npm - better-auth - Versions diffs - 0.4.12 → 0.4.13 - Mend

better-auth 0.4.12 → 0.4.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

package/dist/adapters/drizzle.d.ts +10 -1
package/dist/adapters/drizzle.js +1 -1
package/dist/adapters/kysely.d.ts +10 -1
package/dist/adapters/kysely.js +1 -2
package/dist/adapters/mongodb.d.ts +13 -2
package/dist/adapters/mongodb.js +1 -1
package/dist/adapters/prisma.d.ts +12 -3
package/dist/adapters/prisma.js +1 -1
package/dist/api.d.ts +1 -1
package/dist/api.js +4 -4
package/dist/{auth-BqAt6mrY.d.ts → auth-C6fr77co.d.ts} +46 -26
package/dist/client/plugins.d.ts +3 -3
package/dist/client.d.ts +1 -1
package/dist/cookies.d.ts +1 -1
package/dist/db.d.ts +3 -3
package/dist/db.js +3 -3
package/dist/{index-BN_LDD1g.d.ts → index-pILRgibH.d.ts} +1 -1
package/dist/index.d.ts +1 -1
package/dist/index.js +4 -4
package/dist/node.d.ts +1 -1
package/dist/plugins.d.ts +3 -3
package/dist/plugins.js +5 -5
package/dist/react.d.ts +1 -1
package/dist/social.js +2 -2
package/dist/solid-start.d.ts +1 -1
package/dist/solid.d.ts +1 -1
package/dist/svelte-kit.d.ts +1 -1
package/dist/svelte.d.ts +1 -1
package/dist/types.d.ts +2 -2
package/dist/vue.d.ts +1 -1
package/package.json +1 -1

package/dist/client/plugins.d.ts CHANGED Viewed

@@ -2,10 +2,10 @@ import * as nanostores from 'nanostores';
 import { A as AccessControl, S as StatementsPrimitive, R as Role } from '../statement-CfnyN34h.js';
 import * as _better_fetch_fetch from '@better-fetch/fetch';
 import { BetterFetchOption } from '@better-fetch/fetch';
-import { o as organization, k as Organization, M as Member, I as Invitation, u as username, m as magicLink, d as phoneNumber, e as anonymous, i as admin, j as genericOAuth } from '../index-BN_LDD1g.js';
-export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-BN_LDD1g.js';
+import { o as organization, k as Organization, M as Member, I as Invitation, u as username, m as magicLink, d as phoneNumber, e as anonymous, i as admin, j as genericOAuth } from '../index-pILRgibH.js';
+export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-pILRgibH.js';
 import { P as Prettify } from '../helper-DPDj8Nix.js';
-import { F as FieldAttribute, B as BetterAuthOptions, b as BetterAuthPlugin } from '../auth-BqAt6mrY.js';
+import { F as FieldAttribute, B as BetterAuthOptions, b as BetterAuthPlugin } from '../auth-C6fr77co.js';
 import 'zod';
 import '../schema-Dkt0LqYs.js';
 import 'better-call';

package/dist/client.d.ts CHANGED Viewed

@@ -6,7 +6,7 @@ import { BetterFetch, BetterFetchError, BetterFetchOption } from '@better-fetch/
 import { U as UnionToIntersection, P as Prettify, S as StripEmptyObjects } from './helper-DPDj8Nix.js';
 import { ClientOptions, InferClientAPI, InferActions, InferAdditionalFromClient, InferSessionFromClient, InferUserFromClient, BetterAuthClientPlugin, IsSignal } from './types.js';
 export { AtomListener, InferPluginsFromClient } from './types.js';
-import './auth-BqAt6mrY.js';
+import './auth-C6fr77co.js';
 import 'kysely';
 import './schema-Dkt0LqYs.js';
 import 'better-call';

package/dist/cookies.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import 'better-call';
-export { s as BetterAuthCookies, E as EligibleCookies, r as createCookieGetter, u as deleteSessionCookie, q as getCookies, v as parseSetCookieHeader, t as setSessionCookie } from './auth-BqAt6mrY.js';
+export { s as BetterAuthCookies, E as EligibleCookies, r as createCookieGetter, u as deleteSessionCookie, q as getCookies, v as parseSetCookieHeader, t as setSessionCookie } from './auth-C6fr77co.js';
 import 'zod';
 import 'kysely';
 import './schema-Dkt0LqYs.js';

package/dist/db.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
-import { A as Adapter, B as BetterAuthOptions, W as Where, F as FieldAttribute, y as FieldType, K as KyselyDatabaseType } from './auth-BqAt6mrY.js';
-export { V as BetterAuthDbSchema, D as FieldAttributeConfig, U as InferFieldsFromOptions, T as InferFieldsFromPlugins, N as InferFieldsInput, O as InferFieldsInputClient, M as InferFieldsOutput, L as InferValueType, C as InternalAdapter, Q as PluginFieldAttribute, J as createFieldAttribute, z as createInternalAdapter, X as getAuthTables } from './auth-BqAt6mrY.js';
+import { A as Adapter, B as BetterAuthOptions, W as Where, F as FieldAttribute, y as FieldType, K as KyselyDatabaseType } from './auth-C6fr77co.js';
+export { V as BetterAuthDbSchema, D as FieldAttributeConfig, U as InferFieldsFromOptions, T as InferFieldsFromPlugins, N as InferFieldsInput, O as InferFieldsInputClient, M as InferFieldsOutput, L as InferValueType, C as InternalAdapter, Q as PluginFieldAttribute, J as createFieldAttribute, z as createInternalAdapter, X as getAuthTables } from './auth-C6fr77co.js';
 import { z } from 'zod';
 import 'kysely';
 import './schema-Dkt0LqYs.js';
@@ -26,7 +26,7 @@ declare function getWithHooks(adapter: Adapter, ctx: {
 declare function toZodSchema(fields: Record<string, FieldAttribute>): z.ZodObject<{}, "strip", z.ZodTypeAny, {}, {}>;
-declare function getAdapter(options: BetterAuthOptions, isCli?: boolean): Promise<Adapter>;
+declare function getAdapter(options: BetterAuthOptions): Promise<Adapter>;
 declare function convertToDB<T extends Record<string, any>>(fields: Record<string, FieldAttribute>, values: T): T;
 declare function convertFromDB<T extends Record<string, any>>(fields: Record<string, FieldAttribute>, values: T | null): T | null;

