npm - better-auth - Versions diffs - 0.5.4-beta.5 → 0.5.4-beta.7 - Mend

better-auth 0.5.4-beta.5 → 0.5.4-beta.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (109) hide show

package/dist/access.cjs +0 -1
package/dist/access.js +0 -1
package/dist/adapters/drizzle.cjs +0 -1
package/dist/adapters/drizzle.js +0 -1
package/dist/adapters/kysely.cjs +0 -1
package/dist/adapters/kysely.js +0 -1
package/dist/adapters/mongodb.cjs +1 -2
package/dist/adapters/mongodb.d.cts +0 -9
package/dist/adapters/mongodb.d.ts +0 -9
package/dist/adapters/mongodb.js +1 -2
package/dist/adapters/prisma.cjs +0 -1
package/dist/adapters/prisma.js +0 -1
package/dist/api.cjs +1 -2
package/dist/api.js +1 -2
package/dist/client/plugins.cjs +0 -1
package/dist/client/plugins.js +0 -1
package/dist/client.cjs +0 -1
package/dist/client.d.cts +3 -36
package/dist/client.d.ts +3 -36
package/dist/client.js +0 -1
package/dist/cookies.cjs +0 -1
package/dist/cookies.js +0 -1
package/dist/crypto.cjs +0 -1
package/dist/crypto.js +0 -1
package/dist/db.cjs +0 -1
package/dist/db.js +0 -1
package/dist/index.cjs +1 -2
package/dist/index.js +1 -2
package/dist/next-js.cjs +0 -1
package/dist/next-js.js +0 -1
package/dist/node.cjs +0 -1
package/dist/node.js +0 -1
package/dist/oauth2.cjs +0 -1
package/dist/oauth2.js +0 -1
package/dist/plugins.cjs +1 -2
package/dist/plugins.js +1 -2
package/dist/react.cjs +0 -1
package/dist/react.d.cts +3 -36
package/dist/react.d.ts +3 -36
package/dist/react.js +0 -1
package/dist/social.cjs +0 -1
package/dist/social.js +0 -1
package/dist/solid-start.cjs +0 -1
package/dist/solid-start.js +0 -1
package/dist/solid.cjs +0 -1
package/dist/solid.d.cts +3 -36
package/dist/solid.d.ts +3 -36
package/dist/solid.js +0 -1
package/dist/svelte-kit.cjs +0 -1
package/dist/svelte-kit.js +0 -1
package/dist/svelte.cjs +0 -1
package/dist/svelte.d.cts +3 -36
package/dist/svelte.d.ts +3 -36
package/dist/svelte.js +0 -1
package/dist/types.cjs +0 -1
package/dist/types.js +0 -1
package/dist/vue.cjs +0 -1
package/dist/vue.d.cts +3 -36
package/dist/vue.d.ts +3 -36
package/dist/vue.js +0 -1
package/package.json +2 -2
package/dist/access.cjs.map +0 -1
package/dist/access.js.map +0 -1
package/dist/adapters/drizzle.cjs.map +0 -1
package/dist/adapters/drizzle.js.map +0 -1
package/dist/adapters/kysely.cjs.map +0 -1
package/dist/adapters/kysely.js.map +0 -1
package/dist/adapters/mongodb.cjs.map +0 -1
package/dist/adapters/mongodb.js.map +0 -1
package/dist/adapters/prisma.cjs.map +0 -1
package/dist/adapters/prisma.js.map +0 -1
package/dist/api.cjs.map +0 -1
package/dist/api.js.map +0 -1
package/dist/client/plugins.cjs.map +0 -1
package/dist/client/plugins.js.map +0 -1
package/dist/client.cjs.map +0 -1
package/dist/client.js.map +0 -1
package/dist/cookies.cjs.map +0 -1
package/dist/cookies.js.map +0 -1
package/dist/crypto.cjs.map +0 -1
package/dist/crypto.js.map +0 -1
package/dist/db.cjs.map +0 -1
package/dist/db.js.map +0 -1
package/dist/index.cjs.map +0 -1
package/dist/index.js.map +0 -1
package/dist/next-js.cjs.map +0 -1
package/dist/next-js.js.map +0 -1
package/dist/node.cjs.map +0 -1
package/dist/node.js.map +0 -1
package/dist/oauth2.cjs.map +0 -1
package/dist/oauth2.js.map +0 -1
package/dist/plugins.cjs.map +0 -1
package/dist/plugins.js.map +0 -1
package/dist/react.cjs.map +0 -1
package/dist/react.js.map +0 -1
package/dist/social.cjs.map +0 -1
package/dist/social.js.map +0 -1
package/dist/solid-start.cjs.map +0 -1
package/dist/solid-start.js.map +0 -1
package/dist/solid.cjs.map +0 -1
package/dist/solid.js.map +0 -1
package/dist/svelte-kit.cjs.map +0 -1
package/dist/svelte-kit.js.map +0 -1
package/dist/svelte.cjs.map +0 -1
package/dist/svelte.js.map +0 -1
package/dist/types.cjs.map +0 -1
package/dist/types.js.map +0 -1
package/dist/vue.cjs.map +0 -1
package/dist/vue.js.map +0 -1

package/dist/client.d.cts CHANGED Viewed

@@ -106,18 +106,7 @@ declare function createAuthClient<Option extends ClientOptions>(options?: Option
                 params?: any;
                 duplex?: ("full" | "half") | undefined;
                 jsonParser?: (<T>(text: string) => Promise<T | undefined>) | undefined;
-                retry?: (number | {
-                    type: "linear";
-                    attempts: number;
-                    delay: number;
-                    shouldRetry?: (response: Response | null) => boolean | Promise<boolean>;
-                } | {
-                    type: "exponential";
-                    attempts: number;
-                    baseDelay: number;
-                    maxDelay: number;
-                    shouldRetry?: (response: Response | null) => boolean | Promise<boolean>;
-                }) | undefined;
+                retry?: _better_fetch_fetch.RetryOptions | undefined;
                 retryAttempt?: number | undefined;
                 output?: (zod.ZodType | typeof Blob | typeof File) | undefined;
                 errorSchema?: zod.ZodType | undefined;
@@ -172,18 +161,7 @@ declare function createAuthClient<Option extends ClientOptions>(options?: Option
                     params?: any;
                     duplex?: ("full" | "half") | undefined;
                     jsonParser?: (<T>(text: string) => Promise<T | undefined>) | undefined;
-                    retry?: (number | {
-                        type: "linear";
-                        attempts: number;
-                        delay: number;
-                        shouldRetry?: (response: Response | null) => boolean | Promise<boolean>;
-                    } | {
-                        type: "exponential";
-                        attempts: number;
-                        baseDelay: number;
-                        maxDelay: number;
-                        shouldRetry?: (response: Response | null) => boolean | Promise<boolean>;
-                    }) | undefined;
+                    retry?: _better_fetch_fetch.RetryOptions | undefined;
                     retryAttempt?: number | undefined;
                     output?: (zod.ZodType | typeof Blob | typeof File) | undefined;
                     errorSchema?: zod.ZodType | undefined;
@@ -237,18 +215,7 @@ declare function createAuthClient<Option extends ClientOptions>(options?: Option
         params?: any;
         duplex?: "full" | "half";
         jsonParser?: <T>(text: string) => Promise<T | undefined>;
-        retry?: number | {
-            type: "linear";
-            attempts: number;
-            delay: number;
-            shouldRetry?: (response: Response | null) => boolean | Promise<boolean>;
-        } | {
-            type: "exponential";
-            attempts: number;
-            baseDelay: number;
-            maxDelay: number;
-            shouldRetry?: (response: Response | null) => boolean | Promise<boolean>;
-        };
+        retry?: _better_fetch_fetch.RetryOptions;
         retryAttempt?: number;
         output?: zod.ZodType | typeof Blob | typeof File;
         errorSchema?: zod.ZodType;

package/dist/client.d.ts CHANGED Viewed

@@ -106,18 +106,7 @@ declare function createAuthClient<Option extends ClientOptions>(options?: Option
                 params?: any;
                 duplex?: ("full" | "half") | undefined;
                 jsonParser?: (<T>(text: string) => Promise<T | undefined>) | undefined;
-                retry?: (number | {
-                    type: "linear";
-                    attempts: number;
-                    delay: number;
-                    shouldRetry?: (response: Response | null) => boolean | Promise<boolean>;
-                } | {
-                    type: "exponential";
-                    attempts: number;
-                    baseDelay: number;
-                    maxDelay: number;
-                    shouldRetry?: (response: Response | null) => boolean | Promise<boolean>;
-                }) | undefined;
+                retry?: _better_fetch_fetch.RetryOptions | undefined;
                 retryAttempt?: number | undefined;
                 output?: (zod.ZodType | typeof Blob | typeof File) | undefined;
                 errorSchema?: zod.ZodType | undefined;
@@ -172,18 +161,7 @@ declare function createAuthClient<Option extends ClientOptions>(options?: Option
                     params?: any;
                     duplex?: ("full" | "half") | undefined;
                     jsonParser?: (<T>(text: string) => Promise<T | undefined>) | undefined;
-                    retry?: (number | {
-                        type: "linear";
-                        attempts: number;
-                        delay: number;
-                        shouldRetry?: (response: Response | null) => boolean | Promise<boolean>;
-                    } | {
-                        type: "exponential";
-                        attempts: number;
-                        baseDelay: number;
-                        maxDelay: number;
-                        shouldRetry?: (response: Response | null) => boolean | Promise<boolean>;
-                    }) | undefined;
+                    retry?: _better_fetch_fetch.RetryOptions | undefined;
                     retryAttempt?: number | undefined;
                     output?: (zod.ZodType | typeof Blob | typeof File) | undefined;
                     errorSchema?: zod.ZodType | undefined;
@@ -237,18 +215,7 @@ declare function createAuthClient<Option extends ClientOptions>(options?: Option
         params?: any;
         duplex?: "full" | "half";
         jsonParser?: <T>(text: string) => Promise<T | undefined>;
-        retry?: number | {
-            type: "linear";
-            attempts: number;
-            delay: number;
-            shouldRetry?: (response: Response | null) => boolean | Promise<boolean>;
-        } | {
-            type: "exponential";
-            attempts: number;
-            baseDelay: number;
-            maxDelay: number;
-            shouldRetry?: (response: Response | null) => boolean | Promise<boolean>;
-        };
+        retry?: _better_fetch_fetch.RetryOptions;
         retryAttempt?: number;
         output?: zod.ZodType | typeof Blob | typeof File;
         errorSchema?: zod.ZodType;

package/dist/client.js CHANGED Viewed

	@@ -1,2 +1 @@
1 1	import{createFetch as v}from"@better-fetch/fetch";import{env as p}from"std-env";var d=class extends Error{constructor(t,i){super(t),this.name="BetterAuthError",this.message=t,this.cause=i}};function _(e){try{return new URL(e).pathname!=="/"}catch{throw new d(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function R(e,t="/api/auth"){return _(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function T(e,t){if(e)return R(e,t);let i=p.BETTER_AUTH_URL\|\|p.NEXT_PUBLIC_BETTER_AUTH_URL\|\|p.PUBLIC_BETTER_AUTH_URL\|\|p.NUXT_PUBLIC_BETTER_AUTH_URL\|\|p.NUXT_PUBLIC_AUTH_URL\|\|(p.BASE_URL!=="/"?p.BASE_URL:void 0);if(i)return R(i,t);if(typeof window<"u")return R(window.location.origin,t)}import"nanostores";import{betterFetch as $}from"@better-fetch/fetch";var O={id:"redirect",name:"Redirect",hooks:{onSuccess(e){e.data?.url&&e.data?.redirect&&typeof window<"u"&&(window.location.href=e.data.url)}}},U={id:"add-current-url",name:"Add current URL",hooks:{onRequest(e){if(typeof window<"u"){let t=new URL(e.url);t.searchParams.set("currentURL",window.location.href),e.url=t}return e}}},F={id:"csrf",name:"CSRF Check",async init(e,t){if(t?.method!=="GET"){t=t\|\|{};let{data:i,error:s}=await $("/csrf",{body:void 0,baseURL:t.baseURL,plugins:[],method:"GET",credentials:"include",customFetchImpl:t.customFetchImpl});if(s){if(s.status===404)throw new d("CSRF route not found. Make sure the server is running and the base URL is correct and includes the path (e.g. http://localhost:3000/api/auth).");if(s.status===429)return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests"});throw new d("Failed to fetch CSRF token: "+s.message)}let r=i?.csrfToken;t.body={...t?.body,csrfToken:r}}return t.credentials="include",{url:e,options:t}}};var b=e=>{let t=v({baseURL:T(e?.fetchOptions?.baseURL\|\|e?.baseURL),credentials:"include",method:"GET",...e?.fetchOptions,plugins:e?.disableDefaultFetchPlugins?e.fetchOptions?.plugins:[...e?.disableCSRFTokenCheck?[]:[F],O,U,...e?.fetchOptions?.plugins?.filter(n=>n!==void 0)\|\|[],...e?.plugins?.flatMap(n=>n.fetchPlugins).filter(n=>n!==void 0)\|\|[]]}),i=e?.plugins\|\|[],s={},r={},u={"/sign-out":"POST","/user/revoke-sessions":"POST"},o=[{signal:"_sessionSignal",matcher(n){return n==="/sign-out"\|\|n==="/user/update"\|\|n.startsWith("/sign-in")\|\|n.startsWith("/sign-up")}}];for(let n of i)n.getActions&&Object.assign(s,n.getActions?.(t)),n.getAtoms&&Object.assign(r,n.getAtoms?.(t)),n.pathMethods&&Object.assign(u,n.pathMethods),n.atomListeners&&o.push(...n.atomListeners);return{pluginsActions:s,pluginsAtoms:r,pluginPathMethods:u,atomListeners:o,$fetch:t}};function C(e){return e.charAt(0).toUpperCase()+e.slice(1)}function W(e,t,i){let s=t[e],{fetchOptions:r,query:u,...o}=i\|\|{};return s\|\|(r?.method?r.method:o&&Object.keys(o).length>0?"POST":"GET")}function L(e,t,i,s,r){function u(o=[]){return new Proxy(function(){},{get(n,c){let l=[...o,c],a=e;for(let f of l)if(a&&typeof a=="object"&&f in a)a=a[f];else{a=void 0;break}return typeof a=="function"?a:u(l)},apply:async(n,c,l)=>{let a="/"+o.map(y=>y.replace(/[A-Z]/g,g=>`-${g.toLowerCase()}`)).join("/"),f=l[0]\|\|{},m=l[1]\|\|{},{query:x,fetchOptions:w,...I}=f,h={...m,...w},A=W(a,i,f);return await t(a,{...h,body:A==="GET"?void 0:{...I,...h?.body\|\|{}},query:x\|\|h?.query,method:A,async onSuccess(y){await h?.onSuccess?.(y);let g=r?.find(k=>k.matcher(a));if(!g)return;let P=s[g.signal];if(!P)return;let E=P.get();setTimeout(()=>{P.set(!E)},10)}})}})}return u()}import{atom as G}from"nanostores";import"@better-fetch/fetch";import{atom as q,onMount as M}from"nanostores";var B=(e,t,i,s)=>{let r=q({data:null,error:null,isPending:!0,isRefetching:!1}),u=()=>{let n=typeof s=="function"?s({data:r.get().data,error:r.get().error,isPending:r.get().isPending}):s;return i(t,{...n,onSuccess:async c=>{r.set({data:c.data,error:null,isPending:!1,isRefetching:!1}),await n?.onSuccess?.(c)},async onError(c){r.set({error:c.error,data:null,isPending:!1,isRefetching:!1}),await n?.onError?.(c)},async onRequest(c){let l=r.get();r.set({isPending:l.data===null,data:l.data,error:null,isRefetching:!0}),await n?.onRequest?.(c)}})};e=Array.isArray(e)?e:[e];let o=!1;for(let n of e)n.subscribe(()=>{o?u():M(r,()=>(u(),o=!0,()=>{r.off(),n.off()}))});return r};function S(e){let t=G(!1);return{$session:B(t,"/get-session",e,{method:"GET"}),_sessionSignal:t,$Infer:{}}}function pe(e){let{pluginPathMethods:t,pluginsActions:i,pluginsAtoms:s,$fetch:r,atomListeners:u}=b(e),o={};for(let[f,m]of Object.entries(s))o[`use${C(f)}`]=m;let{$session:n,_sessionSignal:c}=S(r),l={...i,...o,$fetch:r,useSession:n};return L(l,r,t,{...s,_sessionSignal:c},u)}export{pe as createAuthClient,B as useAuthQuery};
2	- //# sourceMappingURL=client.js.map

