better-auth 0.2.3-beta.8 → 0.2.4

package/dist/utils.js

@@ -1,2 +1,453 @@
-var R=(e,o)=>{let t={};for(let[n,r]of Object.entries(e))t[n]=s=>r({...s,context:{...o,...s.context}}),t[n].path=r.path,t[n].method=r.method,t[n].options=r.options,t[n].headers=r.headers;return t},U=(e,o)=>async t=>{for(let s of e.options.plugins||[])if(s.hooks?.before){for(let i of s.hooks.before)if(i.matcher({...t,...o})){let a=await i.handler(t);a&&"context"in a&&(t={...t,...a.context,...o})}}let n=o({...t,context:{...e,...t.context}}),r=n;for(let s of e.options.plugins||[])if(s.hooks?.after){for(let i of s.hooks.after)if(i.matcher(t)){let a=Object.assign(t,{returned:n}),p=await i.handler(a);p&&"response"in p&&(r=p.response)}}return r};var f=class extends Error{constructor(o,t,n){super(o),this.name="BetterAuthError",this.message=o,this.cause=t}};function y(e){try{return new URL(e).pathname!=="/"}catch{throw new f(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function l(e,o="/api/auth"){return y(e)?e:(o=o.startsWith("/")?o:`/${o}`,`${e}${o}`)}function P(e,o){if(e)return l(e,o);let t=process?.env||{},n=t.BETTER_AUTH_URL||t.NEXT_PUBLIC_BETTER_AUTH_URL||t.PUBLIC_BETTER_AUTH_URL||t.NUXT_PUBLIC_BETTER_AUTH_URL||t.NUXT_PUBLIC_AUTH_URL||(t.BASE_URL!=="/"?t.BASE_URL:void 0);if(n)return l(n,o);if(typeof window<"u")return l(window.location.origin,o)}var g=(e,o)=>{for(let t in e){if(!e.hasOwnProperty(t))continue;let n=e[t];typeof n=="object"&&n!==null?o[t]=g(n,n.constructor()):o[t]=n}return o},m=e=>g(e,e.constructor());import{TimeSpan as C}from"oslo";function I(e){let t=!!e.advanced?.useSecureCookies||process.env.NODE_ENV!=="development"&&process.env.NODE_ENV!=="test"?"__Secure-":"",n="better-auth",r=new C(7,"d").seconds();return{sessionToken:{name:`${t}${n}.session_token`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!t,maxAge:r}},csrfToken:{name:`${t?"__Host-":""}${n}.csrf_token`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!t,maxAge:60*60*24*7}},state:{name:`${t}${n}.state`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!t,maxAge:60*15}},pkCodeVerifier:{name:`${t}${n}.pk_code_verifier`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!t,maxAge:60*15}},dontRememberToken:{name:`${t}${n}.dont_remember`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!t}},nonce:{name:`${t}${n}.nonce`,options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!!t,maxAge:60*15}}}}function D(e){let t=!!e.advanced?.useSecureCookies||process.env.NODE_ENV==="production"?"__Secure-":"",n="better-auth";function r(s,i){return{name:process.env.NODE_ENV==="production"?`${t}${n}.${s}`:`${n}.${s}`,options:{secure:!!t,sameSite:"lax",path:"/",maxAge:60*15,...i}}}return r}async function H(e,o,t,n){let r=e.context.authCookies.sessionToken.options;r.maxAge=t?void 0:r.maxAge,await e.setSignedCookie(e.context.authCookies.sessionToken.name,o,e.context.secret,r),t&&await e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options)}function V(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}function j(e){let o=new Map;return e.split(", ").forEach(n=>{let[r,...s]=n.split("; "),[i,d]=r.split("="),a={value:d};s.forEach(p=>{let[k,x]=p.split("=");a[k.toLowerCase()]=x||!0}),o.set(i,a)}),o}var M=(e,o=!1)=>{let t=new Date;return new Date(t.getTime()+(o?e*1e3:e))};function X(e){let o="127.0.0.1";if(process.env.NODE_ENV==="test")return o;let t=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"];for(let n of t){let r=e.headers.get(n);if(typeof r=="string"){let s=r.split(",")[0].trim();if(s)return