package/dist/db.js CHANGED Viewed

@@ -1,4 +1,4 @@
-var v=(e,r="ms")=>new Date(Date.now()+(r==="sec"?e*1e3:e));var g=e=>{let r=e.plugins?.reduce((t,a)=>{let o=a.schema;if(!o)return t;for(let[u,c]of Object.entries(o))t[u]={fields:{...t[u]?.fields,...c.fields},tableName:c.tableName||u};return t},{}),i=e.rateLimit?.storage==="database",n={rateLimit:{tableName:e.rateLimit?.tableName||"rateLimit",fields:{key:{type:"string",fieldName:e.rateLimit?.fields?.key||"key"},count:{type:"number",fieldName:e.rateLimit?.fields?.count||"count"},lastRequest:{type:"number",fieldName:e.rateLimit?.fields?.lastRequest||"lastRequest"}}}},{user:d,session:s,account:l,...f}=r||{};return{user:{tableName:e.user?.modelName||"user",fields:{name:{type:"string",required:!0,fieldName:e.user?.fields?.name||"name"},email:{type:"string",unique:!0,required:!0,fieldName:e.user?.fields?.email||"email"},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0,fieldName:e.user?.fields?.emailVerified||"emailVerified"},image:{type:"string",required:!1,fieldName:e.user?.fields?.image||"image"},createdAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.createdAt||"createdAt"},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.updatedAt||"updatedAt"},...d?.fields,...e.user?.additionalFields},order:1},session:{tableName:e.session?.modelName||"session",fields:{expiresAt:{type:"date",required:!0,fieldName:e.session?.fields?.expiresAt||"expiresAt"},ipAddress:{type:"string",required:!1,fieldName:e.session?.fields?.ipAddress||"ipAddress"},userAgent:{type:"string",required:!1,fieldName:e.session?.fields?.userAgent||"userAgent"},userId:{type:"string",fieldName:e.session?.fields?.userId||"userId",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0},...s?.fields,...e.session?.additionalFields},order:2},account:{tableName:e.account?.modelName||"account",fields:{accountId:{type:"string",required:!0,fieldName:e.account?.fields?.accountId||"accountId"},providerId:{type:"string",required:!0,fieldName:e.account?.fields?.providerId||"providerId"},userId:{type:"string",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0,fieldName:e.account?.fields?.userId||"userId"},accessToken:{type:"string",required:!1,fieldName:e.account?.fields?.accessToken||"accessToken"},refreshToken:{type:"string",required:!1,fieldName:e.account?.fields?.refreshToken||"refreshToken"},idToken:{type:"string",required:!1,fieldName:e.account?.fields?.idToken||"idToken"},expiresAt:{type:"date",required:!1,fieldName:e.account?.fields?.expiresAt||"expiresAt"},password:{type:"string",required:!1,fieldName:e.account?.fields?.password||"password"},...l?.fields},order:3},verification:{tableName:e.verification?.modelName||"verification",fields:{identifier:{type:"string",required:!0,fieldName:e.verification?.fields?.identifier||"identifier"},value:{type:"string",required:!0,fieldName:e.verification?.fields?.value||"value"},expiresAt:{type:"date",required:!0,fieldName:e.verification?.fields?.expiresAt||"expiresAt"}},order:4},...f,...i?n:{}}};function W(e){return e.toString(2).padStart(8,"0")}function $(e){return[...e].map(r=>W(r)).join("")}function R(e){return parseInt($(e),2)}function H(e){if(e<0||!Number.isInteger(e))throw new Error("Argument 'max' must be an integer greater than or equal to 0");let r=(e-1).toString(2).length,i=r%8,n=new Uint8Array(Math.ceil(r/8));crypto.getRandomValues(n),i!==0&&(n[0]&=(1<<i)-1);let d=R(n);for(;d>=e;)crypto.getRandomValues(n),i!==0&&(n[0]&=(1<<i)-1),d=R(n);return d}function D(e,r){let i="";for(let n=0;n<e;n++)i+=r[H(r.length)];return i}function B(...e){let r=new Set(e),i="";for(let n of r)n==="a-z"?i+="abcdefghijklmnopqrstuvwxyz":n==="A-Z"?i+="ABCDEFGHIJKLMNOPQRSTUVWXYZ":n==="0-9"?i+="0123456789":i+=n;return i}var A=e=>D(e||21,B("a-z","0-9","A-Z"));var T=class extends Error{constructor(r,i){super(r),this.name="BetterAuthError",this.message=r,this.cause=i,this.stack=""}};import{Kysely as V,MssqlDialect as J}from"kysely";import{MysqlDialect as U,PostgresDialect as M,SqliteDialect as K}from"kysely";import{createConsola as Z}from"consola";var h=Z({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),z=e=>({log:(...r)=>{!e?.disabled&&h.log("",...r)},error:(...r)=>{!e?.disabled&&h.error("",...r)},warn:(...r)=>{!e?.disabled&&h.warn("",...r)},info:(...r)=>{!e?.disabled&&h.info("",...r)},debug:(...r)=>{!e?.disabled&&h.debug("",...r)},box:(...r)=>{!e?.disabled&&h.box("",...r)},success:(...r)=>{!e?.disabled&&h.success("",...r)},break:(...r)=>{!e?.disabled&&console.log(`
-`)}}),N=z();function C(e){if("dialect"in e)return C(e.dialect);if("createDriver"in e){if(e instanceof K)return"sqlite";if(e instanceof U)return"mysql";if(e instanceof M)return"postgres";if(e instanceof J)return"mssql"}return"aggregate"in e?"sqlite":"getConnection"in e?"mysql":"connect"in e?"postgres":null}var I=async e=>{let r=e.database;if("db"in r)return{kysely:r.db,databaseType:r.type};if("dialect"in r)return{kysely:new V({dialect:r.dialect}),databaseType:r.type};let i,n=C(r);return"createDriver"in r&&(i=r),"aggregate"in r&&(i=new K({database:r})),"getConnection"in r&&(i=new U({pool:r})),"connect"in r&&(i=new M({pool:r})),{kysely:i?new V({dialect:i}):null,databaseType:n}};import"kysely";function j(e){let r=g(e),i={};for(let n in r){let d=r[n],s=d.fields,l={};if(Object.entries(s).forEach(([f,t])=>{l[t.fieldName||f]=t}),i[d.tableName]){i[d.tableName].fields={...i[d.tableName].fields,...l};continue}i[d.tableName]={fields:l,order:d.order||1/0}}return i}var G={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},_={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},X={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},Y={string:["nvarchar","varchar"],number:["int","bigint","smallint","decimal","float","double"],boolean:["bit","boolean"],date:["datetime","date"]},Q={postgres:G,mysql:_,sqlite:X,mssql:Y};function ee(e,r,i){return r==="string[]"||r==="number[]"?e.toLowerCase().includes("json"):Q[i][r].map(l=>l.toLowerCase()).includes(e.toLowerCase())}async function xe(e){let r=j(e),{kysely:i,databaseType:n}=await I(e);n||(N.warn("Could not determine database type, defaulting to sqlite. Please provide a type in the database options to avoid this."),n="sqlite"),i||(N.error("Only kysely adapter is supported for migrations. You can use `generate` command to generate the schema, if you're using a different adapter."),process.exit(1));let d=await i.introspection.getTables(),s=[],l=[];for(let[u,c]of Object.entries(r)){let y=d.find(p=>p.name===u);if(!y){let p=s.findIndex(w=>w.table===u),b={table:u,fields:c.fields,order:c.order||1/0},x=s.findIndex(w=>(w.order||1/0)>b.order);x===-1?p===-1?s.push(b):s[p].fields={...s[p].fields,...c.fields}:s.splice(x,0,b);continue}let m={};for(let[p,b]of Object.entries(c.fields)){let x=y.columns.find(w=>w.name===p);if(!x){m[p]=b;continue}ee(x.dataType,b.type,n)||N.warn(`Field ${p} in table ${u} has a different type in the database. Expected ${b.type} but got ${x.dataType}.`)}Object.keys(m).length>0&&l.push({table:u,fields:m,order:c.order||1/0})}let f=[];function t(u){let c={string:"text",boolean:"boolean",number:"integer",date:"date"};return n==="mysql"&&u==="string"?"varchar(255)":n==="sqlite"&&(u==="string[]"||u==="number[]")?"text":u==="string[]"||u==="number[]"?"jsonb":c[u]}if(l.length)for(let u of l)for(let[c,y]of Object.entries(u.fields)){let m=t(y.type),p=i.schema.alterTable(u.table).addColumn(c,m,b=>(b=y.required!==!1?b.notNull():b,y.references&&(b=b.references(`${y.references.model}.${y.references.field}`)),b));f.push(p)}if(s.length)for(let u of s){let c=i.schema.createTable(u.table).addColumn("id",t("string"),y=>y.primaryKey());for(let[y,m]of Object.entries(u.fields)){let p=t(m.type);c=c.addColumn(y,p,b=>(b=m.required!==!1?b.notNull():b,m.references&&(b=b.references(`${m.references.model}.${m.references.field}`)),m.unique&&(b=b.unique()),b))}f.push(c)}async function a(){for(let u of f)await u.execute()}async function o(){return f.map(c=>c.compile().sql).join(`;
+var v=(e,r="ms")=>new Date(Date.now()+(r==="sec"?e*1e3:e));var g=e=>{let r=e.plugins?.reduce((t,a)=>{let o=a.schema;if(!o)return t;for(let[l,u]of Object.entries(o))t[l]={fields:{...t[l]?.fields,...u.fields},tableName:u.tableName||l};return t},{}),i=e.rateLimit?.storage==="database",n={rateLimit:{tableName:e.rateLimit?.tableName||"rateLimit",fields:{key:{type:"string",fieldName:e.rateLimit?.fields?.key||"key"},count:{type:"number",fieldName:e.rateLimit?.fields?.count||"count"},lastRequest:{type:"number",fieldName:e.rateLimit?.fields?.lastRequest||"lastRequest"}}}},{user:d,session:s,account:c,...f}=r||{};return{user:{tableName:e.user?.modelName||"user",fields:{name:{type:"string",required:!0,fieldName:e.user?.fields?.name||"name"},email:{type:"string",unique:!0,required:!0,fieldName:e.user?.fields?.email||"email"},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0,fieldName:e.user?.fields?.emailVerified||"emailVerified"},image:{type:"string",required:!1,fieldName:e.user?.fields?.image||"image"},createdAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.createdAt||"createdAt"},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.updatedAt||"updatedAt"},...d?.fields,...e.user?.additionalFields},order:1},session:{tableName:e.session?.modelName||"session",fields:{expiresAt:{type:"date",required:!0,fieldName:e.session?.fields?.expiresAt||"expiresAt"},ipAddress:{type:"string",required:!1,fieldName:e.session?.fields?.ipAddress||"ipAddress"},userAgent:{type:"string",required:!1,fieldName:e.session?.fields?.userAgent||"userAgent"},userId:{type:"string",fieldName:e.session?.fields?.userId||"userId",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0},...s?.fields,...e.session?.additionalFields},order:2},account:{tableName:e.account?.modelName||"account",fields:{accountId:{type:"string",required:!0,fieldName:e.account?.fields?.accountId||"accountId"},providerId:{type:"string",required:!0,fieldName:e.account?.fields?.providerId||"providerId"},userId:{type:"string",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0,fieldName:e.account?.fields?.userId||"userId"},accessToken:{type:"string",required:!1,fieldName:e.account?.fields?.accessToken||"accessToken"},refreshToken:{type:"string",required:!1,fieldName:e.account?.fields?.refreshToken||"refreshToken"},idToken:{type:"string",required:!1,fieldName:e.account?.fields?.idToken||"idToken"},expiresAt:{type:"date",required:!1,fieldName:e.account?.fields?.expiresAt||"expiresAt"},password:{type:"string",required:!1,fieldName:e.account?.fields?.password||"password"},...c?.fields},order:3},verification:{tableName:e.verification?.modelName||"verification",fields:{identifier:{type:"string",required:!0,fieldName:e.verification?.fields?.identifier||"identifier"},value:{type:"string",required:!0,fieldName:e.verification?.fields?.value||"value"},expiresAt:{type:"date",required:!0,fieldName:e.verification?.fields?.expiresAt||"expiresAt"}},order:4},...f,...i?n:{}}};import{nanoid as P}from"nanoid";var A=e=>P(e);var T=class extends Error{constructor(r,i){super(r),this.name="BetterAuthError",this.message=r,this.cause=i,this.stack=""}};import{Kysely as R,MssqlDialect as E}from"kysely";import{MysqlDialect as D,PostgresDialect as B,SqliteDialect as V}from"kysely";function U(e){if("dialect"in e)return U(e.dialect);if("createDriver"in e){if(e instanceof V)return"sqlite";if(e instanceof D)return"mysql";if(e instanceof B)return"postgres";if(e instanceof E)return"mssql"}return"aggregate"in e?"sqlite":"getConnection"in e?"mysql":"connect"in e?"postgres":null}var N=async e=>{let r=e.database;if("db"in r)return{kysely:r.db,databaseType:r.type};if("dialect"in r)return{kysely:new R({dialect:r.dialect}),databaseType:r.type};let i,n=U(r);return"createDriver"in r&&(i=r),"aggregate"in r&&(i=new V({database:r})),"getConnection"in r&&(i=new D({pool:r})),"connect"in r&&(i=new B({pool:r})),{kysely:i?new R({dialect:i}):null,databaseType:n}};function I(e){if(!e)return{and:null,or:null};let r=e?.filter(n=>n.connector==="AND"||!n.connector).reduce((n,d)=>({...n,[d.field]:d.value}),{}),i=e?.filter(n=>n.connector==="OR").reduce((n,d)=>({...n,[d.field]:d.value}),{});return{and:Object.keys(r).length?r:null,or:Object.keys(i).length?i:null}}function k(e,r,i){for(let n in e)e[n]===0&&r[n]?.type==="boolean"&&i?.boolean&&(e[n]=!1),e[n]===1&&r[n]?.type==="boolean"&&i?.boolean&&(e[n]=!0),r[n]?.type==="date"&&(e[n]instanceof Date||(e[n]=new Date(e[n])));return e}function K(e,r){for(let i in e)typeof e[i]=="boolean"&&r?.boolean&&(e[i]=e[i]?1:0),e[i]instanceof Date&&(e[i]=e[i].toISOString());return e}var M=(e,r)=>({id:"kysely",async create(i){let{model:n,data:d,select:s}=i;r?.transform&&(d=K(d,r.transform)),r?.generateId!==void 0&&(d.id=r.generateId?r.generateId():void 0);let c=await e.insertInto(n).values(d).returningAll().executeTakeFirst();if(r?.transform){let f=r.transform.schema[n];c=f?k(d,f,r.transform):c}return s?.length&&(c=c?s.reduce((t,a)=>c?.[a]?{...t,[a]:c[a]}:t,{}):null),c},async findOne(i){let{model:n,where:d,select:s}=i,{and:c,or:f}=I(d),t=e.selectFrom(n).selectAll();f&&(t=t.where(o=>o.or(f))),c&&(t=t.where(o=>o.and(c)));let a=await t.executeTakeFirst();if(s?.length&&(a=a?s.reduce((l,u)=>a?.[u]?{...l,[u]:a[u]}:l,{}):null),r?.transform){let o=r.transform.schema[n];return a=a&&o?k(a,o,r.transform):a,a||null}return a||null},async findMany(i){let{model:n,where:d,limit:s,offset:c,sortBy:f}=i,t=e.selectFrom(n),{and:a,or:o}=I(d);a&&(t=t.where(u=>u.and(a))),o&&(t=t.where(u=>u.or(o))),t=t.limit(s||100),c&&(t=t.offset(c)),f&&(t=t.orderBy(f.field,f.direction));let l=await t.selectAll().execute();if(r?.transform){let u=r.transform.schema[n];return u?l.map(y=>k(y,u,r.transform)):l}return l},async update(i){let{model:n,where:d,update:s}=i,{and:c,or:f}=I(d);r?.transform&&(s=K(s,r.transform));let t=e.updateTable(n).set(s);c&&(t=t.where(o=>o.and(c))),f&&(t=t.where(o=>o.or(f)));let a=await t.returningAll().executeTakeFirst()||null;if(r?.transform){let o=r.transform.schema[n];return o?k(a,o,r.transform):a}return a},async delete(i){let{model:n,where:d}=i,{and:s,or:c}=I(d),f=e.deleteFrom(n);s&&(f=f.where(t=>t.and(s))),c&&(f=f.where(t=>t.or(c))),await f.execute()}});async function pe(e){if(!e.database)throw new T("Database configuration is required");if("create"in e.database)return e.database;let{kysely:r,databaseType:i}=await N(e);if(!r)throw new T("Failed to initialize database adapter");let n=g(e),d={};for(let s of Object.values(n))d[s.tableName]=s.fields;return M(r,{transform:{schema:d,date:!0,boolean:i==="sqlite"},generateId:"generateId"in e.database?e.database.generateId:void 0})}function q(e,r){let i={id:r.id};for(let n in e){let d=e[n],s=r[n];i[d.fieldName||n]=s}return i}function S(e,r){if(!r)return null;let i={id:r.id};for(let[n,d]of Object.entries(e))i[n]=r[d.fieldName||n];return i}function C(e,r){let i=r.hooks,n=g(r.options);async function d(c,f,t){let a=c,o=n[f];for(let y of i||[]){let m=y[f]?.create?.before;if(m){let p=await m(c);if(p===!1)return null;typeof p=="object"&&"data"in p&&(a=p.data)}}let l=t?await t.fn(a):null,u=!t||t.executeMainFn?await e.create({model:o.tableName,data:{id:A(),...q(o.fields,a)}}):l;for(let y of i||[]){let m=y[f]?.create?.after;m&&await m(u)}return S(o.fields,u)}async function s(c,f,t,a){let o=c;for(let y of i||[]){let m=y[t]?.update?.before;if(m){let p=await m(c);if(p===!1)return null;o=typeof p=="object"?p.data:p}}let l=a?await a.fn(o):null,u=!a||a.executeMainFn?await e.update({model:n[t].tableName,update:q(n[t].fields,o),where:f}):l;for(let y of i||[]){let m=y[t]?.update?.after;m&&await m(u)}return S(n[t].fields,u)}return{createWithHooks:d,updateWithHooks:s}}var Ie=(e,r)=>{let i=r.options,n=i.secondaryStorage,d=i.session?.expiresIn||60*60*24*7,s=g(i),{createWithHooks:c,updateWithHooks:f}=C(e,r);return{createOAuthUser:async(t,a)=>{try{let o=await c(t,"user"),l=await c(a,"account");return{user:o,account:{...l,userId:o.id}}}catch(o){return console.log(o),null}},createUser:async t=>await c({id:A(),createdAt:new Date,updatedAt:new Date,emailVerified:!1,...t},"user"),createAccount:async t=>await c({id:A(),createdAt:new Date,updatedAt:new Date,...t},"account"),listSessions:async t=>await e.findMany({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]}),listUsers:async(t,a,o)=>await e.findMany({model:s.user.tableName,limit:t,offset:a,sortBy:o}),deleteUser:async t=>{await e.delete({model:s.account.tableName,where:[{field:s.account.fields.userId.fieldName||"userId",value:t}]}),await e.delete({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]}),await e.delete({model:s.user.tableName,where:[{field:"id",value:t}]})},createSession:async(t,a,o,l)=>{let u=a instanceof Request?a.headers:a,y={id:A(),userId:t,expiresAt:o?v(60*60*24,"sec"):v(d,"sec"),ipAddress:u?.get("x-forwarded-for")||"",userAgent:u?.get("user-agent")||"",...l};return await c(y,"session",n?{fn:async p=>{let b=await e.findOne({model:s.user.tableName,where:[{field:"id",value:t}]});return n.set(p.id,JSON.stringify({session:p,user:b}),d),p},executeMainFn:i.session?.storeSessionInDatabase}:void 0)},findSession:async t=>{if(n){let l=await n.get(t);if(l){let u=JSON.parse(l);return{session:{...u.session,expiresAt:new Date(u.session.expiresAt)},user:{...u.user,createdAt:new Date(u.user.createdAt),updatedAt:new Date(u.user.updatedAt)}}}}let a=await e.findOne({model:s.session.tableName,where:[{value:t,field:"id"}]});if(!a)return null;let o=await e.findOne({model:s.user.tableName,where:[{value:a.userId,field:"id"}]});return o?{session:a,user:o}:null},updateSession:async(t,a)=>await f(a,[{field:"id",value:t}],"session",n?{async fn(l){let u=await n.get(t),y=null;if(u){let m=JSON.parse(u);y={...m.session,...l},await n.set(t,JSON.stringify({session:y,user:m.user}),m.session.expiresAt?new Date(m.session.expiresAt).getTime():void 0)}else return null},executeMainFn:i.session?.storeSessionInDatabase}:void 0),deleteSession:async t=>{if(n){await n.delete(t),i.session?.storeSessionInDatabase&&await e.delete({model:s.session.tableName,where:[{field:"id",value:t}]});return}await e.delete({model:s.session.tableName,where:[{field:"id",value:t}]})},deleteSessions:async t=>{if(n){let a=await e.findMany({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]});for(let o of a)await n.delete(o.id);i.session?.storeSessionInDatabase&&await e.delete({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]});return}await e.delete({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]})},findUserByEmail:async(t,a)=>{let o=await e.findOne({model:s.user.tableName,where:[{value:t.toLowerCase(),field:s.user.fields.email.fieldName||"email"}]});if(!o)return null;if(a?.includeAccounts){let l=await e.findMany({model:s.account.tableName,where:[{value:o.id,field:s.account.fields.userId.fieldName||"userId"}]});return{user:o,accounts:l}}return{user:o,accounts:[]}},findUserById:async t=>await e.findOne({model:s.user.tableName,where:[{field:"id",value:t}]}),linkAccount:async t=>await c({id:A(),...t},"account"),updateUser:async(t,a)=>await f(a,[{field:"id",value:t}],"user"),updateUserByEmail:async(t,a)=>await f(a,[{field:"email",value:t}],"user"),updatePassword:async(t,a)=>await f({password:a},[{field:s.account.fields.userId.fieldName||"userId",value:t},{field:s.account.fields.providerId.fieldName||"providerId",value:"credential"}],"account"),findAccounts:async t=>await e.findMany({model:s.account.tableName,where:[{field:s.account.fields.userId.fieldName||"userId",value:t}]}),updateAccount:async(t,a)=>await f(a,[{field:"id",value:t}],"account"),createVerificationValue:async t=>await c({id:A(),...t},"verification"),findVerificationValue:async t=>await e.findOne({model:s.verification.tableName,where:[{field:s.verification.fields.identifier.fieldName||"identifier",value:t}]}),deleteVerificationValue:async t=>{await e.delete({model:s.verification.tableName,where:[{field:"id",value:t}]})},updateVerificationValue:async(t,a)=>await f(a,[{field:"id",value:t}],"verification")}};var Oe=(e,r)=>({type:e,...r});import{z as F}from"zod";function Se(e){return F.object({...Object.keys(e).reduce((i,n)=>{let d=e[n];if(!d)return i;if(d.type==="string[]"||d.type==="number[]")return{...i,[n]:F.array(d.type==="string[]"?F.string():F.number())};let s=F[d.type]();return d?.required===!1&&(s=s.optional()),d?.returned===!1?i:{...i,[n]:s}},{})})}import"kysely";import{createConsola as L}from"consola";var h=L({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),W=e=>({log:(...r)=>{!e?.disabled&&h.log("",...r)},error:(...r)=>{!e?.disabled&&h.error("",...r)},warn:(...r)=>{!e?.disabled&&h.warn("",...r)},info:(...r)=>{!e?.disabled&&h.info("",...r)},debug:(...r)=>{!e?.disabled&&h.debug("",...r)},box:(...r)=>{!e?.disabled&&h.box("",...r)},success:(...r)=>{!e?.disabled&&h.success("",...r)},break:(...r)=>{!e?.disabled&&console.log(`
+`)}}),O=W();function j(e){let r=g(e),i={};for(let n in r){let d=r[n],s=d.fields,c={};if(Object.entries(s).forEach(([f,t])=>{c[t.fieldName||f]=t}),i[d.tableName]){i[d.tableName].fields={...i[d.tableName].fields,...c};continue}i[d.tableName]={fields:c,order:d.order||1/0}}return i}var $={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},H={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},Z={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},z={string:["nvarchar","varchar"],number:["int","bigint","smallint","decimal","float","double"],boolean:["bit","boolean"],date:["datetime","date"]},J={postgres:$,mysql:H,sqlite:Z,mssql:z};function G(e,r,i){return r==="string[]"||r==="number[]"?e.toLowerCase().includes("json"):J[i][r].map(c=>c.toLowerCase()).includes(e.toLowerCase())}async function Pe(e){let r=j(e),{kysely:i,databaseType:n}=await N(e);n||(O.warn("Could not determine database type, defaulting to sqlite. Please provide a type in the database options to avoid this."),n="sqlite"),i||(O.error("Only kysely adapter is supported for migrations. You can use `generate` command to generate the schema, if you're using a different adapter."),process.exit(1));let d=await i.introspection.getTables(),s=[],c=[];for(let[l,u]of Object.entries(r)){let y=d.find(p=>p.name===l);if(!y){let p=s.findIndex(w=>w.table===l),b={table:l,fields:u.fields,order:u.order||1/0},x=s.findIndex(w=>(w.order||1/0)>b.order);x===-1?p===-1?s.push(b):s[p].fields={...s[p].fields,...u.fields}:s.splice(x,0,b);continue}let m={};for(let[p,b]of Object.entries(u.fields)){let x=y.columns.find(w=>w.name===p);if(!x){m[p]=b;continue}G(x.dataType,b.type,n)||O.warn(`Field ${p} in table ${l} has a different type in the database. Expected ${b.type} but got ${x.dataType}.`)}Object.keys(m).length>0&&c.push({table:l,fields:m,order:u.order||1/0})}let f=[];function t(l){let u={string:"text",boolean:"boolean",number:"integer",date:"date"};return n==="mysql"&&l==="string"?"varchar(255)":n==="sqlite"&&(l==="string[]"||l==="number[]")?"text":l==="string[]"||l==="number[]"?"jsonb":u[l]}if(c.length)for(let l of c)for(let[u,y]of Object.entries(l.fields)){let m=t(y.type),p=i.schema.alterTable(l.table).addColumn(u,m,b=>(b=y.required!==!1?b.notNull():b,y.references&&(b=b.references(`${y.references.model}.${y.references.field}`)),b));f.push(p)}if(s.length)for(let l of s){let u=i.schema.createTable(l.table).addColumn("id",t("string"),y=>y.primaryKey().notNull());for(let[y,m]of Object.entries(l.fields)){let p=t(m.type);u=u.addColumn(y,p,b=>(b=m.required!==!1?b.notNull():b,m.references&&(b=b.references(`${m.references.model}.${m.references.field}`)),m.unique&&(b=b.unique()),b))}f.push(u)}async function a(){for(let l of f)await l.execute()}async function o(){return f.map(u=>u.compile().sql).join(`;
-`)}return{toBeCreated:s,toBeAdded:l,runMigrations:a,compileMigrations:o}}function k(e){if(!e)return{and:null,or:null};let r=e?.filter(n=>n.connector==="AND"||!n.connector).reduce((n,d)=>({...n,[d.field]:d.value}),{}),i=e?.filter(n=>n.connector==="OR").reduce((n,d)=>({...n,[d.field]:d.value}),{});return{and:Object.keys(r).length?r:null,or:Object.keys(i).length?i:null}}function O(e,r,i){for(let n in e)e[n]===0&&r[n]?.type==="boolean"&&i?.boolean&&(e[n]=!1),e[n]===1&&r[n]?.type==="boolean"&&i?.boolean&&(e[n]=!0),r[n]?.type==="date"&&(e[n]instanceof Date||(e[n]=new Date(e[n])));return e}function P(e,r){for(let i in e)typeof e[i]=="boolean"&&r?.boolean&&(e[i]=e[i]?1:0),e[i]instanceof Date&&(e[i]=e[i].toISOString());return e}var E=(e,r)=>({id:"kysely",async create(i){let{model:n,data:d,select:s}=i;r?.transform&&(d=P(d,r.transform));let l=await e.insertInto(n).values(d).returningAll().executeTakeFirst();if(r?.transform){let f=r.transform.schema[n];l=f?O(d,f,r.transform):l}return s?.length&&(l=l?s.reduce((t,a)=>l?.[a]?{...t,[a]:l[a]}:t,{}):null),l},async findOne(i){let{model:n,where:d,select:s}=i,{and:l,or:f}=k(d),t=e.selectFrom(n).selectAll();f&&(t=t.where(o=>o.or(f))),l&&(t=t.where(o=>o.and(l)));let a=await t.executeTakeFirst();if(s?.length&&(a=a?s.reduce((u,c)=>a?.[c]?{...u,[c]:a[c]}:u,{}):null),r?.transform){let o=r.transform.schema[n];return a=a&&o?O(a,o,r.transform):a,a||null}return a||null},async findMany(i){let{model:n,where:d,limit:s,offset:l,sortBy:f}=i,t=e.selectFrom(n),{and:a,or:o}=k(d);a&&(t=t.where(c=>c.and(a))),o&&(t=t.where(c=>c.or(o))),t=t.limit(s||100),l&&(t=t.offset(l)),f&&(t=t.orderBy(f.field,f.direction));let u=await t.selectAll().execute();if(r?.transform){let c=r.transform.schema[n];return c?u.map(y=>O(y,c,r.transform)):u}return u},async update(i){let{model:n,where:d,update:s}=i,{and:l,or:f}=k(d);r?.transform&&(s=P(s,r.transform));let t=e.updateTable(n).set(s);l&&(t=t.where(o=>o.and(l))),f&&(t=t.where(o=>o.or(f)));let a=await t.returningAll().executeTakeFirst()||null;if(r?.transform){let o=r.transform.schema[n];return o?O(a,o,r.transform):a}return a},async delete(i){let{model:n,where:d}=i,{and:s,or:l}=k(d),f=e.deleteFrom(n);s&&(f=f.where(t=>t.and(s))),l&&(f=f.where(t=>t.or(l))),await f.execute()}});async function Re(e,r){if(!e.database)throw new T("Database configuration is required");if("create"in e.database)return e.database;let{kysely:i,databaseType:n}=await I(e);if(!i)throw new T("Failed to initialize database adapter");let d=g(e),s={};for(let l of Object.values(d))s[l.tableName]=l.fields;return E(i,{transform:{schema:s,date:!0,boolean:n==="sqlite"}})}function q(e,r){let i={id:r.id};for(let n in e){let d=e[n],s=r[n];i[d.fieldName||n]=s}return i}function S(e,r){if(!r)return null;let i={id:r.id};for(let[n,d]of Object.entries(e))i[n]=r[d.fieldName||n];return i}function L(e,r){let i=r.hooks,n=g(r.options);async function d(l,f,t){let a=l,o=n[f];for(let y of i||[]){let m=y[f]?.create?.before;if(m){let p=await m(l);if(p===!1)return null;typeof p=="object"&&"data"in p&&(a=p.data)}}let u=t?await t.fn(a):null,c=!t||t.executeMainFn?await e.create({model:o.tableName,data:{id:A(),...q(o.fields,a)}}):u;for(let y of i||[]){let m=y[f]?.create?.after;m&&await m(c)}return S(o.fields,c)}async function s(l,f,t,a){let o=l;for(let y of i||[]){let m=y[t]?.update?.before;if(m){let p=await m(l);if(p===!1)return null;o=typeof p=="object"?p.data:p}}let u=a?await a.fn(o):null,c=!a||a.executeMainFn?await e.update({model:n[t].tableName,update:q(n[t].fields,o),where:f}):u;for(let y of i||[]){let m=y[t]?.update?.after;m&&await m(c)}return S(n[t].fields,c)}return{createWithHooks:d,updateWithHooks:s}}var Ee=(e,r)=>{let i=r.options,n=i.secondaryStorage,d=i.session?.expiresIn||60*60*24*7,s=g(i),{createWithHooks:l,updateWithHooks:f}=L(e,r);return{createOAuthUser:async(t,a)=>{try{let o=await l(t,"user"),u=await l(a,"account");return{user:o,account:u}}catch(o){return console.log(o),null}},createUser:async t=>await l({id:A(),createdAt:new Date,updatedAt:new Date,emailVerified:!1,...t},"user"),createAccount:async t=>await l({id:A(),createdAt:new Date,updatedAt:new Date,...t},"account"),listSessions:async t=>await e.findMany({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]}),listUsers:async(t,a,o)=>await e.findMany({model:s.user.tableName,limit:t,offset:a,sortBy:o}),deleteUser:async t=>{await e.delete({model:s.account.tableName,where:[{field:s.account.fields.userId.fieldName||"userId",value:t}]}),await e.delete({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]}),await e.delete({model:s.user.tableName,where:[{field:"id",value:t}]})},createSession:async(t,a,o,u)=>{let c=a instanceof Request?a.headers:a,y={id:A(),userId:t,expiresAt:o?v(60*60*24,"sec"):v(d,"sec"),ipAddress:c?.get("x-forwarded-for")||"",userAgent:c?.get("user-agent")||"",...u};return await l(y,"session",n?{fn:async p=>{let b=await e.findOne({model:s.user.tableName,where:[{field:"id",value:t}]});return n.set(p.id,JSON.stringify({session:p,user:b}),d),p},executeMainFn:i.session?.storeSessionInDatabase}:void 0)},findSession:async t=>{if(n){let u=await n.get(t);if(u){let c=JSON.parse(u);return{session:{...c.session,expiresAt:new Date(c.session.expiresAt)},user:{...c.user,createdAt:new Date(c.user.createdAt),updatedAt:new Date(c.user.updatedAt)}}}}let a=await e.findOne({model:s.session.tableName,where:[{value:t,field:"id"}]});if(!a)return null;let o=await e.findOne({model:s.user.tableName,where:[{value:a.userId,field:"id"}]});return o?{session:a,user:o}:null},updateSession:async(t,a)=>await f(a,[{field:"id",value:t}],"session",n?{async fn(u){let c=await n.get(t),y=null;if(c){let m=JSON.parse(c);y={...m.session,...u},await n.set(t,JSON.stringify({session:y,user:m.user}),m.session.expiresAt?new Date(m.session.expiresAt).getTime():void 0)}else return null},executeMainFn:i.session?.storeSessionInDatabase}:void 0),deleteSession:async t=>{if(n){await n.delete(t),i.session?.storeSessionInDatabase&&await e.delete({model:s.session.tableName,where:[{field:"id",value:t}]});return}await e.delete({model:s.session.tableName,where:[{field:"id",value:t}]})},deleteSessions:async t=>{if(n){let a=await e.findMany({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]});for(let o of a)await n.delete(o.id);i.session?.storeSessionInDatabase&&await e.delete({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]});return}await e.delete({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]})},findUserByEmail:async(t,a)=>{let o=await e.findOne({model:s.user.tableName,where:[{value:t.toLowerCase(),field:s.user.fields.email.fieldName||"email"}]});if(!o)return null;if(a?.includeAccounts){let u=await e.findMany({model:s.account.tableName,where:[{value:o.id,field:s.account.fields.userId.fieldName||"userId"}]});return{user:o,accounts:u}}return{user:o,accounts:[]}},findUserById:async t=>await e.findOne({model:s.user.tableName,where:[{field:"id",value:t}]}),linkAccount:async t=>await l({id:A(),...t},"account"),updateUser:async(t,a)=>await f(a,[{field:"id",value:t}],"user"),updateUserByEmail:async(t,a)=>await f(a,[{field:"email",value:t}],"user"),updatePassword:async(t,a)=>await f({password:a},[{field:s.account.fields.userId.fieldName||"userId",value:t},{field:s.account.fields.providerId.fieldName||"providerId",value:"credential"}],"account"),findAccounts:async t=>await e.findMany({model:s.account.tableName,where:[{field:s.account.fields.userId.fieldName||"userId",value:t}]}),updateAccount:async(t,a)=>await f(a,[{field:"id",value:t}],"account"),createVerificationValue:async t=>await l({id:A(),...t},"verification"),findVerificationValue:async t=>await e.findOne({model:s.verification.tableName,where:[{field:s.verification.fields.identifier.fieldName||"identifier",value:t}]}),deleteVerificationValue:async t=>{await e.delete({model:s.verification.tableName,where:[{field:"id",value:t}]})},updateVerificationValue:async(t,a)=>await f(a,[{field:"id",value:t}],"verification")}};var We=(e,r)=>({type:e,...r});import{z as F}from"zod";function Ze(e){return F.object({...Object.keys(e).reduce((i,n)=>{let d=e[n];if(!d)return i;if(d.type==="string[]"||d.type==="number[]")return{...i,[n]:F.array(d.type==="string[]"?F.string():F.number())};let s=F[d.type]();return d?.required===!1&&(s=s.optional()),d?.returned===!1?i:{...i,[n]:s}},{})})}export{S as convertFromDB,q as convertToDB,We as createFieldAttribute,Ee as createInternalAdapter,Re as getAdapter,g as getAuthTables,xe as getMigrations,j as getSchema,L as getWithHooks,ee as matchType,Ze as toZodSchema};
+`)}return{toBeCreated:s,toBeAdded:c,runMigrations:a,compileMigrations:o}}export{S as convertFromDB,q as convertToDB,Oe as createFieldAttribute,Ie as createInternalAdapter,pe as getAdapter,g as getAuthTables,Pe as getMigrations,j as getSchema,C as getWithHooks,G as matchType,Se as toZodSchema};

