better-auth 0.5.1-beta.7 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/drizzle.d.ts +1 -1
- package/dist/adapters/drizzle.js +1 -1
- package/dist/adapters/kysely.d.ts +1 -1
- package/dist/adapters/kysely.js +1 -1
- package/dist/adapters/mongodb.d.ts +5 -1
- package/dist/adapters/mongodb.js +1 -1
- package/dist/adapters/prisma.d.ts +1 -1
- package/dist/adapters/prisma.js +1 -1
- package/dist/api.d.ts +1 -1
- package/dist/{auth-DjdpyuSI.d.ts → auth-DQcxQWzj.d.ts} +4 -0
- package/dist/client/plugins.d.ts +3 -3
- package/dist/client.d.ts +1 -1
- package/dist/cookies.d.ts +1 -1
- package/dist/db.d.ts +2 -2
- package/dist/db.js +3 -3
- package/dist/{index-CC56XGNu.d.ts → index-DZhhf9eD.d.ts} +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.js +4 -4
- package/dist/node.d.ts +1 -1
- package/dist/plugins.d.ts +3 -3
- package/dist/react.d.ts +1 -1
- package/dist/solid-start.d.ts +1 -1
- package/dist/solid.d.ts +1 -1
- package/dist/svelte-kit.d.ts +1 -1
- package/dist/svelte.d.ts +1 -1
- package/dist/types.d.ts +2 -2
- package/dist/vue.d.ts +1 -1
- package/dist/vue.js +1 -1
- package/package.json +1 -1
package/dist/adapters/drizzle.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{and as g,asc as
|
|
1
|
+
import{and as g,asc as P,desc as v,eq as p,or as z,inArray as w}from"drizzle-orm";var d=class extends Error{constructor(r,l){super(r),this.name="BetterAuthError",this.message=r,this.cause=l,this.stack=""}};function f(t,r){let l=r.schema;if(!l)throw new d("Drizzle adapter failed to initialize. Schema not found. Please provide a schema object in the adapter options object.");let c=r.usePlural?`${t}s`:t,s=l[c];if(!s)throw new d(`[# Drizzle Adapter]: The model "${t}" was not found in the schema object. Please pass the schema directly to the adapter options.`);return s}function m(t,r){if(!t)return[];if(t.length===1){let e=t[0];if(!e)return[];if(e.operator==="in"){if(!Array.isArray(e.value))throw new d(`The value for the field "${e.field}" must be an array when using the "in" operator.`);return[w(r[e.field],e.value)]}return[p(r[e.field],e.value)]}let l=t.filter(e=>e.connector==="AND"||!e.connector),c=t.filter(e=>e.connector==="OR"),s=g(...l.map(e=>{if(e.operator==="in"){if(!Array.isArray(e.value))throw new d(`The value for the field "${e.field}" must be an array when using the "in" operator.`);return w(r[e.field],e.value)}return p(r[e.field],e.value)})),i=z(...c.map(e=>p(r[e.field],e.value))),n=[];return l.length&&n.push(s),c.length&&n.push(i),n}var M=(t,r)=>{let l=r.schema||t._.fullSchema,c=r?.provider;return{id:"drizzle",async create(s){let{model:i,data:n}=s,e=f(i,{schema:l,usePlural:r.usePlural});r.generateId!==void 0&&(n.id=r.generateId?r.generateId():void 0);let a=t.insert(e).values(n);return c!=="mysql"?(await a.returning())[0]:(await a,(await t.select().from(e).where(p(e.id,s.data.id)))[0])},async findOne(s){let{model:i,where:n,select:e}=s,a=f(i,{schema:l,usePlural:r.usePlural}),u=m(n,a),o=null;return e?.length?o=await t.select(...e.map(h=>({[h]:a[h]}))).from(a).where(...u):o=await t.select().from(a).where(...u),o.length?o[0]:null},async findMany(s){let{model:i,where:n,limit:e,offset:a,sortBy:u}=s,o=f(i,{schema:l,usePlural:r.usePlural}),h=n?m(n,o):[],y=u?.direction==="desc"?v:P;return await t.select().from(o).limit(e||100).offset(a||0).orderBy(y(o[u?.field||"id"])).where(...h.length?h:[])},async update(s){let{model:i,where:n,update:e}=s,a=f(i,{schema:l,usePlural:r.usePlural}),u=m(n,a),o=t.update(a).set(e).where(...u);return c!=="mysql"?(await o.returning())[0]:(await o,(await t.select().from(a).where(p(a.id,s.update.id)))[0])},async delete(s){let{model:i,where:n}=s,e=f(i,{schema:l,usePlural:r.usePlural}),a=m(n,e);return(await t.delete(e).where(...a))[0]},async deleteMany(s){let{model:i,where:n}=s,e=f(i,{schema:l,usePlural:r.usePlural}),a=m(n,e);await t.delete(e).where(...a)},options:r}};export{M as drizzleAdapter};
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { Kysely } from 'kysely';
|
|
2
|
-
import { B as BetterAuthOptions, K as KyselyDatabaseType, F as FieldAttribute, A as Adapter } from '../auth-
|
|
2
|
+
import { B as BetterAuthOptions, K as KyselyDatabaseType, F as FieldAttribute, A as Adapter } from '../auth-DQcxQWzj.js';
|
|
3
3
|
import 'zod';
|
|
4
4
|
import '../schema-Dkt0LqYs.js';
|
|
5
5
|
import 'better-call';
|
package/dist/adapters/kysely.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{Kysely as h,MssqlDialect as
|
|
1
|
+
import{Kysely as h,MssqlDialect as x}from"kysely";import{MysqlDialect as w,PostgresDialect as A,SqliteDialect as D}from"kysely";function g(t){if("dialect"in t)return g(t.dialect);if("createDriver"in t){if(t instanceof D)return"sqlite";if(t instanceof w)return"mysql";if(t instanceof A)return"postgres";if(t instanceof x)return"mssql"}return"aggregate"in t?"sqlite":"getConnection"in t?"mysql":"connect"in t?"postgres":null}var T=async t=>{let e=t.database;if("db"in e)return{kysely:e.db,databaseType:e.type};if("dialect"in e)return{kysely:new h({dialect:e.dialect}),databaseType:e.type};let a,n=g(e);return"createDriver"in e&&(a=e),"aggregate"in e&&(a=new D({database:e})),"getConnection"in e&&(a=new w({pool:e})),"connect"in e&&(a=new A({pool:e})),{kysely:a?new h({dialect:a}):null,databaseType:n}};function d(t){if(!t)return{and:null,or:null};let e={and:[],or:[]};return t.forEach(a=>{let{field:n,value:f,operator:y="=",connector:i="AND"}=a,o=r=>y.toLowerCase()==="in"?r(n,"in",Array.isArray(f)?f:[f]):r(n,y,f);i==="OR"?e.or.push(o):e.and.push(o)}),{and:e.and.length?e.and:null,or:e.or.length?e.or:null}}function p(t,e,a){for(let n in t)t[n]===0&&e[n]?.type==="boolean"&&a?.boolean&&(t[n]=!1),t[n]===1&&e[n]?.type==="boolean"&&a?.boolean&&(t[n]=!0),e[n]?.type==="date"&&(t[n]instanceof Date||(t[n]=new Date(t[n])));return t}function q(t,e){for(let a in t)typeof t[a]=="boolean"&&e?.boolean&&(t[a]=t[a]?1:0),t[a]instanceof Date&&(t[a]=t[a].toISOString());return t}var C=(t,e)=>({id:"kysely",async create(a){let{model:n,data:f,select:y}=a;e?.transform&&(f=q(f,e.transform)),e?.generateId!==void 0&&(f.id=e.generateId?e.generateId():void 0);let i=await t.insertInto(n).values(f).returningAll().executeTakeFirst();if(e?.transform){let o=e.transform.schema[n];i=o?p(f,o,e.transform):i}return y?.length&&(i=i?y.reduce((r,s)=>i?.[s]?{...r,[s]:i[s]}:r,{}):null),i},async findOne(a){let{model:n,where:f,select:y}=a,{and:i,or:o}=d(f),r=t.selectFrom(n).selectAll();i&&(r=r.where(l=>l.and(i.map(u=>u(l))))),o&&(r=r.where(l=>l.or(o.map(u=>u(l)))));let s=await r.executeTakeFirst();if(y?.length&&(s=s?y.reduce((u,m)=>s?.[m]?{...u,[m]:s[m]}:u,{}):null),e?.transform){let l=e.transform.schema[n];return s=s&&l?p(s,l,e.transform):s,s||null}return s||null},async findMany(a){let{model:n,where:f,limit:y,offset:i,sortBy:o}=a,r=t.selectFrom(n),{and:s,or:l}=d(f);s&&(r=r.where(m=>m.and(s.map(c=>c(m))))),l&&(r=r.where(m=>m.or(l.map(c=>c(m))))),r=r.limit(y||100),i&&(r=r.offset(i)),o&&(r=r.orderBy(o.field,o.direction));let u=await r.selectAll().execute();if(e?.transform){let m=e.transform.schema[n];return m?u.map(c=>p(c,m,e.transform)):u}return u},async update(a){let{model:n,where:f,update:y}=a,{and:i,or:o}=d(f);e?.transform&&(y=q(y,e.transform));let r=t.updateTable(n).set(y);i&&(r=r.where(l=>l.and(i.map(u=>u(l))))),o&&(r=r.where(l=>l.or(o.map(u=>u(l)))));let s=await r.returningAll().executeTakeFirst()||null;if(e?.transform){let l=e.transform.schema[n];return l?p(s,l,e.transform):s}return s},async delete(a){let{model:n,where:f}=a,{and:y,or:i}=d(f),o=t.deleteFrom(n);y&&(o=o.where(r=>r.and(y.map(s=>s(r))))),i&&(o=o.where(r=>r.or(i.map(s=>s(r))))),await o.execute()},async deleteMany(a){let{model:n,where:f}=a,{and:y,or:i}=d(f),o=t.deleteFrom(n);y&&(o=o.where(r=>r.and(y.map(s=>s(r))))),i&&(o=o.where(r=>r.or(i.map(s=>s(r))))),await o.execute()}});export{T as createKyselyAdapter,C as kyselyAdapter};
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { Db } from 'mongodb';
|
|
2
|
-
import { W as Where } from '../auth-
|
|
2
|
+
import { W as Where } from '../auth-DQcxQWzj.js';
|
|
3
3
|
import 'zod';
|
|
4
4
|
import 'kysely';
|
|
5
5
|
import '../schema-Dkt0LqYs.js';
|
|
@@ -54,6 +54,10 @@ declare const mongodbAdapter: (mongo: Db, opts?: {
|
|
|
54
54
|
model: string;
|
|
55
55
|
where: Where[];
|
|
56
56
|
}): Promise<void>;
|
|
57
|
+
deleteMany(data: {
|
|
58
|
+
model: string;
|
|
59
|
+
where: Where[];
|
|
60
|
+
}): Promise<void>;
|
|
57
61
|
};
|
|
58
62
|
|
|
59
63
|
export { mongodbAdapter };
|
package/dist/adapters/mongodb.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
function u(l){if(!l)return{};let d=l.map(e=>{let{field:t,value:n,operator:c="eq",connector:a="AND"}=e,
|
|
1
|
+
function u(l){if(!l)return{};let d=l.map(e=>{let{field:t,value:n,operator:c="eq",connector:a="AND"}=e,s;switch(c.toLowerCase()){case"eq":s={[t]:n};break;case"in":s={[t]:{$in:Array.isArray(n)?n:[n]}};break;case"gt":s={[t]:{$gt:n}};break;case"gte":s={[t]:{$gte:n}};break;case"lt":s={[t]:{$lt:n}};break;case"lte":s={[t]:{$lte:n}};break;case"ne":s={[t]:{$ne:n}};break;default:throw new Error(`Unsupported operator: ${c}`)}return{condition:s,connector:a}}),o=d.filter(e=>e.connector==="AND").map(e=>e.condition),i=d.filter(e=>e.connector==="OR").map(e=>e.condition),r={};return o.length&&(r={...r,$and:o}),i.length&&(r={...r,$or:i}),r}function f(l){let{_id:d,...o}=l;return o}function m(l){return l.reduce((o,i)=>(o[i]=1,o),{})}var p=(l,d)=>{let o=l,i=r=>d?.usePlural?`${r}s`:r;return{id:"mongodb",async create(r){let{model:e,data:t}=r;d?.generateId!==void 0&&(t.id=d.generateId?d.generateId():void 0);let c=(await o.collection(i(e)).insertOne({...t})).insertedId,a={...t,id:c};return f(a)},async findOne(r){let{model:e,where:t,select:n}=r,c=u(t),a={};n&&(a=m(n));let s=await o.collection(i(e)).findOne(c,{projection:a});return s?f(s):null},async findMany(r){let{model:e,where:t,limit:n,offset:c,sortBy:a}=r,s=u(t);return(await o.collection(i(e)).find(s).skip(c||0).limit(n||100).sort(a?.field||"id",a?.direction==="desc"?-1:1).toArray()).map(f)},async update(r){let{model:e,where:t,update:n}=r,c=u(t);if(t.length===1){let s=await o.collection(i(e)).findOneAndUpdate(c,{$set:n},{returnDocument:"after"});return f(s)}let a=await o.collection(i(e)).updateMany(c,{$set:n});return{}},async delete(r){let{model:e,where:t}=r,n=u(t),c=await o.collection(i(e)).findOneAndDelete(n)},async deleteMany(r){let{model:e,where:t}=r,n=u(t),c=await o.collection(i(e)).deleteMany(n)}}};export{p as mongodbAdapter};
|
package/dist/adapters/prisma.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
function l(d){if(!d)return{};if(d.length===1){let e=d[0];return e?{[e.field]:e.operator==="eq"||!e.operator?e.value:{[e.operator]:e.value}}:void 0}let u=d.filter(e=>e.connector==="AND"||!e.connector),i=d.filter(e=>e.connector==="OR"),a=u.map(e=>({[e.field]:e.operator==="eq"||!e.operator?e.value:{[e.operator]:e.value}})),r=i.map(e=>({[e.field]:{[e.operator||"eq"]:e.value}}));return{AND:a.length?a:void 0,OR:r.length?r:void 0}}var
|
|
1
|
+
function l(d){if(!d)return{};if(d.length===1){let e=d[0];return e?{[e.field]:e.operator==="eq"||!e.operator?e.value:{[e.operator]:e.value}}:void 0}let u=d.filter(e=>e.connector==="AND"||!e.connector),i=d.filter(e=>e.connector==="OR"),a=u.map(e=>({[e.field]:e.operator==="eq"||!e.operator?e.value:{[e.operator]:e.value}})),r=i.map(e=>({[e.field]:{[e.operator||"eq"]:e.value}}));return{AND:a.length?a:void 0,OR:r.length?r:void 0}}var y=(d,{provider:u,generateId:i})=>{let a=d;return{id:"prisma",async create(r){let{model:e,data:n,select:t}=r;return i!==void 0&&(n.id=i?i():void 0),await a[e].create({data:n,...t?.length?{select:t.reduce((o,s)=>({...o,[s]:!0}),{})}:{}})},async findOne(r){let{model:e,where:n,select:t}=r,o=l(n);return await a[e].findFirst({where:o,...t?.length?{select:t.reduce((s,c)=>({...s,[c]:!0}),{})}:{}})},async findMany(r){let{model:e,where:n,limit:t,offset:o,sortBy:s}=r,c=l(n);return await a[e].findMany({where:c,take:t||100,skip:o||0,orderBy:s?.field?{[s.field]:s.direction==="desc"?"desc":"asc"}:void 0})},async update(r){let{model:e,where:n,update:t}=r,o=l(n);return n.length===1?await a[e].update({where:o,data:t}):await a[e].updateMany({where:o,data:t})},async delete(r){let{model:e,where:n}=r,t=l(n);return await a[e].delete({where:t})},async deleteMany(r){let{model:e,where:n}=r,t=l(n);return await a[e].deleteMany({where:t})}}};export{y as prismaAdapter};
|
package/dist/api.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { e as AuthEndpoint, f as AuthMiddleware, a1 as callbackOAuth, aj as changeEmail, ag as changePassword, d as createAuthEndpoint, c as createAuthMiddleware, ac as createEmailVerificationToken, ao as csrfMiddleware, ai as deleteUser, al as error, a9 as forgetPassword, aa as forgetPasswordCallback, ak as getCSRFToken, Z as getEndpoints, a2 as getSession, a3 as getSessionFromCtx, a5 as listSessions, am as ok, o as optionsMiddleware, ab as resetPassword, a6 as revokeSession, a7 as revokeSessions, _ as router, ad as sendVerificationEmail, a4 as sessionMiddleware, ah as setPassword, a0 as signInEmail, $ as signInOAuth, a8 as signOut, an as signUpEmail, af as updateUser, ae as verifyEmail } from './auth-
|
|
1
|
+
export { e as AuthEndpoint, f as AuthMiddleware, a1 as callbackOAuth, aj as changeEmail, ag as changePassword, d as createAuthEndpoint, c as createAuthMiddleware, ac as createEmailVerificationToken, ao as csrfMiddleware, ai as deleteUser, al as error, a9 as forgetPassword, aa as forgetPasswordCallback, ak as getCSRFToken, Z as getEndpoints, a2 as getSession, a3 as getSessionFromCtx, a5 as listSessions, am as ok, o as optionsMiddleware, ab as resetPassword, a6 as revokeSession, a7 as revokeSessions, _ as router, ad as sendVerificationEmail, a4 as sessionMiddleware, ah as setPassword, a0 as signInEmail, $ as signInOAuth, a8 as signOut, an as signUpEmail, af as updateUser, ae as verifyEmail } from './auth-DQcxQWzj.js';
|
|
2
2
|
import './helper-DPDj8Nix.js';
|
|
3
3
|
export { APIError } from 'better-call';
|
|
4
4
|
import 'zod';
|
package/dist/client/plugins.d.ts
CHANGED
|
@@ -2,10 +2,10 @@ import * as nanostores from 'nanostores';
|
|
|
2
2
|
import { A as AccessControl, S as StatementsPrimitive, R as Role } from '../statement-CfnyN34h.js';
|
|
3
3
|
import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
4
4
|
import { BetterFetchOption } from '@better-fetch/fetch';
|
|
5
|
-
import { o as organization, l as Organization, M as Member, I as Invitation, u as username, m as magicLink, d as phoneNumber, e as anonymous, i as admin, j as genericOAuth, k as multiSession } from '../index-
|
|
6
|
-
export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-
|
|
5
|
+
import { o as organization, l as Organization, M as Member, I as Invitation, u as username, m as magicLink, d as phoneNumber, e as anonymous, i as admin, j as genericOAuth, k as multiSession } from '../index-DZhhf9eD.js';
|
|
6
|
+
export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-DZhhf9eD.js';
|
|
7
7
|
import { P as Prettify } from '../helper-DPDj8Nix.js';
|
|
8
|
-
import { F as FieldAttribute, B as BetterAuthOptions, b as BetterAuthPlugin } from '../auth-
|
|
8
|
+
import { F as FieldAttribute, B as BetterAuthOptions, b as BetterAuthPlugin } from '../auth-DQcxQWzj.js';
|
|
9
9
|
import 'zod';
|
|
10
10
|
import '../schema-Dkt0LqYs.js';
|
|
11
11
|
import 'better-call';
|
package/dist/client.d.ts
CHANGED
|
@@ -6,7 +6,7 @@ import { BetterFetch, BetterFetchError, BetterFetchOption } from '@better-fetch/
|
|
|
6
6
|
import { U as UnionToIntersection, P as Prettify, S as StripEmptyObjects } from './helper-DPDj8Nix.js';
|
|
7
7
|
import { ClientOptions, InferClientAPI, InferActions, InferAdditionalFromClient, InferSessionFromClient, InferUserFromClient, BetterAuthClientPlugin, IsSignal } from './types.js';
|
|
8
8
|
export { AtomListener, InferPluginsFromClient } from './types.js';
|
|
9
|
-
import './auth-
|
|
9
|
+
import './auth-DQcxQWzj.js';
|
|
10
10
|
import 'kysely';
|
|
11
11
|
import './schema-Dkt0LqYs.js';
|
|
12
12
|
import 'better-call';
|
package/dist/cookies.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import 'better-call';
|
|
2
|
-
export { s as BetterAuthCookies, E as EligibleCookies, r as createCookieGetter, u as deleteSessionCookie, q as getCookies, w as parseCookies, v as parseSetCookieHeader, t as setSessionCookie } from './auth-
|
|
2
|
+
export { s as BetterAuthCookies, E as EligibleCookies, r as createCookieGetter, u as deleteSessionCookie, q as getCookies, w as parseCookies, v as parseSetCookieHeader, t as setSessionCookie } from './auth-DQcxQWzj.js';
|
|
3
3
|
import 'zod';
|
|
4
4
|
import 'kysely';
|
|
5
5
|
import './schema-Dkt0LqYs.js';
|
package/dist/db.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { A as Adapter, B as BetterAuthOptions, W as Where, F as FieldAttribute, z as FieldType, K as KyselyDatabaseType } from './auth-
|
|
2
|
-
export { X as BetterAuthDbSchema, J as FieldAttributeConfig, V as InferFieldsFromOptions, U as InferFieldsFromPlugins, O as InferFieldsInput, Q as InferFieldsInputClient, N as InferFieldsOutput, M as InferValueType, D as InternalAdapter, T as PluginFieldAttribute, L as createFieldAttribute, C as createInternalAdapter, Y as getAuthTables } from './auth-
|
|
1
|
+
import { A as Adapter, B as BetterAuthOptions, W as Where, F as FieldAttribute, z as FieldType, K as KyselyDatabaseType } from './auth-DQcxQWzj.js';
|
|
2
|
+
export { X as BetterAuthDbSchema, J as FieldAttributeConfig, V as InferFieldsFromOptions, U as InferFieldsFromPlugins, O as InferFieldsInput, Q as InferFieldsInputClient, N as InferFieldsOutput, M as InferValueType, D as InternalAdapter, T as PluginFieldAttribute, L as createFieldAttribute, C as createInternalAdapter, Y as getAuthTables } from './auth-DQcxQWzj.js';
|
|
3
3
|
import { z } from 'zod';
|
|
4
4
|
import 'kysely';
|
|
5
5
|
import './schema-Dkt0LqYs.js';
|
package/dist/db.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
var S=(e,r="ms")=>new Date(Date.now()+(r==="sec"?e*1e3:e));var A=e=>{let r=e.plugins?.reduce((t,s)=>{let o=s.schema;if(!o)return t;for(let[d,l]of Object.entries(o))t[d]={fields:{...t[d]?.fields,...l.fields},tableName:l.tableName||d};return t},{}),a=e.rateLimit?.storage==="database",i={rateLimit:{tableName:e.rateLimit?.tableName||"rateLimit",fields:{key:{type:"string",fieldName:e.rateLimit?.fields?.key||"key"},count:{type:"number",fieldName:e.rateLimit?.fields?.count||"count"},lastRequest:{type:"number",fieldName:e.rateLimit?.fields?.lastRequest||"lastRequest"}}}},{user:u,session:n,account:f,...c}=r||{};return{user:{tableName:e.user?.modelName||"user",fields:{name:{type:"string",required:!0,fieldName:e.user?.fields?.name||"name"},email:{type:"string",unique:!0,required:!0,fieldName:e.user?.fields?.email||"email"},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0,fieldName:e.user?.fields?.emailVerified||"emailVerified"},image:{type:"string",required:!1,fieldName:e.user?.fields?.image||"image"},createdAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.createdAt||"createdAt"},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.updatedAt||"updatedAt"},...u?.fields,...e.user?.additionalFields},order:1},session:{tableName:e.session?.modelName||"session",fields:{expiresAt:{type:"date",required:!0,fieldName:e.session?.fields?.expiresAt||"expiresAt"},ipAddress:{type:"string",required:!1,fieldName:e.session?.fields?.ipAddress||"ipAddress"},userAgent:{type:"string",required:!1,fieldName:e.session?.fields?.userAgent||"userAgent"},userId:{type:"string",fieldName:e.session?.fields?.userId||"userId",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0},...n?.fields,...e.session?.additionalFields},order:2},account:{tableName:e.account?.modelName||"account",fields:{accountId:{type:"string",required:!0,fieldName:e.account?.fields?.accountId||"accountId"},providerId:{type:"string",required:!0,fieldName:e.account?.fields?.providerId||"providerId"},userId:{type:"string",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0,fieldName:e.account?.fields?.userId||"userId"},accessToken:{type:"string",required:!1,fieldName:e.account?.fields?.accessToken||"accessToken"},refreshToken:{type:"string",required:!1,fieldName:e.account?.fields?.refreshToken||"refreshToken"},idToken:{type:"string",required:!1,fieldName:e.account?.fields?.idToken||"idToken"},expiresAt:{type:"date",required:!1,fieldName:e.account?.fields?.expiresAt||"expiresAt"},password:{type:"string",required:!1,fieldName:e.account?.fields?.password||"password"},...f?.fields},order:3},verification:{tableName:e.verification?.modelName||"verification",fields:{identifier:{type:"string",required:!0,fieldName:e.verification?.fields?.identifier||"identifier"},value:{type:"string",required:!0,fieldName:e.verification?.fields?.value||"value"},expiresAt:{type:"date",required:!0,fieldName:e.verification?.fields?.expiresAt||"expiresAt"}},order:4},...c,...a?i:{}}};import{nanoid as P}from"nanoid";var h=e=>P(e);var w=class extends Error{constructor(r,a){super(r),this.name="BetterAuthError",this.message=r,this.cause=a,this.stack=""}};import{Kysely as D,MssqlDialect as L}from"kysely";import{MysqlDialect as R,PostgresDialect as B,SqliteDialect as V}from"kysely";function U(e){if("dialect"in e)return U(e.dialect);if("createDriver"in e){if(e instanceof V)return"sqlite";if(e instanceof R)return"mysql";if(e instanceof B)return"postgres";if(e instanceof L)return"mssql"}return"aggregate"in e?"sqlite":"getConnection"in e?"mysql":"connect"in e?"postgres":null}var I=async e=>{let r=e.database;if("db"in r)return{kysely:r.db,databaseType:r.type};if("dialect"in r)return{kysely:new D({dialect:r.dialect}),databaseType:r.type};let a,i=U(r);return"createDriver"in r&&(a=r),"aggregate"in r&&(a=new V({database:r})),"getConnection"in r&&(a=new R({pool:r})),"connect"in r&&(a=new B({pool:r})),{kysely:a?new D({dialect:a}):null,databaseType:i}};function k(e){if(!e)return{and:null,or:null};let r={and:[],or:[]};return e.forEach(a=>{let{field:i,value:u,operator:n="=",connector:f="AND"}=a,c=t=>n.toLowerCase()==="in"?t(i,"in",Array.isArray(u)?u:[u]):t(i,n,u);f==="OR"?r.or.push(c):r.and.push(c)}),{and:r.and.length?r.and:null,or:r.or.length?r.or:null}}function v(e,r,a){for(let i in e)e[i]===0&&r[i]?.type==="boolean"&&a?.boolean&&(e[i]=!1),e[i]===1&&r[i]?.type==="boolean"&&a?.boolean&&(e[i]=!0),r[i]?.type==="date"&&(e[i]instanceof Date||(e[i]=new Date(e[i])));return e}function M(e,r){for(let a in e)typeof e[a]=="boolean"&&r?.boolean&&(e[a]=e[a]?1:0),e[a]instanceof Date&&(e[a]=e[a].toISOString());return e}var K=(e,r)=>({id:"kysely",async create(a){let{model:i,data:u,select:n}=a;r?.transform&&(u=M(u,r.transform)),r?.generateId!