better-auth 0.5.3-beta.2 → 0.5.3-beta.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/drizzle.d.ts +1 -1
- package/dist/adapters/kysely.d.ts +1 -1
- package/dist/adapters/mongodb.d.ts +1 -1
- package/dist/adapters/prisma.d.ts +1 -1
- package/dist/api.d.ts +1 -1
- package/dist/api.js +4 -4
- package/dist/{auth-DFDxqxWC.d.ts → auth-CS6UmdXR.d.ts} +72 -48
- package/dist/client/plugins.d.ts +3 -3
- package/dist/client.d.ts +1 -1
- package/dist/cookies.d.ts +1 -1
- package/dist/db.d.ts +2 -2
- package/dist/db.js +1 -1
- package/dist/{index-C5jX2KrN.d.ts → index-Cw_LIJVp.d.ts} +4 -4
- package/dist/index.d.ts +1 -1
- package/dist/index.js +4 -4
- package/dist/node.d.ts +1 -1
- package/dist/plugins.d.ts +3 -3
- package/dist/plugins.js +5 -5
- package/dist/react.d.ts +1 -1
- package/dist/solid-start.d.ts +1 -1
- package/dist/solid.d.ts +1 -1
- package/dist/svelte-kit.d.ts +1 -1
- package/dist/svelte.d.ts +1 -1
- package/dist/types.d.ts +2 -2
- package/dist/vue.d.ts +1 -1
- package/package.json +1 -1
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { Kysely } from 'kysely';
|
|
2
|
-
import { B as BetterAuthOptions, K as KyselyDatabaseType, F as FieldAttribute, A as Adapter } from '../auth-
|
|
2
|
+
import { B as BetterAuthOptions, K as KyselyDatabaseType, F as FieldAttribute, A as Adapter } from '../auth-CS6UmdXR.js';
|
|
3
3
|
import 'zod';
|
|
4
4
|
import '../schema-Dkt0LqYs.js';
|
|
5
5
|
import 'better-call';
|
package/dist/api.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { e as AuthEndpoint, f as AuthMiddleware, a1 as callbackOAuth, aj as changeEmail, ag as changePassword, d as createAuthEndpoint, c as createAuthMiddleware, ac as createEmailVerificationToken, ao as csrfMiddleware, ai as deleteUser, al as error, a9 as forgetPassword, aa as forgetPasswordCallback, ak as getCSRFToken, Z as getEndpoints, a2 as getSession, a3 as getSessionFromCtx, a5 as listSessions, am as ok, o as optionsMiddleware, ab as resetPassword, a6 as revokeSession, a7 as revokeSessions, _ as router, ad as sendVerificationEmail, a4 as sessionMiddleware, ah as setPassword, a0 as signInEmail, $ as signInOAuth, a8 as signOut, an as signUpEmail, af as updateUser, ae as verifyEmail } from './auth-
|
|
1
|
+
export { e as AuthEndpoint, f as AuthMiddleware, a1 as callbackOAuth, aj as changeEmail, ag as changePassword, d as createAuthEndpoint, c as createAuthMiddleware, ac as createEmailVerificationToken, ao as csrfMiddleware, ai as deleteUser, al as error, a9 as forgetPassword, aa as forgetPasswordCallback, ak as getCSRFToken, Z as getEndpoints, a2 as getSession, a3 as getSessionFromCtx, a5 as listSessions, am as ok, o as optionsMiddleware, ab as resetPassword, a6 as revokeSession, a7 as revokeSessions, _ as router, ad as sendVerificationEmail, a4 as sessionMiddleware, ah as setPassword, a0 as signInEmail, $ as signInOAuth, a8 as signOut, an as signUpEmail, af as updateUser, ae as verifyEmail } from './auth-CS6UmdXR.js';
|
|
2
2
|
import './helper-DPDj8Nix.js';
|
|
3
3
|
export { APIError } from 'better-call';
|
|
4
4
|
import 'zod';
|
package/dist/api.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import{APIError as nt,createRouter as qt,statusCode as
|
|
2
|
-
`)}}),w=pt();var U=$(async e=>{let{body:t,query:r,headers:o,context:n}=e,i=t?.callbackURL||r?.callbackURL||r?.redirectTo||t?.redirectTo,s=r?.currentURL||o?.get("referer")||n.baseURL,a=n.trustedOrigins,c=(d,l)=>{if(d?.startsWith("http")&&!a.some(g=>d.startsWith(g)))throw w.error(`Invalid ${l}`,{[l]:d,trustedOrigins:a}),new mt("FORBIDDEN",{message:`Invalid ${l}`})};c(i,"callbackURL"),c(s,"currentURL")});import{parseJWT as wt}from"oslo/jwt";import{sha256 as ft}from"oslo/crypto";import{base64url as gt}from"oslo/encoding";async function fe(e){let t=await ft(new TextEncoder().encode(e));return gt.encode(new Uint8Array(t),{includePadding:!1})}function ge(e){return{tokenType:e.token_type,accessToken:e.access_token,refreshToken:e.refresh_token,accessTokenExpiresAt:e.expires_at?new Date((Date.now()+e.expires_in)*1e3):void 0,scopes:e?.scope?typeof e.scope=="string"?e.scope.split(" "):e.scope:[],idToken:e.id_token}}async function E({id:e,options:t,authorizationEndpoint:r,state:o,codeVerifier:n,scopes:i,claims:s,disablePkce:a,redirectURI:c}){let d=new URL(r);if(d.searchParams.set("response_type","code"),d.searchParams.set("client_id",t.clientId),d.searchParams.set("state",o),d.searchParams.set("scope",i.join(" ")),d.searchParams.set("redirect_uri",t.redirectURI||c),!a&&n){let l=await fe(n);d.searchParams.set("code_challenge_method","S256"),d.searchParams.set("code_challenge",l)}if(s){let l=s.reduce((h,g)=>(h[g]=null,h),{});d.searchParams.set("claims",JSON.stringify({id_token:{email:null,email_verified:null,...l}}))}return d}import{betterFetch as ht}from"@better-fetch/fetch";async function y({code:e,codeVerifier:t,redirectURI:r,options:o,tokenEndpoint:n}){let i=new URLSearchParams;i.set("grant_type","authorization_code"),i.set("code",e),t&&i.set("code_verifier",t),i.set("redirect_uri",r),i.set("client_id",o.clientId),i.set("client_secret",o.clientSecret);let{data:s,error:a}=await ht(n,{method:"POST",body:i,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(a)throw a;return ge(s)}function Y(e){let t=e.accessToken,r=e.refreshToken,o;try{o=e.accessTokenExpiresAt}catch{}return{accessToken:t,refreshToken:r,expiresAt:o}}var he=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:r,scopes:o,redirectURI:n}){let i=e.scope||o||["email","name","openid"];return new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${n||e.redirectURI}&scope=${i.join(" ")}&state=${r}`)},validateAuthorizationCode:async({code:r,codeVerifier:o,redirectURI:n})=>y({code:r,codeVerifier:o,redirectURI:e.redirectURI||n,options:e,tokenEndpoint:t}),async getUserInfo(r){if(!r.idToken)return null;let o=wt(r.idToken)?.payload;return o?{user:{id:o.sub,name:o.name,email:o.email,emailVerified:o.email_verified==="true"},data:o}:null}}};import{betterFetch as yt}from"@better-fetch/fetch";var we=e=>({id:"discord",name:"Discord",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let n=e.scope||r||["identify","email"];return new URL(`https://discord.com/api/oauth2/authorize?scope=${n.join("+")}&response_type=code&client_id=${e.clientId}&redirect_uri=${encodeURIComponent(e.redirectURI||o)}&state=${t}`)},validateAuthorizationCode:async({code:t,redirectURI:r})=>y({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await yt("https://discord.com/api/users/@me",{headers:{authorization:`Bearer ${t.accessToken}`}});if(o)return null;if(r.avatar===null){let n=r.discriminator==="0"?Number(BigInt(r.id)>>BigInt(22))%6:parseInt(r.discriminator)%5;r.image_url=`https://cdn.discordapp.com/embed/avatars/${n}.png`}else{let n=r.avatar.startsWith("a_")?"gif":"png";r.image_url=`https://cdn.discordapp.com/avatars/${r.id}/${r.avatar}.${n}`}return{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified,image:r.image_url},data:r}}});import{betterFetch as bt}from"@better-fetch/fetch";var ye=e=>({id:"facebook",name:"Facebook",async createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let n=e.scope||r||["email","public_profile"];return await E({id:"facebook",options:e,authorizationEndpoint:"https://www.facebook.com/v21.0/dialog/oauth",scopes:n,state:t,redirectURI:o})},validateAuthorizationCode:async({code:t,redirectURI:r})=>y({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://graph.facebook.com/oauth/access_token"}),async getUserInfo(t){let{data:r,error:o}=await bt("https://graph.facebook.com/me?fields=id,name,email,picture",{auth:{type:"Bearer",token:t.accessToken}});return o?null:{user:{id:r.id,name:r.name,email:r.email,emailVerified:r.email_verified},data:r}}});import{betterFetch as be}from"@better-fetch/fetch";var Ae=e=>{let t="https://github.com/login/oauth/access_token";return{id:"github",name:"Github",createAuthorizationURL({state:r,scopes:o,codeVerifier:n,redirectURI:i}){let s=e.scope||o||["user:email"];return E({id:"github",options:e,authorizationEndpoint:"https://github.com/login/oauth/authorize",scopes:s,state:r,redirectURI:i,codeVerifier:n})},validateAuthorizationCode:async({code:r,redirectURI:o})=>y({code:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:t}),async getUserInfo(r){let{data:o,error:n}=await be("https://api.github.com/user",{headers:{"User-Agent":"better-auth",authorization:`Bearer ${r.accessToken}`}});if(n)return null;let i=!1;if(!o.email){let{data:s,error:a}=await be("https://api.github.com/user/emails",{headers:{authorization:`Bearer ${r.accessToken}`,"User-Agent":"better-auth"}});a||(o.email=(s.find(c=>c.primary)??s[0])?.email,i=s.find(c=>c.email===o.email)?.verified??!1)}return{user:{id:o.id.toString(),name:o.name||o.login,email:o.email,image:o.avatar_url,emailVerified:i},data:o}}}};import{parseJWT as At}from"oslo/jwt";var ke=e=>({id:"google",name:"Google",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:n}){if(!e.clientId||!e.clientSecret)throw w.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new V("CLIENT_ID_AND_SECRET_REQUIRED");if(!o)throw new V("codeVerifier is required for Google");let i=e.scope||r||["email","profile"];return E({id:"google",options:e,authorizationEndpoint:"https://accounts.google.com/o/oauth2/auth",scopes:i,state:t,codeVerifier:o,redirectURI:n})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>y({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"}),async getUserInfo(t){if(!t.idToken)return null;let r=At(t.idToken)?.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}}});import{betterFetch as kt}from"@better-fetch/fetch";import{parseJWT as Rt}from"oslo/jwt";var Re=e=>{let t=e.tenantId||"common",r=`https://login.microsoftonline.com/${t}/oauth2/v2.0/authorize`,o=`https://login.microsoftonline.com/${t}/oauth2/v2.0/token`;return{id:"microsoft",name:"Microsoft EntraID",createAuthorizationURL(n){let i=e.scope||n.scopes||["openid","profile","email","User.Read"];return E({id:"microsoft",options:e,authorizationEndpoint:r,state:n.state,codeVerifier:n.codeVerifier,scopes:i,redirectURI:n.redirectURI})},validateAuthorizationCode({code:n,codeVerifier:i,redirectURI:s}){return y({code:n,codeVerifier:i,redirectURI:e.redirectURI||s,options:e,tokenEndpoint:o})},async getUserInfo(n){if(!n.idToken)return null;let i=Rt(n.idToken)?.payload,s=e.profilePhotoSize||48;return await kt(`https://graph.microsoft.com/v1.0/me/photos/${s}x${s}/$value`,{headers:{Authorization:`Bearer ${n.accessToken}`},async onResponse(a){if(!