from"chalk";var ae=new Fe("generate").option("-c, --cwd <cwd>","the working directory. defaults to the current directory.",process.cwd()).option("--config <config>","the path to the configuration file. defaults to the first configuration file found.").option("--out <output>","the file to output to the generated schema").option("--y","").action(e=>p(void 0,null,function*(){let t=E.object({cwd:E.string(),config:E.string().optional(),out:E.string().optional()}).parse(e),a=B.resolve(t.cwd);ee(a)||(m.error(`The directory "${a}" does not exist.`),process.exit(1));let o=yield N({cwd:a,configPath:t.config});if(!o){m.error("No configuration file found. Add a `auth.ts` file to your project or pass the path to the configuration file using the `--config` flag.");return}let s=yield Z(o);s.createSchema||(m.error("The adapter does not support schema generation."),process.exit(1));let n=ke("preparing schema...").start(),{code:r,fileName:i,append:l}=yield s.createSchema(o,t.out);if(n.stop(),l){let{append:c}=yield te({type:"confirm",name:"append",message:`The file ${i} already exists. Do you want to ${re.yellow("append")} the schema to the file?`});c?(yield v.appendFile(B.join(a,i),r),m.success("\u{1F680} schema was appended successfully!"),process.exit(0)):(m.error("Schema generation aborted."),process.exit(1))}let{confirm:d}=yield te({type:"confirm",name:"confirm",message:`Do you want to generate the schema to ${re.yellow(i)}?`});d||(m.error("Schema generation aborted."),process.exit(1)),ee(B.dirname(B.join(a,i)))||(yield v.mkdir(B.dirname(B.join(a,i)),{recursive:!0})),yield v.writeFile(t.out||B.join(a,i),r),m.success("\u{1F680} schema was generated successfully!"),process.exit(0)}));function Ne(){return p(this,null,function*(){let e=new De().name("better-auth");e.addCommand(J).addCommand(ae),e.parse()})}Ne();
|
package/dist/client/plugins.d.ts
CHANGED
|
@@ -2,14 +2,14 @@ import * as nanostores from 'nanostores';
|
|
|
2
2
|
import { A as AccessControl, S as StatementsPrimitive, R as Role } from '../statement-CU-fdHXK.js';
|
|
3
3
|
import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
4
4
|
import { BetterFetchOption } from '@better-fetch/fetch';
|
|
5
|
-
import { o as organization, d as Organization, M as Member, I as Invitation, u as username, m as magicLink } from '../index-
|
|
6
|
-
export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-
|
|
5
|
+
import { o as organization, d as Organization, M as Member, I as Invitation, u as username, m as magicLink } from '../index-CmzUOocy.js';
|
|
6
|
+
export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-CmzUOocy.js';
|
|
7
7
|
import { P as Prettify } from '../helper-C1ihmerM.js';
|
|
8
8
|
import '../index-CE92ti2Z.js';
|
|
9
9
|
import 'arctic';
|
|
10
10
|
import 'zod';
|
|
11
11
|
import 'better-call';
|
|
12
|
-
import '../index-
|
|
12
|
+
import '../index-gO-yM4kI.js';
|
|
13
13
|
import 'kysely';
|
|
14
14
|
import '@simplewebauthn/types';
|
|
15
15
|
|
package/dist/client.d.ts
CHANGED
|
@@ -3,7 +3,7 @@ import * as nanostores from 'nanostores';
|
|
|
3
3
|
import { PreinitializedWritableAtom } from 'nanostores';
|
|
4
4
|
import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
5
5
|
import { BetterFetch, BetterFetchError, BetterFetchOption } from '@better-fetch/fetch';
|
|
6
|
-
import { B as BetterAuthPlugin, F as FieldAttribute, I as InferFieldOutput } from './index-
|
|
6
|
+
import { B as BetterAuthPlugin, F as FieldAttribute, I as InferFieldOutput } from './index-gO-yM4kI.js';
|
|
7
7
|
import { U as UnionToIntersection, P as Prettify } from './helper-C1ihmerM.js';
|
|
8
8
|
import { ClientOptions, InferClientAPI, InferActions, BetterAuthClientPlugin, InferSessionFromClient, InferUserFromClient, IsSignal } from './types.js';
|
|
9
9
|
export { AtomListener, InferPluginsFromClient } from './types.js';
|
|
@@ -5,7 +5,7 @@ import { P as Prettify } from './helper-C1ihmerM.js';
|
|
|
5
5
|
import { A as AccessControl, R as Role, S as StatementsPrimitive, g as defaultRoles } from './statement-CU-fdHXK.js';
|
|
6
6
|
import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
7
7
|
import { BetterFetch, BetterFetchOption } from '@better-fetch/fetch';
|
|
8
|
-
import { H as HookEndpointContext } from './index-
|
|
8
|
+
import { H as HookEndpointContext } from './index-gO-yM4kI.js';
|
|
9
9
|
import * as nanostores from 'nanostores';
|
|
10
10
|
import { atom } from 'nanostores';
|
|
11
11
|
import * as _simplewebauthn_types from '@simplewebauthn/types';
|
|
@@ -294,8 +294,6 @@ type BetterAuthDbSchema = Record<string, {
|
|
|
294
294
|
}>;
|
|
295
295
|
declare const getAuthTables: (options: BetterAuthOptions) => BetterAuthDbSchema;
|
|
296
296
|
|
|
297
|
-
declare function getAdapter(options: BetterAuthOptions): Adapter;
|
|
298
|
-
|
|
299
297
|
type HookEndpointContext<C extends Record<string, any> = {}> = ContextTools & {
|
|
300
298
|
context: AuthContext & C;
|
|
301
299
|
} & {
|
|
@@ -397,7 +395,7 @@ declare const logger: {
|
|
|
397
395
|
break: (...args: any[]) => void;
|
|
398
396
|
};
|
|
399
397
|
|
|
400
|
-
declare const init: (opts: BetterAuthOptions) => {
|
|
398
|
+
declare const init: (opts: BetterAuthOptions) => Promise<{
|
|
401
399
|
appName: string;
|
|
402
400
|
baseURL: string;
|
|
403
401
|
socialProviders: OAuthProvider<Record<string, any>>[] | ({
|
|
@@ -569,7 +567,7 @@ declare const init: (opts: BetterAuthOptions) => {
|
|
|
569
567
|
max: number;
|
|
570
568
|
storage: "memory" | "database";
|
|
571
569
|
} & BetterAuthOptions["rateLimit"];
|
|
572
|
-
adapter:
|
|
570
|
+
adapter: Adapter;
|
|
573
571
|
internalAdapter: ReturnType<typeof createInternalAdapter>;
|
|
574
572
|
createAuthCookie: ReturnType<typeof createCookieGetter>;
|
|
575
573
|
secret: string;
|
|
@@ -676,7 +674,7 @@ declare const init: (opts: BetterAuthOptions) => {
|
|
|
676
674
|
}; };
|
|
677
675
|
};
|
|
678
676
|
};
|
|
679
|
-
}
|
|
677
|
+
}>;
|
|
680
678
|
type AuthContext = {
|
|
681
679
|
options: BetterAuthOptions;
|
|
682
680
|
appName: string;
|
|
@@ -691,7 +689,7 @@ type AuthContext = {
|
|
|
691
689
|
max: number;
|
|
692
690
|
storage: "memory" | "database";
|
|
693
691
|
} & BetterAuthOptions["rateLimit"];
|
|
694
|
-
adapter:
|
|
692
|
+
adapter: Adapter;
|
|
695
693
|
internalAdapter: ReturnType<typeof createInternalAdapter>;
|
|
696
694
|
createAuthCookie: ReturnType<typeof createCookieGetter>;
|
|
697
695
|
secret: string;
|
|
@@ -2379,7 +2377,7 @@ declare const csrfMiddleware: better_call.Endpoint<better_call.Handler<string, {
|
|
|
2379
2377
|
method: "*";
|
|
2380
2378
|
}>;
|
|
2381
2379
|
|
|
2382
|
-
declare function getEndpoints<C extends AuthContext, Option extends BetterAuthOptions>(ctx: C, options: Option): {
|
|
2380
|
+
declare function getEndpoints<C extends AuthContext, Option extends BetterAuthOptions>(ctx: Promise<C> | C, options: Option): {
|
|
2383
2381
|
api: {
|
|
2384
2382
|
ok: {
|
|
2385
2383
|
(ctx_0?: Context<"/ok", {
|
package/dist/index.d.ts
CHANGED
package/dist/index.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
var
|
|
2
|
-
`)}}),P=ae();var qe=e=>{let t=new Jt(e.clientId,e.clientSecret,x("google",e.redirectURI));return{id:"google",name:"Google",createAuthorizationURL({state:o,scopes:r,codeVerifier:s,redirectURI:i}){if(!e.clientId||!e.clientSecret)throw P.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new S("CLIENT_ID_AND_SECRET_REQUIRED");if(!s)throw new S("codeVerifier is required for Google");let a=r||["email","profile"];return t.createAuthorizationURL(o,s,a)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return U({code:o,codeVerifier:r,redirectURI:s||x("google",e.redirectURI),options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"})}),getUserInfo(o){return c(this,null,function*(){var s;if(!o.idToken)return null;let r=(s=Zt(o.idToken()))==null?void 0:s.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}})}}};import{betterFetch as Qt}from"@better-fetch/fetch";import{Spotify as Xt}from"arctic";var je=e=>{let t=new Xt(e.clientId,e.clientSecret,x("spotify",e.redirectURI));return{id:"spotify",name:"Spotify",createAuthorizationURL({state:o,scopes:r}){let s=r||["user-read-email"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return U({code:o,codeVerifier:r,redirectURI:s||x("spotify",e.redirectURI),options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"})}),getUserInfo(o){return c(this,null,function*(){var i;let{data:r,error:s}=yield Qt("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s?null:{user:{id:r.id,name:r.display_name,email:r.email,image:(i=r.images[0])==null?void 0:i.url,emailVerified:!1},data:r}})}}};import{betterFetch as Yt}from"@better-fetch/fetch";import{Twitch as er}from"arctic";var De=e=>{let t=new er(e.clientId,e.clientSecret,x("twitch",e.redirectURI));return{id:"twitch",name:"Twitch",createAuthorizationURL({state:o,scopes:r}){let s=r||["activity:write","read"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return U({code:o,codeVerifier:r,redirectURI:s||x("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"})}),getUserInfo(o){return c(this,null,function*(){let{data:r,error:s}=yield Yt("https://api.twitch.tv/helix/users",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s?null:{user:{id:r.sub,name:r.preferred_username,email:r.email,image:r.picture,emailVerified:!1},data:r}})}}};import{betterFetch as tr}from"@better-fetch/fetch";import{Twitter as rr}from"arctic";var Ne=e=>{let t=new rr(e.clientId,e.clientSecret,x("twitter",e.redirectURI));return{id:"twitter",name:"Twitter",createAuthorizationURL(o){let r=o.scopes||["account_info.read"];return t.createAuthorizationURL(o.state,o.codeVerifier,r)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return U({code:o,codeVerifier:r,redirectURI:s||x("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"})}),getUserInfo(o){return c(this,null,function*(){let{data:r,error:s}=yield tr("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}})}}};import"arctic";var de={apple:Le,discord:Ee,facebook:Ce,github:Be,google:qe,spotify:je,twitch:De,twitter:Ne},$e=Object.keys(de);import{generateState as or}from"oslo/oauth2";import{z as M}from"zod";function Fe(e,t,n){let o=or();return{state:JSON.stringify({code:o,callbackURL:e,currentURL:t,dontRememberMe:n}),code:o}}function ce(e){return M.object({code:M.string(),callbackURL:M.string().optional(),currentURL:M.string().optional(),dontRememberMe:M.boolean().optional()}).safeParse(JSON.parse(e))}import{APIError as sr}from"better-call";var H=(e,t=!1)=>{let n=new Date;return new Date(n.getTime()+(t?e*1e3:e))};import{TimeSpan as nr}from"oslo";function Ve(e){var s;let n=!!((s=e.advanced)!=null&&s.useSecureCookies)||process.env.NODE_ENV!=="development"&&process.env.NODE_ENV!=="test"?"__Secure-":"",o="better-auth",r=new nr(7,"d").seconds();return{sessionToken:{name:`${n}${o}.session_token`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:r}},csrfToken:{name:`${n?"__Host-":""}${o}.csrf_token`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*60*24*7}},state:{name:`${n}${o}.state`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*15}},pkCodeVerifier:{name:`${n}${o}.pk_code_verifier`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*15}},dontRememberToken:{name:`${n}${o}.dont_remember`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n}},nonce:{name:`${n}${o}.nonce`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*15}}}}function ze(e){var s;let n=!!((s=e.advanced)!=null&&s.useSecureCookies)||process.env.NODE_ENV==="production"?"__Secure-":"",o="better-auth";function r(i,a){return{name:process.env.NODE_ENV==="production"?`${n}${o}.${i}`:`${o}.${i}`,options:g({secure:!!n,sameSite:"lax",path:"/",maxAge:60*15},a)}}return r}function E(e,t,n,o){return c(this,null,function*(){let r=e.context.authCookies.sessionToken.options;r.maxAge=n?void 0:r.maxAge,yield e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,r),n&&(yield e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options))})}function G(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}import{z as Me}from"zod";function Y(e){let t="127.0.0.1";if(process.env.NODE_ENV==="test")return t;let n=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"];for(let o of n){let r=e.headers.get(o);if(typeof r=="string"){let s=r.split(",")[0].trim();if(s)return s}}return null}var le=new Map;function ir(e,t){if(!e.request)return"";let{method:n,url:o,headers:r}=e.request,s=e.request.headers.get("User-Agent")||"",i=Y(e.request)||"",a=JSON.stringify(r);return`${n}:${o}:${a}:${s}:${i}:${t}`}var ue=()=>A("/session",{method:"GET",requireHeaders:!0},e=>c(void 0,null,function*(){try{let t=yield e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let n=ir(e,t),o=le.get(n);if(o){if(o.expiresAt>Date.now())return e.json(o.data);le.delete(n)}let r=yield e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return G(e),r&&(yield e.context.internalAdapter.deleteSession(r.session.id)),e.json(null,{status:401});if(yield e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let i=e.context.sessionConfig.expiresIn,a=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-i*1e3+a*1e3<=Date.now()){let l=yield e.context.internalAdapter.updateSession(r.session.id,{expiresAt:H(e.context.sessionConfig.expiresIn,!0)});if(!l)return G(e),e.json(null,{status:401});let u=(l.expiresAt.valueOf()-Date.now())/1e3;return yield E(e,l.id,!1,{maxAge:u}),e.json({session:l,user:r.user})}return le.set(n,{data:r,expiresAt:Date.now()+5e3}),e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}})),pe=e=>c(void 0,null,function*(){return yield ue()(T(g({},e),{_flag:void 0}))}),$=Q(e=>c(void 0,null,function*(){let t=yield pe(e);if(!(t!=null&&t.session))throw new sr("UNAUTHORIZED");return{session:t}})),He=()=>A("/user/list-sessions",{method:"GET",use:[$],requireHeaders:!0},e=>c(void 0,null,function*(){let n=(yield e.context.adapter.findMany({model:e.context.tables.session.tableName,where:[{field:"userId",value:e.context.session.user.id}]})).filter(o=>o.expiresAt>new Date);return e.json(n)})),Ge=A("/user/revoke-session",{method:"POST",body:Me.object({id:Me.string()}),use:[$],requireHeaders:!0},e=>c(void 0,null,function*(){let t=e.body.id,n=yield e.context.internalAdapter.findSession(t);if(!n)return e.json(null,{status:400});if(n.session.userId!