s}}return null}var q={isAction:!1};import{alphabet as b,generateRandomString as A}from"oslo/crypto";var K=()=>A(36,b("a-z","0-9"));import{createConsola as _}from"consola";var c=_({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),w=e=>({log:(...o)=>{!e?.disabled&&c.log("",...o)},error:(...o)=>{!e?.disabled&&c.error("",...o)},warn:(...o)=>{!e?.disabled&&c.warn("",...o)},info:(...o)=>{!e?.disabled&&c.info("",...o)},debug:(...o)=>{!e?.disabled&&c.debug("",...o)},box:(...o)=>{!e?.disabled&&c.box("",...o)},success:(...o)=>{!e?.disabled&&c.success("",...o)},break:(...o)=>{!e?.disabled&&console.log(`
-`)}}),Z=w();var h=(e,o)=>{for(let t in o){if(!o.hasOwnProperty(t)||t==="constructor"||t==="prototype"||t==="__proto__")continue;let n=o[t];O(n)?(n!==void 0||!(t in e))&&(e[t]=n):!e[t]||T(n)?e[t]=m(n):e[t]=h(e[t],n)}return e},T=e=>Array.isArray(e),O=e=>{if(e===null)return!0;let o=typeof e;return o!=="object"&&o!=="function"},oe=e=>{let o=m(e[0]);for(let t=1,n=e.length;t<n;t++)h(o,e[t]);return o};function re(e){return e.charAt(0).toUpperCase()+e.slice(1)}async function ie(e,o){let n=(await e.context.internalAdapter.findAccounts(o.userId))?.find(i=>i.providerId==="credential"),r=n?.password;return!n||!r?!1:await e.context.password.verify(r,o.password)}import{generateState as E}from"oslo/oauth2";import{z as u}from"zod";function ue(e,o,t){let n=E();return{state:JSON.stringify({code:n,callbackURL:e,currentURL:o,dontRememberMe:t}),code:n}}function fe(e){return u.object({code:u.string(),callbackURL:u.string().optional(),currentURL:u.string().optional(),dontRememberMe:u.boolean().optional()}).safeParse(JSON.parse(e))}export{q as HIDE_METADATA,re as capitalizeFirstLetter,m as clone,D as createCookieGetter,w as createLogger,V as deleteSessionCookie,K as generateId,ue as generateState,P as getBaseURL,I as getCookies,M as getDate,X as getIp,Z as logger,oe as merge,j as parseSetCookieHeader,fe as parseState,H as setSessionCookie,R as shimContext,U as shimEndpoint,ie as validatePassword};
+// src/utils/shim.ts
+var shimContext = (originalObject, newContext) => {
+  const shimmedObj = {};
+  for (const [key, value] of Object.entries(originalObject)) {
+    shimmedObj[key] = (ctx) => {
+      return value({
+        ...ctx,
+        context: {
+          ...newContext,
+          ...ctx.context
+        }
+      });
+    };
+    shimmedObj[key].path = value.path;
+    shimmedObj[key].method = value.method;
+    shimmedObj[key].options = value.options;
+    shimmedObj[key].headers = value.headers;
+  }
+  return shimmedObj;
+};
+var shimEndpoint = (ctx, value) => {
+  return async (context) => {
+    for (const plugin of ctx.options.plugins || []) {
+      if (plugin.hooks?.before) {
+        for (const hook of plugin.hooks.before) {
+          const match = hook.matcher({
+            ...context,
+            ...value
+          });
+          if (match) {
+            const hookRes = await hook.handler(context);
+            if (hookRes && "context" in hookRes) {
+              context = {
+                ...context,
+                ...hookRes.context,
+                ...value
+              };
+            }
+          }
+        }
+      }
+    }
+    const endpointRes = value({
+      ...context,
+      context: {
+        ...ctx,
+        ...context.context
+      }
+    });
+    let response = endpointRes;
+    for (const plugin of ctx.options.plugins || []) {
+      if (plugin.hooks?.after) {
+        for (const hook of plugin.hooks.after) {
