better-auth 0.4.9-beta.5 → 0.4.9-beta.7

package/dist/adapters/drizzle.d.ts

@@ -1,4 +1,4 @@
-import { A as Adapter } from '../index-xf537-bb.js';
+import { A as Adapter } from '../index-DLbRYrL5.js';
 import 'zod';
 import 'kysely';
 import '../types-IzAbV4nB.js';

package/dist/adapters/mongodb.d.ts

@@ -1,5 +1,5 @@
 import { Db } from 'mongodb';
-import { W as Where } from '../index-xf537-bb.js';
+import { W as Where } from '../index-DLbRYrL5.js';
 import 'zod';
 import 'kysely';
 import '../types-IzAbV4nB.js';

package/dist/adapters/prisma.d.ts

@@ -1,4 +1,4 @@
-import { A as Adapter } from '../index-xf537-bb.js';
+import { A as Adapter } from '../index-DLbRYrL5.js';
 import 'zod';
 import 'kysely';
 import '../types-IzAbV4nB.js';

package/dist/api.d.ts

@@ -1,4 +1,4 @@
-export { e as AuthEndpoint, f as AuthMiddleware, v as callbackOAuth, T as changePassword, d as createAuthEndpoint, c as createAuthMiddleware, M as createEmailVerificationToken, $ as csrfMiddleware, V as deleteUser, Y as error, J as forgetPassword, K as forgetPasswordCallback, X as getCSRFToken, r as getEndpoints, w as getSession, x as getSessionFromCtx, z as listSessions, Z as ok, o as optionsMiddleware, L as resetPassword, C as revokeSession, D as revokeSessions, s as router, N as sendVerificationEmail, y as sessionMiddleware, U as setPassword, u as signInEmail, t as signInOAuth, E as signOut, _ as signUpEmail, Q as updateUser, O as verifyEmail } from './index-xf537-bb.js';
+export { e as AuthEndpoint, f as AuthMiddleware, v as callbackOAuth, T as changePassword, d as createAuthEndpoint, c as createAuthMiddleware, M as createEmailVerificationToken, $ as csrfMiddleware, V as deleteUser, Y as error, J as forgetPassword, K as forgetPasswordCallback, X as getCSRFToken, r as getEndpoints, w as getSession, x as getSessionFromCtx, z as listSessions, Z as ok, o as optionsMiddleware, L as resetPassword, C as revokeSession, D as revokeSessions, s as router, N as sendVerificationEmail, y as sessionMiddleware, U as setPassword, u as signInEmail, t as signInOAuth, E as signOut, _ as signUpEmail, Q as updateUser, O as verifyEmail } from './index-DLbRYrL5.js';
 import './helper-DPDj8Nix.js';
 import 'zod';
 export { APIError } from 'better-call';

package/dist/api.js

@@ -67,7 +67,7 @@ var csrfMiddleware = createAuthMiddleware(
     if (ctx.context.trustedOrigins.includes(url.origin)) {
       return;
     }
-    const csrfToken = ctx.headers?.get("x-auth-csrf-token");
+    const csrfToken = ctx.body?.csrfToken;
     if (!csrfToken) {
       throw new APIError2("UNAUTHORIZED", {
         message: "CSRF Token is required"
@@ -1026,8 +1026,9 @@ var redirectURLMiddleware = createAuthMiddleware(async (ctx) => {
   if (callbackURL?.includes("http")) {
     const callbackOrigin = new URL(callbackURL).origin;
     if (!trustedOrigins.includes(callbackOrigin)) {
-      logger.error("Unknown origin in callback URL", {
-        callbackURL
+      logger.error("Invalid callback URL", {
+        callbackURL,
+        trustedOrigins
       });
       throw new APIError4("FORBIDDEN", {
         message: "Invalid callback URL"
@@ -1037,7 +1038,7 @@ var redirectURLMiddleware = createAuthMiddleware(async (ctx) => {
   if (currentURL !== ctx.context.baseURL) {
     const currentURLOrigin = new URL(currentURL).origin;
     if (!trustedOrigins.includes(currentURLOrigin)) {
-      logger.error("Unknown origin in current URL", {
+      logger.error("Invalid current URL", {
         currentURL,
         trustedOrigins
       });
@@ -1046,7 +1047,6 @@ var redirectURLMiddleware = createAuthMiddleware(async (ctx) => {
       });
     }
   }
-  ctx.setHeader("x-auth-redirect", "true");
 });
 