==e.context.session.user.id)return e.json(null,{status:403});try{yield e.context.internalAdapter.deleteSession(t)}catch(o){return e.context.logger.error(o),e.json(null,{status:500})}return e.json({status:!0})})),Ke=A("/user/revoke-sessions",{method:"POST",use:[$],requireHeaders:!0},e=>c(void 0,null,function*(){try{yield e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}return e.json({status:!0})}));var We=A("/sign-in/social",{method:"POST",requireHeaders:!0,query:O.object({currentURL:O.string().optional()}).optional(),body:O.object({callbackURL:O.string().optional(),provider:O.enum($e),dontRememberMe:O.boolean().default(!1).optional()})},e=>c(void 0,null,function*(){var i,a,d,p;let t=e.context.socialProviders.find(l=>l.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider to your auth config",{provider:e.body.provider}),new _("NOT_FOUND",{message:"Provider not found"});let n=e.context.authCookies,o=(i=e.query)!=null&&i.currentURL?new URL((a=e.query)==null?void 0:a.currentURL):null,r=(d=e.body.callbackURL)!=null&&d.startsWith("http")?e.body.callbackURL:`${o==null?void 0:o.origin}${e.body.callbackURL||""}`,s=Fe(r||(o==null?void 0:o.origin)||e.context.baseURL,(p=e.query)==null?void 0:p.currentURL);try{yield e.setSignedCookie(n.state.name,s.code,e.context.secret,n.state.options);let l=ar();yield e.setSignedCookie(n.pkCodeVerifier.name,l,e.context.secret,n.pkCodeVerifier.options);let u=t.createAuthorizationURL({state:s.state,codeVerifier:l});return u.searchParams.set("redirect_uri",`${e.context.baseURL}/callback/${e.body.provider}`),{url:u.toString(),state:s.state,codeVerifier:l,redirect:!0}}catch(l){throw new _("INTERNAL_SERVER_ERROR")}})),Je=A("/sign-in/email",{method:"POST",body:O.object({email:O.string().email(),password:O.string(),callbackURL:O.string().optional(),dontRememberMe:O.boolean().default(!1).optional()})},e=>c(void 0,null,function*(){var l,u;if(!((u=(l=e.context.options)==null?void 0:l.emailAndPassword)!=null&&u.enabled))throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new _("BAD_REQUEST",{message:"Email and password is not enabled"});let t=yield pe(e);t&&(yield e.context.internalAdapter.deleteSession(t.session.id));let{email:n,password:o}=e.body;if(!O.string().email().safeParse(n).success)throw new _("BAD_REQUEST",{message:"Invalid email"});let s=yield e.context.internalAdapter.findUserByEmail(n);if(!s)throw yield e.context.password.hash(o),e.context.logger.error("User not found",{email:n}),new _("UNAUTHORIZED",{message:"Invalid email or password"});let i=s.accounts.find(m=>m.providerId==="credential");if(!i)throw e.context.logger.error("Credential account not found",{email:n}),new _("UNAUTHORIZED",{message:"Invalid email or password"});let a=i==null?void 0:i.password;if(!a)throw e.context.logger.error("Password not found",{email:n}),new _("UNAUTHORIZED",{message:"Unexpected error"});if(!(yield e.context.password.verify(a,o)))throw e.context.logger.error("Invalid password"),new _("UNAUTHORIZED",{message:"Invalid email or password"});let p=yield e.context.internalAdapter.createSession(s.user.id,e.headers,e.body.dontRememberMe);if(!p)throw e.context.logger.error("Failed to create session"),new _("INTERNAL_SERVER_ERROR");return yield E(e,p.id,e.body.dontRememberMe),e.json({user:s.user,session:p,redirect:!!e.body.callbackURL,url:e.body.callbackURL})}));import{APIError as lr}from"better-call";import{z as ee}from"zod";import{z as R}from"zod";var ms=R.object({id:R.string(),providerId:R.string(),accountId:R.string(),userId:R.string(),accessToken:R.string().nullable().optional(),refreshToken:R.string().nullable().optional(),idToken:R.string().nullable().optional(),expiresAt:R.date().nullable().optional(),password:R.string().optional().nullable()}),Ze=R.object({id:R.string(),email:R.string().transform(e=>e.toLowerCase()),emailVerified:R.boolean().default(!1),name:R.string(),image:R.string().optional(),createdAt:R.date().default(new Date),updatedAt:R.date().default(new Date)}),fs=R.object({id:R.string(),userId:R.string(),expiresAt:R.date(),ipAddress:R.string().optional(),userAgent:R.string().optional()});import{alphabet as dr,generateRandomString as cr}from"oslo/crypto";var Qe=()=>cr(36,dr("a-z","0-9"));var j={isAction:!1};function me(e){let t=e.accessToken(),n=e.hasRefreshToken()?e.refreshToken():void 0,o;try{o=e.accessTokenExpiresAt()}catch(r){}return{accessToken:t,refreshToken:n,expiresAt:o}}var Xe=A("/callback/:id",{method:"GET",query:ee.object({state:ee.string(),code:ee.string().optional(),error:ee.string().optional()}),metadata:j},e=>c(void 0,null,function*(){var h,y,b;if(e.query.error||!e.query.code){let k=((h=ce(e.query.state).data)==null?void 0:h.callbackURL)||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${k}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(w=>w.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let n=yield e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),o;try{o=yield t.validateAuthorizationCode(e.query.code,n,`${e.context.baseURL}/callback/${t.id}`)}catch(w){throw e.context.logger.error(w),e.redirect(`${e.context.baseURL}/error?error=oauth_code_verification_failed`)}let r=yield t.getUserInfo(o).then(w=>w==null?void 0:w.user),s=Qe(),i=Ze.safeParse(T(g({},r),{id:s})),a=ce(e.query.state);if(!a.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=invalid_state_parameter`);let{callbackURL:d,currentURL:p,dontRememberMe:l}=a.data;if(!r||i.success===!1)throw e.redirect(`${e.context.baseURL}/error?error=oauth_validation_failed`);if(!d)throw e.redirect(`${e.context.baseURL}/error?error=oauth_callback_url_not_found`);let u=yield e.context.internalAdapter.findUserByEmail(r.email),m=u==null?void 0:u.user.id;if(u){let w=u.accounts.find(I=>I.providerId===t.id),k=(b=(y=e.context.options.account)==null?void 0:y.accountLinking)==null?void 0:b.trustedProviders,v=k?k.includes(t.id):!0;if(!w&&(!r.emailVerified||!v)){let I;try{I=new URL(p||d),I.searchParams.set("error","account_not_linked")}catch(ne){throw e.redirect(`${e.context.baseURL}/error?error=account_not_linked`)}throw e.redirect(I.toString())}if(!w)try{yield e.context.internalAdapter.linkAccount(g({providerId:t.id,accountId:r.id,id:`${t.id}:${r.id}`,userId:u.user.id},me(o)))}catch(I){throw console.log(I),e.redirect(`${e.context.baseURL}/error?error=failed_linking_account`)}}else try{yield e.context.internalAdapter.createOAuthUser(i.data,T(g({},me(o)),{id:`${t.id}:${r.id}`,providerId:t.id,accountId:r.id,userId:s}))}catch(w){let k=new URL(p||d);throw k.searchParams.set("error","unable_to_create_user"),e.setHeader("Location",k.toString()),e.redirect(k.toString())}if(!m&&!s)throw new lr("INTERNAL_SERVER_ERROR",{message:"Unable to create user"});let f=yield e.context.internalAdapter.createSession(m||s,e.request,l);if(!f){let w=new URL(p||d);throw w.searchParams.set("error","unable_to_create_session"),e.redirect(w.toString())}try{yield E(e,f.id,l)}catch(w){e.context.logger.error("Unable to set session cookie",w);let k=new URL(p||d);throw k.searchParams.set("error","unable_to_create_session"),e.redirect(k.toString())}throw e.redirect(d)}));import{z as fe}from"zod";var Ye=A("/sign-out",{method:"POST",body:fe.optional(fe.object({callbackURL:fe.string().optional()}))},e=>c(void 0,null,function*(){var n,o;let t=yield e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);return t?(yield e.context.internalAdapter.deleteSession(t),G(e),e.json(null,{body:{redirect:!!((n=e.body)!=null&&n.callbackURL),url:(o=e.body)==null?void 0:o.callbackURL}})):e.json(null)}));import{TimeSpan as ur}from"oslo";import{createJWT as pr,parseJWT as mr}from"oslo/jwt";import{validateJWT as et}from"oslo/jwt";import{z as L}from"zod";var tt=A("/forget-password",{method:"POST",body:L.object({email:L.string().email(),redirectTo:L.string()})},e=>c(void 0,null,function*(){var s;if(!((s=e.context.options.emailAndPassword)!=null&&s.sendResetPassword))return e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function to your auth config!"),e.json(null,{status:400,statusText:"RESET_PASSWORD_EMAIL_NOT_SENT",body:{message:"Reset password isn't enabled"}});let{email:t}=e.body,n=yield e.context.internalAdapter.findUserByEmail(t);if(!n)return e.json({status:!1},{body:{status:!0}});let o=yield pr("HS256",Buffer.from(e.context.secret),{email:n.user.email,redirectTo:e.body.redirectTo},{expiresIn:new ur(1,"h"),issuer:"better-auth",subject:"forget-password",audiences:[n.user.email],includeIssuedTimestamp:!0}),r=`${e.context.baseURL}/reset-password/${o}`;return yield e.context.options.emailAndPassword.sendResetPassword(r,n.user),e.json({status:!0})})),rt=A("/reset-password/:token",{method:"GET"},e=>c(void 0,null,function*(){var s;let{token:t}=e.params,n,o=L.object({email:L.string(),redirectTo:L.string()});try{if(n=yield et("HS256",Buffer.from(e.context.secret),t),!n.expiresAt||n.expiresAt<new Date)throw Error("Token expired")}catch(i){let a=mr(t),d=o.safeParse(a==null?void 0:a.payload);throw d.success?e.redirect(`${(s=d.data)==null?void 0:s.redirectTo}?error=invalid_token`):e.redirect(`${e.context.baseURL}/error?error=invalid_token`)}let{redirectTo:r}=o.parse(n.payload);throw e.redirect(`${r}?token=${t}`)})),ot=A("/reset-password",{method:"POST",query:L.object({currentURL:L.string()}).optional(),body:L.object({newPassword:L.string(),callbackURL:L.string().optional()})},e=>c(void 0,null,function*(){var o,r,s;let t=(o=e.query)==null?void 0:o.currentURL.split("?token=")[1];if(!t)return e.json({error:"Invalid token",data:null},{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}});let{newPassword:n}=e.body;try{let i=yield et("HS256",Buffer.from(e.context.secret),t),a=L.string().email().parse(i.payload.email),d=yield e.context.internalAdapter.findUserByEmail(a);if(!d)return e.json({error:"User not found",data:null},{status:400,body:{message:"failed to reset password"}});if(n.length<(((r=e.context.options.emailAndPassword)==null?void 0:r.minPasswordLength)||8)||n.length>(((s=e.context.options.emailAndPassword)==null?void 0:s.maxPasswordLength)||32))return e.json({data:null,error:"password is too short or too long"},{status:400,statusText:"INVALID_PASSWORD_LENGTH",body:{message:"password is too short or too long"}});let p=yield e.context.password.hash(n);return(yield e.context.internalAdapter.updatePassword(d.user.id,p))?e.json({error:null,data:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}},{body:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}}):e.json(null,{status:400,statusText:"USER_NOT_FOUND",body:{message:"User doesn't have a credential account"}})}catch(i){return console.log(i),e.json({error:"Invalid token",data:null},{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}})}}));import{TimeSpan as fr}from"oslo";import{createJWT as gr,validateJWT as hr}from"oslo/jwt";import{z as C}from"zod";function ge(e,t){return c(this,null,function*(){return yield gr("HS256",Buffer.from(e),{email:t.toLowerCase()},{expiresIn:new fr(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})})}var nt=A("/send-verification-email",{method:"POST",query:C.object({currentURL:C.string().optional()}).optional(),body:C.object({email:C.string().email(),callbackURL:C.string().optional()})},e=>c(void 0,null,function*(){var r,s;if(!((r=e.context.options.emailAndPassword)!=null&&r.sendVerificationEmail))return e.context.logger.error("Verification email isn't enabled. Pass `sendVerificationEmail` in `emailAndPassword` options to enable it."),e.json(null,{status:400,statusText:"VERIFICATION_EMAIL_NOT_SENT",body:{message:"Verification email isn't enabled"}});let{email:t}=e.body,n=yield ge(e.context.secret,t),o=`${e.context.baseURL}/verify-email?token=${n}&callbackURL=${e.body.callbackURL||((s=e.query)==null?void 0:s.currentURL)||"/"}`;return yield e.context.options.emailAndPassword.sendVerificationEmail(t,o,n),e.json({status:!0})})),st=A("/verify-email",{method:"GET",query:C.object({token:C.string(),callbackURL:C.string().optional()})},e=>c(void 0,null,function*(){let{token:t}=e.query,n;try{n=yield hr("HS256",Buffer.from(e.context.secret),t)}catch(a){return e.context.logger.error("Failed to verify email",a),e.json(null,{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}})}let r=C.object({email:C.string().email()}).parse(n.payload),s=yield e.context.internalAdapter.findUserByEmail(r.email);if(!s)return e.json(null,{status:400,statusText:"USER_NOT_FOUND",body:{message:"User not found"}});if(!s.accounts.find(a=>a.providerId==="credential"))throw e.redirect;if(yield e.context.internalAdapter.updateUserByEmail(r.email,{emailVerified:!0}),e.query.callbackURL)throw console.log("Redirecting to",e.query.callbackURL),e.redirect("/");return e.json({status:!0})}));import{z as B}from"zod";import{alphabet as yr,generateRandomString as br}from"oslo/crypto";import"better-call";var it=A("/user/update",{method:"POST",body:B.object({name:B.string().optional(),image:B.string().optional()}),use:[$]},e=>c(void 0,null,function*(){let{name:t,image:n}=e.body,o=e.context.session;if(!n&&!t)return e.json(o.user);let r=yield e.context.internalAdapter.updateUserByEmail(o.user.email,{name:t,image:n});return e.json(r)})),at=A("/user/change-password",{method:"POST",body:B.object({newPassword:B.string(),currentPassword:B.string(),revokeOtherSessions:B.boolean().optional()}),use:[$]},e=>c(void 0,null,function*(){let{newPassword:t,currentPassword:n,revokeOtherSessions:o}=e.body,r=e.context.session,s=e.context.password.config.minPasswordLength;if(t.length<s)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let i=e.context.password.config.maxPasswordLength;if(t.length>i)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let d=(yield e.context.internalAdapter.findAccounts(r.user.id)).find(u=>u.providerId==="credential"&&u.password);if(!d||!d.password)return e.json(null,{status:400,body:{message:"User does not have a password"}});let p=yield e.context.password.hash(t);if(!(yield e.context.password.verify(d.password,n)))return e.json(null,{status:400,body:{message:"Invalid password"}});if(yield e.context.internalAdapter.updateAccount(d.id,{password:p}),o){yield e.context.internalAdapter.deleteSessions(r.user.id);let u=yield e.context.internalAdapter.createSession(r.user.id,e.headers);if(!u)return e.json(null,{status:500,body:{message:"Failed to create session"}});yield E(e,u.id)}return e.json(r.user)})),dt=A("/user/set-password",{method:"POST",body:B.object({newPassword:B.string()}),use:[$]},e=>c(void 0,null,function*(){let{newPassword:t}=e.body,n=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let r=e.context.password.config.maxPasswordLength;if(t.length>r)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let i=(yield e.context.internalAdapter.findAccounts(n.user.id)).find(d=>d.providerId==="credential"&&d.password),a=yield e.context.password.hash(t);return i?e.json(null,{status:400,body:{message:"User already has a password"}}):(yield e.context.internalAdapter.linkAccount({id:br(32,yr("a-z","0-9","A-Z")),userId:n.user.id,providerId:"credential",accountId:n.user.id,password:a}),e.json(n.user))}));import{alphabet as wr,generateRandomString as Ar}from"oslo/crypto";var ct=A("/csrf",{method:"GET",metadata:j},e=>c(void 0,null,function*(){let t=yield e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t)return{csrfToken:t};let n=Ar(32,wr("a-z","0-9","A-Z")),o=yield Z(e.context.secret,n),r=`${n}!${o}`;return yield e.setSignedCookie(e.context.authCookies.csrfToken.name,r,e.context.secret,e.context.authCookies.csrfToken.options),{csrfToken:n}}));var kr=(e="Unknown")=>`<!DOCTYPE html>
