npm - better-auth - Versions diffs - 0.4.9 → 0.4.10-beta.2 - Mend

better-auth 0.4.9 → 0.4.10-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/adapters/kysely.js CHANGED Viewed

@@ -1,4 +1,2 @@
-import"kysely";import{createConsola as B}from"consola";var g=B({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),V=e=>({log:(...t)=>{!e?.disabled&&g.log("",...t)},error:(...t)=>{!e?.disabled&&g.error("",...t)},warn:(...t)=>{!e?.disabled&&g.warn("",...t)},info:(...t)=>{!e?.disabled&&g.info("",...t)},debug:(...t)=>{!e?.disabled&&g.debug("",...t)},box:(...t)=>{!e?.disabled&&g.box("",...t)},success:(...t)=>{!e?.disabled&&g.success("",...t)},break:(...t)=>{!e?.disabled&&console.log(`
-`)}}),w=V();import{Kysely as I,MssqlDialect as M}from"kysely";import{MysqlDialect as k,PostgresDialect as O,SqliteDialect as v}from"kysely";function q(e){if("dialect"in e)return q(e.dialect);if("createDriver"in e){if(e instanceof v)return"sqlite";if(e instanceof k)return"mysql";if(e instanceof O)return"postgres";if(e instanceof M)return"mssql"}return"aggregate"in e?"sqlite":"getConnection"in e?"mysql":"connect"in e?"postgres":null}var N=async e=>{let t=e.database;if("db"in t)return{kysely:t.db,databaseType:t.type};if("dialect"in t)return{kysely:new I({dialect:t.dialect}),databaseType:t.type};let n,r=q(t);return"createDriver"in t&&(n=t),"aggregate"in t&&(n=new v({database:t})),"getConnection"in t&&(n=new k({pool:t})),"connect"in t&&(n=new O({pool:t})),{kysely:n?new I({dialect:n}):null,databaseType:r}};var x=e=>{let t=e.plugins?.reduce((i,f)=>{let m=f.schema;if(!m)return i;for(let[a,l]of Object.entries(m))i[a]={fields:{...i[a]?.fields,...l.fields},tableName:l.tableName||a};return i},{}),n=e.rateLimit?.storage==="database",r={rateLimit:{tableName:e.rateLimit?.tableName||"rateLimit",fields:{key:{type:"string",fieldName:e.rateLimit?.fields?.key||"key"},count:{type:"number",fieldName:e.rateLimit?.fields?.count||"count"},lastRequest:{type:"number",fieldName:e.rateLimit?.fields?.lastRequest||"lastRequest"}}}},{user:o,session:d,account:s,...u}=t||{};return{user:{tableName:e.user?.modelName||"user",fields:{name:{type:"string",required:!0,fieldName:e.user?.fields?.name||"name"},email:{type:"string",unique:!0,required:!0,fieldName:e.user?.fields?.email||"email"},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0,fieldName:e.user?.fields?.emailVerified||"emailVerified"},image:{type:"string",required:!1,fieldName:e.user?.fields?.image||"image"},createdAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.createdAt||"createdAt"},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.updatedAt||"updatedAt"},...o?.fields,...e.user?.additionalFields},order:1},session:{tableName:e.session?.modelName||"session",fields:{expiresAt:{type:"date",required:!0,fieldName:e.session?.fields?.expiresAt||"expiresAt"},ipAddress:{type:"string",required:!1,fieldName:e.session?.fields?.ipAddress||"ipAddress"},userAgent:{type:"string",required:!1,fieldName:e.session?.fields?.userAgent||"userAgent"},userId:{type:"string",fieldName:e.session?.fields?.userId||"userId",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0},...d?.fields,...e.session?.additionalFields},order:2},account:{tableName:e.account?.modelName||"account",fields:{accountId:{type:"string",required:!0,fieldName:e.account?.fields?.accountId||"accountId"},providerId:{type:"string",required:!0,fieldName:e.account?.fields?.providerId||"providerId"},userId:{type:"string",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0,fieldName:e.account?.fields?.userId||"userId"},accessToken:{type:"string",required:!1,fieldName:e.account?.fields?.accessToken||"accessToken"},refreshToken:{type:"string",required:!1,fieldName:e.account?.fields?.refreshToken||"refreshToken"},idToken:{type:"string",required:!1,fieldName:e.account?.fields?.idToken||"idToken"},expiresAt:{type:"date",required:!1,fieldName:e.account?.fields?.expiresAt||"expiresAt"},password:{type:"string",required:!1,fieldName:e.account?.fields?.password||"password"},...s?.fields},order:3},verification:{tableName:e.verification?.modelName||"verification",fields:{identifier:{type:"string",required:!0,fieldName:e.verification?.fields?.identifier||"identifier"},value:{type:"string",required:!0,fieldName:e.verification?.fields?.value||"value"},expiresAt:{type:"date",required:!0,fieldName:e.verification?.fields?.expiresAt||"expiresAt"}},order:4},...u,...n?r:{}}};import{z as ke}from"zod";function S(e){let t=x(e),n={};for(let r in t){let o=t[r],d=o.fields,s={};if(Object.entries(d).forEach(([u,i])=>{s[i.fieldName||u]=i}),n[o.tableName]){n[o.tableName].fields={...n[o.tableName].fields,...s};continue}n[o.tableName]={fields:s,order:o.order||1/0}}return n}var C={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},j={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},E={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},P={string:["nvarchar","varchar"],number:["int","bigint","smallint","decimal","float","double"],boolean:["bit","boolean"],date:["datetime","date"]},L={postgres:C,mysql:j,sqlite:E,mssql:P};function W(e,t,n){return t==="string[]"||t==="number[]"?e.toLowerCase().includes("json"):L[n][t].map(s=>s.toLowerCase()).includes(e.toLowerCase())}async function R(e){let t=S(e),{kysely:n,databaseType:r}=await N(e);r||(w.warn("Could not determine database type, defaulting to sqlite. Please provide a type in the database options to avoid this."),r="sqlite"),n||(w.error("Only kysely adapter is supported for migrations. You can use `generate` command to generate the schema, if you're using a different adapter."),process.exit(1));let o=await n.introspection.getTables(),d=[],s=[];for(let[a,l]of Object.entries(t)){let y=o.find(p=>p.name===a);if(!y){let p=d.findIndex(A=>A.table===a),c={table:a,fields:l.fields,order:l.order||1/0},h=d.findIndex(A=>(A.order||1/0)>c.order);h===-1?p===-1?d.push(c):d[p].fields={...d[p].fields,...l.fields}:d.splice(h,0,c);continue}let b={};for(let[p,c]of Object.entries(l.fields)){let h=y.columns.find(A=>A.name===p);if(!h){b[p]=c;continue}W(h.dataType,c.type,r)||w.warn(`Field ${p} in table ${a} has a different type in the database. Expected ${c.type} but got ${h.dataType}.`)}Object.keys(b).length>0&&s.push({table:a,fields:b,order:l.order||1/0})}let u=[];function i(a){let l={string:"text",boolean:"boolean",number:"integer",date:"date"};return r==="mysql"&&a==="string"?"varchar(255)":r==="sqlite"&&(a==="string[]"||a==="number[]")?"text":a==="string[]"||a==="number[]"?"jsonb":l[a]}if(s.length)for(let a of s)for(let[l,y]of Object.entries(a.fields)){let b=i(y.type),p=n.schema.alterTable(a.table).addColumn(l,b,c=>(c=y.required!==!1?c.notNull():c,y.references&&(c=c.references(`${y.references.model}.${y.references.field}`)),c));u.push(p)}if(d.length)for(let a of d){let l=n.schema.createTable(a.table).addColumn("id",i("string"),y=>y.primaryKey());for(let[y,b]of Object.entries(a.fields)){let p=i(b.type);l=l.addColumn(y,p,c=>(c=b.required!==!1?c.notNull():c,b.references&&(c=c.references(`${b.references.model}.${b.references.field}`)),b.unique&&(c=c.unique()),c))}u.push(l)}async function f(){for(let a of u)await a.execute()}async function m(){return u.map(l=>l.compile().sql).join(`;
-`)}return{toBeCreated:d,toBeAdded:s,runMigrations:f,compileMigrations:m}}function T(e){if(!e)return{and:null,or:null};let t=e?.filter(r=>r.connector==="AND"||!r.connector).reduce((r,o)=>({...r,[o.field]:o.value}),{}),n=e?.filter(r=>r.connector==="OR").reduce((r,o)=>({...r,[o.field]:o.value}),{});return{and:Object.keys(t).length?t:null,or:Object.keys(n).length?n:null}}function F(e,t,n){for(let r in e)e[r]===0&&t[r]?.type==="boolean"&&n?.boolean&&(e[r]=!1),e[r]===1&&t[r]?.type==="boolean"&&n?.boolean&&(e[r]=!0),t[r]?.type==="date"&&(e[r]instanceof Date||(e[r]=new Date(e[r])));return e}function D(e,t){for(let n in e)typeof e[n]=="boolean"&&t?.boolean&&(e[n]=e[n]?1:0),e[n]instanceof Date&&(e[n]=e[n].toISOString());return e}var U=(e,t)=>({id:"kysely",async create(n){let{model:r,data:o,select:d}=n;t?.transform&&(o=D(o,t.transform));let s=await e.insertInto(r).values(o).returningAll().executeTakeFirst();if(t?.transform){let u=t.transform.schema[r];s=u?F(o,u,t.transform):s}return d?.length&&(s=s?d.reduce((i,f)=>s?.[f]?{...i,[f]:s[f]}:i,{}):null),s},async findOne(n){let{model:r,where:o,select:d}=n,{and:s,or:u}=T(o),i=e.selectFrom(r).selectAll();u&&(i=i.where(m=>m.or(u))),s&&(i=i.where(m=>m.and(s)));let f=await i.executeTakeFirst();if(d?.length&&(f=f?d.reduce((a,l)=>f?.[l]?{...a,[l]:f[l]}:a,{}):null),t?.transform){let m=t.transform.schema[r];return f=f&&m?F(f,m,t.transform):f,f||null}return f||null},async findMany(n){let{model:r,where:o,limit:d,offset:s,sortBy:u}=n,i=e.selectFrom(r),{and:f,or:m}=T(o);f&&(i=i.where(l=>l.and(f))),m&&(i=i.where(l=>l.or(m))),i=i.limit(d||100),s&&(i=i.offset(s)),u&&(i=i.orderBy(u.field,u.direction));let a=await i.selectAll().execute();if(t?.transform){let l=t.transform.schema[r];return l?a.map(y=>F(y,l,t.transform)):a}return a},async update(n){let{model:r,where:o,update:d}=n,{and:s,or:u}=T(o);t?.transform&&(d=D(d,t.transform));let i=e.updateTable(r).set(d);s&&(i=i.where(m=>m.and(s))),u&&(i=i.where(m=>m.or(u)));let f=await i.returningAll().executeTakeFirst()||null;if(t?.transform){let m=t.transform.schema[r];return m?F(f,m,t.transform):f}return f},async delete(n){let{model:r,where:o}=n,{and:d,or:s}=T(o),u=e.deleteFrom(r);d&&(u=u.where(i=>i.and(d))),s&&(u=u.where(i=>i.or(s))),await u.execute()},async createSchema(n){let{compileMigrations:r}=await R(n);return{code:await r(),fileName:`./better-auth_migrations/${new Date().toISOString().replace(/:/g,"-")}.sql`}}});export{N as createKyselyAdapter,U as kyselyAdapter};
+import"kysely";import{createConsola as I}from"consola";var c=I({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),k=t=>({log:(...e)=>{!t?.disabled&&c.log("",...e)},error:(...e)=>{!t?.disabled&&c.error("",...e)},warn:(...e)=>{!t?.disabled&&c.warn("",...e)},info:(...e)=>{!t?.disabled&&c.info("",...e)},debug:(...e)=>{!t?.disabled&&c.debug("",...e)},box:(...e)=>{!t?.disabled&&c.box("",...e)},success:(...e)=>{!t?.disabled&&c.success("",...e)},break:(...e)=>{!t?.disabled&&console.log(`
+`)}}),O=k();import{Kysely as g,MssqlDialect as v}from"kysely";import{MysqlDialect as h,PostgresDialect as A,SqliteDialect as x}from"kysely";function w(t){if("dialect"in t)return w(t.dialect);if("createDriver"in t){if(t instanceof x)return"sqlite";if(t instanceof h)return"mysql";if(t instanceof A)return"postgres";if(t instanceof v)return"mssql"}return"aggregate"in t?"sqlite":"getConnection"in t?"mysql":"connect"in t?"postgres":null}var T=async t=>{let e=t.database;if("db"in e)return{kysely:e.db,databaseType:e.type};if("dialect"in e)return{kysely:new g({dialect:e.dialect}),databaseType:e.type};let i,r=w(e);return"createDriver"in e&&(i=e),"aggregate"in e&&(i=new x({database:e})),"getConnection"in e&&(i=new h({pool:e})),"connect"in e&&(i=new A({pool:e})),{kysely:i?new g({dialect:i}):null,databaseType:r}};import{z as me}from"zod";function y(t){if(!t)return{and:null,or:null};let e=t?.filter(r=>r.connector==="AND"||!r.connector).reduce((r,d)=>({...r,[d.field]:d.value}),{}),i=t?.filter(r=>r.connector==="OR").reduce((r,d)=>({...r,[d.field]:d.value}),{});return{and:Object.keys(e).length?e:null,or:Object.keys(i).length?i:null}}function p(t,e,i){for(let r in t)t[r]===0&&e[r]?.type==="boolean"&&i?.boolean&&(t[r]=!1),t[r]===1&&e[r]?.type==="boolean"&&i?.boolean&&(t[r]=!0),e[r]?.type==="date"&&(t[r]instanceof Date||(t[r]=new Date(t[r])));return t}function F(t,e){for(let i in t)typeof t[i]=="boolean"&&e?.boolean&&(t[i]=t[i]?1:0),t[i]instanceof Date&&(t[i]=t[i].toISOString());return t}var q=(t,e)=>({id:"kysely",async create(i){let{model:r,data:d,select:u}=i;e?.transform&&(d=F(d,e.transform));let a=await t.insertInto(r).values(d).returningAll().executeTakeFirst();if(e?.transform){let o=e.transform.schema[r];a=o?p(d,o,e.transform):a}return u?.length&&(a=a?u.reduce((n,s)=>a?.[s]?{...n,[s]:a[s]}:n,{}):null),a},async findOne(i){let{model:r,where:d,select:u}=i,{and:a,or:o}=y(d),n=t.selectFrom(r).selectAll();o&&(n=n.where(l=>l.or(o))),a&&(n=n.where(l=>l.and(a)));let s=await n.executeTakeFirst();if(u?.length&&(s=s?u.reduce((m,f)=>s?.[f]?{...m,[f]:s[f]}:m,{}):null),e?.transform){let l=e.transform.schema[r];return s=s&&l?p(s,l,e.transform):s,s||null}return s||null},async findMany(i){let{model:r,where:d,limit:u,offset:a,sortBy:o}=i,n=t.selectFrom(r),{and:s,or:l}=y(d);s&&(n=n.where(f=>f.and(s))),l&&(n=n.where(f=>f.or(l))),n=n.limit(u||100),a&&(n=n.offset(a)),o&&(n=n.orderBy(o.field,o.direction));let m=await n.selectAll().execute();if(e?.transform){let f=e.transform.schema[r];return f?m.map(N=>p(N,f,e.transform)):m}return m},async update(i){let{model:r,where:d,update:u}=i,{and:a,or:o}=y(d);e?.transform&&(u=F(u,e.transform));let n=t.updateTable(r).set(u);a&&(n=n.where(l=>l.and(a))),o&&(n=n.where(l=>l.or(o)));let s=await n.returningAll().executeTakeFirst()||null;if(e?.transform){let l=e.transform.schema[r];return l?p(s,l,e.transform):s}return s},async delete(i){let{model:r,where:d}=i,{and:u,or:a}=y(d),o=t.deleteFrom(r);u&&(o=o.where(n=>n.and(u))),a&&(o=o.where(n=>n.or(a))),await o.execute()}});export{T as createKyselyAdapter,q as kyselyAdapter};

package/dist/api.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import{APIError as qt,createRouter as Vt}from"better-call";import{APIError as J}from"better-call";import{z as se}from"zod";import{xchacha20poly1305 as er}from"@noble/ciphers/chacha";import{bytesToHex as rr,hexToBytes as or,utf8ToBytes as nr}from"@noble/ciphers/utils";import{managedNonce as ir}from"@noble/ciphers/webcrypto";import{sha256 as dr}from"oslo/crypto";function W(e,t){let r=new Uint8Array(e),o=new Uint8Array(t);if(r.length!==o.length)return!1;let n=0;for(let s=0;s<r.length;s++)n|=r[s]^o[s];return n===0}import{decodeHex as Qt,encodeHex as Gt}from"oslo/encoding";import{scryptAsync as Jt}from"@noble/hashes/scrypt";function et(e){return e.toString(2).padStart(8,"0")}function tt(e){return[...e].map(t=>et(t)).join("")}function re(e){return parseInt(tt(e),2)}function rt(e){if(e<0||!Number.isInteger(e))throw new Error("Argument 'max' must be an integer greater than or equal to 0");let t=(e-1).toString(2).length,r=t%8,o=new Uint8Array(Math.ceil(t/8));crypto.getRandomValues(o),r!==0&&(o[0]&=(1<<r)-1);let n=re(o);for(;n>=e;)crypto.getRandomValues(o),r!==0&&(o[0]&=(1<<r)-1),n=re(o);return n}function N(e,t){let r="";for(let o=0;o<e;o++)r+=t[rt(t.length)];return r}function F(...e){let t=new Set(e),r="";for(let o of t)o==="a-z"?r+="abcdefghijklmnopqrstuvwxyz":o==="A-Z"?r+="ABCDEFGHIJKLMNOPQRSTUVWXYZ":o==="0-9"?r+="0123456789":r+=o;return r}async function H(e,t){let r=new TextEncoder,o={name:"HMAC",hash:"SHA-256"},n=await crypto.subtle.importKey("raw",r.encode(e),o,!1,["sign","verify"]),s=await crypto.subtle.sign(o.name,n,r.encode(t));return btoa(String.fromCharCode(...new Uint8Array(s)))}import{createEndpointCreator as ot,createMiddleware as oe,createMiddlewareCreator as nt}from"better-call";var ne=oe(async()=>({})),z=nt({use:[ne,oe(async()=>({}))]}),u=ot({use:[ne]});var ie=z({body:se.object({csrfToken:se.string().optional()}).optional()},async e=>{if(e.request?.method!=="POST"||e.context.options.advanced?.disableCSRFCheck)return;let t=new URL(e.request.url);if(e.context.trustedOrigins.includes(t.origin))return;let r=e.body?.csrfToken;if(!r)throw new J("UNAUTHORIZED",{message:"CSRF Token is required"});let o=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret),[n,s]=o?.split("!")||[null,null];if(!r||!o||!n||!s||o!==r)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new J("UNAUTHORIZED",{message:"Invalid CSRF Token"});let i=await H(e.context.secret,n);if(s!==i)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new J("UNAUTHORIZED",{message:"Invalid CSRF Token"})});import{APIError as O}from"better-call";import{generateCodeVerifier as kt}from"oslo/oauth2";import{z as T}from"zod";import{generateState as st}from"oslo/oauth2";import{z as Q}from"zod";import{sha256 as ae}from"oslo/crypto";async function de(e){let t=await ae(typeof e=="string"?new TextEncoder().encode(e):e);return Buffer.from(t).toString("base64")}async function ce(e,t){let r=await ae(typeof e=="string"?new TextEncoder().encode(e):e),o=Buffer.from(t,"base64");return W(r,o)}async function ue(e){let t=st(),r=JSON.stringify({code:t,callbackURL:e}),o=await de(r);return{raw:r,hash:o}}function K(e){return Q.object({code:Q.string(),callbackURL:Q.string().optional(),currentURL:Q.string().optional()}).safeParse(JSON.parse(e))}import{TimeSpan as Lr}from"oslo";var L=class extends Error{constructor(t,r){super(t),this.name="BetterAuthError",this.message=t,this.cause=r,this.stack=""}};async function v(e,t,r,o){let n=e.context.authCookies.sessionToken.options;n.maxAge=r?void 0:e.context.sessionConfig.expiresIn,await e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,{...n,...o}),r&&await e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options)}function j(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}import{APIError as pe}from"better-call";import{createConsola as it}from"consola";var B=it({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),at=e=>({log:(...t)=>{!e?.disabled&&B.log("",...t)},error:(...t)=>{!e?.disabled&&B.error("",...t)},warn:(...t)=>{!e?.disabled&&B.warn("",...t)},info:(...t)=>{!e?.disabled&&B.info("",...t)},debug:(...t)=>{!e?.disabled&&B.debug("",...t)},box:(...t)=>{!e?.disabled&&B.box("",...t)},success:(...t)=>{!e?.disabled&&B.success("",...t)},break:(...t)=>{!e?.disabled&&console.log(`