==void 0&&(u.id=r.generateId?r.generateId():void 0);let f=await e.insertInto(i).values(u).returningAll().executeTakeFirst();if(r?.transform){let c=r.transform.schema[i];f=c?v(u,c,r.transform):f}return n?.length&&(f=f?n.reduce((t,s)=>f?.[s]?{...t,[s]:f[s]}:t,{}):null),f},async findOne(a){let{model:i,where:u,select:n}=a,{and:f,or:c}=k(u),t=e.selectFrom(i).selectAll();f&&(t=t.where(o=>o.and(f.map(d=>d(o))))),c&&(t=t.where(o=>o.or(c.map(d=>d(o)))));let s=await t.executeTakeFirst();if(n?.length&&(s=s?n.reduce((d,l)=>s?.[l]?{...d,[l]:s[l]}:d,{}):null),r?.transform){let o=r.transform.schema[i];return s=s&&o?v(s,o,r.transform):s,s||null}return s||null},async findMany(a){let{model:i,where:u,limit:n,offset:f,sortBy:c}=a,t=e.selectFrom(i),{and:s,or:o}=k(u);s&&(t=t.where(l=>l.and(s.map(m=>m(l))))),o&&(t=t.where(l=>l.or(o.map(m=>m(l))))),t=t.limit(n||100),f&&(t=t.offset(f)),c&&(t=t.orderBy(c.field,c.direction));let d=await t.selectAll().execute();if(r?.transform){let l=r.transform.schema[i];return l?d.map(m=>v(m,l,r.transform)):d}return d},async update(a){let{model:i,where:u,update:n}=a,{and:f,or:c}=k(u);r?.transform&&(n=M(n,r.transform));let t=e.updateTable(i).set(n);f&&(t=t.where(o=>o.and(f.map(d=>d(o))))),c&&(t=t.where(o=>o.or(c.map(d=>d(o)))));let s=await t.returningAll().executeTakeFirst()||null;if(r?.transform){let o=r.transform.schema[i];return o?v(s,o,r.transform):s}return s},async delete(a){let{model:i,where:u}=a,{and:n,or:f}=k(u),c=e.deleteFrom(i);n&&(c=c.where(t=>t.and(n.map(s=>s(t))))),f&&(c=c.where(t=>t.or(f.map(s=>s(t))))),await c.execute()}});async function be(e){if(!e.database)throw new w("Database configuration is required");if("create"in e.database)return e.database;let{kysely:r,databaseType:a}=await I(e);if(!r)throw new w("Failed to initialize database adapter");let i=A(e),u={};for(let n of Object.values(i))u[n.tableName]=n.fields;return K(r,{transform:{schema:u,date:!0,boolean:a==="sqlite"},generateId:"generateId"in e.database?e.database.generateId:void 0})}function q(e,r){let a={id:r.id};for(let i in e){let u=e[i],n=r[i];a[u.fieldName||i]=n}return a}function g(e,r){if(!r)return null;let a={id:r.id};for(let[i,u]of Object.entries(e))a[i]=r[u.fieldName||i];return a}function C(e,r){let a=r.hooks,i=A(r.options);async function u(f,c,t){let s=f,o=i[c];for(let m of a||[]){let p=m[c]?.create?.before;if(p){let y=await p(f);if(y===!1)return null;typeof y=="object"&&"data"in y&&(s=y.data)}}let d=t?await t.fn(s):null,l=!t||t.executeMainFn?await e.create({model:o.tableName,data:{id:s.id||h(),...q(o.fields,s)}}):d;for(let m of a||[]){let p=m[c]?.create?.after;p&&await p(l)}return g(o.fields,l)}async function n(f,c,t,s){let o=f;for(let m of a||[]){let p=m[t]?.update?.before;if(p){let y=await p(f);if(y===!1)return null;o=typeof y=="object"?y.data:y}}let d=s?await s.fn(o):null,l=!s||s.executeMainFn?await e.update({model:i[t].tableName,update:q(i[t].fields,o),where:c}):d;for(let m of a||[]){let p=m[t]?.update?.after;p&&await p(l)}return g(i[t].fields,l)}return{createWithHooks:u,updateWithHooks:n}}function E(e){let r="127.0.0.1";if(process.env.NODE_ENV==="test")return r;let a=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"],i=e instanceof Request?e.headers:e;for(let u of a){let n=i.get(u);if(typeof n=="string"){let f=n.split(",")[0].trim();if(f)return f}}return null}var qe=(e,r)=>{let a=r.options,i=a.secondaryStorage,u=a.session?.expiresIn||60*60*24*7,n=A(a),{createWithHooks:f,updateWithHooks:c}=C(e,r);return{createOAuthUser:async(t,s)=>{try{let o=await f(t,"user");if(!o)return null;if(!o.id)throw new w("User Id not returned from database");let d=await f(s,"account");return{user:o,account:{...d,userId:o.id}}}catch(o){return console.log(o),null}},createUser:async t=>await f({id:h(),createdAt:new Date,updatedAt:new Date,emailVerified:!1,...t},"user"),createAccount:async t=>await f({id:h(),createdAt:new Date,updatedAt:new Date,...t},"account"),listSessions:async t=>await e.findMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:t}]}),listUsers:async(t,s,o,d)=>(await e.findMany({model:n.user.tableName,limit:t,offset:s,sortBy:o,where:d})).map(m=>g(n.user.fields,m)),deleteUser:async t=>{await e.delete({model:n.account.tableName,where:[{field:n.account.fields.userId.fieldName||"userId",value:t}]}),await e.delete({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:t}]}),await e.delete({model:n.user.tableName,where:[{field:"id",value:t}]})},createSession:async(t,s,o,d)=>{let l=s instanceof Request?s.headers:s,m={id:h(),userId:t,expiresAt:o?S(60*60*24,"sec"):S(u,"sec"),ipAddress:s&&E(s)||"",userAgent:l?.get("user-agent")||"",...d};return await f(m,"session",i?{fn:async y=>{let b=await e.findOne({model:n.user.tableName,where:[{field:"id",value:t}]});return i.set(y.id,JSON.stringify({session:y,user:b}),u),y},executeMainFn:a.session?.storeSessionInDatabase}:void 0)},findSession:async t=>{if(i){let d=await i.get(t);if(d){let l=JSON.parse(d);return{session:{...l.session,expiresAt:new Date(l.session.expiresAt)},user:{...l.user,createdAt:new Date(l.user.createdAt),updatedAt:new Date(l.user.updatedAt)}}}}let s=await e.findOne({model:n.session.tableName,where:[{value:t,field:"id"}]});if(!s)return null;let o=await e.findOne({model:n.user.tableName,where:[{value:s.userId,field:"id"}]});return o?{session:g(n.session.fields,s),user:g(n.user.fields,o)}:null},findSessions:async t=>{if(i){let l=[];for(let m of t){let p=await i.get(m);if(p){let y=JSON.parse(p),b={session:{...y.session,expiresAt:new Date(y.session.expiresAt)},user:{...y.user,createdAt:new Date(y.user.createdAt),updatedAt:new Date(y.user.updatedAt)}};l.push(b)}}return l}let s=await e.findMany({model:n.session.tableName,where:[{field:"id",value:t,operator:"in"}]}),o=s.map(l=>l.userId),d=await e.findMany({model:n.user.tableName,where:[{field:"id",value:o,operator:"in"}]});return s.map(l=>{let m=d.find(p=>p.id===l.userId);return m?{session:g(n.session.fields,l),user:g(n.user.fields,m)}:null})},updateSession:async(t,s)=>await c(s,[{field:"id",value:t}],"session",i?{async fn(d){let l=await i.get(t),m=null;if(l){let p=JSON.parse(l);m={...p.session,...d},await i.set(t,JSON.stringify({session:m,user:p.user}),p.session.expiresAt?new Date(p.session.expiresAt).getTime():void 0)}else return null},executeMainFn:a.session?.storeSessionInDatabase}:void 0),deleteSession:async t=>{if(i){await i.delete(t),a.session?.storeSessionInDatabase&&await e.delete({model:n.session.tableName,where:[{field:"id",value:t}]});return}await e.delete({model:n.session.tableName,where:[{field:"id",value:t}]})},deleteSessions:async t=>{if(i){let s=await e.findMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:t}]});for(let o of s)await i.delete(o.id);a.session?.storeSessionInDatabase&&await e.delete({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:t}]});return}await e.delete({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:t}]})},findUserByEmail:async(t,s)=>{let o=await e.findOne({model:n.user.tableName,where:[{value:t.toLowerCase(),field:n.user.fields.email.fieldName||"email"}]});if(!o)return null;if(s?.includeAccounts){let d=await e.findMany({model:n.account.tableName,where:[{value:o.id,field:n.account.fields.userId.fieldName||"userId"}]});return{user:g(n.user.fields,o),accounts:d.map(l=>g(n.account.fields,l))}}return{user:g(n.user.fields,o),accounts:[]}},findUserById:async t=>await e.findOne({model:n.user.tableName,where:[{field:"id",value:t}]}),linkAccount:async t=>await f({id:h(),...t},"account"),updateUser:async(t,s)=>await c(s,[{field:"id",value:t}],"user"),updateUserByEmail:async(t,s)=>await c(s,[{field:n.user.fields.email.fieldName||"email",value:t}],"user"),updatePassword:async(t,s)=>await c({password:s},[{field:n.account.fields.userId.fieldName||"userId",value:t},{field:n.account.fields.providerId.fieldName||"providerId",value:"credential"}],"account"),findAccounts:async t=>(await e.findMany({model:n.account.tableName,where:[{field:n.account.fields.userId.fieldName||"userId",value:t}]})).map(o=>g(n.account.fields,o)),updateAccount:async(t,s)=>await c(s,[{field:"id",value:t}],"account"),createVerificationValue:async t=>await f({id:h(),...t},"verification"),findVerificationValue:async t=>{let s=await e.findOne({model:n.verification.tableName,where:[{field:n.verification.fields.identifier.fieldName||"identifier",value:t}]});return g(n.verification.fields,s)},deleteVerificationValue:async t=>{await e.delete({model:n.verification.tableName,where:[{field:"id",value:t}]})},updateVerificationValue:async(t,s)=>await c(s,[{field:"id",value:t}],"verification")}};var Re=(e,r)=>({type:e,...r});import{z as N}from"zod";function Ue(e){return N.object({...Object.keys(e).reduce((a,i)=>{let u=e[i];if(!u)return a;if(u.type==="string[]"||u.type==="number[]")return{...a,[i]:N.array(u.type==="string[]"?N.string():N.number())};let n=N[u.type]();return u?.required===!1&&(n=n.optional()),u?.returned===!1?a:{...a,[i]:n}},{})})}import"kysely";import{createConsola as W}from"consola";var x=W({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),H=e=>({log:(...r)=>{!e?.disabled&&x.log("",...r)},error:(...r)=>{!e?.disabled&&x.error("",...r)},warn:(...r)=>{!e?.disabled&&x.warn("",...r)},info:(...r)=>{!e?.disabled&&x.info("",...r)},debug:(...r)=>{!e?.disabled&&x.debug("",...r)},box:(...r)=>{!e?.disabled&&x.box("",...r)},success:(...r)=>{!e?.disabled&&x.success("",...r)},break:(...r)=>{!e?.disabled&&console.log(`
|
|
2
|
-
`)}}),O=H();function j(e){let r=
|
|
1
|
+
var S=(e,r="ms")=>new Date(Date.now()+(r==="sec"?e*1e3:e));var h=e=>{let r=e.plugins?.reduce((t,s)=>{let o=s.schema;if(!o)return t;for(let[d,l]of Object.entries(o))t[d]={fields:{...t[d]?.fields,...l.fields},tableName:l.tableName||d};return t},{}),a=e.rateLimit?.storage==="database",i={rateLimit:{tableName:e.rateLimit?.tableName||"rateLimit",fields:{key:{type:"string",fieldName:e.rateLimit?.fields?.key||"key"},count:{type:"number",fieldName:e.rateLimit?.fields?.count||"count"},lastRequest:{type:"number",fieldName:e.rateLimit?.fields?.lastRequest||"lastRequest"}}}},{user:u,session:n,account:c,...f}=r||{};return{user:{tableName:e.user?.modelName||"user",fields:{name:{type:"string",required:!0,fieldName:e.user?.fields?.name||"name"},email:{type:"string",unique:!0,required:!0,fieldName:e.user?.fields?.email||"email"},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0,fieldName:e.user?.fields?.emailVerified||"emailVerified"},image:{type:"string",required:!1,fieldName:e.user?.fields?.image||"image"},createdAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.createdAt||"createdAt"},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.updatedAt||"updatedAt"},...u?.fields,...e.user?.additionalFields},order:1},session:{tableName:e.session?.modelName||"session",fields:{expiresAt:{type:"date",required:!0,fieldName:e.session?.fields?.expiresAt||"expiresAt"},ipAddress:{type:"string",required:!1,fieldName:e.session?.fields?.ipAddress||"ipAddress"},userAgent:{type:"string",required:!1,fieldName:e.session?.fields?.userAgent||"userAgent"},userId:{type:"string",fieldName:e.session?.fields?.userId||"userId",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0},...n?.fields,...e.session?.additionalFields},order:2},account:{tableName:e.account?.modelName||"account",fields:{accountId:{type:"string",required:!0,fieldName:e.account?.fields?.accountId||"accountId"},providerId:{type:"string",required:!0,fieldName:e.account?.fields?.providerId||"providerId"},userId:{type:"string",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0,fieldName:e.account?.fields?.userId||"userId"},accessToken:{type:"string",required:!1,fieldName:e.account?.fields?.accessToken||"accessToken"},refreshToken:{type:"string",required:!1,fieldName:e.account?.fields?.refreshToken||"refreshToken"},idToken:{type:"string",required:!1,fieldName:e.account?.fields?.idToken||"idToken"},expiresAt:{type:"date",required:!1,fieldName:e.account?.fields?.expiresAt||"expiresAt"},password:{type:"string",required:!1,fieldName:e.account?.fields?.password||"password"},...c?.fields},order:3},verification:{tableName:e.verification?.modelName||"verification",fields:{identifier:{type:"string",required:!0,fieldName:e.verification?.fields?.identifier||"identifier"},value:{type:"string",required:!0,fieldName:e.verification?.fields?.value||"value"},expiresAt:{type:"date",required:!0,fieldName:e.verification?.fields?.expiresAt||"expiresAt"}},order:4},...f,...a?i:{}}};import{nanoid as P}from"nanoid";var A=e=>P(e);var F=class extends Error{constructor(r,a){super(r),this.name="BetterAuthError",this.message=r,this.cause=a,this.stack=""}};import{Kysely as D,MssqlDialect as L}from"kysely";import{MysqlDialect as R,PostgresDialect as B,SqliteDialect as V}from"kysely";function M(e){if("dialect"in e)return M(e.dialect);if("createDriver"in e){if(e instanceof V)return"sqlite";if(e instanceof R)return"mysql";if(e instanceof B)return"postgres";if(e instanceof L)return"mssql"}return"aggregate"in e?"sqlite":"getConnection"in e?"mysql":"connect"in e?"postgres":null}var k=async e=>{let r=e.database;if("db"in r)return{kysely:r.db,databaseType:r.type};if("dialect"in r)return{kysely:new D({dialect:r.dialect}),databaseType:r.type};let a,i=M(r);return"createDriver"in r&&(a=r),"aggregate"in r&&(a=new V({database:r})),"getConnection"in r&&(a=new R({pool:r})),"connect"in r&&(a=new B({pool:r})),{kysely:a?new D({dialect:a}):null,databaseType:i}};function N(e){if(!e)return{and:null,or:null};let r={and:[],or:[]};return e.forEach(a=>{let{field:i,value:u,operator:n="=",connector:c="AND"}=a,f=t=>n.toLowerCase()==="in"?t(i,"in",Array.isArray(u)?u:[u]):t(i,n,u);c==="OR"?r.or.push(f):r.and.push(f)}),{and:r.and.length?r.and:null,or:r.or.length?r.or:null}}function v(e,r,a){for(let i in e)e[i]===0&&r[i]?.type==="boolean"&&a?.boolean&&(e[i]=!1),e[i]===1&&r[i]?.type==="boolean"&&a?.boolean&&(e[i]=!0),r[i]?.type==="date"&&(e[i]instanceof Date||(e[i]=new Date(e[i])));return e}function U(e,r){for(let a in e)typeof e[a]=="boolean"&&r?.boolean&&(e[a]=e[a]?1:0),e[a]instanceof Date&&(e[a]=e[a].toISOString());return e}var K=(e,r)=>({id:"kysely",async create(a){let{model:i,data:u,select:n}=a;r?.transform&&(u=U(u,r.transform)),r?.generateId!==void 0&&(u.id=r.generateId?r.generateId():void 0);let c=await e.insertInto(i).values(u).returningAll().executeTakeFirst();if(r?.transform){let f=r.transform.schema[i];c=f?v(u,f,r.transform):c}return n?.length&&(c=c?n.reduce((t,s)=>c?.[s]?{...t,[s]:c[s]}:t,{}):null),c},async findOne(a){let{model:i,where:u,select:n}=a,{and:c,or:f}=N(u),t=e.selectFrom(i).selectAll();c&&(t=t.where(o=>o.and(c.map(d=>d(o))))),f&&(t=t.where(o=>o.or(f.map(d=>d(o)))));let s=await t.executeTakeFirst();if(n?.length&&(s=s?n.reduce((d,l)=>s?.[l]?{...d,[l]:s[l]}:d,{}):null),r?.transform){let o=r.transform.schema[i];return s=s&&o?v(s,o,r.transform):s,s||null}return s||null},async findMany(a){let{model:i,where:u,limit:n,offset:c,sortBy:f}=a,t=e.selectFrom(i),{and:s,or:o}=N(u);s&&(t=t.where(l=>l.and(s.map(m=>m(l))))),o&&(t=t.where(l=>l.or(o.map(m=>m(l))))),t=t.limit(n||100),c&&(t=t.offset(c)),f&&(t=t.orderBy(f.field,f.direction));let d=await t.selectAll().execute();if(r?.transform){let l=r.transform.schema[i];return l?d.map(m=>v(m,l,r.transform)):d}return d},async update(a){let{model:i,where:u,update:n}=a,{and:c,or:f}=N(u);r?.transform&&(n=U(n,r.transform));let t=e.updateTable(i).set(n);c&&(t=t.where(o=>o.and(c.map(d=>d(o))))),f&&(t=t.where(o=>o.or(f.map(d=>d(o)))));let s=await t.returningAll().executeTakeFirst()||null;if(r?.transform){let o=r.transform.schema[i];return o?v(s,o,r.transform):s}return s},async delete(a){let{model:i,where:u}=a,{and:n,or:c}=N(u),f=e.deleteFrom(i);n&&(f=f.where(t=>t.and(n.map(s=>s(t))))),c&&(f=f.where(t=>t.or(c.map(s=>s(t))))),await f.execute()},async deleteMany(a){let{model:i,where:u}=a,{and:n,or:c}=N(u),f=e.deleteFrom(i);n&&(f=f.where(t=>t.and(n.map(s=>s(t))))),c&&(f=f.where(t=>t.or(c.map(s=>s(t))))),await f.execute()}});async function be(e){if(!e.database)throw new F("Database configuration is required");if("create"in e.database)return e.database;let{kysely:r,databaseType:a}=await k(e);if(!r)throw new F("Failed to initialize database adapter");let i=h(e),u={};for(let n of Object.values(i))u[n.tableName]=n.fields;return K(r,{transform:{schema:u,date:!0,boolean:a==="sqlite"},generateId:"generateId"in e.database?e.database.generateId:void 0})}function q(e,r){let a={id:r.id};for(let i in e){let u=e[i],n=r[i];a[u.fieldName||i]=n}return a}function g(e,r){if(!r)return null;let a={id:r.id};for(let[i,u]of Object.entries(e))a[i]=r[u.fieldName||i];return a}function C(e,r){let a=r.hooks,i=h(r.options);async function u(c,f,t){let s=c,o=i[f];for(let m of a||[]){let p=m[f]?.create?.before;if(p){let y=await p(c);if(y===!1)return null;typeof y=="object"&&"data"in y&&(s=y.data)}}let d=t?await t.fn(s):null,l=!t||t.executeMainFn?await e.create({model:o.tableName,data:{id:A(),...q(o.fields,s)}}):d;for(let m of a||[]){let p=m[f]?.create?.after;p&&await p(l)}return g(o.fields,l)}async function n(c,f,t,s){let o=c;for(let m of a||[]){let p=m[t]?.update?.before;if(p){let y=await p(c);if(y===!1)return null;o=typeof y=="object"?y.data:y}}let d=s?await s.fn(o):null,l=!s||s.executeMainFn?await e.update({model:i[t].tableName,update:q(i[t].fields,o),where:f}):d;for(let m of a||[]){let p=m[t]?.update?.after;p&&await p(l)}return g(i[t].fields,l)}return{createWithHooks:u,updateWithHooks:n}}function E(e){let r="127.0.0.1";if(process.env.NODE_ENV==="test")return r;let a=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"],i=e instanceof Request?e.headers:e;for(let u of a){let n=i.get(u);if(typeof n=="string"){let c=n.split(",")[0].trim();if(c)return c}}return null}var Se=(e,r)=>{let a=r.options,i=a.secondaryStorage,u=a.session?.expiresIn||60*60*24*7,n=h(a),{createWithHooks:c,updateWithHooks:f}=C(e,r);return{createOAuthUser:async(t,s)=>{try{let o=await c(t,"user"),d=await c(s,"account");return{user:o,account:{...d,userId:o.id}}}catch(o){return console.log(o),null}},createUser:async t=>await c({id:A(),createdAt:new Date,updatedAt:new Date,emailVerified:!1,...t},"user"),createAccount:async t=>await c({id:A(),createdAt:new Date,updatedAt:new Date,...t},"account"),listSessions:async t=>await e.findMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:t}]}),listUsers:async(t,s,o,d)=>(await e.findMany({model:n.user.tableName,limit:t,offset:s,sortBy:o,where:d})).map(m=>g(n.user.fields,m)),deleteUser:async t=>{await e.delete({model:n.account.tableName,where:[{field:n.account.fields.userId.fieldName||"userId",value:t}]}),await e.deleteMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:t}]}),await e.deleteMany({model:n.user.tableName,where:[{field:"id",value:t}]})},createSession:async(t,s,o,d)=>{let l=s instanceof Request?s.headers:s,m={id:A(),userId:t,expiresAt:o?S(60*60*24,"sec"):S(u,"sec"),ipAddress:s&&E(s)||"",userAgent:l?.get("user-agent")||"",...d};return await c(m,"session",i?{fn:async y=>{let b=await e.findOne({model:n.user.tableName,where:[{field:"id",value:t}]});return i.set(y.id,JSON.stringify({session:y,user:b}),u),y},executeMainFn:a.session?.storeSessionInDatabase}:void 0)},findSession:async t=>{if(i){let d=await i.get(t);if(d){let l=JSON.parse(d);return{session:{...l.session,expiresAt:new Date(l.session.expiresAt)},user:{...l.user,createdAt:new Date(l.user.createdAt),updatedAt:new Date(l.user.updatedAt)}}}}let s=await e.findOne({model:n.session.tableName,where:[{value:t,field:"id"}]});if(!s)return null;let o=await e.findOne({model:n.user.tableName,where:[{value:s.userId,field:"id"}]});return o?{session:g(n.session.fields,s),user:g(n.user.fields,o)}:null},findSessions:async t=>{if(i){let l=[];for(let m of t){let p=await i.get(m);if(p){let y=JSON.parse(p),b={session:{...y.session,expiresAt:new Date(y.session.expiresAt)},user:{...y.user,createdAt:new Date(y.user.createdAt),updatedAt:new Date(y.user.updatedAt)}};l.push(b)}}return l}let s=await e.findMany({model:n.session.tableName,where:[{field:"id",value:t,operator:"in"}]}),o=s.map(l=>l.userId),d=await e.findMany({model:n.user.tableName,where:[{field:"id",value:o,operator:"in"}]});return s.map(l=>{let m=d.find(p=>p.id===l.userId);return m?{session:g(n.session.fields,l),user:g(n.user.fields,m)}:null})},updateSession:async(t,s)=>await f(s,[{field:"id",value:t}],"session",i?