 // src/api/routes/sign-in.ts
@@ -1074,39 +1074,39 @@ var signInOAuth = createAuthEndpoint(
     }),
     use: [redirectURLMiddleware]
   },
-  async (c2) => {
-    const provider = c2.context.socialProviders.find(
-      (p) => p.id === c2.body.provider
+  async (c) => {
+    const provider = c.context.socialProviders.find(
+      (p) => p.id === c.body.provider
     );
     if (!provider) {
-      c2.context.logger.error(
+      c.context.logger.error(
         "Provider not found. Make sure to add the provider to your auth config",
         {
-          provider: c2.body.provider
+          provider: c.body.provider
         }
       );
       throw new APIError5("NOT_FOUND", {
         message: "Provider not found"
       });
     }
-    const cookie = c2.context.authCookies;
-    const currentURL = c2.query?.currentURL ? new URL(c2.query?.currentURL) : null;
-    const callbackURL = c2.body.callbackURL?.startsWith("http") ? c2.body.callbackURL : `${currentURL?.origin}${c2.body.callbackURL || ""}`;
+    const cookie = c.context.authCookies;
+    const currentURL = c.query?.currentURL ? new URL(c.query?.currentURL) : null;
+    const callbackURL = c.body.callbackURL?.startsWith("http") ? c.body.callbackURL : `${currentURL?.origin}${c.body.callbackURL || ""}`;
     const state = generateState(
-      callbackURL || currentURL?.origin || c2.context.baseURL,
-      c2.query?.currentURL
+      callbackURL || currentURL?.origin || c.context.baseURL,
+      c.query?.currentURL
     );
-    await c2.setSignedCookie(
+    await c.setSignedCookie(
       cookie.state.name,
       state,
-      c2.context.secret,
+      c.context.secret,
       cookie.state.options
     );
     const codeVerifier = generateCodeVerifier();
-    await c2.setSignedCookie(
+    await c.setSignedCookie(
       cookie.pkCodeVerifier.name,
       codeVerifier,
-      c2.context.secret,
+      c.context.secret,
       cookie.pkCodeVerifier.options
     );
     const url = await provider.createAuthorizationURL({
@@ -1115,9 +1115,9 @@ var signInOAuth = createAuthEndpoint(
     });
     url.searchParams.set(
       "redirect_uri",
-      `${c2.context.baseURL}/callback/${c2.body.provider}`
+      `${c.context.baseURL}/callback/${c.body.provider}`
     );
-    return c2.json({
+    return c.json({
       url: url.toString(),
       state,
       codeVerifier,
@@ -1150,12 +1150,6 @@ var signInEmail = createAuthEndpoint(
         message: "Email and password is not enabled"
       });
     }
-    const currentSession = await getSessionFromCtx(ctx);
-    if (currentSession) {
-      await ctx.context.internalAdapter.deleteSession(
-        currentSession.session.id
-      );
-    }
     const { email, password } = ctx.body;
     const checkEmail = z4.string().email().safeParse(email);
     if (!checkEmail.success) {
@@ -1219,17 +1213,6 @@ var signInEmail = createAuthEndpoint(
     });
   }
 );
-var c = (o) => {
-};
-c({
-  additional: {
-    name: "string"
-  },
-  hooks: {
-    create(user) {
-    }
-  }
-});
 