-`)}}),y=at();var x=z(async e=>{let t=e.body?.callbackURL||e.query?.callbackURL||e.query?.redirectTo||e.body?.redirectTo,r=e.headers?.get("referer"),o=e.query?.currentURL||r||e.context.baseURL,n=e.context.trustedOrigins;if(t?.includes("http")){let s=new URL(t).origin;if(!n.includes(s))throw y.error("Invalid callback URL",{callbackURL:t,trustedOrigins:n}),new pe("FORBIDDEN",{message:"Invalid callback URL"})}if(o!==e.context.baseURL){let s=new URL(o).origin;if(!n.includes(s))throw y.error("Invalid current URL",{currentURL:o,trustedOrigins:n}),new pe("FORBIDDEN",{message:"Invalid callback URL"})}});import{parseJWT as lt}from"oslo/jwt";import{sha256 as ct}from"oslo/crypto";function dt(e){try{return new URL(e).pathname!=="/"}catch{throw new L(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function X(e,t="/api/auth"){return dt(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function le(e,t){if(e)return X(e,t);let r=typeof process<"u"?process.env:{},o=r.BETTER_AUTH_URL||r.NEXT_PUBLIC_BETTER_AUTH_URL||r.PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_AUTH_URL||(r.BASE_URL!=="/"?r.BASE_URL:void 0);if(o)return X(o,t);if(typeof window<"u")return X(window.location.origin,t)}import{base64url as ut}from"oslo/encoding";function h(e,t){return t||`${le()}/callback/${e}`}async function me(e){let t=await ct(new TextEncoder().encode(e));return ut.encode(new Uint8Array(t),{includePadding:!1})}function fe(e){return{tokenType:e.token_type,accessToken:e.access_token,refreshToken:e.refresh_token,accessTokenExpiresAt:e.expires_at?new Date((Date.now()+e.expires_in)*1e3):void 0,scopes:e.scope?.split(" ")||[],idToken:e.id_token}}async function R({id:e,options:t,authorizationEndpoint:r,state:o,codeVerifier:n,scopes:s,disablePkce:i}){let a=new URL(r);if(a.searchParams.set("response_type","code"),a.searchParams.set("client_id",t.clientId),a.searchParams.set("state",o),a.searchParams.set("scope",s.join(" ")),a.searchParams.set("redirect_uri",t.redirectURI||h(e)),!i&&n){let d=await me(n);a.searchParams.set("code_challenge_method","S256"),a.searchParams.set("code_challenge",d)}return a}import{betterFetch as pt}from"@better-fetch/fetch";async function b({code:e,codeVerifier:t,redirectURI:r,options:o,tokenEndpoint:n}){let s=new URLSearchParams;s.set("grant_type","authorization_code"),s.set("code",e),t&&s.set("code_verifier",t),s.set("redirect_uri",r),s.set("client_id",o.clientId),s.set("client_secret",o.clientSecret);let{data:i,error:a}=await pt(n,{method:"POST",body:s,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(a)throw a;return fe(i)}function Y(e){let t=e.accessToken,r=e.refreshToken,o;try{o=e.accessTokenExpiresAt}catch{}return{accessToken:t,refreshToken:r,expiresAt:o}}var ge=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:r,scopes:o,redirectURI:n}){let s=e.scope||o||["email","name","openid"];return new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${n||e.redirectURI}&scope=${s.join(" ")}&state=${r}`)},validateAuthorizationCode:async(r,o,n)=>b({code:r,codeVerifier:o,redirectURI:n||h("apple",e.redirectURI),options:e,tokenEndpoint:t}),async getUserInfo(r){if(!r.idToken)return null;let o=lt(r.idToken)?.payload;return o?{user:{id:o.sub,name:o.name,email:o.email,emailVerified:o.email_verified==="true"},data:o}:null}}};import{betterFetch as mt}from"@better-fetch/fetch";var he=e=>({id:"discord",name:"Discord",createAuthorizationURL({state:t,scopes:r}){let o=e.scope||r||["identify","email"];return new URL(`https://discord.com/api/oauth2/authorize?scope=${o.join("+")}&response_type=code&client_id=${e.clientId}&redirect_uri=${encodeURIComponent(h("discord",e.redirectURI))}&state=${t}`)},validateAuthorizationCode:async(t,r,o)=>b({code:t,redirectURI:o||h("discord",e.redirectURI),options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await mt("https://discord.com/api/users/@me",{headers:{authorization:`Bearer ${t.accessToken}`}});if(o)return null;if(r.avatar===null){let n=r.discriminator==="0"?Number(BigInt(r.id)>>BigInt(22))%6:parseInt(r.discriminator)%5;r.image_url=`https://cdn.discordapp.com/embed/avatars/${n}.png`}else{let n=r.avatar.startsWith("a_")?"gif":"png";r.image_url=`https://cdn.discordapp.com/avatars/${r.id}/${r.avatar}.${n}`}return{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified,image:r.image_url},data:r}}});import{betterFetch as ft}from"@better-fetch/fetch";var we=e=>({id:"facebook",name:"Facebook",async createAuthorizationURL({state:t,scopes:r,codeVerifier:o}){let n=e.scope||r||["email","public_profile"];return await R({id:"facebook",options:e,authorizationEndpoint:"https://www.facebook.com/v16.0/dialog/oauth",scopes:n,state:t,codeVerifier:o})},validateAuthorizationCode:async(t,r,o)=>b({code:t,codeVerifier:r,redirectURI:o||h("facebook",e.redirectURI),options:e,tokenEndpoint:"https://graph.facebook.com/v16.0/oauth/access_token"}),async getUserInfo(t){let{data:r,error:o}=await ft("https://graph.facebook.com/me",{auth:{type:"Bearer",token:t.accessToken}});return o?null:{user:{id:r.id,name:r.name,email:r.email,emailVerified:r.email_verified},data:r}}});import{betterFetch as ye}from"@better-fetch/fetch";var be=e=>{let t="https://github.com/login/oauth/access_token";return{id:"github",name:"Github",createAuthorizationURL({state:r,scopes:o,codeVerifier:n}){let s=e.scope||o||["user:email"];return R({id:"github",options:e,authorizationEndpoint:"https://github.com/login/oauth/authorize",scopes:s,state:r,codeVerifier:n})},validateAuthorizationCode:async(r,o,n)=>b({code:r,redirectURI:e.redirectURI||h("google",n),options:e,tokenEndpoint:t}),async getUserInfo(r){let{data:o,error:n}=await ye("https://api.github.com/user",{auth:{type:"Bearer",token:r.accessToken}});if(n)return null;let s=!1;if(!o.email){let{data:i,error:a}=await ye("https://api.github.com/user/emails",{auth:{type:"Bearer",token:r.accessToken}});a||(o.email=(i.find(d=>d.primary)??i[0])?.email,s=i.find(d=>d.email===o.email)?.verified??!1)}return{user:{id:o.id.toString(),name:o.name||o.login,email:o.email,image:o.avatar_url,emailVerified:s},data:o}}}};import{parseJWT as gt}from"oslo/jwt";var Ae=e=>({id:"google",name:"Google",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:n}){if(!e.clientId||!e.clientSecret)throw y.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new L("CLIENT_ID_AND_SECRET_REQUIRED");if(!o)throw new L("codeVerifier is required for Google");let s=e.scope||r||["email","profile"];return R({id:"google",options:e,authorizationEndpoint:"https://accounts.google.com/o/oauth2/auth",scopes:s,state:t,codeVerifier:o})},validateAuthorizationCode:async(t,r,o)=>b({code:t,codeVerifier:r,redirectURI:o||h("google",e.redirectURI),options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"}),async getUserInfo(t){if(!t.idToken)return null;let r=gt(t.idToken)?.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}}});import{betterFetch as ht}from"@better-fetch/fetch";import{parseJWT as wt}from"oslo/jwt";var Re=e=>{let t=e.tenantId||"common",r=`https://login.microsoftonline.com/${t}/oauth2/v2.0/authorize`,o=`https://login.microsoftonline.com/${t}/oauth2/v2.0/token`;return{id:"microsoft",name:"Microsoft EntraID",createAuthorizationURL(n){let s=e.scope||n.scopes||["openid","profile","email","User.Read"];return R({id:"microsoft",options:e,authorizationEndpoint:r,state:n.state,codeVerifier:n.codeVerifier,scopes:s})},validateAuthorizationCode(n,s,i){return b({code:n,codeVerifier:s,redirectURI:i||h("microsoft",e.redirectURI),options:e,tokenEndpoint:o})},async getUserInfo(n){if(!n.idToken)return null;let s=wt(n.idToken)?.payload,i=e.profilePhotoSize||48;return await ht(`https://graph.microsoft.com/v1.0/me/photos/${i}x${i}/$value`,{headers:{Authorization:`Bearer ${n.accessToken}`},async onResponse(a){if(!(e.disableProfilePhoto||!a.response.ok))try{let c=await a.response.clone().arrayBuffer(),m=Buffer.from(c).toString("base64");s.picture=`data:image/jpeg;base64, ${m}`}catch(d){y.error(d)}}}),{user:{id:s.sub,name:s.name,email:s.email,image:s.picture,emailVerified:!0},data:s}}}};import{betterFetch as yt}from"@better-fetch/fetch";var ke=e=>({id:"spotify",name:"Spotify",createAuthorizationURL({state:t,scopes:r,codeVerifier:o}){let n=e.scope||r||["user-read-email"];return R({id:"spotify",options:e,authorizationEndpoint:"https://accounts.spotify.com/authorize",scopes:n,state:t,codeVerifier:o})},validateAuthorizationCode:async(t,r,o)=>b({code:t,codeVerifier:r,redirectURI:o||h("spotify",e.redirectURI),options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"}),async getUserInfo(t){let{data:r,error:o}=await yt("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o?null:{user:{id:r.id,name:r.display_name,email:r.email,image:r.images[0]?.url,emailVerified:!1},data:r}}});import{betterFetch as bt}from"@better-fetch/fetch";var Ue=e=>({id:"twitch",name:"Twitch",createAuthorizationURL({state:t,scopes:r}){let o=e.scope||r||["activity:write","read"];return R({id:"twitch",options:e,authorizationEndpoint:"https://id.twitch.tv/oauth2/authorize",scopes:o,state:t})},validateAuthorizationCode:async(t,r,o)=>b({code:t,redirectURI:o||h("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await bt("https://api.twitch.tv/helix/users",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o?null:{user:{id:r.sub,name:r.preferred_username,email:r.email,image:r.picture,emailVerified:!1},data:r}}});import{betterFetch as At}from"@better-fetch/fetch";var Ee=e=>({id:"twitter",name:"Twitter",createAuthorizationURL(t){let r=e.scope||t.scopes||["account_info.read"];return R({id:"twitter",options:e,authorizationEndpoint:"https://twitter.com/i/oauth2/authorize",scopes:r,state:t.state,codeVerifier:t.codeVerifier})},validateAuthorizationCode:async(t,r,o)=>b({code:t,codeVerifier:r,redirectURI:o||h("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await At("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}}});var Rt={apple:ge,discord:he,facebook:we,github:be,microsoft:Re,google:Ae,spotify:ke,twitch:Ue,twitter:Ee},xe=Object.keys(Rt);var Te=u("/sign-in/social",{method:"POST",requireHeaders:!0,query:T.object({currentURL:T.string().optional()}).optional(),body:T.object({callbackURL:T.string().optional(),provider:T.enum(xe)}),use:[x]},async e=>{let t=e.context.socialProviders.find(d=>d.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider to your auth config",{provider:e.body.provider}),new O("NOT_FOUND",{message:"Provider not found"});let r=e.context.authCookies,o=e.query?.currentURL?new URL(e.query?.currentURL):null,n=e.body.callbackURL?.startsWith("http")?e.body.callbackURL:`${o?.origin}${e.body.callbackURL||""}`,s=await ue(n||o?.origin||e.context.options.baseURL);await e.setSignedCookie(r.state.name,s.hash,e.context.secret,r.state.options);let i=kt();await e.setSignedCookie(r.pkCodeVerifier.name,i,e.context.secret,r.pkCodeVerifier.options);let a=await t.createAuthorizationURL({state:s.raw,codeVerifier:i});return a.searchParams.set("redirect_uri",`${e.context.baseURL}/callback/${e.body.provider}`),e.json({url:a.toString(),state:s,codeVerifier:i,redirect:!0})}),Pe=u("/sign-in/email",{method:"POST",body:T.object({email:T.string().email(),password:T.string(),callbackURL:T.string().optional(),dontRememberMe:T.boolean().default(!1).optional()}),use:[x]},async e=>{if(!e.context.options?.emailAndPassword?.enabled)throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new O("BAD_REQUEST",{message:"Email and password is not enabled"});let{email:t,password:r}=e.body;if(!T.string().email().safeParse(t).success)throw new O("BAD_REQUEST",{message:"Invalid email"});let n=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!n)throw await e.context.password.hash(r),e.context.logger.error("User not found",{email:t}),new O("UNAUTHORIZED",{message:"Invalid email or password"});let s=n.accounts.find(c=>c.providerId==="credential");if(!s)throw e.context.logger.error("Credential account not found",{email:t}),new O("UNAUTHORIZED",{message:"Invalid email or password"});let i=s?.password;if(!i)throw e.context.logger.error("Password not found",{email:t}),new O("UNAUTHORIZED",{message:"Unexpected error"});if(!await e.context.password.verify(i,r))throw e.context.logger.error("Invalid password"),new O("UNAUTHORIZED",{message:"Invalid email or password"});let d=await e.context.internalAdapter.createSession(n.user.id,e.headers,e.body.dontRememberMe);if(!d)throw e.context.logger.error("Failed to create session"),new O("UNAUTHORIZED",{message:"Failed to create session"});return await v(e,d.id,e.body.dontRememberMe),e.json({user:n.user,session:d,redirect:!!e.body.callbackURL,url:e.body.callbackURL})});import{APIError as Et}from"better-call";import{z as G}from"zod";import{z as l}from"zod";var mn=l.object({id:l.string(),providerId:l.string(),accountId:l.string(),userId:l.string(),accessToken:l.string().nullable().optional(),refreshToken:l.string().nullable().optional(),idToken:l.string().nullable().optional(),expiresAt:l.date().nullable().optional(),password:l.string().optional().nullable()}),ve=l.object({id:l.string(),email:l.string().transform(e=>e.toLowerCase()),emailVerified:l.boolean().default(!1),name:l.string(),image:l.string().optional(),createdAt:l.date().default(new Date),updatedAt:l.date().default(new Date)}),fn=l.object({id:l.string(),userId:l.string(),expiresAt:l.date(),ipAddress:l.string().optional(),userAgent:l.string().optional()}),gn=l.object({id:l.string(),value:l.string(),expiresAt:l.date(),identifier:l.string()});function Ut(e,t){let r=t.fields,o={};for(let n in r){if(n in e){if(r[n].input===!1){if(r[n].defaultValue){o[n]=r[n].defaultValue;continue}continue}o[n]=e[n];continue}if(r[n].defaultValue){o[n]=r[n].defaultValue;continue}}return o}function _e(e,t){let r={...e.user?.additionalFields};return Ut(t||{},{fields:r})}var Se=e=>N(e||21,F("a-z","0-9","A-Z"));var I={isAction:!1};var Le=u("/callback/:id",{method:"GET",query:G.object({state:G.string(),code:G.string().optional(),error:G.string().optional()}),metadata:I},async e=>{if(e.query.error||!e.query.code){let w=K(e.query.state).data?.callbackURL||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${w}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(p=>p.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let r=K(e.query.state);if(!r.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let{data:{callbackURL:o,currentURL:n}}=r,s=await e.getSignedCookie(e.context.authCookies.state.name,e.context.secret);if(!s)throw y.error("No stored state found"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!await ce(e.query.state,s))throw y.error("OAuth state mismatch"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let a=await e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),d;try{d=await t.validateAuthorizationCode(e.query.code,a,`${e.context.baseURL}/callback/${t.id}`)}catch(p){throw console.log(p),e.context.logger.error(p),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`)}let c=await t.getUserInfo(d).then(p=>p?.user),m=Se(),A=ve.safeParse({...c,id:m});if(!c||A.success===!1)throw y.error("Unable to get user info",A.error),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!o)throw e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let g=await e.context.internalAdapter.findUserByEmail(c.email,{includeAccounts:!0}).catch(p=>{throw y.error(`Better auth was unable to query your database.