+          const match = hook.matcher(context);
+          if (match) {
+            const obj = Object.assign(context, {
+              returned: endpointRes
+            });
+            const hookRes = await hook.handler(obj);
+            if (hookRes && "response" in hookRes) {
+              response = hookRes.response;
+            }
+          }
+        }
+      }
+    }
+    return response;
+  };
+};
+
+// src/error/better-auth-error.ts
+var BetterAuthError = class extends Error {
+  constructor(message, cause, docsLink) {
+    super(message);
+    this.name = "BetterAuthError";
+    this.message = message;
+    this.cause = cause;
+    this.stack = "";
+  }
+};
+
+// src/utils/base-url.ts
+function checkHasPath(url) {
+  try {
+    const parsedUrl = new URL(url);
+    return parsedUrl.pathname !== "/";
+  } catch (error) {
+    throw new BetterAuthError(
+      `Invalid base URL: ${url}. Please provide a valid base URL.`
+    );
+  }
+}
+function withPath(url, path = "/api/auth") {
+  const hasPath = checkHasPath(url);
+  if (hasPath) {
+    return url;
+  }
+  path = path.startsWith("/") ? path : `/${path}`;
+  return `${url}${path}`;
+}
+function getBaseURL(url, path) {
+  if (url) {
+    return withPath(url, path);
+  }
+  const env = process?.env || {};
+  const fromEnv = env.BETTER_AUTH_URL || env.NEXT_PUBLIC_BETTER_AUTH_URL || env.PUBLIC_BETTER_AUTH_URL || env.NUXT_PUBLIC_BETTER_AUTH_URL || env.NUXT_PUBLIC_AUTH_URL || (env.BASE_URL !== "/" ? env.BASE_URL : void 0);
+  if (fromEnv) {
+    return withPath(fromEnv, path);
+  }
+  if (typeof window !== "undefined") {
+    return withPath(window.location.origin, path);
+  }
+  return void 0;
+}
+
+// src/utils/clone.ts
+var cloneBase = (object, base) => {
+  for (const key in object) {
+    if (!object.hasOwnProperty(key)) continue;
+    const value = object[key];
+    if (typeof value === "object" && value !== null) {
+      base[key] = cloneBase(value, value.constructor());
+    } else {
+      base[key] = value;
+    }
+  }
+  return base;
+};
+var clone = (object) => {
+  return cloneBase(object, object.constructor());
+};
+
+// src/utils/cookies.ts
+import { TimeSpan } from "oslo";
+function getCookies(options) {
+  const secure = !!options.advanced?.useSecureCookies || process.env.NODE_ENV !== "development" && process.env.NODE_ENV !== "test";
+  const secureCookiePrefix = secure ? "__Secure-" : "";
+  const cookiePrefix = "better-auth";
+  const sessionMaxAge = new TimeSpan(7, "d").seconds();
+  return {
+    sessionToken: {
+      name: `${secureCookiePrefix}${cookiePrefix}.session_token`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: !!secureCookiePrefix,
+        maxAge: sessionMaxAge
+      }
+    },
+    csrfToken: {
+      name: `${secureCookiePrefix ? "__Host-" : ""}${cookiePrefix}.csrf_token`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: !!secureCookiePrefix,
+        maxAge: 60 * 60 * 24 * 7
+      }
+    },
+    state: {
+      name: `${secureCookiePrefix}${cookiePrefix}.state`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: !!secureCookiePrefix,
+        maxAge: 60 * 15
+        // 15 minutes in seconds
+      }
+    },
+    pkCodeVerifier: {
+      name: `${secureCookiePrefix}${cookiePrefix}.pk_code_verifier`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: !!secureCookiePrefix,
+        maxAge: 60 * 15
+        // 15 minutes in seconds
+      }
+    },
+    dontRememberToken: {
+      name: `${secureCookiePrefix}${cookiePrefix}.dont_remember`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: !!secureCookiePrefix