{async fn(d){let l=await i.get(t),m=null;if(l){let p=JSON.parse(l);m={...p.session,...d},await i.set(t,JSON.stringify({session:m,user:p.user}),p.session.expiresAt?new Date(p.session.expiresAt).getTime():void 0)}else return null},executeMainFn:a.session?.storeSessionInDatabase}:void 0),deleteSession:async t=>{if(i){await i.delete(t),a.session?.storeSessionInDatabase&&await e.delete({model:n.session.tableName,where:[{field:"id",value:t}]});return}await e.delete({model:n.session.tableName,where:[{field:"id",value:t}]})},deleteSessions:async t=>{if(i){let s=await e.findMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:t}]});for(let o of s)await i.delete(o.id);a.session?.storeSessionInDatabase&&await e.delete({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:t}]});return}await e.delete({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:t}]})},findUserByEmail:async(t,s)=>{let o=await e.findOne({model:n.user.tableName,where:[{value:t.toLowerCase(),field:n.user.fields.email.fieldName||"email"}]});if(!o)return null;if(s?.includeAccounts){let d=await e.findMany({model:n.account.tableName,where:[{value:o.id,field:n.account.fields.userId.fieldName||"userId"}]});return{user:g(n.user.fields,o),accounts:d.map(l=>g(n.account.fields,l))}}return{user:g(n.user.fields,o),accounts:[]}},findUserById:async t=>await e.findOne({model:n.user.tableName,where:[{field:"id",value:t}]}),linkAccount:async t=>await c({id:A(),...t},"account"),updateUser:async(t,s)=>await f(s,[{field:"id",value:t}],"user"),updateUserByEmail:async(t,s)=>await f(s,[{field:n.user.fields.email.fieldName||"email",value:t}],"user"),updatePassword:async(t,s)=>await f({password:s},[{field:n.account.fields.userId.fieldName||"userId",value:t},{field:n.account.fields.providerId.fieldName||"providerId",value:"credential"}],"account"),findAccounts:async t=>(await e.findMany({model:n.account.tableName,where:[{field:n.account.fields.userId.fieldName||"userId",value:t}]})).map(o=>g(n.account.fields,o)),updateAccount:async(t,s)=>await f(s,[{field:"id",value:t}],"account"),createVerificationValue:async t=>await c({id:A(),...t},"verification"),findVerificationValue:async t=>{let s=await e.findOne({model:n.verification.tableName,where:[{field:n.verification.fields.identifier.fieldName||"identifier",value:t}]});return g(n.verification.fields,s)},deleteVerificationValue:async t=>{await e.delete({model:n.verification.tableName,where:[{field:"id",value:t}]})},updateVerificationValue:async(t,s)=>await f(s,[{field:"id",value:t}],"verification")}};var De=(e,r)=>({type:e,...r});import{z as I}from"zod";function Ve(e){return I.object({...Object.keys(e).reduce((a,i)=>{let u=e[i];if(!u)return a;if(u.type==="string[]"||u.type==="number[]")return{...a,[i]:I.array(u.type==="string[]"?I.string():I.number())};let n=I[u.type]();return u?.required===!1&&(n=n.optional()),u?.returned===!1?a:{...a,[i]:n}},{})})}import"kysely";import{createConsola as W}from"consola";var w=W({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),H=e=>({log:(...r)=>{!e?.disabled&&w.log("",...r)},error:(...r)=>{!e?.disabled&&w.error("",...r)},warn:(...r)=>{!e?.disabled&&w.warn("",...r)},info:(...r)=>{!e?.disabled&&w.info("",...r)},debug:(...r)=>{!e?.disabled&&w.debug("",...r)},box:(...r)=>{!e?.disabled&&w.box("",...r)},success:(...r)=>{!e?.disabled&&w.success("",...r)},break:(...r)=>{!e?.disabled&&console.log(`
|
|
2
|
+
`)}}),O=H();function j(e){let r=h(e),a={};for(let i in r){let u=r[i],n=u.fields,c={};if(Object.entries(n).forEach(([f,t])=>{c[t.fieldName||f]=t}),a[u.tableName]){a[u.tableName].fields={...a[u.tableName].fields,...c};continue}a[u.tableName]={fields:c,order:u.order||1/0}}return a}var $={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},Z={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},z={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},J={string:["nvarchar","varchar"],number:["int","bigint","smallint","decimal","float","double"],boolean:["bit","boolean"],date:["datetime","date"]},G={postgres:$,mysql:Z,sqlite:z,mssql:J};function _(e,r,a){return r==="string[]"||r==="number[]"?e.toLowerCase().includes("json"):G[a][r].map(c=>c.toLowerCase()).includes(e.toLowerCase())}async function He(e){let r=j(e),{kysely:a,databaseType:i}=await k(e);i||(O.warn("Could not determine database type, defaulting to sqlite. Please provide a type in the database options to avoid this."),i="sqlite"),a||(O.error("Only kysely adapter is supported for migrations. You can use `generate` command to generate the schema, if you're using a different adapter."),process.exit(1));let u=await a.introspection.getTables(),n=[],c=[];for(let[d,l]of Object.entries(r)){let m=u.find(y=>y.name===d);if(!m){let y=n.findIndex(T=>T.table===d),b={table:d,fields:l.fields,order:l.order||1/0},x=n.findIndex(T=>(T.order||1/0)>b.order);x===-1?y===-1?n.push(b):n[y].fields={...n[y].fields,...l.fields}:n.splice(x,0,b);continue}let p={};for(let[y,b]of Object.entries(l.fields)){let x=m.columns.find(T=>T.name===y);if(!x){p[y]=b;continue}_(x.dataType,b.type,i)||O.warn(`Field ${y} in table ${d} has a different type in the database. Expected ${b.type} but got ${x.dataType}.`)}Object.keys(p).length>0&&c.push({table:d,fields:p,order:l.order||1/0})}let f=[];function t(d){let l={string:"text",boolean:"boolean",number:"integer",date:"date"};return i==="mysql"&&d==="string"?"varchar(255)":i==="sqlite"&&(d==="string[]"||d==="number[]")?"text":d==="string[]"||d==="number[]"?"jsonb":l[d]}if(c.length)for(let d of c)for(let[l,m]of Object.entries(d.fields)){let p=t(m.type),y=a.schema.alterTable(d.table).addColumn(l,p,b=>(b=m.required!==!1?b.notNull():b,m.references&&(b=b.references(`${m.references.model}.${m.references.field}`)),b));f.push(y)}if(n.length)for(let d of n){let l=a.schema.createTable(d.table).addColumn("id",t("string"),m=>m.primaryKey().notNull());for(let[m,p]of Object.entries(d.fields)){let y=t(p.type);l=l.addColumn(m,y,b=>(b=p.required!==!1?b.notNull():b,p.references&&(b=b.references(`${p.references.model}.${p.references.field}`)),p.unique&&(b=b.unique()),b))}f.push(l)}async function s(){for(let d of f)await d.execute()}async function o(){return f.map(l=>l.compile().sql).join(`;
|
|
3
3
|
|
|
4
|
-
`)}return{toBeCreated:n,toBeAdded:
|
|
4
|
+
`)}return{toBeCreated:n,toBeAdded:c,runMigrations:s,compileMigrations:o}}export{g as convertFromDB,q as convertToDB,De as createFieldAttribute,Se as createInternalAdapter,be as getAdapter,h as getAuthTables,He as getMigrations,j as getSchema,C as getWithHooks,_ as matchType,Ve as toZodSchema};
|
|
@@ -5,7 +5,7 @@ import { P as Prettify } from './helper-DPDj8Nix.js';
|
|
|
5
5
|
import { A as AccessControl, R as Role, S as StatementsPrimitive, g as defaultRoles } from './statement-CfnyN34h.js';
|
|
6
6
|
import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
7
7
|
import { BetterFetch, BetterFetchOption } from '@better-fetch/fetch';
|
|
8
|
-
import { H as HookEndpointContext, p as AuthContext } from './auth-
|
|
8
|
+
import { H as HookEndpointContext, p as AuthContext } from './auth-DQcxQWzj.js';
|
|
9
9
|
import * as nanostores from 'nanostores';
|
|
10
10
|
import { atom } from 'nanostores';
|
|
11
11
|
import * as _simplewebauthn_types from '@simplewebauthn/types';
|
package/dist/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { A as Adapter, j as AdditionalSessionFieldsInput, k as AdditionalSessionFieldsOutput, h as AdditionalUserFieldsInput, i as AdditionalUserFieldsOutput, a as Auth, p as AuthContext, s as BetterAuthCookies, B as BetterAuthOptions, b as BetterAuthPlugin, E as EligibleCookies, G as GenericEndpointContext, H as HookEndpointContext, m as InferPluginTypes, l as InferSession, I as InferUser, P as PluginSchema, R as RateLimit, S as SecondaryStorage, W as Where, g as betterAuth, r as createCookieGetter, x as createLogger, u as deleteSessionCookie, q as getCookies, n as init, y as logger, w as parseCookies, v as parseSetCookieHeader, t as setSessionCookie } from './auth-
|
|
1
|
+
export { A as Adapter, j as AdditionalSessionFieldsInput, k as AdditionalSessionFieldsOutput, h as AdditionalUserFieldsInput, i as AdditionalUserFieldsOutput, a as Auth, p as AuthContext, s as BetterAuthCookies, B as BetterAuthOptions, b as BetterAuthPlugin, E as EligibleCookies, G as GenericEndpointContext, H as HookEndpointContext, m as InferPluginTypes, l as InferSession, I as InferUser, P as PluginSchema, R as RateLimit, S as SecondaryStorage, W as Where, g as betterAuth, r as createCookieGetter, x as createLogger, u as deleteSessionCookie, q as getCookies, n as init, y as logger, w as parseCookies, v as parseSetCookieHeader, t as setSessionCookie } from './auth-DQcxQWzj.js';
|
|
2
2
|
export { D as DeepPartial, H as HasRequiredKeys, L as LiteralString, a as LiteralUnion, P as Prettify, R as RequiredKeysOf, S as StripEmptyObjects, U as UnionToIntersection, W as WithoutEmpty } from './helper-DPDj8Nix.js';
|
|
3
3
|
export { AtomListener, BetterAuthClientPlugin, ClientOptions, InferActions, InferAdditionalFromClient, InferClientAPI, InferPluginsFromClient, InferSessionFromClient, InferUserFromClient, IsSignal } from './types.js';
|
|
4
4
|
export { H as HIDE_METADATA } from './hide-metadata-DEHJp1rk.js';
|
package/dist/index.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import{APIError as Rt,createRouter as yr,statusCode as wr}from"better-call";import{APIError as ne}from"better-call";import{z as Ee}from"zod";import{xchacha20poly1305 as Pr}from"@noble/ciphers/chacha";import{bytesToHex as _r,hexToBytes as Cr,utf8ToBytes as Br}from"@noble/ciphers/utils";import{managedNonce as Nr}from"@noble/ciphers/webcrypto";import{sha256 as qr}from"oslo/crypto";function
|
|
2
|
-
`)}}),b=ie();var x=j(async e=>{let t=e.body?.callbackURL||e.query?.callbackURL||e.query?.redirectTo||e.body?.redirectTo,r=e.headers?.get("referer"),o=e.query?.currentURL||r||e.context.baseURL,s=e.context.trustedOrigins;if(t?.includes("http")){let n=new URL(t).origin;if(!s.includes(n))throw b.error("Invalid callback URL",{callbackURL:t,trustedOrigins:s}),new Be("FORBIDDEN",{message:"Invalid callback URL"})}if(o!==e.context.baseURL){let n=new URL(o).origin;if(!s.includes(n))throw b.error("Invalid current URL",{currentURL:o,trustedOrigins:s}),new Be("FORBIDDEN",{message:"Invalid callback URL"})}});import{parseJWT as Gt}from"oslo/jwt";import{sha256 as Mt}from"oslo/crypto";function zt(e){try{return new URL(e).pathname!=="/"}catch{throw new A(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function ae(e,t="/api/auth"){return zt(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function K(e,t){if(e)return ae(e,t);let r=typeof process<"u"?process.env:{},o=r.BETTER_AUTH_URL||r.NEXT_PUBLIC_BETTER_AUTH_URL||r.PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_AUTH_URL||(r.BASE_URL!=="/"?r.BASE_URL:void 0);if(o)return ae(o,t);if(typeof window<"u")return ae(window.location.origin,t)}import{base64url as Ht}from"oslo/encoding";async function De(e){let t=await Mt(new TextEncoder().encode(e));return Ht.encode(new Uint8Array(t),{includePadding:!1})}function Ne(e){return{tokenType:e.token_type,accessToken:e.access_token,refreshToken:e.refresh_token,accessTokenExpiresAt:e.expires_at?new Date((Date.now()+e.expires_in)*1e3):void 0,scopes:e?.scope?typeof e.scope=="string"?e.scope.split(" "):e.scope:[],idToken:e.id_token}}async function T({id:e,options:t,authorizationEndpoint:r,state:o,codeVerifier:s,scopes:n,claims:a,disablePkce:l,redirectURI:i}){let d=new URL(r);if(d.searchParams.set("response_type","code"),d.searchParams.set("client_id",t.clientId),d.searchParams.set("state",o),d.searchParams.set("scope",n.join(" ")),d.searchParams.set("redirect_uri",t.redirectURI||i),!l&&s){let c=await De(s);d.searchParams.set("code_challenge_method","S256"),d.searchParams.set("code_challenge",c)}if(a){let c=a.reduce((p,u)=>(p[u]=null,p),{});d.searchParams.set("claims",JSON.stringify({id_token:{email:null,email_verified:null,...c}}))}return d}import{betterFetch as Kt}from"@better-fetch/fetch";async function R({code:e,codeVerifier:t,redirectURI:r,options:o,tokenEndpoint:s}){let n=new URLSearchParams;n.set("grant_type","authorization_code"),n.set("code",e),t&&n.set("code_verifier",t),n.set("redirect_uri",r),n.set("client_id",o.clientId),n.set("client_secret",o.clientSecret);let{data:a,error:l}=await Kt(s,{method:"POST",body:n,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(l)throw l;return Ne(a)}function de(e){let t=e.accessToken,r=e.refreshToken,o;try{o=e.accessTokenExpiresAt}catch{}return{accessToken:t,refreshToken:r,expiresAt:o}}var Fe=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:r,scopes:o,redirectURI:s}){let n=e.scope||o||["email","name","openid"];return new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${s||e.redirectURI}&scope=${n.join(" ")}&state=${r}`)},validateAuthorizationCode:async({code:r,codeVerifier:o,redirectURI:s})=>R({code:r,codeVerifier:o,redirectURI:e.redirectURI||s,options:e,tokenEndpoint:t}),async getUserInfo(r){if(!r.idToken)return null;let o=Gt(r.idToken)?.payload;return o?{user:{id:o.sub,name:o.name,email:o.email,emailVerified:o.email_verified==="true"},data:o}:null}}};import{betterFetch as Qt}from"@better-fetch/fetch";var qe=e=>({id:"discord",name:"Discord",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let s=e.scope||r||["identify","email"];return new URL(`https://discord.com/api/oauth2/authorize?scope=${s.join("+")}&response_type=code&client_id=${e.clientId}&redirect_uri=${encodeURIComponent(e.redirectURI||o)}&state=${t}`)},validateAuthorizationCode:async({code:t,redirectURI:r})=>R({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await Qt("https://discord.com/api/users/@me",{headers:{authorization:`Bearer ${t.accessToken}`}});if(o)return null;if(r.avatar===null){let s=r.discriminator==="0"?Number(BigInt(r.id)>>BigInt(22))%6:parseInt(r.discriminator)%5;r.image_url=`https://cdn.discordapp.com/embed/avatars/${s}.png`}else{let s=r.avatar.startsWith("a_")?"gif":"png";r.image_url=`https://cdn.discordapp.com/avatars/${r.id}/${r.avatar}.${s}`}return{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified,image:r.image_url},data:r}}});import{betterFetch as Wt}from"@better-fetch/fetch";var Ve=e=>({id:"facebook",name:"Facebook",async createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let s=e.scope||r||["email","public_profile"];return await T({id:"facebook",options:e,authorizationEndpoint:"https://www.facebook.com/v21.0/dialog/oauth",scopes:s,state:t,redirectURI:o})},validateAuthorizationCode:async({code:t,redirectURI:r})=>R({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://graph.facebook.com/oauth/access_token"}),async getUserInfo(t){let{data:r,error:o}=await Wt("https://graph.facebook.com/me?fields=id,name,email,picture",{auth:{type:"Bearer",token:t.accessToken}});return o?null:{user:{id:r.id,name:r.name,email:r.email,emailVerified:r.email_verified},data:r}}});import{betterFetch as $e}from"@better-fetch/fetch";var je=e=>{let t="https://github.com/login/oauth/access_token";return{id:"github",name:"Github",createAuthorizationURL({state:r,scopes:o,codeVerifier:s,redirectURI:n}){let a=e.scope||o||["user:email"];return T({id:"github",options:e,authorizationEndpoint:"https://github.com/login/oauth/authorize",scopes:a,state:r,redirectURI:n,codeVerifier:s})},validateAuthorizationCode:async({code:r,redirectURI:o})=>R({code:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:t}),async getUserInfo(r){let{data:o,error:s}=await $e("https://api.github.com/user",{headers:{"User-Agent":"better-auth",authorization:`Bearer ${r.accessToken}`}});if(s)return null;let n=!1;if(!o.email){let{data:a,error:l}=await $e("https://api.github.com/user/emails",{headers:{authorization:`Bearer ${r.accessToken}`,"User-Agent":"better-auth"}});l||(o.email=(a.find(i=>i.primary)??a[0])?.email,n=a.find(i=>i.email===o.email)?.verified??!1)}return{user:{id:o.id.toString(),name:o.name||o.login,email:o.email,image:o.avatar_url,emailVerified:n},data:o}}}};import{parseJWT as Zt}from"oslo/jwt";var ze=e=>({id:"google",name:"Google",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:s}){if(!e.clientId||!e.clientSecret)throw b.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new A("CLIENT_ID_AND_SECRET_REQUIRED");if(!o)throw new A("codeVerifier is required for Google");let n=e.scope||r||["email","profile"];return T({id:"google",options:e,authorizationEndpoint:"https://accounts.google.com/o/oauth2/auth",scopes:n,state:t,codeVerifier:o,redirectURI:s})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>R({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"}),async getUserInfo(t){if(!t.idToken)return null;let r=Zt(t.idToken)?.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}}});import{betterFetch as Jt}from"@better-fetch/fetch";import{parseJWT as Xt}from"oslo/jwt";var Me=e=>{let t=e.tenantId||"common",r=`https://login.microsoftonline.com/${t}/oauth2/v2.0/authorize`,o=`https://login.microsoftonline.com/${t}/oauth2/v2.0/token`;return{id:"microsoft",name:"Microsoft EntraID",createAuthorizationURL(s){let n=e.scope||s.scopes||["openid","profile","email","User.Read"];return T({id:"microsoft",options:e,authorizationEndpoint:r,state:s.state,codeVerifier:s.codeVerifier,scopes:n,redirectURI:s.redirectURI})},validateAuthorizationCode({code:s,codeVerifier:n,redirectURI:a}){return R({code:s,codeVerifier:n,redirectURI:e.redirectURI||a,options:e,tokenEndpoint:o})},async getUserInfo(s){if(!s.idToken)return null;let n=Xt(s.idToken)?.payload,a=e.profilePhotoSize||48;return await Jt(`https://graph.microsoft.com/v1.0/me/photos/${a}x${a}/$value`,{headers:{Authorization:`Bearer ${s.accessToken}`},async onResponse(l){if(!(e.disableProfilePhoto||!l.response.ok))try{let d=await l.response.clone().arrayBuffer(),c=Buffer.from(d).toString("base64");n.picture=`data:image/jpeg;base64, ${c}`}catch(i){b.error(i)}}}),{user:{id:n.sub,name:n.name,email:n.email,image:n.picture,emailVerified:!0},data:n}}}};import{betterFetch as Yt}from"@better-fetch/fetch";var He=e=>({id:"spotify",name:"Spotify",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:s}){let n=e.scope||r||["user-read-email"];return T({id:"spotify",options:e,authorizationEndpoint:"https://accounts.spotify.com/authorize",scopes:n,state:t,codeVerifier:o,redirectURI:s})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>R({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"}),async getUserInfo(t){let{data:r,error:o}=await Yt("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o?null:{user:{id:r.id,name:r.display_name,email:r.email,image:r.images[0]?.url,emailVerified:!1},data:r}}});import"@better-fetch/fetch";function fn(e){return e.charAt(0).toUpperCase()+e.slice(1)}var N={isAction:!1};import{nanoid as er}from"nanoid";var I=e=>er(e);import{parseJWT as tr}from"oslo/jwt";var Ke=e=>({id:"twitch",name:"Twitch",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let s=e.scope||r||["user:read:email","openid"];return T({id:"twitch",redirectURI:o,options:e,authorizationEndpoint:"https://id.twitch.tv/oauth2/authorize",scopes:s,state:t,claims:e.claims||["email","email_verified","preferred_username","picture"]})},validateAuthorizationCode:async({code:t,redirectURI:r})=>R({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let r=t.idToken;if(!r)return b.error("No idToken found in token"),null;let o=tr(r)?.payload;return{user:{id:o.sub,name:o.preferred_username,email:o.email,image:o.picture,emailVerified:!1},data:o}}});import{betterFetch as rr}from"@better-fetch/fetch";var Ge=e=>({id:"twitter",name:"Twitter",createAuthorizationURL(t){let r=e.scope||t.scopes||["account_info.read"];return T({id:"twitter",options:e,authorizationEndpoint:"https://twitter.com/i/oauth2/authorize",scopes:r,state:t.state,codeVerifier:t.codeVerifier,redirectURI:t.redirectURI})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>R({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await rr("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}}});var ce={apple:Fe,discord:qe,facebook:Ve,github:je,microsoft:Me,google:ze,spotify:He,twitch:Ke,twitter:Ge},Qe=Object.keys(ce);import{TimeSpan as or}from"oslo";import{createJWT as nr,validateJWT as sr}from"oslo/jwt";import{z as S}from"zod";import{APIError as z}from"better-call";import{APIError as G}from"better-call";var q=(e,t="ms")=>new Date(Date.now()+(t==="sec"?e*1e3:e));import{z as We}from"zod";var le=()=>h("/session",{method:"GET",requireHeaders:!0},async e=>{try{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let r=await e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return H(e),r&&await e.context.internalAdapter.deleteSession(r.session.id),e.json(null,{status:401});if(await e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let s=e.context.sessionConfig.expiresIn,n=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-s*1e3+n*1e3<=Date.now()){let i=await e.context.internalAdapter.updateSession(r.session.id,{expiresAt:q(e.context.sessionConfig.expiresIn,"sec")});if(!i)return H(e),e.json(null,{status:401});let d=(i.expiresAt.valueOf()-Date.now())/1e3;return await P(e,i.id,!1,{maxAge:d}),e.json({session:i,user:r.user})}return e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}}),ue=async e=>await le()({...e,_flag:"json",headers:e.headers}),C=j(async e=>{let t=await ue(e);if(!t?.session)throw new G("UNAUTHORIZED");return{session:t}}),Ze=()=>h("/user/list-sessions",{method:"GET",use:[C],requireHeaders:!0},async e=>{let r=(await e.context.internalAdapter.listSessions(e.context.session.user.id)).filter(o=>o.expiresAt>new Date);return e.json(r)}),Je=h("/user/revoke-session",{method:"POST",body:We.object({id:We.string()}),use:[C],requireHeaders:!0},async e=>{let t=e.body.id,r=await e.context.internalAdapter.findSession(t);if(!r)throw new G("BAD_REQUEST",{message:"Session not found"});if(r.session.userId!