-Error: `,p),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)}),f=g?.user.id;if(g){let p=g.accounts.find(U=>U.providerId===t.id),w=e.context.options.account?.accountLinking?.trustedProviders,k=w?w.includes(t.id):!0;if(!p&&(!c.emailVerified||!k)){let U;try{U=new URL(n||o),U.searchParams.set("error","account_not_linked")}catch{throw e.redirect(`${e.context.baseURL}/error?error=account_not_linked`)}throw e.redirect(U.toString())}if(!p)try{await e.context.internalAdapter.linkAccount({providerId:t.id,accountId:c.id.toString(),id:`${t.id}:${c.id}`,userId:g.user.id,...Y(d)})}catch(U){throw console.log(U),e.redirect(`${e.context.baseURL}/error?error=failed_linking_account`)}}else try{await e.context.internalAdapter.createOAuthUser(A.data,{...Y(d),id:`${t.id}:${c.id}`,providerId:t.id,accountId:c.id.toString(),userId:m})}catch{let w=new URL(n||o);throw w.searchParams.set("error","unable_to_create_user"),e.setHeader("Location",w.toString()),e.redirect(w.toString())}if(!f&&!m)throw new Et("INTERNAL_SERVER_ERROR",{message:"Unable to create user"});try{let p=await e.context.internalAdapter.createSession(f||m,e.request);if(!p){let w=new URL(n||o);throw w.searchParams.set("error","unable_to_create_session"),e.redirect(w.toString())}try{await v(e,p.id)}catch(w){e.context.logger.error("Unable to set session cookie",w);let k=new URL(n||o);throw k.searchParams.set("error","unable_to_create_session"),e.redirect(k.toString())}}catch{let p=new URL(n||o||"");throw p.searchParams.set("error","unable_to_create_session"),e.redirect(p.toString())}throw e.redirect(o)});import{APIError as q}from"better-call";var Z=(e,t="ms")=>new Date(Date.now()+(t==="sec"?e*1e3:e));import{z as Oe}from"zod";var ee=()=>u("/session",{method:"GET",requireHeaders:!0},async e=>{try{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let r=await e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return j(e),r&&await e.context.internalAdapter.deleteSession(r.session.id),e.json(null,{status:401});if(await e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let n=e.context.sessionConfig.expiresIn,s=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-n*1e3+s*1e3<=Date.now()){let d=await e.context.internalAdapter.updateSession(r.session.id,{expiresAt:Z(e.context.sessionConfig.expiresIn,"sec")});if(!d)return j(e),e.json(null,{status:401});let c=(d.expiresAt.valueOf()-Date.now())/1e3;return await v(e,d.id,!1,{maxAge:c}),e.json({session:d,user:r.user})}return e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}}),xt=async e=>await ee()({...e,_flag:"json",headers:e.headers}),C=z(async e=>{let t=await xt(e);if(!t?.session)throw new q("UNAUTHORIZED");return{session:t}}),Ie=()=>u("/user/list-sessions",{method:"GET",use:[C],requireHeaders:!0},async e=>{let r=(await e.context.internalAdapter.listSessions(e.context.session.user.id)).filter(o=>o.expiresAt>new Date);return e.json(r)}),Ce=u("/user/revoke-session",{method:"POST",body:Oe.object({id:Oe.string()}),use:[C],requireHeaders:!0},async e=>{let t=e.body.id,r=await e.context.internalAdapter.findSession(t);if(!r)throw new q("BAD_REQUEST",{message:"Session not found"});if(r.session.userId!==e.context.session.user.id)throw new q("UNAUTHORIZED");try{await e.context.internalAdapter.deleteSession(t)}catch(o){throw e.context.logger.error(o),new q("INTERNAL_SERVER_ERROR")}return e.json({status:!0})}),Be=u("/user/revoke-sessions",{method:"POST",use:[C],requireHeaders:!0},async e=>{try{await e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){throw e.context.logger.error(t),new q("INTERNAL_SERVER_ERROR")}return e.json({status:!0})});import"zod";import{APIError as Tt}from"better-call";var De=u("/sign-out",{method:"POST"},async e=>{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)throw new Tt("BAD_REQUEST",{message:"Session not found"});return await e.context.internalAdapter.deleteSession(t),j(e),e.json({success:!0})});import{TimeSpan as Pt}from"oslo";import{createJWT as vt,parseJWT as _t}from"oslo/jwt";import{validateJWT as ze}from"oslo/jwt";import{z as E}from"zod";import{APIError as V}from"better-call";var $e=u("/forget-password",{method:"POST",body:E.object({email:E.string().email(),redirectTo:E.string()}),use:[x]},async e=>{if(!e.context.options.emailAndPassword?.sendResetPassword)throw e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function to your auth config!"),new V("BAD_REQUEST",{message:"Reset password isn't enabled"});let{email:t,redirectTo:r}=e.body,o=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!o)return e.context.logger.error("Reset Password: User not found",{email:t}),e.json({status:!1},{body:{status:!0}});let n=await vt("HS256",Buffer.from(e.context.secret),{email:o.user.email,redirectTo:r},{expiresIn:new Pt(1,"h"),issuer:"better-auth",subject:"forget-password",audiences:[o.user.email],includeIssuedTimestamp:!0}),s=`${e.context.baseURL}/reset-password/${n}`;return await e.context.options.emailAndPassword.sendResetPassword(s,o.user),e.json({status:!0})}),je=u("/reset-password/:token",{method:"GET"},async e=>{let{token:t}=e.params,r,o=E.object({email:E.string(),redirectTo:E.string()});try{if(r=await ze("HS256",Buffer.from(e.context.secret),t),!r.expiresAt||r.expiresAt<new Date)throw Error("Token expired")}catch{let i=_t(t),a=o.safeParse(i?.payload);throw a.success?e.redirect(`${a.data?.redirectTo}?error=invalid_token`):e.redirect(`${e.context.baseURL}/error?error=invalid_token`)}let{redirectTo:n}=o.parse(r.payload);throw e.redirect(`${n}?token=${t}`)}),qe=u("/reset-password",{method:"POST",query:E.object({currentURL:E.string()}).optional(),body:E.object({newPassword:E.string(),callbackURL:E.string().optional()})},async e=>{let t=e.query?.currentURL.split("?token=")[1];if(!t)throw new V("BAD_REQUEST",{message:"Token not found"});let{newPassword:r}=e.body;try{let o=await ze("HS256",Buffer.from(e.context.secret),t),n=E.string().email().parse(o.payload.email),s=await e.context.internalAdapter.findUserByEmail(n);if(!s)return e.json({error:"User not found",data:null},{status:400,body:{message:"failed to reset password"}});if(r.length<(e.context.options.emailAndPassword?.minPasswordLength||8)||r.length>(e.context.options.emailAndPassword?.maxPasswordLength||32))throw new V("BAD_REQUEST",{message:"Password is too short or too long"});let i=await e.context.password.hash(r);if(!await e.context.internalAdapter.updatePassword(s.user.id,i))throw new V("BAD_REQUEST",{message:"Failed to update password"});return e.json({error:null,data:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}},{body:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}})}catch(o){throw e.context.logger.error("Failed to reset password",o),new V("BAD_REQUEST",{message:"Failed to reset password"})}});import{TimeSpan as St}from"oslo";import{createJWT as Lt,validateJWT as Ot}from"oslo/jwt";import{z as _}from"zod";import{APIError as M}from"better-call";async function te(e,t){return await Lt("HS256",Buffer.from(e),{email:t.toLowerCase()},{expiresIn:new St(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})}var Ve=u("/send-verification-email",{method:"POST",query:_.object({currentURL:_.string().optional()}).optional(),body:_.object({email:_.string().email(),callbackURL:_.string().optional()}),use:[x]},async e=>{if(!e.context.options.emailAndPassword?.sendVerificationEmail)throw e.context.logger.error("Verification email isn't enabled. Pass `sendVerificationEmail` in `emailAndPassword` options to enable it."),new M("BAD_REQUEST",{message:"Verification email isn't enabled"});let{email:t}=e.body,r=await e.context.internalAdapter.findUserByEmail(t);if(!r)throw new M("BAD_REQUEST",{message:"User not found"});let o=await te(e.context.secret,t),n=`${e.context.baseURL}/verify-email?token=${o}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.emailAndPassword.sendVerificationEmail(n,r.user,o),e.json({status:!0})}),Me=u("/verify-email",{method:"GET",query:_.object({token:_.string(),callbackURL:_.string().optional()})},async e=>{let{token:t}=e.query,r;try{r=await Ot("HS256",Buffer.from(e.context.secret),t)}catch(a){throw e.context.logger.error("Failed to verify email",a),new M("BAD_REQUEST",{message:"Invalid token"})}let n=_.object({email:_.string().email()}).parse(r.payload),s=await e.context.internalAdapter.findUserByEmail(n.email,{includeAccounts:!0});if(!s)throw new M("BAD_REQUEST",{message:"User not found"});if(!s.accounts.find(a=>a.providerId==="credential"))throw new M("BAD_REQUEST",{message:"Account not found"});if(await e.context.internalAdapter.updateUserByEmail(n.email,{emailVerified:!0}),e.query.callbackURL)throw console.log("Redirecting to",e.query.callbackURL),e.redirect("/");return e.json({status:!0})});import{z as P}from"zod";import{APIError as S}from"better-call";var Ne=u("/user/update",{method:"POST",body:P.object({name:P.string().optional(),image:P.string().optional()}),use:[C,x]},async e=>{let{name:t,image:r}=e.body,o=e.context.session;if(!r&&!t)return e.json({user:o.user});let n=await e.context.internalAdapter.updateUserByEmail(o.user.email,{name:t,image:r});return e.json({user:n})}),Fe=u("/user/change-password",{method:"POST",body:P.object({newPassword:P.string(),currentPassword:P.string(),revokeOtherSessions:P.boolean().optional()}),use:[C]},async e=>{let{newPassword:t,currentPassword:r,revokeOtherSessions:o}=e.body,n=e.context.session,s=e.context.password.config.minPasswordLength;if(t.length<s)throw e.context.logger.error("Password is too short"),new S("BAD_REQUEST",{message:"Password is too short"});let i=e.context.password.config.maxPasswordLength;if(t.length>i)throw e.context.logger.error("Password is too long"),new S("BAD_REQUEST",{message:"Password too long"});let d=(await e.context.internalAdapter.findAccounts(n.user.id)).find(A=>A.providerId==="credential"&&A.password);if(!d||!d.password)throw new S("BAD_REQUEST",{message:"User does not have a password"});let c=await e.context.password.hash(t);if(!await e.context.password.verify(d.password,r))throw new S("BAD_REQUEST",{message:"Incorrect password"});if(await e.context.internalAdapter.updateAccount(d.id,{password:c}),o){await e.context.internalAdapter.deleteSessions(n.user.id);let A=await e.context.internalAdapter.createSession(n.user.id,e.headers);if(!A)throw new S("INTERNAL_SERVER_ERROR",{message:"Unable to create session"});await v(e,A.id)}return e.json(n.user)}),He=u("/user/set-password",{method:"POST",body:P.object({newPassword:P.string()}),use:[C]},async e=>{let{newPassword:t}=e.body,r=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)throw e.context.logger.error("Password is too short"),new S("BAD_REQUEST",{message:"Password is too short"});let n=e.context.password.config.maxPasswordLength;if(t.length>n)throw e.context.logger.error("Password is too long"),new S("BAD_REQUEST",{message:"Password too long"});let i=(await e.context.internalAdapter.findAccounts(r.user.id)).find(d=>d.providerId==="credential"&&d.password),a=await e.context.password.hash(t);if(!i)return await e.context.internalAdapter.linkAccount({userId:r.user.id,providerId:"credential",accountId:r.user.id,password:a}),e.json(r.user);throw new S("BAD_REQUEST",{message:"user already has a password"})}),Qe=u("/user/delete",{method:"POST",body:P.object({password:P.string()}),use:[C]},async e=>{let{password:t}=e.body,r=e.context.session,n=(await e.context.internalAdapter.findAccounts(r.user.id)).find(i=>i.providerId==="credential"&&i.password);if(!n||!n.password)throw new S("BAD_REQUEST",{message:"User does not have a password"});if(!await e.context.password.verify(n.password,t))throw new S("BAD_REQUEST",{message:"Incorrect password"});return await e.context.internalAdapter.deleteUser(r.user.id),await e.context.internalAdapter.deleteSessions(r.user.id),e.json(null)});var Ge=u("/csrf",{method:"GET",metadata:I},async e=>{let t=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t)return{csrfToken:t};let r=N(32,F("a-z","0-9","A-Z")),o=await H(e.context.secret,r),n=`${r}!${o}`;return await e.setSignedCookie(e.context.authCookies.csrfToken.name,n,e.context.secret,e.context.authCookies.csrfToken.options),{csrfToken:r}});var It=(e="Unknown")=>`<!DOCTYPE html>