 // src/api/routes/callback.ts
 import { APIError as APIError6 } from "better-call";
@@ -1400,63 +1383,63 @@ var callbackOAuth = createAuthEndpoint(
     }),
     metadata: HIDE_METADATA
   },
-  async (c2) => {
-    if (c2.query.error || !c2.query.code) {
-      const parsedState2 = parseState(c2.query.state);
-      const callbackURL2 = parsedState2.data?.callbackURL || `${c2.context.baseURL}/error`;
-      c2.context.logger.error(c2.query.error, c2.params.id);
-      throw c2.redirect(
-        `${callbackURL2}?error=${c2.query.error || "oAuth_code_missing"}`
+  async (c) => {
+    if (c.query.error || !c.query.code) {
+      const parsedState2 = parseState(c.query.state);
+      const callbackURL2 = parsedState2.data?.callbackURL || `${c.context.baseURL}/error`;
+      c.context.logger.error(c.query.error, c.params.id);
+      throw c.redirect(
+        `${callbackURL2}?error=${c.query.error || "oAuth_code_missing"}`
       );
     }
-    const provider = c2.context.socialProviders.find(
-      (p) => p.id === c2.params.id
+    const provider = c.context.socialProviders.find(
+      (p) => p.id === c.params.id
     );
     if (!provider) {
-      c2.context.logger.error(
+      c.context.logger.error(
         "Oauth provider with id",
-        c2.params.id,
+        c.params.id,
         "not found"
       );
-      throw c2.redirect(
-        `${c2.context.baseURL}/error?error=oauth_provider_not_found`
+      throw c.redirect(
+        `${c.context.baseURL}/error?error=oauth_provider_not_found`
       );
     }
-    const parsedState = parseState(c2.query.state);
+    const parsedState = parseState(c.query.state);
     if (!parsedState.success) {
-      c2.context.logger.error("Unable to parse state");
-      throw c2.redirect(
-        `${c2.context.baseURL}/error?error=please_restart_the_process`
+      c.context.logger.error("Unable to parse state");
+      throw c.redirect(
+        `${c.context.baseURL}/error?error=please_restart_the_process`
       );
     }
     const {
       data: { callbackURL, currentURL }
     } = parsedState;
-    const storedState = await c2.getSignedCookie(
-      c2.context.authCookies.state.name,
-      c2.context.secret
+    const storedState = await c.getSignedCookie(
+      c.context.authCookies.state.name,
+      c.context.secret
     );
-    if (storedState !== c2.query.state) {
+    if (storedState !== c.query.state) {
       logger.error("OAuth state mismatch");
-      throw c2.redirect(
-        `${c2.context.baseURL}/error?error=please_restart_the_process`
+      throw c.redirect(
+        `${c.context.baseURL}/error?error=please_restart_the_process`
       );
     }
-    const codeVerifier = await c2.getSignedCookie(
-      c2.context.authCookies.pkCodeVerifier.name,
-      c2.context.secret
+    const codeVerifier = await c.getSignedCookie(
+      c.context.authCookies.pkCodeVerifier.name,
+      c.context.secret
     );
     let tokens;
     try {
       tokens = await provider.validateAuthorizationCode(
-        c2.query.code,
+        c.query.code,
         codeVerifier,
-        `${c2.context.baseURL}/callback/${provider.id}`
+        `${c.context.baseURL}/callback/${provider.id}`
       );
     } catch (e) {
-      c2.context.logger.error(e);
-      throw c2.redirect(
-        `${c2.context.baseURL}/error?error=please_restart_the_process`
+      c.context.logger.error(e);
+      throw c.redirect(
+        `${c.context.baseURL}/error?error=please_restart_the_process`
       );
     }
     const user = await provider.getUserInfo(tokens).then((res) => res?.user);
@@ -1467,24 +1450,24 @@ var callbackOAuth = createAuthEndpoint(
     });
     if (!user || data.success === false) {
       logger.error("Unable to get user info", data.error);
-      throw c2.redirect(
-        `${c2.context.baseURL}/error?error=please_restart_the_process`
+      throw c.redirect(
+        `${c.context.baseURL}/error?error=please_restart_the_process`
       );
     }
     if (!callbackURL) {
-      throw c2.redirect(
-        `${c2.context.baseURL}/error?error=please_restart_the_process`
+      throw c.redirect(
+        `${c.context.baseURL}/error?error=please_restart_the_process`
       );
     }
-    const dbUser = await c2.context.internalAdapter.findUserByEmail(user.email, {
+    const dbUser = await c.context.internalAdapter.findUserByEmail(user.email, {
       includeAccounts: true
     }).catch((e) => {
       logger.error(
         "Better auth was unable to query your database.\nError: ",
         e
       );
-      throw c2.redirect(
-        `${c2.context.baseURL}/error?error=internal_server_error`
+      throw c.redirect(
+        `${c.context.baseURL}/error?error=internal_server_error`
       );
     });
     const userId = dbUser?.user.id;
@@ -1492,7 +1475,7 @@ var callbackOAuth = createAuthEndpoint(
       const hasBeenLinked = dbUser.accounts.find(
         (a) => a.providerId === provider.id
       );
-      const trustedProviders = c2.context.options.account?.accountLinking?.trustedProviders;
+      const trustedProviders = c.context.options.account?.accountLinking?.trustedProviders;
       const isTrustedProvider = trustedProviders ? trustedProviders.includes(provider.id) : true;
       if (!hasBeenLinked && (!user.emailVerified || !isTrustedProvider)) {
         let url;
@@ -1500,15 +1483,15 @@ var callbackOAuth = createAuthEndpoint(
           url = new URL(currentURL || callbackURL);
           url.searchParams.set("error", "account_not_linked");
         } catch (e) {
-          throw c2.redirect(
-            `${c2.context.baseURL}/error?error=account_not_linked`
+          throw c.redirect(
+            `${c.context.baseURL}/error?error=account_not_linked`
           );
         }
-        throw c2.redirect(url.toString());
+        throw c.redirect(url.toString());
       }
       if (!hasBeenLinked) {
         try {
-          await c2.context.internalAdapter.linkAccount({
+          await c.context.internalAdapter.linkAccount({
             providerId: provider.id,
             accountId: user.id.toString(),
             id: `${provider.id}:${user.id}`,
@@ -1517,14 +1500,14 @@ var callbackOAuth = createAuthEndpoint(
           });
         } catch (e) {
           console.log(e);
-          throw c2.redirect(
-            `${c2.context.baseURL}/error?error=failed_linking_account`
+          throw c.redirect(
+            `${c.context.baseURL}/error?error=failed_linking_account`
           );
         }
       }
     } else {
       try {
-        await c2.context.internalAdapter.createOAuthUser(data.data, {
+        await c.context.internalAdapter.createOAuthUser(data.data, {
           ...getAccountTokens(tokens),
           id: `${provider.id}:${user.id}`,
           providerId: provider.id,
@@ -1534,8 +1517,8 @@ var callbackOAuth = createAuthEndpoint(
       } catch (e) {
         const url = new URL(currentURL || callbackURL);
         url.searchParams.set("error", "unable_to_create_user");
-        c2.setHeader("Location", url.toString());
-        throw c2.redirect(url.toString());
+        c.setHeader("Location", url.toString());
+        throw c.redirect(url.toString());
       }
     }
     if (!userId && !id)
@@ -1543,57 +1526,41 @@ var callbackOAuth = createAuthEndpoint(
         message: "Unable to create user"
       });
     try {
-      const session = await c2.context.internalAdapter.createSession(
+      const session = await c.context.internalAdapter.createSession(
         userId || id,
-        c2.request
+        c.request
       );
       if (!session) {
         const url = new URL(currentURL || callbackURL);
         url.searchParams.set("error", "unable_to_create_session");
-        throw c2.redirect(url.toString());
+        throw c.redirect(url.toString());
       }
       try {
-        await setSessionCookie(c2, session.id);
+        await setSessionCookie(c, session.id);
       } catch (e) {
-        c2.context.logger.error("Unable to set session cookie", e);
+        c.context.logger.error("Unable to set session cookie", e);
         const url = new URL(currentURL || callbackURL);
         url.searchParams.set("error", "unable_to_create_session");
-        throw c2.redirect(url.toString());
+        throw c.redirect(url.toString());
       }
     } catch {
       const url = new URL(currentURL || callbackURL || "");
       url.searchParams.set("error", "unable_to_create_session");
-      throw c2.redirect(url.toString());
+      throw c.redirect(url.toString());
     }
-    throw c2.redirect(callbackURL);
+    throw c.redirect(callbackURL);
   }
 );
 