==e.context.session.user.id)throw new G("UNAUTHORIZED");try{await e.context.internalAdapter.deleteSession(t)}catch(o){throw e.context.logger.error(o),new G("INTERNAL_SERVER_ERROR")}return e.json({status:!0})}),Xe=h("/user/revoke-sessions",{method:"POST",use:[C],requireHeaders:!0},async e=>{try{await e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){throw e.context.logger.error(t),new G("INTERNAL_SERVER_ERROR")}return e.json({status:!0})});async function B(e,t,r){return await nr("HS256",Buffer.from(e),{email:t.toLowerCase(),updateTo:r},{expiresIn:new or(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})}var Ye=h("/send-verification-email",{method:"POST",query:S.object({currentURL:S.string().optional()}).optional(),body:S.object({email:S.string().email(),callbackURL:S.string().optional()}),use:[x]},async e=>{if(!e.context.options.emailVerification?.sendVerificationEmail)throw e.context.logger.error("Verification email isn't enabled."),new z("BAD_REQUEST",{message:"Verification email isn't enabled"});let{email:t}=e.body,r=await e.context.internalAdapter.findUserByEmail(t);if(!r)throw new z("BAD_REQUEST",{message:"User not found"});let o=await B(e.context.secret,t),s=`${e.context.baseURL}/verify-email?token=${o}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.emailVerification.sendVerificationEmail(r.user,s,o),e.json({status:!0})}),et=h("/verify-email",{method:"GET",query:S.object({token:S.string(),callbackURL:S.string().optional()}),use:[x]},async e=>{let{token:t}=e.query,r;try{r=await sr("HS256",Buffer.from(e.context.secret),t)}catch(a){throw e.context.logger.error("Failed to verify email",a),new z("BAD_REQUEST",{message:"Invalid token"})}let s=S.object({email:S.string().email(),updateTo:S.string().optional()}).parse(r.payload);if(!await e.context.internalAdapter.findUserByEmail(s.email))throw new z("BAD_REQUEST",{message:"User not found"});if(s.updateTo){let a=await ue(e);if(!a)throw e.query.callbackURL?e.redirect(`${e.query.callbackURL}?error=unauthorized`):new z("UNAUTHORIZED",{message:"Session not found"});if(a.user.email!==s.email)throw e.query.callbackURL?e.redirect(`${e.query.callbackURL}?error=unauthorized`):new z("UNAUTHORIZED",{message:"Invalid session"});let l=await e.context.internalAdapter.updateUserByEmail(s.email,{email:s.updateTo});if(await e.context.options.emailVerification?.sendVerificationEmail?.(l,`${e.context.baseURL}/verify-email?token=${t}`,t),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({user:l,status:!0})}if(await e.context.internalAdapter.updateUserByEmail(s.email,{emailVerified:!0}),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({user:null,status:!0})});var tt=h("/sign-in/social",{method:"POST",requireHeaders:!0,query:O.object({currentURL:O.string().optional()}).optional(),body:O.object({callbackURL:O.string().optional(),provider:O.enum(Qe)}),use:[x]},async e=>{let t=e.context.socialProviders.find(i=>i.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider in your auth config",{provider:e.body.provider}),new L("NOT_FOUND",{message:"Provider not found"});let r=e.context.authCookies,o=e.query?.currentURL?new URL(e.query?.currentURL):null,s=e.body.callbackURL?.startsWith("http")?e.body.callbackURL:`${o?.origin}${e.body.callbackURL||""}`,n=await Pe(s||o?.origin||e.context.options.baseURL);await e.setSignedCookie(r.state.name,n.hash,e.context.secret,r.state.options);let a=ir();await e.setSignedCookie(r.pkCodeVerifier.name,a,e.context.secret,r.pkCodeVerifier.options);let l=await t.createAuthorizationURL({state:n.raw,codeVerifier:a,redirectURI:`${e.context.baseURL}/callback/${t.id}`});return e.json({url:l.toString(),state:n,codeVerifier:a,redirect:!0})}),rt=h("/sign-in/email",{method:"POST",body:O.object({email:O.string().email(),password:O.string(),callbackURL:O.string().optional(),dontRememberMe:O.boolean().default(!1).optional()}),use:[x]},async e=>{if(!e.context.options?.emailAndPassword?.enabled)throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new L("BAD_REQUEST",{message:"Email and password is not enabled"});let{email:t,password:r}=e.body;if(!O.string().email().safeParse(t).success)throw new L("BAD_REQUEST",{message:"Invalid email"});let s=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!s)throw await e.context.password.hash(r),e.context.logger.error("User not found",{email:t}),new L("UNAUTHORIZED",{message:"Invalid email or password"});if(e.context.options?.emailAndPassword?.requireEmailVerification&&!s.user.emailVerified){if(!e.context.options?.emailVerification?.sendVerificationEmail)throw b.error("Email verification is required but no email verification handler is provided"),new L("INTERNAL_SERVER_ERROR",{message:"Email is not verified."});let d=await B(e.context.secret,s.user.email),c=`${e.context.options.baseURL}/verify-email?token=${d}`;throw await e.context.options.emailVerification.sendVerificationEmail(s.user,c,d),e.context.logger.error("Email not verified",{email:t}),new L("FORBIDDEN",{message:"Email is not verified. Check your email for a verification link"})}let n=s.accounts.find(d=>d.providerId==="credential");if(!n)throw e.context.logger.error("Credential account not found",{email:t}),new L("UNAUTHORIZED",{message:"Invalid email or password"});let a=n?.password;if(!a)throw e.context.logger.error("Password not found",{email:t}),new L("UNAUTHORIZED",{message:"Unexpected error"});if(!await e.context.password.verify(a,r))throw e.context.logger.error("Invalid password"),new L("UNAUTHORIZED",{message:"Invalid email or password"});let i=await e.context.internalAdapter.createSession(s.user.id,e.headers,e.body.dontRememberMe);if(!i)throw e.context.logger.error("Failed to create session"),new L("UNAUTHORIZED",{message:"Failed to create session"});return await P(e,i.id,e.body.dontRememberMe),e.json({user:s.user,session:i,redirect:!!e.body.callbackURL,url:e.body.callbackURL})});import{APIError as dr}from"better-call";import{z as X}from"zod";import{z as w}from"zod";var Ss=w.object({id:w.string(),providerId:w.string(),accountId:w.string(),userId:w.string(),accessToken:w.string().nullable().optional(),refreshToken:w.string().nullable().optional(),idToken:w.string().nullable().optional(),expiresAt:w.date().nullable().optional(),password:w.string().optional().nullable()}),ot=w.object({id:w.string(),email:w.string().transform(e=>e.toLowerCase()),emailVerified:w.boolean().default(!1),name:w.string(),image:w.string().optional(),createdAt:w.date().default(new Date),updatedAt:w.date().default(new Date)}),Os=w.object({id:w.string(),userId:w.string(),expiresAt:w.date(),ipAddress:w.string().optional(),userAgent:w.string().optional()}),Ps=w.object({id:w.string(),value:w.string(),expiresAt:w.date(),identifier:w.string()});function ar(e,t){let r=t.fields,o={};for(let s in r){if(s in e){if(r[s].input===!1){if(r[s].defaultValue){o[s]=r[s].defaultValue;continue}continue}o[s]=e[s];continue}if(r[s].defaultValue){o[s]=r[s].defaultValue;continue}}return o}function nt(e,t){let r={...e.user?.additionalFields};return ar(t||{},{fields:r})}var st=h("/callback/:id",{method:"GET",query:X.object({state:X.string(),code:X.string().optional(),error:X.string().optional()}),metadata:N},async e=>{if(e.query.error||!e.query.code){let g=se(e.query.state).data?.callbackURL||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${g}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(m=>m.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let r=se(e.query.state);if(!r.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let{data:{callbackURL:o,currentURL:s}}=r,n=await e.getSignedCookie(e.context.authCookies.state.name,e.context.secret);if(!n)throw b.error("No stored state found"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!await Oe(e.query.state,n))throw b.error("OAuth state mismatch"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let l=await e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),i;try{i=await t.validateAuthorizationCode({code:e.query.code,codeVerifier:l,redirectURI:`${e.context.baseURL}/callback/${t.id}`})}catch(m){throw e.context.logger.error(m),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`)}let d=await t.getUserInfo(i).then(m=>m?.user),c=I(),p=ot.safeParse({...d,id:c});if(!d||p.success===!1)throw b.error("Unable to get user info",p.error),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!o)throw e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let u=await e.context.internalAdapter.findUserByEmail(d.email,{includeAccounts:!0}).catch(m=>{throw b.error(`Better auth was unable to query your database.
|
|
3
|
-
Error: `,m),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)}),f=u?.user.id;if(u){let m=u.accounts.find(k=>k.providerId===t.id),g=e.context.options.account?.accountLinking?.trustedProviders,y=g?g.includes(t.id):!0;if(!m&&(!d.emailVerified||!y)){let k;try{k=new URL(s||o),k.searchParams.set("error","account_not_linked")}catch{throw e.redirect(`${e.context.baseURL}/error?error=account_not_linked`)}throw e.redirect(k.toString())}if(!m)try{await e.context.internalAdapter.linkAccount({providerId:t.id,accountId:d.id.toString(),id:`${t.id}:${d.id}`,userId:u.user.id,...de(i)})}catch(k){throw console.log(k),e.redirect(`${e.context.baseURL}/error?error=failed_linking_account`)}}else try{let m=d.emailVerified,g=await e.context.internalAdapter.createOAuthUser({...p.data,emailVerified:m},{...de(i),id:`${t.id}:${d.id}`,providerId:t.id,accountId:d.id.toString()});if(!m&&g&&e.context.options.emailVerification?.sendOnSignUp){let y=await B(e.context.secret,d.email),k=`${e.context.baseURL}/verify-email?token=${y}&callbackURL=${o}`;await e.context.options.emailVerification?.sendVerificationEmail?.(g.user,k,y)}}catch{let g=new URL(s||o);throw g.searchParams.set("error","unable_to_create_user"),e.redirect(g.toString())}if(!f&&!
|
|
1
|
+
import{APIError as Rt,createRouter as yr,statusCode as wr}from"better-call";import{APIError as ne}from"better-call";import{z as Ee}from"zod";import{xchacha20poly1305 as Pr}from"@noble/ciphers/chacha";import{bytesToHex as _r,hexToBytes as Cr,utf8ToBytes as Br}from"@noble/ciphers/utils";import{managedNonce as Nr}from"@noble/ciphers/webcrypto";import{sha256 as qr}from"oslo/crypto";function Z(e,t){let r=new Uint8Array(e),o=new Uint8Array(t);if(r.length!==o.length)return!1;let s=0;for(let n=0;n<r.length;n++)s|=r[n]^o[n];return s===0}import{decodeHex as _t,encodeHex as ye}from"oslo/encoding";import{scryptAsync as Ct}from"@noble/hashes/scrypt";var $={N:16384,r:16,p:1,dkLen:64};async function we(e,t){return await Ct(e.normalize("NFKC"),t,{N:$.N,p:$.p,r:$.r,dkLen:$.dkLen,maxmem:128*$.N*$.r*2})}var be=async e=>{let t=ye(crypto.getRandomValues(new Uint8Array(16))),r=await we(e,t);return`${t}:${ye(r)}`},Ae=async(e,t)=>{let[r,o]=e.split(":"),s=await we(t,r);return Z(s,_t(o))};function Bt(e){return e.toString(2).padStart(8,"0")}function Dt(e){return[...e].map(t=>Bt(t)).join("")}function Re(e){return parseInt(Dt(e),2)}function Nt(e){if(e<0||!Number.isInteger(e))throw new Error("Argument 'max' must be an integer greater than or equal to 0");let t=(e-1).toString(2).length,r=t%8,o=new Uint8Array(Math.ceil(t/8));crypto.getRandomValues(o),r!==0&&(o[0]&=(1<<r)-1);let s=Re(o);for(;s>=e;)crypto.getRandomValues(o),r!==0&&(o[0]&=(1<<r)-1),s=Re(o);return s}function ke(e,t){let r="";for(let o=0;o<e;o++)r+=t[Nt(t.length)];return r}function Ue(...e){let t=new Set(e),r="";for(let o of t)o==="a-z"?r+="abcdefghijklmnopqrstuvwxyz":o==="A-Z"?r+="ABCDEFGHIJKLMNOPQRSTUVWXYZ":o==="0-9"?r+="0123456789":r+=o;return r}async function J(e,t){let r=new TextEncoder,o={name:"HMAC",hash:"SHA-256"},s=await crypto.subtle.importKey("raw",r.encode(e),o,!1,["sign","verify"]),n=await crypto.subtle.sign(o.name,s,r.encode(t));return btoa(String.fromCharCode(...new Uint8Array(n)))}import{createEndpointCreator as Ft,createMiddleware as xe,createMiddlewareCreator as qt}from"better-call";var Te=xe(async()=>({})),j=qt({use:[Te,xe(async()=>({}))]}),h=Ft({use:[Te]});var ve=j({body:Ee.object({csrfToken:Ee.string().optional()}).optional()},async e=>{if(e.request?.method!=="POST"||e.context.options.advanced?.disableCSRFCheck)return;let t=new URL(e.request.url);if(e.context.trustedOrigins.includes(t.origin))return;let r=e.body?.csrfToken;if(!r)throw new ne("UNAUTHORIZED",{message:"CSRF Token is required"});let o=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret),[s,n]=o?.split("!")||[null,null];if(!r||!s||!n||s!==r)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new ne("UNAUTHORIZED",{message:"Invalid CSRF Token"});let a=await J(e.context.secret,s);if(n!==a)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new ne("UNAUTHORIZED",{message:"Invalid CSRF Token"})});import{APIError as L}from"better-call";import{generateCodeVerifier as ir}from"oslo/oauth2";import{z as O}from"zod";import{generateState as Vt}from"oslo/oauth2";import{z as X}from"zod";import{sha256 as Ie}from"oslo/crypto";async function Se(e){let t=await Ie(typeof e=="string"?new TextEncoder().encode(e):e);return Buffer.from(t).toString("base64")}async function Oe(e,t){let r=await Ie(typeof e=="string"?new TextEncoder().encode(e):e),o=Buffer.from(t,"base64");return Z(r,o)}import"better-call";async function Pe(e){let t=Vt(),r=JSON.stringify({code:t,callbackURL:e}),o=await Se(r);return{raw:r,hash:o}}function se(e){return X.object({code:X.string(),callbackURL:X.string().optional(),currentURL:X.string().optional()}).safeParse(JSON.parse(e))}import{TimeSpan as $t}from"oslo";var R=class extends Error{constructor(t,r){super(t),this.name="BetterAuthError",this.message=t,this.cause=r,this.stack=""}},Le=class extends R{constructor(t){super(`The package "${t}" is required. Make sure it is installed.`,t)}};function _e(e){let r=(e.advanced?.useSecureCookies!==void 0?e.advanced?.useSecureCookies:e.baseURL!==void 0?!!e.baseURL.startsWith("https://"):process.env.NODE_ENV==="production")?"__Secure-":"",o="better-auth",s=e.session?.expiresIn||new $t(7,"d").seconds(),n=!!e.advanced?.crossSubDomainCookies?.enabled,a=n?e.advanced?.crossSubDomainCookies?.domain||(e.baseURL?new URL(e.baseURL).hostname:void 0):void 0;if(n&&!a)throw new R("baseURL is required when crossSubdomainCookies are enabled");let c=n?"none":"lax";return{sessionToken:{name:`${r}${o}.session_token`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:s,...n?{domain:a}:{}}},csrfToken:{name:`${r}${o}.csrf_token`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*60*24*7,...n?{domain:a}:{}}},state:{name:`${r}${o}.state`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*15,...n?{domain:a}:{}}},pkCodeVerifier:{name:`${r}${o}.pk_code_verifier`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*15,...n?{domain:a}:{}}},dontRememberToken:{name:`${r}${o}.dont_remember`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,...n?{domain:a}:{}}},nonce:{name:`${r}${o}.nonce`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*15,...n?{domain:a}:{}}}}}function Ce(e){let r=(e.advanced?.useSecureCookies!==void 0?e.advanced?.useSecureCookies:e.baseURL?.startsWith("https://")||process.env.NODE_ENV==="production")?"__Secure-":"",o="better-auth",s=e.advanced?.crossSubDomainCookies?.domain||(e.baseURL?new URL(e.baseURL).hostname:void 0);function n(a,c){let i=e.advanced?.crossSubDomainCookies?.enabled?e.advanced.crossSubDomainCookies.additionalCookies?.includes(a):void 0;return{name:process.env.NODE_ENV==="production"?`${r}${o}.${a}`:`${o}.${a}`,options:{secure:!!r,sameSite:"lax",path:"/",maxAge:60*15,...c,...i?{domain:s}:{}}}}return n}async function P(e,t,r,o){let s=e.context.authCookies.sessionToken.options;s.maxAge=r?void 0:e.context.sessionConfig.expiresIn,await e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,{...s,...o}),r&&await e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options)}function H(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}function po(e){let t=new Map;return e.split(", ").forEach(o=>{let[s,...n]=o.split("; "),[a,c]=s.split("="),i={value:c};n.forEach(d=>{let[l,p]=d.split("=");i[l.toLowerCase()]=p||!0}),t.set(a,i)}),t}function fo(e){let t=e.split("; "),r=new Map;return t.forEach(o=>{let[s,n]=o.split("=");r.set(s,n)}),r}import{APIError as Be}from"better-call";import{createConsola as jt}from"consola";var F=jt({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),ie=e=>({log:(...t)=>{!e?.disabled&&F.log("",...t)},error:(...t)=>{!e?.disabled&&F.error("",...t)},warn:(...t)=>{!e?.disabled&&F.warn("",...t)},info:(...t)=>{!e?.disabled&&F.info("",...t)},debug:(...t)=>{!e?.disabled&&F.debug("",...t)},box:(...t)=>{!e?.disabled&&F.box("",...t)},success:(...t)=>{!e?.disabled&&F.success("",...t)},break:(...t)=>{!e?.disabled&&console.log(`
|
|
2
|
+
`)}}),b=ie();var x=j(async e=>{let t=e.body?.callbackURL||e.query?.callbackURL||e.query?.redirectTo||e.body?.redirectTo,r=e.headers?.get("referer"),o=e.query?.currentURL||r||e.context.baseURL,s=e.context.trustedOrigins;if(t?.includes("http")){let n=new URL(t).origin;if(!s.includes(n))throw b.error("Invalid callback URL",{callbackURL:t,trustedOrigins:s}),new Be("FORBIDDEN",{message:"Invalid callback URL"})}if(o!==e.context.baseURL){let n=new URL(o).origin;if(!s.includes(n))throw b.error("Invalid current URL",{currentURL:o,trustedOrigins:s}),new Be("FORBIDDEN",{message:"Invalid callback URL"})}});import{parseJWT as Gt}from"oslo/jwt";import{sha256 as Mt}from"oslo/crypto";function zt(e){try{return new URL(e).pathname!=="/"}catch{throw new R(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function ae(e,t="/api/auth"){return zt(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function K(e,t){if(e)return ae(e,t);let r=typeof process<"u"?process.env:{},o=r.BETTER_AUTH_URL||r.NEXT_PUBLIC_BETTER_AUTH_URL||r.PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_AUTH_URL||(r.BASE_URL!=="/"?r.BASE_URL:void 0);if(o)return ae(o,t);if(typeof window<"u")return ae(window.location.origin,t)}import{base64url as Ht}from"oslo/encoding";async function De(e){let t=await Mt(new TextEncoder().encode(e));return Ht.encode(new Uint8Array(t),{includePadding:!1})}function Ne(e){return{tokenType:e.token_type,accessToken:e.access_token,refreshToken:e.refresh_token,accessTokenExpiresAt:e.expires_at?new Date((Date.now()+e.expires_in)*1e3):void 0,scopes:e?.scope?typeof e.scope=="string"?e.scope.split(" "):e.scope:[],idToken:e.id_token}}async function T({id:e,options:t,authorizationEndpoint:r,state:o,codeVerifier:s,scopes:n,claims:a,disablePkce:c,redirectURI:i}){let d=new URL(r);if(d.searchParams.set("response_type","code"),d.searchParams.set("client_id",t.clientId),d.searchParams.set("state",o),d.searchParams.set("scope",n.join(" ")),d.searchParams.set("redirect_uri",t.redirectURI||i),!c&&s){let l=await De(s);d.searchParams.set("code_challenge_method","S256"),d.searchParams.set("code_challenge",l)}if(a){let l=a.reduce((p,u)=>(p[u]=null,p),{});d.searchParams.set("claims",JSON.stringify({id_token:{email:null,email_verified:null,...l}}))}return d}import{betterFetch as Kt}from"@better-fetch/fetch";async function A({code:e,codeVerifier:t,redirectURI:r,options:o,tokenEndpoint:s}){let n=new URLSearchParams;n.set("grant_type","authorization_code"),n.set("code",e),t&&n.set("code_verifier",t),n.set("redirect_uri",r),n.set("client_id",o.clientId),n.set("client_secret",o.clientSecret);let{data:a,error:c}=await Kt(s,{method:"POST",body:n,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(c)throw c;return Ne(a)}function de(e){let t=e.accessToken,r=e.refreshToken,o;try{o=e.accessTokenExpiresAt}catch{}return{accessToken:t,refreshToken:r,expiresAt:o}}var Fe=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:r,scopes:o,redirectURI:s}){let n=e.scope||o||["email","name","openid"];return new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${s||e.redirectURI}&scope=${n.join(" ")}&state=${r}`)},validateAuthorizationCode:async({code:r,codeVerifier:o,redirectURI:s})=>A({code:r,codeVerifier:o,redirectURI:e.redirectURI||s,options:e,tokenEndpoint:t}),async getUserInfo(r){if(!r.idToken)return null;let o=Gt(r.idToken)?.payload;return o?{user:{id:o.sub,name:o.name,email:o.email,emailVerified:o.email_verified==="true"},data:o}:null}}};import{betterFetch as Qt}from"@better-fetch/fetch";var qe=e=>({id:"discord",name:"Discord",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let s=e.scope||r||["identify","email"];return new URL(`https://discord.com/api/oauth2/authorize?scope=${s.join("+")}&response_type=code&client_id=${e.clientId}&redirect_uri=${encodeURIComponent(e.redirectURI||o)}&state=${t}`)},validateAuthorizationCode:async({code:t,redirectURI:r})=>A({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await Qt("https://discord.com/api/users/@me",{headers:{authorization:`Bearer ${t.accessToken}`}});if(o)return null;if(r.avatar===null){let s=r.discriminator==="0"?Number(BigInt(r.id)>>BigInt(22))%6:parseInt(r.discriminator)%5;r.image_url=`https://cdn.discordapp.com/embed/avatars/${s}.png`}else{let s=r.avatar.startsWith("a_")?"gif":"png";r.image_url=`https://cdn.discordapp.com/avatars/${r.id}/${r.avatar}.