package/dist/cookies.cjs CHANGED Viewed

	@@ -1,2 +1 @@
1 1	"use strict";var d=Object.defineProperty;var f=Object.getOwnPropertyDescriptor;var l=Object.getOwnPropertyNames;var b=Object.prototype.hasOwnProperty;var x=(e,t)=>{for(var o in t)d(e,o,{get:t[o],enumerable:!0})},g=(e,t,o,s)=>{if(t&&typeof t=="object"\|\|typeof t=="function")for(let n of l(t))!b.call(e,n)&&n!==o&&d(e,n,{get:()=>t[n],enumerable:!(s=f(t,n))\|\|s.enumerable});return e};var S=e=>g(d({},"__esModule",{value:!0}),e);var E={};x(E,{createCookieGetter:()=>A,deleteSessionCookie:()=>$,getCookies:()=>O,parseCookies:()=>R,parseSetCookieHeader:()=>v,setSessionCookie:()=>y});module.exports=S(E);var k=require("oslo");var p=class extends Error{constructor(t,o){super(t),this.name="BetterAuthError",this.message=t,this.cause=o}};var c=require("std-env");function O(e){let o=(e.advanced?.useSecureCookies!==void 0?e.advanced?.useSecureCookies:e.baseURL!==void 0?!!e.baseURL.startsWith("https://"):c.isProduction)?"__Secure-":"",s="better-auth",n=e.session?.expiresIn\|\|new k.TimeSpan(7,"d").seconds(),i=!!e.advanced?.crossSubDomainCookies?.enabled,r=i?e.advanced?.crossSubDomainCookies?.domain\|\|(e.baseURL?new URL(e.baseURL).hostname:void 0):void 0;if(i&&!r)throw new p("baseURL is required when crossSubdomainCookies are enabled");let a=i?"none":"lax";return{sessionToken:{name:`${o}${s}.session_token`,options:{httpOnly:!0,sameSite:a,path:"/",secure:!!o,maxAge:n,...i?{domain:r}:{}}},csrfToken:{name:`${o}${s}.csrf_token`,options:{httpOnly:!0,sameSite:a,path:"/",secure:!!o,maxAge:6060247,...i?{domain:r}:{}}},state:{name:`${o}${s}.state`,options:{httpOnly:!0,sameSite:a,path:"/",secure:!!o,maxAge:6015,...i?{domain:r}:{}}},pkCodeVerifier:{name:`${o}${s}.pk_code_verifier`,options:{httpOnly:!0,sameSite:a,path:"/",secure:!!o,maxAge:6015,...i?{domain:r}:{}}},dontRememberToken:{name:`${o}${s}.dont_remember`,options:{httpOnly:!0,sameSite:a,path:"/",secure:!!o,...i?{domain:r}:{}}},nonce:{name:`${o}${s}.nonce`,options:{httpOnly:!0,sameSite:a,path:"/",secure:!!o,maxAge:6015,...i?{domain:r}:{}}}}}function A(e){let o=(e.advanced?.useSecureCookies!==void 0?e.advanced?.useSecureCookies:e.baseURL?.startsWith("https://")\|\|c.isProduction)?"__Secure-":"",s="better-auth",n=e.advanced?.crossSubDomainCookies?.domain\|\|(e.baseURL?new URL(e.baseURL).hostname:void 0);function i(r,a){let u=e.advanced?.crossSubDomainCookies?.enabled?e.advanced.crossSubDomainCookies.additionalCookies?.includes(r):void 0;return{name:c.env.NODE_ENV==="production"?`${o}${s}.${r}`:`${s}.${r}`,options:{secure:!!o,sameSite:"lax",path:"/",maxAge:60*15,...a,...u?{domain:n}:{}}}}return i}async function y(e,t,o,s){let n=e.context.authCookies.sessionToken.options;n.maxAge=o?void 0:e.context.sessionConfig.expiresIn,await e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,{...n,...s}),o&&await e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options)}function $(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}function v(e){let t=new Map;return e.split(", ").forEach(s=>{let[n,...i]=s.split("; "),[r,a]=n.split("="),u={value:a};i.forEach(m=>{let[C,h]=m.split("=");u[C.toLowerCase()]=h\|\|!0}),t.set(r,u)}),t}function R(e){let t=e.split("; "),o=new Map;return t.forEach(s=>{let[n,i]=s.split("=");o.set(n,i)}),o}0&&(module.exports={createCookieGetter,deleteSessionCookie,getCookies,parseCookies,parseSetCookieHeader,setSessionCookie});
2	- //# sourceMappingURL=cookies.cjs.map

package/dist/cookies.js CHANGED Viewed

	@@ -1,2 +1 @@
1 1	import{TimeSpan as C}from"oslo";var u=class extends Error{constructor(i,o){super(i),this.name="BetterAuthError",this.message=i,this.cause=o}};import{env as h,isProduction as p}from"std-env";function g(e){let o=(e.advanced?.useSecureCookies!==void 0?e.advanced?.useSecureCookies:e.baseURL!==void 0?!!e.baseURL.startsWith("https://"):p)?"__Secure-":"",t="better-auth",r=e.session?.expiresIn\|\|new C(7,"d").seconds(),s=!!e.advanced?.crossSubDomainCookies?.enabled,n=s?e.advanced?.crossSubDomainCookies?.domain\|\|(e.baseURL?new URL(e.baseURL).hostname:void 0):void 0;if(s&&!n)throw new u("baseURL is required when crossSubdomainCookies are enabled");let a=s?"none":"lax";return{sessionToken:{name:`${o}${t}.session_token`,options:{httpOnly:!0,sameSite:a,path:"/",secure:!!o,maxAge:r,...s?{domain:n}:{}}},csrfToken:{name:`${o}${t}.csrf_token`,options:{httpOnly:!0,sameSite:a,path:"/",secure:!!o,maxAge:6060247,...s?{domain:n}:{}}},state:{name:`${o}${t}.state`,options:{httpOnly:!0,sameSite:a,path:"/",secure:!!o,maxAge:6015,...s?{domain:n}:{}}},pkCodeVerifier:{name:`${o}${t}.pk_code_verifier`,options:{httpOnly:!0,sameSite:a,path:"/",secure:!!o,maxAge:6015,...s?{domain:n}:{}}},dontRememberToken:{name:`${o}${t}.dont_remember`,options:{httpOnly:!0,sameSite:a,path:"/",secure:!!o,...s?{domain:n}:{}}},nonce:{name:`${o}${t}.nonce`,options:{httpOnly:!0,sameSite:a,path:"/",secure:!!o,maxAge:6015,...s?{domain:n}:{}}}}}function S(e){let o=(e.advanced?.useSecureCookies!==void 0?e.advanced?.useSecureCookies:e.baseURL?.startsWith("https://")\|\|p)?"__Secure-":"",t="better-auth",r=e.advanced?.crossSubDomainCookies?.domain\|\|(e.baseURL?new URL(e.baseURL).hostname:void 0);function s(n,a){let c=e.advanced?.crossSubDomainCookies?.enabled?e.advanced.crossSubDomainCookies.additionalCookies?.includes(n):void 0;return{name:h.NODE_ENV==="production"?`${o}${t}.${n}`:`${t}.${n}`,options:{secure:!!o,sameSite:"lax",path:"/",maxAge:60*15,...a,...c?{domain:r}:{}}}}return s}async function O(e,i,o,t){let r=e.context.authCookies.sessionToken.options;r.maxAge=o?void 0:e.context.sessionConfig.expiresIn,await e.setSignedCookie(e.context.authCookies.sessionToken.name,i,e.context.secret,{...r,...t}),o&&await e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options)}function A(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}function y(e){let i=new Map;return e.split(", ").forEach(t=>{let[r,...s]=t.split("; "),[n,a]=r.split("="),c={value:a};s.forEach(d=>{let[k,m]=d.split("=");c[k.toLowerCase()]=m\|\|!0}),i.set(n,c)}),i}function $(e){let i=e.split("; "),o=new Map;return i.forEach(t=>{let[r,s]=t.split("=");o.set(r,s)}),o}export{S as createCookieGetter,A as deleteSessionCookie,g as getCookies,$ as parseCookies,y as parseSetCookieHeader,O as setSessionCookie};
2	- //# sourceMappingURL=cookies.js.map

package/dist/crypto.cjs CHANGED Viewed

	@@ -1,2 +1 @@
1 1	"use strict";var U=Object.create;var y=Object.defineProperty;var k=Object.getOwnPropertyDescriptor;var E=Object.getOwnPropertyNames;var N=Object.getPrototypeOf,R=Object.prototype.hasOwnProperty;var D=(t,e)=>{for(var r in e)y(t,r,{get:e[r],enumerable:!0})},h=(t,e,r,n)=>{if(e&&typeof e=="object"\|\|typeof e=="function")for(let o of E(e))!R.call(t,o)&&o!==r&&y(t,o,{get:()=>e[o],enumerable:!(n=k(e,o))\|\|n.enumerable});return t};var w=(t,e,r)=>(r=t!=null?U(N(t)):{},h(e\|\|!t\|\|!t.__esModule?y(r,"default",{value:t,enumerable:!0}):r,t)),H=t=>h(y({},"__esModule",{value:!0}),t);var z={};D(z,{alphabet:()=>K,byteToBinary:()=>B,bytesToBinary:()=>S,bytesToInteger:()=>f,constantTimeEqual:()=>p,generateRandomInteger:()=>T,generateRandomString:()=>I,hashPassword:()=>P,hs256:()=>L,random:()=>C,symmetricDecrypt:()=>q,symmetricEncrypt:()=>O,verifyPassword:()=>V});module.exports=H(z);var g=require("@noble/ciphers/chacha"),i=require("@noble/ciphers/utils"),l=require("@noble/ciphers/webcrypto"),d=require("oslo/crypto"),u=w(require("uncrypto"),1);function p(t,e){let r=new Uint8Array(t),n=new Uint8Array(e);if(r.length!==n.length)return!1;let o=0;for(let a=0;a<r.length;a++)o\|=r[a]^n[a];return o===0}var c=require("oslo/encoding");var A=require("@noble/hashes/scrypt"),x=require("uncrypto"),s={N:16384,r:16,p:1,dkLen:64};async function b(t,e){return await(0,A.scryptAsync)(t.normalize("NFKC"),e,{N:s.N,p:s.p,r:s.r,dkLen:s.dkLen,maxmem:128s.Ns.r*2})}var P=async t=>{let e=(0,c.encodeHex)((0,x.getRandomValues)(new Uint8Array(16))),r=await b(t,e);return`${e}:${(0,c.encodeHex)(r)}`},V=async(t,e)=>{let[r,n]=t.split(":"),o=await b(e,r);return p(o,(0,c.decodeHex)(n))};var m=w(require("uncrypto"),1);function B(t){return t.toString(2).padStart(8,"0")}function S(t){return[...t].map(e=>B(e)).join("")}function f(t){return parseInt(S(t),2)}function C(){let t=new ArrayBuffer(8),e=m.default.getRandomValues(new Uint8Array(t));return e[0]=63,e[1]=e[1]\|240,new DataView(t).getFloat64(0)-1}function T(t){if(t<0\|\|!Number.isInteger(t))throw new Error("Argument 'max' must be an integer greater than or equal to 0");let e=(t-1).toString(2).length,r=e%8,n=new Uint8Array(Math.ceil(e/8));m.default.getRandomValues(n),r!==0&&(n[0]&=(1<<r)-1);let o=f(n);for(;o>=t;)m.default.getRandomValues(n),r!==0&&(n[0]&=(1<<r)-1),o=f(n);return o}function I(t,e){let r="";for(let n=0;n<t;n++)r+=e[T(e.length)];return r}function K(...t){let e=new Set(t),r="";for(let n of e)n==="a-z"?r+="abcdefghijklmnopqrstuvwxyz":n==="A-Z"?r+="ABCDEFGHIJKLMNOPQRSTUVWXYZ":n==="0-9"?r+="0123456789":r+=n;return r}async function L(t,e){let r=new TextEncoder,n={name:"HMAC",hash:"SHA-256"},o=await u.default.subtle.importKey("raw",r.encode(t),n,!1,["sign","verify"]),a=await u.default.subtle.sign(n.name,o,r.encode(e));return btoa(String.fromCharCode(...new Uint8Array(a)))}var O=async({key:t,data:e})=>{let r=await(0,d.sha256)(new TextEncoder().encode(t)),n=(0,i.utf8ToBytes)(e),o=(0,l.managedNonce)(g.xchacha20poly1305)(new Uint8Array(r));return(0,i.bytesToHex)(o.encrypt(n))},q=async({key:t,data:e})=>{let r=await(0,d.sha256)(new TextEncoder().encode(t)),n=(0,i.hexToBytes)(e),o=(0,l.managedNonce)(g.xchacha20poly1305)(new Uint8Array(r));return new TextDecoder().decode(o.decrypt(n))};0&&(module.exports={alphabet,byteToBinary,bytesToBinary,bytesToInteger,constantTimeEqual,generateRandomInteger,generateRandomString,hashPassword,hs256,random,symmetricDecrypt,symmetricEncrypt,verifyPassword});
2	- //# sourceMappingURL=crypto.cjs.map