package/dist/{index-BN_LDD1g.d.ts → index-pILRgibH.d.ts} RENAMED Viewed

@@ -5,7 +5,7 @@ import { P as Prettify } from './helper-DPDj8Nix.js';
 import { A as AccessControl, R as Role, S as StatementsPrimitive, g as defaultRoles } from './statement-CfnyN34h.js';
 import * as _better_fetch_fetch from '@better-fetch/fetch';
 import { BetterFetch, BetterFetchOption } from '@better-fetch/fetch';
-import { H as HookEndpointContext, p as AuthContext } from './auth-BqAt6mrY.js';
+import { H as HookEndpointContext, p as AuthContext } from './auth-C6fr77co.js';
 import * as nanostores from 'nanostores';
 import { atom } from 'nanostores';
 import * as _simplewebauthn_types from '@simplewebauthn/types';

package/dist/index.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-export { A as Adapter, j as AdditionalSessionFieldsInput, k as AdditionalSessionFieldsOutput, h as AdditionalUserFieldsInput, i as AdditionalUserFieldsOutput, a as Auth, p as AuthContext, s as BetterAuthCookies, B as BetterAuthOptions, b as BetterAuthPlugin, E as EligibleCookies, G as GenericEndpointContext, H as HookEndpointContext, m as InferPluginTypes, l as InferSession, I as InferUser, P as PluginSchema, R as RateLimit, S as SecondaryStorage, W as Where, g as betterAuth, r as createCookieGetter, w as createLogger, u as deleteSessionCookie, q as getCookies, n as init, x as logger, v as parseSetCookieHeader, t as setSessionCookie } from './auth-BqAt6mrY.js';
+export { A as Adapter, j as AdditionalSessionFieldsInput, k as AdditionalSessionFieldsOutput, h as AdditionalUserFieldsInput, i as AdditionalUserFieldsOutput, a as Auth, p as AuthContext, s as BetterAuthCookies, B as BetterAuthOptions, b as BetterAuthPlugin, E as EligibleCookies, G as GenericEndpointContext, H as HookEndpointContext, m as InferPluginTypes, l as InferSession, I as InferUser, P as PluginSchema, R as RateLimit, S as SecondaryStorage, W as Where, g as betterAuth, r as createCookieGetter, w as createLogger, u as deleteSessionCookie, q as getCookies, n as init, x as logger, v as parseSetCookieHeader, t as setSessionCookie } from './auth-C6fr77co.js';
 export { D as DeepPartial, H as HasRequiredKeys, L as LiteralString, a as LiteralUnion, P as Prettify, R as RequiredKeysOf, S as StripEmptyObjects, U as UnionToIntersection, W as WithoutEmpty } from './helper-DPDj8Nix.js';
 export { AtomListener, BetterAuthClientPlugin, ClientOptions, InferActions, InferAdditionalFromClient, InferClientAPI, InferPluginsFromClient, InferSessionFromClient, InferUserFromClient, IsSignal } from './types.js';
 export { H as HIDE_METADATA } from './hide-metadata-DEHJp1rk.js';