${s}`}return{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified,image:r.image_url},data:r}}});import{betterFetch as Wt}from"@better-fetch/fetch";var Ve=e=>({id:"facebook",name:"Facebook",async createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let s=e.scope||r||["email","public_profile"];return await T({id:"facebook",options:e,authorizationEndpoint:"https://www.facebook.com/v21.0/dialog/oauth",scopes:s,state:t,redirectURI:o})},validateAuthorizationCode:async({code:t,redirectURI:r})=>A({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://graph.facebook.com/oauth/access_token"}),async getUserInfo(t){let{data:r,error:o}=await Wt("https://graph.facebook.com/me?fields=id,name,email,picture",{auth:{type:"Bearer",token:t.accessToken}});return o?null:{user:{id:r.id,name:r.name,email:r.email,emailVerified:r.email_verified},data:r}}});import{betterFetch as $e}from"@better-fetch/fetch";var je=e=>{let t="https://github.com/login/oauth/access_token";return{id:"github",name:"Github",createAuthorizationURL({state:r,scopes:o,codeVerifier:s,redirectURI:n}){let a=e.scope||o||["user:email"];return T({id:"github",options:e,authorizationEndpoint:"https://github.com/login/oauth/authorize",scopes:a,state:r,redirectURI:n,codeVerifier:s})},validateAuthorizationCode:async({code:r,redirectURI:o})=>A({code:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:t}),async getUserInfo(r){let{data:o,error:s}=await $e("https://api.github.com/user",{headers:{"User-Agent":"better-auth",authorization:`Bearer ${r.accessToken}`}});if(s)return null;let n=!1;if(!o.email){let{data:a,error:c}=await $e("https://api.github.com/user/emails",{headers:{authorization:`Bearer ${r.accessToken}`,"User-Agent":"better-auth"}});c||(o.email=(a.find(i=>i.primary)??a[0])?.email,n=a.find(i=>i.email===o.email)?.verified??!1)}return{user:{id:o.id.toString(),name:o.name||o.login,email:o.email,image:o.avatar_url,emailVerified:n},data:o}}}};import{parseJWT as Zt}from"oslo/jwt";var ze=e=>({id:"google",name:"Google",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:s}){if(!e.clientId||!e.clientSecret)throw b.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new R("CLIENT_ID_AND_SECRET_REQUIRED");if(!o)throw new R("codeVerifier is required for Google");let n=e.scope||r||["email","profile"];return T({id:"google",options:e,authorizationEndpoint:"https://accounts.google.com/o/oauth2/auth",scopes:n,state:t,codeVerifier:o,redirectURI:s})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>A({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"}),async getUserInfo(t){if(!t.idToken)return null;let r=Zt(t.idToken)?.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}}});import{betterFetch as Jt}from"@better-fetch/fetch";import{parseJWT as Xt}from"oslo/jwt";var Me=e=>{let t=e.tenantId||"common",r=`https://login.microsoftonline.com/${t}/oauth2/v2.0/authorize`,o=`https://login.microsoftonline.com/${t}/oauth2/v2.0/token`;return{id:"microsoft",name:"Microsoft EntraID",createAuthorizationURL(s){let n=e.scope||s.scopes||["openid","profile","email","User.Read"];return T({id:"microsoft",options:e,authorizationEndpoint:r,state:s.state,codeVerifier:s.codeVerifier,scopes:n,redirectURI:s.redirectURI})},validateAuthorizationCode({code:s,codeVerifier:n,redirectURI:a}){return A({code:s,codeVerifier:n,redirectURI:e.redirectURI||a,options:e,tokenEndpoint:o})},async getUserInfo(s){if(!s.idToken)return null;let n=Xt(s.idToken)?.payload,a=e.profilePhotoSize||48;return await Jt(`https://graph.microsoft.com/v1.0/me/photos/${a}x${a}/$value`,{headers:{Authorization:`Bearer ${s.accessToken}`},async onResponse(c){if(!(e.disableProfilePhoto||!c.response.ok))try{let d=await c.response.clone().arrayBuffer(),l=Buffer.from(d).toString("base64");n.picture=`data:image/jpeg;base64, ${l}`}catch(i){b.error(i)}}}),{user:{id:n.sub,name:n.name,email:n.email,image:n.picture,emailVerified:!0},data:n}}}};import{betterFetch as Yt}from"@better-fetch/fetch";var He=e=>({id:"spotify",name:"Spotify",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:s}){let n=e.scope||r||["user-read-email"];return T({id:"spotify",options:e,authorizationEndpoint:"https://accounts.spotify.com/authorize",scopes:n,state:t,codeVerifier:o,redirectURI:s})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>A({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"}),async getUserInfo(t){let{data:r,error:o}=await Yt("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o?null:{user:{id:r.id,name:r.display_name,email:r.email,image:r.images[0]?.url,emailVerified:!1},data:r}}});import"@better-fetch/fetch";function fn(e){return e.charAt(0).toUpperCase()+e.slice(1)}var N={isAction:!1};import{nanoid as er}from"nanoid";var I=e=>er(e);import{parseJWT as tr}from"oslo/jwt";var Ke=e=>({id:"twitch",name:"Twitch",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let s=e.scope||r||["user:read:email","openid"];return T({id:"twitch",redirectURI:o,options:e,authorizationEndpoint:"https://id.twitch.tv/oauth2/authorize",scopes:s,state:t,claims:e.claims||["email","email_verified","preferred_username","picture"]})},validateAuthorizationCode:async({code:t,redirectURI:r})=>A({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let r=t.idToken;if(!r)return b.error("No idToken found in token"),null;let o=tr(r)?.payload;return{user:{id:o.sub,name:o.preferred_username,email:o.email,image:o.picture,emailVerified:!1},data:o}}});import{betterFetch as rr}from"@better-fetch/fetch";var Ge=e=>({id:"twitter",name:"Twitter",createAuthorizationURL(t){let r=e.scope||t.scopes||["account_info.read"];return T({id:"twitter",options:e,authorizationEndpoint:"https://twitter.com/i/oauth2/authorize",scopes:r,state:t.state,codeVerifier:t.codeVerifier,redirectURI:t.redirectURI})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>A({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await rr("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}}});var ce={apple:Fe,discord:qe,facebook:Ve,github:je,microsoft:Me,google:ze,spotify:He,twitch:Ke,twitter:Ge},Qe=Object.keys(ce);import{TimeSpan as or}from"oslo";import{createJWT as nr,validateJWT as sr}from"oslo/jwt";import{z as S}from"zod";import{APIError as z}from"better-call";import{APIError as G}from"better-call";var q=(e,t="ms")=>new Date(Date.now()+(t==="sec"?e*1e3:e));import{z as We}from"zod";var le=()=>h("/session",{method:"GET",requireHeaders:!0},async e=>{try{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let r=await e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return H(e),r&&await e.context.internalAdapter.deleteSession(r.session.id),e.json(null,{status:401});if(await e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let s=e.context.sessionConfig.expiresIn,n=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-s*1e3+n*1e3<=Date.now()){let i=await e.context.internalAdapter.updateSession(r.session.id,{expiresAt:q(e.context.sessionConfig.expiresIn,"sec")});if(!i)return H(e),e.json(null,{status:401});let d=(i.expiresAt.valueOf()-Date.now())/1e3;return await P(e,i.id,!1,{maxAge:d}),e.json({session:i,user:r.user})}return e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}}),ue=async e=>await le()({...e,_flag:"json",headers:e.headers}),C=j(async e=>{let t=await ue(e);if(!t?.session)throw new G("UNAUTHORIZED");return{session:t}}),Ze=()=>h("/user/list-sessions",{method:"GET",use:[C],requireHeaders:!0},async e=>{let r=(await e.context.internalAdapter.listSessions(e.context.session.user.id)).filter(o=>o.expiresAt>new Date);return e.json(r)}),Je=h("/user/revoke-session",{method:"POST",body:We.object({id:We.string()}),use:[C],requireHeaders:!0},async e=>{let t=e.body.id,r=await e.context.internalAdapter.findSession(t);if(!r)throw new G("BAD_REQUEST",{message:"Session not found"});if(r.session.userId!==e.context.session.user.id)throw new G("UNAUTHORIZED");try{await e.context.internalAdapter.deleteSession(t)}catch(o){throw e.context.logger.error(o),new G("INTERNAL_SERVER_ERROR")}return e.json({status:!0})}),Xe=h("/user/revoke-sessions",{method:"POST",use:[C],requireHeaders:!0},async e=>{try{await e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){throw e.context.logger.error(t),new G("INTERNAL_SERVER_ERROR")}return e.json({status:!0})});async function B(e,t,r){return await nr("HS256",Buffer.from(e),{email:t.toLowerCase(),updateTo:r},{expiresIn:new or(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})}var Ye=h("/send-verification-email",{method:"POST",query:S.object({currentURL:S.string().optional()}).optional(),body:S.object({email:S.string().email(),callbackURL:S.string().optional()}),use:[x]},async e=>{if(!e.context.options.emailVerification?.sendVerificationEmail)throw e.context.logger.error("Verification email isn't enabled."),new z("BAD_REQUEST",{message:"Verification email isn't enabled"});let{email:t}=e.body,r=await e.context.internalAdapter.findUserByEmail(t);if(!r)throw new z("BAD_REQUEST",{message:"User not found"});let o=await B(e.context.secret,t),s=`${e.context.baseURL}/verify-email?token=${o}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.emailVerification.sendVerificationEmail(r.user,s,o),e.json({status:!0})}),et=h("/verify-email",{method:"GET",query:S.object({token:S.string(),callbackURL:S.string().optional()}),use:[x]},async e=>{let{token:t}=e.query,r;try{r=await sr("HS256",Buffer.from(e.context.secret),t)}catch(a){throw e.context.logger.error("Failed to verify email",a),new z("BAD_REQUEST",{message:"Invalid token"})}let s=S.object({email:S.string().email(),updateTo:S.string().optional()}).parse(r.payload);if(!await e.context.internalAdapter.findUserByEmail(s.email))throw new z("BAD_REQUEST",{message:"User not found"});if(s.updateTo){let a=await ue(e);if(!a)throw e.query.callbackURL?e.redirect(`${e.query.callbackURL}?error=unauthorized`):new z("UNAUTHORIZED",{message:"Session not found"});if(a.user.email!==s.email)throw e.query.callbackURL?e.redirect(`${e.query.callbackURL}?error=unauthorized`):new z("UNAUTHORIZED",{message:"Invalid session"});let c=await e.context.internalAdapter.updateUserByEmail(s.email,{email:s.updateTo});if(await e.context.options.emailVerification?.sendVerificationEmail?.(c,`${e.context.baseURL}/verify-email?token=${t}`,t),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({user:c,status:!0})}if(await e.context.internalAdapter.updateUserByEmail(s.email,{emailVerified:!0}),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({user:null,status:!0})});var tt=h("/sign-in/social",{method:"POST",requireHeaders:!0,query:O.object({currentURL:O.string().optional()}).optional(),body:O.object({callbackURL:O.string().optional(),provider:O.enum(Qe)}),use:[x]},async e=>{let t=e.context.socialProviders.find(i=>i.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider in your auth config",{provider:e.body.provider}),new L("NOT_FOUND",{message:"Provider not found"});let r=e.context.authCookies,o=e.query?.currentURL?new URL(e.query?.currentURL):null,s=e.body.callbackURL?.startsWith("http")?e.body.callbackURL:`${o?.origin}${e.body.callbackURL||""}`,n=await Pe(s||o?.origin||e.context.options.baseURL);await e.setSignedCookie(r.state.name,n.hash,e.context.secret,r.state.options);let a=ir();await e.setSignedCookie(r.pkCodeVerifier.name,a,e.context.secret,r.pkCodeVerifier.options);let c=await t.createAuthorizationURL({state:n.raw,codeVerifier:a,redirectURI:`${e.context.baseURL}/callback/${t.id}`});return e.json({url:c.toString(),state:n,codeVerifier:a,redirect:!0})}),rt=h("/sign-in/email",{method:"POST",body:O.object({email:O.string().email(),password:O.string(),callbackURL:O.string().optional(),dontRememberMe:O.boolean().default(!1).optional()}),use:[x]},async e=>{if(!e.context.options?.emailAndPassword?.enabled)throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new L("BAD_REQUEST",{message:"Email and password is not enabled"});let{email:t,password:r}=e.body;if(!O.string().email().safeParse(t).success)throw new L("BAD_REQUEST",{message:"Invalid email"});let s=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!s)throw await e.context.password.hash(r),e.context.logger.error("User not found",{email:t}),new L("UNAUTHORIZED",{message:"Invalid email or password"});if(e.context.options?.emailAndPassword?.requireEmailVerification&&!s.user.emailVerified){if(!e.context.options?.emailVerification?.sendVerificationEmail)throw b.error("Email verification is required but no email verification handler is provided"),new L("INTERNAL_SERVER_ERROR",{message:"Email is not verified."});let d=await B(e.context.secret,s.user.email),l=`${e.context.options.baseURL}/verify-email?token=${d}`;throw await e.context.options.emailVerification.sendVerificationEmail(s.user,l,d),e.context.logger.error("Email not verified",{email:t}),new L("FORBIDDEN",{message:"Email is not verified. Check your email for a verification link"})}let n=s.accounts.find(d=>d.providerId==="credential");if(!n)throw e.context.logger.error("Credential account not found",{email:t}),new L("UNAUTHORIZED",{message:"Invalid email or password"});let a=n?.password;if(!a)throw e.context.logger.error("Password not found",{email:t}),new L("UNAUTHORIZED",{message:"Unexpected error"});if(!await e.context.password.verify(a,r))throw e.context.logger.error("Invalid password"),new L("UNAUTHORIZED",{message:"Invalid email or password"});let i=await e.context.internalAdapter.createSession(s.user.id,e.headers,e.body.dontRememberMe);if(!i)throw e.context.logger.error("Failed to create session"),new L("UNAUTHORIZED",{message:"Failed to create session"});return await P(e,i.id,e.body.dontRememberMe),e.json({user:s.user,session:i,redirect:!!e.body.callbackURL,url:e.body.callbackURL})});import{APIError as dr}from"better-call";import{z as Y}from"zod";import{z as w}from"zod";var Ss=w.object({id:w.string(),providerId:w.string(),accountId:w.string(),userId:w.string(),accessToken:w.string().nullable().optional(),refreshToken:w.string().nullable().optional(),idToken:w.string().nullable().optional(),expiresAt:w.date().nullable().optional(),password:w.string().optional().nullable()}),ot=w.object({id:w.string(),email:w.string().transform(e=>e.toLowerCase()),emailVerified:w.boolean().default(!1),name:w.string(),image:w.string().optional(),createdAt:w.date().default(new Date),updatedAt:w.date().default(new Date)}),Os=w.object({id:w.string(),userId:w.string(),expiresAt:w.date(),ipAddress:w.string().optional(),userAgent:w.string().optional()}),Ps=w.object({id:w.string(),value:w.string(),expiresAt:w.date(),identifier:w.string()});function ar(e,t){let r=t.fields,o={};for(let s in r){if(s in e){if(r[s].input===!1){if(r[s].defaultValue){o[s]=r[s].defaultValue;continue}continue}o[s]=e[s];continue}if(r[s].defaultValue){o[s]=r[s].defaultValue;continue}}return o}function nt(e,t){let r={...e.user?.additionalFields};return ar(t||{},{fields:r})}var st=h("/callback/:id",{method:"GET",query:Y.object({state:Y.string(),code:Y.string().optional(),error:Y.string().optional()}),metadata:N},async e=>{if(e.query.error||!e.query.code){let g=se(e.query.state).data?.callbackURL||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${g}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(m=>m.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let r=se(e.query.state);if(!r.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let{data:{callbackURL:o,currentURL:s}}=r,n=await e.getSignedCookie(e.context.authCookies.state.name,e.context.secret);if(!n)throw b.error("No stored state found"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!await Oe(e.query.state,n))throw b.error("OAuth state mismatch"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let c=await e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),i;try{i=await t.validateAuthorizationCode({code:e.query.code,codeVerifier:c,redirectURI:`${e.context.baseURL}/callback/${t.id}`})}catch(m){throw e.context.logger.error(m),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`)}let d=await t.getUserInfo(i).then(m=>m?.user),l=I(),p=ot.safeParse({...d,id:l});if(!d||p.success===!1)throw b.error("Unable to get user info",p.error),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!o)throw e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let u=await e.context.internalAdapter.findUserByEmail(d.email,{includeAccounts:!0}).catch(m=>{throw b.error(`Better auth was unable to query your database.
|
|
3
|
+
Error: `,m),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)}),f=u?.user.id;if(u){let m=u.accounts.find(k=>k.providerId===t.id),g=e.context.options.account?.accountLinking?.trustedProviders,y=g?g.includes(t.id):!0;if(!m&&(!d.emailVerified||!y)){let k;try{k=new URL(s||o),k.searchParams.set("error","account_not_linked")}catch{throw e.redirect(`${e.context.baseURL}/error?error=account_not_linked`)}throw e.redirect(k.toString())}if(!m)try{await e.context.internalAdapter.linkAccount({providerId:t.id,accountId:d.id.toString(),id:`${t.id}:${d.id}`,userId:u.user.id,...de(i)})}catch(k){throw console.log(k),e.redirect(`${e.context.baseURL}/error?error=failed_linking_account`)}}else try{let m=d.emailVerified,g=await e.context.internalAdapter.createOAuthUser({...p.data,emailVerified:m},{...de(i),id:`${t.id}:${d.id}`,providerId:t.id,accountId:d.id.toString()});if(!m&&g&&e.context.options.emailVerification?.sendOnSignUp){let y=await B(e.context.secret,d.email),k=`${e.context.baseURL}/verify-email?token=${y}&callbackURL=${o}`;await e.context.options.emailVerification?.sendVerificationEmail?.(g.user,k,y)}}catch{let g=new URL(s||o);throw g.searchParams.set("error","unable_to_create_user"),e.redirect(g.toString())}if(!f&&!l)throw new dr("INTERNAL_SERVER_ERROR",{message:"Unable to create user"});try{let m=await e.context.internalAdapter.createSession(f||l,e.request);if(!m){let g=new URL(s||o);throw g.searchParams.set("error","unable_to_create_session"),e.redirect(g.toString())}try{await P(e,m.id)}catch(g){e.context.logger.error("Unable to set session cookie",g);let y=new URL(s||o);throw y.searchParams.set("error","unable_to_create_session"),e.redirect(y.toString())}}catch{let m=new URL(s||o||"");throw m.searchParams.set("error","unable_to_create_session"),e.redirect(m.toString())}throw e.redirect(o)});import"zod";import{APIError as cr}from"better-call";var it=h("/sign-out",{method:"POST"},async e=>{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)throw new cr("BAD_REQUEST",{message:"Session not found"});return await e.context.internalAdapter.deleteSession(t),H(e),e.json({success:!0})});import{z as _}from"zod";import{APIError as ee}from"better-call";var at=h("/forget-password",{method:"POST",body:_.object({email:_.string().email(),redirectTo:_.string()}),use:[x]},async e=>{if(!e.context.options.emailAndPassword?.sendResetPassword)throw e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function in your auth config!"),new ee("BAD_REQUEST",{message:"Reset password isn't enabled"});let{email:t,redirectTo:r}=e.body,o=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!o)return e.context.logger.error("Reset Password: User not found",{email:t}),e.json({status:!1},{body:{status:!0}});let s=60*60*1,n=new Date(Date.now()+1e3*(e.context.options.emailAndPassword.resetPasswordTokenExpiresIn||s)),a=e.context.uuid();await e.context.internalAdapter.createVerificationValue({value:o.user.id,identifier:`reset-password:${a}`,expiresAt:n});let c=`${e.context.baseURL}/reset-password/${a}?callbackURL=${r}`;return await e.context.options.emailAndPassword.sendResetPassword(o.user,c),e.json({status:!0})}),dt=h("/reset-password/:token",{method:"GET",query:_.object({callbackURL:_.string()}),use:[x]},async e=>{let{token:t}=e.params,r=e.query.callbackURL,o=r.startsWith("http")?r:`${e.context.options.baseURL}${r}`;if(!t||!r)throw e.redirect(`${e.context.baseURL}/error?error=INVALID_TOKEN`);let s=await e.context.internalAdapter.findVerificationValue(`reset-password:${t}`);throw!s||s.expiresAt<new Date?e.redirect(`${o}?error=INVALID_TOKEN`):e.redirect(`${o}?token=${t}`)}),ct=h("/reset-password",{query:_.optional(_.object({token:_.string()})),method:"POST",body:_.object({newPassword:_.string()})},async e=>{let t=e.query?.token;if(!t)throw new ee("BAD_REQUEST",{message:"Token not found"});let{newPassword:r}=e.body,o=`reset-password:${t}`,s=await e.context.internalAdapter.findVerificationValue(o);if(!s||s.expiresAt<new Date)throw new ee("BAD_REQUEST",{message:"Invalid token"});await e.context.internalAdapter.deleteVerificationValue(s.id);let n=s.value,a=await e.context.password.hash(r);if(!