+`)}}),y=at();var x=z(async e=>{let t=e.body?.callbackURL||e.query?.callbackURL||e.query?.redirectTo||e.body?.redirectTo,r=e.headers?.get("referer"),o=e.query?.currentURL||r||e.context.baseURL,n=e.context.trustedOrigins;if(t?.includes("http")){let s=new URL(t).origin;if(!n.includes(s))throw y.error("Invalid callback URL",{callbackURL:t,trustedOrigins:n}),new pe("FORBIDDEN",{message:"Invalid callback URL"})}if(o!==e.context.baseURL){let s=new URL(o).origin;if(!n.includes(s))throw y.error("Invalid current URL",{currentURL:o,trustedOrigins:n}),new pe("FORBIDDEN",{message:"Invalid callback URL"})}});import{parseJWT as lt}from"oslo/jwt";import{sha256 as ct}from"oslo/crypto";function dt(e){try{return new URL(e).pathname!=="/"}catch{throw new L(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function X(e,t="/api/auth"){return dt(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function le(e,t){if(e)return X(e,t);let r=typeof process<"u"?process.env:{},o=r.BETTER_AUTH_URL||r.NEXT_PUBLIC_BETTER_AUTH_URL||r.PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_AUTH_URL||(r.BASE_URL!=="/"?r.BASE_URL:void 0);if(o)return X(o,t);if(typeof window<"u")return X(window.location.origin,t)}import{base64url as ut}from"oslo/encoding";function h(e,t){return t||`${le()}/callback/${e}`}async function me(e){let t=await ct(new TextEncoder().encode(e));return ut.encode(new Uint8Array(t),{includePadding:!1})}function fe(e){return{tokenType:e.token_type,accessToken:e.access_token,refreshToken:e.refresh_token,accessTokenExpiresAt:e.expires_at?new Date((Date.now()+e.expires_in)*1e3):void 0,scopes:e.scope?.split(" ")||[],idToken:e.id_token}}async function R({id:e,options:t,authorizationEndpoint:r,state:o,codeVerifier:n,scopes:s,disablePkce:i}){let a=new URL(r);if(a.searchParams.set("response_type","code"),a.searchParams.set("client_id",t.clientId),a.searchParams.set("state",o),a.searchParams.set("scope",s.join(" ")),a.searchParams.set("redirect_uri",t.redirectURI||h(e)),!i&&n){let d=await me(n);a.searchParams.set("code_challenge_method","S256"),a.searchParams.set("code_challenge",d)}return a}import{betterFetch as pt}from"@better-fetch/fetch";async function b({code:e,codeVerifier:t,redirectURI:r,options:o,tokenEndpoint:n}){let s=new URLSearchParams;s.set("grant_type","authorization_code"),s.set("code",e),t&&s.set("code_verifier",t),s.set("redirect_uri",r),s.set("client_id",o.clientId),s.set("client_secret",o.clientSecret);let{data:i,error:a}=await pt(n,{method:"POST",body:s,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(a)throw a;return fe(i)}function Y(e){let t=e.accessToken,r=e.refreshToken,o;try{o=e.accessTokenExpiresAt}catch{}return{accessToken:t,refreshToken:r,expiresAt:o}}var ge=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:r,scopes:o,redirectURI:n}){let s=e.scope||o||["email","name","openid"];return new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${n||e.redirectURI}&scope=${s.join(" ")}&state=${r}`)},validateAuthorizationCode:async(r,o,n)=>b({code:r,codeVerifier:o,redirectURI:n||h("apple",e.redirectURI),options:e,tokenEndpoint:t}),async getUserInfo(r){if(!r.idToken)return null;let o=lt(r.idToken)?.payload;return o?{user:{id:o.sub,name:o.name,email:o.email,emailVerified:o.email_verified==="true"},data:o}:null}}};import{betterFetch as mt}from"@better-fetch/fetch";var he=e=>({id:"discord",name:"Discord",createAuthorizationURL({state:t,scopes:r}){let o=e.scope||r||["identify","email"];return new URL(`https://discord.com/api/oauth2/authorize?scope=${o.join("+")}&response_type=code&client_id=${e.clientId}&redirect_uri=${encodeURIComponent(h("discord",e.redirectURI))}&state=${t}`)},validateAuthorizationCode:async(t,r,o)=>b({code:t,redirectURI:o||h("discord",e.redirectURI),options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await mt("https://discord.com/api/users/@me",{headers:{authorization:`Bearer ${t.accessToken}`}});if(o)return null;if(r.avatar===null){let n=r.discriminator==="0"?Number(BigInt(r.id)>>BigInt(22))%6:parseInt(r.discriminator)%5;r.image_url=`https://cdn.discordapp.com/embed/avatars/${n}.png`}else{let n=r.avatar.startsWith("a_")?"gif":"png";r.image_url=`https://cdn.discordapp.com/avatars/${r.id}/${r.avatar}.${n}`}return{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified,image:r.image_url},data:r}}});import{betterFetch as ft}from"@better-fetch/fetch";var we=e=>({id:"facebook",name:"Facebook",async createAuthorizationURL({state:t,scopes:r,codeVerifier:o}){let n=e.scope||r||["email","public_profile"];return await R({id:"facebook",options:e,authorizationEndpoint:"https://www.facebook.com/v16.0/dialog/oauth",scopes:n,state:t,codeVerifier:o})},validateAuthorizationCode:async(t,r,o)=>b({code:t,codeVerifier:r,redirectURI:o||h("facebook",e.redirectURI),options:e,tokenEndpoint:"https://graph.facebook.com/v16.0/oauth/access_token"}),async getUserInfo(t){let{data:r,error:o}=await ft("https://graph.facebook.com/me",{auth:{type:"Bearer",token:t.accessToken}});return o?null:{user:{id:r.id,name:r.name,email:r.email,emailVerified:r.email_verified},data:r}}});import{betterFetch as ye}from"@better-fetch/fetch";var be=e=>{let t="https://github.com/login/oauth/access_token";return{id:"github",name:"Github",createAuthorizationURL({state:r,scopes:o,codeVerifier:n}){let s=e.scope||o||["user:email"];return R({id:"github",options:e,authorizationEndpoint:"https://github.com/login/oauth/authorize",scopes:s,state:r,codeVerifier:n})},validateAuthorizationCode:async(r,o,n)=>b({code:r,redirectURI:e.redirectURI||h("google",n),options:e,tokenEndpoint:t}),async getUserInfo(r){let{data:o,error:n}=await ye("https://api.github.com/user",{auth:{type:"Bearer",token:r.accessToken}});if(n)return null;let s=!1;if(!o.email){let{data:i,error:a}=await ye("https://api.github.com/user/emails",{auth:{type:"Bearer",token:r.accessToken}});a||(o.email=(i.find(d=>d.primary)??i[0])?.email,s=i.find(d=>d.email===o.email)?.verified??!1)}return{user:{id:o.id.toString(),name:o.name||o.login,email:o.email,image:o.avatar_url,emailVerified:s},data:o}}}};import{parseJWT as gt}from"oslo/jwt";var Ae=e=>({id:"google",name:"Google",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:n}){if(!e.clientId||!e.clientSecret)throw y.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new L("CLIENT_ID_AND_SECRET_REQUIRED");if(!o)throw new L("codeVerifier is required for Google");let s=e.scope||r||["email","profile"];return R({id:"google",options:e,authorizationEndpoint:"https://accounts.google.com/o/oauth2/auth",scopes:s,state:t,codeVerifier:o})},validateAuthorizationCode:async(t,r,o)=>b({code:t,codeVerifier:r,redirectURI:o||h("google",e.redirectURI),options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"}),async getUserInfo(t){if(!t.idToken)return null;let r=gt(t.idToken)?.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}}});import{betterFetch as ht}from"@better-fetch/fetch";import{parseJWT as wt}from"oslo/jwt";var Re=e=>{let t=e.tenantId||"common",r=`https://login.microsoftonline.com/${t}/oauth2/v2.0/authorize`,o=`https://login.microsoftonline.com/${t}/oauth2/v2.0/token`;return{id:"microsoft",name:"Microsoft EntraID",createAuthorizationURL(n){let s=e.scope||n.scopes||["openid","profile","email","User.Read"];return R({id:"microsoft",options:e,authorizationEndpoint:r,state:n.state,codeVerifier:n.codeVerifier,scopes:s})},validateAuthorizationCode(n,s,i){return b({code:n,codeVerifier:s,redirectURI:i||h("microsoft",e.redirectURI),options:e,tokenEndpoint:o})},async getUserInfo(n){if(!n.idToken)return null;let s=wt(n.idToken)?.payload,i=e.profilePhotoSize||48;return await ht(`https://graph.microsoft.com/v1.0/me/photos/${i}x${i}/$value`,{headers:{Authorization:`Bearer ${n.accessToken}`},async onResponse(a){if(!(e.disableProfilePhoto||!a.response.ok))try{let c=await a.response.clone().arrayBuffer(),m=Buffer.from(c).toString("base64");s.picture=`data:image/jpeg;base64, ${m}`}catch(d){y.error(d)}}}),{user:{id:s.sub,name:s.name,email:s.email,image:s.picture,emailVerified:!0},data:s}}}};import{betterFetch as yt}from"@better-fetch/fetch";var ke=e=>({id:"spotify",name:"Spotify",createAuthorizationURL({state:t,scopes:r,codeVerifier:o}){let n=e.scope||r||["user-read-email"];return R({id:"spotify",options:e,authorizationEndpoint:"https://accounts.spotify.com/authorize",scopes:n,state:t,codeVerifier:o})},validateAuthorizationCode:async(t,r,o)=>b({code:t,codeVerifier:r,redirectURI:o||h("spotify",e.redirectURI),options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"}),async getUserInfo(t){let{data:r,error:o}=await yt("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o?null:{user:{id:r.id,name:r.display_name,email:r.email,image:r.images[0]?.url,emailVerified:!1},data:r}}});import{betterFetch as bt}from"@better-fetch/fetch";var Ue=e=>({id:"twitch",name:"Twitch",createAuthorizationURL({state:t,scopes:r}){let o=e.scope||r||["activity:write","read"];return R({id:"twitch",options:e,authorizationEndpoint:"https://id.twitch.tv/oauth2/authorize",scopes:o,state:t})},validateAuthorizationCode:async(t,r,o)=>b({code:t,redirectURI:o||h("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await bt("https://api.twitch.tv/helix/users",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o?null:{user:{id:r.sub,name:r.preferred_username,email:r.email,image:r.picture,emailVerified:!1},data:r}}});import{betterFetch as At}from"@better-fetch/fetch";var Ee=e=>({id:"twitter",name:"Twitter",createAuthorizationURL(t){let r=e.scope||t.scopes||["account_info.read"];return R({id:"twitter",options:e,authorizationEndpoint:"https://twitter.com/i/oauth2/authorize",scopes:r,state:t.state,codeVerifier:t.codeVerifier})},validateAuthorizationCode:async(t,r,o)=>b({code:t,codeVerifier:r,redirectURI:o||h("twitch",e.redirectURI),options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await At("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}}});var Rt={apple:ge,discord:he,facebook:we,github:be,microsoft:Re,google:Ae,spotify:ke,twitch:Ue,twitter:Ee},xe=Object.keys(Rt);var Te=u("/sign-in/social",{method:"POST",requireHeaders:!0,query:T.object({currentURL:T.string().optional()}).optional(),body:T.object({callbackURL:T.string().optional(),provider:T.enum(xe)}),use:[x]},async e=>{let t=e.context.socialProviders.find(d=>d.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider to your auth config",{provider:e.body.provider}),new O("NOT_FOUND",{message:"Provider not found"});let r=e.context.authCookies,o=e.query?.currentURL?new URL(e.query?.currentURL):null,n=e.body.callbackURL?.startsWith("http")?e.body.callbackURL:`${o?.origin}${e.body.callbackURL||""}`,s=await ue(n||o?.origin||e.context.options.baseURL);await e.setSignedCookie(r.state.name,s.hash,e.context.secret,r.state.options);let i=kt();await e.setSignedCookie(r.pkCodeVerifier.name,i,e.context.secret,r.pkCodeVerifier.options);let a=await t.createAuthorizationURL({state:s.raw,codeVerifier:i});return a.searchParams.set("redirect_uri",`${e.context.baseURL}/callback/${e.body.provider}`),e.json({url:a.toString(),state:s,codeVerifier:i,redirect:!0})}),Pe=u("/sign-in/email",{method:"POST",body:T.object({email:T.string().email(),password:T.string(),callbackURL:T.string().optional(),dontRememberMe:T.boolean().default(!1).optional()}),use:[x]},async e=>{if(!e.context.options?.emailAndPassword?.enabled)throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new O("BAD_REQUEST",{message:"Email and password is not enabled"});let{email:t,password:r}=e.body;if(!T.string().email().safeParse(t).success)throw new O("BAD_REQUEST",{message:"Invalid email"});let n=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!n)throw await e.context.password.hash(r),e.context.logger.error("User not found",{email:t}),new O("UNAUTHORIZED",{message:"Invalid email or password"});let s=n.accounts.find(c=>c.providerId==="credential");if(!s)throw e.context.logger.error("Credential account not found",{email:t}),new O("UNAUTHORIZED",{message:"Invalid email or password"});let i=s?.password;if(!i)throw e.context.logger.error("Password not found",{email:t}),new O("UNAUTHORIZED",{message:"Unexpected error"});if(!await e.context.password.verify(i,r))throw e.context.logger.error("Invalid password"),new O("UNAUTHORIZED",{message:"Invalid email or password"});let d=await e.context.internalAdapter.createSession(n.user.id,e.headers,e.body.dontRememberMe);if(!d)throw e.context.logger.error("Failed to create session"),new O("UNAUTHORIZED",{message:"Failed to create session"});return await v(e,d.id,e.body.dontRememberMe),e.json({user:n.user,session:d,redirect:!!e.body.callbackURL,url:e.body.callbackURL})});import{APIError as Et}from"better-call";import{z as G}from"zod";import{z as p}from"zod";var mn=p.object({id:p.string(),providerId:p.string(),accountId:p.string(),userId:p.string(),accessToken:p.string().nullable().optional(),refreshToken:p.string().nullable().optional(),idToken:p.string().nullable().optional(),expiresAt:p.date().nullable().optional(),password:p.string().optional().nullable()}),ve=p.object({id:p.string(),email:p.string().transform(e=>e.toLowerCase()),emailVerified:p.boolean().default(!1),name:p.string(),image:p.string().optional(),createdAt:p.date().default(new Date),updatedAt:p.date().default(new Date)}),fn=p.object({id:p.string(),userId:p.string(),expiresAt:p.date(),ipAddress:p.string().optional(),userAgent:p.string().optional()}),gn=p.object({id:p.string(),value:p.string(),expiresAt:p.date(),identifier:p.string()});function Ut(e,t){let r=t.fields,o={};for(let n in r){if(n in e){if(r[n].input===!1){if(r[n].defaultValue){o[n]=r[n].defaultValue;continue}continue}o[n]=e[n];continue}if(r[n].defaultValue){o[n]=r[n].defaultValue;continue}}return o}function _e(e,t){let r={...e.user?.additionalFields};return Ut(t||{},{fields:r})}var Se=e=>N(e||21,F("a-z","0-9","A-Z"));var I={isAction:!1};var Le=u("/callback/:id",{method:"GET",query:G.object({state:G.string(),code:G.string().optional(),error:G.string().optional()}),metadata:I},async e=>{if(e.query.error||!e.query.code){let w=K(e.query.state).data?.callbackURL||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${w}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(l=>l.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let r=K(e.query.state);if(!r.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let{data:{callbackURL:o,currentURL:n}}=r,s=await e.getSignedCookie(e.context.authCookies.state.name,e.context.secret);if(!s)throw y.error("No stored state found"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!await ce(e.query.state,s))throw y.error("OAuth state mismatch"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let a=await e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),d;try{d=await t.validateAuthorizationCode(e.query.code,a,`${e.context.baseURL}/callback/${t.id}`)}catch(l){throw e.context.logger.error(l),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`)}let c=await t.getUserInfo(d).then(l=>l?.user),m=Se(),A=ve.safeParse({...c,id:m});if(!c||A.success===!1)throw y.error("Unable to get user info",A.error),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!o)throw e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let g=await e.context.internalAdapter.findUserByEmail(c.email,{includeAccounts:!0}).catch(l=>{throw y.error(`Better auth was unable to query your database.