package/dist/index.js CHANGED Viewed

@@ -1,6 +1,6 @@
-import{APIError as pr,createRouter as fr}from"better-call";import{APIError as oe}from"better-call";import{z as Re}from"zod";import{xchacha20poly1305 as Er}from"@noble/ciphers/chacha";import{bytesToHex as Or,hexToBytes as Ir,utf8ToBytes as Sr}from"@noble/ciphers/utils";import{managedNonce as _r}from"@noble/ciphers/webcrypto";import{sha256 as Br}from"oslo/crypto";function G(e,t){let r=new Uint8Array(e),o=new Uint8Array(t);if(r.length!==o.length)return!1;let n=0;for(let i=0;i<r.length;i++)n|=r[i]^o[i];return n===0}import{decodeHex as Pt,encodeHex as ge}from"oslo/encoding";import{scryptAsync as Ot}from"@noble/hashes/scrypt";var V={N:16384,r:16,p:1,dkLen:64};async function he(e,t){return await Ot(e.normalize("NFKC"),t,{N:V.N,p:V.p,r:V.r,dkLen:V.dkLen,maxmem:128*V.N*V.r*2})}var ye=async e=>{let t=ge(crypto.getRandomValues(new Uint8Array(16))),r=await he(e,t);return`${t}:${ge(r)}`},we=async(e,t)=>{let[r,o]=e.split(":"),n=await he(t,r);return G(n,Pt(o))};function It(e){return e.toString(2).padStart(8,"0")}function St(e){return[...e].map(t=>It(t)).join("")}function be(e){return parseInt(St(e),2)}function Lt(e){if(e<0||!Number.isInteger(e))throw new Error("Argument 'max' must be an integer greater than or equal to 0");let t=(e-1).toString(2).length,r=t%8,o=new Uint8Array(Math.ceil(t/8));crypto.getRandomValues(o),r!==0&&(o[0]&=(1<<r)-1);let n=be(o);for(;n>=e;)crypto.getRandomValues(o),r!==0&&(o[0]&=(1<<r)-1),n=be(o);return n}function Z(e,t){let r="";for(let o=0;o<e;o++)r+=t[Lt(t.length)];return r}function W(...e){let t=new Set(e),r="";for(let o of t)o==="a-z"?r+="abcdefghijklmnopqrstuvwxyz":o==="A-Z"?r+="ABCDEFGHIJKLMNOPQRSTUVWXYZ":o==="0-9"?r+="0123456789":r+=o;return r}async function Q(e,t){let r=new TextEncoder,o={name:"HMAC",hash:"SHA-256"},n=await crypto.subtle.importKey("raw",r.encode(e),o,!1,["sign","verify"]),i=await crypto.subtle.sign(o.name,n,r.encode(t));return btoa(String.fromCharCode(...new Uint8Array(i)))}import{createEndpointCreator as _t,createMiddleware as Ae,createMiddlewareCreator as Ct}from"better-call";var ke=Ae(async()=>({})),$=Ct({use:[ke,Ae(async()=>({}))]}),h=_t({use:[ke]});var xe=$({body:Re.object({csrfToken:Re.string().optional()}).optional()},async e=>{if(e.request?.method!=="POST"||e.context.options.advanced?.disableCSRFCheck)return;let t=new URL(e.request.url);if(e.context.trustedOrigins.includes(t.origin))return;let r=e.body?.csrfToken;if(!r)throw new oe("UNAUTHORIZED",{message:"CSRF Token is required"});let o=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret),[n,i]=o?.split("!")||[null,null];if(!r||!o||!n||!i||n!==r)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new oe("UNAUTHORIZED",{message:"Invalid CSRF Token"});let a=await Q(e.context.secret,n);if(i!==a)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new oe("UNAUTHORIZED",{message:"Invalid CSRF Token"})});import{APIError as I}from"better-call";import{generateCodeVerifier as er}from"oslo/oauth2";import{z as v}from"zod";import{generateState as Bt}from"oslo/oauth2";import{z as J}from"zod";import{sha256 as Te}from"oslo/crypto";async function Ue(e){let t=await Te(typeof e=="string"?new TextEncoder().encode(e):e);return Buffer.from(t).toString("base64")}async function ve(e,t){let r=await Te(typeof e=="string"?new TextEncoder().encode(e):e),o=Buffer.from(t,"base64");return G(r,o)}import"better-call";async function Ee(e){let t=Bt(),r=JSON.stringify({code:t,callbackURL:e}),o=await Ue(r);return{raw:r,hash:o}}function ne(e){return J.object({code:J.string(),callbackURL:J.string().optional(),currentURL:J.string().optional()}).safeParse(JSON.parse(e))}import{TimeSpan as Dt}from"oslo";var k=class extends Error{constructor(t,r){super(t),this.name="BetterAuthError",this.message=t,this.cause=r,this.stack=""}},Pe=class extends k{constructor(t){super(`The package "${t}" is required. Make sure it is installed.`,t)}};function Oe(e){let r=(e.advanced?.useSecureCookies!==void 0?e.advanced?.useSecureCookies:(e.baseURL?e.baseURL.startsWith("https://"):!1)||process.env.NODE_ENV==="production")?"__Secure-":"",o="better-auth",n=e.session?.expiresIn||new Dt(7,"d").seconds(),i=!!e.advanced?.crossSubDomainCookies?.enabled,a=i?e.advanced?.crossSubDomainCookies?.domain||(e.baseURL?new URL(e.baseURL).hostname:void 0):void 0;if(i&&!a)throw new k("baseURL is required when crossSubdomainCookies are enabled");let c=i?"none":"lax";return{sessionToken:{name:`${r}${o}.session_token`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:n,...i?{domain:a}:{}}},csrfToken:{name:`${r}${o}.csrf_token`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*60*24*7,...i?{domain:a}:{}}},state:{name:`${r}${o}.state`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*15,...i?{domain:a}:{}}},pkCodeVerifier:{name:`${r}${o}.pk_code_verifier`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*15,...i?{domain:a}:{}}},dontRememberToken:{name:`${r}${o}.dont_remember`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,...i?{domain:a}:{}}},nonce:{name:`${r}${o}.nonce`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*15,...i?{domain:a}:{}}}}}function Ie(e){let r=(e.advanced?.useSecureCookies!==void 0?e.advanced?.useSecureCookies:e.baseURL?.startsWith("https://")||process.env.NODE_ENV==="production")?"__Secure-":"",o="better-auth",n=e.advanced?.crossSubDomainCookies?.domain||(e.baseURL?new URL(e.baseURL).hostname:void 0);function i(a,c){let s=e.advanced?.crossSubDomainCookies?.enabled?e.advanced.crossSubDomainCookies.additionalCookies?.includes(a):void 0;return{name:process.env.NODE_ENV==="production"?`${r}${o}.${a}`:`${o}.${a}`,options:{secure:!!r,sameSite:"lax",path:"/",maxAge:60*15,...c,...s?{domain:n}:{}}}}return i}async function P(e,t,r,o){let n=e.context.authCookies.sessionToken.options;n.maxAge=r?void 0:e.context.sessionConfig.expiresIn,await e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,{...n,...o}),r&&await e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options)}function z(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}function ao(e){let t=new Map;return e.split(", ").forEach(o=>{let[n,...i]=o.split("; "),[a,c]=n.split("="),s={value:c};i.forEach(d=>{let[l,p]=d.split("=");s[l.toLowerCase()]=p||!0}),t.set(a,s)}),t}import{APIError as Se}from"better-call";import{createConsola as Nt}from"consola";var D=Nt({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),ie=e=>({log:(...t)=>{!e?.disabled&&D.log("",...t)},error:(...t)=>{!e?.disabled&&D.error("",...t)},warn:(...t)=>{!e?.disabled&&D.warn("",...t)},info:(...t)=>{!e?.disabled&&D.info("",...t)},debug:(...t)=>{!e?.disabled&&D.debug("",...t)},box:(...t)=>{!e?.disabled&&D.box("",...t)},success:(...t)=>{!e?.disabled&&D.success("",...t)},break:(...t)=>{!e?.disabled&&console.log(`
-`)}}),w=ie();var T=$(async e=>{let t=e.body?.callbackURL||e.query?.callbackURL||e.query?.redirectTo||e.body?.redirectTo,r=e.headers?.get("referer"),o=e.query?.currentURL||r||e.context.baseURL,n=e.context.trustedOrigins;if(t?.includes("http")){let i=new URL(t).origin;if(!n.includes(i))throw w.error("Invalid callback URL",{callbackURL:t,trustedOrigins:n}),new Se("FORBIDDEN",{message:"Invalid callback URL"})}if(o!==e.context.baseURL){let i=new URL(o).origin;if(!n.includes(i))throw w.error("Invalid current URL",{currentURL:o,trustedOrigins:n}),new Se("FORBIDDEN",{message:"Invalid callback URL"})}});import{parseJWT as jt}from"oslo/jwt";import{sha256 as qt}from"oslo/crypto";function Ft(e){try{return new URL(e).pathname!=="/"}catch{throw new k(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function se(e,t="/api/auth"){return Ft(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function M(e,t){if(e)return se(e,t);let r=typeof process<"u"?process.env:{},o=r.BETTER_AUTH_URL||r.NEXT_PUBLIC_BETTER_AUTH_URL||r.PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_AUTH_URL||(r.BASE_URL!=="/"?r.BASE_URL:void 0);if(o)return se(o,t);if(typeof window<"u")return se(window.location.origin,t)}import{base64url as Vt}from"oslo/encoding";async function Le(e){let t=await qt(new TextEncoder().encode(e));return Vt.encode(new Uint8Array(t),{includePadding:!1})}function _e(e){return{tokenType:e.token_type,accessToken:e.access_token,refreshToken:e.refresh_token,accessTokenExpiresAt:e.expires_at?new Date((Date.now()+e.expires_in)*1e3):void 0,scopes:e?.scope?typeof e.scope=="string"?e.scope.split(" "):e.scope:[],idToken:e.id_token}}async function x({id:e,options:t,authorizationEndpoint:r,state:o,codeVerifier:n,scopes:i,claims:a,disablePkce:c,redirectURI:s}){let d=new URL(r);if(d.searchParams.set("response_type","code"),d.searchParams.set("client_id",t.clientId),d.searchParams.set("state",o),d.searchParams.set("scope",i.join(" ")),d.searchParams.set("redirect_uri",t.redirectURI||s),!c&&n){let l=await Le(n);d.searchParams.set("code_challenge_method","S256"),d.searchParams.set("code_challenge",l)}if(a){let l=a.reduce((p,u)=>(p[u]=null,p),{});d.searchParams.set("claims",JSON.stringify({id_token:{email:null,email_verified:null,...l}}))}return d}import{betterFetch as $t}from"@better-fetch/fetch";async function A({code:e,codeVerifier:t,redirectURI:r,options:o,tokenEndpoint:n}){let i=new URLSearchParams;i.set("grant_type","authorization_code"),i.set("code",e),t&&i.set("code_verifier",t),i.set("redirect_uri",r),i.set("client_id",o.clientId),i.set("client_secret",o.clientSecret);let{data:a,error:c}=await $t(n,{method:"POST",body:i,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(c)throw c;return _e(a)}function ae(e){let t=e.accessToken,r=e.refreshToken,o;try{o=e.accessTokenExpiresAt}catch{}return{accessToken:t,refreshToken:r,expiresAt:o}}var Ce=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:r,scopes:o,redirectURI:n}){let i=e.scope||o||["email","name","openid"];return new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${n||e.redirectURI}&scope=${i.join(" ")}&state=${r}`)},validateAuthorizationCode:async({code:r,codeVerifier:o,redirectURI:n})=>A({code:r,codeVerifier:o,redirectURI:e.redirectURI||n,options:e,tokenEndpoint:t}),async getUserInfo(r){if(!r.idToken)return null;let o=jt(r.idToken)?.payload;return o?{user:{id:o.sub,name:o.name,email:o.email,emailVerified:o.email_verified==="true"},data:o}:null}}};import{betterFetch as zt}from"@better-fetch/fetch";var Be=e=>({id:"discord",name:"Discord",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let n=e.scope||r||["identify","email"];return new URL(`https://discord.com/api/oauth2/authorize?scope=${n.join("+")}&response_type=code&client_id=${e.clientId}&redirect_uri=${encodeURIComponent(e.redirectURI||o)}&state=${t}`)},validateAuthorizationCode:async({code:t,redirectURI:r})=>A({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await zt("https://discord.com/api/users/@me",{headers:{authorization:`Bearer ${t.accessToken}`}});if(o)return null;if(r.avatar===null){let n=r.discriminator==="0"?Number(BigInt(r.id)>>BigInt(22))%6:parseInt(r.discriminator)%5;r.image_url=`https://cdn.discordapp.com/embed/avatars/${n}.png`}else{let n=r.avatar.startsWith("a_")?"gif":"png";r.image_url=`https://cdn.discordapp.com/avatars/${r.id}/${r.avatar}.${n}`}return{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified,image:r.image_url},data:r}}});import{betterFetch as Mt}from"@better-fetch/fetch";var De=e=>({id:"facebook",name:"Facebook",async createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let n=e.scope||r||["email","public_profile"];return await x({id:"facebook",options:e,authorizationEndpoint:"https://www.facebook.com/v21.0/dialog/oauth",scopes:n,state:t,redirectURI:o})},validateAuthorizationCode:async({code:t,redirectURI:r})=>A({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://graph.facebook.com/oauth/access_token"}),async getUserInfo(t){let{data:r,error:o}=await Mt("https://graph.facebook.com/me?fields=id,name,email,picture",{auth:{type:"Bearer",token:t.accessToken}});return o?null:{user:{id:r.id,name:r.name,email:r.email,emailVerified:r.email_verified},data:r}}});import{betterFetch as Ne}from"@better-fetch/fetch";var Fe=e=>{let t="https://github.com/login/oauth/access_token";return{id:"github",name:"Github",createAuthorizationURL({state:r,scopes:o,codeVerifier:n,redirectURI:i}){let a=e.scope||o||["user:email"];return x({id:"github",options:e,authorizationEndpoint:"https://github.com/login/oauth/authorize",scopes:a,state:r,redirectURI:i,codeVerifier:n})},validateAuthorizationCode:async({code:r,redirectURI:o})=>A({code:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:t}),async getUserInfo(r){let{data:o,error:n}=await Ne("https://api.github.com/user",{auth:{type:"Bearer",token:r.accessToken}});if(n)return null;let i=!1;if(!o.email){let{data:a,error:c}=await Ne("https://api.github.com/user/emails",{auth:{type:"Bearer",token:r.accessToken}});c||(o.email=(a.find(s=>s.primary)??a[0])?.email,i=a.find(s=>s.email===o.email)?.verified??!1)}return{user:{id:o.id.toString(),name:o.name||o.login,email:o.email,image:o.avatar_url,emailVerified:i},data:o}}}};import{parseJWT as Ht}from"oslo/jwt";var qe=e=>({id:"google",name:"Google",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:n}){if(!e.clientId||!e.clientSecret)throw w.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new k("CLIENT_ID_AND_SECRET_REQUIRED");if(!o)throw new k("codeVerifier is required for Google");let i=e.scope||r||["email","profile"];return x({id:"google",options:e,authorizationEndpoint:"https://accounts.google.com/o/oauth2/auth",scopes:i,state:t,codeVerifier:o,redirectURI:n})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>A({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"}),async getUserInfo(t){if(!t.idToken)return null;let r=Ht(t.idToken)?.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}}});import{betterFetch as Kt}from"@better-fetch/fetch";import{parseJWT as Gt}from"oslo/jwt";var Ve=e=>{let t=e.tenantId||"common",r=`https://login.microsoftonline.com/${t}/oauth2/v2.0/authorize`,o=`https://login.microsoftonline.com/${t}/oauth2/v2.0/token`;return{id:"microsoft",name:"Microsoft EntraID",createAuthorizationURL(n){let i=e.scope||n.scopes||["openid","profile","email","User.Read"];return x({id:"microsoft",options:e,authorizationEndpoint:r,state:n.state,codeVerifier:n.codeVerifier,scopes:i,redirectURI:n.redirectURI})},validateAuthorizationCode({code:n,codeVerifier:i,redirectURI:a}){return A({code:n,codeVerifier:i,redirectURI:e.redirectURI||a,options:e,tokenEndpoint:o})},async getUserInfo(n){if(!n.idToken)return null;let i=Gt(n.idToken)?.payload,a=e.profilePhotoSize||48;return await Kt(`https://graph.microsoft.com/v1.0/me/photos/${a}x${a}/$value`,{headers:{Authorization:`Bearer ${n.accessToken}`},async onResponse(c){if(!(e.disableProfilePhoto||!c.response.ok))try{let d=await c.response.clone().arrayBuffer(),l=Buffer.from(d).toString("base64");i.picture=`data:image/jpeg;base64, ${l}`}catch(s){w.error(s)}}}),{user:{id:i.sub,name:i.name,email:i.email,image:i.picture,emailVerified:!0},data:i}}}};import{betterFetch as Zt}from"@better-fetch/fetch";var $e=e=>({id:"spotify",name:"Spotify",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:n}){let i=e.scope||r||["user-read-email"];return x({id:"spotify",options:e,authorizationEndpoint:"https://accounts.spotify.com/authorize",scopes:i,state:t,codeVerifier:o,redirectURI:n})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>A({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"}),async getUserInfo(t){let{data:r,error:o}=await Zt("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o?null:{user:{id:r.id,name:r.display_name,email:r.email,image:r.images[0]?.url,emailVerified:!1},data:r}}});import"@better-fetch/fetch";function dn(e){return e.charAt(0).toUpperCase()+e.slice(1)}var C={isAction:!1};var U=e=>Z(e||21,W("a-z","0-9","A-Z"));import{parseJWT as Wt}from"oslo/jwt";var je=e=>({id:"twitch",name:"Twitch",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let n=e.scope||r||["user:read:email","openid"];return x({id:"twitch",redirectURI:o,options:e,authorizationEndpoint:"https://id.twitch.tv/oauth2/authorize",scopes:n,state:t,claims:e.claims||["email","email_verified","preferred_username","picture"]})},validateAuthorizationCode:async({code:t,redirectURI:r})=>A({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let r=t.idToken;if(!r)return w.error("No idToken found in token"),null;let o=Wt(r)?.payload;return{user:{id:o.sub,name:o.preferred_username,email:o.email,image:o.picture,emailVerified:!1},data:o}}});import{betterFetch as Qt}from"@better-fetch/fetch";var ze=e=>({id:"twitter",name:"Twitter",createAuthorizationURL(t){let r=e.scope||t.scopes||["account_info.read"];return x({id:"twitter",options:e,authorizationEndpoint:"https://twitter.com/i/oauth2/authorize",scopes:r,state:t.state,codeVerifier:t.codeVerifier,redirectURI:t.redirectURI})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>A({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await Qt("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}}});var de={apple:Ce,discord:Be,facebook:De,github:Fe,microsoft:Ve,google:qe,spotify:$e,twitch:je,twitter:ze},Me=Object.keys(de);import{TimeSpan as Jt}from"oslo";import{createJWT as Xt,validateJWT as Yt}from"oslo/jwt";import{z as O}from"zod";import{APIError as X}from"better-call";async function N(e,t){return await Xt("HS256",Buffer.from(e),{email:t.toLowerCase()},{expiresIn:new Jt(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})}var He=h("/send-verification-email",{method:"POST",query:O.object({currentURL:O.string().optional()}).optional(),body:O.object({email:O.string().email(),callbackURL:O.string().optional()}),use:[T]},async e=>{if(!e.context.options.emailVerification?.sendVerificationEmail)throw e.context.logger.error("Verification email isn't enabled. Pass `sendVerificationEmail` in `emailAndPassword` options to enable it."),new X("BAD_REQUEST",{message:"Verification email isn't enabled"});let{email:t}=e.body,r=await e.context.internalAdapter.findUserByEmail(t);if(!r)throw new X("BAD_REQUEST",{message:"User not found"});let o=await N(e.context.secret,t),n=`${e.context.baseURL}/verify-email?token=${o}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.emailVerification.sendVerificationEmail(r.user,n,o),e.json({status:!0})}),Ke=h("/verify-email",{method:"GET",query:O.object({token:O.string(),callbackURL:O.string().optional()})},async e=>{let{token:t}=e.query,r;try{r=await Yt("HS256",Buffer.from(e.context.secret),t)}catch(a){throw e.context.logger.error("Failed to verify email",a),new X("BAD_REQUEST",{message:"Invalid token"})}let n=O.object({email:O.string().email()}).parse(r.payload);if(!await e.context.internalAdapter.findUserByEmail(n.email))throw new X("BAD_REQUEST",{message:"User not found"});if(await e.context.internalAdapter.updateUserByEmail(n.email,{emailVerified:!0}),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({status:!0})});var Ge=h("/sign-in/social",{method:"POST",requireHeaders:!0,query:v.object({currentURL:v.string().optional()}).optional(),body:v.object({callbackURL:v.string().optional(),provider:v.enum(Me)}),use:[T]},async e=>{let t=e.context.socialProviders.find(s=>s.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider in your auth config",{provider:e.body.provider}),new I("NOT_FOUND",{message:"Provider not found"});let r=e.context.authCookies,o=e.query?.currentURL?new URL(e.query?.currentURL):null,n=e.body.callbackURL?.startsWith("http")?e.body.callbackURL:`${o?.origin}${e.body.callbackURL||""}`,i=await Ee(n||o?.origin||e.context.options.baseURL);await e.setSignedCookie(r.state.name,i.hash,e.context.secret,r.state.options);let a=er();await e.setSignedCookie(r.pkCodeVerifier.name,a,e.context.secret,r.pkCodeVerifier.options);let c=await t.createAuthorizationURL({state:i.raw,codeVerifier:a,redirectURI:`${e.context.baseURL}/callback/${t.id}`});return e.json({url:c.toString(),state:i,codeVerifier:a,redirect:!0})}),Ze=h("/sign-in/email",{method:"POST",body:v.object({email:v.string().email(),password:v.string(),callbackURL:v.string().optional(),dontRememberMe:v.boolean().default(!1).optional()}),use:[T]},async e=>{if(!e.context.options?.emailAndPassword?.enabled)throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new I("BAD_REQUEST",{message:"Email and password is not enabled"});let{email:t,password:r}=e.body;if(!v.string().email().safeParse(t).success)throw new I("BAD_REQUEST",{message:"Invalid email"});let n=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!n)throw await e.context.password.hash(r),e.context.logger.error("User not found",{email:t}),new I("UNAUTHORIZED",{message:"Invalid email or password"});if(e.context.options?.emailAndPassword?.requireEmailVerification&&!n.user.emailVerified){if(!e.context.options?.emailVerification?.sendVerificationEmail)throw w.error("Email verification is required but no email verification handler is provided"),new I("INTERNAL_SERVER_ERROR",{message:"Email is not verified."});let d=await N(e.context.secret,n.user.email),l=`${e.context.options.baseURL}/verify-email?token=${d}`;throw await e.context.options.emailVerification.sendVerificationEmail(n.user,l,d),e.context.logger.error("Email not verified",{email:t}),new I("FORBIDDEN",{message:"Email is not verified. Check your email for a verification link"})}let i=n.accounts.find(d=>d.providerId==="credential");if(!i)throw e.context.logger.error("Credential account not found",{email:t}),new I("UNAUTHORIZED",{message:"Invalid email or password"});let a=i?.password;if(!a)throw e.context.logger.error("Password not found",{email:t}),new I("UNAUTHORIZED",{message:"Unexpected error"});if(!await e.context.password.verify(a,r))throw e.context.logger.error("Invalid password"),new I("UNAUTHORIZED",{message:"Invalid email or password"});let s=await e.context.internalAdapter.createSession(n.user.id,e.headers,e.body.dontRememberMe);if(!s)throw e.context.logger.error("Failed to create session"),new I("UNAUTHORIZED",{message:"Failed to create session"});return await P(e,s.id,e.body.dontRememberMe),e.json({user:n.user,session:s,redirect:!!e.body.callbackURL,url:e.body.callbackURL})});import{APIError as rr}from"better-call";import{z as Y}from"zod";import{z as y}from"zod";var fi=y.object({id:y.string(),providerId:y.string(),accountId:y.string(),userId:y.string(),accessToken:y.string().nullable().optional(),refreshToken:y.string().nullable().optional(),idToken:y.string().nullable().optional(),expiresAt:y.date().nullable().optional(),password:y.string().optional().nullable()}),We=y.object({id:y.string(),email:y.string().transform(e=>e.toLowerCase()),emailVerified:y.boolean().default(!1),name:y.string(),image:y.string().optional(),createdAt:y.date().default(new Date),updatedAt:y.date().default(new Date)}),mi=y.object({id:y.string(),userId:y.string(),expiresAt:y.date(),ipAddress:y.string().optional(),userAgent:y.string().optional()}),gi=y.object({id:y.string(),value:y.string(),expiresAt:y.date(),identifier:y.string()});function tr(e,t){let r=t.fields,o={};for(let n in r){if(n in e){if(r[n].input===!1){if(r[n].defaultValue){o[n]=r[n].defaultValue;continue}continue}o[n]=e[n];continue}if(r[n].defaultValue){o[n]=r[n].defaultValue;continue}}return o}function Qe(e,t){let r={...e.user?.additionalFields};return tr(t||{},{fields:r})}var Je=h("/callback/:id",{method:"GET",query:Y.object({state:Y.string(),code:Y.string().optional(),error:Y.string().optional()}),metadata:C},async e=>{if(e.query.error||!e.query.code){let g=ne(e.query.state).data?.callbackURL||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${g}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(f=>f.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let r=ne(e.query.state);if(!r.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let{data:{callbackURL:o,currentURL:n}}=r,i=await e.getSignedCookie(e.context.authCookies.state.name,e.context.secret);if(!i)throw w.error("No stored state found"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!await ve(e.query.state,i))throw w.error("OAuth state mismatch"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let c=await e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),s;try{s=await t.validateAuthorizationCode({code:e.query.code,codeVerifier:c,redirectURI:`${e.context.baseURL}/callback/${t.id}`})}catch(f){throw e.context.logger.error(f),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`)}let d=await t.getUserInfo(s).then(f=>f?.user),l=U(),p=We.safeParse({...d,id:l});if(!d||p.success===!1)throw w.error("Unable to get user info",p.error),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!o)throw e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let u=await e.context.internalAdapter.findUserByEmail(d.email,{includeAccounts:!0}).catch(f=>{throw w.error(`Better auth was unable to query your database.