(await e.context.internalAdapter.findAccounts(n)).find(l=>l.providerId==="credential"))return await e.context.internalAdapter.createAccount({userId:n,providerId:"credential",password:a,accountId:e.context.uuid()}),e.json({status:!0});if(!await e.context.internalAdapter.updatePassword(n,a))throw new ee("BAD_REQUEST",{message:"Failed to update password"});return e.json({status:!0})});import{z as U}from"zod";import{APIError as E}from"better-call";var lt=h("/user/update",{method:"POST",body:U.object({name:U.string().optional(),image:U.string().optional()}),use:[C,x]},async e=>{let{name:t,image:r}=e.body,o=e.context.session;if(!r&&!t)return e.json({user:o.user});let s=await e.context.internalAdapter.updateUserByEmail(o.user.email,{name:t,image:r});return e.json({user:s})}),ut=h("/user/change-password",{method:"POST",body:U.object({newPassword:U.string(),currentPassword:U.string(),revokeOtherSessions:U.boolean().optional()}),use:[C]},async e=>{let{newPassword:t,currentPassword:r,revokeOtherSessions:o}=e.body,s=e.context.session,n=e.context.password.config.minPasswordLength;if(t.length<n)throw e.context.logger.error("Password is too short"),new E("BAD_REQUEST",{message:"Password is too short"});let a=e.context.password.config.maxPasswordLength;if(t.length>a)throw e.context.logger.error("Password is too long"),new E("BAD_REQUEST",{message:"Password too long"});let i=(await e.context.internalAdapter.findAccounts(s.user.id)).find(p=>p.providerId==="credential"&&p.password);if(!i||!i.password)throw new E("BAD_REQUEST",{message:"User does not have a password"});let d=await e.context.password.hash(t);if(!await e.context.password.verify(i.password,r))throw new E("BAD_REQUEST",{message:"Incorrect password"});if(await e.context.internalAdapter.updateAccount(i.id,{password:d}),o){await e.context.internalAdapter.deleteSessions(s.user.id);let p=await e.context.internalAdapter.createSession(s.user.id,e.headers);if(!p)throw new E("INTERNAL_SERVER_ERROR",{message:"Unable to create session"});await P(e,p.id)}return e.json(s.user)}),pt=h("/user/set-password",{method:"POST",body:U.object({newPassword:U.string()}),use:[C]},async e=>{let{newPassword:t}=e.body,r=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)throw e.context.logger.error("Password is too short"),new E("BAD_REQUEST",{message:"Password is too short"});let s=e.context.password.config.maxPasswordLength;if(t.length>s)throw e.context.logger.error("Password is too long"),new E("BAD_REQUEST",{message:"Password too long"});let a=(await e.context.internalAdapter.findAccounts(r.user.id)).find(i=>i.providerId==="credential"&&i.password),c=await e.context.password.hash(t);if(!a)return await e.context.internalAdapter.linkAccount({userId:r.user.id,providerId:"credential",accountId:r.user.id,password:c}),e.json(r.user);throw new E("BAD_REQUEST",{message:"user already has a password"})}),ft=h("/user/delete",{method:"POST",body:U.object({password:U.string()}),use:[C]},async e=>{let{password:t}=e.body,r=e.context.session,s=(await e.context.internalAdapter.findAccounts(r.user.id)).find(a=>a.providerId==="credential"&&a.password);if(!s||!s.password)throw new E("BAD_REQUEST",{message:"User does not have a password"});if(!await e.context.password.verify(s.password,t))throw new E("BAD_REQUEST",{message:"Incorrect password"});return await e.context.internalAdapter.deleteUser(r.user.id),await e.context.internalAdapter.deleteSessions(r.user.id),e.json(null)}),mt=h("/user/change-email",{method:"POST",query:U.object({currentURL:U.string().optional()}).optional(),body:U.object({newEmail:U.string().email(),callbackURL:U.string().optional()}),use:[C,x]},async e=>{if(e.context.options.user?.changeEmail?.disable===!0)throw e.context.logger.error("Change email is disabled."),new E("BAD_REQUEST",{message:"Change email is disabled"});if(e.body.newEmail===e.context.session.user.email)throw e.context.logger.error("Email is the same"),new E("BAD_REQUEST",{message:"Email is the same"});if(await e.context.internalAdapter.findUserByEmail(e.body.newEmail))throw e.context.logger.error("Email already exists"),new E("BAD_REQUEST",{message:"Couldn't update your email"});if(e.context.options.user?.changeEmail?.sendVerificationEmail===!1||e.context.session.user.emailVerified!==!0){let s=await e.context.internalAdapter.updateUserByEmail(e.context.session.user.email,{email:e.body.newEmail});return e.json({user:s,status:!0})}if(!e.context.options.emailVerification?.sendVerificationEmail)throw e.context.logger.error("Verification email isn't enabled."),new E("BAD_REQUEST",{message:"Verification email isn't enabled"});let r=await B(e.context.secret,e.context.session.user.email,e.body.newEmail),o=`${e.context.baseURL}/verify-email?token=${r}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.emailVerification.sendVerificationEmail(e.context.session.user,o,r),e.json({user:null,status:!0})});var gt=h("/csrf",{method:"GET",metadata:N},async e=>{let t=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t){let[n,a]=t.split("!")||[null,null];return e.json({csrfToken:n})}let r=ke(32,Ue("a-z","0-9","A-Z")),o=await J(e.context.secret,r),s=`${r}!${o}`;return await e.setSignedCookie(e.context.authCookies.csrfToken.name,s,e.context.secret,e.context.authCookies.csrfToken.options),e.json({csrfToken:r})});var lr=(e="Unknown")=>`<!DOCTYPE html>
|
|
4
4
|
<html lang="en">
|
|
5
5
|
<head>
|
|
6
6
|
<meta charset="UTF-8">
|
|
@@ -80,4 +80,4 @@ Error: `,m),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)
|
|
|
80
80
|
<div class="error-code">Error Code: <span id="errorCode">${e}</span></div>
|
|
81
81
|
</div>
|
|
82
82
|
</body>
|
|
83
|
-
</html>`,ht=h("/error",{method:"GET",metadata:N},async e=>{let t=new URL(e.request?.url||"").searchParams.get("error")||"Unknown";return new Response(lr(t),{headers:{"Content-Type":"text/html"}})});var yt=h("/ok",{method:"GET",metadata:N},async e=>e.json({ok:!0}));import{z as M}from"zod";import{APIError as V}from"better-call";var wt=()=>h("/sign-up/email",{method:"POST",query:M.object({currentURL:M.string().optional()}).optional(),body:M.record(M.string(),M.any()),use:[x]},async e=>{if(!e.context.options.emailAndPassword?.enabled)throw new V("BAD_REQUEST",{message:"Email and password sign up is not enabled"});let t=e.body,{name:r,email:o,password:s,image:n,callbackURL:a,...l}=t;if(!M.string().email().safeParse(o).success)throw new V("BAD_REQUEST",{message:"Invalid email"});let d=e.context.password.config.minPasswordLength;if(s.length<d)throw e.context.logger.error("Password is too short"),new V("BAD_REQUEST",{message:"Password is too short"});let c=e.context.password.config.maxPasswordLength;if(s.length>c)throw e.context.logger.error("Password is too long"),new V("BAD_REQUEST",{message:"Password is too long"});if((await e.context.internalAdapter.findUserByEmail(o))?.user)throw e.context.logger.info(`Sign-up attempt for existing email: ${o}`),new V("UNPROCESSABLE_ENTITY",{message:"Failed to create user"});let u=nt(e.context.options,l),f=await e.context.internalAdapter.createUser({email:o.toLowerCase(),name:r,image:n,...u,emailVerified:!1});if(!f)throw new V("BAD_REQUEST",{message:"Failed to create user"});let m=await e.context.password.hash(s);if(await e.context.internalAdapter.linkAccount({userId:f.id,providerId:"credential",accountId:f.id,password:m,expiresAt:q(60*60*24*30,"sec")}),e.context.options.emailVerification?.sendOnSignUp){let y=await B(e.context.secret,f.email),k=`${e.context.baseURL}/verify-email?token=${y}&callbackURL=${t.callbackURL||e.query?.currentURL||"/"}`;await e.context.options.emailVerification?.sendVerificationEmail?.(f,k,y)}if(!e.context.options.emailAndPassword.autoSignIn)return e.json({user:f,session:null},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:f,session:null}});let g=await e.context.internalAdapter.createSession(f.id,e.request);if(!g)throw new V("BAD_REQUEST",{message:"Failed to create session"});return await P(e,g.id),e.json({user:f,session:g},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:f,session:g}})});function ee(e){let t="127.0.0.1";if(process.env.NODE_ENV==="test")return t;let r=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"],o=e instanceof Request?e.headers:e;for(let s of r){let n=o.get(s);if(typeof n=="string"){let a=n.split(",")[0].trim();if(a)return a}}return null}function ur(e,t,r){let o=Date.now(),s=t*1e3;return o-r.lastRequest<s&&r.count>=e}function pr(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function fr(e,t){let r=Date.now(),o=t*1e3;return Math.ceil((e+o-r)/1e3)}function mr(e,t){let r=t??"rateLimit",o=e.adapter;return{get:async s=>await o.findOne({model:r,where:[{field:"key",value:s}]}),set:async(s,n,a)=>{try{a?await o.update({model:t??"rateLimit",where:[{field:"key",value:s}],update:{count:n.count,lastRequest:n.lastRequest}}):await o.create({model:t??"rateLimit",data:{key:s,count:n.count,lastRequest:n.lastRequest}})}catch(l){b.error("Error setting rate limit",l)}}}}var bt=new Map;function gr(e){return e.rateLimit.storage==="secondary-storage"?{get:async r=>{let o=await e.options.secondaryStorage?.get(r);return o?JSON.parse(o):void 0},set:async(r,o)=>{await e.options.secondaryStorage?.set?.(r,JSON.stringify(o))}}:e.rateLimit.storage==="memory"?{async get(r){return bt.get(r)},async set(r,o,s){bt.set(r,o)}}:mr(e,e.rateLimit.tableName)}async function At(e,t){if(!t.rateLimit.enabled)return;let r=t.baseURL,o=e.url.replace(r,""),s=t.rateLimit.window,n=t.rateLimit.max,a=ee(e)+o,i=hr().find(u=>u.pathMatcher(o));i&&(s=i.window,n=i.max);for(let u of t.options.plugins||[])if(u.rateLimit){let f=u.rateLimit.find(m=>m.pathMatcher(o));if(f){s=f.window,n=f.max;break}}if(t.rateLimit.customRules){let u=t.rateLimit.customRules[o];u&&(s=u.window,n=u.max)}let d=gr(t),c=await d.get(a),p=Date.now();if(!c)await d.set(a,{key:a,count:1,lastRequest:p});else{let u=p-c.lastRequest;if(ur(n,s,c)){let f=fr(c.lastRequest,s);return pr(f)}else u>s*1e3?await d.set(a,{...c,count:1,lastRequest:p}):await d.set(a,{...c,count:c.count+1,lastRequest:p})}}function hr(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:7}]}import{APIError as wa}from"better-call";function pe(e,t){let r=t.plugins?.reduce((l,i)=>({...l,...i.endpoints}),{}),o=t.plugins?.map(l=>l.middlewares?.map(i=>{let d=async c=>i.middleware({...c,context:{...e,...c.context}});return d.path=i.path,d.options=i.middleware.options,d.headers=i.middleware.headers,{path:i.path,middleware:d}})).filter(l=>l!==void 0).flat()||[],n={...{signInOAuth:tt,callbackOAuth:st,getCSRFToken:gt,getSession:le(),signOut:it,signUpEmail:wt(),signInEmail:rt,forgetPassword:at,resetPassword:ct,verifyEmail:et,sendVerificationEmail:Ye,changeEmail:mt,changePassword:ut,setPassword:pt,updateUser:lt,deleteUser:ft,forgetPasswordCallback:dt,listSessions:Ze(),revokeSession:Je,revokeSessions:Xe},...r,ok:yt,error:ht},a={};for(let[l,i]of Object.entries(n))a[l]=async(d={})=>{let c=await e;for(let f of t.plugins||[])if(f.hooks?.before){for(let m of f.hooks.before)if(m.matcher({...i,...d,context:c})){let y=await m.handler({...d,context:{...c,...d?.context}});y&&"context"in y&&(c={...c,...y.context})}}let p;try{p=await i({...d,context:{...c,...d.context}})}catch(f){if(f instanceof Rt){let m=t.plugins?.map(y=>{if(y.hooks?.after)return y.hooks.after}).filter(y=>y!==void 0).flat();if(!m?.length)throw f;let g=new Response(JSON.stringify(f.body),{status:wr[f.status],headers:f.headers});for(let y of m||[])if(y.matcher(d)){let he=Object.assign(d,{context:{...e,returned:g}}),oe=await y.handler(he);oe&&"response"in oe&&(g=oe.response)}return g}throw f}let u=p;for(let f of t.plugins||[])if(f.hooks?.after){for(let m of f.hooks.after)if(m.matcher(d)){let y=Object.assign(d,{context:{...e,returned:u}}),k=await m.handler(y);k&&"response"in k&&(u=k.response)}}return u},a[l].path=i.path,a[l].method=i.method,a[l].options=i.options,a[l].headers=i.headers;return{api:a,middlewares:o}}var kt=(e,t)=>{let{api:r,middlewares:o}=pe(e,t),s=new URL(e.baseURL).pathname;return yr(r,{extraContext:e,basePath:s,routerMiddleware:[{path:"/**",middleware:ve},...o],async onRequest(n){for(let a of e.options.plugins||[])if(a.onRequest){let l=await a.onRequest(n,e);if(l)return l}return At(n,e)},async onResponse(n){for(let a of e.options.plugins||[])if(a.onResponse){let l=await a.onResponse(n,e);if(l)return l.response}return n},onError(n){if(t.onAPIError?.throw)throw n;if(t.onAPIError?.onError){t.onAPIError.onError(n,e);return}let a=t.logger?.verboseLogging?b:void 0;t.logger?.disabled!==!0&&(n instanceof Rt?(n.status==="INTERNAL_SERVER_ERROR"&&b.error(n),a?.error(n.message)):b?.error(n))}})};var D=e=>{let t=e.plugins?.reduce((i,d)=>{let c=d.schema;if(!c)return i;for(let[p,u]of Object.entries(c))i[p]={fields:{...i[p]?.fields,...u.fields},tableName:u.tableName||p};return i},{}),r=e.rateLimit?.storage==="database",o={rateLimit:{tableName:e.rateLimit?.tableName||"rateLimit",fields:{key:{type:"string",fieldName:e.rateLimit?.fields?.key||"key"},count:{type:"number",fieldName:e.rateLimit?.fields?.count||"count"},lastRequest:{type:"number",fieldName:e.rateLimit?.fields?.lastRequest||"lastRequest"}}}},{user:s,session:n,account:a,...l}=t||{};return{user:{tableName:e.user?.modelName||"user",fields:{name:{type:"string",required:!0,fieldName:e.user?.fields?.name||"name"},email:{type:"string",unique:!0,required:!0,fieldName:e.user?.fields?.email||"email"},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0,fieldName:e.user?.fields?.emailVerified||"emailVerified"},image:{type:"string",required:!1,fieldName:e.user?.fields?.image||"image"},createdAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.createdAt||"createdAt"},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.updatedAt||"updatedAt"},...s?.fields,...e.user?.additionalFields},order:1},session:{tableName:e.session?.modelName||"session",fields:{expiresAt:{type:"date",required:!0,fieldName:e.session?.fields?.expiresAt||"expiresAt"},ipAddress:{type:"string",required:!1,fieldName:e.session?.fields?.ipAddress||"ipAddress"},userAgent:{type:"string",required:!1,fieldName:e.session?.fields?.userAgent||"userAgent"},userId:{type:"string",fieldName:e.session?.fields?.userId||"userId",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0},...n?.fields,...e.session?.additionalFields},order:2},account:{tableName:e.account?.modelName||"account",fields:{accountId:{type:"string",required:!0,fieldName:e.account?.fields?.accountId||"accountId"},providerId:{type:"string",required:!0,fieldName:e.account?.fields?.providerId||"providerId"},userId:{type:"string",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0,fieldName:e.account?.fields?.userId||"userId"},accessToken:{type:"string",required:!1,fieldName:e.account?.fields?.accessToken||"accessToken"},refreshToken:{type:"string",required:!1,fieldName:e.account?.fields?.refreshToken||"refreshToken"},idToken:{type:"string",required:!1,fieldName:e.account?.fields?.idToken||"idToken"},expiresAt:{type:"date",required:!1,fieldName:e.account?.fields?.expiresAt||"expiresAt"},password:{type:"string",required:!1,fieldName:e.account?.fields?.password||"password"},...a?.fields},order:3},verification:{tableName:e.verification?.modelName||"verification",fields:{identifier:{type:"string",required:!0,fieldName:e.verification?.fields?.identifier||"identifier"},value:{type:"string",required:!0,fieldName:e.verification?.fields?.value||"value"},expiresAt:{type:"date",required:!0,fieldName:e.verification?.fields?.expiresAt||"expiresAt"}},order:4},...l,...r?o:{}}};import{Kysely as Ut,MssqlDialect as br}from"kysely";import{MysqlDialect as xt,PostgresDialect as Tt,SqliteDialect as Et}from"kysely";function vt(e){if("dialect"in e)return vt(e.dialect);if("createDriver"in e){if(e instanceof Et)return"sqlite";if(e instanceof xt)return"mysql";if(e instanceof Tt)return"postgres";if(e instanceof br)return"mssql"}return"aggregate"in e?"sqlite":"getConnection"in e?"mysql":"connect"in e?"postgres":null}var Q=async e=>{let t=e.database;if("db"in t)return{kysely:t.db,databaseType:t.type};if("dialect"in t)return{kysely:new Ut({dialect:t.dialect}),databaseType:t.type};let r,o=vt(t);return"createDriver"in t&&(r=t),"aggregate"in t&&(r=new Et({database:t})),"getConnection"in t&&(r=new xt({pool:t})),"connect"in t&&(r=new Tt({pool:t})),{kysely:r?new Ut({dialect:r}):null,databaseType:o}};function te(e){if(!e)return{and:null,or:null};let t={and:[],or:[]};return e.forEach(r=>{let{field:o,value:s,operator:n="=",connector:a="AND"}=r,l=i=>n.toLowerCase()==="in"?i(o,"in",Array.isArray(s)?s:[s]):i(o,n,s);a==="OR"?t.or.push(l):t.and.push(l)}),{and:t.and.length?t.and:null,or:t.or.length?t.or:null}}function re(e,t,r){for(let o in e)e[o]===0&&t[o]?.type==="boolean"&&r?.boolean&&(e[o]=!1),e[o]===1&&t[o]?.type==="boolean"&&r?.boolean&&(e[o]=!0),t[o]?.type==="date"&&(e[o]instanceof Date||(e[o]=new Date(e[o])));return e}function It(e,t){for(let r in e)typeof e[r]=="boolean"&&t?.boolean&&(e[r]=e[r]?1:0),e[r]instanceof Date&&(e[r]=e[r].toISOString());return e}var St=(e,t)=>({id:"kysely",async create(r){let{model:o,data:s,select:n}=r;t?.transform&&(s=It(s,t.transform)),t?.generateId!==void 0&&(s.id=t.generateId?t.generateId():void 0);let a=await e.insertInto(o).values(s).returningAll().executeTakeFirst();if(t?.transform){let l=t.transform.schema[o];a=l?re(s,l,t.transform):a}return n?.length&&(a=a?n.reduce((i,d)=>a?.[d]?{...i,[d]:a[d]}:i,{}):null),a},async findOne(r){let{model:o,where:s,select:n}=r,{and:a,or:l}=te(s),i=e.selectFrom(o).selectAll();a&&(i=i.where(c=>c.and(a.map(p=>p(c))))),l&&(i=i.where(c=>c.or(l.map(p=>p(c)))));let d=await i.executeTakeFirst();if(n?.length&&(d=d?n.reduce((p,u)=>d?.[u]?{...p,[u]:d[u]}:p,{}):null),t?.transform){let c=t.transform.schema[o];return d=d&&c?re(d,c,t.transform):d,d||null}return d||null},async findMany(r){let{model:o,where:s,limit:n,offset:a,sortBy:l}=r,i=e.selectFrom(o),{and:d,or:c}=te(s);d&&(i=i.where(u=>u.and(d.map(f=>f(u))))),c&&(i=i.where(u=>u.or(c.map(f=>f(u))))),i=i.limit(n||100),a&&(i=i.offset(a)),l&&(i=i.orderBy(l.field,l.direction));let p=await i.selectAll().execute();if(t?.transform){let u=t.transform.schema[o];return u?p.map(f=>re(f,u,t.transform)):p}return p},async update(r){let{model:o,where:s,update:n}=r,{and:a,or:l}=te(s);t?.transform&&(n=It(n,t.transform));let i=e.updateTable(o).set(n);a&&(i=i.where(c=>c.and(a.map(p=>p(c))))),l&&(i=i.where(c=>c.or(l.map(p=>p(c)))));let d=await i.returningAll().executeTakeFirst()||null;if(t?.transform){let c=t.transform.schema[o];return c?re(d,c,t.transform):d}return d},async delete(r){let{model:o,where:s}=r,{and:n,or:a}=te(s),l=e.deleteFrom(o);n&&(l=l.where(i=>i.and(n.map(d=>d(i))))),a&&(l=l.where(i=>i.or(a.map(d=>d(i))))),await l.execute()}});async function Ot(e){if(!e.database)throw new A("Database configuration is required");if("create"in e.database)return e.database;let{kysely:t,databaseType:r}=await Q(e);if(!t)throw new A("Failed to initialize database adapter");let o=D(e),s={};for(let n of Object.values(o))s[n.tableName]=n.fields;return St(t,{transform:{schema:s,date:!0,boolean:r==="sqlite"},generateId:"generateId"in e.database?e.database.generateId:void 0})}function fe(e,t){let r={id:t.id};for(let o in e){let s=e[o],n=t[o];r[s.fieldName||o]=n}return r}function v(e,t){if(!t)return null;let r={id:t.id};for(let[o,s]of Object.entries(e))r[o]=t[s.fieldName||o];return r}function Pt(e,t){let r=t.hooks,o=D(t.options);async function s(a,l,i){let d=a,c=o[l];for(let f of r||[]){let m=f[l]?.create?.before;if(m){let g=await m(a);if(g===!1)return null;typeof g=="object"&&"data"in g&&(d=g.data)}}let p=i?await i.fn(d):null,u=!i||i.executeMainFn?await e.create({model:c.tableName,data:{id:d.id||I(),...fe(c.fields,d)}}):p;for(let f of r||[]){let m=f[l]?.create?.after;m&&await m(u)}return v(c.fields,u)}async function n(a,l,i,d){let c=a;for(let f of r||[]){let m=f[i]?.update?.before;if(m){let g=await m(a);if(g===!1)return null;c=typeof g=="object"?g.data:g}}let p=d?await d.fn(c):null,u=!d||d.executeMainFn?await e.update({model:o[i].tableName,update:fe(o[i].fields,c),where:l}):p;for(let f of r||[]){let m=f[i]?.update?.after;m&&await m(u)}return v(o[i].fields,u)}return{createWithHooks:s,updateWithHooks:n}}var me=(e,t)=>{let r=t.options,o=r.secondaryStorage,s=r.session?.expiresIn||60*60*24*7,n=D(r),{createWithHooks:a,updateWithHooks:l}=Pt(e,t);return{createOAuthUser:async(i,d)=>{try{let c=await a(i,"user");if(!c)return null;if(!c.id)throw new A("User Id not returned from database");let p=await a(d,"account");return{user:c,account:{...p,userId:c.id}}}catch(c){return console.log(c),null}},createUser:async i=>await a({id:I(),createdAt:new Date,updatedAt:new Date,emailVerified:!1,...i},"user"),createAccount:async i=>await a({id:I(),createdAt:new Date,updatedAt:new Date,...i},"account"),listSessions:async i=>await e.findMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:i}]}),listUsers:async(i,d,c,p)=>(await e.findMany({model:n.user.tableName,limit:i,offset:d,sortBy:c,where:p})).map(f=>v(n.user.fields,f)),deleteUser:async i=>{await e.delete({model:n.account.tableName,where:[{field:n.account.fields.userId.fieldName||"userId",value:i}]}),await e.delete({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:i}]}),await e.delete({model:n.user.tableName,where:[{field:"id",value:i}]})},createSession:async(i,d,c,p)=>{let u=d instanceof Request?d.headers:d,f={id:I(),userId:i,expiresAt:c?q(60*60*24,"sec"):q(s,"sec"),ipAddress:d&&ee(d)||"",userAgent:u?.get("user-agent")||"",...p};return await a(f,"session",o?{fn:async g=>{let y=await e.findOne({model:n.user.tableName,where:[{field:"id",value:i}]});return o.set(g.id,JSON.stringify({session:g,user:y}),s),g},executeMainFn:r.session?.storeSessionInDatabase}:void 0)},findSession:async i=>{if(o){let p=await o.get(i);if(p){let u=JSON.parse(p);return{session:{...u.session,expiresAt:new Date(u.session.expiresAt)},user:{...u.user,createdAt:new Date(u.user.createdAt),updatedAt:new Date(u.user.updatedAt)}}}}let d=await e.findOne({model:n.session.tableName,where:[{value:i,field:"id"}]});if(!d)return null;let c=await e.findOne({model:n.user.tableName,where:[{value:d.userId,field:"id"}]});return c?{session:v(n.session.fields,d),user:v(n.user.fields,c)}:null},findSessions:async i=>{if(o){let u=[];for(let f of i){let m=await o.get(f);if(m){let g=JSON.parse(m),y={session:{...g.session,expiresAt:new Date(g.session.expiresAt)},user:{...g.user,createdAt:new Date(g.user.createdAt),updatedAt:new Date(g.user.updatedAt)}};u.push(y)}}return u}let d=await e.findMany({model:n.session.tableName,where:[{field:"id",value:i,operator:"in"}]}),c=d.map(u=>u.userId),p=await e.findMany({model:n.user.tableName,where:[{field:"id",value:c,operator:"in"}]});return d.map(u=>{let f=p.find(m=>m.id===u.userId);return f?{session:v(n.session.fields,u),user:v(n.user.fields,f)}:null})},updateSession:async(i,d)=>await l(d,[{field:"id",value:i}],"session",o?