+Error: `,l),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)}),f=g?.user.id;if(g){let l=g.accounts.find(U=>U.providerId===t.id),w=e.context.options.account?.accountLinking?.trustedProviders,k=w?w.includes(t.id):!0;if(!l&&(!c.emailVerified||!k)){let U;try{U=new URL(n||o),U.searchParams.set("error","account_not_linked")}catch{throw e.redirect(`${e.context.baseURL}/error?error=account_not_linked`)}throw e.redirect(U.toString())}if(!l)try{await e.context.internalAdapter.linkAccount({providerId:t.id,accountId:c.id.toString(),id:`${t.id}:${c.id}`,userId:g.user.id,...Y(d)})}catch(U){throw console.log(U),e.redirect(`${e.context.baseURL}/error?error=failed_linking_account`)}}else try{await e.context.internalAdapter.createOAuthUser(A.data,{...Y(d),id:`${t.id}:${c.id}`,providerId:t.id,accountId:c.id.toString(),userId:m})}catch{let w=new URL(n||o);throw w.searchParams.set("error","unable_to_create_user"),e.setHeader("Location",w.toString()),e.redirect(w.toString())}if(!f&&!m)throw new Et("INTERNAL_SERVER_ERROR",{message:"Unable to create user"});try{let l=await e.context.internalAdapter.createSession(f||m,e.request);if(!l){let w=new URL(n||o);throw w.searchParams.set("error","unable_to_create_session"),e.redirect(w.toString())}try{await v(e,l.id)}catch(w){e.context.logger.error("Unable to set session cookie",w);let k=new URL(n||o);throw k.searchParams.set("error","unable_to_create_session"),e.redirect(k.toString())}}catch{let l=new URL(n||o||"");throw l.searchParams.set("error","unable_to_create_session"),e.redirect(l.toString())}throw e.redirect(o)});import{APIError as q}from"better-call";var Z=(e,t="ms")=>new Date(Date.now()+(t==="sec"?e*1e3:e));import{z as Oe}from"zod";var ee=()=>u("/session",{method:"GET",requireHeaders:!0},async e=>{try{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let r=await e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return j(e),r&&await e.context.internalAdapter.deleteSession(r.session.id),e.json(null,{status:401});if(await e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let n=e.context.sessionConfig.expiresIn,s=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-n*1e3+s*1e3<=Date.now()){let d=await e.context.internalAdapter.updateSession(r.session.id,{expiresAt:Z(e.context.sessionConfig.expiresIn,"sec")});if(!d)return j(e),e.json(null,{status:401});let c=(d.expiresAt.valueOf()-Date.now())/1e3;return await v(e,d.id,!1,{maxAge:c}),e.json({session:d,user:r.user})}return e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}}),xt=async e=>await ee()({...e,_flag:"json",headers:e.headers}),C=z(async e=>{let t=await xt(e);if(!t?.session)throw new q("UNAUTHORIZED");return{session:t}}),Ie=()=>u("/user/list-sessions",{method:"GET",use:[C],requireHeaders:!0},async e=>{let r=(await e.context.internalAdapter.listSessions(e.context.session.user.id)).filter(o=>o.expiresAt>new Date);return e.json(r)}),Ce=u("/user/revoke-session",{method:"POST",body:Oe.object({id:Oe.string()}),use:[C],requireHeaders:!0},async e=>{let t=e.body.id,r=await e.context.internalAdapter.findSession(t);if(!r)throw new q("BAD_REQUEST",{message:"Session not found"});if(r.session.userId!==e.context.session.user.id)throw new q("UNAUTHORIZED");try{await e.context.internalAdapter.deleteSession(t)}catch(o){throw e.context.logger.error(o),new q("INTERNAL_SERVER_ERROR")}return e.json({status:!0})}),Be=u("/user/revoke-sessions",{method:"POST",use:[C],requireHeaders:!0},async e=>{try{await e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){throw e.context.logger.error(t),new q("INTERNAL_SERVER_ERROR")}return e.json({status:!0})});import"zod";import{APIError as Tt}from"better-call";var De=u("/sign-out",{method:"POST"},async e=>{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)throw new Tt("BAD_REQUEST",{message:"Session not found"});return await e.context.internalAdapter.deleteSession(t),j(e),e.json({success:!0})});import{TimeSpan as Pt}from"oslo";import{createJWT as vt,parseJWT as _t}from"oslo/jwt";import{validateJWT as ze}from"oslo/jwt";import{z as E}from"zod";import{APIError as V}from"better-call";var $e=u("/forget-password",{method:"POST",body:E.object({email:E.string().email(),redirectTo:E.string()}),use:[x]},async e=>{if(!e.context.options.emailAndPassword?.sendResetPassword)throw e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function to your auth config!"),new V("BAD_REQUEST",{message:"Reset password isn't enabled"});let{email:t,redirectTo:r}=e.body,o=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!o)return e.context.logger.error("Reset Password: User not found",{email:t}),e.json({status:!1},{body:{status:!0}});let n=await vt("HS256",Buffer.from(e.context.secret),{email:o.user.email,redirectTo:r},{expiresIn:new Pt(1,"h"),issuer:"better-auth",subject:"forget-password",audiences:[o.user.email],includeIssuedTimestamp:!0}),s=`${e.context.baseURL}/reset-password/${n}`;return await e.context.options.emailAndPassword.sendResetPassword(s,o.user),e.json({status:!0})}),je=u("/reset-password/:token",{method:"GET"},async e=>{let{token:t}=e.params,r,o=E.object({email:E.string(),redirectTo:E.string()});try{if(r=await ze("HS256",Buffer.from(e.context.secret),t),!r.expiresAt||r.expiresAt<new Date)throw Error("Token expired")}catch{let i=_t(t),a=o.safeParse(i?.payload);throw a.success?e.redirect(`${a.data?.redirectTo}?error=invalid_token`):e.redirect(`${e.context.baseURL}/error?error=invalid_token`)}let{redirectTo:n}=o.parse(r.payload);throw e.redirect(`${n}?token=${t}`)}),qe=u("/reset-password",{method:"POST",query:E.object({currentURL:E.string()}).optional(),body:E.object({newPassword:E.string(),callbackURL:E.string().optional()})},async e=>{let t=e.query?.currentURL.split("?token=")[1];if(!t)throw new V("BAD_REQUEST",{message:"Token not found"});let{newPassword:r}=e.body;try{let o=await ze("HS256",Buffer.from(e.context.secret),t),n=E.string().email().parse(o.payload.email),s=await e.context.internalAdapter.findUserByEmail(n);if(!s)return e.json({error:"User not found",data:null},{status:400,body:{message:"failed to reset password"}});if(r.length<(e.context.options.emailAndPassword?.minPasswordLength||8)||r.length>(e.context.options.emailAndPassword?.maxPasswordLength||32))throw new V("BAD_REQUEST",{message:"Password is too short or too long"});let i=await e.context.password.hash(r);if(!await e.context.internalAdapter.updatePassword(s.user.id,i))throw new V("BAD_REQUEST",{message:"Failed to update password"});return e.json({error:null,data:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}},{body:{status:!0,url:e.body.callbackURL,redirect:!!e.body.callbackURL}})}catch(o){throw e.context.logger.error("Failed to reset password",o),new V("BAD_REQUEST",{message:"Failed to reset password"})}});import{TimeSpan as St}from"oslo";import{createJWT as Lt,validateJWT as Ot}from"oslo/jwt";import{z as _}from"zod";import{APIError as M}from"better-call";async function te(e,t){return await Lt("HS256",Buffer.from(e),{email:t.toLowerCase()},{expiresIn:new St(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})}var Ve=u("/send-verification-email",{method:"POST",query:_.object({currentURL:_.string().optional()}).optional(),body:_.object({email:_.string().email(),callbackURL:_.string().optional()}),use:[x]},async e=>{if(!e.context.options.emailAndPassword?.sendVerificationEmail)throw e.context.logger.error("Verification email isn't enabled. Pass `sendVerificationEmail` in `emailAndPassword` options to enable it."),new M("BAD_REQUEST",{message:"Verification email isn't enabled"});let{email:t}=e.body,r=await e.context.internalAdapter.findUserByEmail(t);if(!r)throw new M("BAD_REQUEST",{message:"User not found"});let o=await te(e.context.secret,t),n=`${e.context.baseURL}/verify-email?token=${o}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.emailAndPassword.sendVerificationEmail(n,r.user,o),e.json({status:!0})}),Me=u("/verify-email",{method:"GET",query:_.object({token:_.string(),callbackURL:_.string().optional()})},async e=>{let{token:t}=e.query,r;try{r=await Ot("HS256",Buffer.from(e.context.secret),t)}catch(a){throw e.context.logger.error("Failed to verify email",a),new M("BAD_REQUEST",{message:"Invalid token"})}let n=_.object({email:_.string().email()}).parse(r.payload),s=await e.context.internalAdapter.findUserByEmail(n.email,{includeAccounts:!0});if(!s)throw new M("BAD_REQUEST",{message:"User not found"});if(!s.accounts.find(a=>a.providerId==="credential"))throw new M("BAD_REQUEST",{message:"Account not found"});if(await e.context.internalAdapter.updateUserByEmail(n.email,{emailVerified:!0}),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({status:!0})});import{z as P}from"zod";import{APIError as S}from"better-call";var Ne=u("/user/update",{method:"POST",body:P.object({name:P.string().optional(),image:P.string().optional()}),use:[C,x]},async e=>{let{name:t,image:r}=e.body,o=e.context.session;if(!r&&!t)return e.json({user:o.user});let n=await e.context.internalAdapter.updateUserByEmail(o.user.email,{name:t,image:r});return e.json({user:n})}),Fe=u("/user/change-password",{method:"POST",body:P.object({newPassword:P.string(),currentPassword:P.string(),revokeOtherSessions:P.boolean().optional()}),use:[C]},async e=>{let{newPassword:t,currentPassword:r,revokeOtherSessions:o}=e.body,n=e.context.session,s=e.context.password.config.minPasswordLength;if(t.length<s)throw e.context.logger.error("Password is too short"),new S("BAD_REQUEST",{message:"Password is too short"});let i=e.context.password.config.maxPasswordLength;if(t.length>i)throw e.context.logger.error("Password is too long"),new S("BAD_REQUEST",{message:"Password too long"});let d=(await e.context.internalAdapter.findAccounts(n.user.id)).find(A=>A.providerId==="credential"&&A.password);if(!d||!d.password)throw new S("BAD_REQUEST",{message:"User does not have a password"});let c=await e.context.password.hash(t);if(!await e.context.password.verify(d.password,r))throw new S("BAD_REQUEST",{message:"Incorrect password"});if(await e.context.internalAdapter.updateAccount(d.id,{password:c}),o){await e.context.internalAdapter.deleteSessions(n.user.id);let A=await e.context.internalAdapter.createSession(n.user.id,e.headers);if(!A)throw new S("INTERNAL_SERVER_ERROR",{message:"Unable to create session"});await v(e,A.id)}return e.json(n.user)}),He=u("/user/set-password",{method:"POST",body:P.object({newPassword:P.string()}),use:[C]},async e=>{let{newPassword:t}=e.body,r=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)throw e.context.logger.error("Password is too short"),new S("BAD_REQUEST",{message:"Password is too short"});let n=e.context.password.config.maxPasswordLength;if(t.length>n)throw e.context.logger.error("Password is too long"),new S("BAD_REQUEST",{message:"Password too long"});let i=(await e.context.internalAdapter.findAccounts(r.user.id)).find(d=>d.providerId==="credential"&&d.password),a=await e.context.password.hash(t);if(!i)return await e.context.internalAdapter.linkAccount({userId:r.user.id,providerId:"credential",accountId:r.user.id,password:a}),e.json(r.user);throw new S("BAD_REQUEST",{message:"user already has a password"})}),Qe=u("/user/delete",{method:"POST",body:P.object({password:P.string()}),use:[C]},async e=>{let{password:t}=e.body,r=e.context.session,n=(await e.context.internalAdapter.findAccounts(r.user.id)).find(i=>i.providerId==="credential"&&i.password);if(!n||!n.password)throw new S("BAD_REQUEST",{message:"User does not have a password"});if(!await e.context.password.verify(n.password,t))throw new S("BAD_REQUEST",{message:"Incorrect password"});return await e.context.internalAdapter.deleteUser(r.user.id),await e.context.internalAdapter.deleteSessions(r.user.id),e.json(null)});var Ge=u("/csrf",{method:"GET",metadata:I},async e=>{let t=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t)return{csrfToken:t};let r=N(32,F("a-z","0-9","A-Z")),o=await H(e.context.secret,r),n=`${r}!${o}`;return await e.setSignedCookie(e.context.authCookies.csrfToken.name,n,e.context.secret,e.context.authCookies.csrfToken.options),{csrfToken:r}});var It=(e="Unknown")=>`<!DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="UTF-8">
@@ -80,4 +80,4 @@ Error: `,p),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)
         <div class="error-code">Error Code: <span id="errorCode">${e}</span></div>
     </div>
 </body>
-</html>`,Ze=u("/error",{method:"GET",metadata:I},async e=>{let t=new URL(e.request?.url||"").searchParams.get("error")||"Unknown";return new Response(It(t),{headers:{"Content-Type":"text/html"}})});var We=u("/ok",{method:"GET",metadata:I},async e=>e.json({ok:!0}));import{z as $}from"zod";import{APIError as D}from"better-call";var Je=()=>u("/sign-up/email",{method:"POST",query:$.object({currentURL:$.string().optional()}).optional(),body:$.record($.string(),$.any()),use:[x]},async e=>{if(!e.context.options.emailAndPassword?.enabled)throw new D("BAD_REQUEST",{message:"Email and password sign up is not enabled"});let t=e.body,{name:r,email:o,password:n,image:s,callbackURL:i,...a}=t;if(!$.string().email().safeParse(o).success)throw new D("BAD_REQUEST",{message:"Invalid email"});let c=e.context.password.config.minPasswordLength;if(n.length<c)throw e.context.logger.error("Password is too short"),new D("BAD_REQUEST",{message:"Password is too short"});let m=e.context.password.config.maxPasswordLength;if(n.length>m)throw e.context.logger.error("Password is too long"),new D("BAD_REQUEST",{message:"Password is too long"});if((await e.context.internalAdapter.findUserByEmail(o))?.user)throw e.context.logger.info(`Sign-up attempt for existing email: ${o}`),new D("UNPROCESSABLE_ENTITY",{message:"The email has already been taken"});let g=_e(e.context.options,a),f=await e.context.internalAdapter.createUser({email:o.toLowerCase(),name:r,image:s,...g,emailVerified:!1});if(!f)throw new D("BAD_REQUEST",{message:"Failed to create user"});let p=await e.context.password.hash(n);await e.context.internalAdapter.linkAccount({userId:f.id,providerId:"credential",accountId:f.id,password:p,expiresAt:Z(60*60*24*30,"sec")});let w=await e.context.internalAdapter.createSession(f.id,e.request);if(!w)throw new D("BAD_REQUEST",{message:"Failed to create session"});if(await v(e,w.id),e.context.options.emailAndPassword.sendEmailVerificationOnSignUp){let k=await te(e.context.secret,f.email),U=`${e.context.baseURL}/verify-email?token=${k}&callbackURL=${t.callbackURL||e.query?.currentURL||"/"}`;await e.context.options.emailAndPassword.sendVerificationEmail?.