(e.disableProfilePhoto||!a.response.ok))try{let d=await a.response.clone().arrayBuffer(),l=Buffer.from(d).toString("base64");i.picture=`data:image/jpeg;base64, ${l}`}catch(c){w.error(c)}}}),{user:{id:i.sub,name:i.name,email:i.email,image:i.picture,emailVerified:!0},data:i}}}};import{betterFetch as Ut}from"@better-fetch/fetch";var Ue=e=>({id:"spotify",name:"Spotify",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:n}){let i=e.scope||r||["user-read-email"];return E({id:"spotify",options:e,authorizationEndpoint:"https://accounts.spotify.com/authorize",scopes:i,state:t,codeVerifier:o,redirectURI:n})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>y({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"}),async getUserInfo(t){let{data:r,error:o}=await Ut("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o?null:{user:{id:r.id,name:r.display_name,email:r.email,image:r.images[0]?.url,emailVerified:!1},data:r}}});import"@better-fetch/fetch";var I={isAction:!1};import{nanoid as Et}from"nanoid";var Ee=e=>Et(e);import{parseJWT as xt}from"oslo/jwt";var xe=e=>({id:"twitch",name:"Twitch",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let n=e.scope||r||["user:read:email","openid"];return E({id:"twitch",redirectURI:o,options:e,authorizationEndpoint:"https://id.twitch.tv/oauth2/authorize",scopes:n,state:t,claims:e.claims||["email","email_verified","preferred_username","picture"]})},validateAuthorizationCode:async({code:t,redirectURI:r})=>y({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let r=t.idToken;if(!r)return w.error("No idToken found in token"),null;let o=xt(r)?.payload;return{user:{id:o.sub,name:o.preferred_username,email:o.email,image:o.picture,emailVerified:!1},data:o}}});import{betterFetch as vt}from"@better-fetch/fetch";var ve=e=>({id:"twitter",name:"Twitter",createAuthorizationURL(t){let r=e.scope||t.scopes||["account_info.read"];return E({id:"twitter",options:e,authorizationEndpoint:"https://twitter.com/i/oauth2/authorize",scopes:r,state:t.state,codeVerifier:t.codeVerifier,redirectURI:t.redirectURI})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>y({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await vt("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}}});var Tt={apple:he,discord:we,facebook:ye,github:Ae,microsoft:Re,google:ke,spotify:Ue,twitch:xe,twitter:ve},Te=Object.keys(Tt);import{TimeSpan as St}from"oslo";import{createJWT as Pt,validateJWT as Ot}from"oslo/jwt";import{z as T}from"zod";import{APIError as z}from"better-call";import{APIError as N}from"better-call";var Z=(e,t="ms")=>new Date(Date.now()+(t==="sec"?e*1e3:e));import{z as Se}from"zod";var X=()=>m("/session",{method:"GET",requireHeaders:!0},async e=>{try{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let r=await e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return M(e),r&&await e.context.internalAdapter.deleteSession(r.session.id),e.json(null,{status:401});if(await e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let n=e.context.sessionConfig.expiresIn,i=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-n*1e3+i*1e3<=Date.now()){let c=await e.context.internalAdapter.updateSession(r.session.id,{expiresAt:Z(e.context.sessionConfig.expiresIn,"sec")});if(!c)return M(e),e.json(null,{status:401});let d=(c.expiresAt.valueOf()-Date.now())/1e3;return await P(e,c.id,!1,{maxAge:d}),e.json({session:c,user:r.user})}return e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}}),ee=async e=>await X()({...e,_flag:"json",headers:e.headers}),_=$(async e=>{let t=await ee(e);if(!t?.session)throw new N("UNAUTHORIZED");return{session:t}}),Pe=()=>m("/user/list-sessions",{method:"GET",use:[_],requireHeaders:!0},async e=>{let r=(await e.context.internalAdapter.listSessions(e.context.session.user.id)).filter(o=>o.expiresAt>new Date);return e.json(r)}),Oe=m("/user/revoke-session",{method:"POST",body:Se.object({id:Se.string()}),use:[_],requireHeaders:!0},async e=>{let t=e.body.id,r=await e.context.internalAdapter.findSession(t);if(!r)throw new N("BAD_REQUEST",{message:"Session not found"});if(r.session.userId!==e.context.session.user.id)throw new N("UNAUTHORIZED");try{await e.context.internalAdapter.deleteSession(t)}catch(o){throw e.context.logger.error(o),new N("INTERNAL_SERVER_ERROR")}return e.json({status:!0})}),_e=m("/user/revoke-sessions",{method:"POST",use:[_],requireHeaders:!0},async e=>{try{await e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){throw e.context.logger.error(t),new N("INTERNAL_SERVER_ERROR")}return e.json({status:!0})});async function L(e,t,r){return await Pt("HS256",Buffer.from(e),{email:t.toLowerCase(),updateTo:r},{expiresIn:new St(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})}var Le=m("/send-verification-email",{method:"POST",query:T.object({currentURL:T.string().optional()}).optional(),body:T.object({email:T.string().email(),callbackURL:T.string().optional()}),use:[U]},async e=>{if(!e.context.options.emailVerification?.sendVerificationEmail)throw e.context.logger.error("Verification email isn't enabled."),new z("BAD_REQUEST",{message:"Verification email isn't enabled"});let{email:t}=e.body,r=await e.context.internalAdapter.findUserByEmail(t);if(!r)throw new z("BAD_REQUEST",{message:"User not found"});let o=await L(e.context.secret,t),n=`${e.context.baseURL}/verify-email?token=${o}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.emailVerification.sendVerificationEmail(r.user,n,o),e.json({status:!0})}),Ie=m("/verify-email",{method:"GET",query:T.object({token:T.string(),callbackURL:T.string().optional()}),use:[U]},async e=>{let{token:t}=e.query,r;try{r=await Ot("HS256",Buffer.from(e.context.secret),t)}catch(s){throw e.context.logger.error("Failed to verify email",s),new z("BAD_REQUEST",{message:"Invalid token"})}let n=T.object({email:T.string().email(),updateTo:T.string().optional()}).parse(r.payload);if(!await e.context.internalAdapter.findUserByEmail(n.email))throw new z("BAD_REQUEST",{message:"User not found"});if(n.updateTo){let s=await ee(e);if(!s)throw e.query.callbackURL?e.redirect(`${e.query.callbackURL}?error=unauthorized`):new z("UNAUTHORIZED",{message:"Session not found"});if(s.user.email!==n.email)throw e.query.callbackURL?e.redirect(`${e.query.callbackURL}?error=unauthorized`):new z("UNAUTHORIZED",{message:"Invalid session"});let a=await e.context.internalAdapter.updateUserByEmail(n.email,{email:n.updateTo});if(await e.context.options.emailVerification?.sendVerificationEmail?.(a,`${e.context.baseURL}/verify-email?token=${t}`,t),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({user:a,status:!0})}if(await e.context.internalAdapter.updateUserByEmail(n.email,{emailVerified:!0}),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({user:null,status:!0})});var Ce=m("/sign-in/social",{method:"POST",requireHeaders:!0,query:v.object({currentURL:v.string().optional()}).optional(),body:v.object({callbackURL:v.string().optional(),provider:v.enum(Te)}),use:[U]},async e=>{let t=e.context.socialProviders.find(c=>c.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider in your auth config",{provider:e.body.provider}),new S("NOT_FOUND",{message:"Provider not found"});let r=e.context.authCookies,o=e.query?.currentURL?new URL(e.query?.currentURL):null,n=e.body.callbackURL?.startsWith("http")?e.body.callbackURL:`${o?.origin}${e.body.callbackURL||""}`,i=await me(n||o?.origin||e.context.options.baseURL);await e.setSignedCookie(r.state.name,i.hash,e.context.secret,r.state.options);let s=_t();await e.setSignedCookie(r.pkCodeVerifier.name,s,e.context.secret,r.pkCodeVerifier.options);let a=await t.createAuthorizationURL({state:i.raw,codeVerifier:s,redirectURI:`${e.context.baseURL}/callback/${t.id}`});return e.json({url:a.toString(),state:i,codeVerifier:s,redirect:!0})}),Be=m("/sign-in/email",{method:"POST",body:v.object({email:v.string(),password:v.string(),callbackURL:v.string().optional(),dontRememberMe:v.boolean().default(!1).optional()}),use:[U]},async e=>{if(!e.context.options?.emailAndPassword?.enabled)throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new S("BAD_REQUEST",{message:"Email and password is not enabled"});let{email:t,password:r}=e.body;if(!v.string().email().safeParse(t).success)throw new S("BAD_REQUEST",{message:"Invalid email"});if(!v.string().email().safeParse(t).success)throw new S("BAD_REQUEST",{message:"Invalid email"});let i=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!i)throw await e.context.password.hash(r),e.context.logger.error("User not found",{email:t}),new S("UNAUTHORIZED",{message:"Invalid email or password"});let s=i.accounts.find(l=>l.providerId==="credential");if(!s)throw e.context.logger.error("Credential account not found",{email:t}),new S("UNAUTHORIZED",{message:"Invalid email or password"});let a=s?.password;if(!a)throw e.context.logger.error("Password not found",{email:t}),new S("UNAUTHORIZED",{message:"Unexpected error"});if(!await e.context.password.verify(a,r))throw e.context.logger.error("Invalid password"),new S("UNAUTHORIZED",{message:"Invalid email or password"});if(e.context.options?.emailAndPassword?.requireEmailVerification&&!i.user.emailVerified){if(!e.context.options?.emailVerification?.sendVerificationEmail)throw w.error("Email verification is required but no email verification handler is provided"),new S("INTERNAL_SERVER_ERROR",{message:"Email is not verified."});let l=await L(e.context.secret,i.user.email),h=`${e.context.options.baseURL}/verify-email?token=${l}`;throw await e.context.options.emailVerification.sendVerificationEmail(i.user,h,l),e.context.logger.error("Email not verified",{email:t}),new S("FORBIDDEN",{message:"Email is not verified. Check your email for a verification link"})}let d=await e.context.internalAdapter.createSession(i.user.id,e.headers,e.body.dontRememberMe);if(!d)throw e.context.logger.error("Failed to create session"),new S("UNAUTHORIZED",{message:"Failed to create session"});return await P(e,d.id,e.body.dontRememberMe),e.json({user:i.user,session:d,redirect:!!e.body.callbackURL,url:e.body.callbackURL})});import{z as Q}from"zod";import{z as f}from"zod";var Jn=f.object({id:f.string(),providerId:f.string(),accountId:f.string(),userId:f.string(),accessToken:f.string().nullable().optional(),refreshToken:f.string().nullable().optional(),idToken:f.string().nullable().optional(),expiresAt:f.date().nullable().optional(),password:f.string().optional().nullable()}),De=f.object({id:f.string(),email:f.string().transform(e=>e.toLowerCase()),emailVerified:f.boolean().default(!1),name:f.string(),image:f.string().optional(),createdAt:f.date().default(new Date),updatedAt:f.date().default(new Date)}),Kn=f.object({id:f.string(),userId:f.string(),expiresAt:f.date(),ipAddress:f.string().optional(),userAgent:f.string().optional()}),Yn=f.object({id:f.string(),value:f.string(),expiresAt:f.date(),identifier:f.string()});function $e(e,t){let r={...t==="user"?e.user?.additionalFields:{},...t==="session"?e.session?.additionalFields:{}};for(let o of e.plugins||[])o.schema&&o.schema[t]&&(r={...r,...o.schema[t].fields});return r}function Ve(e,t){let r=t.fields,o={};for(let n in r){if(n in e){if(r[n].input===!1){if(r[n].defaultValue){o[n]=r[n].defaultValue;continue}continue}o[n]=e[n];continue}if(r[n].defaultValue){o[n]=r[n].defaultValue;continue}}return o}function ze(e,t){let r=$e(e,"user");return Ve(t||{},{fields:r})}function je(e,t){let r=$e(e,"user");return Ve(t||{},{fields:r})}var qe=m("/callback/:id",{method:"GET",query:Q.object({state:Q.string(),code:Q.string().optional(),error:Q.string().optional()}),metadata:I},async e=>{if(e.query.error||!e.query.code){let k=K(e.query.state).data?.callbackURL||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${k}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(p=>p.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let r=K(e.query.state);if(!r.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let{data:{callbackURL:o,currentURL:n}}=r,i=await e.getSignedCookie(e.context.authCookies.state.name,e.context.secret);if(!i)throw w.error("No stored state found"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!await pe(e.query.state,i))throw w.error("OAuth state mismatch"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let a=await e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),c;try{c=await t.validateAuthorizationCode({code:e.query.code,codeVerifier:a,redirectURI:`${e.context.baseURL}/callback/${t.id}`})}catch(p){throw e.context.logger.error(p),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`)}let d=await t.getUserInfo(c).then(p=>p?.user),l=Ee(),h=De.safeParse({...d,id:l});if(!d||h.success===!1)throw w.error("Unable to get user info",h.error),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!o)throw e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);function g(p){throw e.redirect(`${n||o||`${e.context.baseURL}/error`}?error=${p}`)}let u=await e.context.internalAdapter.findUserByEmail(d.email,{includeAccounts:!0}).catch(p=>{throw w.error(`Better auth was unable to query your database.