package/dist/crypto.js CHANGED Viewed

	@@ -1,2 +1 @@
1 1	import{xchacha20poly1305 as u}from"@noble/ciphers/chacha";import{bytesToHex as B,hexToBytes as S,utf8ToBytes as T}from"@noble/ciphers/utils";import{managedNonce as g}from"@noble/ciphers/webcrypto";import{sha256 as l}from"oslo/crypto";import f from"uncrypto";function c(t,e){let r=new Uint8Array(t),n=new Uint8Array(e);if(r.length!==n.length)return!1;let o=0;for(let a=0;a<r.length;a++)o\|=r[a]^n[a];return o===0}import{decodeHex as d,encodeHex as y}from"oslo/encoding";import{scryptAsync as h}from"@noble/hashes/scrypt";import{getRandomValues as w}from"uncrypto";var s={N:16384,r:16,p:1,dkLen:64};async function m(t,e){return await h(t.normalize("NFKC"),e,{N:s.N,p:s.p,r:s.r,dkLen:s.dkLen,maxmem:128s.Ns.r*2})}var D=async t=>{let e=y(w(new Uint8Array(16))),r=await m(t,e);return`${e}:${y(r)}`},H=async(t,e)=>{let[r,n]=t.split(":"),o=await m(e,r);return c(o,d(n))};import i from"uncrypto";function A(t){return t.toString(2).padStart(8,"0")}function x(t){return[...t].map(e=>A(e)).join("")}function p(t){return parseInt(x(t),2)}function C(){let t=new ArrayBuffer(8),e=i.getRandomValues(new Uint8Array(t));return e[0]=63,e[1]=e[1]\|240,new DataView(t).getFloat64(0)-1}function b(t){if(t<0\|\|!Number.isInteger(t))throw new Error("Argument 'max' must be an integer greater than or equal to 0");let e=(t-1).toString(2).length,r=e%8,n=new Uint8Array(Math.ceil(e/8));i.getRandomValues(n),r!==0&&(n[0]&=(1<<r)-1);let o=p(n);for(;o>=t;)i.getRandomValues(n),r!==0&&(n[0]&=(1<<r)-1),o=p(n);return o}function I(t,e){let r="";for(let n=0;n<t;n++)r+=e[b(e.length)];return r}function K(...t){let e=new Set(t),r="";for(let n of e)n==="a-z"?r+="abcdefghijklmnopqrstuvwxyz":n==="A-Z"?r+="ABCDEFGHIJKLMNOPQRSTUVWXYZ":n==="0-9"?r+="0123456789":r+=n;return r}async function M(t,e){let r=new TextEncoder,n={name:"HMAC",hash:"SHA-256"},o=await f.subtle.importKey("raw",r.encode(t),n,!1,["sign","verify"]),a=await f.subtle.sign(n.name,o,r.encode(e));return btoa(String.fromCharCode(...new Uint8Array(a)))}var Z=async({key:t,data:e})=>{let r=await l(new TextEncoder().encode(t)),n=T(e),o=g(u)(new Uint8Array(r));return B(o.encrypt(n))},j=async({key:t,data:e})=>{let r=await l(new TextEncoder().encode(t)),n=S(e),o=g(u)(new Uint8Array(r));return new TextDecoder().decode(o.decrypt(n))};export{K as alphabet,A as byteToBinary,x as bytesToBinary,p as bytesToInteger,c as constantTimeEqual,b as generateRandomInteger,I as generateRandomString,D as hashPassword,M as hs256,C as random,j as symmetricDecrypt,Z as symmetricEncrypt,H as verifyPassword};
2	- //# sourceMappingURL=crypto.js.map

package/dist/db.cjs CHANGED Viewed

@@ -2,4 +2,3 @@
 `)}}),S=ee();function M(e){let r=h(e),a={};for(let n in r){let o=r[n],s=o.fields,c={};if(Object.entries(s).forEach(([f,t])=>{c[t.fieldName||f]=t}),a[o.tableName]){a[o.tableName].fields={...a[o.tableName].fields,...c};continue}a[o.tableName]={fields:c,order:o.order||1/0}}return a}var te={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},re={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},se={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},ie={string:["nvarchar","varchar"],number:["int","bigint","smallint","decimal","float","double"],boolean:["bit","boolean"],date:["datetime","date"]},ne={postgres:te,mysql:re,sqlite:se,mssql:ie};function $(e,r,a){return r==="string[]"||r==="number[]"?e.toLowerCase().includes("json"):ne[a][r].map(c=>c.toLowerCase()).includes(e.toLowerCase())}async function ae(e){let r=M(e),{kysely:a,databaseType:n}=await O(e);n||(S.warn("Could not determine database type, defaulting to sqlite. Please provide a type in the database options to avoid this."),n="sqlite"),a||(S.error("Only kysely adapter is supported for migrations. You can use `generate` command to generate the schema, if you're using a different adapter."),process.exit(1));let o=await a.introspection.getTables(),s=[],c=[];for(let[l,u]of Object.entries(r)){let m=o.find(y=>y.name===l);if(!m){let y=s.findIndex(N=>N.table===l),b={table:l,fields:u.fields,order:u.order||1/0},T=s.findIndex(N=>(N.order||1/0)>b.order);T===-1?y===-1?s.push(b):s[y].fields={...s[y].fields,...u.fields}:s.splice(T,0,b);continue}let p={};for(let[y,b]of Object.entries(u.fields)){let T=m.columns.find(N=>N.name===y);if(!T){p[y]=b;continue}$(T.dataType,b.type,n)||S.warn(`Field ${y} in table ${l} has a different type in the database. Expected ${b.type} but got ${T.dataType}.`)}Object.keys(p).length>0&&c.push({table:l,fields:p,order:u.order||1/0})}let f=[];function t(l){let u={string:"text",boolean:"boolean",number:"integer",date:"date"};return n==="mysql"&&l==="string"?"varchar(255)":n==="sqlite"&&(l==="string[]"||l==="number[]")?"text":l==="string[]"||l==="number[]"?"jsonb":u[l]}if(c.length)for(let l of c)for(let[u,m]of Object.entries(l.fields)){let p=t(m.type),y=a.schema.alterTable(l.table).addColumn(u,p,b=>(b=m.required!==!1?b.notNull():b,m.references&&(b=b.references(`${m.references.model}.${m.references.field}`)),b));f.push(y)}if(s.length)for(let l of s){let u=a.schema.createTable(l.table).addColumn("id",t("string"),m=>m.primaryKey().notNull());for(let[m,p]of Object.entries(l.fields)){let y=t(p.type);u=u.addColumn(m,y,b=>(b=p.required!==!1?b.notNull():b,p.references&&(b=b.references(`${p.references.model}.${p.references.field}`)),p.unique&&(b=b.unique()),b))}f.push(u)}async function i(){for(let l of f)await l.execute()}async function d(){return f.map(u=>u.compile().sql).join(`;
 `)}return{toBeCreated:s,toBeAdded:c,runMigrations:i,compileMigrations:d}}0&&(module.exports={convertFromDB,convertToDB,createFieldAttribute,createInternalAdapter,getAdapter,getAuthTables,getMigrations,getSchema,getWithHooks,matchType,toZodSchema});
-//# sourceMappingURL=db.cjs.map

package/dist/db.js CHANGED Viewed

@@ -2,4 +2,3 @@ var q=(e,s="ms")=>new Date(Date.now()+(s==="sec"?e*1e3:e));var h=e=>{let s=e.plu
 `)}}),O=H();function P(e){let s=h(e),a={};for(let n in s){let d=s[n],r=d.fields,c={};if(Object.entries(r).forEach(([f,t])=>{c[t.fieldName||f]=t}),a[d.tableName]){a[d.tableName].fields={...a[d.tableName].fields,...c};continue}a[d.tableName]={fields:c,order:d.order||1/0}}return a}var J={string:["character varying","text"],number:["int4","integer","bigint","smallint","numeric","real","double precision"],boolean:["bool","boolean"],date:["timestamp","date"]},Z={string:["varchar","text"],number:["integer","int","bigint","smallint","decimal","float","double"],boolean:["boolean"],date:["date","datetime"]},_={string:["TEXT"],number:["INTEGER","REAL"],boolean:["INTEGER","BOOLEAN"],date:["DATE","INTEGER"]},z={string:["nvarchar","varchar"],number:["int","bigint","smallint","decimal","float","double"],boolean:["bit","boolean"],date:["datetime","date"]},G={postgres:J,mysql:Z,sqlite:_,mssql:z};function X(e,s,a){return s==="string[]"||s==="number[]"?e.toLowerCase().includes("json"):G[a][s].map(c=>c.toLowerCase()).includes(e.toLowerCase())}async function Le(e){let s=P(e),{kysely:a,databaseType:n}=await k(e);n||(O.warn("Could not determine database type, defaulting to sqlite. Please provide a type in the database options to avoid this."),n="sqlite"),a||(O.error("Only kysely adapter is supported for migrations. You can use `generate` command to generate the schema, if you're using a different adapter."),process.exit(1));let d=await a.introspection.getTables(),r=[],c=[];for(let[l,u]of Object.entries(s)){let m=d.find(y=>y.name===l);if(!m){let y=r.findIndex(T=>T.table===l),b={table:l,fields:u.fields,order:u.order||1/0},x=r.findIndex(T=>(T.order||1/0)>b.order);x===-1?y===-1?r.push(b):r[y].fields={...r[y].fields,...u.fields}:r.splice(x,0,b);continue}let p={};for(let[y,b]of Object.entries(u.fields)){let x=m.columns.find(T=>T.name===y);if(!x){p[y]=b;continue}X(x.dataType,b.type,n)||O.warn(`Field ${y} in table ${l} has a different type in the database. Expected ${b.type} but got ${x.dataType}.`)}Object.keys(p).length>0&&c.push({table:l,fields:p,order:u.order||1/0})}let f=[];function t(l){let u={string:"text",boolean:"boolean",number:"integer",date:"date"};return n==="mysql"&&l==="string"?"varchar(255)":n==="sqlite"&&(l==="string[]"||l==="number[]")?"text":l==="string[]"||l==="number[]"?"jsonb":u[l]}if(c.length)for(let l of c)for(let[u,m]of Object.entries(l.fields)){let p=t(m.type),y=a.schema.alterTable(l.table).addColumn(u,p,b=>(b=m.required!==!1?b.notNull():b,m.references&&(b=b.references(`${m.references.model}.${m.references.field}`)),b));f.push(y)}if(r.length)for(let l of r){let u=a.schema.createTable(l.table).addColumn("id",t("string"),m=>m.primaryKey().notNull());for(let[m,p]of Object.entries(l.fields)){let y=t(p.type);u=u.addColumn(m,y,b=>(b=p.required!==!1?b.notNull():b,p.references&&(b=b.references(`${p.references.model}.${p.references.field}`)),p.unique&&(b=b.unique()),b))}f.push(u)}async function i(){for(let l of f)await l.execute()}async function o(){return f.map(u=>u.compile().sql).join(`;
 `)}return{toBeCreated:r,toBeAdded:c,runMigrations:i,compileMigrations:o}}export{g as convertFromDB,D as convertToDB,qe as createFieldAttribute,ve as createInternalAdapter,me as getAdapter,h as getAuthTables,Le as getMigrations,P as getSchema,C as getWithHooks,X as matchType,Re as toZodSchema};
-//# sourceMappingURL=db.js.map