|
|
1
|
+
var Ct=Object.defineProperty,_t=Object.defineProperties;var Bt=Object.getOwnPropertyDescriptors;var W=Object.getOwnPropertySymbols;var Te=Object.prototype.hasOwnProperty,xe=Object.prototype.propertyIsEnumerable;var Re=(e,t,n)=>t in e?Ct(e,t,{enumerable:!0,configurable:!0,writable:!0,value:n}):e[t]=n,h=(e,t)=>{for(var n in t||(t={}))Te.call(t,n)&&Re(e,n,t[n]);if(W)for(var n of W(t))xe.call(t,n)&&Re(e,n,t[n]);return e},T=(e,t)=>_t(e,Bt(t));var J=(e,t)=>{var n={};for(var o in e)Te.call(e,o)&&t.indexOf(o)<0&&(n[o]=e[o]);if(e!=null&&W)for(var o of W(e))t.indexOf(o)<0&&xe.call(e,o)&&(n[o]=e[o]);return n};var c=(e,t,n)=>new Promise((o,r)=>{var s=d=>{try{a(n.next(d))}catch(u){r(u)}},i=d=>{try{a(n.throw(d))}catch(u){r(u)}},a=d=>d.done?o(d.value):Promise.resolve(d.value).then(s,i);a((n=n.apply(e,t)).next())});import{APIError as vr,createRouter as Ir}from"better-call";import{APIError as ve}from"better-call";import{z as Ie}from"zod";import{xchacha20poly1305 as Gr}from"@noble/ciphers/chacha";import{bytesToHex as Wr,hexToBytes as Jr,utf8ToBytes as Zr}from"@noble/ciphers/utils";import{managedNonce as Xr}from"@noble/ciphers/webcrypto";import{sha256 as eo}from"@noble/hashes/sha256";function Z(e,t){return c(this,null,function*(){let n=new TextEncoder,o={name:"HMAC",hash:"SHA-256"},r=yield crypto.subtle.importKey("raw",n.encode(e),o,!1,["sign","verify"]),s=yield crypto.subtle.sign(o.name,r,n.encode(t));return btoa(String.fromCharCode(...new Uint8Array(s)))})}import{createEndpointCreator as qt,createMiddleware as Pe,createMiddlewareCreator as jt}from"better-call";var Ue=Pe(()=>c(void 0,null,function*(){return{}})),Q=jt({use:[Ue,Pe(()=>c(void 0,null,function*(){return{}}))]}),A=qt({use:[Ue]});var Se=Q({body:Ie.object({csrfToken:Ie.string().optional()}).optional()},e=>c(void 0,null,function*(){var a,d,u,l;if(((a=e.request)==null?void 0:a.method)!=="POST"||(d=e.context.options.advanced)!=null&&d.disableCSRFCheck)return;let t=new URL(e.request.url);if(t.origin===new URL(e.context.baseURL).origin||(u=e.context.options.trustedOrigins)!=null&&u.includes(t.origin))return;let n=(l=e.body)==null?void 0:l.csrfToken,o=yield e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret),[r,s]=(o==null?void 0:o.split("!"))||[null,null];if(!n||!o||!r||!s||o!==n)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new ve("UNAUTHORIZED",{message:"Invalid CSRF Token"});let i=yield Z(e.context.secret,r);if(s!==i)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new ve("UNAUTHORIZED",{message:"Invalid CSRF Token"})}));import{APIError as _}from"better-call";import{generateCodeVerifier as ir}from"oslo/oauth2";import{z as S}from"zod";import"arctic";import{parseJWT as Ft}from"oslo/jwt";import"@better-fetch/fetch";var U=class extends Error{constructor(t,n,o){super(t),this.name="BetterAuthError",this.message=t,this.cause=n}};import{OAuth2Tokens as Nt}from"arctic";function Dt(e){try{return new URL(e).pathname!=="/"}catch(t){throw new U(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function se(e,t="/api/auth"){return Dt(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function X(e,t){if(e)return se(e,t);let n=(process==null?void 0:process.env)||{},o=n.BETTER_AUTH_URL||n.NEXT_PUBLIC_BETTER_AUTH_URL||n.PUBLIC_BETTER_AUTH_URL||n.NUXT_PUBLIC_BETTER_AUTH_URL||n.NUXT_PUBLIC_AUTH_URL||(n.BASE_URL!=="/"?n.BASE_URL:void 0);if(o)return se(o,t);if(typeof window!="undefined")return se(window.location.origin,t)}import{betterFetch as $t}from"@better-fetch/fetch";function x(e,t){return t||`${X()}/callback/${e}`}function v(s){return c(this,arguments,function*({code:e,codeVerifier:t,redirectURI:n,options:o,tokenEndpoint:r}){let i=new URLSearchParams;i.set("grant_type","authorization_code"),i.set("code",e),t&&i.set("code_verifier",t),i.set("redirect_uri",n),i.set("client_id",o.clientId),i.set("client_secret",o.clientSecret);let{data:a,error:d}=yield $t(r,{method:"POST",body:i,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(d)throw d;return new Nt(a)})}var Oe=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:o,scopes:r,redirectURI:s}){let i=r||["email","name","openid"];return new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${s||e.redirectURI}&scope=${i.join(" ")}&state=${o}`)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return v({code:o,codeVerifier:r,redirectURI:s||x("apple",e.redirectURI),options:e,tokenEndpoint:t})}),getUserInfo(o){return c(this,null,function*(){var s;let r=(s=Ft(o.idToken()))==null?void 0:s.payload;return r?{user:{id:r.sub,name:r.name,email:r.email,emailVerified:r.email_verified==="true"},data:r}:null})}}};import{betterFetch as Vt}from"@better-fetch/fetch";import{Discord as zt}from"arctic";var Le=e=>{let t=new zt(e.clientId,e.clientSecret,x("discord",e.redirectURI));return{id:"discord",name:"Discord",createAuthorizationURL({state:o,scopes:r}){let s=r||["email"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return v({code:o,codeVerifier:r,redirectURI:s||x("discord",e.redirectURI),options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"})}),getUserInfo(o){return c(this,null,function*(){let{data:r,error:s}=yield Vt("https://discord.com/api/users/@me",{auth:{type:"Bearer",token:o.accessToken()}});return s?null:{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified},data:r}})}}};import{betterFetch as Mt}from"@better-fetch/fetch";import{Facebook as Ht}from"arctic";var Ee=e=>{let t=new Ht(e.clientId,e.clientSecret,x("facebook",e.redirectURI));return{id:"facebook",name:"Facebook",createAuthorizationURL({state:o,scopes:r}){let s=r||["email","public_profile"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return v({code:o,codeVerifier:r,redirectURI:s||x("facebook",e.redirectURI),options:e,tokenEndpoint:"https://graph.facebook.com/v16.0/oauth/access_token"})}),getUserInfo(o){return c(this,null,function*(){let{data:r,error:s}=yield Mt("https://graph.facebook.com/me",{auth:{type:"Bearer",token:o.accessToken()}});return s?null:{user:{id:r.id,name:r.name,email:r.email,emailVerified:r.email_verified},data:r}})}}};import{betterFetch as Ce}from"@better-fetch/fetch";import{GitHub as Gt}from"arctic";var _e=({clientId:e,clientSecret:t,redirectURI:n})=>{let o=new Gt(e,t,x("github",n));return{id:"github",name:"Github",createAuthorizationURL({state:s,scopes:i}){let a=i||["user:email"];return o.createAuthorizationURL(s,a)},validateAuthorizationCode:s=>c(void 0,null,function*(){return yield o.validateAuthorizationCode(s)}),getUserInfo(s){return c(this,null,function*(){var u,l,p,m;let{data:i,error:a}=yield Ce("https://api.github.com/user",{auth:{type:"Bearer",token:s.accessToken()}});if(a)return null;let d=!1;if(!i.email){let{data:f,error:g}=yield Ce("https://api.github.com/user/emails",{auth:{type:"Bearer",token:s.accessToken()}});g||(i.email=(l=(u=f.find(y=>y.primary))!=null?u:f[0])==null?void 0:l.email,d=(m=(p=f.find(y=>y.email===i.email))==null?void 0:p.verified)!=null?m:!1)}return{user:{id:i.id,name:i.name,email:i.email,image:i.avatar_url,emailVerified:d,createdAt:new Date,updatedAt:new Date},data:i}})}}};import{Google as Wt}from"arctic";import{parseJWT as Jt}from"oslo/jwt";import{createConsola as Kt}from"consola";var N=Kt({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),ie=e=>({log:(...t)=>{!(e!=null&&e.disabled)&&N.log("",...t)},error:(...t)=>{!(e!=null&&e.disabled)&&N.error("",...t)},warn:(...t)=>{!(e!=null&&e.disabled)&&N.warn("",...t)},info:(...t)=>{!(e!=null&&e.disabled)&&N.info("",...t)},debug:(...t)=>{!(e!=null&&e.disabled)&&N.debug("",...t)},box:(...t)=>{!(e!=null&&e.disabled)&&N.box("",...t)},success:(...t)=>{!(e!=null&&e.disabled)&&N.success("",...t)},break:(...t)=>{!(e!=null&&e.disabled)&&console.log(`
|
|
2
|
+
`)}}),I=ie();var Be=e=>{let t=new Wt(e.clientId,e.clientSecret,x("google",e.redirectURI));return{id:"google",name:"Google",createAuthorizationURL({state:o,scopes:r,codeVerifier:s,redirectURI:i}){if(!e.clientId||!e.clientSecret)throw I.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new U("CLIENT_ID_AND_SECRET_REQUIRED");if(!s)throw new U("codeVerifier is required for Google");let a=r||["email","profile"];return t.createAuthorizationURL(o,s,a)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return v({code:o,codeVerifier:r,redirectURI:s||x("google",e.redirectURI),options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"})}),getUserInfo(o){return c(this,null,function*(){var s;if(!o.idToken)return null;let r=(s=Jt(o.idToken()))==null?void 0:s.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}})}}};import{betterFetch as Zt}from"@better-fetch/fetch";import{Spotify as Qt}from"arctic";var qe=e=>{let t=new Qt(e.clientId,e.clientSecret,x("spotify",e.redirectURI));return{id:"spotify",name:"Spotify",createAuthorizationURL({state:o,scopes:r}){let s=r||["user-read-email"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return v({code:o,codeVerifier:r,redirectURI:s||x("spotify",e.redirectURI),options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"})}),getUserInfo(o){return c(this,null,function*(){var i;let{data:r,error:s}=yield Zt("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s?null:{user:{id:r.id,name:r.display_name,email:r.email,image:(i=r.images[0])==null?void 0:i.url,emailVerified:!1},data:r}})}}};import{betterFetch as Xt}from"@better-fetch/fetch";import{Twitch as Yt}from"arctic";var je=e=>{let t=new Yt(e.clientId,e.clientSecret,x("twitch",e.redirectURI));return{id:"twitch",name:"Twitch",createAuthorizationURL({state:o,scopes:r}){let s=r||["activity:write","read"];return t.createAuthorizationURL(o,s)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return v({code:o,codeVerifier:r,redirectURI:s||x("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"})}),getUserInfo(o){return c(this,null,function*(){let{data:r,error:s}=yield Xt("https://api.twitch.tv/helix/users",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s?null:{user:{id:r.sub,name:r.preferred_username,email:r.email,image:r.picture,emailVerified:!1},data:r}})}}};import{betterFetch as er}from"@better-fetch/fetch";import{Twitter as tr}from"arctic";var De=e=>{let t=new tr(e.clientId,e.clientSecret,x("twitter",e.redirectURI));return{id:"twitter",name:"Twitter",createAuthorizationURL(o){let r=o.scopes||["account_info.read"];return t.createAuthorizationURL(o.state,o.codeVerifier,r)},validateAuthorizationCode:(o,r,s)=>c(void 0,null,function*(){return v({code:o,codeVerifier:r,redirectURI:s||x("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"})}),getUserInfo(o){return c(this,null,function*(){let{data:r,error:s}=yield er("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken()}`}});return s||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}})}}};import"arctic";var ae={apple:Oe,discord:Le,facebook:Ee,github:_e,google:Be,spotify:qe,twitch:je,twitter:De},Ne=Object.keys(ae);import{generateState as rr}from"oslo/oauth2";import{z as M}from"zod";function $e(e,t,n){let o=rr();return{state:JSON.stringify({code:o,callbackURL:e,currentURL:t,dontRememberMe:n}),code:o}}function de(e){return M.object({code:M.string(),callbackURL:M.string().optional(),currentURL:M.string().optional(),dontRememberMe:M.boolean().optional()}).safeParse(JSON.parse(e))}import{APIError as nr}from"better-call";var H=(e,t=!1)=>{let n=new Date;return new Date(n.getTime()+(t?e*1e3:e))};import{TimeSpan as or}from"oslo";function Fe(e){var s;let n=!!((s=e.advanced)!=null&&s.useSecureCookies)||process.env.NODE_ENV!=="development"&&process.env.NODE_ENV!=="test"?"__Secure-":"",o="better-auth",r=new or(7,"d").seconds();return{sessionToken:{name:`${n}${o}.session_token`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:r}},csrfToken:{name:`${n?"__Host-":""}${o}.csrf_token`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*60*24*7}},state:{name:`${n}${o}.state`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*15}},pkCodeVerifier:{name:`${n}${o}.pk_code_verifier`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*15}},dontRememberToken:{name:`${n}${o}.dont_remember`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n}},nonce:{name:`${n}${o}.nonce`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!n,maxAge:60*15}}}}function Ve(e){var s;let n=!!((s=e.advanced)!=null&&s.useSecureCookies)||process.env.NODE_ENV==="production"?"__Secure-":"",o="better-auth";function r(i,a){return{name:process.env.NODE_ENV==="production"?`${n}${o}.${i}`:`${o}.