|
|
3
|
-
Error: `,p),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)}),b=u?.user.id;if(u){if(!u.accounts.find(k=>k.providerId===t.id)){(!e.context.options.account?.accountLinking?.trustedProviders?.includes(t.id)&&!d.emailVerified||!e.context.options.account?.accountLinking?.enabled)&&g("account_not_linked");try{await e.context.internalAdapter.linkAccount({providerId:t.id,accountId:d.id.toString(),id:`${t.id}:${d.id}`,userId:u.user.id,...Y(c)})}catch(
|
|
1
|
+
import{APIError as nt,createRouter as qt,statusCode as Nt}from"better-call";import{APIError as J}from"better-call";import{z as de}from"zod";import{xchacha20poly1305 as or}from"@noble/ciphers/chacha";import{bytesToHex as ir,hexToBytes as sr,utf8ToBytes as ar}from"@noble/ciphers/utils";import{managedNonce as cr}from"@noble/ciphers/webcrypto";import{sha256 as ur}from"oslo/crypto";import ie from"uncrypto";function W(e,t){let r=new Uint8Array(e),o=new Uint8Array(t);if(r.length!==o.length)return!1;let n=0;for(let i=0;i<r.length;i++)n|=r[i]^o[i];return n===0}import{decodeHex as Zt,encodeHex as Qt}from"oslo/encoding";import{scryptAsync as Jt}from"@noble/hashes/scrypt";import{getRandomValues as Yt}from"uncrypto";import te from"uncrypto";function it(e){return e.toString(2).padStart(8,"0")}function st(e){return[...e].map(t=>it(t)).join("")}function re(e){return parseInt(st(e),2)}function at(e){if(e<0||!Number.isInteger(e))throw new Error("Argument 'max' must be an integer greater than or equal to 0");let t=(e-1).toString(2).length,r=t%8,o=new Uint8Array(Math.ceil(t/8));te.getRandomValues(o),r!==0&&(o[0]&=(1<<r)-1);let n=re(o);for(;n>=e;)te.getRandomValues(o),r!==0&&(o[0]&=(1<<r)-1),n=re(o);return n}function oe(e,t){let r="";for(let o=0;o<e;o++)r+=t[at(t.length)];return r}function ne(...e){let t=new Set(e),r="";for(let o of t)o==="a-z"?r+="abcdefghijklmnopqrstuvwxyz":o==="A-Z"?r+="ABCDEFGHIJKLMNOPQRSTUVWXYZ":o==="0-9"?r+="0123456789":r+=o;return r}async function F(e,t){let r=new TextEncoder,o={name:"HMAC",hash:"SHA-256"},n=await ie.subtle.importKey("raw",r.encode(e),o,!1,["sign","verify"]),i=await ie.subtle.sign(o.name,n,r.encode(t));return btoa(String.fromCharCode(...new Uint8Array(i)))}import{createEndpointCreator as dt,createMiddleware as se,createMiddlewareCreator as ct}from"better-call";var ae=se(async()=>({})),$=ct({use:[ae,se(async()=>({}))]}),m=dt({use:[ae]});var ce=$({body:de.object({csrfToken:de.string().optional()}).optional()},async e=>{if(e.request?.method!=="POST"||e.context.options.advanced?.disableCSRFCheck)return;let t=e.headers?.get("origin")||"";if(t){let a=new URL(t).origin;if(e.context.trustedOrigins.includes(a))return}let r=e.body?.csrfToken;if(!r)throw new J("UNAUTHORIZED",{message:"CSRF Token is required"});let o=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret),[n,i]=o?.split("!")||[null,null];if(!r||!n||!i||n!==r)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new J("UNAUTHORIZED",{message:"Invalid CSRF Token"});let s=await F(e.context.secret,n);if(i!==s)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new J("UNAUTHORIZED",{message:"Invalid CSRF Token"})});import{APIError as S}from"better-call";import{generateCodeVerifier as _t}from"oslo/oauth2";import{z as T}from"zod";import{generateState as lt}from"oslo/oauth2";import{z as H}from"zod";import{sha256 as le}from"oslo/crypto";async function ue(e){let t=await le(typeof e=="string"?new TextEncoder().encode(e):e);return Buffer.from(t).toString("base64")}async function pe(e,t){let r=await le(typeof e=="string"?new TextEncoder().encode(e):e),o=Buffer.from(t,"base64");return W(r,o)}import"better-call";async function me(e){let t=lt(),r=JSON.stringify({code:t,callbackURL:e}),o=await ue(r);return{raw:r,hash:o}}function K(e){return H.object({code:H.string(),callbackURL:H.string().optional(),currentURL:H.string().optional()}).safeParse(JSON.parse(e))}import{TimeSpan as $r}from"oslo";var V=class extends Error{constructor(t,r){super(t),this.name="BetterAuthError",this.message=t,this.cause=r,this.stack=""}};import{env as jr,isProduction as qr}from"std-env";async function O(e,t,r,o){let n=e.context.authCookies.sessionToken.options;n.maxAge=r?void 0:e.context.sessionConfig.expiresIn,await e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,{...n,...o}),r&&await e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options)}function N(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}import{APIError as mt}from"better-call";import{createConsola as ut}from"consola";var D=ut({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),pt=e=>({log:(...t)=>{!e?.disabled&&D.log("",...t)},error:(...t)=>{!e?.disabled&&D.error("",...t)},warn:(...t)=>{!e?.disabled&&D.warn("",...t)},info:(...t)=>{!e?.disabled&&D.info("",...t)},debug:(...t)=>{!e?.disabled&&D.debug("",...t)},box:(...t)=>{!e?.disabled&&D.box("",...t)},success:(...t)=>{!e?.disabled&&D.success("",...t)},break:(...t)=>{!e?.disabled&&console.log(`
|
|
2
|
+
`)}}),w=pt();var U=$(async e=>{let{body:t,query:r,headers:o,context:n}=e,i=t?.callbackURL||r?.callbackURL||r?.redirectTo||t?.redirectTo,s=r?.currentURL||o?.get("referer")||n.baseURL,a=n.trustedOrigins,c=(d,l)=>{if(d?.startsWith("http")&&!a.some(g=>d.startsWith(g)))throw w.error(`Invalid ${l}`,{[l]:d,trustedOrigins:a}),new mt("FORBIDDEN",{message:`Invalid ${l}`})};c(i,"callbackURL"),c(s,"currentURL")});import{parseJWT as wt}from"oslo/jwt";import{sha256 as ft}from"oslo/crypto";import{base64url as gt}from"oslo/encoding";async function fe(e){let t=await ft(new TextEncoder().encode(e));return gt.encode(new Uint8Array(t),{includePadding:!1})}function ge(e){return{tokenType:e.token_type,accessToken:e.access_token,refreshToken:e.refresh_token,accessTokenExpiresAt:e.expires_at?new Date((Date.now()+e.expires_in)*1e3):void 0,scopes:e?.scope?typeof e.scope=="string"?e.scope.split(" "):e.scope:[],idToken:e.id_token}}async function E({id:e,options:t,authorizationEndpoint:r,state:o,codeVerifier:n,scopes:i,claims:s,disablePkce:a,redirectURI:c}){let d=new URL(r);if(d.searchParams.set("response_type","code"),d.searchParams.set("client_id",t.clientId),d.searchParams.set("state",o),d.searchParams.set("scope",i.join(" ")),d.searchParams.set("redirect_uri",t.redirectURI||c),!a&&n){let l=await fe(n);d.searchParams.set("code_challenge_method","S256"),d.searchParams.set("code_challenge",l)}if(s){let l=s.reduce((h,g)=>(h[g]=null,h),{});d.searchParams.set("claims",JSON.stringify({id_token:{email:null,email_verified:null,...l}}))}return d}import{betterFetch as ht}from"@better-fetch/fetch";async function y({code:e,codeVerifier:t,redirectURI:r,options:o,tokenEndpoint:n}){let i=new URLSearchParams;i.set("grant_type","authorization_code"),i.set("code",e),t&&i.set("code_verifier",t),i.set("redirect_uri",r),i.set("client_id",o.clientId),i.set("client_secret",o.clientSecret);let{data:s,error:a}=await ht(n,{method:"POST",body:i,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(a)throw a;return ge(s)}function Y(e){let t=e.accessToken,r=e.refreshToken,o;try{o=e.accessTokenExpiresAt}catch{}return{accessToken:t,refreshToken:r,expiresAt:o}}var he=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:r,scopes:o,redirectURI:n}){let i=e.scope||o||["email","name","openid"];return new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${n||e.redirectURI}&scope=${i.join(" ")}&state=${r}`)},validateAuthorizationCode:async({code:r,codeVerifier:o,redirectURI:n})=>y({code:r,codeVerifier:o,redirectURI:e.redirectURI||n,options:e,tokenEndpoint:t}),async getUserInfo(r){if(!r.idToken)return null;let o=wt(r.idToken)?.payload;return o?{user:{id:o.sub,name:o.name,email:o.email,emailVerified:o.email_verified==="true"},data:o}:null}}};import{betterFetch as yt}from"@better-fetch/fetch";var we=e=>({id:"discord",name:"Discord",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let n=e.scope||r||["identify","email"];return new URL(`https://discord.com/api/oauth2/authorize?scope=${n.join("+")}&response_type=code&client_id=${e.clientId}&redirect_uri=${encodeURIComponent(e.redirectURI||o)}&state=${t}`)},validateAuthorizationCode:async({code:t,redirectURI:r})=>y({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await yt("https://discord.com/api/users/@me",{headers:{authorization:`Bearer ${t.accessToken}`}});if(o)return null;if(r.avatar===null){let n=r.discriminator==="0"?Number(BigInt(r.id)>>BigInt(22))%6:parseInt(r.discriminator)%5;r.image_url=`https://cdn.discordapp.com/embed/avatars/${n}.png`}else{let n=r.avatar.startsWith("a_")?"gif":"png";r.image_url=`https://cdn.discordapp.com/avatars/${r.id}/${r.avatar}.${n}`}return{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified,image:r.image_url},data:r}}});import{betterFetch as bt}from"@better-fetch/fetch";var ye=e=>({id:"facebook",name:"Facebook",async createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let n=e.scope||r||["email","public_profile"];return await E({id:"facebook",options:e,authorizationEndpoint:"https://www.facebook.com/v21.0/dialog/oauth",scopes:n,state:t,redirectURI:o})},validateAuthorizationCode:async({code:t,redirectURI:r})=>y({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://graph.facebook.com/oauth/access_token"}),async getUserInfo(t){let{data:r,error:o}=await bt("https://graph.facebook.com/me?fields=id,name,email,picture",{auth:{type:"Bearer",token:t.accessToken}});return o?null:{user:{id:r.id,name:r.name,email:r.email,emailVerified:r.email_verified},data:r}}});import{betterFetch as be}from"@better-fetch/fetch";var Ae=e=>{let t="https://github.com/login/oauth/access_token";return{id:"github",name:"Github",createAuthorizationURL({state:r,scopes:o,codeVerifier:n,redirectURI:i}){let s=e.scope||o||["user:email"];return E({id:"github",options:e,authorizationEndpoint:"https://github.com/login/oauth/authorize",scopes:s,state:r,redirectURI:i,codeVerifier:n})},validateAuthorizationCode:async({code:r,redirectURI:o})=>y({code:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:t}),async getUserInfo(r){let{data:o,error:n}=await be("https://api.github.com/user",{headers:{"User-Agent":"better-auth",authorization:`Bearer ${r.accessToken}`}});if(n)return null;let i=!1;if(!o.email){let{data:s,error:a}=await be("https://api.github.com/user/emails",{headers:{authorization:`Bearer ${r.accessToken}`,"User-Agent":"better-auth"}});a||(o.email=(s.find(c=>c.primary)??s[0])?.email,i=s.find(c=>c.email===o.email)?.verified??!1)}return{user:{id:o.id.toString(),name:o.name||o.login,email:o.email,image:o.avatar_url,emailVerified:i},data:o}}}};import{parseJWT as At}from"oslo/jwt";var ke=e=>({id:"google",name:"Google",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:n}){if(!e.clientId||!e.clientSecret)throw w.