package/dist/index.cjs CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";var hr=Object.create;var ce=Object.defineProperty;var yr=Object.getOwnPropertyDescriptor;var wr=Object.getOwnPropertyNames;var br=Object.getPrototypeOf,Ar=Object.prototype.hasOwnProperty;var kr=(e,t)=>{for(var r in t)ce(e,r,{get:t[r],enumerable:!0})},Fe=(e,t,r,o)=>{if(t&&typeof t=="object"||typeof t=="function")for(let i of wr(t))!Ar.call(e,i)&&i!==r&&ce(e,i,{get:()=>t[i],enumerable:!(o=yr(t,i))||o.enumerable});return e};var Ne=(e,t,r)=>(r=e!=null?hr(br(e)):{},Fe(t||!e||!e.__esModule?ce(r,"default",{value:e,enumerable:!0}):r,e)),Rr=e=>Fe(ce({},"__esModule",{value:!0}),e);var Kr={};kr(Kr,{BetterAuthError:()=>E,HIDE_METADATA:()=>D,MissingDependencyError:()=>Te,betterAuth:()=>Hr,capitalizeFirstLetter:()=>Sr,createCookieGetter:()=>ve,createLogger:()=>me,deleteSessionCookie:()=>J,generateId:()=>U,generateState:()=>xe,getCookies:()=>Ue,logger:()=>b,parseCookies:()=>Pr,parseSetCookieHeader:()=>Ir,parseState:()=>fe,setSessionCookie:()=>_});module.exports=Rr(Kr);var Z=require("better-call");var pe=require("better-call"),ke=require("zod");var vr=require("@noble/ciphers/chacha"),Ae=require("@noble/ciphers/utils"),Er=require("@noble/ciphers/webcrypto"),Or=require("oslo/crypto"),be=Ne(require("uncrypto"),1);function le(e,t){let r=new Uint8Array(e),o=new Uint8Array(t);if(r.length!==o.length)return!1;let i=0;for(let n=0;n<r.length;n++)i|=r[n]^o[n];return i===0}var ee=require("oslo/encoding");var qe=require("@noble/hashes/scrypt"),Ve=require("uncrypto"),Q={N:16384,r:16,p:1,dkLen:64};async function $e(e,t){return await(0,qe.scryptAsync)(e.normalize("NFKC"),t,{N:Q.N,p:Q.p,r:Q.r,dkLen:Q.dkLen,maxmem:128*Q.N*Q.r*2})}var ze=async e=>{let t=(0,ee.encodeHex)((0,Ve.getRandomValues)(new Uint8Array(16))),r=await $e(e,t);return`${t}:${(0,ee.encodeHex)(r)}`},je=async(e,t)=>{let[r,o]=e.split(":"),i=await $e(t,r);return le(i,(0,ee.decodeHex)(o))};var we=Ne(require("uncrypto"),1);function xr(e){return e.toString(2).padStart(8,"0")}function Tr(e){return[...e].map(t=>xr(t)).join("")}function Me(e){return parseInt(Tr(e),2)}function Ur(e){if(e<0||!Number.isInteger(e))throw new Error("Argument 'max' must be an integer greater than or equal to 0");let t=(e-1).toString(2).length,r=t%8,o=new Uint8Array(Math.ceil(t/8));we.default.getRandomValues(o),r!==0&&(o[0]&=(1<<r)-1);let i=Me(o);for(;i>=e;)we.default.getRandomValues(o),r!==0&&(o[0]&=(1<<r)-1),i=Me(o);return i}function He(e,t){let r="";for(let o=0;o<e;o++)r+=t[Ur(t.length)];return r}function Ke(...e){let t=new Set(e),r="";for(let o of t)o==="a-z"?r+="abcdefghijklmnopqrstuvwxyz":o==="A-Z"?r+="ABCDEFGHIJKLMNOPQRSTUVWXYZ":o==="0-9"?r+="0123456789":r+=o;return r}async function ue(e,t){let r=new TextEncoder,o={name:"HMAC",hash:"SHA-256"},i=await be.default.subtle.importKey("raw",r.encode(e),o,!1,["sign","verify"]),n=await be.default.subtle.sign(o.name,i,r.encode(t));return btoa(String.fromCharCode(...new Uint8Array(n)))}var j=require("better-call"),Ze=(0,j.createMiddleware)(async()=>({})),W=(0,j.createMiddlewareCreator)({use:[Ze,(0,j.createMiddleware)(async()=>({}))]}),y=(0,j.createEndpointCreator)({use:[Ze]});var Ge=W({body:ke.z.object({csrfToken:ke.z.string().optional()}).optional()},async e=>{if(e.request?.method!=="POST"||e.context.options.advanced?.disableCSRFCheck)return;let t=e.headers?.get("origin")||"";if(t){let c=new URL(t).origin;if(e.context.trustedOrigins.includes(c))return}let r=e.body?.csrfToken;if(!r)throw new pe.APIError("UNAUTHORIZED",{message:"CSRF Token is required"});let o=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret),[i,n]=o?.split("!")||[null,null];if(!r||!i||!n||i!==r)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new pe.APIError("UNAUTHORIZED",{message:"Invalid CSRF Token"});let a=await ue(e.context.secret,i);if(n!==a)throw e.setCookie(e.context.authCookies.csrfToken.name,"",{maxAge:0}),new pe.APIError("UNAUTHORIZED",{message:"Invalid CSRF Token"})});var S=require("better-call"),Dt=require("oslo/oauth2"),I=require("zod");var Je=require("oslo/oauth2"),te=require("zod");var Re=require("oslo/crypto");async function Qe(e){let t=await(0,Re.sha256)(typeof e=="string"?new TextEncoder().encode(e):e);return Buffer.from(t).toString("base64")}async function We(e,t){let r=await(0,Re.sha256)(typeof e=="string"?new TextEncoder().encode(e):e),o=Buffer.from(t,"base64");return le(r,o)}var po=require("better-call");async function xe(e){let t=(0,Je.generateState)(),r=JSON.stringify({code:t,callbackURL:e}),o=await Qe(r);return{raw:r,hash:o}}function fe(e){return te.z.object({code:te.z.string(),callbackURL:te.z.string().optional(),currentURL:te.z.string().optional()}).safeParse(JSON.parse(e))}var Ye=require("oslo");var E=class extends Error{constructor(t,r){super(t),this.name="BetterAuthError",this.message=t,this.cause=r}},Te=class extends E{constructor(t){super(`The package "${t}" is required. Make sure it is installed.`,t)}};var re=require("std-env");function Ue(e){let r=(e.advanced?.useSecureCookies!==void 0?e.advanced?.useSecureCookies:e.baseURL!==void 0?!!e.baseURL.startsWith("https://"):re.isProduction)?"__Secure-":"",o="better-auth",i=e.session?.expiresIn||new Ye.TimeSpan(7,"d").seconds(),n=!!e.advanced?.crossSubDomainCookies?.enabled,a=n?e.advanced?.crossSubDomainCookies?.domain||(e.baseURL?new URL(e.baseURL).hostname:void 0):void 0;if(n&&!a)throw new E("baseURL is required when crossSubdomainCookies are enabled");let c=n?"none":"lax";return{sessionToken:{name:`${r}${o}.session_token`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:i,...n?{domain:a}:{}}},csrfToken:{name:`${r}${o}.csrf_token`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*60*24*7,...n?{domain:a}:{}}},state:{name:`${r}${o}.state`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*15,...n?{domain:a}:{}}},pkCodeVerifier:{name:`${r}${o}.pk_code_verifier`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*15,...n?{domain:a}:{}}},dontRememberToken:{name:`${r}${o}.dont_remember`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,...n?{domain:a}:{}}},nonce:{name:`${r}${o}.nonce`,options:{httpOnly:!0,sameSite:c,path:"/",secure:!!r,maxAge:60*15,...n?{domain:a}:{}}}}}function ve(e){let r=(e.advanced?.useSecureCookies!==void 0?e.advanced?.useSecureCookies:e.baseURL?.startsWith("https://")||re.isProduction)?"__Secure-":"",o="better-auth",i=e.advanced?.crossSubDomainCookies?.domain||(e.baseURL?new URL(e.baseURL).hostname:void 0);function n(a,c){let s=e.advanced?.crossSubDomainCookies?.enabled?e.advanced.crossSubDomainCookies.additionalCookies?.includes(a):void 0;return{name:re.env.NODE_ENV==="production"?`${r}${o}.${a}`:`${o}.${a}`,options:{secure:!!r,sameSite:"lax",path:"/",maxAge:60*15,...c,...s?{domain:i}:{}}}}return n}async function _(e,t,r,o){let i=e.context.authCookies.sessionToken.options;i.maxAge=r?void 0:e.context.sessionConfig.expiresIn,await e.setSignedCookie(e.context.authCookies.sessionToken.name,t,e.context.secret,{...i,...o}),r&&await e.setSignedCookie(e.context.authCookies.dontRememberToken.name,"true",e.context.secret,e.context.authCookies.dontRememberToken.options)}function J(e){e.setCookie(e.context.authCookies.sessionToken.name,"",{maxAge:0}),e.setCookie(e.context.authCookies.dontRememberToken.name,"",{maxAge:0})}function Ir(e){let t=new Map;return e.split(", ").forEach(o=>{let[i,...n]=o.split("; "),[a,c]=i.split("="),s={value:c};n.forEach(d=>{let[l,f]=d.split("=");s[l.toLowerCase()]=f||!0}),t.set(a,s)}),t}function Pr(e){let t=e.split("; "),r=new Map;return t.forEach(o=>{let[i,n]=o.split("=");r.set(i,n)}),r}var et=require("better-call");var Xe=require("consola"),M=(0,Xe.createConsola)({formatOptions:{date:!1,colors:!0,compact:!0},defaults:{tag:"Better Auth"}}),me=e=>({log:(...t)=>{!e?.disabled&&M.log("",...t)},error:(...t)=>{!e?.disabled&&M.error("",...t)},warn:(...t)=>{!e?.disabled&&M.warn("",...t)},info:(...t)=>{!e?.disabled&&M.info("",...t)},debug:(...t)=>{!e?.disabled&&M.debug("",...t)},box:(...t)=>{!e?.disabled&&M.box("",...t)},success:(...t)=>{!e?.disabled&&M.success("",...t)},break:(...t)=>{!e?.disabled&&console.log(`
 `)}}),b=me();var O=W(async e=>{let{body:t,query:r,headers:o,context:i}=e,n=t?.callbackURL||r?.callbackURL||r?.redirectTo||t?.redirectTo,a=r?.currentURL||o?.get("referer")||i.baseURL,c=i.trustedOrigins,s=(d,l)=>{if(d?.startsWith("http")&&!c.some(p=>d.startsWith(p)))throw b.error(`Invalid ${l}`,{[l]:d,trustedOrigins:c}),new et.APIError("FORBIDDEN",{message:`Invalid ${l}`})};s(n,"callbackURL"),s(a,"currentURL")});var st=require("oslo/jwt");var tt=require("oslo/crypto"),rt=require("oslo/encoding");var B=(e,t="ms")=>new Date(Date.now()+(t==="sec"?e*1e3:e));async function ot(e){let t=await(0,tt.sha256)(new TextEncoder().encode(e));return rt.base64url.encode(new Uint8Array(t),{includePadding:!1})}function nt(e){return{tokenType:e.token_type,accessToken:e.access_token,refreshToken:e.refresh_token,accessTokenExpiresAt:e.expires_in?B(e.expires_in,"sec"):void 0,scopes:e?.scope?typeof e.scope=="string"?e.scope.split(" "):e.scope:[],idToken:e.id_token}}async function k({id:e,options:t,authorizationEndpoint:r,state:o,codeVerifier:i,scopes:n,claims:a,disablePkce:c,redirectURI:s}){let d=new URL(r);if(d.searchParams.set("response_type","code"),d.searchParams.set("client_id",t.clientId),d.searchParams.set("state",o),d.searchParams.set("scope",n.join(" ")),d.searchParams.set("redirect_uri",t.redirectURI||s),!c&&i){let l=await ot(i);d.searchParams.set("code_challenge_method","S256"),d.searchParams.set("code_challenge",l)}if(a){let l=a.reduce((f,p)=>(f[p]=null,f),{});d.searchParams.set("claims",JSON.stringify({id_token:{email:null,email_verified:null,...l}}))}return d}var it=require("@better-fetch/fetch");async function A({code:e,codeVerifier:t,redirectURI:r,options:o,tokenEndpoint:i}){let n=new URLSearchParams;n.set("grant_type","authorization_code"),n.set("code",e),t&&n.set("code_verifier",t),n.set("redirect_uri",r),n.set("client_id",o.clientId),n.set("client_secret",o.clientSecret);let{data:a,error:c}=await(0,it.betterFetch)(i,{method:"POST",body:n,headers:{"content-type":"application/x-www-form-urlencoded",accept:"application/json","user-agent":"better-auth"}});if(c)throw c;return nt(a)}var at=e=>{let t="https://appleid.apple.com/auth/token";return{id:"apple",name:"Apple",createAuthorizationURL({state:r,scopes:o,redirectURI:i}){let n=o||["email","name","openid"];return e.scope&&n.push(...e.scope),new URL(`https://appleid.apple.com/auth/authorize?client_id=${e.clientId}&response_type=code&redirect_uri=${i||e.redirectURI}&scope=${n.join(" ")}&state=${r}`)},validateAuthorizationCode:async({code:r,codeVerifier:o,redirectURI:i})=>A({code:r,codeVerifier:o,redirectURI:e.redirectURI||i,options:e,tokenEndpoint:t}),async getUserInfo(r){if(!r.idToken)return null;let o=(0,st.parseJWT)(r.idToken)?.payload;return o?{user:{id:o.sub,name:o.name,email:o.email,emailVerified:o.email_verified==="true"},data:o}:null}}};var dt=require("@better-fetch/fetch");var ct=e=>({id:"discord",name:"Discord",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let i=r||["identify","email"];return e.scope&&i.push(...e.scope),new URL(`https://discord.com/api/oauth2/authorize?scope=${i.join("+")}&response_type=code&client_id=${e.clientId}&redirect_uri=${encodeURIComponent(e.redirectURI||o)}&state=${t}`)},validateAuthorizationCode:async({code:t,redirectURI:r})=>A({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://discord.com/api/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await(0,dt.betterFetch)("https://discord.com/api/users/@me",{headers:{authorization:`Bearer ${t.accessToken}`}});if(o)return null;if(r.avatar===null){let i=r.discriminator==="0"?Number(BigInt(r.id)>>BigInt(22))%6:parseInt(r.discriminator)%5;r.image_url=`https://cdn.discordapp.com/embed/avatars/${i}.png`}else{let i=r.avatar.startsWith("a_")?"gif":"png";r.image_url=`https://cdn.discordapp.com/avatars/${r.id}/${r.avatar}.