 // src/api/routes/sign-out.ts
-import { z as z7 } from "zod";
+import "zod";
 import { APIError as APIError7 } from "better-call";
 var signOut = createAuthEndpoint(
   "/sign-out",
   {
-    method: "POST",
-    body: z7.optional(
-      z7.object({
-        callbackURL: z7.string().optional()
-      })
-    ),
-    use: [redirectURLMiddleware]
+    method: "POST"
   },
   async (ctx) => {
-    const callbackOrigin = ctx.body?.callbackURL ? new URL(ctx.body.callbackURL).origin : null;
-    const trustedOrigins = [
-      ctx.context.baseURL,
-      ...ctx.context.options.trustedOrigins || []
-    ];
-    if (callbackOrigin && !trustedOrigins.includes(callbackOrigin)) {
-      throw new APIError7("UNAUTHORIZED", {
-        message: "Invalid callback URL"
-      });
-    }
     const sessionCookieToken = await ctx.getSignedCookie(
       ctx.context.authCookies.sessionToken.name,
       ctx.context.secret
@@ -1605,11 +1572,8 @@ var signOut = createAuthEndpoint(
     }
     await ctx.context.internalAdapter.deleteSession(sessionCookieToken);
     deleteSessionCookie(ctx);
-    return ctx.json(null, {
-      body: {
-        redirect: !!ctx.body?.callbackURL,
-        url: ctx.body?.callbackURL
-      }
+    return ctx.json({
+      success: true
     });
   }
 );
@@ -2241,8 +2205,8 @@ var error = createAuthEndpoint(
     method: "GET",
     metadata: HIDE_METADATA
   },
-  async (c2) => {
-    const query = new URL(c2.request?.url || "").searchParams.get("error") || "Unknown";
+  async (c) => {
+    const query = new URL(c.request?.url || "").searchParams.get("error") || "Unknown";
     return new Response(html(query), {
       headers: {
         "Content-Type": "text/html"
@@ -2636,26 +2600,26 @@ function getEndpoints(ctx, options) {
   let api = {};
   for (const [key, value] of Object.entries(endpoints)) {
     api[key] = async (context) => {
-      let c2 = await ctx;
+      let c = await ctx;
       for (const plugin of options.plugins || []) {
         if (plugin.hooks?.before) {
           for (const hook of plugin.hooks.before) {
             const match = hook.matcher({
               ...value,
               ...context,
-              context: c2
+              context: c
             });
             if (match) {
               const hookRes = await hook.handler({
                 ...context,
                 context: {
-                  ...c2,
+                  ...c,
                   ...context.context
                 }
               });
               if (hookRes && "context" in hookRes) {
-                c2 = {
-                  ...c2,
+                c = {
+                  ...c,
                   ...hookRes.context
                 };
               }
@@ -2666,7 +2630,7 @@ function getEndpoints(ctx, options) {
       const endpointRes = await value({
         ...context,
         context: {
-          ...c2,
+          ...c,
           ...context.context
         }
       });