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new V("CLIENT_ID_AND_SECRET_REQUIRED");if(!o)throw new V("codeVerifier is required for Google");let i=e.scope||r||["email","profile"];return E({id:"google",options:e,authorizationEndpoint:"https://accounts.google.com/o/oauth2/auth",scopes:i,state:t,codeVerifier:o,redirectURI:n})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>y({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"}),async getUserInfo(t){if(!t.idToken)return null;let r=At(t.idToken)?.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}}});import{betterFetch as kt}from"@better-fetch/fetch";import{parseJWT as Rt}from"oslo/jwt";var Re=e=>{let t=e.tenantId||"common",r=`https://login.microsoftonline.com/${t}/oauth2/v2.0/authorize`,o=`https://login.microsoftonline.com/${t}/oauth2/v2.0/token`;return{id:"microsoft",name:"Microsoft EntraID",createAuthorizationURL(n){let i=e.scope||n.scopes||["openid","profile","email","User.Read"];return E({id:"microsoft",options:e,authorizationEndpoint:r,state:n.state,codeVerifier:n.codeVerifier,scopes:i,redirectURI:n.redirectURI})},validateAuthorizationCode({code:n,codeVerifier:i,redirectURI:s}){return y({code:n,codeVerifier:i,redirectURI:e.redirectURI||s,options:e,tokenEndpoint:o})},async getUserInfo(n){if(!n.idToken)return null;let i=Rt(n.idToken)?.payload,s=e.profilePhotoSize||48;return await kt(`https://graph.microsoft.com/v1.0/me/photos/${s}x${s}/$value`,{headers:{Authorization:`Bearer ${n.accessToken}`},async onResponse(a){if(!(e.disableProfilePhoto||!a.response.ok))try{let d=await a.response.clone().arrayBuffer(),l=Buffer.from(d).toString("base64");i.picture=`data:image/jpeg;base64, ${l}`}catch(c){w.error(c)}}}),{user:{id:i.sub,name:i.name,email:i.email,image:i.picture,emailVerified:!0},data:i}}}};import{betterFetch as Ut}from"@better-fetch/fetch";var Ue=e=>({id:"spotify",name:"Spotify",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:n}){let i=e.scope||r||["user-read-email"];return E({id:"spotify",options:e,authorizationEndpoint:"https://accounts.spotify.com/authorize",scopes:i,state:t,codeVerifier:o,redirectURI:n})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>y({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"}),async getUserInfo(t){let{data:r,error:o}=await Ut("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o?null:{user:{id:r.id,name:r.display_name,email:r.email,image:r.images[0]?.url,emailVerified:!1},data:r}}});import"@better-fetch/fetch";var C={isAction:!1};import{nanoid as Et}from"nanoid";var Ee=e=>Et(e);import{parseJWT as xt}from"oslo/jwt";var xe=e=>({id:"twitch",name:"Twitch",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let n=e.scope||r||["user:read:email","openid"];return E({id:"twitch",redirectURI:o,options:e,authorizationEndpoint:"https://id.twitch.tv/oauth2/authorize",scopes:n,state:t,claims:e.claims||["email","email_verified","preferred_username","picture"]})},validateAuthorizationCode:async({code:t,redirectURI:r})=>y({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let r=t.idToken;if(!r)return w.error("No idToken found in token"),null;let o=xt(r)?.payload;return{user:{id:o.sub,name:o.preferred_username,email:o.email,image:o.picture,emailVerified:!1},data:o}}});import{betterFetch as Tt}from"@better-fetch/fetch";var Te=e=>({id:"twitter",name:"Twitter",createAuthorizationURL(t){let r=e.scope||t.scopes||["account_info.read"];return E({id:"twitter",options:e,authorizationEndpoint:"https://twitter.com/i/oauth2/authorize",scopes:r,state:t.state,codeVerifier:t.codeVerifier,redirectURI:t.redirectURI})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>y({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await Tt("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}}});var vt={apple:he,discord:we,facebook:ye,github:Ae,microsoft:Re,google:ke,spotify:Ue,twitch:xe,twitter:Te},ve=Object.keys(vt);import{TimeSpan as St}from"oslo";import{createJWT as Pt,validateJWT as Ot}from"oslo/jwt";import{z as v}from"zod";import{APIError as z}from"better-call";import{APIError as M}from"better-call";var Z=(e,t="ms")=>new Date(Date.now()+(t==="sec"?e*1e3:e));import{z as Se}from"zod";var X=()=>m("/session",{method:"GET",requireHeaders:!0},async e=>{try{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let r=await e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return N(e),r&&await e.context.internalAdapter.deleteSession(r.session.id),e.json(null,{status:401});if(await e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let n=e.context.sessionConfig.expiresIn,i=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-n*1e3+i*1e3<=Date.now()){let c=await e.context.internalAdapter.updateSession(r.session.id,{expiresAt:Z(e.context.sessionConfig.expiresIn,"sec")});if(!c)return N(e),e.json(null,{status:401});let d=(c.expiresAt.valueOf()-Date.now())/1e3;return await O(e,c.id,!1,{maxAge:d}),e.json({session:c,user:r.user})}return e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}}),ee=async e=>await X()({...e,_flag:"json",headers:e.headers}),_=$(async e=>{let t=await ee(e);if(!t?.session)throw new M("UNAUTHORIZED");return{session:t}}),Pe=()=>m("/user/list-sessions",{method:"GET",use:[_],requireHeaders:!0},async e=>{let r=(await e.context.internalAdapter.listSessions(e.context.session.user.id)).filter(o=>o.expiresAt>new Date);return e.json(r)}),Oe=m("/user/revoke-session",{method:"POST",body:Se.object({id:Se.string()}),use:[_],requireHeaders:!0},async e=>{let t=e.body.id,r=await e.context.internalAdapter.findSession(t);if(!r)throw new M("BAD_REQUEST",{message:"Session not found"});if(r.session.userId!==e.context.session.user.id)throw new M("UNAUTHORIZED");try{await e.context.internalAdapter.deleteSession(t)}catch(o){throw e.context.logger.error(o),new M("INTERNAL_SERVER_ERROR")}return e.json({status:!0})}),_e=m("/user/revoke-sessions",{method:"POST",use:[_],requireHeaders:!0},async e=>{try{await e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){throw e.context.logger.error(t),new M("INTERNAL_SERVER_ERROR")}return e.json({status:!0})});async function L(e,t,r){return await Pt("HS256",Buffer.from(e),{email:t.toLowerCase(),updateTo:r},{expiresIn:new St(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})}var Le=m("/send-verification-email",{method:"POST",query:v.object({currentURL:v.string().optional()}).optional(),body:v.object({email:v.string().email(),callbackURL:v.string().optional()}),use:[U]},async e=>{if(!e.context.options.emailVerification?.sendVerificationEmail)throw e.context.logger.error("Verification email isn't enabled."),new z("BAD_REQUEST",{message:"Verification email isn't enabled"});let{email:t}=e.body,r=await e.context.internalAdapter.findUserByEmail(t);if(!r)throw new z("BAD_REQUEST",{message:"User not found"});let o=await L(e.context.secret,t),n=`${e.context.baseURL}/verify-email?token=${o}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.emailVerification.sendVerificationEmail(r.user,n,o),e.json({status:!0})}),Ie=m("/verify-email",{method:"GET",query:v.object({token:v.string(),callbackURL:v.string().optional()}),use:[U]},async e=>{let{token:t}=e.query,r;try{r=await Ot("HS256",Buffer.from(e.context.secret),t)}catch(s){throw e.context.logger.error("Failed to verify email",s),new z("BAD_REQUEST",{message:"Invalid token"})}let n=v.object({email:v.string().email(),updateTo:v.string().optional()}).parse(r.payload);if(!await e.context.internalAdapter.findUserByEmail(n.email))throw new z("BAD_REQUEST",{message:"User not found"});if(n.updateTo){let s=await ee(e);if(!s)throw e.query.callbackURL?e.redirect(`${e.query.callbackURL}?error=unauthorized`):new z("UNAUTHORIZED",{message:"Session not found"});if(s.user.email!==n.email)throw e.query.callbackURL?e.redirect(`${e.query.callbackURL}?error=unauthorized`):new z("UNAUTHORIZED",{message:"Invalid session"});let a=await e.context.internalAdapter.updateUserByEmail(n.email,{email:n.updateTo});if(await e.context.options.emailVerification?.sendVerificationEmail?.(a,`${e.context.baseURL}/verify-email?token=${t}`,t),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({user:a,status:!0})}if(await e.context.internalAdapter.updateUserByEmail(n.email,{emailVerified:!0}),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({user:null,status:!0})});var Ce=m("/sign-in/social",{method:"POST",requireHeaders:!0,query:T.object({currentURL:T.string().optional()}).optional(),body:T.object({callbackURL:T.string().optional(),provider:T.enum(ve)}),use:[U]},async e=>{let t=e.context.socialProviders.find(c=>c.