${i}`}return{user:{id:r.id,name:r.display_name||r.username||"",email:r.email,emailVerified:r.verified,image:r.image_url},data:r}}});var lt=require("@better-fetch/fetch");var ut=e=>({id:"facebook",name:"Facebook",async createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let i=r||["email","public_profile"];return e.scope&&i.push(...e.scope),await k({id:"facebook",options:e,authorizationEndpoint:"https://www.facebook.com/v21.0/dialog/oauth",scopes:i,state:t,redirectURI:o})},validateAuthorizationCode:async({code:t,redirectURI:r})=>A({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://graph.facebook.com/oauth/access_token"}),async getUserInfo(t){let{data:r,error:o}=await(0,lt.betterFetch)("https://graph.facebook.com/me?fields=id,name,email,picture",{auth:{type:"Bearer",token:t.accessToken}});return o?null:{user:{id:r.id,name:r.name,email:r.email,image:r.picture.data.url,emailVerified:r.email_verified},data:r}}});var Ee=require("@better-fetch/fetch");var pt=e=>{let t="https://github.com/login/oauth/access_token";return{id:"github",name:"GitHub",createAuthorizationURL({state:r,scopes:o,codeVerifier:i,redirectURI:n}){let a=o||["user:email"];return e.scope&&a.push(...e.scope),k({id:"github",options:e,authorizationEndpoint:"https://github.com/login/oauth/authorize",scopes:a,state:r,redirectURI:n,codeVerifier:i})},validateAuthorizationCode:async({code:r,redirectURI:o})=>A({code:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:t}),async getUserInfo(r){let{data:o,error:i}=await(0,Ee.betterFetch)("https://api.github.com/user",{headers:{"User-Agent":"better-auth",authorization:`Bearer ${r.accessToken}`}});if(i)return null;let n=!1;if(!o.email){let{data:a,error:c}=await(0,Ee.betterFetch)("https://api.github.com/user/emails",{headers:{authorization:`Bearer ${r.accessToken}`,"User-Agent":"better-auth"}});c||(o.email=(a.find(s=>s.primary)??a[0])?.email,n=a.find(s=>s.email===o.email)?.verified??!1)}return{user:{id:o.id.toString(),name:o.name||o.login,email:o.email,image:o.avatar_url,emailVerified:n},data:o}}}};var ft=require("oslo/jwt");var mt=e=>({id:"google",name:"Google",async createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:i}){if(!e.clientId||!e.clientSecret)throw b.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options."),new E("CLIENT_ID_AND_SECRET_REQUIRED");if(!o)throw new E("codeVerifier is required for Google");let n=r||["email","profile","openid"];e.scope&&n.push(...e.scope);let a=await k({id:"google",options:e,authorizationEndpoint:"https://accounts.google.com/o/oauth2/auth",scopes:n,state:t,codeVerifier:o,redirectURI:i});return e.accessType&&a.searchParams.set("access_type",e.accessType),a},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>A({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://oauth2.googleapis.com/token"}),async getUserInfo(t){if(!t.idToken)return null;let r=(0,ft.parseJWT)(t.idToken)?.payload;return{user:{id:r.sub,name:r.name,email:r.email,image:r.picture,emailVerified:r.email_verified},data:r}}});var gt=require("@better-fetch/fetch"),ht=require("oslo/jwt");var yt=e=>{let t=e.tenantId||"common",r=`https://login.microsoftonline.com/${t}/oauth2/v2.0/authorize`,o=`https://login.microsoftonline.com/${t}/oauth2/v2.0/token`;return{id:"microsoft",name:"Microsoft EntraID",createAuthorizationURL(i){let n=i.scopes||["openid","profile","email","User.Read"];return e.scope&&n.push(...e.scope),k({id:"microsoft",options:e,authorizationEndpoint:r,state:i.state,codeVerifier:i.codeVerifier,scopes:n,redirectURI:i.redirectURI})},validateAuthorizationCode({code:i,codeVerifier:n,redirectURI:a}){return A({code:i,codeVerifier:n,redirectURI:e.redirectURI||a,options:e,tokenEndpoint:o})},async getUserInfo(i){if(!i.idToken)return null;let n=(0,ht.parseJWT)(i.idToken)?.payload,a=e.profilePhotoSize||48;return await(0,gt.betterFetch)(`https://graph.microsoft.com/v1.0/me/photos/${a}x${a}/$value`,{headers:{Authorization:`Bearer ${i.accessToken}`},async onResponse(c){if(!(e.disableProfilePhoto||!c.response.ok))try{let d=await c.response.clone().arrayBuffer(),l=Buffer.from(d).toString("base64");n.picture=`data:image/jpeg;base64, ${l}`}catch(s){b.error(s)}}}),{user:{id:n.sub,name:n.name,email:n.email,image:n.picture,emailVerified:!0},data:n}}}};var wt=require("@better-fetch/fetch");var bt=e=>({id:"spotify",name:"Spotify",createAuthorizationURL({state:t,scopes:r,codeVerifier:o,redirectURI:i}){let n=r||["user-read-email"];return e.scope&&n.push(...e.scope),k({id:"spotify",options:e,authorizationEndpoint:"https://accounts.spotify.com/authorize",scopes:n,state:t,codeVerifier:o,redirectURI:i})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>A({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://accounts.spotify.com/api/token"}),async getUserInfo(t){let{data:r,error:o}=await(0,wt.betterFetch)("https://api.spotify.com/v1/me",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o?null:{user:{id:r.id,name:r.display_name,email:r.email,image:r.images[0]?.url,emailVerified:!1},data:r}}});var cn=require("@better-fetch/fetch");function Sr(e){return e.charAt(0).toUpperCase()+e.slice(1)}var D={isAction:!1};var At=require("nanoid"),U=e=>(0,At.nanoid)(e);var kt=require("oslo/jwt");var Rt=e=>({id:"twitch",name:"Twitch",createAuthorizationURL({state:t,scopes:r,redirectURI:o}){let i=r||["user:read:email","openid"];return e.scope&&i.push(...e.scope),k({id:"twitch",redirectURI:o,options:e,authorizationEndpoint:"https://id.twitch.tv/oauth2/authorize",scopes:i,state:t,claims:e.claims||["email","email_verified","preferred_username","picture"]})},validateAuthorizationCode:async({code:t,redirectURI:r})=>A({code:t,redirectURI:e.redirectURI||r,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let r=t.idToken;if(!r)return b.error("No idToken found in token"),null;let o=(0,kt.parseJWT)(r)?.payload;return{user:{id:o.sub,name:o.preferred_username,email:o.email,image:o.picture,emailVerified:!1},data:o}}});var xt=require("@better-fetch/fetch");var Tt=e=>({id:"twitter",name:"Twitter",createAuthorizationURL(t){let r=t.scopes||["account_info.read"];return e.scope&&r.push(...e.scope),k({id:"twitter",options:e,authorizationEndpoint:"https://twitter.com/i/oauth2/authorize",scopes:r,state:t.state,codeVerifier:t.codeVerifier,redirectURI:t.redirectURI})},validateAuthorizationCode:async({code:t,codeVerifier:r,redirectURI:o})=>A({code:t,codeVerifier:r,redirectURI:e.redirectURI||o,options:e,tokenEndpoint:"https://id.twitch.tv/oauth2/token"}),async getUserInfo(t){let{data:r,error:o}=await(0,xt.betterFetch)("https://api.x.com/2/users/me?user.fields=profile_image_url",{method:"GET",headers:{Authorization:`Bearer ${t.accessToken}`}});return o||!r.data.email?null:{user:{id:r.data.id,name:r.data.name,email:r.data.email,image:r.data.profile_image_url,emailVerified:r.data.verified||!1},data:r}}});var Ut=require("@better-fetch/fetch");var vt=e=>{let t="https://api.dropboxapi.com/oauth2/token";return{id:"dropbox",name:"Dropbox",createAuthorizationURL:async({state:r,scopes:o,codeVerifier:i,redirectURI:n})=>{let a=o||["account_info.read"];return e.scope&&a.push(...e.scope),await k({id:"dropbox",options:e,authorizationEndpoint:"https://www.dropbox.com/oauth2/authorize",scopes:a,state:r,redirectURI:n,codeVerifier:i})},validateAuthorizationCode:async({code:r,codeVerifier:o,redirectURI:i})=>await A({code:r,codeVerifier:o,redirectURI:e.redirectURI||i,options:e,tokenEndpoint:t}),async getUserInfo(r){let{data:o,error:i}=await(0,Ut.betterFetch)("https://api.dropboxapi.com/2/users/get_current_account",{method:"POST",headers:{Authorization:`Bearer ${r.accessToken}`}});return i?null:{user:{id:o.account_id,name:o.name?.display_name,email:o.email,emailVerified:o.email_verified||!1,image:o.profile_photo_url},data:o}}}};var Et=require("@better-fetch/fetch");var Ot=e=>{let t="https://www.linkedin.com/oauth/v2/authorization",r="https://www.linkedin.com/oauth/v2/accessToken";return{id:"linkedin",name:"Linkedin",createAuthorizationURL:async({state:o,scopes:i,redirectURI:n})=>{let a=i||["profile","email","openid"];return e.scope&&a.push(...e.scope),await k({id:"linkedin",options:e,authorizationEndpoint:t,scopes:a,state:o,redirectURI:n})},validateAuthorizationCode:async({code:o,redirectURI:i})=>await A({code:o,redirectURI:e.redirectURI||i,options:e,tokenEndpoint:r}),async getUserInfo(o){let{data:i,error:n}=await(0,Et.betterFetch)("https://api.linkedin.com/v2/userinfo",{method:"GET",headers:{Authorization:`Bearer ${o.accessToken}`}});return n?null:{user:{id:i.sub,name:i.name,email:i.email,emailVerified:i.email_verified||!1,image:i.picture},data:i}}}};var Oe={apple:at,discord:ct,facebook:ut,github:pt,microsoft:yt,google:mt,spotify:bt,twitch:Rt,twitter:Tt,dropbox:vt,linkedin:Ot},It=Object.keys(Oe);var _t=require("oslo"),ge=require("oslo/jwt"),P=require("zod");var H=require("better-call");var Y=require("better-call");var Ie=require("zod"),Pe=()=>y("/get-session",{method:"GET",requireHeaders:!0},async e=>{try{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)return e.json(null,{status:401});let r=await e.context.internalAdapter.findSession(t);if(!r||r.session.expiresAt<new Date)return J(e),r&&await e.context.internalAdapter.deleteSession(r.session.id),e.json(null,{status:401});if(await e.getSignedCookie(e.context.authCookies.dontRememberToken.name,e.context.secret))return e.json(r);let i=e.context.sessionConfig.expiresIn,n=e.context.sessionConfig.updateAge;if(r.session.expiresAt.valueOf()-i*1e3+n*1e3<=Date.now()){let s=await e.context.internalAdapter.updateSession(r.session.id,{expiresAt:B(e.context.sessionConfig.expiresIn,"sec")});if(!s)return J(e),e.json(null,{status:401});let d=(s.expiresAt.valueOf()-Date.now())/1e3;return await _(e,s.id,!1,{maxAge:d}),e.json({session:s,user:r.user})}return e.json(r)}catch(t){return e.context.logger.error(t),e.json(null,{status:500})}}),Se=async e=>await Pe()({...e,_flag:"json",headers:e.headers}),F=W(async e=>{let t=await Se(e);if(!t?.session)throw new Y.APIError("UNAUTHORIZED");return{session:t}}),Pt=()=>y("/user/list-sessions",{method:"GET",use:[F],requireHeaders:!0},async e=>{let r=(await e.context.internalAdapter.listSessions(e.context.session.user.id)).filter(o=>o.expiresAt>new Date);return e.json(r)}),St=y("/user/revoke-session",{method:"POST",body:Ie.z.object({id:Ie.z.string()}),use:[F],requireHeaders:!0},async e=>{let t=e.body.id,r=await e.context.internalAdapter.findSession(t);if(!r)throw new Y.APIError("BAD_REQUEST",{message:"Session not found"});if(r.session.userId!==e.context.session.user.id)throw new Y.APIError("UNAUTHORIZED");try{await e.context.internalAdapter.deleteSession(t)}catch(o){throw e.context.logger.error(o),new Y.APIError("INTERNAL_SERVER_ERROR")}return e.json({status:!0})}),Lt=y("/user/revoke-sessions",{method:"POST",use:[F],requireHeaders:!0},async e=>{try{await e.context.internalAdapter.deleteSessions(e.context.session.user.id)}catch(t){throw e.context.logger.error(t),new Y.APIError("INTERNAL_SERVER_ERROR")}return e.json({status:!0})});async function N(e,t,r){return await(0,ge.createJWT)("HS256",Buffer.from(e),{email:t.toLowerCase(),updateTo:r},{expiresIn:new _t.TimeSpan(1,"h"),issuer:"better-auth",subject:"verify-email",audiences:[t],includeIssuedTimestamp:!0})}var Ct=y("/send-verification-email",{method:"POST",query:P.z.object({currentURL:P.z.string().optional()}).optional(),body:P.z.object({email:P.z.string().email(),callbackURL:P.z.string().optional()}),use:[O]},async e=>{if(!e.context.options.emailVerification?.sendVerificationEmail)throw e.context.logger.error("Verification email isn't enabled."),new H.APIError("BAD_REQUEST",{message:"Verification email isn't enabled"});let{email:t}=e.body,r=await e.context.internalAdapter.findUserByEmail(t);if(!r)throw new H.APIError("BAD_REQUEST",{message:"User not found"});let o=await N(e.context.secret,t),i=`${e.context.baseURL}/verify-email?token=${o}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.emailVerification.sendVerificationEmail(r.user,i,o),e.json({status:!0})}),Bt=y("/verify-email",{method:"GET",query:P.z.object({token:P.z.string(),callbackURL:P.z.string().optional()}),use:[O]},async e=>{let{token:t}=e.query,r;try{r=await(0,ge.validateJWT)("HS256",Buffer.from(e.context.secret),t)}catch(a){throw e.context.logger.error("Failed to verify email",a),new H.APIError("BAD_REQUEST",{message:"Invalid token"})}let i=P.z.object({email:P.z.string().email(),updateTo:P.z.string().optional()}).parse(r.payload);if(!await e.context.internalAdapter.findUserByEmail(i.email))throw new H.APIError("BAD_REQUEST",{message:"User not found"});if(i.updateTo){let a=await Se(e);if(!a)throw e.query.callbackURL?e.redirect(`${e.query.callbackURL}?error=unauthorized`):new H.APIError("UNAUTHORIZED",{message:"Session not found"});if(a.user.email!==i.email)throw e.query.callbackURL?e.redirect(`${e.query.callbackURL}?error=unauthorized`):new H.APIError("UNAUTHORIZED",{message:"Invalid session"});let c=await e.context.internalAdapter.updateUserByEmail(i.email,{email:i.updateTo});if(await e.context.options.emailVerification?.sendVerificationEmail?.