${i}`,options:h({secure:!!n,sameSite:"lax",path:"/",maxAge:60*15},a)}}return r}function E(e,t,n,o){return c(this,null,function*(){let r=e.context.authCookies.sessionToken.options;r.maxAge=n?void 0:r.maxAge,yield e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,r),n&&(yield e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options))})}function G(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}import{z as ze}from"zod";function Y(e){let t="127.0.0.1";if(process.env.NODE_ENV==="test")return t;let n=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"];for(let o of n){let r=e.headers.get(o);if(typeof r=="string"){let s=r.split(",")[0].trim();if(s)return s}}return null}var ce=new Map;function sr(e,t){if(!e.request)return"";let{method:n,url:o,headers:r}=e.request,s=e.request.headers.get("User-Agent")||"",i=Y(e.request)||"",a=JSON.stringify(r);return`${n}:${o}:${a}:${s}:${i}:${t}`}var le=()=>A("/session",{method:"GET",requireHeaders:!0},e=>c(void 0,null,function*(){try{let t=yield e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let n=sr(e,t),o=ce.get(n);if(o){if(o.expiresAt>Date.now())return e.json(o.data);ce.delete(n)}let r=yield e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return G(e),r&&(yield e.context.internalAdapter.deleteSession(r.session.id)),e.json(null,{status:401});if(yield e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let i=e.context.sessionConfig.expiresIn,a=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-i*1e3+a*1e3<=Date.now()){let l=yield e.context.internalAdapter.updateSession(r.session.id,{expiresAt:H(e.context.sessionConfig.expiresIn,!0)});if(!l)return G(e),e.json(null,{status:401});let p=(l.expiresAt.valueOf()-Date.now())/1e3;return yield E(e,l.id,!1,{maxAge:p}),e.json({session:l,user:r.user})}return ce.set(n,{data:r,expiresAt:Date.now()+5e3}),e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}})),ue=e=>c(void 0,null,function*(){return yield le()(T(h({},e),{_flag:void 0}))}),$=Q(e=>c(void 0,null,function*(){let t=yield ue(e);if(!(t!=null&&t.session))throw new nr("UNAUTHORIZED");return{session:t}})),Me=()=>A("/user/list-sessions",{method:"GET",use:[$],requireHeaders:!0},e=>c(void 0,null,function*(){let n=(yield e.context.adapter.findMany({model:e.context.tables.session.tableName,where:[{field:"userId",value:e.context.session.user.id}]})).filter(o=>o.expiresAt>new Date);return e.json(n)})),He=A("/user/revoke-session",{method:"POST",body:ze.object({id:ze.string()}),use:[$],requireHeaders:!0},e=>c(void 0,null,function*(){let t=e.body.id,n=yield e.context.internalAdapter.findSession(t);if(!n)return e.json(null,{status:400});if(n.session.userId!==e.context.session.user.id)return e.json(null,{status:403});try{yield e.context.internalAdapter.deleteSession(t)}catch(o){return e.context.logger.error(o),e.json(null,{status:500})}return e.json({status:!0})})),Ge=A("/user/revoke-sessions",{method:"POST",use:[$],requireHeaders:!0},e=>c(void 0,null,function*(){try{yield e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}return e.json({status:!0})}));var Ke=A("/sign-in/social",{method:"POST",requireHeaders:!0,query:S.object({currentURL:S.string().optional()}).optional(),body:S.object({callbackURL:S.string().optional(),provider:S.enum(Ne),dontRememberMe:S.boolean().default(!1).optional()})},e=>c(void 0,null,function*(){var i,a,d,u;let t=e.context.socialProviders.find(l=>l.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider to your auth config",{provider:e.body.provider}),new _("NOT_FOUND",{message:"Provider not found"});let n=e.context.authCookies,o=(i=e.query)!=null&&i.currentURL?new URL((a=e.query)==null?void 0:a.currentURL):null,r=(d=e.body.callbackURL)!=null&&d.startsWith("http")?e.body.callbackURL:`${o==null?void 0:o.origin}${e.body.callbackURL||""}`,s=$e(r||(o==null?void 0:o.origin)||e.context.baseURL,(u=e.query)==null?void 0:u.currentURL);try{yield e.setSignedCookie(n.state.name,s.code,e.context.secret,n.state.options);let l=ir();yield e.setSignedCookie(n.pkCodeVerifier.name,l,e.context.secret,n.pkCodeVerifier.options);let p=t.createAuthorizationURL({state:s.state,codeVerifier:l});return p.searchParams.set("redirect_uri",`${e.context.baseURL}/callback/${e.body.provider}`),{url:p.toString(),state:s.state,codeVerifier:l,redirect:!0}}catch(l){throw new _("INTERNAL_SERVER_ERROR")}})),We=A("/sign-in/email",{method:"POST",body:S.object({email:S.string().email(),password:S.string(),callbackURL:S.string().optional(),dontRememberMe:S.boolean().default(!1).optional()})},e=>c(void 0,null,function*(){var l,p;if(!((p=(l=e.context.options)==null?void 0:l.emailAndPassword)!=null&&p.enabled))throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new _("BAD_REQUEST",{message:"Email and password is not enabled"});let t=yield ue(e);t&&(yield e.context.internalAdapter.deleteSession(t.session.id));let{email:n,password:o}=e.body;if(!S.string().email().safeParse(n).success)throw new _("BAD_REQUEST",{message:"Invalid email"});let s=yield e.context.internalAdapter.findUserByEmail(n);if(!s)throw yield e.context.password.hash(o),e.context.logger.error("User not found",{email:n}),new _("UNAUTHORIZED",{message:"Invalid email or password"});let i=s.accounts.find(m=>m.providerId==="credential");if(!i)throw e.context.logger.error("Credential account not found",{email:n}),new _("UNAUTHORIZED",{message:"Invalid email or password"});let a=i==null?void 0:i.password;if(!a)throw e.context.logger.error("Password not found",{email:n}),new _("UNAUTHORIZED",{message:"Unexpected error"});if(!(yield e.context.password.verify(a,o)))throw e.context.logger.error("Invalid password"),new _("UNAUTHORIZED",{message:"Invalid email or password"});let u=yield e.context.internalAdapter.createSession(s.user.id,e.headers,e.body.dontRememberMe);if(!u)throw e.context.logger.error("Failed to create session"),new _("INTERNAL_SERVER_ERROR");return yield E(e,u.id,e.body.dontRememberMe),e.json({user:s.user,session:u,redirect:!!e.body.callbackURL,url:e.body.callbackURL})}));import{APIError as cr}from"better-call";import{z as ee}from"zod";import{z as R}from"zod";var ps=R.object({id:R.string(),providerId:R.string(),accountId:R.string(),userId:R.string(),accessToken:R.string().nullable().optional(),refreshToken:R.string().nullable().optional(),idToken:R.string().nullable().optional(),expiresAt:R.date().nullable().optional(),password:R.string().optional().nullable()}),Je=R.object({id:R.string(),email:R.string().transform(e=>e.toLowerCase()),emailVerified:R.boolean().default(!1),name:R.string(),image:R.string().optional(),createdAt:R.date().default(new Date),updatedAt:R.date().default(new Date)}),ms=R.object({id:R.string(),userId:R.string(),expiresAt:R.date(),ipAddress:R.string().optional(),userAgent:R.string().optional()});import{alphabet as ar,generateRandomString as dr}from"oslo/crypto";var Ze=()=>dr(36,ar("a-z","0-9"));var j={isAction:!1};function pe(e){let t=e.accessToken(),n=e.hasRefreshToken()?e.refreshToken():void 0,o;try{o=e.accessTokenExpiresAt()}catch(r){}return{accessToken:t,refreshToken:n,expiresAt:o}}var Qe=A("/callback/:id",{method:"GET",query:ee.object({state:ee.string(),code:ee.string().optional(),error:ee.string().optional()}),metadata:j},e=>c(void 0,null,function*(){var g,y,b;if(e.query.error||!e.query.code){let k=((g=de(e.query.state).data)==null?void 0:g.callbackURL)||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${k}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(w=>w.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let n=yield e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),o;try{o=yield t.validateAuthorizationCode(e.query.code,n,`${e.context.baseURL}/callback/${t.id}`)}catch(w){throw e.context.logger.error(w),e.redirect(`${e.context.baseURL}/error?error=oauth_code_verification_failed`)}let r=yield t.getUserInfo(o).then(w=>w==null?void 0:w.user),s=Ze(),i=Je.safeParse(T(h({},r),{id:s})),a=de(e.query.state);if(!a.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=invalid_state_parameter`);let{callbackURL:d,currentURL:u,dontRememberMe:l}=a.data;if(!r||i.success===!1)throw e.redirect(`${e.context.baseURL}/error?error=oauth_validation_failed`);if(!d)throw e.redirect(`${e.context.baseURL}/error?error=oauth_callback_url_not_found`);let p=yield e.context.internalAdapter.findUserByEmail(r.email),m=p==null?void 0:p.user.id;if(p){let w=p.accounts.find(P=>P.providerId===t.id),k=(b=(y=e.context.options.account)==null?void 0:y.accountLinking)==null?void 0:b.trustedProviders,L=k?k.includes(t.id):!0;if(!w&&(!r.emailVerified||!L)){let P;try{P=new URL(u||d),P.searchParams.set("error","account_not_linked")}catch(ne){throw e.redirect(`${e.context.baseURL}/error?error=account_not_linked`)}throw e.redirect(P.toString())}if(!w)try{yield e.context.internalAdapter.linkAccount(h({providerId:t.id,accountId:r.id,id:`${t.id}:${r.id}`,userId:p.user.id},pe(o)))}catch(P){throw console.log(P),e.redirect(`${e.context.baseURL}/error?error=failed_linking_account`)}}else try{yield e.context.internalAdapter.createOAuthUser(i.data,T(h({},pe(o)),{id:`${t.id}:${r.id}`,providerId:t.id,accountId:r.id,userId:s}))}catch(w){let k=new URL(u||d);throw k.searchParams.set("error","unable_to_create_user"),e.setHeader("Location",k.toString()),e.redirect(k.toString())}if(!m&&!s)throw new cr("INTERNAL_SERVER_ERROR",{message:"Unable to create user"});let f=yield e.context.internalAdapter.createSession(m||s,e.request,l);if(!f){let w=new URL(u||d);throw w.searchParams.set("error","unable_to_create_session"),e.redirect(w.toString())}try{yield E(e,f.id,l)}catch(w){e.context.logger.error("Unable to set session cookie",w);let k=new URL(u||d);throw k.searchParams.set("error","unable_to_create_session"),e.redirect(k.toString())}throw e.redirect(d)}));import{z as me}from"zod";var Xe=A("/sign-out",{method:"POST",body:me.optional(me.object({callbackURL:me.string().optional()}))},e=>c(void 0,null,function*(){var n,o;let t=yield e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);return t?(yield e.context.internalAdapter.deleteSession(t),G(e),e.json(null,{body:{redirect:!!((n=e.body)!=null&&n.callbackURL),url:(o=e.body)==null?void 0:o.callbackURL}})):e.json(null)}));import{TimeSpan as lr}from"oslo";import{createJWT as ur,parseJWT as pr}from"oslo/jwt";import{validateJWT as Ye}from"oslo/jwt";import{z as O}from"zod";var et=A("/forget-password",{method:"POST",body:O.object({email:O.string().email(),redirectTo:O.string()})},e=>c(void 0,null,function*(){var s;if(!((s=e.context.options.emailAndPassword)!=null&&s.sendResetPassword))return e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function to your auth config!"),e.json(null,{status:400,statusText:"RESET_PASSWORD_EMAIL_NOT_SENT",body:{message:"Reset password isn't enabled"}});let{email:t}=e.body,n=yield e.context.internalAdapter.findUserByEmail(t);if(!n)return e.json({status:!1},{body:{status:!0}});let o=yield ur("HS256",Buffer.from(e.context.secret),{email:n.user.email,redirectTo:e.body.redirectTo},{expiresIn:new lr(1,"h"),issuer:"better-auth",subject:"forget-password",audiences:[n.user.email],includeIssuedTimestamp:!0}),r=`${e.context.baseURL}/reset-password/${o}`;return yield e.context.options.emailAndPassword.sendResetPassword(r,n.user),e.json({status:!0})})),tt=A("/reset-password/:token",{method:"GET"},e=>c(void 0,null,function*(){var s;let{token:t}=e.params,n,o=O.object({email:O.string(),redirectTo:O.string()});try{if(n=yield Ye("HS256",Buffer.from(e.context.secret),t),!n.expiresAt||n.expiresAt<new Date)throw Error("Token expired")}catch(i){let a=pr(t),d=o.safeParse(a==null?void 0:a.payload);throw d.success?e.redirect(`${(s=d.data)==null?void 0:s.redirectTo}?error=invalid_token`):e.redirect(`${e.context.baseURL}/error?error=invalid_token`)}let{redirectTo:r}=o.parse(n.payload);throw e.redirect(`${r}?token=${t}`)})),rt=A("/reset-password",{method:"POST",query:O.object({currentURL:O.string()}).optional(),body:O.object({newPassword:O.string(),callbackURL:O.string().optional()})},e=>c(void 0,null,function*(){var o,r,s;let t=(o=e.query)==null?void 0:o.currentURL.split("?token=")[1];if(!t)return e.json({error:"Invalid token",data:null},{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}});let{newPassword:n}=e.body;try{let i=yield Ye("HS256",Buffer.from(e.context.secret),t),a=O.string().email().parse(i.payload.email),d=yield e.context.internalAdapter.findUserByEmail(a);if(!d)return e.json({error:"User not found",data:null},{status:400,body:{message:"failed to reset password"}});if(n.length<(((r=e.context.options.emailAndPassword)==null?void 0:r.minPasswordLength)||8)||n.length>(((s=e.context.options.emailAndPassword)==null?void 0:s.maxPasswordLength)||32))return e.json({data:null,error:"password is too short or too long"},{status:400,statusText:"INVALID_PASSWORD_LENGTH",body:{message:"password is too short or too long"}});let u=yield e.context.password.hash(n);return(yield e.context.internalAdapter.updatePassword(d.user.id,u))?e.json({error:null,data:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}},{body:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}}):e.json(null,{status:400,statusText:"USER_NOT_FOUND",body:{message:"User doesn't have a credential account"}})}catch(i){return console.log(i),e.json({error:"Invalid token",data:null},{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}})}}));import{TimeSpan as mr}from"oslo";import{createJWT as fr,validateJWT as gr}from"oslo/jwt";import{z as C}from"zod";function fe(e,t){return c(this,null,function*(){return yield fr("HS256",Buffer.from(e),{email:t.toLowerCase()},{expiresIn:new mr(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})})}var ot=A("/send-verification-email",{method:"POST",query:C.object({currentURL:C.string().optional()}).optional(),body:C.object({email:C.string().email(),callbackURL:C.string().optional()})},e=>c(void 0,null,function*(){var r,s;if(!((r=e.context.options.emailAndPassword)!