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider in your auth config",{provider:e.body.provider}),new S("NOT_FOUND",{message:"Provider not found"});let r=e.context.authCookies,o=e.query?.currentURL?new URL(e.query?.currentURL):null,n=e.body.callbackURL?.startsWith("http")?e.body.callbackURL:`${o?.origin}${e.body.callbackURL||""}`,i=await me(n||o?.origin||e.context.options.baseURL);await e.setSignedCookie(r.state.name,i.hash,e.context.secret,r.state.options);let s=_t();await e.setSignedCookie(r.pkCodeVerifier.name,s,e.context.secret,r.pkCodeVerifier.options);let a=await t.createAuthorizationURL({state:i.raw,codeVerifier:s,redirectURI:`${e.context.baseURL}/callback/${t.id}`});return e.json({url:a.toString(),state:i,codeVerifier:s,redirect:!0})}),Be=m("/sign-in/email",{method:"POST",body:T.object({email:T.string(),password:T.string(),callbackURL:T.string().optional(),dontRememberMe:T.boolean().default(!1).optional()}),use:[U]},async e=>{if(!e.context.options?.emailAndPassword?.enabled)throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new S("BAD_REQUEST",{message:"Email and password is not enabled"});let{email:t,password:r}=e.body;if(!T.string().email().safeParse(t).success)throw new S("BAD_REQUEST",{message:"Invalid email"});if(!T.string().email().safeParse(t).success)throw new S("BAD_REQUEST",{message:"Invalid email"});let i=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!i)throw await e.context.password.hash(r),e.context.logger.error("User not found",{email:t}),new S("UNAUTHORIZED",{message:"Invalid email or password"});let s=i.accounts.find(l=>l.providerId==="credential");if(!s)throw e.context.logger.error("Credential account not found",{email:t}),new S("UNAUTHORIZED",{message:"Invalid email or password"});let a=s?.password;if(!a)throw e.context.logger.error("Password not found",{email:t}),new S("UNAUTHORIZED",{message:"Unexpected error"});if(!await e.context.password.verify(a,r))throw e.context.logger.error("Invalid password"),new S("UNAUTHORIZED",{message:"Invalid email or password"});if(e.context.options?.emailAndPassword?.requireEmailVerification&&!i.user.emailVerified){if(!e.context.options?.emailVerification?.sendVerificationEmail)throw w.error("Email verification is required but no email verification handler is provided"),new S("INTERNAL_SERVER_ERROR",{message:"Email is not verified."});let l=await L(e.context.secret,i.user.email),h=`${e.context.options.baseURL}/verify-email?token=${l}`;throw await e.context.options.emailVerification.sendVerificationEmail(i.user,h,l),e.context.logger.error("Email not verified",{email:t}),new S("FORBIDDEN",{message:"Email is not verified. Check your email for a verification link"})}let d=await e.context.internalAdapter.createSession(i.user.id,e.headers,e.body.dontRememberMe);if(!d)throw e.context.logger.error("Failed to create session"),new S("UNAUTHORIZED",{message:"Failed to create session"});return await O(e,d.id,e.body.dontRememberMe),e.json({user:i.user,session:d,redirect:!!e.body.callbackURL,url:e.body.callbackURL})});import{z as Q}from"zod";import{z as f}from"zod";var Jn=f.object({id:f.string(),providerId:f.string(),accountId:f.string(),userId:f.string(),accessToken:f.string().nullable().optional(),refreshToken:f.string().nullable().optional(),idToken:f.string().nullable().optional(),expiresAt:f.date().nullable().optional(),password:f.string().optional().nullable()}),De=f.object({id:f.string(),email:f.string().transform(e=>e.toLowerCase()),emailVerified:f.boolean().default(!1),name:f.string(),image:f.string().optional(),createdAt:f.date().default(new Date),updatedAt:f.date().default(new Date)}),Kn=f.object({id:f.string(),userId:f.string(),expiresAt:f.date(),ipAddress:f.string().optional(),userAgent:f.string().optional()}),Yn=f.object({id:f.string(),value:f.string(),expiresAt:f.date(),identifier:f.string()});function $e(e,t){let r={...t==="user"?e.user?.additionalFields:{},...t==="session"?e.session?.additionalFields:{}};for(let o of e.plugins||[])o.schema&&o.schema[t]&&(r={...r,...o.schema[t].fields});return r}function Ve(e,t){let r=t.fields,o={};for(let n in r){if(n in e){if(r[n].input===!1){if(r[n].defaultValue){o[n]=r[n].defaultValue;continue}continue}o[n]=e[n];continue}if(r[n].defaultValue){o[n]=r[n].defaultValue;continue}}return o}function ze(e,t){let r=$e(e,"user");return Ve(t||{},{fields:r})}function je(e,t){let r=$e(e,"user");return Ve(t||{},{fields:r})}var qe=m("/callback/:id",{method:"GET",query:Q.object({state:Q.string(),code:Q.string().optional(),error:Q.string().optional()}),metadata:C},async e=>{if(e.query.error||!e.query.code){let k=K(e.query.state).data?.callbackURL||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${k}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(p=>p.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let r=K(e.query.state);if(!r.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let{data:{callbackURL:o,currentURL:n}}=r,i=await e.getSignedCookie(e.context.authCookies.state.name,e.context.secret);if(!i)throw w.error("No stored state found"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!await pe(e.query.state,i))throw w.error("OAuth state mismatch"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let a=await e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),c;try{c=await t.validateAuthorizationCode({code:e.query.code,codeVerifier:a,redirectURI:`${e.context.baseURL}/callback/${t.id}`})}catch(p){throw e.context.logger.error(p),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`)}let d=await t.getUserInfo(c).then(p=>p?.user),l=Ee(),h=De.safeParse({...d,id:l});if(!d||h.success===!1)throw w.error("Unable to get user info",h.error),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!o)throw e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);function g(p){throw e.redirect(`${n||o||`${e.context.baseURL}/error`}?error=${p}`)}let u=await e.context.internalAdapter.findUserByEmail(d.email,{includeAccounts:!0}).catch(p=>{throw w.error(`Better auth was unable to query your database.
|
|
3
|
+
Error: `,p),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)}),b=u?.user.id;if(u){if(!u.accounts.find(k=>k.providerId===t.id)){(!e.context.options.account?.accountLinking?.trustedProviders?.includes(t.id)&&!d.emailVerified||!e.context.options.account?.accountLinking?.enabled)&&g("account_not_linked");try{await e.context.internalAdapter.linkAccount({providerId:t.id,accountId:d.id.toString(),id:`${t.id}:${d.id}`,userId:u.user.id,...Y(c)})}catch(B){w.error("Unable to link account",B),g("unable_to_link_account")}}}else try{let p=d.emailVerified||!1,k=await e.context.internalAdapter.createOAuthUser({...h.data,emailVerified:p},{...Y(c),providerId:t.id,accountId:d.id.toString()});if(b=k?.user.id,!p&&k&&e.context.options.emailVerification?.sendOnSignUp){let q=await L(e.context.secret,d.email),B=`${e.context.baseURL}/verify-email?token=${q}&callbackURL=${o}`;await e.context.options.emailVerification?.sendVerificationEmail?.(k.user,B,q)}}catch(p){w.error("Unable to create user",p),g("unable_to_create_user")}b||g("unable_to_create_user");let x=await e.context.internalAdapter.createSession(b,e.request);throw x||g("unable_to_create_session"),await O(e,x.id),e.redirect(o)});import"zod";import{APIError as Lt}from"better-call";var Ne=m("/sign-out",{method:"POST"},async e=>{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)throw new Lt("BAD_REQUEST",{message:"Session not found"});return await e.context.internalAdapter.deleteSession(t),N(e),e.json({success:!0})});import{z as P}from"zod";import{APIError as G}from"better-call";var Me=m("/forget-password",{method:"POST",body:P.object({email:P.string().email(),redirectTo:P.string()}),use:[U]},async e=>{if(!e.context.options.emailAndPassword?.sendResetPassword)throw e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function in your auth config!"),new G("BAD_REQUEST",{message:"Reset password isn't enabled"});let{email:t,redirectTo:r}=e.body,o=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!o)return e.context.logger.error("Reset Password: User not found",{email:t}),e.json({status:!1},{body:{status:!0}});let n=60*60*1,i=new Date(Date.now()+1e3*(e.context.options.emailAndPassword.resetPasswordTokenExpiresIn||n)),s=e.context.uuid();await e.context.internalAdapter.createVerificationValue({value:o.user.id,identifier:`reset-password:${s}`,expiresAt:i});let a=`${e.context.baseURL}/reset-password/${s}?callbackURL=${r}`;return await e.context.options.emailAndPassword.sendResetPassword(o.user,a),e.json({status:!0})}),Fe=m("/reset-password/:token",{method:"GET",query:P.object({callbackURL:P.string()}),use:[U]},async e=>{let{token:t}=e.params,r=e.query.callbackURL,o=r.startsWith("http")?r:`${e.context.options.baseURL}${r}`;if(!t||!r)throw e.redirect(`${e.context.baseURL}/error?error=INVALID_TOKEN`);let n=await e.context.internalAdapter.findVerificationValue(`reset-password:${t}`);throw!n||n.expiresAt<new Date?e.redirect(`${o}?error=INVALID_TOKEN`):e.redirect(`${o}?token=${t}`)}),He=m("/reset-password",{query:P.optional(P.object({token:P.string().optional(),currentURL:P.string().optional()})),method:"POST",body:P.object({newPassword:P.string()})},async e=>{let t=e.query?.token||(e.query?.currentURL?new URL(e.query.currentURL).searchParams.get("token"):"");if(!t)throw new G("BAD_REQUEST",{message:"Token not found"});let{newPassword:r}=e.body,o=`reset-password:${t}`,n=await e.context.internalAdapter.findVerificationValue(o);if(!n||n.expiresAt<new Date)throw new G("BAD_REQUEST",{message:"Invalid token"});await e.context.internalAdapter.deleteVerificationValue(n.id);let i=n.value,s=await e.context.password.hash(r);if(!