-Error: `,f),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)}),m=u?.user.id;if(u){let f=u.accounts.find(R=>R.providerId===t.id),g=e.context.options.account?.accountLinking?.trustedProviders,b=g?g.includes(t.id):!0;if(!f&&(!d.emailVerified||!b)){let R;try{R=new URL(n||o),R.searchParams.set("error","account_not_linked")}catch{throw e.redirect(`${e.context.baseURL}/error?error=account_not_linked`)}throw e.redirect(R.toString())}if(!f)try{await e.context.internalAdapter.linkAccount({providerId:t.id,accountId:d.id.toString(),id:`${t.id}:${d.id}`,userId:u.user.id,...ae(s)})}catch(R){throw console.log(R),e.redirect(`${e.context.baseURL}/error?error=failed_linking_account`)}}else try{let f=d.emailVerified,g=await e.context.internalAdapter.createOAuthUser({...p.data,emailVerified:f},{...ae(s),id:`${t.id}:${d.id}`,providerId:t.id,accountId:d.id.toString(),userId:l});if(!f&&g&&e.context.options.emailVerification?.sendOnSignUp){let b=await N(e.context.secret,d.email),R=`${e.context.baseURL}/verify-email?token=${b}&callbackURL=${o}`;await e.context.options.emailVerification?.sendVerificationEmail?.(g.user,R,b)}}catch{let g=new URL(n||o);throw g.searchParams.set("error","unable_to_create_user"),e.redirect(g.toString())}if(!m&&!l)throw new rr("INTERNAL_SERVER_ERROR",{message:"Unable to create user"});try{let f=await e.context.internalAdapter.createSession(m||l,e.request);if(!f){let g=new URL(n||o);throw g.searchParams.set("error","unable_to_create_session"),e.redirect(g.toString())}try{await P(e,f.id)}catch(g){e.context.logger.error("Unable to set session cookie",g);let b=new URL(n||o);throw b.searchParams.set("error","unable_to_create_session"),e.redirect(b.toString())}}catch{let f=new URL(n||o||"");throw f.searchParams.set("error","unable_to_create_session"),e.redirect(f.toString())}throw e.redirect(o)});import{APIError as H}from"better-call";var F=(e,t="ms")=>new Date(Date.now()+(t==="sec"?e*1e3:e));import{z as Xe}from"zod";var ce=()=>h("/session",{method:"GET",requireHeaders:!0},async e=>{try{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let r=await e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return z(e),r&&await e.context.internalAdapter.deleteSession(r.session.id),e.json(null,{status:401});if(await e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let n=e.context.sessionConfig.expiresIn,i=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-n*1e3+i*1e3<=Date.now()){let s=await e.context.internalAdapter.updateSession(r.session.id,{expiresAt:F(e.context.sessionConfig.expiresIn,"sec")});if(!s)return z(e),e.json(null,{status:401});let d=(s.expiresAt.valueOf()-Date.now())/1e3;return await P(e,s.id,!1,{maxAge:d}),e.json({session:s,user:r.user})}return e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}}),or=async e=>await ce()({...e,_flag:"json",headers:e.headers}),B=$(async e=>{let t=await or(e);if(!t?.session)throw new H("UNAUTHORIZED");return{session:t}}),Ye=()=>h("/user/list-sessions",{method:"GET",use:[B],requireHeaders:!0},async e=>{let r=(await e.context.internalAdapter.listSessions(e.context.session.user.id)).filter(o=>o.expiresAt>new Date);return e.json(r)}),et=h("/user/revoke-session",{method:"POST",body:Xe.object({id:Xe.string()}),use:[B],requireHeaders:!0},async e=>{let t=e.body.id,r=await e.context.internalAdapter.findSession(t);if(!r)throw new H("BAD_REQUEST",{message:"Session not found"});if(r.session.userId!==e.context.session.user.id)throw new H("UNAUTHORIZED");try{await e.context.internalAdapter.deleteSession(t)}catch(o){throw e.context.logger.error(o),new H("INTERNAL_SERVER_ERROR")}return e.json({status:!0})}),tt=h("/user/revoke-sessions",{method:"POST",use:[B],requireHeaders:!0},async e=>{try{await e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){throw e.context.logger.error(t),new H("INTERNAL_SERVER_ERROR")}return e.json({status:!0})});import"zod";import{APIError as nr}from"better-call";var rt=h("/sign-out",{method:"POST"},async e=>{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)throw new nr("BAD_REQUEST",{message:"Session not found"});return await e.context.internalAdapter.deleteSession(t),z(e),e.json({success:!0})});import{z as L}from"zod";import{APIError as ee}from"better-call";var ot=h("/forget-password",{method:"POST",body:L.object({email:L.string().email(),redirectTo:L.string()}),use:[T]},async e=>{if(!e.context.options.emailAndPassword?.sendResetPassword)throw e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function in your auth config!"),new ee("BAD_REQUEST",{message:"Reset password isn't enabled"});let{email:t,redirectTo:r}=e.body,o=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!o)return e.context.logger.error("Reset Password: User not found",{email:t}),e.json({status:!1},{body:{status:!0}});let n=60*60*1,i=new Date(Date.now()+1e3*(e.context.options.emailAndPassword.resetPasswordTokenExpiresIn||n)),a=e.context.uuid();await e.context.internalAdapter.createVerificationValue({value:o.user.id,identifier:`reset-password:${a}`,expiresAt:i});let c=`${e.context.baseURL}/reset-password/${a}?callbackURL=${r}`;return await e.context.options.emailAndPassword.sendResetPassword(o.user,c),e.json({status:!0})}),nt=h("/reset-password/:token",{method:"GET",query:L.object({callbackURL:L.string()}),use:[T]},async e=>{let{token:t}=e.params,r=e.query.callbackURL,o=r.startsWith("http")?r:`${e.context.options.baseURL}${r}`;if(!t||!r)throw e.redirect(`${e.context.baseURL}/error?error=INVALID_TOKEN`);let n=await e.context.internalAdapter.findVerificationValue(`reset-password:${t}`);throw!n||n.expiresAt<new Date?e.redirect(`${o}?error=INVALID_TOKEN`):e.redirect(`${o}?token=${t}`)}),it=h("/reset-password",{query:L.object({token:L.string()}).optional(),method:"POST",body:L.object({newPassword:L.string()})},async e=>{let t=e.query?.token;if(!t)throw new ee("BAD_REQUEST",{message:"Token not found"});let{newPassword:r}=e.body,o=`reset-password:${t}`,n=await e.context.internalAdapter.findVerificationValue(o);if(!n||n.expiresAt<new Date)throw new ee("BAD_REQUEST",{message:"Invalid token"});await e.context.internalAdapter.deleteVerificationValue(n.id);let i=n.value,a=await e.context.password.hash(r);if(!(await e.context.internalAdapter.findAccounts(i)).find(l=>l.providerId==="credential"))return await e.context.internalAdapter.createAccount({userId:i,providerId:"credential",password:a,accountId:e.context.uuid()}),e.json({status:!0});if(!await e.context.internalAdapter.updatePassword(i,a))throw new ee("BAD_REQUEST",{message:"Failed to update password"});return e.json({status:!0})});import{z as E}from"zod";import{APIError as S}from"better-call";var st=h("/user/update",{method:"POST",body:E.object({name:E.string().optional(),image:E.string().optional()}),use:[B,T]},async e=>{let{name:t,image:r}=e.body,o=e.context.session;if(!r&&!t)return e.json({user:o.user});let n=await e.context.internalAdapter.updateUserByEmail(o.user.email,{name:t,image:r});return e.json({user:n})}),at=h("/user/change-password",{method:"POST",body:E.object({newPassword:E.string(),currentPassword:E.string(),revokeOtherSessions:E.boolean().optional()}),use:[B]},async e=>{let{newPassword:t,currentPassword:r,revokeOtherSessions:o}=e.body,n=e.context.session,i=e.context.password.config.minPasswordLength;if(t.length<i)throw e.context.logger.error("Password is too short"),new S("BAD_REQUEST",{message:"Password is too short"});let a=e.context.password.config.maxPasswordLength;if(t.length>a)throw e.context.logger.error("Password is too long"),new S("BAD_REQUEST",{message:"Password too long"});let s=(await e.context.internalAdapter.findAccounts(n.user.id)).find(p=>p.providerId==="credential"&&p.password);if(!s||!s.password)throw new S("BAD_REQUEST",{message:"User does not have a password"});let d=await e.context.password.hash(t);if(!await e.context.password.verify(s.password,r))throw new S("BAD_REQUEST",{message:"Incorrect password"});if(await e.context.internalAdapter.updateAccount(s.id,{password:d}),o){await e.context.internalAdapter.deleteSessions(n.user.id);let p=await e.context.internalAdapter.createSession(n.user.id,e.headers);if(!p)throw new S("INTERNAL_SERVER_ERROR",{message:"Unable to create session"});await P(e,p.id)}return e.json(n.user)}),dt=h("/user/set-password",{method:"POST",body:E.object({newPassword:E.string()}),use:[B]},async e=>{let{newPassword:t}=e.body,r=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)throw e.context.logger.error("Password is too short"),new S("BAD_REQUEST",{message:"Password is too short"});let n=e.context.password.config.maxPasswordLength;if(t.length>n)throw e.context.logger.error("Password is too long"),new S("BAD_REQUEST",{message:"Password too long"});let a=(await e.context.internalAdapter.findAccounts(r.user.id)).find(s=>s.providerId==="credential"&&s.password),c=await e.context.password.hash(t);if(!a)return await e.context.internalAdapter.linkAccount({userId:r.user.id,providerId:"credential",accountId:r.user.id,password:c}),e.json(r.user);throw new S("BAD_REQUEST",{message:"user already has a password"})}),ct=h("/user/delete",{method:"POST",body:E.object({password:E.string()}),use:[B]},async e=>{let{password:t}=e.body,r=e.context.session,n=(await e.context.internalAdapter.findAccounts(r.user.id)).find(a=>a.providerId==="credential"&&a.password);if(!n||!n.password)throw new S("BAD_REQUEST",{message:"User does not have a password"});if(!await e.context.password.verify(n.password,t))throw new S("BAD_REQUEST",{message:"Incorrect password"});return await e.context.internalAdapter.deleteUser(r.user.id),await e.context.internalAdapter.deleteSessions(r.user.id),e.json(null)});var lt=h("/csrf",{method:"GET",metadata:C},async e=>{let t=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t){let[i,a]=t.split("!")||[null,null];return e.json({csrfToken:i})}let r=Z(32,W("a-z","0-9","A-Z")),o=await Q(e.context.secret,r),n=`${r}!${o}`;return await e.setSignedCookie(e.context.authCookies.csrfToken.name,n,e.context.secret,e.context.authCookies.csrfToken.options),e.json({csrfToken:r})});var ir=(e="Unknown")=>`<!DOCTYPE html>
+import{APIError as fr,createRouter as mr}from"better-call";import{APIError as te}from"better-call";import{z as ke}from"zod";import{xchacha20poly1305 as Ir}from"@noble/ciphers/chacha";import{bytesToHex as Or,hexToBytes as Sr,utf8ToBytes as Lr}from"@noble/ciphers/utils";import{managedNonce as Cr}from"@noble/ciphers/webcrypto";import{sha256 as Dr}from"oslo/crypto";function G(e,t){let r=new Uint8Array(e),o=new Uint8Array(t);if(r.length!==o.length)return!1;let n=0;for(let i=0;i<r.length;i++)n|=r[i]^o[i];return n===0}import{decodeHex as It,encodeHex as fe}from"oslo/encoding";import{scryptAsync as Pt}from"@noble/hashes/scrypt";var V={N:16384,r:16,p:1,dkLen:64};async function me(e,t){return await Pt(e.normalize("NFKC"),t,{N:V.N,p:V.p,r:V.r,dkLen:V.dkLen,maxmem:128*V.N*V.r*2})}var ge=async e=>{let t=fe(crypto.getRandomValues(new Uint8Array(16))),r=await me(e,t);return`${t}:${fe(r)}`},he=async(e,t)=>{let[r,o]=e.split(":"),n=await me(t,r);return G(n,It(o))};function Ot(e){return e.toString(2).padStart(8,"0")}function St(e){return[...e].map(t=>Ot(t)).join("")}function ye(e){return parseInt(St(e),2)}function Lt(e){if(e<0||!Number.isInteger(e))throw new Error("Argument 'max' must be an integer greater than or equal to 0");let t=(e-1).toString(2).length,r=t%8,o=new Uint8Array(Math.ceil(t/8));crypto.getRandomValues(o),r!==0&&(o[0]&=(1<<r)-1);let n=ye(o);for(;n>=e;)crypto.getRandomValues(o),r!==0&&(o[0]&=(1<<r)-1),n=ye(o);return n}function we(e,t){let r="";for(let o=0;o<e;o++)r+=t[Lt(t.length)];return r}function be(...e){let t=new Set(e),r="";for(let o of t)o==="a-z"?r+="abcdefghijklmnopqrstuvwxyz":o==="A-Z"?r+="ABCDEFGHIJKLMNOPQRSTUVWXYZ":o==="0-9"?r+="0123456789":r+=o;return r}async function W(e,t){let r=new TextEncoder,o={name:"HMAC",hash:"SHA-256"},n=await crypto.subtle.importKey("raw",r.encode(e),o,!1,["sign","verify"]),i=await crypto.subtle.sign(o.name,n,r.encode(t));return btoa(String.fromCharCode(...new Uint8Array(i)))}import{createEndpointCreator as _t,createMiddleware as Ae,createMiddlewareCreator as Ct}from"better-call";var Re=Ae(async()=>({})),$=Ct({use:[Re,Ae(async()=>({}))]}),h=_t({use:[Re]});var xe=$({body:ke.object({csrfToken:ke.string().optional()}).optional()},async e=>{if(e.request?.method!=="POST"||e.context.options.advanced?.disableCSRFCheck)return;let t=new URL(e.request.url);if(e.context.trustedOrigins.includes(t.origin))return;let r=e.body?.csrfToken;if(!r)throw new te("UNAUTHORIZED",{message:"CSRF Token is required"});let o=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret),[n,i]=o?.split("!")||[null,null];if(!r||!o||!n||!i||n!==r)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new te("UNAUTHORIZED",{message:"Invalid CSRF Token"});let a=await W(e.context.secret,n);if(i!==a)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new te("UNAUTHORIZED",{message:"Invalid CSRF Token"})});import{APIError as O}from"better-call";import{generateCodeVerifier as tr}from"oslo/oauth2";import{z as v}from"zod";import{generateState as Bt}from"oslo/oauth2";import{z as Z}from"zod";import{sha256 as Te}from"oslo/crypto";async function Ue(e){let t=await Te(typeof e=="string"?new TextEncoder().encode(e):e);return Buffer.from(t).toString("base64")}async function ve(e,t){let r=await Te(typeof e=="string"?new TextEncoder().encode(e):e),o=Buffer.from(t,"base64");return G(r,o)}import"better-call";async function Ee(e){let t=Bt(),r=JSON.stringify({code:t,callbackURL:e}),o=await Ue(r);return{raw:r,hash:o}}function re(e){return Z.object({code:Z.string(),callbackURL:Z.string().optional(),currentURL:Z.string().optional()}).safeParse(JSON.parse(e))}import{TimeSpan as Dt}from"oslo";var R=class extends Error{constructor(t,r){super(t),this.name="BetterAuthError",this.message=t,this.cause=r,this.stack=""}},Ie=class extends R{constructor(t){super(`The package "${t}" is required. Make sure it is installed.`,t)}};function Pe(e){let r=(e.advanced?.useSecureCookies!==void 0?e.advanced?.useSecureCookies:(e.baseURL?e.baseURL.startsWith("https://"):!1)||process.env.NODE_ENV==="production")?"__Secure-":"",o="better-auth",n=e.session?.expiresIn||new Dt(7,"d").seconds(),i=!!e.advanced?.crossSubDomainCookies?.enabled,a=i?e.advanced?.crossSubDomainCookies?.domain||(e.baseURL?new URL(e.baseURL).hostname:void 0):void 0;if(i&&!a)throw new R("baseURL is required when crossSubdomainCookies are enabled");let c=i?"none":"lax";return{sessionToken:{name:`${r}${o}.session_token`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:n,...i?{domain:a}:{}}},csrfToken:{name:`${r}${o}.csrf_token`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*60*24*7,...i?{domain:a}:{}}},state:{name:`${r}${o}.state`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*15,...i?{domain:a}:{}}},pkCodeVerifier:{name:`${r}${o}.pk_code_verifier`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*15,...i?{domain:a}:{}}},dontRememberToken:{name:`${r}${o}.dont_remember`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,...i?{domain:a}:{}}},nonce:{name:`${r}${o}.nonce`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*15,...i?{domain:a}:{}}}}}function Oe(e){let r=(e.advanced?.useSecureCookies!==void 0?e.advanced?.useSecureCookies:e.baseURL?.startsWith("https://")||process.env.NODE_ENV==="production")?"__Secure-":"",o="better-auth",n=e.advanced?.crossSubDomainCookies?.domain||(e.baseURL?new URL(e.baseURL).hostname:void 0);function i(a,c){let s=e.advanced?.crossSubDomainCookies?.enabled?e.advanced.crossSubDomainCookies.additionalCookies?.includes(a):void 0;return{name:process.env.NODE_ENV==="production"?`${r}${o}.${a}`:`${o}.${a}`,options:{secure:!!r,sameSite:"lax",path:"/",maxAge:60*15,...c,...s?{domain:n}:{}}}}return i}async function I(e,t,r,o){let n=e.context.authCookies.sessionToken.options;n.maxAge=r?void 0:e.context.sessionConfig.expiresIn,await e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,{...n,...o}),r&&await e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options)}function z(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}function co(e){let t=new Map;return e.split(", ").forEach(o=>{let[n,...i]=o.split("; "),[a,c]=n.split("="),s={value:c};i.forEach(d=>{let[l,p]=d.split("=");s[l.toLowerCase()]=p||!0}),t.set(a,s)}),t}import{APIError as Se}from"better-call";import{createConsola as Nt}from"consola";var D=Nt({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),oe=e=>({log:(...t)=>{!e?.disabled&&D.log("",...t)},error:(...t)=>{!e?.disabled&&D.error("",...t)},warn:(...t)=>{!e?.disabled&&D.warn("",...t)},info:(...t)=>{!e?.disabled&&D.info("",...t)},debug:(...t)=>{!e?.disabled&&D.debug("",...t)},box:(...t)=>{!e?.disabled&&D.box("",...t)},success:(...t)=>{!e?.disabled&&D.success("",...t)},break:(...t)=>{!e?.disabled&&console.log(`
+`)}}),w=oe();var T=$(async e=>{let t=e.body?.callbackURL||e.query?.callbackURL||e.query?.redirectTo||e.body?.redirectTo,r=e.headers?.get("referer"),o=e.query?.currentURL||r||e.context.baseURL,n=e.context.trustedOrigins;if(t?.includes("http")){let i=new URL(t).origin;if(!n.includes(i))throw w.error("Invalid callback URL",{callbackURL:t,trustedOrigins:n}),new Se("FORBIDDEN",{message:"Invalid callback URL"})}if(o!==e.context.baseURL){let i=new URL(o).origin;if(!n.includes(i))throw w.error("Invalid current URL",{currentURL:o,trustedOrigins:n}),new Se("FORBIDDEN",{message:"Invalid callback URL"})}});import{parseJWT as jt}from"oslo/jwt";import{sha256 as qt}from"oslo/crypto";function Ft(e){try{return new URL(e).pathname!=="/"}catch{throw new R(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function ne(e,t="/api/auth"){return Ft(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function M(e,t){if(e)return ne(e,t);let r=typeof process<"u"?process.env:{},o=r.BETTER_AUTH_URL||r.NEXT_PUBLIC_BETTER_AUTH_URL||r.PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_AUTH_URL||(r.BASE_URL!=="/"?r.BASE_URL:void 0);if(o)return ne(o,t);if(typeof window<"u")return ne(window.location.origin,t)}import{base64url as Vt}from"oslo/encoding";async function Le(e){let t=await qt(new TextEncoder().encode(e));return Vt.encode(new Uint8Array(t),{includePadding:!1})}function _e(e){return{tokenType:e.token_type,accessToken:e.access_token,refreshToken:e.refresh_token,accessTokenExpiresAt:e.expires_at?new Date((Date.now()+e.expires_in)*1e3):void 0,scopes:e?.scope?typeof e.scope=="string"?e.scope.split(" "):e.scope:[],idToken:e.id_token}}async function x({id:e,options:t,authorizationEndpoint:r,state:o,codeVerifier:n,scopes:i,claims:a,disablePkce:c,redirectURI:s}){let d=new URL(r);if(d.searchParams.set("response_type","code"),d.searchParams.set("client_id",t.clientId),d.searchParams.set("state",o),d.searchParams.set("scope",i.join(" ")),d.searchParams.set("redirect_uri",t.redirectURI||s),!c&&n){let l=await Le(n);d.searchParams.set("code_challenge_method","S256"),d.searchParams.set("code_challenge",l)}if(a){let l=a.reduce((p,u)=>(p[u]=null,p),{});d.searchParams.set("claims",JSON.stringify({id_token:{email:null,email_verified:null,...l}}))}return d}import{betterFetch as $t}from"@better-fetch/fetch";async function A({code:e,codeVerifier:t,redirectURI:r,options:o,tokenEndpoint:n}){let i=new URLSearchParams;i.set("grant_type","authorization_code"),i.set("code",e),t&&i.set("code_verifier",t),i.set("redirect_uri",r),i.set("client_id",o.clientId),i.set("client_secret",o.clientSecret);let{data:a,error:c}=await $t(n,{method:"POST",body:i,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(c)throw c;return _e(a)}function ie(e){let t=e.accessToken,r=e.refreshToken,o;try{o=e.accessTokenExpiresAt}catch{}return{accessToken:t,refreshToken:r,expiresAt:o}}var Ce=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:r,scopes:o,redirectURI:n}){let i=e.scope||o||["email","name","openid"];return new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${n||e.redirectURI}&scope=${i.join(" ")}&state=${r}`)},validateAuthorizationCode:async({code:r,codeVerifier:o,redirectURI:n})=>A({code:r,codeVerifier:o,redirectURI:e.redirectURI||n,options:e,tokenEndpoint:t}),async getUserInfo(r){if(!r.idToken)return null;let o=jt(r.idToken)?.payload;return o?{user:{id:o.sub,name:o.name,email:o.email,emailVerified:o.email_verified==="true"},data:o}:null}}};import{betterFetch as zt}from"@better-fetch/fetch";var Be=e=>({id:"discord",name:"Discord",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let n=e.scope||r||["identify","email"];return new URL(`https://discord.com/api/oauth2/authorize?scope=${n.join("+")}&response_type=code&client_id=${e.clientId}&redirect_uri=${encodeURIComponent(e.redirectURI||o)}&state=${t}`)},validateAuthorizationCode:async({code:t,redirectURI:r})=>A({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await zt("https://discord.com/api/users/@me",{headers:{authorization:`Bearer ${t.accessToken}`}});if(o)return null;if(r.avatar===null){let n=r.discriminator==="0"?Number(BigInt(r.id)>>BigInt(22))%6:parseInt(r.discriminator)%5;r.image_url=`https://cdn.discordapp.com/embed/avatars/${n}.png`}else{let n=r.avatar.startsWith("a_")?"gif":"png";r.image_url=`https://cdn.discordapp.com/avatars/${r.id}/${r.avatar}.${n}`}return{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified,image:r.image_url},data:r}}});import{betterFetch as Mt}from"@better-fetch/fetch";var De=e=>({id:"facebook",name:"Facebook",async createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let n=e.scope||r||["email","public_profile"];return await x({id:"facebook",options:e,authorizationEndpoint:"https://www.facebook.com/v21.0/dialog/oauth",scopes:n,state:t,redirectURI:o})},validateAuthorizationCode:async({code:t,redirectURI:r})=>A({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://graph.facebook.com/oauth/access_token"}),async getUserInfo(t){let{data:r,error:o}=await Mt("https://graph.facebook.com/me?fields=id,name,email,picture",{auth:{type:"Bearer",token:t.accessToken}});return o?null:{user:{id:r.id,name:r.name,email:r.email,emailVerified:r.email_verified},data:r}}});import{betterFetch as Ne}from"@better-fetch/fetch";var Fe=e=>{let t="https://github.com/login/oauth/access_token";return{id:"github",name:"Github",createAuthorizationURL({state:r,scopes:o,codeVerifier:n,redirectURI:i}){let a=e.scope||o||["user:email"];return x({id:"github",options:e,authorizationEndpoint:"https://github.com/login/oauth/authorize",scopes:a,state:r,redirectURI:i,codeVerifier:n})},validateAuthorizationCode:async({code:r,redirectURI:o})=>A({code:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:t}),async getUserInfo(r){let{data:o,error:n}=await Ne("https://api.github.com/user",{auth:{type:"Bearer",token:r.accessToken}});if(n)return null;let i=!1;if(!o.email){let{data:a,error:c}=await Ne("https://api.github.com/user/emails",{auth:{type:"Bearer",token:r.accessToken}});c||(o.email=(a.find(s=>s.primary)??a[0])?.email,i=a.find(s=>s.email===o.email)?.verified??!1)}return{user:{id:o.id.toString(),name:o.name||o.login,email:o.email,image:o.avatar_url,emailVerified:i},data:o}}}};import{parseJWT as Ht}from"oslo/jwt";var qe=e=>({id:"google",name:"Google",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:n}){if(!e.clientId||!e.clientSecret)throw w.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new R("CLIENT_ID_AND_SECRET_REQUIRED");if(!o)throw new R("codeVerifier is required for Google");let i=e.scope||r||["email","profile"];return x({id:"google",options:e,authorizationEndpoint:"https://accounts.google.com/o/oauth2/auth",scopes:i,state:t,codeVerifier:o,redirectURI:n})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>A({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"}),async getUserInfo(t){if(!t.idToken)return null;let r=Ht(t.idToken)?.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}}});import{betterFetch as Kt}from"@better-fetch/fetch";import{parseJWT as Gt}from"oslo/jwt";var Ve=e=>{let t=e.tenantId||"common",r=`https://login.microsoftonline.com/${t}/oauth2/v2.0/authorize`,o=`https://login.microsoftonline.com/${t}/oauth2/v2.0/token`;return{id:"microsoft",name:"Microsoft EntraID",createAuthorizationURL(n){let i=e.scope||n.scopes||["openid","profile","email","User.Read"];return x({id:"microsoft",options:e,authorizationEndpoint:r,state:n.state,codeVerifier:n.codeVerifier,scopes:i,redirectURI:n.redirectURI})},validateAuthorizationCode({code:n,codeVerifier:i,redirectURI:a}){return A({code:n,codeVerifier:i,redirectURI:e.redirectURI||a,options:e,tokenEndpoint:o})},async getUserInfo(n){if(!n.idToken)return null;let i=Gt(n.idToken)?.payload,a=e.profilePhotoSize||48;return await Kt(`https://graph.microsoft.com/v1.0/me/photos/${a}x${a}/$value`,{headers:{Authorization:`Bearer ${n.accessToken}`},async onResponse(c){if(!(e.disableProfilePhoto||!c.response.ok))try{let d=await c.response.clone().arrayBuffer(),l=Buffer.from(d).toString("base64");i.picture=`data:image/jpeg;base64, ${l}`}catch(s){w.error(s)}}}),{user:{id:i.sub,name:i.name,email:i.email,image:i.picture,emailVerified:!0},data:i}}}};import{betterFetch as Wt}from"@better-fetch/fetch";var $e=e=>({id:"spotify",name:"Spotify",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:n}){let i=e.scope||r||["user-read-email"];return x({id:"spotify",options:e,authorizationEndpoint:"https://accounts.spotify.com/authorize",scopes:i,state:t,codeVerifier:o,redirectURI:n})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>A({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"}),async getUserInfo(t){let{data:r,error:o}=await Wt("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o?null:{user:{id:r.id,name:r.display_name,email:r.email,image:r.images[0]?.url,emailVerified:!1},data:r}}});import"@better-fetch/fetch";function cn(e){return e.charAt(0).toUpperCase()+e.slice(1)}var C={isAction:!1};import{nanoid as Zt}from"nanoid";var U=e=>Zt(e);import{parseJWT as Qt}from"oslo/jwt";var je=e=>({id:"twitch",name:"Twitch",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let n=e.scope||r||["user:read:email","openid"];return x({id:"twitch",redirectURI:o,options:e,authorizationEndpoint:"https://id.twitch.tv/oauth2/authorize",scopes:n,state:t,claims:e.claims||["email","email_verified","preferred_username","picture"]})},validateAuthorizationCode:async({code:t,redirectURI:r})=>A({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let r=t.idToken;if(!r)return w.error("No idToken found in token"),null;let o=Qt(r)?.payload;return{user:{id:o.sub,name:o.preferred_username,email:o.email,image:o.picture,emailVerified:!1},data:o}}});import{betterFetch as Jt}from"@better-fetch/fetch";var ze=e=>({id:"twitter",name:"Twitter",createAuthorizationURL(t){let r=e.scope||t.scopes||["account_info.read"];return x({id:"twitter",options:e,authorizationEndpoint:"https://twitter.com/i/oauth2/authorize",scopes:r,state:t.state,codeVerifier:t.codeVerifier,redirectURI:t.redirectURI})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>A({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await Jt("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}}});var se={apple:Ce,discord:Be,facebook:De,github:Fe,microsoft:Ve,google:qe,spotify:$e,twitch:je,twitter:ze},Me=Object.keys(se);import{TimeSpan as Xt}from"oslo";import{createJWT as Yt,validateJWT as er}from"oslo/jwt";import{z as P}from"zod";import{APIError as Q}from"better-call";async function N(e,t){return await Yt("HS256",Buffer.from(e),{email:t.toLowerCase()},{expiresIn:new Xt(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})}var He=h("/send-verification-email",{method:"POST",query:P.object({currentURL:P.string().optional()}).optional(),body:P.object({email:P.string().email(),callbackURL:P.string().optional()}),use:[T]},async e=>{if(!e.context.options.emailVerification?.sendVerificationEmail)throw e.context.logger.error("Verification email isn't enabled. Pass `sendVerificationEmail` in `emailAndPassword` options to enable it."),new Q("BAD_REQUEST",{message:"Verification email isn't enabled"});let{email:t}=e.body,r=await e.context.internalAdapter.findUserByEmail(t);if(!r)throw new Q("BAD_REQUEST",{message:"User not found"});let o=await N(e.context.secret,t),n=`${e.context.baseURL}/verify-email?token=${o}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.emailVerification.sendVerificationEmail(r.user,n,o),e.json({status:!0})}),Ke=h("/verify-email",{method:"GET",query:P.object({token:P.string(),callbackURL:P.string().optional()})},async e=>{let{token:t}=e.query,r;try{r=await er("HS256",Buffer.from(e.context.secret),t)}catch(a){throw e.context.logger.error("Failed to verify email",a),new Q("BAD_REQUEST",{message:"Invalid token"})}let n=P.object({email:P.string().email()}).parse(r.payload);if(!await e.context.internalAdapter.findUserByEmail(n.email))throw new Q("BAD_REQUEST",{message:"User not found"});if(await e.context.internalAdapter.updateUserByEmail(n.email,{emailVerified:!0}),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({status:!0})});var Ge=h("/sign-in/social",{method:"POST",requireHeaders:!0,query:v.object({currentURL:v.string().optional()}).optional(),body:v.object({callbackURL:v.string().optional(),provider:v.enum(Me)}),use:[T]},async e=>{let t=e.context.socialProviders.find(s=>s.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider in your auth config",{provider:e.body.provider}),new O("NOT_FOUND",{message:"Provider not found"});let r=e.context.authCookies,o=e.query?.currentURL?new URL(e.query?.currentURL):null,n=e.body.callbackURL?.startsWith("http")?e.body.callbackURL:`${o?.origin}${e.body.callbackURL||""}`,i=await Ee(n||o?.origin||e.context.options.baseURL);await e.setSignedCookie(r.state.name,i.hash,e.context.secret,r.state.options);let a=tr();await e.setSignedCookie(r.pkCodeVerifier.name,a,e.context.secret,r.pkCodeVerifier.options);let c=await t.createAuthorizationURL({state:i.raw,codeVerifier:a,redirectURI:`${e.context.baseURL}/callback/${t.id}`});return e.json({url:c.toString(),state:i,codeVerifier:a,redirect:!0})}),We=h("/sign-in/email",{method:"POST",body:v.object({email:v.string().email(),password:v.string(),callbackURL:v.string().optional(),dontRememberMe:v.boolean().default(!1).optional()}),use:[T]},async e=>{if(!e.context.options?.emailAndPassword?.enabled)throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new O("BAD_REQUEST",{message:"Email and password is not enabled"});let{email:t,password:r}=e.body;if(!v.string().email().safeParse(t).success)throw new O("BAD_REQUEST",{message:"Invalid email"});let n=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!n)throw await e.context.password.hash(r),e.context.logger.error("User not found",{email:t}),new O("UNAUTHORIZED",{message:"Invalid email or password"});if(e.context.options?.emailAndPassword?.requireEmailVerification&&!n.user.emailVerified){if(!e.context.options?.emailVerification?.sendVerificationEmail)throw w.error("Email verification is required but no email verification handler is provided"),new O("INTERNAL_SERVER_ERROR",{message:"Email is not verified."});let d=await N(e.context.secret,n.user.email),l=`${e.context.options.baseURL}/verify-email?token=${d}`;throw await e.context.options.emailVerification.sendVerificationEmail(n.user,l,d),e.context.logger.error("Email not verified",{email:t}),new O("FORBIDDEN",{message:"Email is not verified. Check your email for a verification link"})}let i=n.accounts.find(d=>d.providerId==="credential");if(!i)throw e.context.logger.error("Credential account not found",{email:t}),new O("UNAUTHORIZED",{message:"Invalid email or password"});let a=i?.password;if(!a)throw e.context.logger.error("Password not found",{email:t}),new O("UNAUTHORIZED",{message:"Unexpected error"});if(!await e.context.password.verify(a,r))throw e.context.logger.error("Invalid password"),new O("UNAUTHORIZED",{message:"Invalid email or password"});let s=await e.context.internalAdapter.createSession(n.user.id,e.headers,e.body.dontRememberMe);if(!s)throw e.context.logger.error("Failed to create session"),new O("UNAUTHORIZED",{message:"Failed to create session"});return await I(e,s.id,e.body.dontRememberMe),e.json({user:n.user,session:s,redirect:!!e.body.callbackURL,url:e.body.callbackURL})});import{APIError as or}from"better-call";import{z as J}from"zod";import{z as y}from"zod";var yi=y.object({id:y.string(),providerId:y.string(),accountId:y.string(),userId:y.string(),accessToken:y.string().nullable().optional(),refreshToken:y.string().nullable().optional(),idToken:y.string().nullable().optional(),expiresAt:y.date().nullable().optional(),password:y.string().optional().nullable()}),Ze=y.object({id:y.string(),email:y.string().transform(e=>e.toLowerCase()),emailVerified:y.boolean().default(!1),name:y.string(),image:y.string().optional(),createdAt:y.date().default(new Date),updatedAt:y.date().default(new Date)}),wi=y.object({id:y.string(),userId:y.string(),expiresAt:y.date(),ipAddress:y.string().optional(),userAgent:y.string().optional()}),bi=y.object({id:y.string(),value:y.string(),expiresAt:y.date(),identifier:y.string()});function rr(e,t){let r=t.fields,o={};for(let n in r){if(n in e){if(r[n].input===!1){if(r[n].defaultValue){o[n]=r[n].defaultValue;continue}continue}o[n]=e[n];continue}if(r[n].defaultValue){o[n]=r[n].defaultValue;continue}}return o}function Qe(e,t){let r={...e.user?.additionalFields};return rr(t||{},{fields:r})}var Je=h("/callback/:id",{method:"GET",query:J.object({state:J.string(),code:J.string().optional(),error:J.string().optional()}),metadata:C},async e=>{if(e.query.error||!e.query.code){let g=re(e.query.state).data?.callbackURL||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${g}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(f=>f.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let r=re(e.query.state);if(!r.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let{data:{callbackURL:o,currentURL:n}}=r,i=await e.getSignedCookie(e.context.authCookies.state.name,e.context.secret);if(!i)throw w.error("No stored state found"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!await ve(e.query.state,i))throw w.error("OAuth state mismatch"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let c=await e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),s;try{s=await t.validateAuthorizationCode({code:e.query.code,codeVerifier:c,redirectURI:`${e.context.baseURL}/callback/${t.id}`})}catch(f){throw e.context.logger.error(f),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`)}let d=await t.getUserInfo(s).then(f=>f?.user),l=U(),p=Ze.safeParse({...d,id:l});if(!d||p.success===!1)throw w.error("Unable to get user info",p.error),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!o)throw e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let u=await e.context.internalAdapter.findUserByEmail(d.email,{includeAccounts:!0}).catch(f=>{throw w.error(`Better auth was unable to query your database.