+        //no max age so it expires when the browser closes
+      }
+    },
+    nonce: {
+      name: `${secureCookiePrefix}${cookiePrefix}.nonce`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: !!secureCookiePrefix,
+        maxAge: 60 * 15
+        // 15 minutes in seconds
+      }
+    }
+  };
+}
+function createCookieGetter(options) {
+  const secure = !!options.advanced?.useSecureCookies || process.env.NODE_ENV === "production";
+  const secureCookiePrefix = secure ? "__Secure-" : "";
+  const cookiePrefix = "better-auth";
+  function getCookie(cookieName, options2) {
+    return {
+      name: process.env.NODE_ENV === "production" ? `${secureCookiePrefix}${cookiePrefix}.${cookieName}` : `${cookiePrefix}.${cookieName}`,
+      options: {
+        secure: !!secureCookiePrefix,
+        sameSite: "lax",
+        path: "/",
+        maxAge: 60 * 15,
+        // 15 minutes in seconds
+        ...options2
+      }
+    };
+  }
+  return getCookie;
+}
+async function setSessionCookie(ctx, sessionToken, dontRememberMe, overrides) {
+  const options = ctx.context.authCookies.sessionToken.options;
+  options.maxAge = dontRememberMe ? void 0 : options.maxAge;
+  await ctx.setSignedCookie(
+    ctx.context.authCookies.sessionToken.name,
+    sessionToken,
+    ctx.context.secret,
+    options
+  );
+  if (dontRememberMe) {
+    await ctx.setSignedCookie(
+      ctx.context.authCookies.dontRememberToken.name,
+      "true",
+      ctx.context.secret,
+      ctx.context.authCookies.dontRememberToken.options
+    );
+  }
+}
+function deleteSessionCookie(ctx) {
+  ctx.setCookie(ctx.context.authCookies.sessionToken.name, "", {
+    maxAge: 0
+  });
+  ctx.setCookie(ctx.context.authCookies.dontRememberToken.name, "", {
+    maxAge: 0
+  });
+}
+function parseSetCookieHeader(header) {
+  const cookieMap = /* @__PURE__ */ new Map();
+  const cookies = header.split(", ");
+  cookies.forEach((cookie) => {
+    const [nameValue, ...attributes] = cookie.split("; ");
+    const [name, value] = nameValue.split("=");
+    const cookieObj = { value };
+    attributes.forEach((attr) => {
+      const [attrName, attrValue] = attr.split("=");
+      cookieObj[attrName.toLowerCase()] = attrValue || true;
+    });
+    cookieMap.set(name, cookieObj);
+  });
+  return cookieMap;
+}
+
+// src/utils/date.ts
+var getDate = (span, isSeconds = false) => {
+  const date = /* @__PURE__ */ new Date();
+  return new Date(date.getTime() + (isSeconds ? span * 1e3 : span));
+};
+
+// src/utils/get-request-ip.ts
+function getIp(req) {
+  const testIP = "127.0.0.1";
+  if (process.env.NODE_ENV === "test") {
+    return testIP;
+  }
+  const headers = [
+    "x-client-ip",
+    "x-forwarded-for",
+    "cf-connecting-ip",
+    "fastly-client-ip",
+    "x-real-ip",
+    "x-cluster-client-ip",
+    "x-forwarded",
+    "forwarded-for",
+    "forwarded"
+  ];
+  for (const header of headers) {
+    const value = req.headers.get(header);
+    if (typeof value === "string") {
+      const ip = value.split(",")[0].trim();
+      if (ip) return ip;
+    }
+  }
+  return null;
+}
+
+// src/utils/hide-metadata.ts
+var HIDE_METADATA = {
+  isAction: false
+};
+
+// src/utils/id.ts
+import { alphabet, generateRandomString } from "oslo/crypto";
+var generateId = () => {
+  return generateRandomString(36, alphabet("a-z", "0-9"));
+};
+
+// src/utils/logger.ts
+import { createConsola } from "consola";
+var consola = createConsola({
+  formatOptions: {