(U,f,k)}return e.json({user:f,session:w,error:null},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:f,session:w}})});function Ke(e){let t="127.0.0.1";if(process.env.NODE_ENV==="test")return t;let r=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"];for(let o of r){let n=e.headers.get(o);if(typeof n=="string"){let s=n.split(",")[0].trim();if(s)return s}}return null}function Ct(e,t,r){let o=Date.now(),n=t*1e3;return o-r.lastRequest<n&&r.count>=e}function Bt(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function Dt(e,t){let r=Date.now(),o=t*1e3;return Math.ceil((e+o-r)/1e3)}function zt(e,t){let r=t??"rateLimit",o=e.adapter;return{get:async n=>await o.findOne({model:r,where:[{field:"key",value:n}]}),set:async(n,s,i)=>{try{i?await o.update({model:t??"rateLimit",where:[{field:"key",value:n}],update:{count:s.count,lastRequest:s.lastRequest}}):await o.create({model:t??"rateLimit",data:{key:n,count:s.count,lastRequest:s.lastRequest}})}catch(a){y.error("Error setting rate limit",a)}}}}var Xe=new Map;function $t(e){return e.rateLimit.storage==="secondary-storage"?{get:async r=>{let o=await e.options.secondaryStorage?.get(r);return o?JSON.parse(o):void 0},set:async(r,o)=>{await e.options.secondaryStorage?.set?.(r,JSON.stringify(o))}}:e.rateLimit.storage==="memory"?{async get(r){return Xe.get(r)},async set(r,o,n){Xe.set(r,o)}}:zt(e,e.rateLimit.tableName)}async function Ye(e,t){if(!t.rateLimit.enabled)return;let r=t.baseURL,o=e.url.replace(r,""),n=t.rateLimit.window,s=t.rateLimit.max,i=Ke(e)+o,d=jt().find(g=>g.pathMatcher(o));d&&(n=d.window,s=d.max);for(let g of t.options.plugins||[])if(g.rateLimit){let f=g.rateLimit.find(p=>p.pathMatcher(o));if(f){n=f.window,s=f.max;break}}if(t.rateLimit.customRules){let g=t.rateLimit.customRules[o];g&&(n=g.window,s=g.max)}let c=$t(t),m=await c.get(i),A=Date.now();if(!m)await c.set(i,{key:i,count:1,lastRequest:A});else{let g=A-m.lastRequest;if(Ct(s,n,m)){let f=Dt(m.lastRequest,n);return Bt(f)}else g>n*1e3?await c.set(i,{...m,count:1,lastRequest:A}):await c.set(i,{...m,count:m.count+1,lastRequest:A})}}function jt(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:7}]}import{APIError as Ei}from"better-call";function Mt(e,t){let r=t.plugins?.reduce((a,d)=>({...a,...d.endpoints}),{}),o=t.plugins?.map(a=>a.middlewares?.map(d=>{let c=async m=>d.middleware({...m,context:{...e,...m.context}});return c.path=d.path,c.options=d.middleware.options,c.headers=d.middleware.headers,{path:d.path,middleware:c}})).filter(a=>a!==void 0).flat()||[],s={...{signInOAuth:Te,callbackOAuth:Le,getCSRFToken:Ge,getSession:ee(),signOut:De,signUpEmail:Je(),signInEmail:Pe,forgetPassword:$e,resetPassword:qe,verifyEmail:Me,sendVerificationEmail:Ve,changePassword:Fe,setPassword:He,updateUser:Ne,deleteUser:Qe,forgetPasswordCallback:je,listSessions:Ie(),revokeSession:Ce,revokeSessions:Be},...r,ok:We,error:Ze},i={};for(let[a,d]of Object.entries(s))i[a]=async(c={})=>{let m=await e;for(let f of t.plugins||[])if(f.hooks?.before){for(let p of f.hooks.before)if(p.matcher({...d,...c,context:m})){let k=await p.handler({...c,context:{...m,...c?.context}});k&&"context"in k&&(m={...m,...k.context})}}let g=await d({...c,context:{...m,...c.context}});for(let f of t.plugins||[])if(f.hooks?.after){for(let p of f.hooks.after)if(p.matcher(c)){let k=Object.assign(c,{context:{...e,returned:g}}),U=await p.handler(k);U&&"response"in U&&(g=U.response)}}return g},i[a].path=d.path,i[a].method=d.method,i[a].options=d.options,i[a].headers=d.headers;return{api:i,middlewares:o}}var yi=(e,t)=>{let{api:r,middlewares:o}=Mt(e,t),n=new URL(e.baseURL).pathname;return Vt(r,{extraContext:e,basePath:n,routerMiddleware:[{path:"/**",middleware:ie},...o],async onRequest(s){for(let i of e.options.plugins||[])if(i.onRequest){let a=await i.onRequest(s,e);if(a)return a}return Ye(s,e)},async onResponse(s){for(let i of e.options.plugins||[])if(i.onResponse){let a=await i.onResponse(s,e);if(a)return a.response}return s},onError(s){if(t.onAPIError?.throw)throw s;if(t.onAPIError?.onError){t.onAPIError.onError(s,e);return}let i=t.logger?.verboseLogging?y:void 0;t.logger?.disabled!==!0&&(s instanceof qt?(s.status==="INTERNAL_SERVER_ERROR"&&y.error(s),i?.error(s.message)):y?.error(s))}})};export{Ei as APIError,Le as callbackOAuth,Fe as changePassword,u as createAuthEndpoint,z as createAuthMiddleware,te as createEmailVerificationToken,ie as csrfMiddleware,Qe as deleteUser,Ze as error,$e as forgetPassword,je as forgetPasswordCallback,Ge as getCSRFToken,Mt as getEndpoints,ee as getSession,xt as getSessionFromCtx,Ie as listSessions,We as ok,ne as optionsMiddleware,qe as resetPassword,Ce as revokeSession,Be as revokeSessions,yi as router,Ve as sendVerificationEmail,C as sessionMiddleware,He as setPassword,Pe as signInEmail,Te as signInOAuth,De as signOut,Je as signUpEmail,Ne as updateUser,Me as verifyEmail};
+</html>`,Ze=u("/error",{method:"GET",metadata:I},async e=>{let t=new URL(e.request?.url||"").searchParams.get("error")||"Unknown";return new Response(It(t),{headers:{"Content-Type":"text/html"}})});var We=u("/ok",{method:"GET",metadata:I},async e=>e.json({ok:!0}));import{z as $}from"zod";import{APIError as D}from"better-call";var Je=()=>u("/sign-up/email",{method:"POST",query:$.object({currentURL:$.string().optional()}).optional(),body:$.record($.string(),$.any()),use:[x]},async e=>{if(!e.context.options.emailAndPassword?.enabled)throw new D("BAD_REQUEST",{message:"Email and password sign up is not enabled"});let t=e.body,{name:r,email:o,password:n,image:s,callbackURL:i,...a}=t;if(!$.string().email().safeParse(o).success)throw new D("BAD_REQUEST",{message:"Invalid email"});let c=e.context.password.config.minPasswordLength;if(n.length<c)throw e.context.logger.error("Password is too short"),new D("BAD_REQUEST",{message:"Password is too short"});let m=e.context.password.config.maxPasswordLength;if(n.length>m)throw e.context.logger.error("Password is too long"),new D("BAD_REQUEST",{message:"Password is too long"});if((await e.context.internalAdapter.findUserByEmail(o))?.user)throw e.context.logger.info(`Sign-up attempt for existing email: ${o}`),new D("UNPROCESSABLE_ENTITY",{message:"The email has already been taken"});let g=_e(e.context.options,a),f=await e.context.internalAdapter.createUser({email:o.toLowerCase(),name:r,image:s,...g,emailVerified:!1});if(!f)throw new D("BAD_REQUEST",{message:"Failed to create user"});let l=await e.context.password.hash(n);await e.context.internalAdapter.linkAccount({userId:f.id,providerId:"credential",accountId:f.id,password:l,expiresAt:Z(60*60*24*30,"sec")});let w=await e.context.internalAdapter.createSession(f.id,e.request);if(!w)throw new D("BAD_REQUEST",{message:"Failed to create session"});if(await v(e,w.id),e.context.options.emailAndPassword.sendEmailVerificationOnSignUp){let k=await te(e.context.secret,f.email),U=`${e.context.baseURL}/verify-email?token=${k}&callbackURL=${t.callbackURL||e.query?.currentURL||"/"}`;await e.context.options.emailAndPassword.sendVerificationEmail?.(U,f,k)}return e.json({user:f,session:w,error:null},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:f,session:w}})});function Ke(e){let t="127.0.0.1";if(process.env.NODE_ENV==="test")return t;let r=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"];for(let o of r){let n=e.headers.get(o);if(typeof n=="string"){let s=n.split(",")[0].trim();if(s)return s}}return null}function Ct(e,t,r){let o=Date.now(),n=t*1e3;return o-r.lastRequest<n&&r.count>=e}function Bt(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function Dt(e,t){let r=Date.now(),o=t*1e3;return Math.ceil((e+o-r)/1e3)}function zt(e,t){let r=t??"rateLimit",o=e.adapter;return{get:async n=>await o.findOne({model:r,where:[{field:"key",value:n}]}),set:async(n,s,i)=>{try{i?await o.update({model:t??"rateLimit",where:[{field:"key",value:n}],update:{count:s.count,lastRequest:s.lastRequest}}):await o.create({model:t??"rateLimit",data:{key:n,count:s.count,lastRequest:s.lastRequest}})}catch(a){y.error("Error setting rate limit",a)}}}}var Xe=new Map;function $t(e){return e.rateLimit.storage==="secondary-storage"?{get:async r=>{let o=await e.options.secondaryStorage?.get(r);return o?JSON.parse(o):void 0},set:async(r,o)=>{await e.options.secondaryStorage?.set?.(r,JSON.stringify(o))}}:e.rateLimit.storage==="memory"?{async get(r){return Xe.get(r)},async set(r,o,n){Xe.set(r,o)}}:zt(e,e.rateLimit.tableName)}async function Ye(e,t){if(!t.rateLimit.enabled)return;let r=t.baseURL,o=e.url.replace(r,""),n=t.rateLimit.window,s=t.rateLimit.max,i=Ke(e)+o,d=jt().find(g=>g.pathMatcher(o));d&&(n=d.window,s=d.max);for(let g of t.options.plugins||[])if(g.rateLimit){let f=g.rateLimit.find(l=>l.pathMatcher(o));if(f){n=f.window,s=f.max;break}}if(t.rateLimit.customRules){let g=t.rateLimit.customRules[o];g&&(n=g.window,s=g.max)}let c=$t(t),m=await c.get(i),A=Date.now();if(!m)await c.set(i,{key:i,count:1,lastRequest:A});else{let g=A-m.lastRequest;if(Ct(s,n,m)){let f=Dt(m.lastRequest,n);return Bt(f)}else g>n*1e3?await c.set(i,{...m,count:1,lastRequest:A}):await c.set(i,{...m,count:m.count+1,lastRequest:A})}}function jt(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:7}]}import{APIError as Ei}from"better-call";function Mt(e,t){let r=t.plugins?.reduce((a,d)=>({...a,...d.endpoints}),{}),o=t.plugins?.map(a=>a.middlewares?.map(d=>{let c=async m=>d.middleware({...m,context:{...e,...m.context}});return c.path=d.path,c.options=d.middleware.options,c.headers=d.middleware.headers,{path:d.path,middleware:c}})).filter(a=>a!==void 0).flat()||[],s={...{signInOAuth:Te,callbackOAuth:Le,getCSRFToken:Ge,getSession:ee(),signOut:De,signUpEmail:Je(),signInEmail:Pe,forgetPassword:$e,resetPassword:qe,verifyEmail:Me,sendVerificationEmail:Ve,changePassword:Fe,setPassword:He,updateUser:Ne,deleteUser:Qe,forgetPasswordCallback:je,listSessions:Ie(),revokeSession:Ce,revokeSessions:Be},...r,ok:We,error:Ze},i={};for(let[a,d]of Object.entries(s))i[a]=async(c={})=>{let m=await e;for(let f of t.plugins||[])if(f.hooks?.before){for(let l of f.hooks.before)if(l.matcher({...d,...c,context:m})){let k=await l.handler({...c,context:{...m,...c?.context}});k&&"context"in k&&(m={...m,...k.context})}}let g=await d({...c,context:{...m,...c.context}});for(let f of t.plugins||[])if(f.hooks?.after){for(let l of f.hooks.after)if(l.matcher(c)){let k=Object.assign(c,{context:{...e,returned:g}}),U=await l.handler(k);U&&"response"in U&&(g=U.response)}}return g},i[a].path=d.path,i[a].method=d.method,i[a].options=d.options,i[a].headers=d.headers;return{api:i,middlewares:o}}var yi=(e,t)=>{let{api:r,middlewares:o}=Mt(e,t),n=new URL(e.baseURL).pathname;return Vt(r,{extraContext:e,basePath:n,routerMiddleware:[{path:"/**",middleware:ie},...o],async onRequest(s){for(let i of e.options.plugins||[])if(i.onRequest){let a=await i.onRequest(s,e);if(a)return a}return Ye(s,e)},async onResponse(s){for(let i of e.options.plugins||[])if(i.onResponse){let a=await i.onResponse(s,e);if(a)return a.response}return s},onError(s){if(t.onAPIError?.throw)throw s;if(t.onAPIError?.onError){t.onAPIError.onError(s,e);return}let i=t.logger?.verboseLogging?y:void 0;t.logger?.disabled!==!0&&(s instanceof qt?(s.status==="INTERNAL_SERVER_ERROR"&&y.error(s),i?.error(s.message)):y?.error(s))}})};export{Ei as APIError,Le as callbackOAuth,Fe as changePassword,u as createAuthEndpoint,z as createAuthMiddleware,te as createEmailVerificationToken,ie as csrfMiddleware,Qe as deleteUser,Ze as error,$e as forgetPassword,je as forgetPasswordCallback,Ge as getCSRFToken,Mt as getEndpoints,ee as getSession,xt as getSessionFromCtx,Ie as listSessions,We as ok,ne as optionsMiddleware,qe as resetPassword,Ce as revokeSession,Be as revokeSessions,yi as router,Ve as sendVerificationEmail,C as sessionMiddleware,He as setPassword,Pe as signInEmail,Te as signInOAuth,De as signOut,Je as signUpEmail,Ne as updateUser,Me as verifyEmail};

package/dist/db.js CHANGED Viewed

@@ -1,4 +1,4 @@
-var v=(e,r="ms")=>new Date(Date.now()+(r==="sec"?e*1e3:e));var g=e=>{let r=e.plugins?.reduce((t,a)=>{let d=a.schema;if(!d)return t;for(let[u,f]of Object.entries(d))t[u]={fields:{...t[u]?.fields,...f.fields},tableName:f.tableName||u};return t},{}),i=e.rateLimit?.storage==="database",n={rateLimit:{tableName:e.rateLimit?.tableName||"rateLimit",fields:{key:{type:"string",fieldName:e.rateLimit?.fields?.key||"key"},count:{type:"number",fieldName:e.rateLimit?.fields?.count||"count"},lastRequest:{type:"number",fieldName:e.rateLimit?.fields?.lastRequest||"lastRequest"}}}},{user:o,session:s,account:l,...c}=r||{};return{user:{tableName:e.user?.modelName||"user",fields:{name:{type:"string",required:!0,fieldName:e.user?.fields?.name||"name"},email:{type:"string",unique:!0,required:!0,fieldName:e.user?.fields?.email||"email"},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0,fieldName:e.user?.fields?.emailVerified||"emailVerified"},image:{type:"string",required:!1,fieldName:e.user?.fields?.image||"image"},createdAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.createdAt||"createdAt"},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.updatedAt||"updatedAt"},...o?.fields,...e.user?.additionalFields},order:1},session:{tableName:e.session?.modelName||"session",fields:{expiresAt:{type:"date",required:!0,fieldName:e.session?.fields?.expiresAt||"expiresAt"},ipAddress:{type:"string",required:!1,fieldName:e.session?.fields?.ipAddress||"ipAddress"},userAgent:{type:"string",required:!1,fieldName:e.session?.fields?.userAgent||"userAgent"},userId:{type:"string",fieldName:e.session?.fields?.userId||"userId",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0},...s?.fields,...e.session?.additionalFields},order:2},account:{tableName:e.account?.modelName||"account",fields:{accountId:{type:"string",required:!0,fieldName:e.account?.fields?.accountId||"accountId"},providerId:{type:"string",required:!0,fieldName:e.account?.fields?.providerId||"providerId"},userId:{type:"string",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0,fieldName:e.account?.fields?.userId||"userId"},accessToken:{type:"string",required:!1,fieldName:e.account?.fields?.accessToken||"accessToken"},refreshToken:{type:"string",required:!1,fieldName:e.account?.fields?.refreshToken||"refreshToken"},idToken:{type:"string",required:!1,fieldName:e.account?.fields?.idToken||"idToken"},expiresAt:{type:"date",required:!1,fieldName:e.account?.fields?.expiresAt||"expiresAt"},password:{type:"string",required:!1,fieldName:e.account?.fields?.password||"password"},...l?.fields},order:3},verification:{tableName:e.verification?.modelName||"verification",fields:{identifier:{type:"string",required:!0,fieldName:e.verification?.fields?.identifier||"identifier"},value:{type:"string",required:!0,fieldName:e.verification?.fields?.value||"value"},expiresAt:{type:"date",required:!0,fieldName:e.verification?.fields?.expiresAt||"expiresAt"}},order:4},...c,...i?n:{}}};function $(e){return e.toString(2).padStart(8,"0")}function H(e){return[...e].map(r=>$(r)).join("")}function R(e){return parseInt(H(e),2)}function Z(e){if(e<0||!Number.isInteger(e))throw new Error("Argument 'max' must be an integer greater than or equal to 0");let r=(e-1).toString(2).length,i=r%8,n=new Uint8Array(Math.ceil(r/8));crypto.getRandomValues(n),i!==0&&(n[0]&=(1<<i)-1);let o=R(n);for(;o>=e;)crypto.getRandomValues(n),i!==0&&(n[0]&=(1<<i)-1),o=R(n);return o}function D(e,r){let i="";for(let n=0;n<e;n++)i+=r[Z(r.length)];return i}function B(...e){let r=new Set(e),i="";for(let n of r)n==="a-z"?i+="abcdefghijklmnopqrstuvwxyz":n==="A-Z"?i+="ABCDEFGHIJKLMNOPQRSTUVWXYZ":n==="0-9"?i+="0123456789":i+=n;return i}var h=e=>D(e||21,B("a-z","0-9","A-Z"));var T=class extends Error{constructor(r,i){super(r),this.name="BetterAuthError",this.message=r,this.cause=i,this.stack=""}};import{Kysely as V,MssqlDialect as G}from"kysely";import{MysqlDialect as M,PostgresDialect as U,SqliteDialect as K}from"kysely";import{createConsola as z}from"consola";var A=z({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),J=e=>({log:(...r)=>{!e?.disabled&&A.log("",...r)},error:(...r)=>{!e?.disabled&&A.error("",...r)},warn:(...r)=>{!e?.disabled&&A.warn("",...r)},info:(...r)=>{!e?.disabled&&A.info("",...r)},debug:(...r)=>{!e?.disabled&&A.debug("",...r)},box:(...r)=>{!e?.disabled&&A.box("",...r)},success:(...r)=>{!e?.disabled&&A.success("",...r)},break:(...r)=>{!e?.disabled&&console.log(`