(await e.context.internalAdapter.findAccounts(i)).find(l=>l.providerId==="credential"))return await e.context.internalAdapter.createAccount({userId:i,providerId:"credential",password:s,accountId:e.context.uuid()}),e.json({status:!0});if(!await e.context.internalAdapter.updatePassword(i,s))throw new G("BAD_REQUEST",{message:"Failed to update password"});return e.json({status:!0})});import{z as A}from"zod";import{APIError as R}from"better-call";var Ze=()=>m("/user/update",{method:"POST",body:A.record(A.string(),A.any()),use:[_,U]},async e=>{let t=e.body;if(t.email)throw new R("BAD_REQUEST",{message:"You can't update email"});let{name:r,image:o,...n}=t,i=e.context.session;if(!o&&!r&&Object.keys(n).length===0)return e.json({user:i.user});let s=ze(e.context.options,n),a=await e.context.internalAdapter.updateUserByEmail(i.user.email,{name:r,image:o,...s});return e.json({user:a})}),Qe=m("/user/change-password",{method:"POST",body:A.object({newPassword:A.string(),currentPassword:A.string(),revokeOtherSessions:A.boolean().optional()}),use:[_]},async e=>{let{newPassword:t,currentPassword:r,revokeOtherSessions:o}=e.body,n=e.context.session,i=e.context.password.config.minPasswordLength;if(t.length<i)throw e.context.logger.error("Password is too short"),new R("BAD_REQUEST",{message:"Password is too short"});let s=e.context.password.config.maxPasswordLength;if(t.length>s)throw e.context.logger.error("Password is too long"),new R("BAD_REQUEST",{message:"Password too long"});let c=(await e.context.internalAdapter.findAccounts(n.user.id)).find(h=>h.providerId==="credential"&&h.password);if(!c||!c.password)throw new R("BAD_REQUEST",{message:"User does not have a password"});let d=await e.context.password.hash(t);if(!await e.context.password.verify(c.password,r))throw new R("BAD_REQUEST",{message:"Incorrect password"});if(await e.context.internalAdapter.updateAccount(c.id,{password:d}),o){await e.context.internalAdapter.deleteSessions(n.user.id);let h=await e.context.internalAdapter.createSession(n.user.id,e.headers);if(!h)throw new R("INTERNAL_SERVER_ERROR",{message:"Unable to create session"});await O(e,h.id)}return e.json(n.user)}),Ge=m("/user/set-password",{method:"POST",body:A.object({newPassword:A.string()}),use:[_]},async e=>{let{newPassword:t}=e.body,r=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)throw e.context.logger.error("Password is too short"),new R("BAD_REQUEST",{message:"Password is too short"});let n=e.context.password.config.maxPasswordLength;if(t.length>n)throw e.context.logger.error("Password is too long"),new R("BAD_REQUEST",{message:"Password too long"});let s=(await e.context.internalAdapter.findAccounts(r.user.id)).find(c=>c.providerId==="credential"&&c.password),a=await e.context.password.hash(t);if(!s)return await e.context.internalAdapter.linkAccount({userId:r.user.id,providerId:"credential",accountId:r.user.id,password:a}),e.json(r.user);throw new R("BAD_REQUEST",{message:"user already has a password"})}),We=m("/user/delete",{method:"POST",body:A.object({password:A.string()}),use:[_]},async e=>{let{password:t}=e.body,r=e.context.session,n=(await e.context.internalAdapter.findAccounts(r.user.id)).find(a=>a.providerId==="credential"&&a.password);if(!n||!n.password)throw new R("BAD_REQUEST",{message:"User does not have a password"});if(!await e.context.password.verify(n.password,t))throw new R("BAD_REQUEST",{message:"Incorrect password"});await e.context.internalAdapter.deleteUser(r.user.id),await e.context.internalAdapter.deleteSessions(r.user.id);let s=e.context.authCookies.sessionToken;return e.setCookie(s.name,"",{maxAge:0}),e.json(null)}),Je=m("/user/change-email",{method:"POST",query:A.object({currentURL:A.string().optional()}).optional(),body:A.object({newEmail:A.string().email(),callbackURL:A.string().optional()}),use:[_,U]},async e=>{if(!e.context.options.user?.changeEmail?.enabled)throw e.context.logger.error("Change email is disabled."),new R("BAD_REQUEST",{message:"Change email is disabled"});if(e.body.newEmail===e.context.session.user.email)throw e.context.logger.error("Email is the same"),new R("BAD_REQUEST",{message:"Email is the same"});if(await e.context.internalAdapter.findUserByEmail(e.body.newEmail))throw e.context.logger.error("Email already exists"),new R("BAD_REQUEST",{message:"Couldn't update your email"});if(e.context.session.user.emailVerified!==!0){let n=await e.context.internalAdapter.updateUserByEmail(e.context.session.user.email,{email:e.body.newEmail});return e.json({user:n,status:!0})}if(!e.context.options.user.changeEmail.sendChangeEmailVerification)throw e.context.logger.error("Verification email isn't enabled."),new R("BAD_REQUEST",{message:"Verification email isn't enabled"});let r=await L(e.context.secret,e.context.session.user.email,e.body.newEmail),o=`${e.context.baseURL}/verify-email?token=${r}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.user.changeEmail.sendChangeEmailVerification(e.context.session.user,e.body.newEmail,o,r),e.json({user:null,status:!0})});var Ke=m("/csrf",{method:"GET",metadata:C},async e=>{let t=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t){let[i,s]=t.split("!")||[null,null];return e.json({csrfToken:i})}let r=oe(32,ne("a-z","0-9","A-Z")),o=await F(e.context.secret,r),n=`${r}!${o}`;return await e.setSignedCookie(e.context.authCookies.csrfToken.name,n,e.context.secret,e.context.authCookies.csrfToken.options),e.json({csrfToken:r})});var It=(e="Unknown")=>`<!DOCTYPE html>
|
|
4
4
|
<html lang="en">
|
|
5
5
|
<head>
|
|
6
6
|
<meta charset="UTF-8">
|
|
@@ -80,4 +80,4 @@ Error: `,p),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)
|
|
|
80
80
|
<div class="error-code">Error Code: <span id="errorCode">${e}</span></div>
|
|
81
81
|
</div>
|
|
82
82
|
</body>
|
|
83
|
-
</html>`,Ye=m("/error",{method:"GET",metadata:
|
|
83
|
+
</html>`,Ye=m("/error",{method:"GET",metadata:C},async e=>{let t=new URL(e.request?.url||"").searchParams.get("error")||"Unknown";return new Response(It(t),{headers:{"Content-Type":"text/html"}})});var Xe=m("/ok",{method:"GET",metadata:C},async e=>e.json({ok:!0}));import{z as j}from"zod";import{APIError as I}from"better-call";var et=()=>m("/sign-up/email",{method:"POST",query:j.object({currentURL:j.string().optional()}).optional(),body:j.record(j.string(),j.any()),use:[U]},async e=>{if(!e.context.options.emailAndPassword?.enabled)throw new I("BAD_REQUEST",{message:"Email and password sign up is not enabled"});let t=e.body,{name:r,email:o,password:n,image:i,callbackURL:s,...a}=t;if(!j.string().email().safeParse(o).success)throw new I("BAD_REQUEST",{message:"Invalid email"});let d=e.context.password.config.minPasswordLength;if(n.length<d)throw e.context.logger.error("Password is too short"),new I("BAD_REQUEST",{message:"Password is too short"});let l=e.context.password.config.maxPasswordLength;if(n.length>l)throw e.context.logger.error("Password is too long"),new I("BAD_REQUEST",{message:"Password is too long"});if((await e.context.internalAdapter.findUserByEmail(o))?.user)throw e.context.logger.info(`Sign-up attempt for existing email: ${o}`),new I("UNPROCESSABLE_ENTITY",{message:"Failed to create user"});let g=je(e.context.options,a),u;try{if(u=await e.context.internalAdapter.createUser({email:o.toLowerCase(),name:r,image:i,...g,emailVerified:!1}),!u)throw new I("BAD_REQUEST",{message:"Failed to create user"})}catch(p){throw new I("UNPROCESSABLE_ENTITY",{message:"Failed to create user",details:p})}if(!u)throw new I("UNPROCESSABLE_ENTITY",{message:"Failed to create user"});let b=await e.context.password.hash(n);if(await e.context.internalAdapter.linkAccount({userId:u.id,providerId:"credential",accountId:u.id,password:b,expiresAt:Z(60*60*24*30,"sec")}),e.context.options.emailVerification?.sendOnSignUp){let p=await L(e.context.secret,u.email),k=`${e.context.baseURL}/verify-email?token=${p}&callbackURL=${t.callbackURL||e.query?.currentURL||"/"}`;await e.context.options.emailVerification?.sendVerificationEmail?.(u,k,p)}if(!e.context.options.emailAndPassword.autoSignIn||e.context.options.emailAndPassword.requireEmailVerification)return e.json({user:u,session:null},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:u,session:null}});let x=await e.context.internalAdapter.createSession(u.id,e.request);if(!x)throw new I("BAD_REQUEST",{message:"Failed to create session"});return await O(e,x.id),e.json({user:u,session:x},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:u,session:x}})});import{isTest as Ct}from"std-env";function tt(e){let t="127.0.0.1";if(Ct)return t;let r=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"],o=e instanceof Request?e.headers:e;for(let n of r){let i=o.get(n);if(typeof i=="string"){let s=i.split(",")[0].trim();if(s)return s}}return null}function Bt(e,t,r){let o=Date.now(),n=t*1e3;return o-r.lastRequest<n&&r.count>=e}function Dt(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function $t(e,t){let r=Date.now(),o=t*1e3;return Math.ceil((e+o-r)/1e3)}function Vt(e,t){let r=t??"rateLimit",o=e.adapter;return{get:async n=>await o.findOne({model:r,where:[{field:"key",value:n}]}),set:async(n,i,s)=>{try{s?await o.update({model:t??"rateLimit",where:[{field:"key",value:n}],update:{count:i.count,lastRequest:i.lastRequest}}):await o.create({model:t??"rateLimit",data:{key:n,count:i.count,lastRequest:i.lastRequest}})}catch(a){w.error("Error setting rate limit",a)}}}}var rt=new Map;function zt(e){return e.rateLimit.storage==="secondary-storage"?{get:async r=>{let o=await e.options.secondaryStorage?.get(r);return o?JSON.parse(o):void 0},set:async(r,o)=>{await e.options.secondaryStorage?.set?.(r,JSON.stringify(o))}}:e.rateLimit.storage==="memory"?