+Error: `,f),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)}),m=u?.user.id;if(u){let f=u.accounts.find(k=>k.providerId===t.id),g=e.context.options.account?.accountLinking?.trustedProviders,b=g?g.includes(t.id):!0;if(!f&&(!d.emailVerified||!b)){let k;try{k=new URL(n||o),k.searchParams.set("error","account_not_linked")}catch{throw e.redirect(`${e.context.baseURL}/error?error=account_not_linked`)}throw e.redirect(k.toString())}if(!f)try{await e.context.internalAdapter.linkAccount({providerId:t.id,accountId:d.id.toString(),id:`${t.id}:${d.id}`,userId:u.user.id,...ie(s)})}catch(k){throw console.log(k),e.redirect(`${e.context.baseURL}/error?error=failed_linking_account`)}}else try{let f=d.emailVerified,g=await e.context.internalAdapter.createOAuthUser({...p.data,emailVerified:f},{...ie(s),id:`${t.id}:${d.id}`,providerId:t.id,accountId:d.id.toString()});if(!f&&g&&e.context.options.emailVerification?.sendOnSignUp){let b=await N(e.context.secret,d.email),k=`${e.context.baseURL}/verify-email?token=${b}&callbackURL=${o}`;await e.context.options.emailVerification?.sendVerificationEmail?.(g.user,k,b)}}catch{let g=new URL(n||o);throw g.searchParams.set("error","unable_to_create_user"),e.redirect(g.toString())}if(!m&&!l)throw new or("INTERNAL_SERVER_ERROR",{message:"Unable to create user"});try{let f=await e.context.internalAdapter.createSession(m||l,e.request);if(!f){let g=new URL(n||o);throw g.searchParams.set("error","unable_to_create_session"),e.redirect(g.toString())}try{await I(e,f.id)}catch(g){e.context.logger.error("Unable to set session cookie",g);let b=new URL(n||o);throw b.searchParams.set("error","unable_to_create_session"),e.redirect(b.toString())}}catch{let f=new URL(n||o||"");throw f.searchParams.set("error","unable_to_create_session"),e.redirect(f.toString())}throw e.redirect(o)});import{APIError as H}from"better-call";var F=(e,t="ms")=>new Date(Date.now()+(t==="sec"?e*1e3:e));import{z as Xe}from"zod";var ae=()=>h("/session",{method:"GET",requireHeaders:!0},async e=>{try{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let r=await e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return z(e),r&&await e.context.internalAdapter.deleteSession(r.session.id),e.json(null,{status:401});if(await e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let n=e.context.sessionConfig.expiresIn,i=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-n*1e3+i*1e3<=Date.now()){let s=await e.context.internalAdapter.updateSession(r.session.id,{expiresAt:F(e.context.sessionConfig.expiresIn,"sec")});if(!s)return z(e),e.json(null,{status:401});let d=(s.expiresAt.valueOf()-Date.now())/1e3;return await I(e,s.id,!1,{maxAge:d}),e.json({session:s,user:r.user})}return e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}}),nr=async e=>await ae()({...e,_flag:"json",headers:e.headers}),B=$(async e=>{let t=await nr(e);if(!t?.session)throw new H("UNAUTHORIZED");return{session:t}}),Ye=()=>h("/user/list-sessions",{method:"GET",use:[B],requireHeaders:!0},async e=>{let r=(await e.context.internalAdapter.listSessions(e.context.session.user.id)).filter(o=>o.expiresAt>new Date);return e.json(r)}),et=h("/user/revoke-session",{method:"POST",body:Xe.object({id:Xe.string()}),use:[B],requireHeaders:!0},async e=>{let t=e.body.id,r=await e.context.internalAdapter.findSession(t);if(!r)throw new H("BAD_REQUEST",{message:"Session not found"});if(r.session.userId!==e.context.session.user.id)throw new H("UNAUTHORIZED");try{await e.context.internalAdapter.deleteSession(t)}catch(o){throw e.context.logger.error(o),new H("INTERNAL_SERVER_ERROR")}return e.json({status:!0})}),tt=h("/user/revoke-sessions",{method:"POST",use:[B],requireHeaders:!0},async e=>{try{await e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){throw e.context.logger.error(t),new H("INTERNAL_SERVER_ERROR")}return e.json({status:!0})});import"zod";import{APIError as ir}from"better-call";var rt=h("/sign-out",{method:"POST"},async e=>{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)throw new ir("BAD_REQUEST",{message:"Session not found"});return await e.context.internalAdapter.deleteSession(t),z(e),e.json({success:!0})});import{z as L}from"zod";import{APIError as X}from"better-call";var ot=h("/forget-password",{method:"POST",body:L.object({email:L.string().email(),redirectTo:L.string()}),use:[T]},async e=>{if(!e.context.options.emailAndPassword?.sendResetPassword)throw e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function in your auth config!"),new X("BAD_REQUEST",{message:"Reset password isn't enabled"});let{email:t,redirectTo:r}=e.body,o=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!o)return e.context.logger.error("Reset Password: User not found",{email:t}),e.json({status:!1},{body:{status:!0}});let n=60*60*1,i=new Date(Date.now()+1e3*(e.context.options.emailAndPassword.resetPasswordTokenExpiresIn||n)),a=e.context.uuid();await e.context.internalAdapter.createVerificationValue({value:o.user.id,identifier:`reset-password:${a}`,expiresAt:i});let c=`${e.context.baseURL}/reset-password/${a}?callbackURL=${r}`;return await e.context.options.emailAndPassword.sendResetPassword(o.user,c),e.json({status:!0})}),nt=h("/reset-password/:token",{method:"GET",query:L.object({callbackURL:L.string()}),use:[T]},async e=>{let{token:t}=e.params,r=e.query.callbackURL,o=r.startsWith("http")?r:`${e.context.options.baseURL}${r}`;if(!t||!r)throw e.redirect(`${e.context.baseURL}/error?error=INVALID_TOKEN`);let n=await e.context.internalAdapter.findVerificationValue(`reset-password:${t}`);throw!n||n.expiresAt<new Date?e.redirect(`${o}?error=INVALID_TOKEN`):e.redirect(`${o}?token=${t}`)}),it=h("/reset-password",{query:L.object({token:L.string()}).optional(),method:"POST",body:L.object({newPassword:L.string()})},async e=>{let t=e.query?.token;if(!t)throw new X("BAD_REQUEST",{message:"Token not found"});let{newPassword:r}=e.body,o=`reset-password:${t}`,n=await e.context.internalAdapter.findVerificationValue(o);if(!n||n.expiresAt<new Date)throw new X("BAD_REQUEST",{message:"Invalid token"});await e.context.internalAdapter.deleteVerificationValue(n.id);let i=n.value,a=await e.context.password.hash(r);if(!(await e.context.internalAdapter.findAccounts(i)).find(l=>l.providerId==="credential"))return await e.context.internalAdapter.createAccount({userId:i,providerId:"credential",password:a,accountId:e.context.uuid()}),e.json({status:!0});if(!await e.context.internalAdapter.updatePassword(i,a))throw new X("BAD_REQUEST",{message:"Failed to update password"});return e.json({status:!0})});import{z as E}from"zod";import{APIError as S}from"better-call";var st=h("/user/update",{method:"POST",body:E.object({name:E.string().optional(),image:E.string().optional()}),use:[B,T]},async e=>{let{name:t,image:r}=e.body,o=e.context.session;if(!r&&!t)return e.json({user:o.user});let n=await e.context.internalAdapter.updateUserByEmail(o.user.email,{name:t,image:r});return e.json({user:n})}),at=h("/user/change-password",{method:"POST",body:E.object({newPassword:E.string(),currentPassword:E.string(),revokeOtherSessions:E.boolean().optional()}),use:[B]},async e=>{let{newPassword:t,currentPassword:r,revokeOtherSessions:o}=e.body,n=e.context.session,i=e.context.password.config.minPasswordLength;if(t.length<i)throw e.context.logger.error("Password is too short"),new S("BAD_REQUEST",{message:"Password is too short"});let a=e.context.password.config.maxPasswordLength;if(t.length>a)throw e.context.logger.error("Password is too long"),new S("BAD_REQUEST",{message:"Password too long"});let s=(await e.context.internalAdapter.findAccounts(n.user.id)).find(p=>p.providerId==="credential"&&p.password);if(!s||!s.password)throw new S("BAD_REQUEST",{message:"User does not have a password"});let d=await e.context.password.hash(t);if(!await e.context.password.verify(s.password,r))throw new S("BAD_REQUEST",{message:"Incorrect password"});if(await e.context.internalAdapter.updateAccount(s.id,{password:d}),o){await e.context.internalAdapter.deleteSessions(n.user.id);let p=await e.context.internalAdapter.createSession(n.user.id,e.headers);if(!p)throw new S("INTERNAL_SERVER_ERROR",{message:"Unable to create session"});await I(e,p.id)}return e.json(n.user)}),dt=h("/user/set-password",{method:"POST",body:E.object({newPassword:E.string()}),use:[B]},async e=>{let{newPassword:t}=e.body,r=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)throw e.context.logger.error("Password is too short"),new S("BAD_REQUEST",{message:"Password is too short"});let n=e.context.password.config.maxPasswordLength;if(t.length>n)throw e.context.logger.error("Password is too long"),new S("BAD_REQUEST",{message:"Password too long"});let a=(await e.context.internalAdapter.findAccounts(r.user.id)).find(s=>s.providerId==="credential"&&s.password),c=await e.context.password.hash(t);if(!a)return await e.context.internalAdapter.linkAccount({userId:r.user.id,providerId:"credential",accountId:r.user.id,password:c}),e.json(r.user);throw new S("BAD_REQUEST",{message:"user already has a password"})}),ct=h("/user/delete",{method:"POST",body:E.object({password:E.string()}),use:[B]},async e=>{let{password:t}=e.body,r=e.context.session,n=(await e.context.internalAdapter.findAccounts(r.user.id)).find(a=>a.providerId==="credential"&&a.password);if(!n||!n.password)throw new S("BAD_REQUEST",{message:"User does not have a password"});if(!await e.context.password.verify(n.password,t))throw new S("BAD_REQUEST",{message:"Incorrect password"});return await e.context.internalAdapter.deleteUser(r.user.id),await e.context.internalAdapter.deleteSessions(r.user.id),e.json(null)});var lt=h("/csrf",{method:"GET",metadata:C},async e=>{let t=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t){let[i,a]=t.split("!")||[null,null];return e.json({csrfToken:i})}let r=we(32,be("a-z","0-9","A-Z")),o=await W(e.context.secret,r),n=`${r}!${o}`;return await e.setSignedCookie(e.context.authCookies.csrfToken.name,n,e.context.secret,e.context.authCookies.csrfToken.options),e.json({csrfToken:r})});var sr=(e="Unknown")=>`<!DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="UTF-8">
@@ -80,4 +80,4 @@ Error: `,f),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)
         <div class="error-code">Error Code: <span id="errorCode">${e}</span></div>
     </div>
 </body>
-</html>`,ut=h("/error",{method:"GET",metadata:C},async e=>{let t=new URL(e.request?.url||"").searchParams.get("error")||"Unknown";return new Response(ir(t),{headers:{"Content-Type":"text/html"}})});var pt=h("/ok",{method:"GET",metadata:C},async e=>e.json({ok:!0}));import{z as j}from"zod";import{APIError as q}from"better-call";var ft=()=>h("/sign-up/email",{method:"POST",query:j.object({currentURL:j.string().optional()}).optional(),body:j.record(j.string(),j.any()),use:[T]},async e=>{if(!e.context.options.emailAndPassword?.enabled)throw new q("BAD_REQUEST",{message:"Email and password sign up is not enabled"});let t=e.body,{name:r,email:o,password:n,image:i,callbackURL:a,...c}=t;if(!j.string().email().safeParse(o).success)throw new q("BAD_REQUEST",{message:"Invalid email"});let d=e.context.password.config.minPasswordLength;if(n.length<d)throw e.context.logger.error("Password is too short"),new q("BAD_REQUEST",{message:"Password is too short"});let l=e.context.password.config.maxPasswordLength;if(n.length>l)throw e.context.logger.error("Password is too long"),new q("BAD_REQUEST",{message:"Password is too long"});if((await e.context.internalAdapter.findUserByEmail(o))?.user)throw e.context.logger.info(`Sign-up attempt for existing email: ${o}`),new q("UNPROCESSABLE_ENTITY",{message:"Failed to create user"});let u=Qe(e.context.options,c),m=await e.context.internalAdapter.createUser({email:o.toLowerCase(),name:r,image:i,...u,emailVerified:!1});if(!m)throw new q("BAD_REQUEST",{message:"Failed to create user"});let f=await e.context.password.hash(n);if(await e.context.internalAdapter.linkAccount({userId:m.id,providerId:"credential",accountId:m.id,password:f,expiresAt:F(60*60*24*30,"sec")}),e.context.options.emailVerification?.sendOnSignUp){let b=await N(e.context.secret,m.email),R=`${e.context.baseURL}/verify-email?token=${b}&callbackURL=${t.callbackURL||e.query?.currentURL||"/"}`;await e.context.options.emailVerification?.sendVerificationEmail?.(m,R,b)}if(!e.context.options.emailAndPassword.autoSignIn)return e.json({user:m,session:null},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:m,session:null}});let g=await e.context.internalAdapter.createSession(m.id,e.request);if(!g)throw new q("BAD_REQUEST",{message:"Failed to create session"});return await P(e,g.id),e.json({user:m,session:g},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:m,session:g}})});function mt(e){let t="127.0.0.1";if(process.env.NODE_ENV==="test")return t;let r=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"];for(let o of r){let n=e.headers.get(o);if(typeof n=="string"){let i=n.split(",")[0].trim();if(i)return i}}return null}function sr(e,t,r){let o=Date.now(),n=t*1e3;return o-r.lastRequest<n&&r.count>=e}function ar(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function dr(e,t){let r=Date.now(),o=t*1e3;return Math.ceil((e+o-r)/1e3)}function cr(e,t){let r=t??"rateLimit",o=e.adapter;return{get:async n=>await o.findOne({model:r,where:[{field:"key",value:n}]}),set:async(n,i,a)=>{try{a?await o.update({model:t??"rateLimit",where:[{field:"key",value:n}],update:{count:i.count,lastRequest:i.lastRequest}}):await o.create({model:t??"rateLimit",data:{key:n,count:i.count,lastRequest:i.lastRequest}})}catch(c){w.error("Error setting rate limit",c)}}}}var gt=new Map;function lr(e){return e.rateLimit.storage==="secondary-storage"?{get:async r=>{let o=await e.options.secondaryStorage?.get(r);return o?JSON.parse(o):void 0},set:async(r,o)=>{await e.options.secondaryStorage?.set?.(r,JSON.stringify(o))}}:e.rateLimit.storage==="memory"?{async get(r){return gt.get(r)},async set(r,o,n){gt.set(r,o)}}:cr(e,e.rateLimit.tableName)}async function ht(e,t){if(!t.rateLimit.enabled)return;let r=t.baseURL,o=e.url.replace(r,""),n=t.rateLimit.window,i=t.rateLimit.max,a=mt(e)+o,s=ur().find(u=>u.pathMatcher(o));s&&(n=s.window,i=s.max);for(let u of t.options.plugins||[])if(u.rateLimit){let m=u.rateLimit.find(f=>f.pathMatcher(o));if(m){n=m.window,i=m.max;break}}if(t.rateLimit.customRules){let u=t.rateLimit.customRules[o];u&&(n=u.window,i=u.max)}let d=lr(t),l=await d.get(a),p=Date.now();if(!l)await d.set(a,{key:a,count:1,lastRequest:p});else{let u=p-l.lastRequest;if(sr(i,n,l)){let m=dr(l.lastRequest,n);return ar(m)}else u>n*1e3?await d.set(a,{...l,count:1,lastRequest:p}):await d.set(a,{...l,count:l.count+1,lastRequest:p})}}function ur(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:7}]}import{APIError as da}from"better-call";function le(e,t){let r=t.plugins?.reduce((c,s)=>({...c,...s.endpoints}),{}),o=t.plugins?.map(c=>c.middlewares?.map(s=>{let d=async l=>s.middleware({...l,context:{...e,...l.context}});return d.path=s.path,d.options=s.middleware.options,d.headers=s.middleware.headers,{path:s.path,middleware:d}})).filter(c=>c!==void 0).flat()||[],i={...{signInOAuth:Ge,callbackOAuth:Je,getCSRFToken:lt,getSession:ce(),signOut:rt,signUpEmail:ft(),signInEmail:Ze,forgetPassword:ot,resetPassword:it,verifyEmail:Ke,sendVerificationEmail:He,changePassword:at,setPassword:dt,updateUser:st,deleteUser:ct,forgetPasswordCallback:nt,listSessions:Ye(),revokeSession:et,revokeSessions:tt},...r,ok:pt,error:ut},a={};for(let[c,s]of Object.entries(i))a[c]=async(d={})=>{let l=await e;for(let m of t.plugins||[])if(m.hooks?.before){for(let f of m.hooks.before)if(f.matcher({...s,...d,context:l})){let b=await f.handler({...d,context:{...l,...d?.context}});b&&"context"in b&&(l={...l,...b.context})}}let u=await s({...d,context:{...l,...d.context}});for(let m of t.plugins||[])if(m.hooks?.after){for(let f of m.hooks.after)if(f.matcher(d)){let b=Object.assign(d,{context:{...e,returned:u}}),R=await f.handler(b);R&&"response"in R&&(u=R.response)}}return u},a[c].path=s.path,a[c].method=s.method,a[c].options=s.options,a[c].headers=s.headers;return{api:a,middlewares:o}}var yt=(e,t)=>{let{api:r,middlewares:o}=le(e,t),n=new URL(e.baseURL).pathname;return fr(r,{extraContext:e,basePath:n,routerMiddleware:[{path:"/**",middleware:xe},...o],async onRequest(i){for(let a of e.options.plugins||[])if(a.onRequest){let c=await a.onRequest(i,e);if(c)return c}return ht(i,e)},async onResponse(i){for(let a of e.options.plugins||[])if(a.onResponse){let c=await a.onResponse(i,e);if(c)return c.response}return i},onError(i){if(t.onAPIError?.throw)throw i;if(t.onAPIError?.onError){t.onAPIError.onError(i,e);return}let a=t.logger?.verboseLogging?w:void 0;t.logger?.disabled!==!0&&(i instanceof pr?(i.status==="INTERNAL_SERVER_ERROR"&&w.error(i),a?.error(i.message)):w?.error(i))}})};var _=e=>{let t=e.plugins?.reduce((s,d)=>{let l=d.schema;if(!l)return s;for(let[p,u]of Object.entries(l))s[p]={fields:{...s[p]?.fields,...u.fields},tableName:u.tableName||p};return s},{}),r=e.rateLimit?.storage==="database",o={rateLimit:{tableName:e.rateLimit?.tableName||"rateLimit",fields:{key:{type:"string",fieldName:e.rateLimit?.fields?.key||"key"},count:{type:"number",fieldName:e.rateLimit?.fields?.count||"count"},lastRequest:{type:"number",fieldName:e.rateLimit?.fields?.lastRequest||"lastRequest"}}}},{user:n,session:i,account:a,...c}=t||{};return{user:{tableName:e.user?.modelName||"user",fields:{name:{type:"string",required:!0,fieldName:e.user?.fields?.name||"name"},email:{type:"string",unique:!0,required:!0,fieldName:e.user?.fields?.email||"email"},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0,fieldName:e.user?.fields?.emailVerified||"emailVerified"},image:{type:"string",required:!1,fieldName:e.user?.fields?.image||"image"},createdAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.createdAt||"createdAt"},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.updatedAt||"updatedAt"},...n?.fields,...e.user?.additionalFields},order:1},session:{tableName:e.session?.modelName||"session",fields:{expiresAt:{type:"date",required:!0,fieldName:e.session?.fields?.expiresAt||"expiresAt"},ipAddress:{type:"string",required:!1,fieldName:e.session?.fields?.ipAddress||"ipAddress"},userAgent:{type:"string",required:!1,fieldName:e.session?.fields?.userAgent||"userAgent"},userId:{type:"string",fieldName:e.session?.fields?.userId||"userId",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0},...i?.fields,...e.session?.additionalFields},order:2},account:{tableName:e.account?.modelName||"account",fields:{accountId:{type:"string",required:!0,fieldName:e.account?.fields?.accountId||"accountId"},providerId:{type:"string",required:!0,fieldName:e.account?.fields?.providerId||"providerId"},userId:{type:"string",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0,fieldName:e.account?.fields?.userId||"userId"},accessToken:{type:"string",required:!1,fieldName:e.account?.fields?.accessToken||"accessToken"},refreshToken:{type:"string",required:!1,fieldName:e.account?.fields?.refreshToken||"refreshToken"},idToken:{type:"string",required:!1,fieldName:e.account?.fields?.idToken||"idToken"},expiresAt:{type:"date",required:!1,fieldName:e.account?.fields?.expiresAt||"expiresAt"},password:{type:"string",required:!1,fieldName:e.account?.fields?.password||"password"},...a?.fields},order:3},verification:{tableName:e.verification?.modelName||"verification",fields:{identifier:{type:"string",required:!0,fieldName:e.verification?.fields?.identifier||"identifier"},value:{type:"string",required:!0,fieldName:e.verification?.fields?.value||"value"},expiresAt:{type:"date",required:!0,fieldName:e.verification?.fields?.expiresAt||"expiresAt"}},order:4},...c,...r?o:{}}};import{Kysely as wt,MssqlDialect as mr}from"kysely";import{MysqlDialect as bt,PostgresDialect as At,SqliteDialect as kt}from"kysely";function Rt(e){if("dialect"in e)return Rt(e.dialect);if("createDriver"in e){if(e instanceof kt)return"sqlite";if(e instanceof bt)return"mysql";if(e instanceof At)return"postgres";if(e instanceof mr)return"mssql"}return"aggregate"in e?"sqlite":"getConnection"in e?"mysql":"connect"in e?"postgres":null}var K=async e=>{let t=e.database;if("db"in t)return{kysely:t.db,databaseType:t.type};if("dialect"in t)return{kysely:new wt({dialect:t.dialect}),databaseType:t.type};let r,o=Rt(t);return"createDriver"in t&&(r=t),"aggregate"in t&&(r=new kt({database:t})),"getConnection"in t&&(r=new bt({pool:t})),"connect"in t&&(r=new At({pool:t})),{kysely:r?new wt({dialect:r}):null,databaseType:o}};import"kysely";function xt(e,t){let r=t.hooks,o=_(t.options);async function n(a,c,s){let d=a,l=o[c];for(let m of r||[]){let f=m[c]?.create?.before;if(f){let g=await f(a);if(g===!1)return null;typeof g=="object"&&"data"in g&&(d=g.data)}}let p=s?await s.fn(d):null,u=!s||s.executeMainFn?await e.create({model:l.tableName,data:{id:U(),...ue(l.fields,d)}}):p;for(let m of r||[]){let f=m[c]?.create?.after;f&&await f(u)}return pe(l.fields,u)}async function i(a,c,s,d){let l=a;for(let m of r||[]){let f=m[s]?.update?.before;if(f){let g=await f(a);if(g===!1)return null;l=typeof g=="object"?g.data:g}}let p=d?await d.fn(l):null,u=!d||d.executeMainFn?await e.update({model:o[s].tableName,update:ue(o[s].fields,l),where:c}):p;for(let m of r||[]){let f=m[s]?.update?.after;f&&await f(u)}return pe(o[s].fields,u)}return{createWithHooks:n,updateWithHooks:i}}var fe=(e,t)=>{let r=t.options,o=r.secondaryStorage,n=r.session?.expiresIn||60*60*24*7,i=_(r),{createWithHooks:a,updateWithHooks:c}=xt(e,t);return{createOAuthUser:async(s,d)=>{try{let l=await a(s,"user"),p=await a(d,"account");return{user:l,account:p}}catch(l){return console.log(l),null}},createUser:async s=>await a({id:U(),createdAt:new Date,updatedAt:new Date,emailVerified:!1,...s},"user"),createAccount:async s=>await a({id:U(),createdAt:new Date,updatedAt:new Date,...s},"account"),listSessions:async s=>await e.findMany({model:i.session.tableName,where:[{field:i.session.fields.userId.fieldName||"userId",value:s}]}),listUsers:async(s,d,l)=>await e.findMany({model:i.user.tableName,limit:s,offset:d,sortBy:l}),deleteUser:async s=>{await e.delete({model:i.account.tableName,where:[{field:i.account.fields.userId.fieldName||"userId",value:s}]}),await e.delete({model:i.session.tableName,where:[{field:i.session.fields.userId.fieldName||"userId",value:s}]}),await e.delete({model:i.user.tableName,where:[{field:"id",value:s}]})},createSession:async(s,d,l,p)=>{let u=d instanceof Request?d.headers:d,m={id:U(),userId:s,expiresAt:l?F(60*60*24,"sec"):F(n,"sec"),ipAddress:u?.get("x-forwarded-for")||"",userAgent:u?.get("user-agent")||"",...p};return await a(m,"session",o?{fn:async g=>{let b=await e.findOne({model:i.user.tableName,where:[{field:"id",value:s}]});return o.set(g.id,JSON.stringify({session:g,user:b}),n),g},executeMainFn:r.session?.storeSessionInDatabase}:void 0)},findSession:async s=>{if(o){let p=await o.get(s);if(p){let u=JSON.parse(p);return{session:{...u.session,expiresAt:new Date(u.session.expiresAt)},user:{...u.user,createdAt:new Date(u.user.createdAt),updatedAt:new Date(u.user.updatedAt)}}}}let d=await e.findOne({model:i.session.tableName,where:[{value:s,field:"id"}]});if(!d)return null;let l=await e.findOne({model:i.user.tableName,where:[{value:d.userId,field:"id"}]});return l?{session:d,user:l}:null},updateSession:async(s,d)=>await c(d,[{field:"id",value:s}],"session",o?{async fn(p){let u=await o.get(s),m=null;if(u){let f=JSON.parse(u);m={...f.session,...p},await o.set(s,JSON.stringify({session:m,user:f.user}),f.session.expiresAt?new Date(f.session.expiresAt).getTime():void 0)}else return null},executeMainFn:r.session?.storeSessionInDatabase}:void 0),deleteSession:async s=>{if(o){await o.delete(s),r.session?.storeSessionInDatabase&&await e.delete({model:i.session.tableName,where:[{field:"id",value:s}]});return}await e.delete({model:i.session.tableName,where:[{field:"id",value:s}]})},deleteSessions:async s=>{if(o){let d=await e.findMany({model:i.session.tableName,where:[{field:i.session.fields.userId.fieldName||"userId",value:s}]});for(let l of d)await o.delete(l.id);r.session?.storeSessionInDatabase&&await e.delete({model:i.session.tableName,where:[{field:i.session.fields.userId.fieldName||"userId",value:s}]});return}await e.delete({model:i.session.tableName,where:[{field:i.session.fields.userId.fieldName||"userId",value:s}]})},findUserByEmail:async(s,d)=>{let l=await e.findOne({model:i.user.tableName,where:[{value:s.toLowerCase(),field:i.user.fields.email.fieldName||"email"}]});if(!l)return null;if(d?.includeAccounts){let p=await e.findMany({model:i.account.tableName,where:[{value:l.id,field:i.account.fields.userId.fieldName||"userId"}]});return{user:l,accounts:p}}return{user:l,accounts:[]}},findUserById:async s=>await e.findOne({model:i.user.tableName,where:[{field:"id",value:s}]}),linkAccount:async s=>await a({id:U(),...s},"account"),updateUser:async(s,d)=>await c(d,[{field:"id",value:s}],"user"),updateUserByEmail:async(s,d)=>await c(d,[{field:"email",value:s}],"user"),updatePassword:async(s,d)=>await c({password:d},[{field:i.account.fields.userId.fieldName||"userId",value:s},{field:i.account.fields.providerId.fieldName||"providerId",value:"credential"}],"account"),findAccounts:async s=>await e.findMany({model:i.account.tableName,where:[{field:i.account.fields.userId.fieldName||"userId",value:s}]}),updateAccount:async(s,d)=>await c(d,[{field:"id",value:s}],"account"),createVerificationValue:async s=>await a({id:U(),...s},"verification"),findVerificationValue:async s=>await e.findOne({model:i.verification.tableName,where:[{field:i.verification.fields.identifier.fieldName||"identifier",value:s}]}),deleteVerificationValue:async s=>{await e.delete({model:i.verification.tableName,where:[{field:"id",value:s}]})},updateVerificationValue:async(s,d)=>await c(d,[{field:"id",value:s}],"verification")}};import{z as va}from"zod";function te(e){if(!e)return{and:null,or:null};let t=e?.filter(o=>o.connector==="AND"||!o.connector).reduce((o,n)=>({...o,[n.field]:n.value}),{}),r=e?.filter(o=>o.connector==="OR").reduce((o,n)=>({...o,[n.field]:n.value}),{});return{and:Object.keys(t).length?t:null,or:Object.keys(r).length?r:null}}function re(e,t,r){for(let o in e)e[o]===0&&t[o]?.type==="boolean"&&r?.boolean&&(e[o]=!1),e[o]===1&&t[o]?.type==="boolean"&&r?.boolean&&(e[o]=!0),t[o]?.type==="date"&&(e[o]instanceof Date||(e[o]=new Date(e[o])));return e}function Tt(e,t){for(let r in e)typeof e[r]=="boolean"&&t?.boolean&&(e[r]=e[r]?1:0),e[r]instanceof Date&&(e[r]=e[r].toISOString());return e}var Ut=(e,t)=>({id:"kysely",async create(r){let{model:o,data:n,select:i}=r;t?.transform&&(n=Tt(n,t.transform));let a=await e.insertInto(o).values(n).returningAll().executeTakeFirst();if(t?.transform){let c=t.transform.schema[o];a=c?re(n,c,t.transform):a}return i?.length&&(a=a?i.reduce((s,d)=>a?.