-`)}}),N=J();function C(e){if("dialect"in e)return C(e.dialect);if("createDriver"in e){if(e instanceof K)return"sqlite";if(e instanceof M)return"mysql";if(e instanceof U)return"postgres";if(e instanceof G)return"mssql"}return"aggregate"in e?"sqlite":"getConnection"in e?"mysql":"connect"in e?"postgres":null}var I=async e=>{let r=e.database;if("db"in r)return{kysely:r.db,databaseType:r.type};if("dialect"in r)return{kysely:new V({dialect:r.dialect}),databaseType:r.type};let i,n=C(r);return"createDriver"in r&&(i=r),"aggregate"in r&&(i=new K({database:r})),"getConnection"in r&&(i=new M({pool:r})),"connect"in r&&(i=new U({pool:r})),{kysely:i?new V({dialect:i}):null,databaseType:n}};import"kysely";function j(e){let r=g(e),i={};for(let n in r){let o=r[n],s=o.fields,l={};if(Object.entries(s).forEach(([c,t])=>{l[t.fieldName||c]=t}),i[o.tableName]){i[o.tableName].fields={...i[o.tableName].fields,...l};continue}i[o.tableName]={fields:l,order:o.order||1/0}}return i}var _={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},X={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},Y={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},Q={string:["nvarchar","varchar"],number:["int","bigint","smallint","decimal","float","double"],boolean:["bit","boolean"],date:["datetime","date"]},ee={postgres:_,mysql:X,sqlite:Y,mssql:Q};function te(e,r,i){return r==="string[]"||r==="number[]"?e.toLowerCase().includes("json"):ee[i][r].map(l=>l.toLowerCase()).includes(e.toLowerCase())}async function E(e){let r=j(e),{kysely:i,databaseType:n}=await I(e);n||(N.warn("Could not determine database type, defaulting to sqlite. Please provide a type in the database options to avoid this."),n="sqlite"),i||(N.error("Only kysely adapter is supported for migrations. You can use `generate` command to generate the schema, if you're using a different adapter."),process.exit(1));let o=await i.introspection.getTables(),s=[],l=[];for(let[u,f]of Object.entries(r)){let y=o.find(p=>p.name===u);if(!y){let p=s.findIndex(w=>w.table===u),b={table:u,fields:f.fields,order:f.order||1/0},x=s.findIndex(w=>(w.order||1/0)>b.order);x===-1?p===-1?s.push(b):s[p].fields={...s[p].fields,...f.fields}:s.splice(x,0,b);continue}let m={};for(let[p,b]of Object.entries(f.fields)){let x=y.columns.find(w=>w.name===p);if(!x){m[p]=b;continue}te(x.dataType,b.type,n)||N.warn(`Field ${p} in table ${u} has a different type in the database. Expected ${b.type} but got ${x.dataType}.`)}Object.keys(m).length>0&&l.push({table:u,fields:m,order:f.order||1/0})}let c=[];function t(u){let f={string:"text",boolean:"boolean",number:"integer",date:"date"};return n==="mysql"&&u==="string"?"varchar(255)":n==="sqlite"&&(u==="string[]"||u==="number[]")?"text":u==="string[]"||u==="number[]"?"jsonb":f[u]}if(l.length)for(let u of l)for(let[f,y]of Object.entries(u.fields)){let m=t(y.type),p=i.schema.alterTable(u.table).addColumn(f,m,b=>(b=y.required!==!1?b.notNull():b,y.references&&(b=b.references(`${y.references.model}.${y.references.field}`)),b));c.push(p)}if(s.length)for(let u of s){let f=i.schema.createTable(u.table).addColumn("id",t("string"),y=>y.primaryKey());for(let[y,m]of Object.entries(u.fields)){let p=t(m.type);f=f.addColumn(y,p,b=>(b=m.required!==!1?b.notNull():b,m.references&&(b=b.references(`${m.references.model}.${m.references.field}`)),m.unique&&(b=b.unique()),b))}c.push(f)}async function a(){for(let u of c)await u.execute()}async function d(){return c.map(f=>f.compile().sql).join(`;
+var v=(e,r="ms")=>new Date(Date.now()+(r==="sec"?e*1e3:e));var g=e=>{let r=e.plugins?.reduce((t,a)=>{let o=a.schema;if(!o)return t;for(let[u,f]of Object.entries(o))t[u]={fields:{...t[u]?.fields,...f.fields},tableName:f.tableName||u};return t},{}),i=e.rateLimit?.storage==="database",n={rateLimit:{tableName:e.rateLimit?.tableName||"rateLimit",fields:{key:{type:"string",fieldName:e.rateLimit?.fields?.key||"key"},count:{type:"number",fieldName:e.rateLimit?.fields?.count||"count"},lastRequest:{type:"number",fieldName:e.rateLimit?.fields?.lastRequest||"lastRequest"}}}},{user:d,session:s,account:l,...c}=r||{};return{user:{tableName:e.user?.modelName||"user",fields:{name:{type:"string",required:!0,fieldName:e.user?.fields?.name||"name"},email:{type:"string",unique:!0,required:!0,fieldName:e.user?.fields?.email||"email"},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0,fieldName:e.user?.fields?.emailVerified||"emailVerified"},image:{type:"string",required:!1,fieldName:e.user?.fields?.image||"image"},createdAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.createdAt||"createdAt"},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.updatedAt||"updatedAt"},...d?.fields,...e.user?.additionalFields},order:1},session:{tableName:e.session?.modelName||"session",fields:{expiresAt:{type:"date",required:!0,fieldName:e.session?.fields?.expiresAt||"expiresAt"},ipAddress:{type:"string",required:!1,fieldName:e.session?.fields?.ipAddress||"ipAddress"},userAgent:{type:"string",required:!1,fieldName:e.session?.fields?.userAgent||"userAgent"},userId:{type:"string",fieldName:e.session?.fields?.userId||"userId",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0},...s?.fields,...e.session?.additionalFields},order:2},account:{tableName:e.account?.modelName||"account",fields:{accountId:{type:"string",required:!0,fieldName:e.account?.fields?.accountId||"accountId"},providerId:{type:"string",required:!0,fieldName:e.account?.fields?.providerId||"providerId"},userId:{type:"string",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0,fieldName:e.account?.fields?.userId||"userId"},accessToken:{type:"string",required:!1,fieldName:e.account?.fields?.accessToken||"accessToken"},refreshToken:{type:"string",required:!1,fieldName:e.account?.fields?.refreshToken||"refreshToken"},idToken:{type:"string",required:!1,fieldName:e.account?.fields?.idToken||"idToken"},expiresAt:{type:"date",required:!1,fieldName:e.account?.fields?.expiresAt||"expiresAt"},password:{type:"string",required:!1,fieldName:e.account?.fields?.password||"password"},...l?.fields},order:3},verification:{tableName:e.verification?.modelName||"verification",fields:{identifier:{type:"string",required:!0,fieldName:e.verification?.fields?.identifier||"identifier"},value:{type:"string",required:!0,fieldName:e.verification?.fields?.value||"value"},expiresAt:{type:"date",required:!0,fieldName:e.verification?.fields?.expiresAt||"expiresAt"}},order:4},...c,...i?n:{}}};function W(e){return e.toString(2).padStart(8,"0")}function $(e){return[...e].map(r=>W(r)).join("")}function R(e){return parseInt($(e),2)}function H(e){if(e<0||!Number.isInteger(e))throw new Error("Argument 'max' must be an integer greater than or equal to 0");let r=(e-1).toString(2).length,i=r%8,n=new Uint8Array(Math.ceil(r/8));crypto.getRandomValues(n),i!==0&&(n[0]&=(1<<i)-1);let d=R(n);for(;d>=e;)crypto.getRandomValues(n),i!==0&&(n[0]&=(1<<i)-1),d=R(n);return d}function D(e,r){let i="";for(let n=0;n<e;n++)i+=r[H(r.length)];return i}function B(...e){let r=new Set(e),i="";for(let n of r)n==="a-z"?i+="abcdefghijklmnopqrstuvwxyz":n==="A-Z"?i+="ABCDEFGHIJKLMNOPQRSTUVWXYZ":n==="0-9"?i+="0123456789":i+=n;return i}var h=e=>D(e||21,B("a-z","0-9","A-Z"));var T=class extends Error{constructor(r,i){super(r),this.name="BetterAuthError",this.message=r,this.cause=i,this.stack=""}};import{Kysely as V,MssqlDialect as J}from"kysely";import{MysqlDialect as U,PostgresDialect as M,SqliteDialect as K}from"kysely";import{createConsola as Z}from"consola";var A=Z({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),z=e=>({log:(...r)=>{!e?.disabled&&A.log("",...r)},error:(...r)=>{!e?.disabled&&A.error("",...r)},warn:(...r)=>{!e?.disabled&&A.warn("",...r)},info:(...r)=>{!e?.disabled&&A.info("",...r)},debug:(...r)=>{!e?.disabled&&A.debug("",...r)},box:(...r)=>{!e?.disabled&&A.box("",...r)},success:(...r)=>{!e?.disabled&&A.success("",...r)},break:(...r)=>{!e?.disabled&&console.log(`
+`)}}),N=z();function C(e){if("dialect"in e)return C(e.dialect);if("createDriver"in e){if(e instanceof K)return"sqlite";if(e instanceof U)return"mysql";if(e instanceof M)return"postgres";if(e instanceof J)return"mssql"}return"aggregate"in e?"sqlite":"getConnection"in e?"mysql":"connect"in e?"postgres":null}var I=async e=>{let r=e.database;if("db"in r)return{kysely:r.db,databaseType:r.type};if("dialect"in r)return{kysely:new V({dialect:r.dialect}),databaseType:r.type};let i,n=C(r);return"createDriver"in r&&(i=r),"aggregate"in r&&(i=new K({database:r})),"getConnection"in r&&(i=new U({pool:r})),"connect"in r&&(i=new M({pool:r})),{kysely:i?new V({dialect:i}):null,databaseType:n}};import"kysely";function j(e){let r=g(e),i={};for(let n in r){let d=r[n],s=d.fields,l={};if(Object.entries(s).forEach(([c,t])=>{l[t.fieldName||c]=t}),i[d.tableName]){i[d.tableName].fields={...i[d.tableName].fields,...l};continue}i[d.tableName]={fields:l,order:d.order||1/0}}return i}var G={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},_={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},X={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},Y={string:["nvarchar","varchar"],number:["int","bigint","smallint","decimal","float","double"],boolean:["bit","boolean"],date:["datetime","date"]},Q={postgres:G,mysql:_,sqlite:X,mssql:Y};function ee(e,r,i){return r==="string[]"||r==="number[]"?e.toLowerCase().includes("json"):Q[i][r].map(l=>l.toLowerCase()).includes(e.toLowerCase())}async function xe(e){let r=j(e),{kysely:i,databaseType:n}=await I(e);n||(N.warn("Could not determine database type, defaulting to sqlite. Please provide a type in the database options to avoid this."),n="sqlite"),i||(N.error("Only kysely adapter is supported for migrations. You can use `generate` command to generate the schema, if you're using a different adapter."),process.exit(1));let d=await i.introspection.getTables(),s=[],l=[];for(let[u,f]of Object.entries(r)){let y=d.find(p=>p.name===u);if(!y){let p=s.findIndex(w=>w.table===u),b={table:u,fields:f.fields,order:f.order||1/0},x=s.findIndex(w=>(w.order||1/0)>b.order);x===-1?p===-1?s.push(b):s[p].fields={...s[p].fields,...f.fields}:s.splice(x,0,b);continue}let m={};for(let[p,b]of Object.entries(f.fields)){let x=y.columns.find(w=>w.name===p);if(!x){m[p]=b;continue}ee(x.dataType,b.type,n)||N.warn(`Field ${p} in table ${u} has a different type in the database. Expected ${b.type} but got ${x.dataType}.`)}Object.keys(m).length>0&&l.push({table:u,fields:m,order:f.order||1/0})}let c=[];function t(u){let f={string:"text",boolean:"boolean",number:"integer",date:"date"};return n==="mysql"&&u==="string"?"varchar(255)":n==="sqlite"&&(u==="string[]"||u==="number[]")?"text":u==="string[]"||u==="number[]"?"jsonb":f[u]}if(l.length)for(let u of l)for(let[f,y]of Object.entries(u.fields)){let m=t(y.type),p=i.schema.alterTable(u.table).addColumn(f,m,b=>(b=y.required!==!1?b.notNull():b,y.references&&(b=b.references(`${y.references.model}.${y.references.field}`)),b));c.push(p)}if(s.length)for(let u of s){let f=i.schema.createTable(u.table).addColumn("id",t("string"),y=>y.primaryKey());for(let[y,m]of Object.entries(u.fields)){let p=t(m.type);f=f.addColumn(y,p,b=>(b=m.required!==!1?b.notNull():b,m.references&&(b=b.references(`${m.references.model}.${m.references.field}`)),m.unique&&(b=b.unique()),b))}c.push(f)}async function a(){for(let u of c)await u.execute()}async function o(){return c.map(f=>f.compile().sql).join(`;