(c,`${e.context.baseURL}/verify-email?token=${t}`,t),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({user:c,status:!0})}if(await e.context.internalAdapter.updateUserByEmail(i.email,{emailVerified:!0}),e.query.callbackURL)throw e.redirect(e.query.callbackURL);return e.json({user:null,status:!0})});var Ft=y("/sign-in/social",{method:"POST",requireHeaders:!0,query:I.z.object({currentURL:I.z.string().optional()}).optional(),body:I.z.object({callbackURL:I.z.string().optional(),provider:I.z.enum(It)}),use:[O]},async e=>{let t=e.context.socialProviders.find(s=>s.id===e.body.provider);if(!t)throw e.context.logger.error("Provider not found. Make sure to add the provider in your auth config",{provider:e.body.provider}),new S.APIError("NOT_FOUND",{message:"Provider not found"});let r=e.context.authCookies,o=e.query?.currentURL?new URL(e.query?.currentURL):null,i=e.body.callbackURL?.startsWith("http")?e.body.callbackURL:`${o?.origin}${e.body.callbackURL||""}`,n=await xe(i||o?.origin||e.context.options.baseURL);await e.setSignedCookie(r.state.name,n.hash,e.context.secret,r.state.options);let a=(0,Dt.generateCodeVerifier)();await e.setSignedCookie(r.pkCodeVerifier.name,a,e.context.secret,r.pkCodeVerifier.options);let c=await t.createAuthorizationURL({state:n.raw,codeVerifier:a,redirectURI:`${e.context.baseURL}/callback/${t.id}`});return e.json({url:c.toString(),state:n,codeVerifier:a,redirect:!0})}),Nt=y("/sign-in/email",{method:"POST",body:I.z.object({email:I.z.string(),password:I.z.string(),callbackURL:I.z.string().optional(),dontRememberMe:I.z.boolean().default(!1).optional()}),use:[O]},async e=>{if(!e.context.options?.emailAndPassword?.enabled)throw e.context.logger.error("Email and password is not enabled. Make sure to enable it in the options on you `auth.ts` file. Check `https://better-auth.com/docs/authentication/email-password` for more!"),new S.APIError("BAD_REQUEST",{message:"Email and password is not enabled"});let{email:t,password:r}=e.body;if(!I.z.string().email().safeParse(t).success)throw new S.APIError("BAD_REQUEST",{message:"Invalid email"});if(!I.z.string().email().safeParse(t).success)throw new S.APIError("BAD_REQUEST",{message:"Invalid email"});let n=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!n)throw await e.context.password.hash(r),e.context.logger.error("User not found",{email:t}),new S.APIError("UNAUTHORIZED",{message:"Invalid email or password"});let a=n.accounts.find(l=>l.providerId==="credential");if(!a)throw e.context.logger.error("Credential account not found",{email:t}),new S.APIError("UNAUTHORIZED",{message:"Invalid email or password"});let c=a?.password;if(!c)throw e.context.logger.error("Password not found",{email:t}),new S.APIError("UNAUTHORIZED",{message:"Unexpected error"});if(!await e.context.password.verify(c,r))throw e.context.logger.error("Invalid password"),new S.APIError("UNAUTHORIZED",{message:"Invalid email or password"});if(e.context.options?.emailAndPassword?.requireEmailVerification&&!n.user.emailVerified){if(!e.context.options?.emailVerification?.sendVerificationEmail)throw b.error("Email verification is required but no email verification handler is provided"),new S.APIError("INTERNAL_SERVER_ERROR",{message:"Email is not verified."});let l=await N(e.context.secret,n.user.email),f=`${e.context.options.baseURL}/verify-email?token=${l}`;throw await e.context.options.emailVerification.sendVerificationEmail(n.user,f,l),e.context.logger.error("Email not verified",{email:t}),new S.APIError("FORBIDDEN",{message:"Email is not verified. Check your email for a verification link"})}let d=await e.context.internalAdapter.createSession(n.user.id,e.headers,e.body.dontRememberMe);if(!d)throw e.context.logger.error("Failed to create session"),new S.APIError("UNAUTHORIZED",{message:"Failed to create session"});return await _(e,d.id,e.body.dontRememberMe),e.json({user:n.user,session:d,redirect:!!e.body.callbackURL,url:e.body.callbackURL})});var oe=require("zod");var w=require("zod"),ii=w.z.object({id:w.z.string(),providerId:w.z.string(),accountId:w.z.string(),userId:w.z.string(),accessToken:w.z.string().nullable().optional(),refreshToken:w.z.string().nullable().optional(),idToken:w.z.string().nullable().optional(),expiresAt:w.z.date().nullable().optional(),password:w.z.string().optional().nullable()}),qt=w.z.object({id:w.z.string(),email:w.z.string().transform(e=>e.toLowerCase()),emailVerified:w.z.boolean().default(!1),name:w.z.string(),image:w.z.string().optional(),createdAt:w.z.date().default(new Date),updatedAt:w.z.date().default(new Date)}),si=w.z.object({id:w.z.string(),userId:w.z.string(),expiresAt:w.z.date(),ipAddress:w.z.string().optional(),userAgent:w.z.string().optional()}),ai=w.z.object({id:w.z.string(),value:w.z.string(),expiresAt:w.z.date(),identifier:w.z.string()});function Vt(e,t){let r={...t==="user"?e.user?.additionalFields:{},...t==="session"?e.session?.additionalFields:{}};for(let o of e.plugins||[])o.schema&&o.schema[t]&&(r={...r,...o.schema[t].fields});return r}function $t(e,t){let r=t.fields,o={};for(let i in r){if(i in e){if(r[i].input===!1){if(r[i].defaultValue){o[i]=r[i].defaultValue;continue}continue}o[i]=e[i];continue}if(r[i].defaultValue){o[i]=r[i].defaultValue;continue}}return o}function zt(e,t){let r=Vt(e,"user");return $t(t||{},{fields:r})}function jt(e,t){let r=Vt(e,"user");return $t(t||{},{fields:r})}var Mt=y("/callback/:id",{method:"GET",query:oe.z.object({state:oe.z.string(),code:oe.z.string().optional(),error:oe.z.string().optional()}),metadata:D},async e=>{if(e.query.error||!e.query.code){let T=fe(e.query.state).data?.callbackURL||`${e.context.baseURL}/error`;throw e.context.logger.error(e.query.error,e.params.id),e.redirect(`${T}?error=${e.query.error||"oAuth_code_missing"}`)}let t=e.context.socialProviders.find(m=>m.id===e.params.id);if(!t)throw e.context.logger.error("Oauth provider with id",e.params.id,"not found"),e.redirect(`${e.context.baseURL}/error?error=oauth_provider_not_found`);let r=fe(e.query.state);if(!r.success)throw e.context.logger.error("Unable to parse state"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let{data:{callbackURL:o,currentURL:i}}=r,n=await e.getSignedCookie(e.context.authCookies.state.name,e.context.secret);if(!n)throw b.error("No stored state found"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!await We(e.query.state,n))throw b.error("OAuth state mismatch"),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);let c=await e.getSignedCookie(e.context.authCookies.pkCodeVerifier.name,e.context.secret),s;try{s=await t.validateAuthorizationCode({code:e.query.code,codeVerifier:c,redirectURI:`${e.context.baseURL}/callback/${t.id}`})}catch(m){throw e.context.logger.error(m),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`)}let d=await t.getUserInfo(s).then(m=>m?.user),l=U(),f=qt.safeParse({...d,id:l});if(!d||f.success===!1)throw b.error("Unable to get user info",f.error),e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);if(!o)throw e.redirect(`${e.context.baseURL}/error?error=please_restart_the_process`);function p(m){throw e.redirect(`${i||o||`${e.context.baseURL}/error`}?error=${m}`)}let u=await e.context.internalAdapter.findUserByEmail(d.email,{includeAccounts:!0}).catch(m=>{throw b.error(`Better auth was unable to query your database.
-Error: `,m),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)}),g=u?.user.id;if(u){let m=u.accounts.find(T=>T.providerId===t.id);if(m)await e.context.internalAdapter.updateAccount(m.id,{accessToken:s.accessToken,idToken:s.idToken,refreshToken:s.refreshToken,expiresAt:s.accessTokenExpiresAt});else{(!e.context.options.account?.accountLinking?.trustedProviders?.includes(t.id)&&!d.emailVerified||!e.context.options.account?.accountLinking?.enabled)&&p("account_not_linked");try{await e.context.internalAdapter.linkAccount({providerId:t.id,accountId:d.id.toString(),id:`${t.id}:${d.id}`,userId:u.user.id,accessToken:s.accessToken,idToken:s.idToken,refreshToken:s.refreshToken,expiresAt:s.accessTokenExpiresAt})}catch(z){b.error("Unable to link account",z),p("unable_to_link_account")}}}else try{let m=d.emailVerified||!1,T=await e.context.internalAdapter.createOAuthUser({...f.data,emailVerified:m},{accessToken:s.accessToken,idToken:s.idToken,refreshToken:s.refreshToken,expiresAt:s.accessTokenExpiresAt,providerId:t.id,accountId:d.id.toString()});if(g=T?.user.id,!m&&T&&e.context.options.emailVerification?.sendOnSignUp){let X=await N(e.context.secret,d.email),z=`${e.context.baseURL}/verify-email?token=${X}&callbackURL=${o}`;await e.context.options.emailVerification?.sendVerificationEmail?.(T.user,z,X)}}catch(m){b.error("Unable to create user",m),p("unable_to_create_user")}g||p("unable_to_create_user");let h=await e.context.internalAdapter.createSession(g,e.request);throw h||p("unable_to_create_session"),await _(e,h.id),e.redirect(o)});var bi=require("zod");var Ht=require("better-call");var Kt=y("/sign-out",{method:"POST"},async e=>{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)throw new Ht.APIError("BAD_REQUEST",{message:"Session not found"});return await e.context.internalAdapter.deleteSession(t),J(e),e.json({success:!0})});var L=require("zod");var ne=require("better-call");var Zt=y("/forget-password",{method:"POST",body:L.z.object({email:L.z.string().email(),redirectTo:L.z.string()}),use:[O]},async e=>{if(!e.context.options.emailAndPassword?.sendResetPassword)throw e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function in your auth config!"),new ne.APIError("BAD_REQUEST",{message:"Reset password isn't enabled"});let{email:t,redirectTo:r}=e.body,o=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!o)return e.context.logger.error("Reset Password: User not found",{email:t}),e.json({status:!1},{body:{status:!0}});let i=60*60*1,n=new Date(Date.now()+1e3*(e.context.options.emailAndPassword.resetPasswordTokenExpiresIn||i)),a=e.context.uuid();await e.context.internalAdapter.createVerificationValue({value:o.user.id,identifier:`reset-password:${a}`,expiresAt:n});let c=`${e.context.baseURL}/reset-password/${a}?callbackURL=${r}`;return await e.context.options.emailAndPassword.sendResetPassword(o.user,c),e.json({status:!0})}),Gt=y("/reset-password/:token",{method:"GET",query:L.z.object({callbackURL:L.z.string()}),use:[O]},async e=>{let{token:t}=e.params,r=e.query.callbackURL,o=r.startsWith("http")?r:`${e.context.options.baseURL}${r}`;if(!t||!r)throw e.redirect(`${e.context.baseURL}/error?error=INVALID_TOKEN`);let i=await e.context.internalAdapter.findVerificationValue(`reset-password:${t}`);throw!i||i.expiresAt<new Date?e.redirect(`${o}?error=INVALID_TOKEN`):e.redirect(`${o}?token=${t}`)}),Qt=y("/reset-password",{query:L.z.optional(L.z.object({token:L.z.string().optional(),currentURL:L.z.string().optional()})),method:"POST",body:L.z.object({newPassword:L.z.string()})},async e=>{let t=e.query?.token||(e.query?.currentURL?new URL(e.query.currentURL).searchParams.get("token"):"");if(!t)throw new ne.APIError("BAD_REQUEST",{message:"Token not found"});let{newPassword:r}=e.body,o=`reset-password:${t}`,i=await e.context.internalAdapter.findVerificationValue(o);if(!i||i.expiresAt<new Date)throw new ne.APIError("BAD_REQUEST",{message:"Invalid token"});await e.context.internalAdapter.deleteVerificationValue(i.id);let n=i.value,a=await e.context.password.hash(r);if(!(await e.context.internalAdapter.findAccounts(n)).find(l=>l.providerId==="credential"))return await e.context.internalAdapter.createAccount({userId:n,providerId:"credential",password:a,accountId:e.context.uuid()}),e.json({status:!0});if(!await e.context.internalAdapter.updatePassword(n,a))throw new ne.APIError("BAD_REQUEST",{message:"Failed to update password"});return e.json({status:!0})});var R=require("zod");var x=require("better-call");var Wt=()=>y("/user/update",{method:"POST",body:R.z.record(R.z.string(),R.z.any()),use:[F,O]},async e=>{let t=e.body;if(t.email)throw new x.APIError("BAD_REQUEST",{message:"You can't update email"});let{name:r,image:o,...i}=t,n=e.context.session;if(!o&&!r&&Object.keys(i).length===0)return e.json({user:n.user});let a=zt(e.context.options,i),c=await e.context.internalAdapter.updateUserByEmail(n.user.email,{name:r,image:o,...a});return e.json({user:c})}),Jt=y("/user/change-password",{method:"POST",body:R.z.object({newPassword:R.z.string(),currentPassword:R.z.string(),revokeOtherSessions:R.z.boolean().optional()}),use:[F]},async e=>{let{newPassword:t,currentPassword:r,revokeOtherSessions:o}=e.body,i=e.context.session,n=e.context.password.config.minPasswordLength;if(t.length<n)throw e.context.logger.error("Password is too short"),new x.APIError("BAD_REQUEST",{message:"Password is too short"});let a=e.context.password.config.maxPasswordLength;if(t.length>a)throw e.context.logger.error("Password is too long"),new x.APIError("BAD_REQUEST",{message:"Password too long"});let s=(await e.context.internalAdapter.findAccounts(i.user.id)).find(f=>f.providerId==="credential"&&f.password);if(!s||!s.password)throw new x.APIError("BAD_REQUEST",{message:"User does not have a password"});let d=await e.context.password.hash(t);if(!await e.context.password.verify(s.password,r))throw new x.APIError("BAD_REQUEST",{message:"Incorrect password"});if(await e.context.internalAdapter.updateAccount(s.id,{password:d}),o){await e.context.internalAdapter.deleteSessions(i.user.id);let f=await e.context.internalAdapter.createSession(i.user.id,e.headers);if(!f)throw new x.APIError("INTERNAL_SERVER_ERROR",{message:"Unable to create session"});await _(e,f.id)}return e.json(i.user)}),Yt=y("/user/set-password",{method:"POST",body:R.z.object({newPassword:R.z.string()}),use:[F]},async e=>{let{newPassword:t}=e.body,r=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)throw e.context.logger.error("Password is too short"),new x.APIError("BAD_REQUEST",{message:"Password is too short"});let i=e.context.password.config.maxPasswordLength;if(t.length>i)throw e.context.logger.error("Password is too long"),new x.APIError("BAD_REQUEST",{message:"Password too long"});let a=(await e.context.internalAdapter.findAccounts(r.user.id)).find(s=>s.providerId==="credential"&&s.password),c=await e.context.password.hash(t);if(!a)return await e.context.internalAdapter.linkAccount({userId:r.user.id,providerId:"credential",accountId:r.user.id,password:c}),e.json(r.user);throw new x.APIError("BAD_REQUEST",{message:"user already has a password"})}),Xt=y("/user/delete",{method:"POST",body:R.z.object({password:R.z.string()}),use:[F]},async e=>{let{password:t}=e.body,r=e.context.session,i=(await e.context.internalAdapter.findAccounts(r.user.id)).find(c=>c.providerId==="credential"&&c.password);if(!i||!i.password)throw new x.APIError("BAD_REQUEST",{message:"User does not have a password"});if(!await e.context.password.verify(i.password,t))throw new x.APIError("BAD_REQUEST",{message:"Incorrect password"});await e.context.internalAdapter.deleteUser(r.user.id),await e.context.internalAdapter.deleteSessions(r.user.id);let a=e.context.authCookies.sessionToken;return e.setCookie(a.name,"",{maxAge:0}),e.json(null)}),er=y("/user/change-email",{method:"POST",query:R.z.object({currentURL:R.z.string().optional()}).optional(),body:R.z.object({newEmail:R.z.string().email(),callbackURL:R.z.string().optional()}),use:[F,O]},async e=>{if(!e.context.options.user?.changeEmail?.enabled)throw e.context.logger.error("Change email is disabled."),new x.APIError("BAD_REQUEST",{message:"Change email is disabled"});if(e.body.newEmail===e.context.session.user.email)throw e.context.logger.error("Email is the same"),new x.APIError("BAD_REQUEST",{message:"Email is the same"});if(await e.context.internalAdapter.findUserByEmail(e.body.newEmail))throw e.context.logger.error("Email already exists"),new x.APIError("BAD_REQUEST",{message:"Couldn't update your email"});if(e.context.session.user.emailVerified!