{async get(r){return rt.get(r)},async set(r,o,n){rt.set(r,o)}}:Vt(e,e.rateLimit.tableName)}async function ot(e,t){if(!t.rateLimit.enabled)return;let r=t.baseURL,o=e.url.replace(r,""),n=t.rateLimit.window,i=t.rateLimit.max,s=tt(e)+o,c=jt().find(g=>g.pathMatcher(o));c&&(n=c.window,i=c.max);for(let g of t.options.plugins||[])if(g.rateLimit){let u=g.rateLimit.find(b=>b.pathMatcher(o));if(u){n=u.window,i=u.max;break}}if(t.rateLimit.customRules){let g=t.rateLimit.customRules[o];g&&(n=g.window,i=g.max)}let d=zt(t),l=await d.get(s),h=Date.now();if(!l)await d.set(s,{key:s,count:1,lastRequest:h});else{let g=h-l.lastRequest;if(Bt(i,n,l)){let u=$t(l.lastRequest,n);return Dt(u)}else g>n*1e3?await d.set(s,{...l,count:1,lastRequest:h}):await d.set(s,{...l,count:l.count+1,lastRequest:h})}}function jt(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:3}]}import{APIError as Fs}from"better-call";function Mt(e,t){let r=t.plugins?.reduce((a,c)=>({...a,...c.endpoints}),{}),o=t.plugins?.map(a=>a.middlewares?.map(c=>{let d=async l=>c.middleware({...l,context:{...e,...l.context}});return d.path=c.path,d.options=c.middleware.options,d.headers=c.middleware.headers,{path:c.path,middleware:d}})).filter(a=>a!==void 0).flat()||[],i={...{signInOAuth:Ce,callbackOAuth:qe,getCSRFToken:Ke,getSession:X(),signOut:Ne,signUpEmail:et(),signInEmail:Be,forgetPassword:Me,resetPassword:He,verifyEmail:Ie,sendVerificationEmail:Le,changeEmail:Je,changePassword:Qe,setPassword:Ge,updateUser:Ze(),deleteUser:We,forgetPasswordCallback:Fe,listSessions:Pe(),revokeSession:Oe,revokeSessions:_e},...r,ok:Xe,error:Ye},s={};for(let[a,c]of Object.entries(i))s[a]=async(d={})=>{let l=await e;for(let u of t.plugins||[])if(u.hooks?.before){for(let b of u.hooks.before)if(b.matcher({...c,...d,context:l})){let p=await b.handler({...d,context:{...l,...d?.context}});p&&"context"in p&&(l={...l,...p.context})}}let h;try{h=await c({...d,context:{...l,...d.context}})}catch(u){if(u instanceof nt){let b=t.plugins?.map(p=>{if(p.hooks?.after)return p.hooks.after}).filter(p=>p!==void 0).flat();if(!b?.length)throw u;let x=new Response(JSON.stringify(u.body),{status:Nt[u.status],headers:u.headers});for(let p of b||[])if(p.matcher(d)){let q=Object.assign(d,{context:{...e,returned:x}}),B=await p.handler(q);B&&"response"in B&&(x=B.response)}return x}throw u}let g=h;for(let u of t.plugins||[])if(u.hooks?.after){for(let b of u.hooks.after)if(b.matcher(d)){let p=Object.assign(d,{context:{...e,returned:g}}),k=await b.handler(p);k&&"response"in k&&(g=k.response)}}return g},s[a].path=c.path,s[a].method=c.method,s[a].options=c.options,s[a].headers=c.headers;return{api:s,middlewares:o}}var Vs=(e,t)=>{let{api:r,middlewares:o}=Mt(e,t),n=new URL(e.baseURL).pathname;return qt(r,{extraContext:e,basePath:n,routerMiddleware:[{path:"/**",middleware:ce},...o],async onRequest(i){for(let s of e.options.plugins||[])if(s.onRequest){let a=await s.onRequest(i,e);if(a)return a}return ot(i,e)},async onResponse(i){for(let s of e.options.plugins||[])if(s.onResponse){let a=await s.onResponse(i,e);if(a)return a.response}return i},onError(i){if(t.onAPIError?.throw)throw i;if(t.onAPIError?.onError){t.onAPIError.onError(i,e);return}let s=t.logger?.verboseLogging?w:void 0;t.logger?.disabled!==!0&&(i instanceof nt?(i.status==="INTERNAL_SERVER_ERROR"&&w.error(i),s?.error(i.message)):w?.error(i))}})};export{Fs as APIError,qe as callbackOAuth,Je as changeEmail,Qe as changePassword,m as createAuthEndpoint,$ as createAuthMiddleware,L as createEmailVerificationToken,ce as csrfMiddleware,We as deleteUser,Ye as error,Me as forgetPassword,Fe as forgetPasswordCallback,Ke as getCSRFToken,Mt as getEndpoints,X as getSession,ee as getSessionFromCtx,Pe as listSessions,Xe as ok,ae as optionsMiddleware,He as resetPassword,Oe as revokeSession,_e as revokeSessions,Vs as router,Le as sendVerificationEmail,_ as sessionMiddleware,Ge as setPassword,Be as signInEmail,Ce as signInOAuth,Ne as signOut,et as signUpEmail,Ze as updateUser,Ie as verifyEmail};
|
|
@@ -1251,12 +1251,12 @@ declare const signInOAuth: {
|
|
|
1251
1251
|
/**
|
|
1252
1252
|
* OAuth2 provider to use`
|
|
1253
1253
|
*/
|
|
1254
|
-
provider: z.ZodEnum<["github", ...("
|
|
1254
|
+
provider: z.ZodEnum<["github", ...("github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter")[]]>;
|
|
1255
1255
|
}, "strip", z.ZodTypeAny, {
|
|
1256
|
-
provider: "
|
|
1256
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
1257
1257
|
callbackURL?: string | undefined;
|
|
1258
1258
|
}, {
|
|
1259
|
-
provider: "
|
|
1259
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
1260
1260
|
callbackURL?: string | undefined;
|
|
1261
1261
|
}>;
|
|
1262
1262
|
use: better_call.Endpoint<better_call.Handler<string, better_call.EndpointOptions, void>, better_call.EndpointOptions>[];
|
|
@@ -1294,12 +1294,12 @@ declare const signInOAuth: {
|
|
|
1294
1294
|
/**
|
|
1295
1295
|
* OAuth2 provider to use`
|
|
1296
1296
|
*/
|
|
1297
|
-
provider: z.ZodEnum<["github", ...("
|
|
1297
|
+
provider: z.ZodEnum<["github", ...("github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter")[]]>;
|
|
1298
1298
|
}, "strip", z.ZodTypeAny, {
|
|
1299
|
-
provider: "
|
|
1299
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
1300
1300
|
callbackURL?: string | undefined;
|
|
1301
1301
|
}, {
|
|
1302
|
-
provider: "
|
|
1302
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
1303
1303
|
callbackURL?: string | undefined;
|
|
1304
1304
|
}>;
|
|
1305
1305
|
use: better_call.Endpoint<better_call.Handler<string, better_call.EndpointOptions, void>, better_call.EndpointOptions>[];
|
|
@@ -1780,11 +1780,14 @@ declare const forgetPasswordCallback: {
|
|
|
1780
1780
|
declare const resetPassword: {
|
|
1781
1781
|
<C extends [better_call.Context<"/reset-password", {
|
|
1782
1782
|
query: z.ZodOptional<z.ZodObject<{
|
|
1783
|
-
token: z.ZodString
|
|
1783
|
+
token: z.ZodOptional<z.ZodString>;
|
|
1784
|
+
currentURL: z.ZodOptional<z.ZodString>;
|
|
1784
1785
|
}, "strip", z.ZodTypeAny, {
|
|
1785
|
-
|
|
1786
|
+
currentURL?: string | undefined;
|
|
1787
|
+
token?: string | undefined;
|
|
1786
1788
|
}, {
|
|
1787
|
-
|
|
1789
|
+
currentURL?: string | undefined;
|
|
1790
|
+
token?: string | undefined;
|
|
1788
1791
|
}>>;
|
|
1789
1792
|
method: "POST";
|
|
1790
1793
|
body: z.ZodObject<{
|
|
@@ -1802,11 +1805,14 @@ declare const resetPassword: {
|
|
|
1802
1805
|
path: "/reset-password";
|
|
1803
1806
|
options: {
|
|
1804
1807
|
query: z.ZodOptional<z.ZodObject<{
|
|
1805
|
-
token: z.ZodString
|
|
1808
|
+
token: z.ZodOptional<z.ZodString>;
|
|
1809
|
+
currentURL: z.ZodOptional<z.ZodString>;
|
|
1806
1810
|
}, "strip", z.ZodTypeAny, {
|
|
1807
|
-
|
|
1811
|
+
currentURL?: string | undefined;
|
|
1812
|
+
token?: string | undefined;
|
|
1808
1813
|
}, {
|
|
1809
|
-
|
|
1814
|
+
currentURL?: string | undefined;
|
|
1815
|
+
token?: string | undefined;
|
|
1810
1816
|
}>>;
|
|
1811
1817
|
method: "POST";
|
|
1812
1818
|
body: z.ZodObject<{
|
|
@@ -2651,12 +2657,12 @@ declare function getEndpoints<C extends AuthContext, Option extends BetterAuthOp
|
|
|
2651
2657
|
}>>;
|
|
2652
2658
|
body: zod.ZodObject<{
|
|
2653
2659
|
callbackURL: zod.ZodOptional<zod.ZodString>;
|
|
2654
|
-
provider: zod.ZodEnum<["github", ...("
|
|
2660
|
+
provider: zod.ZodEnum<["github", ...("github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter")[]]>;
|
|
2655
2661
|
}, "strip", zod.ZodTypeAny, {
|
|
2656
|
-
provider: "
|
|
2662
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
2657
2663
|
callbackURL?: string | undefined;
|
|
2658
2664
|
}, {
|
|
2659
|
-
provider: "
|
|
2665
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
2660
2666
|
callbackURL?: string | undefined;
|
|
2661
2667
|
}>;
|
|
2662
2668
|
use: Endpoint<better_call.Handler<string, better_call.EndpointOptions, void>, better_call.EndpointOptions>[];
|
|
@@ -2684,12 +2690,12 @@ declare function getEndpoints<C extends AuthContext, Option extends BetterAuthOp
|
|
|
2684
2690
|
}>>;
|
|
2685
2691
|
body: zod.ZodObject<{
|
|
2686
2692
|
callbackURL: zod.ZodOptional<zod.ZodString>;
|
|
2687
|
-
provider: zod.ZodEnum<["github", ...("
|
|
2693
|
+
provider: zod.ZodEnum<["github", ...("github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter")[]]>;
|
|
2688
2694
|
}, "strip", zod.ZodTypeAny, {
|
|
2689
|
-
provider: "
|
|
2695
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
2690
2696
|
callbackURL?: string | undefined;
|
|
2691
2697
|
}, {
|
|
2692
|
-
provider: "
|
|
2698
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
2693
2699
|
callbackURL?: string | undefined;
|
|
2694
2700
|
}>;
|
|
2695
2701
|
use: Endpoint<better_call.Handler<string, better_call.EndpointOptions, void>, better_call.EndpointOptions>[];
|
|
@@ -3034,11 +3040,14 @@ declare function getEndpoints<C extends AuthContext, Option extends BetterAuthOp
|
|
|
3034
3040
|
resetPassword: {
|
|
3035
3041
|
<C_1 extends [better_call.Context<"/reset-password", {
|
|
3036
3042
|
query: zod.ZodOptional<zod.ZodObject<{
|
|
3037
|
-
token: zod.ZodString
|
|
3043
|
+
token: zod.ZodOptional<zod.ZodString>;
|
|
3044
|
+
currentURL: zod.ZodOptional<zod.ZodString>;
|
|
3038
3045
|
}, "strip", zod.ZodTypeAny, {
|
|
3039
|
-
|
|
3046
|
+
currentURL?: string | undefined;
|
|
3047
|
+
token?: string | undefined;
|
|
3040
3048
|
}, {
|
|
3041
|
-
|
|
3049
|
+
currentURL?: string | undefined;
|
|
3050
|
+
token?: string | undefined;
|
|
3042
3051
|
}>>;
|
|
3043
3052
|
method: "POST";
|
|
3044
3053
|
body: zod.ZodObject<{
|
|
@@ -3056,11 +3065,14 @@ declare function getEndpoints<C extends AuthContext, Option extends BetterAuthOp
|
|
|
3056
3065
|
path: "/reset-password";
|
|
3057
3066
|
options: {
|
|
3058
3067
|
query: zod.ZodOptional<zod.ZodObject<{
|
|
3059
|
-
token: zod.ZodString
|
|
3068
|
+
token: zod.ZodOptional<zod.ZodString>;
|
|
3069
|