=null&&r.sendVerificationEmail))return e.context.logger.error("Verification email isn't enabled. Pass `sendVerificationEmail` in `emailAndPassword` options to enable it."),e.json(null,{status:400,statusText:"VERIFICATION_EMAIL_NOT_SENT",body:{message:"Verification email isn't enabled"}});let{email:t}=e.body,n=yield fe(e.context.secret,t),o=`${e.context.baseURL}/verify-email?token=${n}&callbackURL=${e.body.callbackURL||((s=e.query)==null?void 0:s.currentURL)||"/"}`;return yield e.context.options.emailAndPassword.sendVerificationEmail(t,o,n),e.json({status:!0})})),nt=A("/verify-email",{method:"GET",query:C.object({token:C.string(),callbackURL:C.string().optional()})},e=>c(void 0,null,function*(){let{token:t}=e.query,n;try{n=yield gr("HS256",Buffer.from(e.context.secret),t)}catch(a){return e.context.logger.error("Failed to verify email",a),e.json(null,{status:400,statusText:"INVALID_TOKEN",body:{message:"Invalid token"}})}let r=C.object({email:C.string().email()}).parse(n.payload),s=yield e.context.internalAdapter.findUserByEmail(r.email);if(!s)return e.json(null,{status:400,statusText:"USER_NOT_FOUND",body:{message:"User not found"}});if(!s.accounts.find(a=>a.providerId==="credential"))throw e.redirect;if(yield e.context.internalAdapter.updateUserByEmail(r.email,{emailVerified:!0}),e.query.callbackURL)throw console.log("Redirecting to",e.query.callbackURL),e.redirect("/");return e.json({status:!0})}));import{z as B}from"zod";import{alphabet as hr,generateRandomString as yr}from"oslo/crypto";import"better-call";var st=A("/user/update",{method:"POST",body:B.object({name:B.string().optional(),image:B.string().optional()}),use:[$]},e=>c(void 0,null,function*(){let{name:t,image:n}=e.body,o=e.context.session;if(!n&&!t)return e.json(o.user);let r=yield e.context.internalAdapter.updateUserByEmail(o.user.email,{name:t,image:n});return e.json(r)})),it=A("/user/change-password",{method:"POST",body:B.object({newPassword:B.string(),currentPassword:B.string(),revokeOtherSessions:B.boolean().optional()}),use:[$]},e=>c(void 0,null,function*(){let{newPassword:t,currentPassword:n,revokeOtherSessions:o}=e.body,r=e.context.session,s=e.context.password.config.minPasswordLength;if(t.length<s)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let i=e.context.password.config.maxPasswordLength;if(t.length>i)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let d=(yield e.context.internalAdapter.findAccounts(r.user.id)).find(p=>p.providerId==="credential"&&p.password);if(!d||!d.password)return e.json(null,{status:400,body:{message:"User does not have a password"}});let u=yield e.context.password.hash(t);if(!(yield e.context.password.verify(d.password,n)))return e.json(null,{status:400,body:{message:"Invalid password"}});if(yield e.context.internalAdapter.updateAccount(d.id,{password:u}),o){yield e.context.internalAdapter.deleteSessions(r.user.id);let p=yield e.context.internalAdapter.createSession(r.user.id,e.headers);if(!p)return e.json(null,{status:500,body:{message:"Failed to create session"}});yield E(e,p.id)}return e.json(r.user)})),at=A("/user/set-password",{method:"POST",body:B.object({newPassword:B.string()}),use:[$]},e=>c(void 0,null,function*(){let{newPassword:t}=e.body,n=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let r=e.context.password.config.maxPasswordLength;if(t.length>r)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let i=(yield e.context.internalAdapter.findAccounts(n.user.id)).find(d=>d.providerId==="credential"&&d.password),a=yield e.context.password.hash(t);return i?e.json(null,{status:400,body:{message:"User already has a password"}}):(yield e.context.internalAdapter.linkAccount({id:yr(32,hr("a-z","0-9","A-Z")),userId:n.user.id,providerId:"credential",accountId:n.user.id,password:a}),e.json(n.user))}));import{alphabet as br,generateRandomString as wr}from"oslo/crypto";var dt=A("/csrf",{method:"GET",metadata:j},e=>c(void 0,null,function*(){let t=yield e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t)return{csrfToken:t};let n=wr(32,br("a-z","0-9","A-Z")),o=yield Z(e.context.secret,n),r=`${n}!${o}`;return yield e.setSignedCookie(e.context.authCookies.csrfToken.name,r,e.context.secret,e.context.authCookies.csrfToken.options),{csrfToken:n}}));var Ar=(e="Unknown")=>`<!DOCTYPE html>
|
|
3
3
|
<html lang="en">
|
|
4
4
|
<head>
|
|
5
5
|
<meta charset="UTF-8">
|
|
@@ -79,6 +79,6 @@ var _t=Object.defineProperty,Bt=Object.defineProperties;var qt=Object.getOwnProp
|
|
|
79
79
|
<div class="error-code">Error Code: <span id="errorCode">${e}</span></div>
|
|
80
80
|
</div>
|
|
81
81
|
</body>
|
|
82
|
-
</html>`,lt=A("/error",{method:"GET",metadata:j},e=>c(void 0,null,function*(){var n;let t=new URL(((n=e.request)==null?void 0:n.url)||"").searchParams.get("error")||"Unknown";return new Response(kr(t),{headers:{"Content-Type":"text/html"}})}));var ut=A("/ok",{method:"GET",metadata:j},e=>c(void 0,null,function*(){return e.json({ok:!0})}));import{alphabet as pt,generateRandomString as mt}from"oslo/crypto";import{z as q}from"zod";var ft=A("/sign-up/email",{method:"POST",query:q.object({currentURL:q.string().optional()}).optional(),body:q.object({name:q.string(),email:q.string(),password:q.string(),image:q.string().optional(),callbackURL:q.string().optional()})},e=>c(void 0,null,function*(){var m,f,h,y;if(!((m=e.context.options.emailAndPassword)!=null&&m.enabled))return e.json(null,{status:400,body:{message:"Email and password is not enabled"}});let{name:t,email:n,password:o,image:r}=e.body;if(!q.string().email().safeParse(n).success)return e.json(null,{status:400,body:{message:"Invalid email address"}});let i=e.context.password.config.minPasswordLength;if(o.length<i)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let a=e.context.password.config.maxPasswordLength;if(o.length>a)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let d=yield e.context.internalAdapter.findUserByEmail(n),p=yield e.context.password.hash(o);if(d!=null&&d.user)return e.json(null,{status:400,body:{message:"User already exists"}});let l=yield e.context.internalAdapter.createUser({id:mt(32,pt("a-z","0-9","A-Z")),email:n.toLowerCase(),name:t,image:r,emailVerified:!1,createdAt:new Date,updatedAt:new Date});if(!l)return e.json(null,{status:400,body:{message:"Could not create user"}});yield e.context.internalAdapter.linkAccount({id:mt(32,pt("a-z","0-9","A-Z")),userId:l.id,providerId:"credential",accountId:l.id,password:p});let u=yield e.context.internalAdapter.createSession(l.id,e.request);if(!u)return e.json(null,{status:400,body:{message:"Could not create session"}});if(yield E(e,u.id),e.context.options.emailAndPassword.sendEmailVerificationOnSignUp){let b=yield ge(e.context.secret,l.email),w=`${e.context.baseURL}/verify-email?token=${b}&callbackURL=${e.body.callbackURL||((f=e.query)==null?void 0:f.currentURL)||"/"}`;yield(y=(h=e.context.options.emailAndPassword).sendVerificationEmail)==null?void 0:y.call(h,l.email,w,b)}return e.json({user:l,session:u},{body:e.body.callbackURL?{url:e.body.callbackURL,redirect:!0}:{user:l,session:u}})}));import he from"chalk";function Rr(e,t,n){let o=Date.now(),r=t*1e3;return o-n.lastRequest<r&&n.count>=e}function Tr(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function xr(e,t){let n=Date.now(),o=t*1e3;return Math.ceil((e+o-n)/1e3)}function Ur(e,t){let n=t!=null?t:"rateLimit",o=e.adapter;return{get:r=>c(this,null,function*(){return yield o.findOne({model:n,where:[{field:"key",value:r}]})}),set:(r,s,i)=>c(this,null,function*(){try{i?yield o.update({model:t!=null?t:"rateLimit",where:[{field:"key",value:r}],update:{count:s.count,lastRequest:s.lastRequest}}):yield o.create({model:t!=null?t:"rateLimit",data:{key:r,count:s.count,lastRequest:s.lastRequest}})}catch(a){P.error("Error setting rate limit",a)}})}}var gt=new Map;function Pr(e){if(e.rateLimit.customStorage)return e.rateLimit.customStorage;if(e.rateLimit.storage==="memory"){let n;return{get(o){return c(this,null,function*(){return gt.get(o)})},set(o,r,s){return c(this,null,function*(){gt.set(o,r)})}}}return Ur(e,e.rateLimit.tableName)}function ht(e,t){return c(this,null,function*(){if(!t.rateLimit.enabled)return;let n=t.baseURL,o=e.url.replace(n,""),r=t.rateLimit.window,s=t.rateLimit.max,i=Y(e)+o,d=vr().find(m=>m.pathMatcher(o));d&&(r=d.window,s=d.max);for(let m of t.options.plugins||[])if(m.rateLimit){let f=m.rateLimit.find(h=>h.pathMatcher(o));if(f){r=f.window,s=f.max;break}}if(t.rateLimit.customRules){let m=t.rateLimit.customRules[o];m&&(r=m.window,s=m.max)}let p=Pr(t),l=yield p.get(i),u=Date.now();if(!l)yield p.set(i,{key:i,count:1,lastRequest:u});else{let m=u-l.lastRequest;if(Rr(s,r,l)){let f=xr(l.lastRequest,r);return Tr(f)}else m>r*1e3?yield p.set(i,T(g({},l),{count:1,lastRequest:u})):yield p.set(i,T(g({},l),{count:l.count+1,lastRequest:u}))}})}function vr(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:7}]}function ye(e,t){var a,d;let n=(a=e.options.plugins)==null?void 0:a.reduce((p,l)=>g(g({},p),l.endpoints),{}),o=((d=e.options.plugins)==null?void 0:d.map(p=>{var l;return(l=p.middlewares)==null?void 0:l.map(u=>{let m=f=>c(this,null,function*(){return u.middleware(T(g({},f),{context:g(g({},e),f.context)}))});return m.path=u.path,m.options=u.middleware.options,m.headers=u.middleware.headers,{path:u.path,middleware:m}})}).filter(p=>p!==void 0).flat())||[],r={signInOAuth:We,callbackOAuth:Xe,getCSRFToken:ct,getSession:ue(),signOut:Ye,signUpEmail:ft,signInEmail:Je,forgetPassword:tt,resetPassword:ot,verifyEmail:st,sendVerificationEmail:nt,changePassword:at,setPassword:dt,updateUser:it,forgetPasswordCallback:rt,listSessions:He(),revokeSession:Ge,revokeSessions:Ke},s=T(g(g({},r),n),{ok:ut,error:lt}),i={};for(let[p,l]of Object.entries(s))i[p]=u=>c(this,null,function*(){var h;let f=yield l(T(g({},u),{context:g(g({},e),u.context)}));for(let y of e.options.plugins||[])if((h=y.hooks)!=null&&h.after){for(let b of y.hooks.after)if(b.matcher(u)){let k=Object.assign(u,{context:T(g({},e),{returned:f})}),v=yield b.handler(k);v&&"response"in v&&(f=v.response)}}return f}),i[p].path=l.path,i[p].method=l.method,i[p].options=l.options,i[p].headers=l.headers;return{api:i,middlewares:o}}var yt=(e,t)=>{let{api:n,middlewares:o}=ye(e,t),r=new URL(e.baseURL).pathname;return Sr(n,{extraContext:e,basePath:r,routerMiddleware:[{path:"/**",middleware:Oe},...o],onRequest(i){return c(this,null,function*(){for(let a of e.options.plugins||[])if(a.onRequest){let d=yield a.onRequest(i,e);if(d)return d}return ht(i,e)})},onResponse(i){return c(this,null,function*(){for(let a of e.options.plugins||[])if(a.onResponse){let d=yield a.onResponse(i,e);if(d)return d.response}return i})},onError(i){var d,p,l,u;let a=(d=t.logger)!=null&&d.verboseLogging?P:void 0;if(((p=t.logger)==null?void 0:p.disabled)!==!0)if(i instanceof Ir)a==null||a.warn(i);else if(typeof i=="object"&&i!==null&&"message"in i){let m=i.message;if(!m||typeof m!="string"){a==null||a.error(i);return}m.includes("no such table")?(l=P)==null||l.error(`Please run ${he.green("npx better-auth migrate")} to create the tables. There are missing tables in your SQLite database.`):m.includes("relation")&&m.includes("does not exist")?P.error(`Please run ${he.green("npx better-auth migrate")} to create the tables. There are missing tables in your PostgreSQL database.`):m.includes("Table")&&m.includes("doesn't exist")?(u=P)==null||u.error(`Please run ${he.green("npx better-auth migrate")} to create the tables. There are missing tables in your MySQL database.`):a==null||a.error(i)}else a==null||a.error(i)}})};var D=e=>{var d,p,l,m,f,h;let t=(d=e.plugins)==null?void 0:d.reduce((y,b)=>{var k;let w=b.schema;if(!w)return y;for(let[v,I]of Object.entries(w))y[v]={fields:g(g({},(k=y[v])==null?void 0:k.fields),I.fields),tableName:v};return y},{}),n=((p=e.rateLimit)==null?void 0:p.storage)==="database",o={rateLimit:{tableName:((l=e.rateLimit)==null?void 0:l.tableName)||"rateLimit",fields:{key:{type:"string"},count:{type:"number"},lastRequest:{type:"number"}}}},u=t||{},{user:r,session:s,account:i}=u,a=J(u,["user","session","account"]);return g(g({user:{tableName:((m=e.user)==null?void 0:m.modelName)||"user",fields:g({name:{type:"string",required:!0},email:{type:"string",unique:!0,required:!0},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0},image:{type:"string",required:!1},createdAt:{type:"date",defaultValue:()=>new Date,required:!0},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0}},r==null?void 0:r.fields),order:0},session:{tableName:((f=e.session)==null?void 0:f.modelName)||"session",fields:g({expiresAt:{type:"date",required:!0},ipAddress:{type:"string",required:!1},userAgent:{type:"string",required:!1},userId:{type:"string",references:{model:"user",field:"id",onDelete:"cascade"},required:!0}},s==null?void 0:s.fields),order:1},account:{tableName:((h=e.account)==null?void 0:h.modelName)||"account",fields:g({accountId:{type:"string",required:!0},providerId:{type:"string",required:!0},userId:{type:"string",references:{model:"user",field:"id",onDelete:"cascade"},required:!0},accessToken:{type:"string",required:!1},refreshToken:{type:"string",required:!1},idToken:{type:"string",required:!1},expiresAt:{type:"date",required:!1},password:{type:"string",required:!1}},i==null?void 0:i.fields),order:2}},a),n?o:{})};import{Kysely as Or}from"kysely";import{MysqlDialect as bt,PostgresDialect as wt,SqliteDialect as At}from"kysely";var Lr=e=>{var n,o;if(!e.database)return;if("createDriver"in e.database)return e.database;let t;if("provider"in e.database){let r=e.database.provider,s=(o=(n=e.database)==null?void 0:n.url)==null?void 0:o.trim();if(r==="postgres"){let{Pool:i}=se("pg");t=new wt({pool:new i({connectionString:s})})}if(r==="mysql")try{let{createPool:i}=se("mysql2/promise"),a=new URL(s),d=i({host:a.hostname,user:a.username,password:a.password,database:a.pathname.split("/")[1],port:Number(a.port)});t=new bt({pool:d})}catch(i){if(i instanceof TypeError)throw new S("Invalid database URL")}if(r==="sqlite"){let i=se("better-sqlite3"),a=new i(s);t=new At({database:a})}}return t},F=e=>{let t=Lr(e);return t&&new Or({dialect:t})},te=e=>{if("provider"in e.database)return e.database.provider;if("dialect"in e.database){if(e.database.dialect instanceof wt)return"postgres";if(e.database.dialect instanceof bt)return"mysql";if(e.database.dialect instanceof At)return"sqlite"}return"sqlite"};import"kysely";function Er(e){var n;return((n=e.plugins)==null?void 0:n.flatMap(o=>Object.keys(o.schema||{}).map(r=>{let i=(o.schema||{})[r];if(!(i!=null&&i.disableMigration))return{tableName:r,fields:i==null?void 0:i.fields}}).filter(r=>r!==void 0)))||[]}function kt(e){let t=D(e),n=Er(e);return[t.user,t.session,t.account,...n].reduce((r,s)=>{var i;return r[s.tableName]={fields:g(g({},(i=r[s.tableName])==null?void 0:i.fields),s.fields)},r},{})}var Cr={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},_r={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},Br={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},qr={postgres:Cr,mysql:_r,sqlite:Br};function jr(e,t,n){return qr[n][t].map(i=>i.toLowerCase()).includes(e.toLowerCase())}function Rt(e){return c(this,null,function*(){let t=kt(e),n=te(e),o=F(e);o||(P.error("Invalid database configuration."),process.exit(1));let r=yield o.introspection.getTables(),s=[],i=[];for(let[u,m]of Object.entries(t)){let f=r.find(y=>y.name===u);if(!f){let y=s.findIndex(k=>k.table===u),b={table:u,fields:m.fields,order:m.order||1/0},w=s.findIndex(k=>(k.order||1/0)>b.order);w===-1?y===-1?s.push(b):s[y].fields=g(g({},s[y].fields),m.fields):s.splice(w,0,b);continue}let h={};for(let[y,b]of Object.entries(m.fields)){let w=f.columns.find(k=>k.name===y);if(!w){h[y]=b;continue}jr(w.dataType,b.type,n)||P.warn(`Field ${y} in table ${u} has a different type in the database. Expected ${b.type} but got ${w.dataType}.`)}Object.keys(h).length>0&&i.push({table:u,fields:h,order:m.order||1/0})}let a=[];function d(u){let m={string:"text",boolean:"boolean",number:"integer",date:"date"};return n==="mysql"&&u==="string"?"varchar(255)":m[u]}if(i.length)for(let u of i)for(let[m,f]of Object.entries(u.fields)){let h=d(f.type),y=o.schema.alterTable(u.table).addColumn(m,h,b=>(b=f.required!==!1?b.notNull():b,f.references&&(b=b.references(`${f.references.model}.${f.references.field}`)),b));a.push(y)}if(s.length)for(let u of s){let m=o.schema.createTable(u.table).addColumn("id",d("string"),f=>f.primaryKey());for(let[f,h]of Object.entries(u.fields)){let y=d(h.type);m=m.addColumn(f,y,b=>(b=h.required!==!1?b.notNull():b,h.references&&(b=b.references(`${h.references.model}.${h.references.field}`)),h.unique&&(b=b.unique()),b))}a.push(m)}function p(){return c(this,null,function*(){for(let u of a)yield u.execute()})}function l(){return c(this,null,function*(){return a.map(m=>m.compile().sql).join(`;