[d]?{...s,[d]:a[d]}:s,{}):null),a},async findOne(r){let{model:o,where:n,select:i}=r,{and:a,or:c}=te(n),s=e.selectFrom(o).selectAll();c&&(s=s.where(l=>l.or(c))),a&&(s=s.where(l=>l.and(a)));let d=await s.executeTakeFirst();if(i?.length&&(d=d?i.reduce((p,u)=>d?.[u]?{...p,[u]:d[u]}:p,{}):null),t?.transform){let l=t.transform.schema[o];return d=d&&l?re(d,l,t.transform):d,d||null}return d||null},async findMany(r){let{model:o,where:n,limit:i,offset:a,sortBy:c}=r,s=e.selectFrom(o),{and:d,or:l}=te(n);d&&(s=s.where(u=>u.and(d))),l&&(s=s.where(u=>u.or(l))),s=s.limit(i||100),a&&(s=s.offset(a)),c&&(s=s.orderBy(c.field,c.direction));let p=await s.selectAll().execute();if(t?.transform){let u=t.transform.schema[o];return u?p.map(m=>re(m,u,t.transform)):p}return p},async update(r){let{model:o,where:n,update:i}=r,{and:a,or:c}=te(n);t?.transform&&(i=Tt(i,t.transform));let s=e.updateTable(o).set(i);a&&(s=s.where(l=>l.and(a))),c&&(s=s.where(l=>l.or(c)));let d=await s.returningAll().executeTakeFirst()||null;if(t?.transform){let l=t.transform.schema[o];return l?re(d,l,t.transform):d}return d},async delete(r){let{model:o,where:n}=r,{and:i,or:a}=te(n),c=e.deleteFrom(o);i&&(c=c.where(s=>s.and(i))),a&&(c=c.where(s=>s.or(a))),await c.execute()}});async function vt(e,t){if(!e.database)throw new k("Database configuration is required");if("create"in e.database)return e.database;let{kysely:r,databaseType:o}=await K(e);if(!r)throw new k("Failed to initialize database adapter");let n=_(e),i={};for(let a of Object.values(n))i[a.tableName]=a.fields;return Ut(r,{transform:{schema:i,date:!0,boolean:o==="sqlite"}})}function ue(e,t){let r={id:t.id};for(let o in e){let n=e[o],i=t[o];r[n.fieldName||o]=i}return r}function pe(e,t){if(!t)return null;let r={id:t.id};for(let[o,n]of Object.entries(e))r[o]=t[n.fieldName||o];return r}import{defu as gr}from"defu";var me="better-auth-secret-123456789";var Et=async e=>{let t=await vt(e),r=e.plugins||[],o=yr(e),{kysely:n}=await K(e),i=M(e.baseURL,e.basePath);if(!i)throw new k("Base URL can not be empty. Please add `BETTER_AUTH_URL` in your environment variables or pass it your auth config.");let a=e.secret||process.env.BETTER_AUTH_SECRET||process.env.AUTH_SECRET||me;if(a===me&&process.env.NODE_ENV==="production")throw new k("You are using the default secret. Please set `BETTER_AUTH_SECRET` or `AUTH_SECRET` in your environment variables or pass `secret` in your auth config.");e={...e,secret:a,baseURL:i?new URL(i).origin:"",basePath:e.basePath||"/api/auth",plugins:r.concat(o),emailAndPassword:{...e.emailAndPassword,enabled:e.emailAndPassword?.enabled??!1,autoSignIn:!0}};let c=Oe(e),s=_(e),d=Object.keys(e.socialProviders||{}).map(u=>{let m=e.socialProviders?.[u];return m.enabled===!1?null:((!m.clientId||!m.clientSecret)&&w.warn(`Social provider ${u} is missing clientId or clientSecret`),de[u](m))}).filter(u=>u!==null),l={appName:e.appName||"Better Auth",socialProviders:d,options:e,tables:s,trustedOrigins:wr(e),baseURL:i,sessionConfig:{updateAge:e.session?.updateAge||24*60*60,expiresIn:e.session?.expiresIn||60*60*24*7},secret:a,rateLimit:{...e.rateLimit,enabled:e.rateLimit?.enabled??process.env.NODE_ENV!=="development",window:e.rateLimit?.window||60,max:e.rateLimit?.max||100,storage:e.rateLimit?.storage||e.secondaryStorage?"secondary-storage":"memory"},authCookies:c,logger:ie({disabled:e.logger?.disabled||!1}),db:n,uuid:U,secondaryStorage:e.secondaryStorage,password:{hash:e.emailAndPassword?.password?.hash||ye,verify:e.emailAndPassword?.password?.verify||we,config:{minPasswordLength:e.emailAndPassword?.minPasswordLength||8,maxPasswordLength:e.emailAndPassword?.maxPasswordLength||128}},adapter:t,internalAdapter:fe(t,{options:e,hooks:e.databaseHooks?[e.databaseHooks]:[]}),createAuthCookie:Ie(e)},{context:p}=hr(l);return p};function hr(e){let t=e.options,r=t.plugins||[],o=e,n=[];for(let i of r)if(i.init){let a=i.init(e);typeof a=="object"&&(a.options&&(a.options.databaseHooks&&n.push(a.options.databaseHooks),t=gr(t,a.options)),a.context&&(o={...o,...a.context}))}return n.push(t.databaseHooks),o.internalAdapter=fe(e.adapter,{options:t,hooks:n.filter(i=>i!==void 0)}),o.options=t,{context:o}}function yr(e){let t=[];return e.advanced?.crossSubDomainCookies?.enabled,t}function wr(e){let t=M(e.baseURL,e.basePath);if(!t)throw new k("Base URL can not be empty. Please add `BETTER_AUTH_URL` in your environment variables or pass it in your auth config.");let r=[new URL(t).origin];e.trustedOrigins&&r.push(...e.trustedOrigins);let o=process.env.BETTER_AUTH_TRUSTED_ORIGINS;return o&&r.push(...o.split(",")),r}var Ad=e=>{let t=Et(e),{api:r}=le(t,e);return{handler:async o=>{let n=await t,i=n.options.basePath||"/api/auth",a=new URL(o.url);if(!n.options.baseURL){let s=M(void 0,i)||`${a.origin}${i}`;n.options.baseURL=s,n.baseURL=s}if(!n.options.baseURL)return new Response("Base URL not set",{status:400});if(a.pathname===i||a.pathname===`${i}/`)return new Response("Welcome to BetterAuth",{status:200});let{handler:c}=yt(n,e);return c(o)},api:r,options:e,$Infer:{}}};export{k as BetterAuthError,C as HIDE_METADATA,Pe as MissingDependencyError,Ad as betterAuth,dn as capitalizeFirstLetter,Ie as createCookieGetter,ie as createLogger,z as deleteSessionCookie,U as generateId,Ee as generateState,Oe as getCookies,w as logger,ao as parseSetCookieHeader,ne as parseState,P as setSessionCookie};
+</html>`,ut=h("/error",{method:"GET",metadata:C},async e=>{let t=new URL(e.request?.url||"").searchParams.get("error")||"Unknown";return new Response(sr(t),{headers:{"Content-Type":"text/html"}})});var pt=h("/ok",{method:"GET",metadata:C},async e=>e.json({ok:!0}));import{z as j}from"zod";import{APIError as q}from"better-call";var ft=()=>h("/sign-up/email",{method:"POST",query:j.object({currentURL:j.string().optional()}).optional(),body:j.record(j.string(),j.any()),use:[T]},async e=>{if(!e.context.options.emailAndPassword?.enabled)throw new q("BAD_REQUEST",{message:"Email and password sign up is not enabled"});let t=e.body,{name:r,email:o,password:n,image:i,callbackURL:a,...c}=t;if(!j.string().email().safeParse(o).success)throw new q("BAD_REQUEST",{message:"Invalid email"});let d=e.context.password.config.minPasswordLength;if(n.length<d)throw e.context.logger.error("Password is too short"),new q("BAD_REQUEST",{message:"Password is too short"});let l=e.context.password.config.maxPasswordLength;if(n.length>l)throw e.context.logger.error("Password is too long"),new q("BAD_REQUEST",{message:"Password is too long"});if((await e.context.internalAdapter.findUserByEmail(o))?.user)throw e.context.logger.info(`Sign-up attempt for existing email: ${o}`),new q("UNPROCESSABLE_ENTITY",{message:"Failed to create user"});let u=Qe(e.context.options,c),m=await e.context.internalAdapter.createUser({email:o.toLowerCase(),name:r,image:i,...u,emailVerified:!1});if(!m)throw new q("BAD_REQUEST",{message:"Failed to create user"});let f=await e.context.password.hash(n);if(await e.context.internalAdapter.linkAccount({userId:m.id,providerId:"credential",accountId:m.id,password:f,expiresAt:F(60*60*24*30,"sec")}),e.context.options.emailVerification?.sendOnSignUp){let b=await N(e.context.secret,m.email),k=`${e.context.baseURL}/verify-email?token=${b}&callbackURL=${t.callbackURL||e.query?.currentURL||"/"}`;await e.context.options.emailVerification?.sendVerificationEmail?.(m,k,b)}if(!e.context.options.emailAndPassword.autoSignIn)return e.json({user:m,session:null},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:m,session:null}});let g=await e.context.internalAdapter.createSession(m.id,e.request);if(!g)throw new q("BAD_REQUEST",{message:"Failed to create session"});return await I(e,g.id),e.json({user:m,session:g},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:m,session:g}})});function mt(e){let t="127.0.0.1";if(process.env.NODE_ENV==="test")return t;let r=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"];for(let o of r){let n=e.headers.get(o);if(typeof n=="string"){let i=n.split(",")[0].trim();if(i)return i}}return null}function ar(e,t,r){let o=Date.now(),n=t*1e3;return o-r.lastRequest<n&&r.count>=e}function dr(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function cr(e,t){let r=Date.now(),o=t*1e3;return Math.ceil((e+o-r)/1e3)}function lr(e,t){let r=t??"rateLimit",o=e.adapter;return{get:async n=>await o.findOne({model:r,where:[{field:"key",value:n}]}),set:async(n,i,a)=>{try{a?await o.update({model:t??"rateLimit",where:[{field:"key",value:n}],update:{count:i.count,lastRequest:i.lastRequest}}):await o.create({model:t??"rateLimit",data:{key:n,count:i.count,lastRequest:i.lastRequest}})}catch(c){w.error("Error setting rate limit",c)}}}}var gt=new Map;function ur(e){return e.rateLimit.storage==="secondary-storage"?{get:async r=>{let o=await e.options.secondaryStorage?.get(r);return o?JSON.parse(o):void 0},set:async(r,o)=>{await e.options.secondaryStorage?.set?.(r,JSON.stringify(o))}}:e.rateLimit.storage==="memory"?{async get(r){return gt.get(r)},async set(r,o,n){gt.set(r,o)}}:lr(e,e.rateLimit.tableName)}async function ht(e,t){if(!t.rateLimit.enabled)return;let r=t.baseURL,o=e.url.replace(r,""),n=t.rateLimit.window,i=t.rateLimit.max,a=mt(e)+o,s=pr().find(u=>u.pathMatcher(o));s&&(n=s.window,i=s.max);for(let u of t.options.plugins||[])if(u.rateLimit){let m=u.rateLimit.find(f=>f.pathMatcher(o));if(m){n=m.window,i=m.max;break}}if(t.rateLimit.customRules){let u=t.rateLimit.customRules[o];u&&(n=u.window,i=u.max)}let d=ur(t),l=await d.get(a),p=Date.now();if(!l)await d.set(a,{key:a,count:1,lastRequest:p});else{let u=p-l.lastRequest;if(ar(i,n,l)){let m=cr(l.lastRequest,n);return dr(m)}else u>n*1e3?await d.set(a,{...l,count:1,lastRequest:p}):await d.set(a,{...l,count:l.count+1,lastRequest:p})}}function pr(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:7}]}import{APIError as pa}from"better-call";function de(e,t){let r=t.plugins?.reduce((c,s)=>({...c,...s.endpoints}),{}),o=t.plugins?.map(c=>c.middlewares?.map(s=>{let d=async l=>s.middleware({...l,context:{...e,...l.context}});return d.path=s.path,d.options=s.middleware.options,d.headers=s.middleware.headers,{path:s.path,middleware:d}})).filter(c=>c!==void 0).flat()||[],i={...{signInOAuth:Ge,callbackOAuth:Je,getCSRFToken:lt,getSession:ae(),signOut:rt,signUpEmail:ft(),signInEmail:We,forgetPassword:ot,resetPassword:it,verifyEmail:Ke,sendVerificationEmail:He,changePassword:at,setPassword:dt,updateUser:st,deleteUser:ct,forgetPasswordCallback:nt,listSessions:Ye(),revokeSession:et,revokeSessions:tt},...r,ok:pt,error:ut},a={};for(let[c,s]of Object.entries(i))a[c]=async(d={})=>{let l=await e;for(let m of t.plugins||[])if(m.hooks?.before){for(let f of m.hooks.before)if(f.matcher({...s,...d,context:l})){let b=await f.handler({...d,context:{...l,...d?.context}});b&&"context"in b&&(l={...l,...b.context})}}let u=await s({...d,context:{...l,...d.context}});for(let m of t.plugins||[])if(m.hooks?.after){for(let f of m.hooks.after)if(f.matcher(d)){let b=Object.assign(d,{context:{...e,returned:u}}),k=await f.handler(b);k&&"response"in k&&(u=k.response)}}return u},a[c].path=s.path,a[c].method=s.method,a[c].options=s.options,a[c].headers=s.headers;return{api:a,middlewares:o}}var yt=(e,t)=>{let{api:r,middlewares:o}=de(e,t),n=new URL(e.baseURL).pathname;return mr(r,{extraContext:e,basePath:n,routerMiddleware:[{path:"/**",middleware:xe},...o],async onRequest(i){for(let a of e.options.plugins||[])if(a.onRequest){let c=await a.onRequest(i,e);if(c)return c}return ht(i,e)},async onResponse(i){for(let a of e.options.plugins||[])if(a.onResponse){let c=await a.onResponse(i,e);if(c)return c.response}return i},onError(i){if(t.onAPIError?.throw)throw i;if(t.onAPIError?.onError){t.onAPIError.onError(i,e);return}let a=t.logger?.verboseLogging?w:void 0;t.logger?.disabled!==!0&&(i instanceof fr?(i.status==="INTERNAL_SERVER_ERROR"&&w.error(i),a?.error(i.message)):w?.error(i))}})};var _=e=>{let t=e.plugins?.reduce((s,d)=>{let l=d.schema;if(!l)return s;for(let[p,u]of Object.entries(l))s[p]={fields:{...s[p]?.fields,...u.fields},tableName:u.tableName||p};return s},{}),r=e.rateLimit?.storage==="database",o={rateLimit:{tableName:e.rateLimit?.tableName||"rateLimit",fields:{key:{type:"string",fieldName:e.rateLimit?.fields?.key||"key"},count:{type:"number",fieldName:e.rateLimit?.fields?.count||"count"},lastRequest:{type:"number",fieldName:e.rateLimit?.fields?.lastRequest||"lastRequest"}}}},{user:n,session:i,account:a,...c}=t||{};return{user:{tableName:e.user?.modelName||"user",fields:{name:{type:"string",required:!0,fieldName:e.user?.fields?.name||"name"},email:{type:"string",unique:!0,required:!0,fieldName:e.user?.fields?.email||"email"},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0,fieldName:e.user?.fields?.emailVerified||"emailVerified"},image:{type:"string",required:!1,fieldName:e.user?.fields?.image||"image"},createdAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.createdAt||"createdAt"},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.updatedAt||"updatedAt"},...n?.fields,...e.user?.additionalFields},order:1},session:{tableName:e.session?.modelName||"session",fields:{expiresAt:{type:"date",required:!0,fieldName:e.session?.fields?.expiresAt||"expiresAt"},ipAddress:{type:"string",required:!1,fieldName:e.session?.fields?.ipAddress||"ipAddress"},userAgent:{type:"string",required:!1,fieldName:e.session?.fields?.userAgent||"userAgent"},userId:{type:"string",fieldName:e.session?.fields?.userId||"userId",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0},...i?.fields,...e.session?.additionalFields},order:2},account:{tableName:e.account?.modelName||"account",fields:{accountId:{type:"string",required:!0,fieldName:e.account?.fields?.accountId||"accountId"},providerId:{type:"string",required:!0,fieldName:e.account?.fields?.providerId||"providerId"},userId:{type:"string",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0,fieldName:e.account?.fields?.userId||"userId"},accessToken:{type:"string",required:!1,fieldName:e.account?.fields?.accessToken||"accessToken"},refreshToken:{type:"string",required:!1,fieldName:e.account?.fields?.refreshToken||"refreshToken"},idToken:{type:"string",required:!1,fieldName:e.account?.fields?.idToken||"idToken"},expiresAt:{type:"date",required:!1,fieldName:e.account?.fields?.expiresAt||"expiresAt"},password:{type:"string",required:!1,fieldName:e.account?.fields?.password||"password"},...a?.fields},order:3},verification:{tableName:e.verification?.modelName||"verification",fields:{identifier:{type:"string",required:!0,fieldName:e.verification?.fields?.identifier||"identifier"},value:{type:"string",required:!0,fieldName:e.verification?.fields?.value||"value"},expiresAt:{type:"date",required:!0,fieldName:e.verification?.fields?.expiresAt||"expiresAt"}},order:4},...c,...r?o:{}}};import{Kysely as wt,MssqlDialect as gr}from"kysely";import{MysqlDialect as bt,PostgresDialect as At,SqliteDialect as Rt}from"kysely";function kt(e){if("dialect"in e)return kt(e.dialect);if("createDriver"in e){if(e instanceof Rt)return"sqlite";if(e instanceof bt)return"mysql";if(e instanceof At)return"postgres";if(e instanceof gr)return"mssql"}return"aggregate"in e?"sqlite":"getConnection"in e?"mysql":"connect"in e?"postgres":null}var K=async e=>{let t=e.database;if("db"in t)return{kysely:t.db,databaseType:t.type};if("dialect"in t)return{kysely:new wt({dialect:t.dialect}),databaseType:t.type};let r,o=kt(t);return"createDriver"in t&&(r=t),"aggregate"in t&&(r=new Rt({database:t})),"getConnection"in t&&(r=new bt({pool:t})),"connect"in t&&(r=new At({pool:t})),{kysely:r?new wt({dialect:r}):null,databaseType:o}};function Y(e){if(!e)return{and:null,or:null};let t=e?.filter(o=>o.connector==="AND"||!o.connector).reduce((o,n)=>({...o,[n.field]:n.value}),{}),r=e?.filter(o=>o.connector==="OR").reduce((o,n)=>({...o,[n.field]:n.value}),{});return{and:Object.keys(t).length?t:null,or:Object.keys(r).length?r:null}}function ee(e,t,r){for(let o in e)e[o]===0&&t[o]?.type==="boolean"&&r?.boolean&&(e[o]=!1),e[o]===1&&t[o]?.type==="boolean"&&r?.boolean&&(e[o]=!0),t[o]?.type==="date"&&(e[o]instanceof Date||(e[o]=new Date(e[o])));return e}function xt(e,t){for(let r in e)typeof e[r]=="boolean"&&t?.boolean&&(e[r]=e[r]?1:0),e[r]instanceof Date&&(e[r]=e[r].toISOString());return e}var Tt=(e,t)=>({id:"kysely",async create(r){let{model:o,data:n,select:i}=r;t?.transform&&(n=xt(n,t.transform)),t?.generateId!==void 0&&(n.id=t.generateId?t.generateId():void 0);let a=await e.insertInto(o).values(n).returningAll().executeTakeFirst();if(t?.transform){let c=t.transform.schema[o];a=c?ee(n,c,t.transform):a}return i?.length&&(a=a?i.reduce((s,d)=>a?.[d]?{...s,[d]:a[d]}:s,{}):null),a},async findOne(r){let{model:o,where:n,select:i}=r,{and:a,or:c}=Y(n),s=e.selectFrom(o).selectAll();c&&(s=s.where(l=>l.or(c))),a&&(s=s.where(l=>l.and(a)));let d=await s.executeTakeFirst();if(i?.length&&(d=d?i.reduce((p,u)=>d?.[u]?{...p,[u]:d[u]}:p,{}):null),t?.transform){let l=t.transform.schema[o];return d=d&&l?ee(d,l,t.transform):d,d||null}return d||null},async findMany(r){let{model:o,where:n,limit:i,offset:a,sortBy:c}=r,s=e.selectFrom(o),{and:d,or:l}=Y(n);d&&(s=s.where(u=>u.and(d))),l&&(s=s.where(u=>u.or(l))),s=s.limit(i||100),a&&(s=s.offset(a)),c&&(s=s.orderBy(c.field,c.direction));let p=await s.selectAll().execute();if(t?.transform){let u=t.transform.schema[o];return u?p.map(m=>ee(m,u,t.transform)):p}return p},async update(r){let{model:o,where:n,update:i}=r,{and:a,or:c}=Y(n);t?.transform&&(i=xt(i,t.transform));let s=e.updateTable(o).set(i);a&&(s=s.where(l=>l.and(a))),c&&(s=s.where(l=>l.or(c)));let d=await s.returningAll().executeTakeFirst()||null;if(t?.transform){let l=t.transform.schema[o];return l?ee(d,l,t.transform):d}return d},async delete(r){let{model:o,where:n}=r,{and:i,or:a}=Y(n),c=e.deleteFrom(o);i&&(c=c.where(s=>s.and(i))),a&&(c=c.where(s=>s.or(a))),await c.execute()}});async function Ut(e){if(!e.database)throw new R("Database configuration is required");if("create"in e.database)return e.database;let{kysely:t,databaseType:r}=await K(e);if(!t)throw new R("Failed to initialize database adapter");let o=_(e),n={};for(let i of Object.values(o))n[i.tableName]=i.fields;return Tt(t,{transform:{schema:n,date:!0,boolean:r==="sqlite"},generateId:"generateId"in e.database?e.database.generateId:void 0})}function ce(e,t){let r={id:t.id};for(let o in e){let n=e[o],i=t[o];r[n.fieldName||o]=i}return r}function le(e,t){if(!t)return null;let r={id:t.id};for(let[o,n]of Object.entries(e))r[o]=t[n.fieldName||o];return r}function vt(e,t){let r=t.hooks,o=_(t.options);async function n(a,c,s){let d=a,l=o[c];for(let m of r||[]){let f=m[c]?.create?.before;if(f){let g=await f(a);if(g===!1)return null;typeof g=="object"&&"data"in g&&(d=g.data)}}let p=s?await s.fn(d):null,u=!s||s.executeMainFn?await e.create({model:l.tableName,data:{id:U(),...ce(l.fields,d)}}):p;for(let m of r||[]){let f=m[c]?.create?.after;f&&await f(u)}return le(l.fields,u)}async function i(a,c,s,d){let l=a;for(let m of r||[]){let f=m[s]?.update?.before;if(f){let g=await f(a);if(g===!1)return null;l=typeof g=="object"?g.data:g}}let p=d?await d.fn(l):null,u=!d||d.executeMainFn?await e.update({model:o[s].tableName,update:ce(o[s].fields,l),where:c}):p;for(let m of r||[]){let f=m[s]?.update?.after;f&&await f(u)}return le(o[s].fields,u)}return{createWithHooks:n,updateWithHooks:i}}var ue=(e,t)=>{let r=t.options,o=r.secondaryStorage,n=r.session?.expiresIn||60*60*24*7,i=_(r),{createWithHooks:a,updateWithHooks:c}=vt(e,t);return{createOAuthUser:async(s,d)=>{try{let l=await a(s,"user"),p=await a(d,"account");return{user:l,account:{...p,userId:l.id}}}catch(l){return console.log(l),null}},createUser:async s=>await a({id:U(),createdAt:new Date,updatedAt:new Date,emailVerified:!1,...s},"user"),createAccount:async s=>await a({id:U(),createdAt:new Date,updatedAt:new Date,...s},"account"),listSessions:async s=>await e.findMany({model:i.session.tableName,where:[{field:i.session.fields.userId.fieldName||"userId",value:s}]}),listUsers:async(s,d,l)=>await e.findMany({model:i.user.tableName,limit:s,offset:d,sortBy:l}),deleteUser:async s=>{await e.delete({model:i.account.tableName,where:[{field:i.account.fields.userId.fieldName||"userId",value:s}]}),await e.delete({model:i.session.tableName,where:[{field:i.session.fields.userId.fieldName||"userId",value:s}]}),await e.delete({model:i.user.tableName,where:[{field:"id",value:s}]})},createSession:async(s,d,l,p)=>{let u=d instanceof Request?d.headers:d,m={id:U(),userId:s,expiresAt:l?F(60*60*24,"sec"):F(n,"sec"),ipAddress:u?.get("x-forwarded-for")||"",userAgent:u?.get("user-agent")||"",...p};return await a(m,"session",o?{fn:async g=>{let b=await e.findOne({model:i.user.tableName,where:[{field:"id",value:s}]});return o.set(g.id,JSON.stringify({session:g,user:b}),n),g},executeMainFn:r.session?.storeSessionInDatabase}:void 0)},findSession:async s=>{if(o){let p=await o.get(s);if(p){let u=JSON.parse(p);return{session:{...u.session,expiresAt:new Date(u.session.expiresAt)},user:{...u.user,createdAt:new Date(u.user.createdAt),updatedAt:new Date(u.user.updatedAt)}}}}let d=await e.findOne({model:i.session.tableName,where:[{value:s,field:"id"}]});if(!d)return null;let l=await e.findOne({model:i.user.tableName,where:[{value:d.userId,field:"id"}]});return l?{session:d,user:l}:null},updateSession:async(s,d)=>await c(d,[{field:"id",value:s}],"session",o?{async fn(p){let u=await o.get(s),m=null;if(u){let f=JSON.parse(u);m={...f.session,...p},await o.set(s,JSON.stringify({session:m,user:f.user}),f.session.expiresAt?new Date(f.session.expiresAt).getTime():void 0)}else return null},executeMainFn:r.session?.storeSessionInDatabase}:void 0),deleteSession:async s=>{if(o){await o.delete(s),r.session?.storeSessionInDatabase&&await e.delete({model:i.session.tableName,where:[{field:"id",value:s}]});return}await e.delete({model:i.session.tableName,where:[{field:"id",value:s}]})},deleteSessions:async s=>{if(o){let d=await e.findMany({model:i.session.tableName,where:[{field:i.session.fields.userId.fieldName||"userId",value:s}]});for(let l of d)await o.delete(l.id);r.session?.storeSessionInDatabase&&await e.delete({model:i.session.tableName,where:[{field:i.session.fields.userId.fieldName||"userId",value:s}]});return}await e.delete({model:i.session.tableName,where:[{field:i.session.fields.userId.fieldName||"userId",value:s}]})},findUserByEmail:async(s,d)=>{let l=await e.findOne({model:i.user.tableName,where:[{value:s.toLowerCase(),field:i.user.fields.email.fieldName||"email"}]});if(!l)return null;if(d?.includeAccounts){let p=await e.findMany({model:i.account.tableName,where:[{value:l.id,field:i.account.fields.userId.fieldName||"userId"}]});return{user:l,accounts:p}}return{user:l,accounts:[]}},findUserById:async s=>await e.findOne({model:i.user.tableName,where:[{field:"id",value:s}]}),linkAccount:async s=>await a({id:U(),...s},"account"),updateUser:async(s,d)=>await c(d,[{field:"id",value:s}],"user"),updateUserByEmail:async(s,d)=>await c(d,[{field:"email",value:s}],"user"),updatePassword:async(s,d)=>await c({password:d},[{field:i.account.fields.userId.fieldName||"userId",value:s},{field:i.account.fields.providerId.fieldName||"providerId",value:"credential"}],"account"),findAccounts:async s=>await e.findMany({model:i.account.tableName,where:[{field:i.account.fields.userId.fieldName||"userId",value:s}]}),updateAccount:async(s,d)=>await c(d,[{field:"id",value:s}],"account"),createVerificationValue:async s=>await a({id:U(),...s},"verification"),findVerificationValue:async s=>await e.findOne({model:i.verification.tableName,where:[{field:i.verification.fields.identifier.fieldName||"identifier",value:s}]}),deleteVerificationValue:async s=>{await e.delete({model:i.verification.tableName,where:[{field:"id",value:s}]})},updateVerificationValue:async(s,d)=>await c(d,[{field:"id",value:s}],"verification")}};import{z as Da}from"zod";import"kysely";import{defu as hr}from"defu";var pe="better-auth-secret-123456789";var Et=async e=>{let t=await Ut(e),r=e.plugins||[],o=wr(e),{kysely:n}=await K(e),i=M(e.baseURL,e.basePath);if(!i)throw new R("Base URL can not be empty. Please add `BETTER_AUTH_URL` in your environment variables or pass it your auth config.");let a=e.secret||process.env.BETTER_AUTH_SECRET||process.env.AUTH_SECRET||pe;if(a===pe&&process.env.NODE_ENV==="production")throw new R("You are using the default secret. Please set `BETTER_AUTH_SECRET` or `AUTH_SECRET` in your environment variables or pass `secret` in your auth config.");e={...e,secret:a,baseURL:i?new URL(i).origin:"",basePath:e.basePath||"/api/auth",plugins:r.concat(o),emailAndPassword:{...e.emailAndPassword,enabled:e.emailAndPassword?.enabled??!1,autoSignIn:!0}};let c=Pe(e),s=_(e),d=Object.keys(e.socialProviders||{}).map(u=>{let m=e.socialProviders?.[u];return m.enabled===!1?null:((!m.clientId||!m.clientSecret)&&w.warn(`Social provider ${u} is missing clientId or clientSecret`),se[u](m))}).filter(u=>u!==null),l={appName:e.appName||"Better Auth",socialProviders:d,options:e,tables:s,trustedOrigins:br(e),baseURL:i,sessionConfig:{updateAge:e.session?.updateAge||24*60*60,expiresIn:e.session?.expiresIn||60*60*24*7},secret:a,rateLimit:{...e.rateLimit,enabled:e.rateLimit?.enabled??process.env.NODE_ENV!=="development",window:e.rateLimit?.window||60,max:e.rateLimit?.max||100,storage:e.rateLimit?.storage||e.secondaryStorage?"secondary-storage":"memory"},authCookies:c,logger:oe({disabled:e.logger?.disabled||!1}),db:n,uuid:U,secondaryStorage:e.secondaryStorage,password:{hash:e.emailAndPassword?.password?.hash||ge,verify:e.emailAndPassword?.password?.verify||he,config:{minPasswordLength:e.emailAndPassword?.minPasswordLength||8,maxPasswordLength:e.emailAndPassword?.maxPasswordLength||128}},adapter:t,internalAdapter:ue(t,{options:e,hooks:e.databaseHooks?[e.databaseHooks]:[]}),createAuthCookie:Oe(e)},{context:p}=yr(l);return p};function yr(e){let t=e.options,r=t.plugins||[],o=e,n=[];for(let i of r)if(i.init){let a=i.init(e);typeof a=="object"&&(a.options&&(a.options.databaseHooks&&n.push(a.options.databaseHooks),t=hr(t,a.options)),a.context&&(o={...o,...a.context}))}return n.push(t.databaseHooks),o.internalAdapter=ue(e.adapter,{options:t,hooks:n.filter(i=>i!==void 0)}),o.options=t,{context:o}}function wr(e){let t=[];return e.advanced?.crossSubDomainCookies?.enabled,t}function br(e){let t=M(e.baseURL,e.basePath);if(!t)throw new R("Base URL can not be empty. Please add `BETTER_AUTH_URL` in your environment variables or pass it in your auth config.");let r=[new URL(t).origin];e.trustedOrigins&&r.push(...e.trustedOrigins);let o=process.env.BETTER_AUTH_TRUSTED_ORIGINS;return o&&r.push(...o.split(",")),r}var Ad=e=>{let t=Et(e),{api:r}=de(t,e);return{handler:async o=>{let n=await t,i=n.options.basePath||"/api/auth",a=new URL(o.url);if(!n.options.baseURL){let s=M(void 0,i)||`${a.origin}${i}`;n.options.baseURL=s,n.baseURL=s}if(!n.options.baseURL)return new Response("Base URL not set",{status:400});if(a.pathname===i||a.pathname===`${i}/`)return new Response("Welcome to BetterAuth",{status:200});let{handler:c}=yt(n,e);return c(o)},api:r,options:e,$Infer:{}}};export{R as BetterAuthError,C as HIDE_METADATA,Ie as MissingDependencyError,Ad as betterAuth,cn as capitalizeFirstLetter,Oe as createCookieGetter,oe as createLogger,z as deleteSessionCookie,U as generateId,Ee as generateState,Pe as getCookies,w as logger,co as parseSetCookieHeader,re as parseState,I as setSessionCookie};