+
currentURL: zod.ZodOptional<zod.ZodString>;
|
|
3060
3070
|
}, "strip", zod.ZodTypeAny, {
|
|
3061
|
-
|
|
3071
|
+
currentURL?: string | undefined;
|
|
3072
|
+
token?: string | undefined;
|
|
3062
3073
|
}, {
|
|
3063
|
-
|
|
3074
|
+
currentURL?: string | undefined;
|
|
3075
|
+
token?: string | undefined;
|
|
3064
3076
|
}>>;
|
|
3065
3077
|
method: "POST";
|
|
3066
3078
|
body: zod.ZodObject<{
|
|
@@ -3903,12 +3915,12 @@ declare const router: <C extends AuthContext, Option extends BetterAuthOptions>(
|
|
|
3903
3915
|
}>>;
|
|
3904
3916
|
body: zod.ZodObject<{
|
|
3905
3917
|
callbackURL: zod.ZodOptional<zod.ZodString>;
|
|
3906
|
-
provider: zod.ZodEnum<["github", ...("
|
|
3918
|
+
provider: zod.ZodEnum<["github", ...("github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter")[]]>;
|
|
3907
3919
|
}, "strip", zod.ZodTypeAny, {
|
|
3908
|
-
provider: "
|
|
3920
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
3909
3921
|
callbackURL?: string | undefined;
|
|
3910
3922
|
}, {
|
|
3911
|
-
provider: "
|
|
3923
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
3912
3924
|
callbackURL?: string | undefined;
|
|
3913
3925
|
}>;
|
|
3914
3926
|
use: Endpoint<better_call.Handler<string, better_call.EndpointOptions, void>, better_call.EndpointOptions>[];
|
|
@@ -3936,12 +3948,12 @@ declare const router: <C extends AuthContext, Option extends BetterAuthOptions>(
|
|
|
3936
3948
|
}>>;
|
|
3937
3949
|
body: zod.ZodObject<{
|
|
3938
3950
|
callbackURL: zod.ZodOptional<zod.ZodString>;
|
|
3939
|
-
provider: zod.ZodEnum<["github", ...("
|
|
3951
|
+
provider: zod.ZodEnum<["github", ...("github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter")[]]>;
|
|
3940
3952
|
}, "strip", zod.ZodTypeAny, {
|
|
3941
|
-
provider: "
|
|
3953
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
3942
3954
|
callbackURL?: string | undefined;
|
|
3943
3955
|
}, {
|
|
3944
|
-
provider: "
|
|
3956
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
3945
3957
|
callbackURL?: string | undefined;
|
|
3946
3958
|
}>;
|
|
3947
3959
|
use: Endpoint<better_call.Handler<string, better_call.EndpointOptions, void>, better_call.EndpointOptions>[];
|
|
@@ -4286,11 +4298,14 @@ declare const router: <C extends AuthContext, Option extends BetterAuthOptions>(
|
|
|
4286
4298
|
resetPassword: {
|
|
4287
4299
|
<C_1 extends [better_call.Context<"/reset-password", {
|
|
4288
4300
|
query: zod.ZodOptional<zod.ZodObject<{
|
|
4289
|
-
token: zod.ZodString
|
|
4301
|
+
token: zod.ZodOptional<zod.ZodString>;
|
|
4302
|
+
currentURL: zod.ZodOptional<zod.ZodString>;
|
|
4290
4303
|
}, "strip", zod.ZodTypeAny, {
|
|
4291
|
-
|
|
4304
|
+
currentURL?: string | undefined;
|
|
4305
|
+
token?: string | undefined;
|
|
4292
4306
|
}, {
|
|
4293
|
-
|
|
4307
|
+
currentURL?: string | undefined;
|
|
4308
|
+
token?: string | undefined;
|
|
4294
4309
|
}>>;
|
|
4295
4310
|
method: "POST";
|
|
4296
4311
|
body: zod.ZodObject<{
|
|
@@ -4308,11 +4323,14 @@ declare const router: <C extends AuthContext, Option extends BetterAuthOptions>(
|
|
|
4308
4323
|
path: "/reset-password";
|
|
4309
4324
|
options: {
|
|
4310
4325
|
query: zod.ZodOptional<zod.ZodObject<{
|
|
4311
|
-
token: zod.ZodString
|
|
4326
|
+
token: zod.ZodOptional<zod.ZodString>;
|
|
4327
|
+
currentURL: zod.ZodOptional<zod.ZodString>;
|
|
4312
4328
|
}, "strip", zod.ZodTypeAny, {
|
|
4313
|
-
|
|
4329
|
+
currentURL?: string | undefined;
|
|
4330
|
+
token?: string | undefined;
|
|
4314
4331
|
}, {
|
|
4315
|
-
|
|
4332
|
+
currentURL?: string | undefined;
|
|
4333
|
+
token?: string | undefined;
|
|
4316
4334
|
}>>;
|
|
4317
4335
|
method: "POST";
|
|
4318
4336
|
body: zod.ZodObject<{
|
|
@@ -5157,12 +5175,12 @@ declare const betterAuth: <O extends BetterAuthOptions>(options: O) => {
|
|
|
5157
5175
|
}>>;
|
|
5158
5176
|
body: zod.ZodObject<{
|
|
5159
5177
|
callbackURL: zod.ZodOptional<zod.ZodString>;
|
|
5160
|
-
provider: zod.ZodEnum<["github", ...("
|
|
5178
|
+
provider: zod.ZodEnum<["github", ...("github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter")[]]>;
|
|
5161
5179
|
}, "strip", zod.ZodTypeAny, {
|
|
5162
|
-
provider: "
|
|
5180
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
5163
5181
|
callbackURL?: string | undefined;
|
|
5164
5182
|
}, {
|
|
5165
|
-
provider: "
|
|
5183
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
5166
5184
|
callbackURL?: string | undefined;
|
|
5167
5185
|
}>;
|
|
5168
5186
|
use: Endpoint<better_call.Handler<string, better_call.EndpointOptions, void>, better_call.EndpointOptions>[];
|
|
@@ -5190,12 +5208,12 @@ declare const betterAuth: <O extends BetterAuthOptions>(options: O) => {
|
|
|
5190
5208
|
}>>;
|
|
5191
5209
|
body: zod.ZodObject<{
|
|
5192
5210
|
callbackURL: zod.ZodOptional<zod.ZodString>;
|
|
5193
|
-
provider: zod.ZodEnum<["github", ...("
|
|
5211
|
+
provider: zod.ZodEnum<["github", ...("github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter")[]]>;
|
|
5194
5212
|
}, "strip", zod.ZodTypeAny, {
|
|
5195
|
-
provider: "
|
|
5213
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
5196
5214
|
callbackURL?: string | undefined;
|
|
5197
5215
|
}, {
|
|
5198
|
-
provider: "
|
|
5216
|
+
provider: "github" | "apple" | "discord" | "facebook" | "microsoft" | "google" | "spotify" | "twitch" | "twitter";
|
|
5199
5217
|
callbackURL?: string | undefined;
|
|
5200
5218
|
}>;
|
|
5201
5219
|
use: Endpoint<better_call.Handler<string, better_call.EndpointOptions, void>, better_call.EndpointOptions>[];
|
|
@@ -5540,11 +5558,14 @@ declare const betterAuth: <O extends BetterAuthOptions>(options: O) => {
|
|
|
5540
5558
|
resetPassword: {
|
|
5541
5559
|
<C extends [better_call.Context<"/reset-password", {
|
|
5542
5560
|
query: zod.ZodOptional<zod.ZodObject<{
|
|
5543
|
-
token: zod.ZodString
|
|
5561
|
+
token: zod.ZodOptional<zod.ZodString>;
|
|
5562
|
+
currentURL: zod.ZodOptional<zod.ZodString>;
|
|
5544
5563
|
}, "strip", zod.ZodTypeAny, {
|
|
5545
|
-
|
|
5564
|
+
currentURL?: string | undefined;
|
|
5565
|
+
token?: string | undefined;
|
|
5546
5566
|
}, {
|
|
5547
|
-
|
|
5567
|
+
currentURL?: string | undefined;
|
|
5568
|
+
token?: string | undefined;
|
|
5548
5569
|
}>>;
|
|
5549
5570
|
method: "POST";
|
|
5550
5571
|
body: zod.ZodObject<{
|
|
@@ -5562,11 +5583,14 @@ declare const betterAuth: <O extends BetterAuthOptions>(options: O) => {
|
|
|
5562
5583
|
path: "/reset-password";
|
|
5563
5584
|
options: {
|
|
5564
5585
|
query: zod.ZodOptional<zod.ZodObject<{
|
|
5565
|
-
token: zod.ZodString
|
|
5586
|
+
token: zod.ZodOptional<zod.ZodString>;
|
|
5587
|
+
currentURL: zod.ZodOptional<zod.ZodString>;
|
|
5566
5588
|
}, "strip", zod.ZodTypeAny, {
|
|
5567
|
-
|
|
5589
|
+
currentURL?: string | undefined;
|
|
5590
|
+
token?: string | undefined;
|
|
5568
5591
|
}, {
|
|
5569
|
-
|
|
5592
|
+
currentURL?: string | undefined;
|
|
5593
|
+
token?: string | undefined;
|
|
5570
5594
|
}>>;
|
|
5571
5595
|
method: "POST";
|
|
5572
5596
|
body: zod.ZodObject<{
|
package/dist/client/plugins.d.ts
CHANGED
|
@@ -2,10 +2,10 @@ import * as nanostores from 'nanostores';
|
|
|
2
2
|
import { A as AccessControl, S as StatementsPrimitive, R as Role } from '../statement-CfnyN34h.js';
|
|
3
3
|
import * as _better_fetch_fetch from '@better-fetch/fetch';
|
|
4
4
|
import { BetterFetchOption } from '@better-fetch/fetch';
|
|
5
|
-
import { o as organization, l as Organization, M as Member, I as Invitation, u as username, m as magicLink, d as phoneNumber, e as anonymous, i as admin, j as genericOAuth, k as multiSession } from '../index-
|
|
6
|
-
export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-
|
|
5
|
+
import { o as organization, l as Organization, M as Member, I as Invitation, u as username, m as magicLink, d as phoneNumber, e as anonymous, i as admin, j as genericOAuth, k as multiSession } from '../index-Cw_LIJVp.js';
|
|
6
|
+
export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-Cw_LIJVp.js';
|
|
7
7
|
import { P as Prettify } from '../helper-DPDj8Nix.js';
|
|
8
|
-
import { F as FieldAttribute, B as BetterAuthOptions, b as BetterAuthPlugin } from '../auth-
|
|
8
|
+
import { F as FieldAttribute, B as BetterAuthOptions, b as BetterAuthPlugin } from '../auth-CS6UmdXR.js';
|
|
9
9
|
import 'zod';
|
|
10
10
|
import '../schema-Dkt0LqYs.js';
|
|
11
11
|
import 'better-call';
|
package/dist/client.d.ts
CHANGED
|
@@ -6,7 +6,7 @@ import { BetterFetch, BetterFetchError, BetterFetchOption } from '@better-fetch/
|
|
|
6
6
|
import { U as UnionToIntersection, P as Prettify, S as StripEmptyObjects } from './helper-DPDj8Nix.js';
|
|
7
7
|
import { ClientOptions, InferClientAPI, InferActions, InferAdditionalFromClient, InferSessionFromClient, InferUserFromClient, BetterAuthClientPlugin, IsSignal } from './types.js';
|
|
8
8
|
export { AtomListener, InferPluginsFromClient } from './types.js';
|
|
9
|
-
import './auth-
|
|
9
|
+
import './auth-CS6UmdXR.js';
|
|
10
10
|
import 'kysely';
|
|
11
11
|
import './schema-Dkt0LqYs.js';
|
|
12
12
|
import 'better-call';
|
package/dist/cookies.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import 'better-call';
|
|
2
|
-
export { s as BetterAuthCookies, E as EligibleCookies, r as createCookieGetter, u as deleteSessionCookie, q as getCookies, w as parseCookies, v as parseSetCookieHeader, t as setSessionCookie } from './auth-
|
|
2
|
+
export { s as BetterAuthCookies, E as EligibleCookies, r as createCookieGetter, u as deleteSessionCookie, q as getCookies, w as parseCookies, v as parseSetCookieHeader, t as setSessionCookie } from './auth-CS6UmdXR.js';
|
|
3
3
|
import 'zod';
|
|
4
4
|
import 'kysely';
|
|
5
5
|
import './schema-Dkt0LqYs.js';
|