|
|
82
|
+
</html>`,ct=A("/error",{method:"GET",metadata:j},e=>c(void 0,null,function*(){var n;let t=new URL(((n=e.request)==null?void 0:n.url)||"").searchParams.get("error")||"Unknown";return new Response(Ar(t),{headers:{"Content-Type":"text/html"}})}));var lt=A("/ok",{method:"GET",metadata:j},e=>c(void 0,null,function*(){return e.json({ok:!0})}));import{alphabet as ut,generateRandomString as pt}from"oslo/crypto";import{z as q}from"zod";var mt=A("/sign-up/email",{method:"POST",query:q.object({currentURL:q.string().optional()}).optional(),body:q.object({name:q.string(),email:q.string(),password:q.string(),image:q.string().optional(),callbackURL:q.string().optional()})},e=>c(void 0,null,function*(){var m,f,g,y;if(!((m=e.context.options.emailAndPassword)!=null&&m.enabled))return e.json(null,{status:400,body:{message:"Email and password is not enabled"}});let{name:t,email:n,password:o,image:r}=e.body;if(!q.string().email().safeParse(n).success)return e.json(null,{status:400,body:{message:"Invalid email address"}});let i=e.context.password.config.minPasswordLength;if(o.length<i)return e.context.logger.error("Password is too short"),e.json(null,{status:400,body:{message:"Password is too short"}});let a=e.context.password.config.maxPasswordLength;if(o.length>a)return e.context.logger.error("Password is too long"),e.json(null,{status:400,body:{message:"Password is too long"}});let d=yield e.context.internalAdapter.findUserByEmail(n),u=yield e.context.password.hash(o);if(d!=null&&d.user)return e.json(null,{status:400,body:{message:"User already exists"}});let l=yield e.context.internalAdapter.createUser({id:pt(32,ut("a-z","0-9","A-Z")),email:n.toLowerCase(),name:t,image:r,emailVerified:!1,createdAt:new Date,updatedAt:new Date});if(!l)return e.json(null,{status:400,body:{message:"Could not create user"}});yield e.context.internalAdapter.linkAccount({id:pt(32,ut("a-z","0-9","A-Z")),userId:l.id,providerId:"credential",accountId:l.id,password:u});let p=yield e.context.internalAdapter.createSession(l.id,e.request);if(!p)return e.json(null,{status:400,body:{message:"Could not create session"}});if(yield E(e,p.id),e.context.options.emailAndPassword.sendEmailVerificationOnSignUp){let b=yield fe(e.context.secret,l.email),w=`${e.context.baseURL}/verify-email?token=${b}&callbackURL=${e.body.callbackURL||((f=e.query)==null?void 0:f.currentURL)||"/"}`;yield(y=(g=e.context.options.emailAndPassword).sendVerificationEmail)==null?void 0:y.call(g,l.email,w,b)}return e.json({user:l,session:p},{body:e.body.callbackURL?{url:e.body.callbackURL,redirect:!0}:{user:l,session:p}})}));import ge from"chalk";function kr(e,t,n){let o=Date.now(),r=t*1e3;return o-n.lastRequest<r&&n.count>=e}function Rr(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function Tr(e,t){let n=Date.now(),o=t*1e3;return Math.ceil((e+o-n)/1e3)}function xr(e,t){let n=t!=null?t:"rateLimit",o=e.adapter;return{get:r=>c(this,null,function*(){return yield o.findOne({model:n,where:[{field:"key",value:r}]})}),set:(r,s,i)=>c(this,null,function*(){try{i?yield o.update({model:t!=null?t:"rateLimit",where:[{field:"key",value:r}],update:{count:s.count,lastRequest:s.lastRequest}}):yield o.create({model:t!=null?t:"rateLimit",data:{key:r,count:s.count,lastRequest:s.lastRequest}})}catch(a){I.error("Error setting rate limit",a)}})}}var ft=new Map;function Pr(e){if(e.rateLimit.customStorage)return e.rateLimit.customStorage;if(e.rateLimit.storage==="memory"){let n;return{get(o){return c(this,null,function*(){return ft.get(o)})},set(o,r,s){return c(this,null,function*(){ft.set(o,r)})}}}return xr(e,e.rateLimit.tableName)}function gt(e,t){return c(this,null,function*(){if(!t.rateLimit.enabled)return;let n=t.baseURL,o=e.url.replace(n,""),r=t.rateLimit.window,s=t.rateLimit.max,i=Y(e)+o,d=Ur().find(m=>m.pathMatcher(o));d&&(r=d.window,s=d.max);for(let m of t.options.plugins||[])if(m.rateLimit){let f=m.rateLimit.find(g=>g.pathMatcher(o));if(f){r=f.window,s=f.max;break}}if(t.rateLimit.customRules){let m=t.rateLimit.customRules[o];m&&(r=m.window,s=m.max)}let u=Pr(t),l=yield u.get(i),p=Date.now();if(!l)yield u.set(i,{key:i,count:1,lastRequest:p});else{let m=p-l.lastRequest;if(kr(s,r,l)){let f=Tr(l.lastRequest,r);return Rr(f)}else m>r*1e3?yield u.set(i,T(h({},l),{count:1,lastRequest:p})):yield u.set(i,T(h({},l),{count:l.count+1,lastRequest:p}))}})}function Ur(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:7}]}function he(e,t){var a,d;let n=(a=t.plugins)==null?void 0:a.reduce((u,l)=>h(h({},u),l.endpoints),{}),o=((d=t.plugins)==null?void 0:d.map(u=>{var l;return(l=u.middlewares)==null?void 0:l.map(p=>{let m=f=>c(this,null,function*(){return p.middleware(T(h({},f),{context:h(h({},e),f.context)}))});return m.path=p.path,m.options=p.middleware.options,m.headers=p.middleware.headers,{path:p.path,middleware:m}})}).filter(u=>u!==void 0).flat())||[],r={signInOAuth:Ke,callbackOAuth:Qe,getCSRFToken:dt,getSession:le(),signOut:Xe,signUpEmail:mt,signInEmail:We,forgetPassword:et,resetPassword:rt,verifyEmail:nt,sendVerificationEmail:ot,changePassword:it,setPassword:at,updateUser:st,forgetPasswordCallback:tt,listSessions:Me(),revokeSession:He,revokeSessions:Ge},s=T(h(h({},r),n),{ok:lt,error:ct}),i={};for(let[u,l]of Object.entries(s))i[u]=p=>c(this,null,function*(){var y;let m=yield e,g=yield l(T(h({},p),{context:h(h({},m),p.context)}));for(let b of t.plugins||[])if((y=b.hooks)!=null&&y.after){for(let w of b.hooks.after)if(w.matcher(p)){let L=Object.assign(p,{context:T(h({},e),{returned:g})}),P=yield w.handler(L);P&&"response"in P&&(g=P.response)}}return g}),i[u].path=l.path,i[u].method=l.method,i[u].options=l.options,i[u].headers=l.headers;return{api:i,middlewares:o}}var ht=(e,t)=>{let{api:n,middlewares:o}=he(e,t),r=new URL(e.baseURL).pathname;return Ir(n,{extraContext:e,basePath:r,routerMiddleware:[{path:"/**",middleware:Se},...o],onRequest(i){return c(this,null,function*(){for(let a of e.options.plugins||[])if(a.onRequest){let d=yield a.onRequest(i,e);if(d)return d}return gt(i,e)})},onResponse(i){return c(this,null,function*(){for(let a of e.options.plugins||[])if(a.onResponse){let d=yield a.onResponse(i,e);if(d)return d.response}return i})},onError(i){var d,u,l,p;let a=(d=t.logger)!=null&&d.verboseLogging?I:void 0;if(((u=t.logger)==null?void 0:u.disabled)!==!0)if(i instanceof vr)a==null||a.warn(i);else if(typeof i=="object"&&i!==null&&"message"in i){let m=i.message;if(!m||typeof m!="string"){a==null||a.error(i);return}m.includes("no such table")?(l=I)==null||l.error(`Please run ${ge.green("npx better-auth migrate")} to create the tables. There are missing tables in your SQLite database.`):m.includes("relation")&&m.includes("does not exist")?I.error(`Please run ${ge.green("npx better-auth migrate")} to create the tables. There are missing tables in your PostgreSQL database.`):m.includes("Table")&&m.includes("doesn't exist")?(p=I)==null||p.error(`Please run ${ge.green("npx better-auth migrate")} to create the tables. There are missing tables in your MySQL database.`):a==null||a.error(i)}else a==null||a.error(i)}})};var D=e=>{var d,u,l,m,f,g;let t=(d=e.plugins)==null?void 0:d.reduce((y,b)=>{var k;let w=b.schema;if(!w)return y;for(let[L,P]of Object.entries(w))y[L]={fields:h(h({},(k=y[L])==null?void 0:k.fields),P.fields),tableName:L};return y},{}),n=((u=e.rateLimit)==null?void 0:u.storage)==="database",o={rateLimit:{tableName:((l=e.rateLimit)==null?void 0:l.tableName)||"rateLimit",fields:{key:{type:"string"},count:{type:"number"},lastRequest:{type:"number"}}}},p=t||{},{user:r,session:s,account:i}=p,a=J(p,["user","session","account"]);return h(h({user:{tableName:((m=e.user)==null?void 0:m.modelName)||"user",fields:h({name:{type:"string",required:!0},email:{type:"string",unique:!0,required:!0},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0},image:{type:"string",required:!1},createdAt:{type:"date",defaultValue:()=>new Date,required:!0},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0}},r==null?void 0:r.fields),order:0},session:{tableName:((f=e.session)==null?void 0:f.modelName)||"session",fields:h({expiresAt:{type:"date",required:!0},ipAddress:{type:"string",required:!1},userAgent:{type:"string",required:!1},userId:{type:"string",references:{model:"user",field:"id",onDelete:"cascade"},required:!0}},s==null?void 0:s.fields),order:1},account:{tableName:((g=e.account)==null?void 0:g.modelName)||"account",fields:h({accountId:{type:"string",required:!0},providerId:{type:"string",required:!0},userId:{type:"string",references:{model:"user",field:"id",onDelete:"cascade"},required:!0},accessToken:{type:"string",required:!1},refreshToken:{type:"string",required:!1},idToken:{type:"string",required:!1},expiresAt:{type:"date",required:!1},password:{type:"string",required:!1}},i==null?void 0:i.fields),order:2}},a),n?o:{})};import{Kysely as Sr}from"kysely";import{MysqlDialect as yt,PostgresDialect as bt,SqliteDialect as wt}from"kysely";var Or=e=>c(void 0,null,function*(){var n,o;if(!e.database)return;if("createDriver"in e.database)return e.database;let t;if("provider"in e.database){let r=e.database.provider,s=(o=(n=e.database)==null?void 0:n.url)==null?void 0:o.trim();if(r==="postgres"){let a=(yield import("pg").catch(d=>{throw new U("Please install `pg` to use postgres database")})).Pool;t=new bt({pool:new a({connectionString:s})})}if(r==="mysql")try{let{createPool:i}=yield import("mysql2/promise").catch(u=>{throw new U("Please install `mysql2` to use mysql database")}),a=new URL(s),d=i({host:a.hostname,user:a.username,password:a.password,database:a.pathname.split("/")[1],port:Number(a.port)});t=new yt({pool:d})}catch(i){if(i instanceof TypeError)throw new U("Invalid database URL")}if(r==="sqlite"){let{default:i}=yield import("better-sqlite3").catch(d=>{throw new U("Please install `better-sqlite3` to use sqlite database")}),a=new i(s);t=new wt({database:a})}}return t}),F=e=>c(void 0,null,function*(){let t=yield Or(e);return t&&new Sr({dialect:t})}),te=e=>{if("provider"in e.database)return e.database.provider;if("dialect"in e.database){if(e.database.dialect instanceof bt)return"postgres";if(e.database.dialect instanceof yt)return"mysql";if(e.database.dialect instanceof wt)return"sqlite"}return"sqlite"};import"kysely";function Lr(e){var n;return((n=e.plugins)==null?void 0:n.flatMap(o=>Object.keys(o.schema||{}).map(r=>{let i=(o.schema||{})[r];if(!(i!=null&&i.disableMigration))return{tableName:r,fields:i==null?void 0:i.fields}}).filter(r=>r!==void 0)))||[]}function At(e){let t=D(e),n=Lr(e);return[t.user,t.session,t.account,...n].reduce((r,s)=>{var i;return r[s.tableName]={fields:h(h({},(i=r[s.tableName])==null?void 0:i.fields),s.fields)},r},{})}var Er={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},Cr={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},_r={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},Br={postgres:Er,mysql:Cr,sqlite:_r};function qr(e,t,n){return Br[n][t].map(i=>i.toLowerCase()).includes(e.toLowerCase())}function kt(e){return c(this,null,function*(){let t=At(e),n=te(e),o=yield F(e);o||(I.error("Invalid database configuration."),process.exit(1));let r=yield o.introspection.getTables(),s=[],i=[];for(let[p,m]of Object.entries(t)){let f=r.find(y=>y.name===p);if(!f){let y=s.findIndex(k=>k.table===p),b={table:p,fields:m.fields,order:m.order||1/0},w=s.findIndex(k=>(k.order||1/0)>b.order);w===-1?y===-1?s.push(b):s[y].fields=h(h({},s[y].fields),m.fields):s.splice(w,0,b);continue}let g={};for(let[y,b]of Object.entries(m.fields)){let w=f.columns.find(k=>k.name===y);if(!w){g[y]=b;continue}qr(w.dataType,b.type,n)||I.warn(`Field ${y} in table ${p} has a different type in the database. Expected ${b.type} but got ${w.dataType}.`)}Object.keys(g).length>0&&i.push({table:p,fields:g,order:m.order||1/0})}let a=[];function d(p){let m={string:"text",boolean:"boolean",number:"integer",date:"date"};return n==="mysql"&&p==="string"?"varchar(255)":m[p]}if(i.length)for(let p of i)for(let[m,f]of Object.entries(p.fields)){let g=d(f.type),y=o.schema.alterTable(p.table).addColumn(m,g,b=>(b=f.required!==!1?b.notNull():b,f.references&&(b=b.references(`${f.references.model}.${f.references.field}`)),b));a.push(y)}if(s.length)for(let p of s){let m=o.schema.createTable(p.table).addColumn("id",d("string"),f=>f.primaryKey());for(let[f,g]of Object.entries(p.fields)){let y=d(g.type);m=m.addColumn(f,y,b=>(b=g.required!==!1?b.notNull():b,g.references&&(b=b.references(`${g.references.model}.${g.references.field}`)),g.unique&&(b=b.unique()),b))}a.push(m)}function u(){return c(this,null,function*(){for(let p of a)yield p.execute()})}function l(){return c(this,null,function*(){return a.map(m=>m.compile().sql).join(`;