package/dist/client/plugins.d.ts

@@ -2,10 +2,10 @@ import * as nanostores from 'nanostores';
 import { A as AccessControl, S as StatementsPrimitive, R as Role } from '../statement-CfnyN34h.js';
 import * as _better_fetch_fetch from '@better-fetch/fetch';
 import { BetterFetchOption } from '@better-fetch/fetch';
-import { o as organization, k as Organization, M as Member, I as Invitation, u as username, m as magicLink, d as phoneNumber, e as anonymous, i as admin, j as genericOAuth } from '../index-x0qUJonH.js';
-export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-x0qUJonH.js';
+import { o as organization, k as Organization, M as Member, I as Invitation, u as username, m as magicLink, d as phoneNumber, e as anonymous, i as admin, j as genericOAuth } from '../index-e3_mbU9X.js';
+export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-e3_mbU9X.js';
 import { P as Prettify } from '../helper-DPDj8Nix.js';
-import { F as FieldAttribute, B as BetterAuthOptions, b as BetterAuthPlugin } from '../index-xf537-bb.js';
+import { F as FieldAttribute, B as BetterAuthOptions, b as BetterAuthPlugin } from '../index-DLbRYrL5.js';
 import '../types-IzAbV4nB.js';
 import 'zod';
 import 'better-call';

package/dist/client.d.ts

@@ -6,7 +6,7 @@ import { BetterFetch, BetterFetchError, BetterFetchOption } from '@better-fetch/
 import { U as UnionToIntersection, P as Prettify, S as StripEmptyObjects } from './helper-DPDj8Nix.js';
 import { ClientOptions, InferClientAPI, InferActions, InferAdditionalFromClient, InferSessionFromClient, InferUserFromClient, BetterAuthClientPlugin, IsSignal } from './types.js';
 export { AtomListener, InferPluginsFromClient } from './types.js';
-import './index-xf537-bb.js';
+import './index-DLbRYrL5.js';
 import 'kysely';
 import './types-IzAbV4nB.js';
 import 'better-call';

package/dist/client.js

@@ -56,10 +56,6 @@ var redirectPlugin = {
   name: "Redirect",
   hooks: {
     onSuccess(context) {
-      const header = context.response?.headers.get("x-auth-redirect");
-      if (!header) {
-        return;
-      }
       if (context.data?.url && context.data?.redirect) {
         if (typeof window !== "undefined") {
           window.location.href = context.data.url;
@@ -118,9 +114,9 @@ var csrfPlugin = {
         );
       }
       const csrfToken = data?.csrfToken;
-      options.headers = {
-        ...options.headers,
-        "x-auth-csrf-token": csrfToken
+      options.body = {
+        ...options?.body,
+        csrfToken
       };
     }
     options.credentials = "include";