==!0){let i=await e.context.internalAdapter.updateUserByEmail(e.context.session.user.email,{email:e.body.newEmail});return e.json({user:i,status:!0})}if(!e.context.options.user.changeEmail.sendChangeEmailVerification)throw e.context.logger.error("Verification email isn't enabled."),new x.APIError("BAD_REQUEST",{message:"Verification email isn't enabled"});let r=await N(e.context.secret,e.context.session.user.email,e.body.newEmail),o=`${e.context.baseURL}/verify-email?token=${r}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.user.changeEmail.sendChangeEmailVerification(e.context.session.user,e.body.newEmail,o,r),e.json({user:null,status:!0})});var tr=y("/csrf",{method:"GET",metadata:D},async e=>{let t=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t){let[n,a]=t.split("!")||[null,null];return e.json({csrfToken:n})}let r=He(32,Ke("a-z","0-9","A-Z")),o=await ue(e.context.secret,r),i=`${r}!${o}`;return await e.setSignedCookie(e.context.authCookies.csrfToken.name,i,e.context.secret,e.context.authCookies.csrfToken.options),e.json({csrfToken:r})});var Lr=(e="Unknown")=>`<!DOCTYPE html>
+Error: `,m),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)}),g=u?.user.id;if(u){let m=u.accounts.find(T=>T.providerId===t.id);if(m)await e.context.internalAdapter.updateAccount(m.id,{accessToken:s.accessToken,idToken:s.idToken,refreshToken:s.refreshToken,expiresAt:s.accessTokenExpiresAt});else{(!e.context.options.account?.accountLinking?.trustedProviders?.includes(t.id)&&!d.emailVerified||!e.context.options.account?.accountLinking?.enabled)&&p("account_not_linked");try{await e.context.internalAdapter.linkAccount({providerId:t.id,accountId:d.id.toString(),id:`${t.id}:${d.id}`,userId:u.user.id,accessToken:s.accessToken,idToken:s.idToken,refreshToken:s.refreshToken,expiresAt:s.accessTokenExpiresAt})}catch(z){b.error("Unable to link account",z),p("unable_to_link_account")}}}else try{let m=d.emailVerified||!1,T=await e.context.internalAdapter.createOAuthUser({...f.data,emailVerified:m},{accessToken:s.accessToken,idToken:s.idToken,refreshToken:s.refreshToken,expiresAt:s.accessTokenExpiresAt,providerId:t.id,accountId:d.id.toString()});if(g=T?.user.id,!m&&T&&e.context.options.emailVerification?.sendOnSignUp){let X=await N(e.context.secret,d.email),z=`${e.context.baseURL}/verify-email?token=${X}&callbackURL=${o}`;await e.context.options.emailVerification?.sendVerificationEmail?.(T.user,z,X)}}catch(m){b.error("Unable to create user",m),p("unable_to_create_user")}g||p("unable_to_create_user");let h=await e.context.internalAdapter.createSession(g,e.request);throw h||p("unable_to_create_session"),await _(e,h.id),e.redirect(o)});var bi=require("zod");var Ht=require("better-call");var Kt=y("/sign-out",{method:"POST"},async e=>{let t=await e.getSignedCookie(e.context.authCookies.sessionToken.name,e.context.secret);if(!t)throw new Ht.APIError("BAD_REQUEST",{message:"Session not found"});return await e.context.internalAdapter.deleteSession(t),J(e),e.json({success:!0})});var L=require("zod");var ne=require("better-call");var Zt=y("/forget-password",{method:"POST",body:L.z.object({email:L.z.string().email(),redirectTo:L.z.string()}),use:[O]},async e=>{if(!e.context.options.emailAndPassword?.sendResetPassword)throw e.context.logger.error("Reset password isn't enabled.Please pass an emailAndPassword.sendResetPasswordToken function in your auth config!"),new ne.APIError("BAD_REQUEST",{message:"Reset password isn't enabled"});let{email:t,redirectTo:r}=e.body,o=await e.context.internalAdapter.findUserByEmail(t,{includeAccounts:!0});if(!o)return e.context.logger.error("Reset Password: User not found",{email:t}),e.json({status:!1},{body:{status:!0}});let i=60*60*1,n=new Date(Date.now()+1e3*(e.context.options.emailAndPassword.resetPasswordTokenExpiresIn||i)),a=e.context.uuid();await e.context.internalAdapter.createVerificationValue({value:o.user.id,identifier:`reset-password:${a}`,expiresAt:n});let c=`${e.context.baseURL}/reset-password/${a}?callbackURL=${r}`;return await e.context.options.emailAndPassword.sendResetPassword(o.user,c),e.json({status:!0})}),Gt=y("/reset-password/:token",{method:"GET",query:L.z.object({callbackURL:L.z.string()}),use:[O]},async e=>{let{token:t}=e.params,r=e.query.callbackURL,o=r.startsWith("http")?r:`${e.context.options.baseURL}${r}`;if(!t||!r)throw e.redirect(`${e.context.baseURL}/error?error=INVALID_TOKEN`);let i=await e.context.internalAdapter.findVerificationValue(`reset-password:${t}`);throw!i||i.expiresAt<new Date?e.redirect(`${o}?error=INVALID_TOKEN`):e.redirect(`${o}${o.includes("?")?"&":"?"}token=${t}`)}),Qt=y("/reset-password",{query:L.z.optional(L.z.object({token:L.z.string().optional(),currentURL:L.z.string().optional()})),method:"POST",body:L.z.object({newPassword:L.z.string()})},async e=>{let t=e.query?.token||(e.query?.currentURL?new URL(e.query.currentURL).searchParams.get("token"):"");if(!t)throw new ne.APIError("BAD_REQUEST",{message:"Token not found"});let{newPassword:r}=e.body,o=`reset-password:${t}`,i=await e.context.internalAdapter.findVerificationValue(o);if(!i||i.expiresAt<new Date)throw new ne.APIError("BAD_REQUEST",{message:"Invalid token"});await e.context.internalAdapter.deleteVerificationValue(i.id);let n=i.value,a=await e.context.password.hash(r);if(!(await e.context.internalAdapter.findAccounts(n)).find(l=>l.providerId==="credential"))return await e.context.internalAdapter.createAccount({userId:n,providerId:"credential",password:a,accountId:e.context.uuid()}),e.json({status:!0});if(!await e.context.internalAdapter.updatePassword(n,a))throw new ne.APIError("BAD_REQUEST",{message:"Failed to update password"});return e.json({status:!0})});var R=require("zod");var x=require("better-call");var Wt=()=>y("/user/update",{method:"POST",body:R.z.record(R.z.string(),R.z.any()),use:[F,O]},async e=>{let t=e.body;if(t.email)throw new x.APIError("BAD_REQUEST",{message:"You can't update email"});let{name:r,image:o,...i}=t,n=e.context.session;if(!o&&!r&&Object.keys(i).length===0)return e.json({user:n.user});let a=zt(e.context.options,i),c=await e.context.internalAdapter.updateUserByEmail(n.user.email,{name:r,image:o,...a});return e.json({user:c})}),Jt=y("/user/change-password",{method:"POST",body:R.z.object({newPassword:R.z.string(),currentPassword:R.z.string(),revokeOtherSessions:R.z.boolean().optional()}),use:[F]},async e=>{let{newPassword:t,currentPassword:r,revokeOtherSessions:o}=e.body,i=e.context.session,n=e.context.password.config.minPasswordLength;if(t.length<n)throw e.context.logger.error("Password is too short"),new x.APIError("BAD_REQUEST",{message:"Password is too short"});let a=e.context.password.config.maxPasswordLength;if(t.length>a)throw e.context.logger.error("Password is too long"),new x.APIError("BAD_REQUEST",{message:"Password too long"});let s=(await e.context.internalAdapter.findAccounts(i.user.id)).find(f=>f.providerId==="credential"&&f.password);if(!s||!s.password)throw new x.APIError("BAD_REQUEST",{message:"User does not have a password"});let d=await e.context.password.hash(t);if(!await e.context.password.verify(s.password,r))throw new x.APIError("BAD_REQUEST",{message:"Incorrect password"});if(await e.context.internalAdapter.updateAccount(s.id,{password:d}),o){await e.context.internalAdapter.deleteSessions(i.user.id);let f=await e.context.internalAdapter.createSession(i.user.id,e.headers);if(!f)throw new x.APIError("INTERNAL_SERVER_ERROR",{message:"Unable to create session"});await _(e,f.id)}return e.json(i.user)}),Yt=y("/user/set-password",{method:"POST",body:R.z.object({newPassword:R.z.string()}),use:[F]},async e=>{let{newPassword:t}=e.body,r=e.context.session,o=e.context.password.config.minPasswordLength;if(t.length<o)throw e.context.logger.error("Password is too short"),new x.APIError("BAD_REQUEST",{message:"Password is too short"});let i=e.context.password.config.maxPasswordLength;if(t.length>i)throw e.context.logger.error("Password is too long"),new x.APIError("BAD_REQUEST",{message:"Password too long"});let a=(await e.context.internalAdapter.findAccounts(r.user.id)).find(s=>s.providerId==="credential"&&s.password),c=await e.context.password.hash(t);if(!a)return await e.context.internalAdapter.linkAccount({userId:r.user.id,providerId:"credential",accountId:r.user.id,password:c}),e.json(r.user);throw new x.APIError("BAD_REQUEST",{message:"user already has a password"})}),Xt=y("/user/delete",{method:"POST",body:R.z.object({password:R.z.string()}),use:[F]},async e=>{let{password:t}=e.body,r=e.context.session,i=(await e.context.internalAdapter.findAccounts(r.user.id)).find(c=>c.providerId==="credential"&&c.password);if(!i||!i.password)throw new x.APIError("BAD_REQUEST",{message:"User does not have a password"});if(!await e.context.password.verify(i.password,t))throw new x.APIError("BAD_REQUEST",{message:"Incorrect password"});await e.context.internalAdapter.deleteUser(r.user.id),await e.context.internalAdapter.deleteSessions(r.user.id);let a=e.context.authCookies.sessionToken;return e.setCookie(a.name,"",{maxAge:0}),e.json(null)}),er=y("/user/change-email",{method:"POST",query:R.z.object({currentURL:R.z.string().optional()}).optional(),body:R.z.object({newEmail:R.z.string().email(),callbackURL:R.z.string().optional()}),use:[F,O]},async e=>{if(!e.context.options.user?.changeEmail?.enabled)throw e.context.logger.error("Change email is disabled."),new x.APIError("BAD_REQUEST",{message:"Change email is disabled"});if(e.body.newEmail===e.context.session.user.email)throw e.context.logger.error("Email is the same"),new x.APIError("BAD_REQUEST",{message:"Email is the same"});if(await e.context.internalAdapter.findUserByEmail(e.body.newEmail))throw e.context.logger.error("Email already exists"),new x.APIError("BAD_REQUEST",{message:"Couldn't update your email"});if(e.context.session.user.emailVerified!==!0){let i=await e.context.internalAdapter.updateUserByEmail(e.context.session.user.email,{email:e.body.newEmail});return e.json({user:i,status:!0})}if(!e.context.options.user.changeEmail.sendChangeEmailVerification)throw e.context.logger.error("Verification email isn't enabled."),new x.APIError("BAD_REQUEST",{message:"Verification email isn't enabled"});let r=await N(e.context.secret,e.context.session.user.email,e.body.newEmail),o=`${e.context.baseURL}/verify-email?token=${r}&callbackURL=${e.body.callbackURL||e.query?.currentURL||"/"}`;return await e.context.options.user.changeEmail.sendChangeEmailVerification(e.context.session.user,e.body.newEmail,o,r),e.json({user:null,status:!0})});var tr=y("/csrf",{method:"GET",metadata:D},async e=>{let t=await e.getSignedCookie(e.context.authCookies.csrfToken.name,e.context.secret);if(t){let[n,a]=t.split("!")||[null,null];return e.json({csrfToken:n})}let r=He(32,Ke("a-z","0-9","A-Z")),o=await ue(e.context.secret,r),i=`${r}!${o}`;return await e.setSignedCookie(e.context.authCookies.csrfToken.name,i,e.context.secret,e.context.authCookies.csrfToken.options),e.json({csrfToken:r})});var Lr=(e="Unknown")=>`<!DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="UTF-8">