package/dist/node.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import * as http from 'http';
-import { a as Auth } from './auth-BqAt6mrY.js';
+import { a as Auth } from './auth-C6fr77co.js';
 import 'zod';
 import 'kysely';
 import './schema-Dkt0LqYs.js';

package/dist/plugins.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
-export { A as AnonymousOptions, O as OrganizationOptions, b as Passkey, P as PasskeyOptions, U as UserWithPhoneNumber, f as UserWithRole, i as admin, h as adminMiddleware, e as anonymous, j as genericOAuth, g as getPasskeyActions, m as magicLink, o as organization, p as passkey, c as passkeyClient, d as phoneNumber, t as twoFactor, a as twoFactorClient, u as username } from './index-BN_LDD1g.js';
+export { A as AnonymousOptions, O as OrganizationOptions, b as Passkey, P as PasskeyOptions, U as UserWithPhoneNumber, f as UserWithRole, i as admin, h as adminMiddleware, e as anonymous, j as genericOAuth, g as getPasskeyActions, m as magicLink, o as organization, p as passkey, c as passkeyClient, d as phoneNumber, t as twoFactor, a as twoFactorClient, u as username } from './index-pILRgibH.js';
 export { i as ac } from './index-DfAHOgpj.js';
-import { H as HookEndpointContext, P as PluginSchema } from './auth-BqAt6mrY.js';
-export { e as AuthEndpoint, f as AuthMiddleware, b as BetterAuthPlugin, d as createAuthEndpoint, c as createAuthMiddleware, o as optionsMiddleware } from './auth-BqAt6mrY.js';
+import { H as HookEndpointContext, P as PluginSchema } from './auth-C6fr77co.js';
+export { e as AuthEndpoint, f as AuthMiddleware, b as BetterAuthPlugin, d as createAuthEndpoint, c as createAuthMiddleware, o as optionsMiddleware } from './auth-C6fr77co.js';
 export { H as HIDE_METADATA } from './hide-metadata-DEHJp1rk.js';
 import { U as User } from './schema-Dkt0LqYs.js';
 import * as better_call from 'better-call';