+    date: false,
+    colors: true,
+    compact: true
+  },
+  defaults: {
+    tag: "Better Auth"
+  }
+});
+var createLogger = (options) => {
+  return {
+    log: (...args) => {
+      !options?.disabled && consola.log("", ...args);
+    },
+    error: (...args) => {
+      !options?.disabled && consola.error("", ...args);
+    },
+    warn: (...args) => {
+      !options?.disabled && consola.warn("", ...args);
+    },
+    info: (...args) => {
+      !options?.disabled && consola.info("", ...args);
+    },
+    debug: (...args) => {
+      !options?.disabled && consola.debug("", ...args);
+    },
+    box: (...args) => {
+      !options?.disabled && consola.box("", ...args);
+    },
+    success: (...args) => {
+      !options?.disabled && consola.success("", ...args);
+    },
+    break: (...args) => {
+      !options?.disabled && console.log("\n");
+    }
+  };
+};
+var logger = createLogger();
+
+// src/utils/merger.ts
+var mergeObjects = (target, source) => {
+  for (const key in source) {
+    if (!source.hasOwnProperty(key)) continue;
+    if (key === "constructor" || key === "prototype" || key === "__proto__")
+      continue;
+    const value = source[key];
+    if (isPrimitive(value)) {
+      if (value !== void 0 || !(key in target)) {
+        target[key] = value;
+      }
+    } else if (!target[key] || isArray(value)) {
+      target[key] = clone(value);
+    } else {
+      target[key] = mergeObjects(target[key], value);
+    }
+  }
+  return target;
+};
+var isArray = (value) => {
+  return Array.isArray(value);
+};
+var isPrimitive = (value) => {
+  if (value === null) return true;
+  const type = typeof value;
+  return type !== "object" && type !== "function";
+};
+var merge = (objects) => {
+  const target = clone(objects[0]);
+  for (let i = 1, l = objects.length; i < l; i++) {
+    mergeObjects(target, objects[i]);
+  }
+  return target;
+};
+
+// src/utils/misc.ts
+function capitalizeFirstLetter(str) {
+  return str.charAt(0).toUpperCase() + str.slice(1);
+}
+
+// src/utils/password.ts
+async function validatePassword(ctx, data) {
+  const accounts = await ctx.context.internalAdapter.findAccounts(data.userId);
+  const credentialAccount = accounts?.find(
+    (account) => account.providerId === "credential"
+  );
+  const currentPassword = credentialAccount?.password;
+  if (!credentialAccount || !currentPassword) {
+    return false;
+  }
+  const compare = await ctx.context.password.verify(
+    currentPassword,
+    data.password
+  );
+  return compare;
+}
+
+// src/utils/state.ts
+import { generateState as generateStateOAuth } from "oslo/oauth2";
+import { z } from "zod";
+function generateState(callbackURL, currentURL, dontRememberMe) {
+  const code = generateStateOAuth();
+  const state = JSON.stringify({
+    code,
+    callbackURL,
+    currentURL,
+    dontRememberMe
+  });
+  return { state, code };
+}
+function parseState(state) {
+  const data = z.object({
+    code: z.string(),
+    callbackURL: z.string().optional(),
+    currentURL: z.string().optional(),
+    dontRememberMe: z.boolean().optional()
+  }).safeParse(JSON.parse(state));
+  return data;
+}
+export {
+  HIDE_METADATA,
+  capitalizeFirstLetter,
+  clone,
+  createCookieGetter,
+  createLogger,
+  deleteSessionCookie,
+  generateId,
+  generateState,
+  getBaseURL,
+  getCookies,
+  getDate,
+  getIp,
+  logger,
+  merge,
+  parseSetCookieHeader,
+  parseState,
+  setSessionCookie,
+  shimContext,
+  shimEndpoint,
+  validatePassword
+};