|
|
83
83
|
|
|
84
|
-
`)})}return{toBeCreated:s,toBeAdded:i,runMigrations:p,compileMigrations:l}})}function re(e){if(!e)return{and:null,or:null};let t=e==null?void 0:e.filter(o=>o.connector==="AND"||!o.connector).reduce((o,r)=>T(g({},o),{[r.field]:r.value}),{}),n=e==null?void 0:e.filter(o=>o.connector==="OR").reduce((o,r)=>T(g({},o),{[r.field]:r.value}),{});return{and:Object.keys(t).length?t:null,or:Object.keys(n).length?n:null}}function oe(e,t,n){var o,r,s;for(let i in e)e[i]===0&&((o=t[i])==null?void 0:o.type)==="boolean"&&(n!=null&&n.boolean)&&(e[i]=!1),e[i]===1&&((r=t[i])==null?void 0:r.type)==="boolean"&&(n!=null&&n.boolean)&&(e[i]=!0),((s=t[i])==null?void 0:s.type)==="date"&&(e[i]instanceof Date||(e[i]=new Date(e[i])));return e}function Tt(e,t){for(let n in e)typeof e[n]=="boolean"&&(t!=null&&t.boolean)&&(e[n]=e[n]?1:0),e[n]instanceof Date&&(e[n]=e[n].toISOString());return e}var xt=(e,t)=>({id:"kysely",create(o){return c(this,null,function*(){let{model:r,data:s,select:i}=o;t!=null&&t.transform&&(s=Tt(s,t.transform));let a=yield e.insertInto(r).values(s).returningAll().executeTakeFirst();if(t!=null&&t.transform){let d=t.transform.schema[r];a=d?oe(s,d,t.transform):a}return i!=null&&i.length&&(a=a?i.reduce((p,l)=>a!=null&&a[l]?T(g({},p),{[l]:a[l]}):p,{}):null),a})},findOne(o){return c(this,null,function*(){let{model:r,where:s,select:i}=o,{and:a,or:d}=re(s),p=e.selectFrom(r).selectAll();d&&(p=p.where(u=>u.or(d))),a&&(p=p.where(u=>u.and(a)));let l=yield p.executeTakeFirst();if(i!=null&&i.length&&(l=l?i.reduce((m,f)=>l!=null&&l[f]?T(g({},m),{[f]:l[f]}):m,{}):null),t!=null&&t.transform){let u=t.transform.schema[r];return l=l&&u?oe(l,u,t.transform):l,l||null}return l||null})},findMany(o){return c(this,null,function*(){let{model:r,where:s}=o,i=e.selectFrom(r),{and:a,or:d}=re(s);a&&(i=i.where(l=>l.and(a))),d&&(i=i.where(l=>l.or(d)));let p=yield i.selectAll().execute();if(t!=null&&t.transform){let l=t.transform.schema[r];return l?p.map(u=>oe(u,l,t.transform)):p}return p})},update(o){return c(this,null,function*(){let{model:r,where:s,update:i}=o,{and:a,or:d}=re(s);t!=null&&t.transform&&(i=Tt(i,t.transform));let p=e.updateTable(r).set(i);a&&(p=p.where(u=>u.and(a))),d&&(p=p.where(u=>u.or(d)));let l=(yield p.returningAll().executeTakeFirst())||null;if(t!=null&&t.transform){let u=t.transform.schema[r];return u?oe(l,u,t.transform):l}return l})},delete(o){return c(this,null,function*(){let{model:r,where:s}=o,{and:i,or:a}=re(s),d=e.deleteFrom(r);i&&(d=d.where(p=>p.and(i))),a&&(d=d.where(p=>p.or(a))),yield d.execute()})},createSchema(o){return c(this,null,function*(){let{compileMigrations:r}=yield Rt(o);return console.log(r),{code:yield r(),fileName:`./better-auth_migrations/${new Date().toISOString()}.sql`}})}});function Ut(e){if(!e.database)throw new S("Database configuration is required");if("create"in e.database)return e.database;let t=F(e);if(!t)throw new S("Failed to initialize database adapter");let n=D(e),o={};for(let r of Object.values(n))o[r.tableName]=r.fields;return xt(t,{transform:{schema:o,date:!0,boolean:te(e)==="sqlite"}})}import{scrypt as Dr}from"node:crypto";import{decodeHex as Nr,encodeHex as Pt}from"oslo/encoding";import{constantTimeEqual as $r}from"oslo/crypto";var V={N:16384,r:16,p:1,dkLen:64};function vt(e,t){return c(this,null,function*(){return yield new Promise((n,o)=>{Dr(e.normalize("NFKC"),t,V.dkLen,{N:V.N,p:V.p,r:V.r,maxmem:128*V.N*V.r*2},(r,s)=>r?o(r):n(s))})})}var It=e=>c(void 0,null,function*(){let t=Pt(crypto.getRandomValues(new Uint8Array(16))),n=yield vt(e,t);return`${t}:${Pt(n)}`}),St=(e,t)=>c(void 0,null,function*(){let[n,o]=e.split(":"),r=yield vt(t,n);return $r(r,Nr(o))});import{alphabet as Fr,generateRandomString as Vr}from"oslo/crypto";var Ot=(e,t)=>{var i;let n=((i=t.session)==null?void 0:i.expiresIn)||604800,o=D(t),r=t.databaseHooks;function s(a,d){return c(this,null,function*(){var u,m,f,h;let p=a;if((m=(u=r==null?void 0:r[d])==null?void 0:u.create)!=null&&m.before){let y=yield r[d].create.before(a);if(y===!1)return null;p=typeof y=="object"?y.data:y}let l=yield e.create({model:d,data:a});return(h=(f=r==null?void 0:r[d])==null?void 0:f.create)!=null&&h.after&&l&&(yield r[d].create.after(l)),l})}return{createOAuthUser:(a,d)=>c(void 0,null,function*(){try{let p=yield s(a,"user"),l=yield s(d,"account");return{user:p,account:l}}catch(p){return console.log(p),null}}),createUser:a=>c(void 0,null,function*(){return yield s(a,"user")}),createSession:(a,d,p)=>c(void 0,null,function*(){let l=d instanceof Request?d.headers:d,u={id:Vr(32,Fr("a-z","0-9","A-Z")),userId:a,expiresAt:p?H(1e3*60*60*24):H(n,!0),ipAddress:(l==null?void 0:l.get("x-forwarded-for"))||"",userAgent:(l==null?void 0:l.get("user-agent"))||""};return yield s(u,"session")}),findSession:a=>c(void 0,null,function*(){let d=yield e.findOne({model:o.session.tableName,where:[{value:a,field:"id"}]});if(!d)return null;let p=yield e.findOne({model:o.user.tableName,where:[{value:d.userId,field:"id"}]});return p?{session:d,user:p}:null}),updateSession:(a,d)=>c(void 0,null,function*(){var l,u,m,f;if((u=(l=r==null?void 0:r.session)==null?void 0:l.update)!=null&&u.before){let h=yield r.session.update.before(d);if(h===!1)return null;d=typeof h=="object"?h.data:h}let p=yield e.update({model:o.session.tableName,where:[{field:"id",value:a}],update:d});return(f=(m=r==null?void 0:r.session)==null?void 0:m.update)!=null&&f.after&&p&&(yield r.session.update.after(p)),p}),deleteSession:a=>c(void 0,null,function*(){return yield e.delete({model:o.session.tableName,where:[{field:"id",value:a}]})}),deleteSessions:a=>c(void 0,null,function*(){return yield e.delete({model:o.session.tableName,where:[{field:"userId",value:a}]})}),findUserByEmail:a=>c(void 0,null,function*(){let d=yield e.findOne({model:o.user.tableName,where:[{value:a.toLowerCase(),field:"email"}]});if(!d)return null;let p=yield e.findMany({model:o.account.tableName,where:[{value:d.id,field:"userId"}]});return{user:d,accounts:p}}),findUserById:a=>c(void 0,null,function*(){return yield e.findOne({model:o.user.tableName,where:[{field:"id",value:a}]})}),linkAccount:a=>c(void 0,null,function*(){return yield s(a,"account")}),updateUserByEmail:(a,d)=>c(void 0,null,function*(){var l,u,m,f;if((u=(l=r==null?void 0:r.user)==null?void 0:l.update)!=null&&u.before){let h=yield r.user.update.before(d);if(h===!1)return null;d=typeof h=="object"?h.data:h}let p=yield e.update({model:o.user.tableName,where:[{value:a,field:"email"}],update:d});return(f=(m=r==null?void 0:r.user)==null?void 0:m.update)!=null&&f.after&&p&&(yield r.user.update.after(p)),p}),updatePassword:(a,d)=>c(void 0,null,function*(){return yield e.update({model:o.account.tableName,where:[{value:a,field:"userId"},{field:"providerId",value:"credential"}],update:{password:d}})}),findAccounts:a=>c(void 0,null,function*(){return yield e.findMany({model:o.account.tableName,where:[{field:"userId",value:a}]})}),updateAccount:(a,d)=>c(void 0,null,function*(){var l,u,m,f;if((u=(l=r==null?void 0:r.account)==null?void 0:l.update)!=null&&u.before){let h=yield r.account.update.before(d);if(h===!1)return null;d=typeof h=="object"?h.data:h}let p=yield e.update({model:o.account.tableName,where:[{field:"id",value:a}],update:d});return(f=(m=r==null?void 0:r.account)==null?void 0:m.update)!=null&&f.after&&p&&(yield r.account.update.after(p)),p})}};var Lt="better-auth-secret-123456789";var Et=e=>({id:"cross-subdomain-cookies",onResponse(n,o){return c(this,null,function*(){let r=n.headers.get("set-cookie");if(!r)return;let s=o.baseURL,i=r.split(";"),a=(e==null?void 0:e.domainName)||new URL(s).hostname,d=o.authCookies,p=[d.sessionToken.name,d.csrfToken.name,d.dontRememberToken.name];if(!p.some(u=>r.includes(u)))return;let l=i.map(u=>{if(!p.some(f=>u.toLowerCase().includes(f.toLowerCase())))return u;let m=u.trim();return m.toLowerCase().startsWith("domain=")?`Domain=${a}`:m.toLowerCase().includes("domain=")?m:`${m}; Domain=${a}`}).filter((u,m,f)=>m===f.findIndex(h=>h.split(";")[0]===u.split(";")[0])).join("; ");return n.headers.set("set-cookie",l),{response:n}})}});var Ct=e=>{var m,f,h,y,b,w,k,v,I,ne,be,we,Ae,ke;let{options:t,context:n}=zr(e),o=t.plugins||[],r=Mr(t),s=Ut(t),i=F(t),a=X(t.baseURL,t.basePath)||"",d=t.secret||process.env.BETTER_AUTH_SECRET||process.env.AUTH_SECRET||Lt,p=Ve(t),l=D(t),u=Object.keys(t.socialProviders||{}).map(z=>{var Re;let K=(Re=t.socialProviders)==null?void 0:Re[z];return K.enabled===!1?null:((!K.clientId||!K.clientSecret)&&P.warn(`Social provider ${z} is missing clientId or clientSecret`),de[z](K))}).filter(z=>z!==null);return g({appName:t.appName||"Better Auth",socialProviders:u,options:T(g({},t),{baseURL:a?new URL(a).origin:"",basePath:t.basePath||"/api/auth",plugins:o.concat(r)}),tables:l,baseURL:a,sessionConfig:{updateAge:((m=t.session)==null?void 0:m.updateAge)||24*60*60,expiresIn:((f=t.session)==null?void 0:f.expiresIn)||60*60*24*7},secret:d,rateLimit:T(g({},t.rateLimit),{enabled:(y=(h=t.rateLimit)==null?void 0:h.enabled)!=null?y:process.env.NODE_ENV!=="development",window:((b=t.rateLimit)==null?void 0:b.window)||60,max:((w=t.rateLimit)==null?void 0:w.max)||100,storage:((k=t.rateLimit)==null?void 0:k.storage)||"memory"}),authCookies:p,logger:ae({disabled:((v=t.logger)==null?void 0:v.disabled)||!1}),db:i,password:{hash:((ne=(I=t.emailAndPassword)==null?void 0:I.password)==null?void 0:ne.hash)||It,verify:((we=(be=t.emailAndPassword)==null?void 0:be.password)==null?void 0:we.verify)||St,config:{minPasswordLength:((Ae=t.emailAndPassword)==null?void 0:Ae.minPasswordLength)||8,maxPasswordLength:((ke=t.emailAndPassword)==null?void 0:ke.maxPasswordLength)||128}},adapter:s,internalAdapter:Ot(s,t),createAuthCookie:ze(t)},n)};function zr(e){let t=e.plugins||[],n={};for(let i of t)if(i.init){let a=i.init(e);typeof a=="object"&&(a.options&&(e=g(g({},e),a.options)),n=g({},a))}let s=n,{options:o}=s,r=J(s,["options"]);return{options:e,context:r}}function Mr(e){var n,o;let t=[];return(o=(n=e.advanced)==null?void 0:n.crossSubDomainCookies)!=null&&o.enabled&&t.push(Et({eligibleCookies:e.advanced.crossSubDomainCookies.eligibleCookies})),t}var Dd=e=>{let t=Ct(e),{api:n}=ye(t,e);return{handler:o=>c(void 0,null,function*(){let r=t.options.basePath,s=new URL(o.url);if(!t.options.baseURL){let a=`${s.origin}/api/auth`;t.options.baseURL=a,t.baseURL=a}if(!t.options.baseURL)return new Response("Base URL not set",{status:400});if(s.pathname===r||s.pathname===`${r}/`)return new Response("Welcome to BetterAuth",{status:200});let{handler:i}=yt(t,e);return i(o)}),api:n,options:t.options,$Infer:{}}};export{Dd as betterAuth};
|
|
84
|
+
`)})}return{toBeCreated:s,toBeAdded:i,runMigrations:u,compileMigrations:l}})}function re(e){if(!e)return{and:null,or:null};let t=e==null?void 0:e.filter(o=>o.connector==="AND"||!o.connector).reduce((o,r)=>T(h({},o),{[r.field]:r.value}),{}),n=e==null?void 0:e.filter(o=>o.connector==="OR").reduce((o,r)=>T(h({},o),{[r.field]:r.value}),{});return{and:Object.keys(t).length?t:null,or:Object.keys(n).length?n:null}}function oe(e,t,n){var o,r,s;for(let i in e)e[i]===0&&((o=t[i])==null?void 0:o.type)==="boolean"&&(n!=null&&n.boolean)&&(e[i]=!1),e[i]===1&&((r=t[i])==null?void 0:r.type)==="boolean"&&(n!=null&&n.boolean)&&(e[i]=!0),((s=t[i])==null?void 0:s.type)==="date"&&(e[i]instanceof Date||(e[i]=new Date(e[i])));return e}function Rt(e,t){for(let n in e)typeof e[n]=="boolean"&&(t!=null&&t.boolean)&&(e[n]=e[n]?1:0),e[n]instanceof Date&&(e[n]=e[n].toISOString());return e}var Tt=(e,t)=>({id:"kysely",create(o){return c(this,null,function*(){let{model:r,data:s,select:i}=o;t!=null&&t.transform&&(s=Rt(s,t.transform));let a=yield e.insertInto(r).values(s).returningAll().executeTakeFirst();if(t!=null&&t.transform){let d=t.transform.schema[r];a=d?oe(s,d,t.transform):a}return i!=null&&i.length&&(a=a?i.reduce((u,l)=>a!=null&&a[l]?T(h({},u),{[l]:a[l]}):u,{}):null),a})},findOne(o){return c(this,null,function*(){let{model:r,where:s,select:i}=o,{and:a,or:d}=re(s),u=e.selectFrom(r).selectAll();d&&(u=u.where(p=>p.or(d))),a&&(u=u.where(p=>p.and(a)));let l=yield u.executeTakeFirst();if(i!=null&&i.length&&(l=l?i.reduce((m,f)=>l!=null&&l[f]?T(h({},m),{[f]:l[f]}):m,{}):null),t!=null&&t.transform){let p=t.transform.schema[r];return l=l&&p?oe(l,p,t.transform):l,l||null}return l||null})},findMany(o){return c(this,null,function*(){let{model:r,where:s}=o,i=e.selectFrom(r),{and:a,or:d}=re(s);a&&(i=i.where(l=>l.and(a))),d&&(i=i.where(l=>l.or(d)));let u=yield i.selectAll().execute();if(t!=null&&t.transform){let l=t.transform.schema[r];return l?u.map(p=>oe(p,l,t.transform)):u}return u})},update(o){return c(this,null,function*(){let{model:r,where:s,update:i}=o,{and:a,or:d}=re(s);t!=null&&t.transform&&(i=Rt(i,t.transform));let u=e.updateTable(r).set(i);a&&(u=u.where(p=>p.and(a))),d&&(u=u.where(p=>p.or(d)));let l=(yield u.returningAll().executeTakeFirst())||null;if(t!