-`)}return{toBeCreated:s,toBeAdded:l,runMigrations:a,compileMigrations:d}}function k(e){if(!e)return{and:null,or:null};let r=e?.filter(n=>n.connector==="AND"||!n.connector).reduce((n,o)=>({...n,[o.field]:o.value}),{}),i=e?.filter(n=>n.connector==="OR").reduce((n,o)=>({...n,[o.field]:o.value}),{});return{and:Object.keys(r).length?r:null,or:Object.keys(i).length?i:null}}function O(e,r,i){for(let n in e)e[n]===0&&r[n]?.type==="boolean"&&i?.boolean&&(e[n]=!1),e[n]===1&&r[n]?.type==="boolean"&&i?.boolean&&(e[n]=!0),r[n]?.type==="date"&&(e[n]instanceof Date||(e[n]=new Date(e[n])));return e}function P(e,r){for(let i in e)typeof e[i]=="boolean"&&r?.boolean&&(e[i]=e[i]?1:0),e[i]instanceof Date&&(e[i]=e[i].toISOString());return e}var L=(e,r)=>({id:"kysely",async create(i){let{model:n,data:o,select:s}=i;r?.transform&&(o=P(o,r.transform));let l=await e.insertInto(n).values(o).returningAll().executeTakeFirst();if(r?.transform){let c=r.transform.schema[n];l=c?O(o,c,r.transform):l}return s?.length&&(l=l?s.reduce((t,a)=>l?.[a]?{...t,[a]:l[a]}:t,{}):null),l},async findOne(i){let{model:n,where:o,select:s}=i,{and:l,or:c}=k(o),t=e.selectFrom(n).selectAll();c&&(t=t.where(d=>d.or(c))),l&&(t=t.where(d=>d.and(l)));let a=await t.executeTakeFirst();if(s?.length&&(a=a?s.reduce((u,f)=>a?.[f]?{...u,[f]:a[f]}:u,{}):null),r?.transform){let d=r.transform.schema[n];return a=a&&d?O(a,d,r.transform):a,a||null}return a||null},async findMany(i){let{model:n,where:o,limit:s,offset:l,sortBy:c}=i,t=e.selectFrom(n),{and:a,or:d}=k(o);a&&(t=t.where(f=>f.and(a))),d&&(t=t.where(f=>f.or(d))),t=t.limit(s||100),l&&(t=t.offset(l)),c&&(t=t.orderBy(c.field,c.direction));let u=await t.selectAll().execute();if(r?.transform){let f=r.transform.schema[n];return f?u.map(y=>O(y,f,r.transform)):u}return u},async update(i){let{model:n,where:o,update:s}=i,{and:l,or:c}=k(o);r?.transform&&(s=P(s,r.transform));let t=e.updateTable(n).set(s);l&&(t=t.where(d=>d.and(l))),c&&(t=t.where(d=>d.or(c)));let a=await t.returningAll().executeTakeFirst()||null;if(r?.transform){let d=r.transform.schema[n];return d?O(a,d,r.transform):a}return a},async delete(i){let{model:n,where:o}=i,{and:s,or:l}=k(o),c=e.deleteFrom(n);s&&(c=c.where(t=>t.and(s))),l&&(c=c.where(t=>t.or(l))),await c.execute()},async createSchema(i){let{compileMigrations:n}=await E(i);return{code:await n(),fileName:`./better-auth_migrations/${new Date().toISOString().replace(/:/g,"-")}.sql`}}});async function Se(e,r){if(!e.database)throw new T("Database configuration is required");if("create"in e.database)return e.database;let{kysely:i,databaseType:n}=await I(e);if(!i)throw new T("Failed to initialize database adapter");let o=g(e),s={};for(let l of Object.values(o))s[l.tableName]=l.fields;return L(i,{transform:{schema:s,date:!0,boolean:n==="sqlite"}})}function q(e,r){let i={id:r.id};for(let n in e){let o=e[n],s=r[n];i[o.fieldName||n]=s}return i}function S(e,r){if(!r)return null;let i={id:r.id};for(let[n,o]of Object.entries(e))i[n]=r[o.fieldName||n];return i}function W(e,r){let i=r.hooks,n=g(r.options);async function o(l,c,t){let a=l,d=n[c];for(let y of i||[]){let m=y[c]?.create?.before;if(m){let p=await m(l);if(p===!1)return null;typeof p=="object"&&"data"in p&&(a=p.data)}}let u=t?await t.fn(a):null,f=!t||t.executeMainFn?await e.create({model:d.tableName,data:{id:h(),...q(d.fields,a)}}):u;for(let y of i||[]){let m=y[c]?.create?.after;m&&await m(f)}return S(d.fields,f)}async function s(l,c,t,a){let d=l;for(let y of i||[]){let m=y[t]?.update?.before;if(m){let p=await m(l);if(p===!1)return null;d=typeof p=="object"?p.data:p}}let u=a?await a.fn(d):null,f=!a||a.executeMainFn?await e.update({model:n[t].tableName,update:q(n[t].fields,d),where:c}):u;for(let y of i||[]){let m=y[t]?.update?.after;m&&await m(f)}return S(n[t].fields,f)}return{createWithHooks:o,updateWithHooks:s}}var Ee=(e,r)=>{let i=r.options,n=i.secondaryStorage,o=i.session?.expiresIn||60*60*24*7,s=g(i),{createWithHooks:l,updateWithHooks:c}=W(e,r);return{createOAuthUser:async(t,a)=>{try{let d=await l(t,"user"),u=await l(a,"account");return{user:d,account:u}}catch(d){return console.log(d),null}},createUser:async t=>await l({id:h(),createdAt:new Date,updatedAt:new Date,emailVerified:!1,...t},"user"),listSessions:async t=>await e.findMany({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]}),listUsers:async(t,a,d)=>await e.findMany({model:s.user.tableName,limit:t,offset:a,sortBy:d}),deleteUser:async t=>{await e.delete({model:s.account.tableName,where:[{field:s.account.fields.userId.fieldName||"userId",value:t}]}),await e.delete({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]}),await e.delete({model:s.user.tableName,where:[{field:"id",value:t}]})},createSession:async(t,a,d,u)=>{let f=a instanceof Request?a.headers:a,y={id:h(),userId:t,expiresAt:d?v(60*60*24,"sec"):v(o,"sec"),ipAddress:f?.get("x-forwarded-for")||"",userAgent:f?.get("user-agent")||"",...u};return await l(y,"session",n?{fn:async p=>{let b=await e.findOne({model:s.user.tableName,where:[{field:"id",value:t}]});return n.set(p.id,JSON.stringify({session:p,user:b}),o),p},executeMainFn:i.session?.storeSessionInDatabase}:void 0)},findSession:async t=>{if(n){let u=await n.get(t);if(u){let f=JSON.parse(u);return{session:{...f.session,expiresAt:new Date(f.session.expiresAt)},user:{...f.user,createdAt:new Date(f.user.createdAt),updatedAt:new Date(f.user.updatedAt)}}}}let a=await e.findOne({model:s.session.tableName,where:[{value:t,field:"id"}]});if(!a)return null;let d=await e.findOne({model:s.user.tableName,where:[{value:a.userId,field:"id"}]});return d?{session:a,user:d}:null},updateSession:async(t,a)=>await c(a,[{field:"id",value:t}],"session",n?{async fn(u){let f=await n.get(t),y=null;if(f){let m=JSON.parse(f);y={...m.session,...u},await n.set(t,JSON.stringify({session:y,user:m.user}),m.session.expiresAt?new Date(m.session.expiresAt).getTime():void 0)}else return null},executeMainFn:i.session?.storeSessionInDatabase}:void 0),deleteSession:async t=>{if(n){await n.delete(t),i.session?.storeSessionInDatabase&&await e.delete({model:s.session.tableName,where:[{field:"id",value:t}]});return}await e.delete({model:s.session.tableName,where:[{field:"id",value:t}]})},deleteSessions:async t=>{if(n){let a=await e.findMany({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]});for(let d of a)await n.delete(d.id);i.session?.storeSessionInDatabase&&await e.delete({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]});return}await e.delete({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]})},findUserByEmail:async(t,a)=>{let d=await e.findOne({model:s.user.tableName,where:[{value:t.toLowerCase(),field:s.user.fields.email.fieldName||"email"}]});if(!d)return null;if(a?.includeAccounts){let u=await e.findMany({model:s.account.tableName,where:[{value:d.id,field:s.account.fields.userId.fieldName||"userId"}]});return{user:d,accounts:u}}return{user:d,accounts:[]}},findUserById:async t=>await e.findOne({model:s.user.tableName,where:[{field:"id",value:t}]}),linkAccount:async t=>await l({id:h(),...t},"account"),updateUser:async(t,a)=>await c(a,[{field:"id",value:t}],"user"),updateUserByEmail:async(t,a)=>await c(a,[{field:"email",value:t}],"user"),updatePassword:async(t,a)=>await c({password:a},[{field:"userId",value:t},{field:"providerId",value:"credential"}],"account"),findAccounts:async t=>await e.findMany({model:s.account.tableName,where:[{field:s.account.fields.userId.fieldName||"userId",value:t}]}),updateAccount:async(t,a)=>await c(a,[{field:"id",value:t}],"account"),createVerificationValue:async t=>await l({id:h(),...t},"verification"),findVerificationValue:async t=>await e.findOne({model:s.verification.tableName,where:[{field:s.verification.fields.identifier.fieldName||"identifier",value:t}]}),deleteVerificationValue:async t=>{await e.delete({model:s.verification.tableName,where:[{field:"id",value:t}]})},updateVerificationValue:async(t,a)=>await c(a,[{field:"id",value:t}],"verification")}};var Le=(e,r)=>({type:e,...r});import{z as F}from"zod";function He(e){return F.object({...Object.keys(e).reduce((i,n)=>{let o=e[n];if(!o)return i;if(o.type==="string[]"||o.type==="number[]")return{...i,[n]:F.array(o.type==="string[]"?F.string():F.number())};let s=F[o.type]();return o?.required===!1&&(s=s.optional()),o?.returned===!1?i:{...i,[n]:s}},{})})}export{S as convertFromDB,q as convertToDB,Le as createFieldAttribute,Ee as createInternalAdapter,Se as getAdapter,g as getAuthTables,E as getMigrations,j as getSchema,W as getWithHooks,te as matchType,He as toZodSchema};
+`)}return{toBeCreated:s,toBeAdded:l,runMigrations:a,compileMigrations:o}}function k(e){if(!e)return{and:null,or:null};let r=e?.filter(n=>n.connector==="AND"||!n.connector).reduce((n,d)=>({...n,[d.field]:d.value}),{}),i=e?.filter(n=>n.connector==="OR").reduce((n,d)=>({...n,[d.field]:d.value}),{});return{and:Object.keys(r).length?r:null,or:Object.keys(i).length?i:null}}function O(e,r,i){for(let n in e)e[n]===0&&r[n]?.type==="boolean"&&i?.boolean&&(e[n]=!1),e[n]===1&&r[n]?.type==="boolean"&&i?.boolean&&(e[n]=!0),r[n]?.type==="date"&&(e[n]instanceof Date||(e[n]=new Date(e[n])));return e}function E(e,r){for(let i in e)typeof e[i]=="boolean"&&r?.boolean&&(e[i]=e[i]?1:0),e[i]instanceof Date&&(e[i]=e[i].toISOString());return e}var P=(e,r)=>({id:"kysely",async create(i){let{model:n,data:d,select:s}=i;r?.transform&&(d=E(d,r.transform));let l=await e.insertInto(n).values(d).returningAll().executeTakeFirst();if(r?.transform){let c=r.transform.schema[n];l=c?O(d,c,r.transform):l}return s?.length&&(l=l?s.reduce((t,a)=>l?.[a]?{...t,[a]:l[a]}:t,{}):null),l},async findOne(i){let{model:n,where:d,select:s}=i,{and:l,or:c}=k(d),t=e.selectFrom(n).selectAll();c&&(t=t.where(o=>o.or(c))),l&&(t=t.where(o=>o.and(l)));let a=await t.executeTakeFirst();if(s?.length&&(a=a?s.reduce((u,f)=>a?.[f]?{...u,[f]:a[f]}:u,{}):null),r?.transform){let o=r.transform.schema[n];return a=a&&o?O(a,o,r.transform):a,a||null}return a||null},async findMany(i){let{model:n,where:d,limit:s,offset:l,sortBy:c}=i,t=e.selectFrom(n),{and:a,or:o}=k(d);a&&(t=t.where(f=>f.and(a))),o&&(t=t.where(f=>f.or(o))),t=t.limit(s||100),l&&(t=t.offset(l)),c&&(t=t.orderBy(c.field,c.direction));let u=await t.selectAll().execute();if(r?.transform){let f=r.transform.schema[n];return f?u.map(y=>O(y,f,r.transform)):u}return u},async update(i){let{model:n,where:d,update:s}=i,{and:l,or:c}=k(d);r?.transform&&(s=E(s,r.transform));let t=e.updateTable(n).set(s);l&&(t=t.where(o=>o.and(l))),c&&(t=t.where(o=>o.or(c)));let a=await t.returningAll().executeTakeFirst()||null;if(r?.transform){let o=r.transform.schema[n];return o?O(a,o,r.transform):a}return a},async delete(i){let{model:n,where:d}=i,{and:s,or:l}=k(d),c=e.deleteFrom(n);s&&(c=c.where(t=>t.and(s))),l&&(c=c.where(t=>t.or(l))),await c.execute()}});async function Re(e,r){if(!e.database)throw new T("Database configuration is required");if("create"in e.database)return e.database;let{kysely:i,databaseType:n}=await I(e);if(!i)throw new T("Failed to initialize database adapter");let d=g(e),s={};for(let l of Object.values(d))s[l.tableName]=l.fields;return P(i,{transform:{schema:s,date:!0,boolean:n==="sqlite"}})}function q(e,r){let i={id:r.id};for(let n in e){let d=e[n],s=r[n];i[d.fieldName||n]=s}return i}function S(e,r){if(!r)return null;let i={id:r.id};for(let[n,d]of Object.entries(e))i[n]=r[d.fieldName||n];return i}function L(e,r){let i=r.hooks,n=g(r.options);async function d(l,c,t){let a=l,o=n[c];for(let y of i||[]){let m=y[c]?.create?.before;if(m){let p=await m(l);if(p===!1)return null;typeof p=="object"&&"data"in p&&(a=p.data)}}let u=t?await t.fn(a):null,f=!t||t.executeMainFn?await e.create({model:o.tableName,data:{id:h(),...q(o.fields,a)}}):u;for(let y of i||[]){let m=y[c]?.create?.after;m&&await m(f)}return S(o.fields,f)}async function s(l,c,t,a){let o=l;for(let y of i||[]){let m=y[t]?.update?.before;if(m){let p=await m(l);if(p===!1)return null;o=typeof p=="object"?p.data:p}}let u=a?await a.fn(o):null,f=!a||a.executeMainFn?await e.update({model:n[t].tableName,update:q(n[t].fields,o),where:c}):u;for(let y of i||[]){let m=y[t]?.update?.after;m&&await m(f)}return S(n[t].fields,f)}return{createWithHooks:d,updateWithHooks:s}}var Pe=(e,r)=>{let i=r.options,n=i.secondaryStorage,d=i.session?.expiresIn||60*60*24*7,s=g(i),{createWithHooks:l,updateWithHooks:c}=L(e,r);return{createOAuthUser:async(t,a)=>{try{let o=await l(t,"user"),u=await l(a,"account");return{user:o,account:u}}catch(o){return console.log(o),null}},createUser:async t=>await l({id:h(),createdAt:new Date,updatedAt:new Date,emailVerified:!1,...t},"user"),listSessions:async t=>await e.findMany({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]}),listUsers:async(t,a,o)=>await e.findMany({model:s.user.tableName,limit:t,offset:a,sortBy:o}),deleteUser:async t=>{await e.delete({model:s.account.tableName,where:[{field:s.account.fields.userId.fieldName||"userId",value:t}]}),await e.delete({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]}),await e.delete({model:s.user.tableName,where:[{field:"id",value:t}]})},createSession:async(t,a,o,u)=>{let f=a instanceof Request?a.headers:a,y={id:h(),userId:t,expiresAt:o?v(60*60*24,"sec"):v(d,"sec"),ipAddress:f?.get("x-forwarded-for")||"",userAgent:f?.get("user-agent")||"",...u};return await l(y,"session",n?{fn:async p=>{let b=await e.findOne({model:s.user.tableName,where:[{field:"id",value:t}]});return n.set(p.id,JSON.stringify({session:p,user:b}),d),p},executeMainFn:i.session?.storeSessionInDatabase}:void 0)},findSession:async t=>{if(n){let u=await n.get(t);if(u){let f=JSON.parse(u);return{session:{...f.session,expiresAt:new Date(f.session.expiresAt)},user:{...f.user,createdAt:new Date(f.user.createdAt),updatedAt:new Date(f.user.updatedAt)}}}}let a=await e.findOne({model:s.session.tableName,where:[{value:t,field:"id"}]});if(!a)return null;let o=await e.findOne({model:s.user.tableName,where:[{value:a.userId,field:"id"}]});return o?{session:a,user:o}:null},updateSession:async(t,a)=>await c(a,[{field:"id",value:t}],"session",n?{async fn(u){let f=await n.get(t),y=null;if(f){let m=JSON.parse(f);y={...m.session,...u},await n.set(t,JSON.stringify({session:y,user:m.user}),m.session.expiresAt?new Date(m.session.expiresAt).getTime():void 0)}else return null},executeMainFn:i.session?.storeSessionInDatabase}:void 0),deleteSession:async t=>{if(n){await n.delete(t),i.session?.storeSessionInDatabase&&await e.delete({model:s.session.tableName,where:[{field:"id",value:t}]});return}await e.delete({model:s.session.tableName,where:[{field:"id",value:t}]})},deleteSessions:async t=>{if(n){let a=await e.findMany({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]});for(let o of a)await n.delete(o.id);i.session?.storeSessionInDatabase&&await e.delete({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]});return}await e.delete({model:s.session.tableName,where:[{field:s.session.fields.userId.fieldName||"userId",value:t}]})},findUserByEmail:async(t,a)=>{let o=await e.findOne({model:s.user.tableName,where:[{value:t.toLowerCase(),field:s.user.fields.email.fieldName||"email"}]});if(!o)return null;if(a?.includeAccounts){let u=await e.findMany({model:s.account.tableName,where:[{value:o.id,field:s.account.fields.userId.fieldName||"userId"}]});return{user:o,accounts:u}}return{user:o,accounts:[]}},findUserById:async t=>await e.findOne({model:s.user.tableName,where:[{field:"id",value:t}]}),linkAccount:async t=>await l({id:h(),...t},"account"),updateUser:async(t,a)=>await c(a,[{field:"id",value:t}],"user"),updateUserByEmail:async(t,a)=>await c(a,[{field:"email",value:t}],"user"),updatePassword:async(t,a)=>await c({password:a},[{field:"userId",value:t},{field:"providerId",value:"credential"}],"account"),findAccounts:async t=>await e.findMany({model:s.account.tableName,where:[{field:s.account.fields.userId.fieldName||"userId",value:t}]}),updateAccount:async(t,a)=>await c(a,[{field:"id",value:t}],"account"),createVerificationValue:async t=>await l({id:h(),...t},"verification"),findVerificationValue:async t=>await e.findOne({model:s.verification.tableName,where:[{field:s.verification.fields.identifier.fieldName||"identifier",value:t}]}),deleteVerificationValue:async t=>{await e.delete({model:s.verification.tableName,where:[{field:"id",value:t}]})},updateVerificationValue:async(t,a)=>await c(a,[{field:"id",value:t}],"verification")}};var We=(e,r)=>({type:e,...r});import{z as F}from"zod";function Ze(e){return F.object({...Object.keys(e).reduce((i,n)=>{let d=e[n];if(!d)return i;if(d.type==="string[]"||d.type==="number[]")return{...i,[n]:F.array(d.type==="string[]"?F.string():F.number())};let s=F[d.type]();return d?.required===!1&&(s=s.optional()),d?.returned===!1?i:{...i,[n]:s}},{})})}export{S as convertFromDB,q as convertToDB,We as createFieldAttribute,Pe as createInternalAdapter,Re as getAdapter,g as getAuthTables,xe as getMigrations,j as getSchema,L as getWithHooks,ee as matchType,Ze as toZodSchema};