{async fn(p){let u=await o.get(i),f=null;if(u){let m=JSON.parse(u);f={...m.session,...p},await o.set(i,JSON.stringify({session:f,user:m.user}),m.session.expiresAt?new Date(m.session.expiresAt).getTime():void 0)}else return null},executeMainFn:r.session?.storeSessionInDatabase}:void 0),deleteSession:async i=>{if(o){await o.delete(i),r.session?.storeSessionInDatabase&&await e.delete({model:n.session.tableName,where:[{field:"id",value:i}]});return}await e.delete({model:n.session.tableName,where:[{field:"id",value:i}]})},deleteSessions:async i=>{if(o){let d=await e.findMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:i}]});for(let c of d)await o.delete(c.id);r.session?.storeSessionInDatabase&&await e.delete({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:i}]});return}await e.delete({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:i}]})},findUserByEmail:async(i,d)=>{let c=await e.findOne({model:n.user.tableName,where:[{value:i.toLowerCase(),field:n.user.fields.email.fieldName||"email"}]});if(!c)return null;if(d?.includeAccounts){let p=await e.findMany({model:n.account.tableName,where:[{value:c.id,field:n.account.fields.userId.fieldName||"userId"}]});return{user:v(n.user.fields,c),accounts:p.map(u=>v(n.account.fields,u))}}return{user:v(n.user.fields,c),accounts:[]}},findUserById:async i=>await e.findOne({model:n.user.tableName,where:[{field:"id",value:i}]}),linkAccount:async i=>await a({id:I(),...i},"account"),updateUser:async(i,d)=>await l(d,[{field:"id",value:i}],"user"),updateUserByEmail:async(i,d)=>await l(d,[{field:n.user.fields.email.fieldName||"email",value:i}],"user"),updatePassword:async(i,d)=>await l({password:d},[{field:n.account.fields.userId.fieldName||"userId",value:i},{field:n.account.fields.providerId.fieldName||"providerId",value:"credential"}],"account"),findAccounts:async i=>(await e.findMany({model:n.account.tableName,where:[{field:n.account.fields.userId.fieldName||"userId",value:i}]})).map(c=>v(n.account.fields,c)),updateAccount:async(i,d)=>await l(d,[{field:"id",value:i}],"account"),createVerificationValue:async i=>await a({id:I(),...i},"verification"),findVerificationValue:async i=>{let d=await e.findOne({model:n.verification.tableName,where:[{field:n.verification.fields.identifier.fieldName||"identifier",value:i}]});return v(n.verification.fields,d)},deleteVerificationValue:async i=>{await e.delete({model:n.verification.tableName,where:[{field:"id",value:i}]})},updateVerificationValue:async(i,d)=>await l(d,[{field:"id",value:i}],"verification")}};import{z as Ha}from"zod";import"kysely";import{defu as Ar}from"defu";var ge="better-auth-secret-123456789";var Lt=async e=>{let t=await Ot(e),r=e.plugins||[],o=kr(e),{kysely:s}=await Q(e),n=K(e.baseURL,e.basePath);if(!n)throw new A("Base URL can not be empty. Please add `BETTER_AUTH_URL` in your environment variables or pass it your auth config.");let a=e.secret||process.env.BETTER_AUTH_SECRET||process.env.AUTH_SECRET||ge;if(a===ge&&process.env.NODE_ENV==="production")throw new A("You are using the default secret. Please set `BETTER_AUTH_SECRET` or `AUTH_SECRET` in your environment variables or pass `secret` in your auth config.");e={...e,secret:a,baseURL:n?new URL(n).origin:"",basePath:e.basePath||"/api/auth",plugins:r.concat(o),emailAndPassword:{...e.emailAndPassword,enabled:e.emailAndPassword?.enabled??!1,autoSignIn:!0}};let l=_e(e),i=D(e),d=Object.keys(e.socialProviders||{}).map(u=>{let f=e.socialProviders?.[u];return f.enabled===!1?null:((!f.clientId||!f.clientSecret)&&b.warn(`Social provider ${u} is missing clientId or clientSecret`),ce[u](f))}).filter(u=>u!==null),c={appName:e.appName||"Better Auth",socialProviders:d,options:e,tables:i,trustedOrigins:Ur(e),baseURL:n,sessionConfig:{updateAge:e.session?.updateAge||24*60*60,expiresIn:e.session?.expiresIn||60*60*24*7},secret:a,rateLimit:{...e.rateLimit,enabled:e.rateLimit?.enabled??process.env.NODE_ENV!=="development",window:e.rateLimit?.window||60,max:e.rateLimit?.max||100,storage:e.rateLimit?.storage||e.secondaryStorage?"secondary-storage":"memory"},authCookies:l,logger:ie({disabled:e.logger?.disabled||!1}),db:s,uuid:I,secondaryStorage:e.secondaryStorage,password:{hash:e.emailAndPassword?.password?.hash||be,verify:e.emailAndPassword?.password?.verify||Ae,config:{minPasswordLength:e.emailAndPassword?.minPasswordLength||8,maxPasswordLength:e.emailAndPassword?.maxPasswordLength||128}},adapter:t,internalAdapter:me(t,{options:e,hooks:e.databaseHooks?[e.databaseHooks]:[]}),createAuthCookie:Ce(e)},{context:p}=Rr(c);return p};function Rr(e){let t=e.options,r=t.plugins||[],o=e,s=[];for(let n of r)if(n.init){let a=n.init(e);typeof a=="object"&&(a.options&&(a.options.databaseHooks&&s.push(a.options.databaseHooks),t=Ar(t,a.options)),a.context&&(o={...o,...a.context}))}return s.push(t.databaseHooks),o.internalAdapter=me(e.adapter,{options:t,hooks:s.filter(n=>n!==void 0)}),o.options=t,{context:o}}function kr(e){let t=[];return e.advanced?.crossSubDomainCookies?.enabled,t}function Ur(e){let t=K(e.baseURL,e.basePath);if(!t)throw new A("Base URL can not be empty. Please add `BETTER_AUTH_URL` in your environment variables or pass it in your auth config.");let r=[new URL(t).origin];e.trustedOrigins&&r.push(...e.trustedOrigins);let o=process.env.BETTER_AUTH_TRUSTED_ORIGINS;return o&&r.push(...o.split(",")),r}var Sd=e=>{let t=Lt(e),{api:r}=pe(t,e);return{handler:async o=>{let s=await t,n=s.options.basePath||"/api/auth",a=new URL(o.url);if(!s.options.baseURL){let i=K(void 0,n)||`${a.origin}${n}`;s.options.baseURL=i,s.baseURL=i}if(!s.options.baseURL)return new Response("Base URL not set",{status:400});if(a.pathname===n||a.pathname===`${n}/`)return new Response("Welcome to BetterAuth",{status:200});let{handler:l}=kt(s,e);return l(o)},api:r,options:e,$Infer:{}}};export{A as BetterAuthError,N as HIDE_METADATA,Le as MissingDependencyError,Sd as betterAuth,fn as capitalizeFirstLetter,Ce as createCookieGetter,ie as createLogger,H as deleteSessionCookie,I as generateId,Pe as generateState,_e as getCookies,b as logger,fo as parseCookies,po as parseSetCookieHeader,se as parseState,P as setSessionCookie};
|
|
83
|
+
</html>`,ht=h("/error",{method:"GET",metadata:N},async e=>{let t=new URL(e.request?.url||"").searchParams.get("error")||"Unknown";return new Response(lr(t),{headers:{"Content-Type":"text/html"}})});var yt=h("/ok",{method:"GET",metadata:N},async e=>e.json({ok:!0}));import{z as M}from"zod";import{APIError as V}from"better-call";var wt=()=>h("/sign-up/email",{method:"POST",query:M.object({currentURL:M.string().optional()}).optional(),body:M.record(M.string(),M.any()),use:[x]},async e=>{if(!e.context.options.emailAndPassword?.enabled)throw new V("BAD_REQUEST",{message:"Email and password sign up is not enabled"});let t=e.body,{name:r,email:o,password:s,image:n,callbackURL:a,...c}=t;if(!M.string().email().safeParse(o).success)throw new V("BAD_REQUEST",{message:"Invalid email"});let d=e.context.password.config.minPasswordLength;if(s.length<d)throw e.context.logger.error("Password is too short"),new V("BAD_REQUEST",{message:"Password is too short"});let l=e.context.password.config.maxPasswordLength;if(s.length>l)throw e.context.logger.error("Password is too long"),new V("BAD_REQUEST",{message:"Password is too long"});if((await e.context.internalAdapter.findUserByEmail(o))?.user)throw e.context.logger.info(`Sign-up attempt for existing email: ${o}`),new V("UNPROCESSABLE_ENTITY",{message:"Failed to create user"});let u=nt(e.context.options,c),f=await e.context.internalAdapter.createUser({email:o.toLowerCase(),name:r,image:n,...u,emailVerified:!1});if(!f)throw new V("BAD_REQUEST",{message:"Failed to create user"});let m=await e.context.password.hash(s);if(await e.context.internalAdapter.linkAccount({userId:f.id,providerId:"credential",accountId:f.id,password:m,expiresAt:q(60*60*24*30,"sec")}),e.context.options.emailVerification?.sendOnSignUp){let y=await B(e.context.secret,f.email),k=`${e.context.baseURL}/verify-email?token=${y}&callbackURL=${t.callbackURL||e.query?.currentURL||"/"}`;await e.context.options.emailVerification?.sendVerificationEmail?.(f,k,y)}if(!e.context.options.emailAndPassword.autoSignIn)return e.json({user:f,session:null},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:f,session:null}});let g=await e.context.internalAdapter.createSession(f.id,e.request);if(!g)throw new V("BAD_REQUEST",{message:"Failed to create session"});return await P(e,g.id),e.json({user:f,session:g},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:f,session:g}})});function te(e){let t="127.0.0.1";if(process.env.NODE_ENV==="test")return t;let r=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"],o=e instanceof Request?e.headers:e;for(let s of r){let n=o.get(s);if(typeof n=="string"){let a=n.split(",")[0].trim();if(a)return a}}return null}function ur(e,t,r){let o=Date.now(),s=t*1e3;return o-r.lastRequest<s&&r.count>=e}function pr(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function fr(e,t){let r=Date.now(),o=t*1e3;return Math.ceil((e+o-r)/1e3)}function mr(e,t){let r=t??"rateLimit",o=e.adapter;return{get:async s=>await o.findOne({model:r,where:[{field:"key",value:s}]}),set:async(s,n,a)=>{try{a?await o.update({model:t??"rateLimit",where:[{field:"key",value:s}],update:{count:n.count,lastRequest:n.lastRequest}}):await o.create({model:t??"rateLimit",data:{key:s,count:n.count,lastRequest:n.lastRequest}})}catch(c){b.error("Error setting rate limit",c)}}}}var bt=new Map;function gr(e){return e.rateLimit.storage==="secondary-storage"?{get:async r=>{let o=await e.options.secondaryStorage?.get(r);return o?JSON.parse(o):void 0},set:async(r,o)=>{await e.options.secondaryStorage?.set?.(r,JSON.stringify(o))}}:e.rateLimit.storage==="memory"?{async get(r){return bt.get(r)},async set(r,o,s){bt.set(r,o)}}:mr(e,e.rateLimit.tableName)}async function At(e,t){if(!t.rateLimit.enabled)return;let r=t.baseURL,o=e.url.replace(r,""),s=t.rateLimit.window,n=t.rateLimit.max,a=te(e)+o,i=hr().find(u=>u.pathMatcher(o));i&&(s=i.window,n=i.max);for(let u of t.options.plugins||[])if(u.rateLimit){let f=u.rateLimit.find(m=>m.pathMatcher(o));if(f){s=f.window,n=f.max;break}}if(t.rateLimit.customRules){let u=t.rateLimit.customRules[o];u&&(s=u.window,n=u.max)}let d=gr(t),l=await d.get(a),p=Date.now();if(!l)await d.set(a,{key:a,count:1,lastRequest:p});else{let u=p-l.lastRequest;if(ur(n,s,l)){let f=fr(l.lastRequest,s);return pr(f)}else u>s*1e3?await d.set(a,{...l,count:1,lastRequest:p}):await d.set(a,{...l,count:l.count+1,lastRequest:p})}}function hr(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:7}]}import{APIError as wa}from"better-call";function pe(e,t){let r=t.plugins?.reduce((c,i)=>({...c,...i.endpoints}),{}),o=t.plugins?.map(c=>c.middlewares?.map(i=>{let d=async l=>i.middleware({...l,context:{...e,...l.context}});return d.path=i.path,d.options=i.middleware.options,d.headers=i.middleware.headers,{path:i.path,middleware:d}})).filter(c=>c!==void 0).flat()||[],n={...{signInOAuth:tt,callbackOAuth:st,getCSRFToken:gt,getSession:le(),signOut:it,signUpEmail:wt(),signInEmail:rt,forgetPassword:at,resetPassword:ct,verifyEmail:et,sendVerificationEmail:Ye,changeEmail:mt,changePassword:ut,setPassword:pt,updateUser:lt,deleteUser:ft,forgetPasswordCallback:dt,listSessions:Ze(),revokeSession:Je,revokeSessions:Xe},...r,ok:yt,error:ht},a={};for(let[c,i]of Object.entries(n))a[c]=async(d={})=>{let l=await e;for(let f of t.plugins||[])if(f.hooks?.before){for(let m of f.hooks.before)if(m.matcher({...i,...d,context:l})){let y=await m.handler({...d,context:{...l,...d?.context}});y&&"context"in y&&(l={...l,...y.context})}}let p;try{p=await i({...d,context:{...l,...d.context}})}catch(f){if(f instanceof Rt){let m=t.plugins?.map(y=>{if(y.hooks?.after)return y.hooks.after}).filter(y=>y!==void 0).flat();if(!m?.length)throw f;let g=new Response(JSON.stringify(f.body),{status:wr[f.status],headers:f.headers});for(let y of m||[])if(y.matcher(d)){let he=Object.assign(d,{context:{...e,returned:g}}),oe=await y.handler(he);oe&&"response"in oe&&(g=oe.response)}return g}throw f}let u=p;for(let f of t.plugins||[])if(f.hooks?.after){for(let m of f.hooks.after)if(m.matcher(d)){let y=Object.assign(d,{context:{...e,returned:u}}),k=await m.handler(y);k&&"response"in k&&(u=k.response)}}return u},a[c].path=i.path,a[c].method=i.method,a[c].options=i.options,a[c].headers=i.headers;return{api:a,middlewares:o}}var kt=(e,t)=>{let{api:r,middlewares:o}=pe(e,t),s=new URL(e.baseURL).pathname;return yr(r,{extraContext:e,basePath:s,routerMiddleware:[{path:"/**",middleware:ve},...o],async onRequest(n){for(let a of e.options.plugins||[])if(a.onRequest){let c=await a.onRequest(n,e);if(c)return c}return At(n,e)},async onResponse(n){for(let a of e.options.plugins||[])if(a.onResponse){let c=await a.onResponse(n,e);if(c)return c.response}return n},onError(n){if(t.onAPIError?.throw)throw n;if(t.onAPIError?.onError){t.onAPIError.onError(n,e);return}let a=t.logger?.verboseLogging?b:void 0;t.logger?.disabled!==!0&&(n instanceof Rt?(n.status==="INTERNAL_SERVER_ERROR"&&b.error(n),a?.error(n.message)):b?.error(n))}})};var D=e=>{let t=e.plugins?.reduce((i,d)=>{let l=d.schema;if(!l)return i;for(let[p,u]of Object.entries(l))i[p]={fields:{...i[p]?.fields,...u.fields},tableName:u.tableName||p};return i},{}),r=e.rateLimit?.storage==="database",o={rateLimit:{tableName:e.rateLimit?.tableName||"rateLimit",fields:{key:{type:"string",fieldName:e.rateLimit?.fields?.key||"key"},count:{type:"number",fieldName:e.rateLimit?.fields?.count||"count"},lastRequest:{type:"number",fieldName:e.rateLimit?.fields?.lastRequest||"lastRequest"}}}},{user:s,session:n,account:a,...c}=t||{};return{user:{tableName:e.user?.modelName||"user",fields:{name:{type:"string",required:!0,fieldName:e.user?.fields?.name||"name"},email:{type:"string",unique:!0,required:!0,fieldName:e.user?.fields?.email||"email"},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0,fieldName:e.user?.fields?.emailVerified||"emailVerified"},image:{type:"string",required:!1,fieldName:e.user?.fields?.image||"image"},createdAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.createdAt||"createdAt"},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.updatedAt||"updatedAt"},...s?.fields,...e.user?.additionalFields},order:1},session:{tableName:e.session?.modelName||"session",fields:{expiresAt:{type:"date",required:!0,fieldName:e.session?.fields?.expiresAt||"expiresAt"},ipAddress:{type:"string",required:!1,fieldName:e.session?.fields?.ipAddress||"ipAddress"},userAgent:{type:"string",required:!1,fieldName:e.session?.fields?.userAgent||"userAgent"},userId:{type:"string",fieldName:e.session?.fields?.userId||"userId",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0},...n?.fields,...e.session?.additionalFields},order:2},account:{tableName:e.account?.modelName||"account",fields:{accountId:{type:"string",required:!0,fieldName:e.account?.fields?.accountId||"accountId"},providerId:{type:"string",required:!0,fieldName:e.account?.fields?.providerId||"providerId"},userId:{type:"string",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0,fieldName:e.account?.fields?.userId||"userId"},accessToken:{type:"string",required:!1,fieldName:e.account?.fields?.accessToken||"accessToken"},refreshToken:{type:"string",required:!1,fieldName:e.account?.fields?.refreshToken||"refreshToken"},idToken:{type:"string",required:!1,fieldName:e.account?.fields?.idToken||"idToken"},expiresAt:{type:"date",required:!1,fieldName:e.account?.fields?.expiresAt||"expiresAt"},password:{type:"string",required:!1,fieldName:e.account?.fields?.password||"password"},...a?.fields},order:3},verification:{tableName:e.verification?.modelName||"verification",fields:{identifier:{type:"string",required:!0,fieldName:e.verification?.fields?.identifier||"identifier"},value:{type:"string",required:!0,fieldName:e.verification?.fields?.value||"value"},expiresAt:{type:"date",required:!0,fieldName:e.verification?.fields?.expiresAt||"expiresAt"}},order:4},...c,...r?o:{}}};import{Kysely as Ut,MssqlDialect as br}from"kysely";import{MysqlDialect as xt,PostgresDialect as Tt,SqliteDialect as Et}from"kysely";function vt(e){if("dialect"in e)return vt(e.dialect);if("createDriver"in e){if(e instanceof Et)return"sqlite";if(e instanceof xt)return"mysql";if(e instanceof Tt)return"postgres";if(e instanceof br)return"mssql"}return"aggregate"in e?"sqlite":"getConnection"in e?"mysql":"connect"in e?"postgres":null}var Q=async e=>{let t=e.database;if("db"in t)return{kysely:t.db,databaseType:t.type};if("dialect"in t)return{kysely:new Ut({dialect:t.dialect}),databaseType:t.type};let r,o=vt(t);return"createDriver"in t&&(r=t),"aggregate"in t&&(r=new Et({database:t})),"getConnection"in t&&(r=new xt({pool:t})),"connect"in t&&(r=new Tt({pool:t})),{kysely:r?new Ut({dialect:r}):null,databaseType:o}};function W(e){if(!e)return{and:null,or:null};let t={and:[],or:[]};return e.forEach(r=>{let{field:o,value:s,operator:n="=",connector:a="AND"}=r,c=i=>n.toLowerCase()==="in"?i(o,"in",Array.isArray(s)?s:[s]):i(o,n,s);a==="OR"?t.or.push(c):t.and.push(c)}),{and:t.and.length?t.and:null,or:t.or.length?t.or:null}}function re(e,t,r){for(let o in e)e[o]===0&&t[o]?.type==="boolean"&&r?.boolean&&(e[o]=!1),e[o]===1&&t[o]?.type==="boolean"&&r?.boolean&&(e[o]=!0),t[o]?.type==="date"&&(e[o]instanceof Date||(e[o]=new Date(e[o])));return e}function It(e,t){for(let r in e)typeof e[r]=="boolean"&&t?.boolean&&(e[r]=e[r]?1:0),e[r]instanceof Date&&(e[r]=e[r].toISOString());return e}var St=(e,t)=>({id:"kysely",async create(r){let{model:o,data:s,select:n}=r;t?.transform&&(s=It(s,t.transform)),t?.generateId!==void 0&&(s.id=t.generateId?t.generateId():void 0);let a=await e.insertInto(o).values(s).returningAll().executeTakeFirst();if(t?.transform){let c=t.transform.schema[o];a=c?re(s,c,t.transform):a}return n?.length&&(a=a?n.reduce((i,d)=>a?.[d]?{...i,[d]:a[d]}:i,{}):null),a},async findOne(r){let{model:o,where:s,select:n}=r,{and:a,or:c}=W(s),i=e.selectFrom(o).selectAll();a&&(i=i.where(l=>l.and(a.map(p=>p(l))))),c&&(i=i.where(l=>l.or(c.map(p=>p(l)))));let d=await i.executeTakeFirst();if(n?.length&&(d=d?n.reduce((p,u)=>d?.[u]?{...p,[u]:d[u]}:p,{}):null),t?.transform){let l=t.transform.schema[o];return d=d&&l?re(d,l,t.transform):d,d||null}return d||null},async findMany(r){let{model:o,where:s,limit:n,offset:a,sortBy:c}=r,i=e.selectFrom(o),{and:d,or:l}=W(s);d&&(i=i.where(u=>u.and(d.map(f=>f(u))))),l&&(i=i.where(u=>u.or(l.map(f=>f(u))))),i=i.limit(n||100),a&&(i=i.offset(a)),c&&(i=i.orderBy(c.field,c.direction));let p=await i.selectAll().execute();if(t?.transform){let u=t.transform.schema[o];return u?p.map(f=>re(f,u,t.transform)):p}return p},async update(r){let{model:o,where:s,update:n}=r,{and:a,or:c}=W(s);t?.transform&&(n=It(n,t.transform));let i=e.updateTable(o).set(n);a&&(i=i.where(l=>l.and(a.map(p=>p(l))))),c&&(i=i.where(l=>l.or(c.map(p=>p(l)))));let d=await i.returningAll().executeTakeFirst()||null;if(t?.transform){let l=t.transform.schema[o];return l?re(d,l,t.transform):d}return d},async delete(r){let{model:o,where:s}=r,{and:n,or:a}=W(s),c=e.deleteFrom(o);n&&(c=c.where(i=>i.and(n.map(d=>d(i))))),a&&(c=c.where(i=>i.or(a.map(d=>d(i))))),await c.execute()},async deleteMany(r){let{model:o,where:s}=r,{and:n,or:a}=W(s),c=e.deleteFrom(o);n&&(c=c.where(i=>i.and(n.map(d=>d(i))))),a&&(c=c.where(i=>i.or(a.map(d=>d(i))))),await c.execute()}});async function Ot(e){if(!e.database)throw new R("Database configuration is required");if("create"in e.database)return e.database;let{kysely:t,databaseType:r}=await Q(e);if(!t)throw new R("Failed to initialize database adapter");let o=D(e),s={};for(let n of Object.values(o))s[n.tableName]=n.fields;return St(t,{transform:{schema:s,date:!0,boolean:r==="sqlite"},generateId:"generateId"in e.database?e.database.generateId:void 0})}function fe(e,t){let r={id:t.id};for(let o in e){let s=e[o],n=t[o];r[s.fieldName||o]=n}return r}function v(e,t){if(!t)return null;let r={id:t.id};for(let[o,s]of Object.entries(e))r[o]=t[s.fieldName||o];return r}function Pt(e,t){let r=t.hooks,o=D(t.options);async function s(a,c,i){let d=a,l=o[c];for(let f of r||[]){let m=f[c]?.create?.before;if(m){let g=await m(a);if(g===!1)return null;typeof g=="object"&&"data"in g&&(d=g.data)}}let p=i?await i.fn(d):null,u=!i||i.executeMainFn?await e.create({model:l.tableName,data:{id:I(),...fe(l.fields,d)}}):p;for(let f of r||[]){let m=f[c]?.create?.after;m&&await m(u)}return v(l.fields,u)}async function n(a,c,i,d){let l=a;for(let f of r||[]){let m=f[i]?.update?.before;if(m){let g=await m(a);if(g===!1)return null;l=typeof g=="object"?g.data:g}}let p=d?await d.fn(l):null,u=!d||d.executeMainFn?await e.update({model:o[i].tableName,update:fe(o[i].fields,l),where:c}):p;for(let f of r||[]){let m=f[i]?.update?.after;m&&await m(u)}return v(o[i].fields,u)}return{createWithHooks:s,updateWithHooks:n}}var me=(e,t)=>{let r=t.options,o=r.secondaryStorage,s=r.session?.expiresIn||60*60*24*7,n=D(r),{createWithHooks:a,updateWithHooks:c}=Pt(e,t);return{createOAuthUser:async(i,d)=>{try{let l=await a(i,"user"),p=await a(d,"account");return{user:l,account:{...p,userId:l.id}}}catch(l){return console.log(l),null}},createUser:async i=>await a({id:I(),createdAt:new Date,updatedAt:new Date,emailVerified:!1,...i},"user"),createAccount:async i=>await a({id:I(),createdAt:new Date,updatedAt:new Date,...i},"account"),listSessions:async i=>await e.findMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:i}]}),listUsers:async(i,d,l,p)=>(await e.findMany({model:n.user.tableName,limit:i,offset:d,sortBy:l,where:p})).map(f=>v(n.user.fields,f)),deleteUser:async i=>{await e.delete({model:n.account.tableName,where:[{field:n.account.fields.userId.fieldName||"userId",value:i}]}),await e.deleteMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:i}]}),await e.deleteMany({model:n.user.tableName,where:[{field:"id",value:i}]})},createSession:async(i,d,l,p)=>{let u=d instanceof Request?d.headers:d,f={id:I(),userId:i,expiresAt:l?q(60*60*24,"sec"):q(s,"sec"),ipAddress:d&&te(d)||"",userAgent:u?.get("user-agent")||"",...p};return await a(f,"session",o?