=null&&t.transform){let p=t.transform.schema[r];return p?oe(l,p,t.transform):l}return l})},delete(o){return c(this,null,function*(){let{model:r,where:s}=o,{and:i,or:a}=re(s),d=e.deleteFrom(r);i&&(d=d.where(u=>u.and(i))),a&&(d=d.where(u=>u.or(a))),yield d.execute()})},createSchema(o){return c(this,null,function*(){let{compileMigrations:r}=yield kt(o);return console.log(r),{code:yield r(),fileName:`./better-auth_migrations/${new Date().toISOString()}.sql`}})}});function xt(e){return c(this,null,function*(){if(!e.database)throw new U("Database configuration is required");if("create"in e.database)return e.database;let t=yield F(e);if(!t)throw new U("Failed to initialize database adapter");let n=D(e),o={};for(let r of Object.values(n))o[r.tableName]=r.fields;return Tt(t,{transform:{schema:o,date:!0,boolean:te(e)==="sqlite"}})})}import{scrypt as jr}from"node:crypto";import{decodeHex as Dr,encodeHex as Pt}from"oslo/encoding";import{constantTimeEqual as Nr}from"oslo/crypto";var V={N:16384,r:16,p:1,dkLen:64};function Ut(e,t){return c(this,null,function*(){return yield new Promise((n,o)=>{jr(e.normalize("NFKC"),t,V.dkLen,{N:V.N,p:V.p,r:V.r,maxmem:128*V.N*V.r*2},(r,s)=>r?o(r):n(s))})})}var vt=e=>c(void 0,null,function*(){let t=Pt(crypto.getRandomValues(new Uint8Array(16))),n=yield Ut(e,t);return`${t}:${Pt(n)}`}),It=(e,t)=>c(void 0,null,function*(){let[n,o]=e.split(":"),r=yield Ut(t,n);return Nr(r,Dr(o))});import{alphabet as $r,generateRandomString as Fr}from"oslo/crypto";var St=(e,t)=>{var i;let n=((i=t.session)==null?void 0:i.expiresIn)||604800,o=D(t),r=t.databaseHooks;function s(a,d){return c(this,null,function*(){var p,m,f,g;let u=a;if((m=(p=r==null?void 0:r[d])==null?void 0:p.create)!=null&&m.before){let y=yield r[d].create.before(a);if(y===!1)return null;u=typeof y=="object"?y.data:y}let l=yield e.create({model:d,data:a});return(g=(f=r==null?void 0:r[d])==null?void 0:f.create)!=null&&g.after&&l&&(yield r[d].create.after(l)),l})}return{createOAuthUser:(a,d)=>c(void 0,null,function*(){try{let u=yield s(a,"user"),l=yield s(d,"account");return{user:u,account:l}}catch(u){return console.log(u),null}}),createUser:a=>c(void 0,null,function*(){return yield s(a,"user")}),createSession:(a,d,u)=>c(void 0,null,function*(){let l=d instanceof Request?d.headers:d,p={id:Fr(32,$r("a-z","0-9","A-Z")),userId:a,expiresAt:u?H(1e3*60*60*24):H(n,!0),ipAddress:(l==null?void 0:l.get("x-forwarded-for"))||"",userAgent:(l==null?void 0:l.get("user-agent"))||""};return yield s(p,"session")}),findSession:a=>c(void 0,null,function*(){let d=yield e.findOne({model:o.session.tableName,where:[{value:a,field:"id"}]});if(!d)return null;let u=yield e.findOne({model:o.user.tableName,where:[{value:d.userId,field:"id"}]});return u?{session:d,user:u}:null}),updateSession:(a,d)=>c(void 0,null,function*(){var l,p,m,f;if((p=(l=r==null?void 0:r.session)==null?void 0:l.update)!=null&&p.before){let g=yield r.session.update.before(d);if(g===!1)return null;d=typeof g=="object"?g.data:g}let u=yield e.update({model:o.session.tableName,where:[{field:"id",value:a}],update:d});return(f=(m=r==null?void 0:r.session)==null?void 0:m.update)!=null&&f.after&&u&&(yield r.session.update.after(u)),u}),deleteSession:a=>c(void 0,null,function*(){return yield e.delete({model:o.session.tableName,where:[{field:"id",value:a}]})}),deleteSessions:a=>c(void 0,null,function*(){return yield e.delete({model:o.session.tableName,where:[{field:"userId",value:a}]})}),findUserByEmail:a=>c(void 0,null,function*(){let d=yield e.findOne({model:o.user.tableName,where:[{value:a.toLowerCase(),field:"email"}]});if(!d)return null;let u=yield e.findMany({model:o.account.tableName,where:[{value:d.id,field:"userId"}]});return{user:d,accounts:u}}),findUserById:a=>c(void 0,null,function*(){return yield e.findOne({model:o.user.tableName,where:[{field:"id",value:a}]})}),linkAccount:a=>c(void 0,null,function*(){return yield s(a,"account")}),updateUserByEmail:(a,d)=>c(void 0,null,function*(){var l,p,m,f;if((p=(l=r==null?void 0:r.user)==null?void 0:l.update)!=null&&p.before){let g=yield r.user.update.before(d);if(g===!1)return null;d=typeof g=="object"?g.data:g}let u=yield e.update({model:o.user.tableName,where:[{value:a,field:"email"}],update:d});return(f=(m=r==null?void 0:r.user)==null?void 0:m.update)!=null&&f.after&&u&&(yield r.user.update.after(u)),u}),updatePassword:(a,d)=>c(void 0,null,function*(){return yield e.update({model:o.account.tableName,where:[{value:a,field:"userId"},{field:"providerId",value:"credential"}],update:{password:d}})}),findAccounts:a=>c(void 0,null,function*(){return yield e.findMany({model:o.account.tableName,where:[{field:"userId",value:a}]})}),updateAccount:(a,d)=>c(void 0,null,function*(){var l,p,m,f;if((p=(l=r==null?void 0:r.account)==null?void 0:l.update)!=null&&p.before){let g=yield r.account.update.before(d);if(g===!1)return null;d=typeof g=="object"?g.data:g}let u=yield e.update({model:o.account.tableName,where:[{field:"id",value:a}],update:d});return(f=(m=r==null?void 0:r.account)==null?void 0:m.update)!=null&&f.after&&u&&(yield r.account.update.after(u)),u})}};var Ot="better-auth-secret-123456789";var Lt=e=>({id:"cross-subdomain-cookies",onResponse(n,o){return c(this,null,function*(){let r=n.headers.get("set-cookie");if(!r)return;let s=o.baseURL,i=r.split(";"),a=(e==null?void 0:e.domainName)||new URL(s).hostname,d=o.authCookies,u=[d.sessionToken.name,d.csrfToken.name,d.dontRememberToken.name];if(!u.some(p=>r.includes(p)))return;let l=i.map(p=>{if(!u.some(f=>p.toLowerCase().includes(f.toLowerCase())))return p;let m=p.trim();return m.toLowerCase().startsWith("domain=")?`Domain=${a}`:m.toLowerCase().includes("domain=")?m:`${m}; Domain=${a}`}).filter((p,m,f)=>m===f.findIndex(g=>g.split(";")[0]===p.split(";")[0])).join("; ");return n.headers.set("set-cookie",l),{response:n}})}});var Et=e=>c(void 0,null,function*(){var m,f,g,y,b,w,k,L,P,ne,ye,be,we,Ae;let{options:t,context:n}=Vr(e),o=t.plugins||[],r=zr(t),s=yield xt(t),i=yield F(t),a=X(t.baseURL,t.basePath)||"",d=t.secret||process.env.BETTER_AUTH_SECRET||process.env.AUTH_SECRET||Ot,u=Fe(t),l=D(t),p=Object.keys(t.socialProviders||{}).map(z=>{var ke;let K=(ke=t.socialProviders)==null?void 0:ke[z];return K.enabled===!1?null:((!K.clientId||!K.clientSecret)&&I.warn(`Social provider ${z} is missing clientId or clientSecret`),ae[z](K))}).filter(z=>z!==null);return h({appName:t.appName||"Better Auth",socialProviders:p,options:T(h({},t),{baseURL:a?new URL(a).origin:"",basePath:t.basePath||"/api/auth",plugins:o.concat(r)}),tables:l,baseURL:a,sessionConfig:{updateAge:((m=t.session)==null?void 0:m.updateAge)||24*60*60,expiresIn:((f=t.session)==null?void 0:f.expiresIn)||60*60*24*7},secret:d,rateLimit:T(h({},t.rateLimit),{enabled:(y=(g=t.rateLimit)==null?void 0:g.enabled)!=null?y:process.env.NODE_ENV!=="development",window:((b=t.rateLimit)==null?void 0:b.window)||60,max:((w=t.rateLimit)==null?void 0:w.max)||100,storage:((k=t.rateLimit)==null?void 0:k.storage)||"memory"}),authCookies:u,logger:ie({disabled:((L=t.logger)==null?void 0:L.disabled)||!1}),db:i,password:{hash:((ne=(P=t.emailAndPassword)==null?void 0:P.password)==null?void 0:ne.hash)||vt,verify:((be=(ye=t.emailAndPassword)==null?void 0:ye.password)==null?void 0:be.verify)||It,config:{minPasswordLength:((we=t.emailAndPassword)==null?void 0:we.minPasswordLength)||8,maxPasswordLength:((Ae=t.emailAndPassword)==null?void 0:Ae.maxPasswordLength)||128}},adapter:s,internalAdapter:St(s,t),createAuthCookie:Ve(t)},n)});function Vr(e){let t=e.plugins||[],n={};for(let i of t)if(i.init){let a=i.init(e);typeof a=="object"&&(a.options&&(e=h(h({},e),a.options)),n=h({},a))}let s=n,{options:o}=s,r=J(s,["options"]);return{options:e,context:r}}function zr(e){var n,o;let t=[];return(o=(n=e.advanced)==null?void 0:n.crossSubDomainCookies)!=null&&o.enabled&&t.push(Lt({eligibleCookies:e.advanced.crossSubDomainCookies.eligibleCookies})),t}var Nd=e=>{let t=Et(e),{api:n}=he(t,e);return{handler:o=>c(void 0,null,function*(){let r=yield t,s=r.options.basePath,i=new URL(o.url);if(!r.options.baseURL){let d=`${i.origin}/api/auth`;r.options.baseURL=d,r.baseURL=d}if(!r.options.baseURL)return new Response("Base URL not set",{status:400});if(i.pathname===s||i.pathname===`${s}/`)return new Response("Welcome to BetterAuth",{status:200});let{handler:a}=ht(r,e);return a(o)}),api:n,options:e,$Infer:{}}};export{Nd as betterAuth};
|
package/dist/next-js.d.ts
CHANGED
package/dist/node.d.ts
CHANGED
package/dist/plugins.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
export { O as OrganizationOptions, b as Passkey, P as PasskeyOptions, W as WebAuthnCookieType, g as getPasskeyActions, m as magicLink, o as organization, p as passkey, c as passkeyClient, t as twoFactor, a as twoFactorClient, u as username } from './index-
|
|
1
|
+
export { O as OrganizationOptions, b as Passkey, P as PasskeyOptions, W as WebAuthnCookieType, g as getPasskeyActions, m as magicLink, o as organization, p as passkey, c as passkeyClient, t as twoFactor, a as twoFactorClient, u as username } from './index-CmzUOocy.js';
|
|
2
2
|
export { i as ac } from './index-D6NOkCRo.js';
|
|
3
|
-
import { H as HookEndpointContext } from './index-
|
|
4
|
-
export { A as AuthEndpoint, b as AuthMiddleware, B as BetterAuthPlugin, P as PluginSchema, a as createAuthEndpoint, c as createAuthMiddleware, o as optionsMiddleware } from './index-
|
|
3
|
+
import { H as HookEndpointContext } from './index-gO-yM4kI.js';
|
|
4
|
+
export { A as AuthEndpoint, b as AuthMiddleware, B as BetterAuthPlugin, P as PluginSchema, a as createAuthEndpoint, c as createAuthMiddleware, o as optionsMiddleware } from './index-gO-yM4kI.js';
|
|
5
5
|
export { H as HIDE_METADATA } from './hide-metadata-DEHJp1rk.js';
|
|
6
6
|
import './index-CE92ti2Z.js';
|
|
7
7
|
import 'arctic';
|
package/dist/react.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
2
|
-
import { B as BetterAuthPlugin, F as FieldAttribute, I as InferFieldOutput } from './index-
|
|
2
|
+
import { B as BetterAuthPlugin, F as FieldAttribute, I as InferFieldOutput } from './index-gO-yM4kI.js';
|
|
3
3
|
import { U as UnionToIntersection, P as Prettify } from './helper-C1ihmerM.js';
|
|
4
4
|
import { ClientOptions, InferClientAPI, InferActions, BetterAuthClientPlugin, IsSignal } from './types.js';
|
|
5
5
|
import { useStore } from '@nanostores/react';
|
package/dist/solid-start.d.ts
CHANGED
package/dist/solid.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
2
|
-
import { B as BetterAuthPlugin, F as FieldAttribute, I as InferFieldOutput } from './index-
|
|
2
|
+
import { B as BetterAuthPlugin, F as FieldAttribute, I as InferFieldOutput } from './index-gO-yM4kI.js';
|
|
3
3
|
import { U as UnionToIntersection, P as Prettify } from './helper-C1ihmerM.js';
|
|
4
4
|
import { ClientOptions, InferClientAPI, InferActions, BetterAuthClientPlugin, IsSignal } from './types.js';
|
|
5
5
|
import { Accessor } from 'solid-js';
|
package/dist/svelte-kit.d.ts
CHANGED
package/dist/svelte.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import * as nanostores from 'nanostores';
|
|
2
2
|
import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
3
|
-
import { B as BetterAuthPlugin, F as FieldAttribute, I as InferFieldOutput } from './index-
|
|
3
|
+
import { B as BetterAuthPlugin, F as FieldAttribute, I as InferFieldOutput } from './index-gO-yM4kI.js';
|
|
4
4
|
import { U as UnionToIntersection, P as Prettify } from './helper-C1ihmerM.js';
|
|
5
5
|
import { ClientOptions, InferClientAPI, InferActions, BetterAuthClientPlugin, IsSignal } from './types.js';
|
|
6
6
|
import 'kysely';
|
package/dist/types.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { B as BetterAuthPlugin, d as Auth, n as InferSession, q as InferUser } from './index-
|
|
2
|
-
export { f as Adapter, g as AuthContext, e as BetterAuthOptions, G as GenericEndpointContext, H as HookEndpointContext, r as InferPluginTypes, P as PluginSchema, R as RateLimit, S as SessionAdapter, W as Where, t as init } from './index-
|
|
1
|
+
import { B as BetterAuthPlugin, d as Auth, n as InferSession, q as InferUser } from './index-gO-yM4kI.js';
|
|
2
|
+
export { f as Adapter, g as AuthContext, e as BetterAuthOptions, G as GenericEndpointContext, H as HookEndpointContext, r as InferPluginTypes, P as PluginSchema, R as RateLimit, S as SessionAdapter, W as Where, t as init } from './index-gO-yM4kI.js';
|
|
3
3
|
import { U as UnionToIntersection, H as HasRequiredKeys, P as Prettify, L as LiteralString } from './helper-C1ihmerM.js';
|
|
4
4
|
export { a as LiteralUnion, R as RequiredKeysOf, W as WithoutEmpty } from './helper-C1ihmerM.js';
|
|
5
5
|
export { O as OAuthProvider, f as OAuthProviderList, P as ProviderOptions, S as Session, U as User } from './index-CE92ti2Z.js';
|
package/dist/utils.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { g as AuthContext, G as GenericEndpointContext } from './index-
|
|
2
|
-
export { j as BetterAuthCookies, i as createCookieGetter, l as createLogger, k as deleteSessionCookie, h as getCookies, m as logger, p as parseSetCookieHeader, s as setSessionCookie } from './index-
|
|
1
|
+
import { g as AuthContext, G as GenericEndpointContext } from './index-gO-yM4kI.js';
|
|
2
|
+
export { j as BetterAuthCookies, i as createCookieGetter, l as createLogger, k as deleteSessionCookie, h as getCookies, m as logger, p as parseSetCookieHeader, s as setSessionCookie } from './index-gO-yM4kI.js';
|
|
3
3
|
export { H as HIDE_METADATA } from './hide-metadata-DEHJp1rk.js';
|
|
4
4
|
import { z } from 'zod';
|
|
5
5
|
import 'kysely';
|
package/dist/vue.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
2
|
-
import { B as BetterAuthPlugin, F as FieldAttribute, I as InferFieldOutput } from './index-
|
|
2
|
+
import { B as BetterAuthPlugin, F as FieldAttribute, I as InferFieldOutput } from './index-gO-yM4kI.js';
|
|
3
3
|
import { U as UnionToIntersection, P as Prettify } from './helper-C1ihmerM.js';
|
|
4
4
|
import { ClientOptions, InferClientAPI, InferActions, BetterAuthClientPlugin, IsSignal } from './types.js';
|
|
5
5
|
import { Ref, DeepReadonly } from 'vue';
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "better-auth",
|
|
3
|
-
"version": "0.2.3-beta.
|
|
3
|
+
"version": "0.2.3-beta.5",
|
|
4
4
|
"description": "The most comprehensive authentication library for TypeScript.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -56,7 +56,6 @@
|
|
|
56
56
|
"mysql2": "^3.11.0",
|
|
57
57
|
"next": "^14.2.8",
|
|
58
58
|
"pg": "^8.12.0",
|
|
59
|
-
"prettier": "^3.3.3",
|
|
60
59
|
"prisma": "^5.19.1",
|
|
61
60
|
"react": "^18.3.1",
|
|
62
61
|
"solid-js": "^1.8.18",
|
|
@@ -76,6 +75,7 @@
|
|
|
76
75
|
"@nanostores/solid": "^0.4.2",
|
|
77
76
|
"@nanostores/vue": "^0.10.0",
|
|
78
77
|
"@noble/ciphers": "^0.6.0",
|
|
78
|
+
"prettier": "^3.3.3",
|
|
79
79
|
"@noble/hashes": "^1.4.0",
|
|
80
80
|
"@oslojs/encoding": "^1.0.0",
|
|
81
81
|
"@paralleldrive/cuid2": "^2.2.2",
|