{fn:async g=>{let y=await e.findOne({model:n.user.tableName,where:[{field:"id",value:i}]});return o.set(g.id,JSON.stringify({session:g,user:y}),s),g},executeMainFn:r.session?.storeSessionInDatabase}:void 0)},findSession:async i=>{if(o){let p=await o.get(i);if(p){let u=JSON.parse(p);return{session:{...u.session,expiresAt:new Date(u.session.expiresAt)},user:{...u.user,createdAt:new Date(u.user.createdAt),updatedAt:new Date(u.user.updatedAt)}}}}let d=await e.findOne({model:n.session.tableName,where:[{value:i,field:"id"}]});if(!d)return null;let l=await e.findOne({model:n.user.tableName,where:[{value:d.userId,field:"id"}]});return l?{session:v(n.session.fields,d),user:v(n.user.fields,l)}:null},findSessions:async i=>{if(o){let u=[];for(let f of i){let m=await o.get(f);if(m){let g=JSON.parse(m),y={session:{...g.session,expiresAt:new Date(g.session.expiresAt)},user:{...g.user,createdAt:new Date(g.user.createdAt),updatedAt:new Date(g.user.updatedAt)}};u.push(y)}}return u}let d=await e.findMany({model:n.session.tableName,where:[{field:"id",value:i,operator:"in"}]}),l=d.map(u=>u.userId),p=await e.findMany({model:n.user.tableName,where:[{field:"id",value:l,operator:"in"}]});return d.map(u=>{let f=p.find(m=>m.id===u.userId);return f?{session:v(n.session.fields,u),user:v(n.user.fields,f)}:null})},updateSession:async(i,d)=>await c(d,[{field:"id",value:i}],"session",o?{async fn(p){let u=await o.get(i),f=null;if(u){let m=JSON.parse(u);f={...m.session,...p},await o.set(i,JSON.stringify({session:f,user:m.user}),m.session.expiresAt?new Date(m.session.expiresAt).getTime():void 0)}else return null},executeMainFn:r.session?.storeSessionInDatabase}:void 0),deleteSession:async i=>{if(o){await o.delete(i),r.session?.storeSessionInDatabase&&await e.delete({model:n.session.tableName,where:[{field:"id",value:i}]});return}await e.delete({model:n.session.tableName,where:[{field:"id",value:i}]})},deleteSessions:async i=>{if(o){let d=await e.findMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:i}]});for(let l of d)await o.delete(l.id);r.session?.storeSessionInDatabase&&await e.delete({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:i}]});return}await e.delete({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:i}]})},findUserByEmail:async(i,d)=>{let l=await e.findOne({model:n.user.tableName,where:[{value:i.toLowerCase(),field:n.user.fields.email.fieldName||"email"}]});if(!l)return null;if(d?.includeAccounts){let p=await e.findMany({model:n.account.tableName,where:[{value:l.id,field:n.account.fields.userId.fieldName||"userId"}]});return{user:v(n.user.fields,l),accounts:p.map(u=>v(n.account.fields,u))}}return{user:v(n.user.fields,l),accounts:[]}},findUserById:async i=>await e.findOne({model:n.user.tableName,where:[{field:"id",value:i}]}),linkAccount:async i=>await a({id:I(),...i},"account"),updateUser:async(i,d)=>await c(d,[{field:"id",value:i}],"user"),updateUserByEmail:async(i,d)=>await c(d,[{field:n.user.fields.email.fieldName||"email",value:i}],"user"),updatePassword:async(i,d)=>await c({password:d},[{field:n.account.fields.userId.fieldName||"userId",value:i},{field:n.account.fields.providerId.fieldName||"providerId",value:"credential"}],"account"),findAccounts:async i=>(await e.findMany({model:n.account.tableName,where:[{field:n.account.fields.userId.fieldName||"userId",value:i}]})).map(l=>v(n.account.fields,l)),updateAccount:async(i,d)=>await c(d,[{field:"id",value:i}],"account"),createVerificationValue:async i=>await a({id:I(),...i},"verification"),findVerificationValue:async i=>{let d=await e.findOne({model:n.verification.tableName,where:[{field:n.verification.fields.identifier.fieldName||"identifier",value:i}]});return v(n.verification.fields,d)},deleteVerificationValue:async i=>{await e.delete({model:n.verification.tableName,where:[{field:"id",value:i}]})},updateVerificationValue:async(i,d)=>await c(d,[{field:"id",value:i}],"verification")}};import{z as Ma}from"zod";import"kysely";import{defu as Ar}from"defu";var ge="better-auth-secret-123456789";var Lt=async e=>{let t=await Ot(e),r=e.plugins||[],o=kr(e),{kysely:s}=await Q(e),n=K(e.baseURL,e.basePath);if(!n)throw new R("Base URL can not be empty. Please add `BETTER_AUTH_URL` in your environment variables or pass it your auth config.");let a=e.secret||process.env.BETTER_AUTH_SECRET||process.env.AUTH_SECRET||ge;if(a===ge&&process.env.NODE_ENV==="production")throw new R("You are using the default secret. Please set `BETTER_AUTH_SECRET` or `AUTH_SECRET` in your environment variables or pass `secret` in your auth config.");e={...e,secret:a,baseURL:n?new URL(n).origin:"",basePath:e.basePath||"/api/auth",plugins:r.concat(o),emailAndPassword:{...e.emailAndPassword,enabled:e.emailAndPassword?.enabled??!1,autoSignIn:!0}};let c=_e(e),i=D(e),d=Object.keys(e.socialProviders||{}).map(u=>{let f=e.socialProviders?.[u];return f.enabled===!1?null:((!f.clientId||!f.clientSecret)&&b.warn(`Social provider ${u} is missing clientId or clientSecret`),ce[u](f))}).filter(u=>u!==null),l={appName:e.appName||"Better Auth",socialProviders:d,options:e,tables:i,trustedOrigins:Ur(e),baseURL:n,sessionConfig:{updateAge:e.session?.updateAge||24*60*60,expiresIn:e.session?.expiresIn||60*60*24*7},secret:a,rateLimit:{...e.rateLimit,enabled:e.rateLimit?.enabled??process.env.NODE_ENV!=="development",window:e.rateLimit?.window||60,max:e.rateLimit?.max||100,storage:e.rateLimit?.storage||e.secondaryStorage?"secondary-storage":"memory"},authCookies:c,logger:ie({disabled:e.logger?.disabled||!1}),db:s,uuid:I,secondaryStorage:e.secondaryStorage,password:{hash:e.emailAndPassword?.password?.hash||be,verify:e.emailAndPassword?.password?.verify||Ae,config:{minPasswordLength:e.emailAndPassword?.minPasswordLength||8,maxPasswordLength:e.emailAndPassword?.maxPasswordLength||128}},adapter:t,internalAdapter:me(t,{options:e,hooks:e.databaseHooks?[e.databaseHooks]:[]}),createAuthCookie:Ce(e)},{context:p}=Rr(l);return p};function Rr(e){let t=e.options,r=t.plugins||[],o=e,s=[];for(let n of r)if(n.init){let a=n.init(e);typeof a=="object"&&(a.options&&(a.options.databaseHooks&&s.push(a.options.databaseHooks),t=Ar(t,a.options)),a.context&&(o={...o,...a.context}))}return s.push(t.databaseHooks),o.internalAdapter=me(e.adapter,{options:t,hooks:s.filter(n=>n!==void 0)}),o.options=t,{context:o}}function kr(e){let t=[];return e.advanced?.crossSubDomainCookies?.enabled,t}function Ur(e){let t=K(e.baseURL,e.basePath);if(!t)throw new R("Base URL can not be empty. Please add `BETTER_AUTH_URL` in your environment variables or pass it in your auth config.");let r=[new URL(t).origin];e.trustedOrigins&&r.push(...e.trustedOrigins);let o=process.env.BETTER_AUTH_TRUSTED_ORIGINS;return o&&r.push(...o.split(",")),r}var Id=e=>{let t=Lt(e),{api:r}=pe(t,e);return{handler:async o=>{let s=await t,n=s.options.basePath||"/api/auth",a=new URL(o.url);if(!s.options.baseURL){let i=K(void 0,n)||`${a.origin}${n}`;s.options.baseURL=i,s.baseURL=i}if(!s.options.baseURL)return new Response("Base URL not set",{status:400});if(a.pathname===n||a.pathname===`${n}/`)return new Response("Welcome to BetterAuth",{status:200});let{handler:c}=kt(s,e);return c(o)},api:r,options:e,$Infer:{}}};export{R as BetterAuthError,N as HIDE_METADATA,Le as MissingDependencyError,Id as betterAuth,fn as capitalizeFirstLetter,Ce as createCookieGetter,ie as createLogger,H as deleteSessionCookie,I as generateId,Pe as generateState,_e as getCookies,b as logger,fo as parseCookies,po as parseSetCookieHeader,se as parseState,P as setSessionCookie};
|
package/dist/node.d.ts
CHANGED
package/dist/plugins.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
export { A as AnonymousOptions, O as OrganizationOptions, b as Passkey, P as PasskeyOptions, U as UserWithPhoneNumber, f as UserWithRole, i as admin, h as adminMiddleware, e as anonymous, j as genericOAuth, g as getPasskeyActions, m as magicLink, k as multiSession, o as organization, p as passkey, c as passkeyClient, d as phoneNumber, t as twoFactor, a as twoFactorClient, u as username } from './index-
|
|
1
|
+
export { A as AnonymousOptions, O as OrganizationOptions, b as Passkey, P as PasskeyOptions, U as UserWithPhoneNumber, f as UserWithRole, i as admin, h as adminMiddleware, e as anonymous, j as genericOAuth, g as getPasskeyActions, m as magicLink, k as multiSession, o as organization, p as passkey, c as passkeyClient, d as phoneNumber, t as twoFactor, a as twoFactorClient, u as username } from './index-DZhhf9eD.js';
|
|
2
2
|
export { i as ac } from './index-DfAHOgpj.js';
|
|
3
|
-
import { H as HookEndpointContext, P as PluginSchema } from './auth-
|
|
4
|
-
export { e as AuthEndpoint, f as AuthMiddleware, b as BetterAuthPlugin, d as createAuthEndpoint, c as createAuthMiddleware, o as optionsMiddleware } from './auth-
|
|
3
|
+
import { H as HookEndpointContext, P as PluginSchema } from './auth-DQcxQWzj.js';
|
|
4
|
+
export { e as AuthEndpoint, f as AuthMiddleware, b as BetterAuthPlugin, d as createAuthEndpoint, c as createAuthMiddleware, o as optionsMiddleware } from './auth-DQcxQWzj.js';
|
|
5
5
|
export { H as HIDE_METADATA } from './hide-metadata-DEHJp1rk.js';
|
|
6
6
|
import { U as User } from './schema-Dkt0LqYs.js';
|
|
7
7
|
import * as better_call from 'better-call';
|
package/dist/react.d.ts
CHANGED
|
@@ -3,7 +3,7 @@ import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
|
3
3
|
import { U as UnionToIntersection, P as Prettify, S as StripEmptyObjects } from './helper-DPDj8Nix.js';
|
|
4
4
|
import { ClientOptions, InferClientAPI, InferActions, InferAdditionalFromClient, BetterAuthClientPlugin, IsSignal } from './types.js';
|
|
5
5
|
import { useStore } from '@nanostores/react';
|
|
6
|
-
import './auth-
|
|
6
|
+
import './auth-DQcxQWzj.js';
|
|
7
7
|
import 'kysely';
|
|
8
8
|
import './schema-Dkt0LqYs.js';
|
|
9
9
|
import 'better-call';
|
package/dist/solid-start.d.ts
CHANGED
package/dist/solid.d.ts
CHANGED
|
@@ -3,7 +3,7 @@ import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
|
3
3
|
import { U as UnionToIntersection, P as Prettify, S as StripEmptyObjects } from './helper-DPDj8Nix.js';
|
|
4
4
|
import { ClientOptions, InferClientAPI, InferActions, InferAdditionalFromClient, BetterAuthClientPlugin, IsSignal } from './types.js';
|
|
5
5
|
import { Accessor } from 'solid-js';
|
|
6
|
-
import './auth-
|
|
6
|
+
import './auth-DQcxQWzj.js';
|
|
7
7
|
import 'kysely';
|
|
8
8
|
import './schema-Dkt0LqYs.js';
|
|
9
9
|
import 'better-call';
|
package/dist/svelte-kit.d.ts
CHANGED
package/dist/svelte.d.ts
CHANGED
|
@@ -3,7 +3,7 @@ import * as nanostores from 'nanostores';
|
|
|
3
3
|
import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
4
4
|
import { U as UnionToIntersection, P as Prettify, S as StripEmptyObjects } from './helper-DPDj8Nix.js';
|
|
5
5
|
import { ClientOptions, InferClientAPI, InferActions, InferAdditionalFromClient, BetterAuthClientPlugin, IsSignal } from './types.js';
|
|
6
|
-
import './auth-
|
|
6
|
+
import './auth-DQcxQWzj.js';
|
|
7
7
|
import 'kysely';
|
|
8
8
|
import './schema-Dkt0LqYs.js';
|
|
9
9
|
import 'better-call';
|
package/dist/types.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { b as BetterAuthPlugin, a as Auth, Q as InferFieldsInputClient, N as InferFieldsOutput } from './auth-
|
|
2
|
-
export { A as Adapter, j as AdditionalSessionFieldsInput, k as AdditionalSessionFieldsOutput, h as AdditionalUserFieldsInput, i as AdditionalUserFieldsOutput, p as AuthContext, B as BetterAuthOptions, G as GenericEndpointContext, H as HookEndpointContext, m as InferPluginTypes, l as InferSession, I as InferUser, P as PluginSchema, R as RateLimit, S as SecondaryStorage, W as Where, n as init } from './auth-
|
|
1
|
+
import { b as BetterAuthPlugin, a as Auth, Q as InferFieldsInputClient, N as InferFieldsOutput } from './auth-DQcxQWzj.js';
|
|
2
|
+
export { A as Adapter, j as AdditionalSessionFieldsInput, k as AdditionalSessionFieldsOutput, h as AdditionalUserFieldsInput, i as AdditionalUserFieldsOutput, p as AuthContext, B as BetterAuthOptions, G as GenericEndpointContext, H as HookEndpointContext, m as InferPluginTypes, l as InferSession, I as InferUser, P as PluginSchema, R as RateLimit, S as SecondaryStorage, W as Where, n as init } from './auth-DQcxQWzj.js';
|
|
3
3
|
import { U as UnionToIntersection, H as HasRequiredKeys, P as Prettify, S as StripEmptyObjects, L as LiteralString } from './helper-DPDj8Nix.js';
|
|
4
4
|
export { D as DeepPartial, a as LiteralUnion, R as RequiredKeysOf, W as WithoutEmpty } from './helper-DPDj8Nix.js';
|
|
5
5
|
import { BetterFetchOption, BetterFetchResponse, BetterFetch, BetterFetchPlugin } from '@better-fetch/fetch';
|
package/dist/vue.d.ts
CHANGED
|
@@ -3,7 +3,7 @@ import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
|
3
3
|
import { U as UnionToIntersection, P as Prettify, S as StripEmptyObjects } from './helper-DPDj8Nix.js';
|
|
4
4
|
import { ClientOptions, InferClientAPI, InferActions, InferAdditionalFromClient, BetterAuthClientPlugin, IsSignal } from './types.js';
|
|
5
5
|
import { Ref, DeepReadonly } from 'vue';
|
|
6
|
-
import './auth-
|
|
6
|
+
import './auth-DQcxQWzj.js';
|
|
7
7
|
import 'kysely';
|
|
8
8
|
import './schema-Dkt0LqYs.js';
|
|
9
9
|
import 'better-call';
|
package/dist/vue.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{useStore as U}from"@nanostores/vue";import{createFetch as v}from"@better-fetch/fetch";var p=class extends Error{constructor(t,r){super(t),this.name="BetterAuthError",this.message=t,this.cause=r,this.stack=""}};function _(e){try{return new URL(e).pathname!=="/"}catch{throw new p(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function T(e,t="/api/auth"){return _(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function b(e,t){if(e)return T(e,t);let r=typeof process<"u"?process.env:{},i=r.BETTER_AUTH_URL||r.NEXT_PUBLIC_BETTER_AUTH_URL||r.PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_AUTH_URL||(r.BASE_URL!=="/"?r.BASE_URL:void 0);if(i)return T(i,t);if(typeof window<"u")return T(window.location.origin,t)}import"nanostores";import{betterFetch as $}from"@better-fetch/fetch";var F={id:"redirect",name:"Redirect",hooks:{onSuccess(e){e.data?.url&&e.data?.redirect&&typeof window<"u"&&(window.location.href=e.data.url)}}},S={id:"add-current-url",name:"Add current URL",hooks:{onRequest(e){if(typeof window<"u"){let t=new URL(e.url);t.searchParams.set("currentURL",window.location.href),e.url=t}return e}}},L={id:"csrf",name:"CSRF Check",async init(e,t){if(t?.method!=="GET"){t=t||{};let{data:r,error:i}=await $("/csrf",{body:void 0,baseURL:t.baseURL,plugins:[],method:"GET",credentials:"include",customFetchImpl:t.customFetchImpl});if(i){if(i.status===404)throw new p("CSRF route not found. Make sure the server is running and the base URL is correct and includes the path (e.g. http://localhost:3000/api/auth).");if(i.status===429)return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests"});throw new p("Failed to fetch CSRF token: "+i.message)}let s=r?.csrfToken;t.body={...t?.body,csrfToken:s}}return t.credentials="include",{url:e,options:t}}};var B=e=>{let t=v({baseURL:b(e?.fetchOptions?.baseURL||e?.baseURL),credentials:"include",method:"GET",...e?.fetchOptions,plugins:[...e?.disableCSRFTokenCheck?[]:[L],F,S,...e?.fetchOptions?.plugins?.filter(n=>n!==void 0)||[],...e?.plugins?.flatMap(n=>n.fetchPlugins).filter(n=>n!==void 0)||[]]}),r=e?.plugins||[],i={},s={},u={"/sign-out":"POST","/user/revoke-sessions":"POST"},o=[{signal:"_sessionSignal",matcher(n){return n==="/sign-out"||n==="/user/update"||n.startsWith("/sign-in")||n.startsWith("/sign-up")}}];for(let n of r)n.getActions&&Object.assign(i,n.getActions?.(t)),n.getAtoms&&Object.assign(s,n.getAtoms?.(t)),n.pathMethods&&Object.assign(u,n.pathMethods),n.atomListeners&&o.push(...n.atomListeners);return{pluginsActions:i,pluginsAtoms:s,pluginPathMethods:u,atomListeners:o,$fetch:t}};function C(e){return e.charAt(0).toUpperCase()+e.slice(1)}function W(e,t,r){let i=t[e],{fetchOptions:s,query:u,...o}=r||{};return i||(s?.method?s.method:o&&Object.keys(o).length>0?"POST":"GET")}function x(e,t,r,i,s){function u(o=[]){return new Proxy(function(){},{get(n,c){let
|
|
1
|
+
import{useStore as U}from"@nanostores/vue";import{createFetch as v}from"@better-fetch/fetch";var p=class extends Error{constructor(t,r){super(t),this.name="BetterAuthError",this.message=t,this.cause=r,this.stack=""}};function _(e){try{return new URL(e).pathname!=="/"}catch{throw new p(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function T(e,t="/api/auth"){return _(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function b(e,t){if(e)return T(e,t);let r=typeof process<"u"?process.env:{},i=r.BETTER_AUTH_URL||r.NEXT_PUBLIC_BETTER_AUTH_URL||r.PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_BETTER_AUTH_URL||r.NUXT_PUBLIC_AUTH_URL||(r.BASE_URL!=="/"?r.BASE_URL:void 0);if(i)return T(i,t);if(typeof window<"u")return T(window.location.origin,t)}import"nanostores";import{betterFetch as $}from"@better-fetch/fetch";var F={id:"redirect",name:"Redirect",hooks:{onSuccess(e){e.data?.url&&e.data?.redirect&&typeof window<"u"&&(window.location.href=e.data.url)}}},S={id:"add-current-url",name:"Add current URL",hooks:{onRequest(e){if(typeof window<"u"){let t=new URL(e.url);t.searchParams.set("currentURL",window.location.href),e.url=t}return e}}},L={id:"csrf",name:"CSRF Check",async init(e,t){if(t?.method!=="GET"){t=t||{};let{data:r,error:i}=await $("/csrf",{body:void 0,baseURL:t.baseURL,plugins:[],method:"GET",credentials:"include",customFetchImpl:t.customFetchImpl});if(i){if(i.status===404)throw new p("CSRF route not found. Make sure the server is running and the base URL is correct and includes the path (e.g. http://localhost:3000/api/auth).");if(i.status===429)return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests"});throw new p("Failed to fetch CSRF token: "+i.message)}let s=r?.csrfToken;t.body={...t?.body,csrfToken:s}}return t.credentials="include",{url:e,options:t}}};var B=e=>{let t=v({baseURL:b(e?.fetchOptions?.baseURL||e?.baseURL),credentials:"include",method:"GET",...e?.fetchOptions,plugins:[...e?.disableCSRFTokenCheck?[]:[L],F,S,...e?.fetchOptions?.plugins?.filter(n=>n!==void 0)||[],...e?.plugins?.flatMap(n=>n.fetchPlugins).filter(n=>n!==void 0)||[]]}),r=e?.plugins||[],i={},s={},u={"/sign-out":"POST","/user/revoke-sessions":"POST"},o=[{signal:"_sessionSignal",matcher(n){return n==="/sign-out"||n==="/user/update"||n.startsWith("/sign-in")||n.startsWith("/sign-up")}}];for(let n of r)n.getActions&&Object.assign(i,n.getActions?.(t)),n.getAtoms&&Object.assign(s,n.getAtoms?.(t)),n.pathMethods&&Object.assign(u,n.pathMethods),n.atomListeners&&o.push(...n.atomListeners);return{pluginsActions:i,pluginsAtoms:s,pluginPathMethods:u,atomListeners:o,$fetch:t}};function C(e){return e.charAt(0).toUpperCase()+e.slice(1)}function W(e,t,r){let i=t[e],{fetchOptions:s,query:u,...o}=r||{};return i||(s?.method?s.method:o&&Object.keys(o).length>0?"POST":"GET")}function x(e,t,r,i,s){function u(o=[]){return new Proxy(function(){},{get(n,c){let f=[...o,c],a=e;for(let l of f)if(a&&typeof a=="object"&&l in a)a=a[l];else{a=void 0;break}return typeof a=="function"?a:u(f)},apply:async(n,c,f)=>{let a="/"+o.map(h=>h.replace(/[A-Z]/g,R=>`-${R.toLowerCase()}`)).join("/"),l=f[0]||{},P=f[1]||{},{query:O,fetchOptions:g,...m}=l,d={...P,...g},y=W(a,r,l);return await t(a,{...d,body:y==="GET"?void 0:{...m,...d?.body||{}},query:O||d?.query,method:y,async onSuccess(h){await d?.onSuccess?.(h);let R=s?.find(I=>I.matcher(a));if(!R)return;let A=i[R.signal];if(!A)return;let k=A.get();setTimeout(()=>{A.set(!k)},10)}})}})}return u()}import{atom as G}from"nanostores";import"@better-fetch/fetch";import{atom as q,onMount as M}from"nanostores";var w=(e,t,r,i)=>{let s=q({data:null,error:null,isPending:!1,isRefetching:!1}),u=()=>{let n=typeof i=="function"?i({data:s.get().data,error:s.get().error,isPending:s.get().isPending}):i;return r(t,{...n,onSuccess:async c=>{s.set({data:c.data,error:null,isPending:!1,isRefetching:!1}),await n?.onSuccess?.(c)},async onError(c){s.set({error:c.error,data:null,isPending:!1,isRefetching:!1}),await n?.onError?.(c)},async onRequest(c){let f=s.get();s.set({isPending:f.data===null,data:f.data,error:null,isRefetching:!0}),await n?.onRequest?.(c)}})};e=Array.isArray(e)?e:[e];let o=!1;for(let n of e)n.subscribe(()=>{o?u():M(s,()=>(u(),o=!0,()=>{s.off(),n.off()}))});return s};function E(e){let t=G(!1);return{$session:w(t,"/session",e,{method:"GET"}),_sessionSignal:t,$Infer:{}}}function H(e){return`use${C(e)}`}function ge(e){let{pluginPathMethods:t,pluginsActions:r,pluginsAtoms:i,$fetch:s,atomListeners:u}=B(e),o={};for(let[g,m]of Object.entries(i))o[H(g)]=()=>U(m);let{$session:n,_sessionSignal:c,$Infer:f}=E(s);function a(){return U(n)}function l(g){if(g){let m=U(c),d=e?.fetchOptions?.baseURL||e?.baseURL,y=d?new URL(d).pathname:"/api/auth";return g(`${y}/session`,{ref:m}).then(h=>({data:h.data,isPending:!1,error:h.error}))}return a()}let P={...r,...o,useSession:l};return x(P,s,t,{...i,_sessionSignal:c},u)}export{ge as createAuthClient};
|