@@ -81,4 +81,3 @@ Error: `,m),e.redirect(`${e.context.baseURL}/error?error=internal_server_error`)
     </div>
 </body>
 </html>`,rr=y("/error",{method:"GET",metadata:D},async e=>{let t=new URL(e.request?.url||"").searchParams.get("error")||"Unknown";return new Response(Lr(t),{headers:{"Content-Type":"text/html"}})});var or=y("/ok",{method:"GET",metadata:D},async e=>e.json({ok:!0}));var K=require("zod");var C=require("better-call");var nr=()=>y("/sign-up/email",{method:"POST",query:K.z.object({currentURL:K.z.string().optional()}).optional(),body:K.z.record(K.z.string(),K.z.any()),use:[O]},async e=>{if(!e.context.options.emailAndPassword?.enabled)throw new C.APIError("BAD_REQUEST",{message:"Email and password sign up is not enabled"});let t=e.body,{name:r,email:o,password:i,image:n,callbackURL:a,...c}=t;if(!K.z.string().email().safeParse(o).success)throw new C.APIError("BAD_REQUEST",{message:"Invalid email"});let d=e.context.password.config.minPasswordLength;if(i.length<d)throw e.context.logger.error("Password is too short"),new C.APIError("BAD_REQUEST",{message:"Password is too short"});let l=e.context.password.config.maxPasswordLength;if(i.length>l)throw e.context.logger.error("Password is too long"),new C.APIError("BAD_REQUEST",{message:"Password is too long"});if((await e.context.internalAdapter.findUserByEmail(o))?.user)throw e.context.logger.info(`Sign-up attempt for existing email: ${o}`),new C.APIError("UNPROCESSABLE_ENTITY",{message:"User with this email already exists"});let p=jt(e.context.options,c),u;try{if(u=await e.context.internalAdapter.createUser({email:o.toLowerCase(),name:r,image:n,...p,emailVerified:!1}),!u)throw new C.APIError("BAD_REQUEST",{message:"Failed to create user"})}catch(m){throw new C.APIError("UNPROCESSABLE_ENTITY",{message:"Failed to create user",details:m})}if(!u)throw new C.APIError("UNPROCESSABLE_ENTITY",{message:"Failed to create user"});let g=await e.context.password.hash(i);if(await e.context.internalAdapter.linkAccount({userId:u.id,providerId:"credential",accountId:u.id,password:g,expiresAt:B(60*60*24*30,"sec")}),e.context.options.emailVerification?.sendOnSignUp){let m=await N(e.context.secret,u.email),T=`${e.context.baseURL}/verify-email?token=${m}&callbackURL=${t.callbackURL||e.query?.currentURL||"/"}`;await e.context.options.emailVerification?.sendVerificationEmail?.(u,T,m)}if(!e.context.options.emailAndPassword.autoSignIn||e.context.options.emailAndPassword.requireEmailVerification)return e.json({user:u,session:null},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:u,session:null}});let h=await e.context.internalAdapter.createSession(u.id,e.request);if(!h)throw new C.APIError("BAD_REQUEST",{message:"Failed to create session"});return await _(e,h.id),e.json({user:u,session:h},{body:t.callbackURL?{url:t.callbackURL,redirect:!0}:{user:u,session:h}})});var ir=require("std-env");function he(e){let t="127.0.0.1";if(ir.isTest)return t;let r=["x-client-ip","x-forwarded-for","cf-connecting-ip","fastly-client-ip","x-real-ip","x-cluster-client-ip","x-forwarded","forwarded-for","forwarded"],o=e instanceof Request?e.headers:e;for(let i of r){let n=o.get(i);if(typeof n=="string"){let a=n.split(",")[0].trim();if(a)return a}}return null}function _r(e,t,r){let o=Date.now(),i=t*1e3;return o-r.lastRequest<i&&r.count>=e}function Cr(e){return new Response(JSON.stringify({message:"Too many requests. Please try again later."}),{status:429,statusText:"Too Many Requests",headers:{"X-Retry-After":e.toString()}})}function Br(e,t){let r=Date.now(),o=t*1e3;return Math.ceil((e+o-r)/1e3)}function Dr(e,t){let r=t??"rateLimit",o=e.adapter;return{get:async i=>await o.findOne({model:r,where:[{field:"key",value:i}]}),set:async(i,n,a)=>{try{a?await o.update({model:t??"rateLimit",where:[{field:"key",value:i}],update:{count:n.count,lastRequest:n.lastRequest}}):await o.create({model:t??"rateLimit",data:{key:i,count:n.count,lastRequest:n.lastRequest}})}catch(c){b.error("Error setting rate limit",c)}}}}var sr=new Map;function Fr(e){return e.rateLimit.storage==="secondary-storage"?{get:async r=>{let o=await e.options.secondaryStorage?.get(r);return o?JSON.parse(o):void 0},set:async(r,o)=>{await e.options.secondaryStorage?.set?.(r,JSON.stringify(o))}}:e.rateLimit.storage==="memory"?{async get(r){return sr.get(r)},async set(r,o,i){sr.set(r,o)}}:Dr(e,e.rateLimit.tableName)}async function ar(e,t){if(!t.rateLimit.enabled)return;let r=t.baseURL,o=e.url.replace(r,""),i=t.rateLimit.window,n=t.rateLimit.max,a=he(e)+o,s=Nr().find(p=>p.pathMatcher(o));s&&(i=s.window,n=s.max);for(let p of t.options.plugins||[])if(p.rateLimit){let u=p.rateLimit.find(g=>g.pathMatcher(o));if(u){i=u.window,n=u.max;break}}if(t.rateLimit.customRules){let p=t.rateLimit.customRules[o];p&&(i=p.window,n=p.max)}let d=Fr(t),l=await d.get(a),f=Date.now();if(!l)await d.set(a,{key:a,count:1,lastRequest:f});else{let p=f-l.lastRequest;if(_r(n,i,l)){let u=Br(l.lastRequest,i);return Cr(u)}else p>i*1e3?await d.set(a,{...l,count:1,lastRequest:f}):await d.set(a,{...l,count:l.count+1,lastRequest:f})}}function Nr(){return[{pathMatcher(t){return t.startsWith("/sign-in")||t.startsWith("/sign-up")},window:10,max:3}]}var qr=require("better-call");function Le(e,t){let r=t.plugins?.reduce((c,s)=>({...c,...s.endpoints}),{}),o=t.plugins?.map(c=>c.middlewares?.map(s=>{let d=async l=>s.middleware({...l,context:{...e,...l.context}});return d.path=s.path,d.options=s.middleware.options,d.headers=s.middleware.headers,{path:s.path,middleware:d}})).filter(c=>c!==void 0).flat()||[],n={...{signInOAuth:Ft,callbackOAuth:Mt,getCSRFToken:tr,getSession:Pe(),signOut:Kt,signUpEmail:nr(),signInEmail:Nt,forgetPassword:Zt,resetPassword:Qt,verifyEmail:Bt,sendVerificationEmail:Ct,changeEmail:er,changePassword:Jt,setPassword:Yt,updateUser:Wt(),deleteUser:Xt,forgetPasswordCallback:Gt,listSessions:Pt(),revokeSession:St,revokeSessions:Lt},...r,ok:or,error:rr},a={};for(let[c,s]of Object.entries(n))a[c]=async(d={})=>{let l=await e;for(let u of t.plugins||[])if(u.hooks?.before){for(let g of u.hooks.before)if(g.matcher({...s,...d,context:l})){let m=await g.handler({...d,context:{...l,...d?.context}});m&&"context"in m&&(l={...l,...m.context})}}let f;try{f=await s({...d,context:{...l,...d.context}})}catch(u){if(u instanceof Z.APIError){let g=t.plugins?.map(m=>{if(m.hooks?.after)return m.hooks.after}).filter(m=>m!==void 0).flat();if(!g?.length)throw u;let h=new Response(JSON.stringify(u.body),{status:Z.statusCode[u.status],headers:u.headers});for(let m of g||[])if(m.matcher(d)){let X=Object.assign(d,{context:{...e,returned:h}}),z=await m.handler(X);z&&"response"in z&&(h=z.response)}return h}throw u}let p=f;for(let u of t.plugins||[])if(u.hooks?.after){for(let g of u.hooks.after)if(g.matcher(d)){let m=Object.assign(d,{context:{...e,returned:p}}),T=await g.handler(m);T&&"response"in T&&(p=T.response)}}return p},a[c].path=s.path,a[c].method=s.method,a[c].options=s.options,a[c].headers=s.headers;return{api:a,middlewares:o}}var dr=(e,t)=>{let{api:r,middlewares:o}=Le(e,t),i=new URL(e.baseURL).pathname;return(0,Z.createRouter)(r,{extraContext:e,basePath:i,routerMiddleware:[{path:"/**",middleware:Ge},...o],async onRequest(n){for(let a of e.options.plugins||[])if(a.onRequest){let c=await a.onRequest(n,e);if(c)return c}return ar(n,e)},async onResponse(n){for(let a of e.options.plugins||[])if(a.onResponse){let c=await a.onResponse(n,e);if(c)return c.response}return n},onError(n){if(t.onAPIError?.throw)throw n;if(t.onAPIError?.onError){t.onAPIError.onError(n,e);return}let a=t.logger?.verboseLogging?b:void 0;t.logger?.disabled!==!0&&(n instanceof Z.APIError?(n.status==="INTERNAL_SERVER_ERROR"&&b.error(n),a?.error(n.message)):b?.error(n))}})};var q=e=>{let t=e.plugins?.reduce((s,d)=>{let l=d.schema;if(!l)return s;for(let[f,p]of Object.entries(l))s[f]={fields:{...s[f]?.fields,...p.fields},tableName:p.tableName||f};return s},{}),r=e.rateLimit?.storage==="database",o={rateLimit:{tableName:e.rateLimit?.tableName||"rateLimit",fields:{key:{type:"string",fieldName:e.rateLimit?.fields?.key||"key"},count:{type:"number",fieldName:e.rateLimit?.fields?.count||"count"},lastRequest:{type:"number",fieldName:e.rateLimit?.fields?.lastRequest||"lastRequest"}}}},{user:i,session:n,account:a,...c}=t||{};return{user:{tableName:e.user?.modelName||"user",fields:{name:{type:"string",required:!0,fieldName:e.user?.fields?.name||"name"},email:{type:"string",unique:!0,required:!0,fieldName:e.user?.fields?.email||"email"},emailVerified:{type:"boolean",defaultValue:()=>!1,required:!0,fieldName:e.user?.fields?.emailVerified||"emailVerified"},image:{type:"string",required:!1,fieldName:e.user?.fields?.image||"image"},createdAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.createdAt||"createdAt"},updatedAt:{type:"date",defaultValue:()=>new Date,required:!0,fieldName:e.user?.fields?.updatedAt||"updatedAt"},...i?.fields,...e.user?.additionalFields},order:1},session:{tableName:e.session?.modelName||"session",fields:{expiresAt:{type:"date",required:!0,fieldName:e.session?.fields?.expiresAt||"expiresAt"},ipAddress:{type:"string",required:!1,fieldName:e.session?.fields?.ipAddress||"ipAddress"},userAgent:{type:"string",required:!1,fieldName:e.session?.fields?.userAgent||"userAgent"},userId:{type:"string",fieldName:e.session?.fields?.userId||"userId",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0},...n?.fields,...e.session?.additionalFields},order:2},account:{tableName:e.account?.modelName||"account",fields:{accountId:{type:"string",required:!0,fieldName:e.account?.fields?.accountId||"accountId"},providerId:{type:"string",required:!0,fieldName:e.account?.fields?.providerId||"providerId"},userId:{type:"string",references:{model:e.user?.modelName||"user",field:"id",onDelete:"cascade"},required:!0,fieldName:e.account?.fields?.userId||"userId"},accessToken:{type:"string",required:!1,fieldName:e.account?.fields?.accessToken||"accessToken"},refreshToken:{type:"string",required:!1,fieldName:e.account?.fields?.refreshToken||"refreshToken"},idToken:{type:"string",required:!1,fieldName:e.account?.fields?.idToken||"idToken"},expiresAt:{type:"date",required:!1,fieldName:e.account?.fields?.expiresAt||"expiresAt"},password:{type:"string",required:!1,fieldName:e.account?.fields?.password||"password"},...a?.fields},order:3},verification:{tableName:e.verification?.modelName||"verification",fields:{identifier:{type:"string",required:!0,fieldName:e.verification?.fields?.identifier||"identifier"},value:{type:"string",required:!0,fieldName:e.verification?.fields?.value||"value"},expiresAt:{type:"date",required:!0,fieldName:e.verification?.fields?.expiresAt||"expiresAt"}},order:4},...c,...r?o:{}}};var ie=require("kysely"),V=require("kysely");function cr(e){if("dialect"in e)return cr(e.dialect);if("createDriver"in e){if(e instanceof V.SqliteDialect)return"sqlite";if(e instanceof V.MysqlDialect)return"mysql";if(e instanceof V.PostgresDialect)return"postgres";if(e instanceof ie.MssqlDialect)return"mssql"}return"aggregate"in e?"sqlite":"getConnection"in e?"mysql":"connect"in e?"postgres":null}var se=async e=>{let t=e.database;if("db"in t)return{kysely:t.db,databaseType:t.type};if("dialect"in t)return{kysely:new ie.Kysely({dialect:t.dialect}),databaseType:t.type};let r,o=cr(t);return"createDriver"in t&&(r=t),"aggregate"in t&&(r=new V.SqliteDialect({database:t})),"getConnection"in t&&(r=new V.MysqlDialect({pool:t})),"connect"in t&&(r=new V.PostgresDialect({pool:t})),{kysely:r?new ie.Kysely({dialect:r}):null,databaseType:o}};function ae(e){if(!e)return{and:null,or:null};let t={and:[],or:[]};return e.forEach(r=>{let{field:o,value:i,operator:n="=",connector:a="AND"}=r,c=s=>n.toLowerCase()==="in"?s(o,"in",Array.isArray(i)?i:[i]):n==="contains"?s(o,"like",`%${i}%`):n==="starts_with"?s(o,"like",`${i}%`):n==="ends_with"?s(o,"like",`%${i}`):s(o,n,i);a==="OR"?t.or.push(c):t.and.push(c)}),{and:t.and.length?t.and:null,or:t.or.length?t.or:null}}function ye(e,t,r){for(let o in e){let i=t[o]||Object.values(t).find(n=>n.fieldName===o);e[o]===0&&i.type==="boolean"&&r?.boolean&&(e[o]=!1),e[o]===1&&i?.type==="boolean"&&r?.boolean&&(e[o]=!0),i?.type==="date"&&(e[o]instanceof Date||(e[o]=new Date(e[o])))}return e}function lr(e,t){for(let r in e)typeof e[r]=="boolean"&&t?.boolean&&(e[r]=e[r]?1:0),e[r]instanceof Date&&(e[r]=e[r].toISOString());return e}var ur=(e,t)=>({id:"kysely",async create(r){let{model:o,data:i,select:n}=r;t?.transform&&(i=lr(i,t.transform)),t?.generateId!==void 0&&(i.id=t.generateId?t.generateId():void 0);let a=await e.insertInto(o).values(i).returningAll().executeTakeFirst();if(t?.transform){let c=t.transform.schema[o];a=c?ye(i,c,t.transform):a}return n?.length&&(a=a?n.reduce((s,d)=>a?.[d]?{...s,[d]:a[d]}:s,{}):null),a},async findOne(r){let{model:o,where:i,select:n}=r,{and:a,or:c}=ae(i),s=e.selectFrom(o).selectAll();a&&(s=s.where(l=>l.and(a.map(f=>f(l))))),c&&(s=s.where(l=>l.or(c.map(f=>f(l)))));let d=await s.executeTakeFirst();if(n?.length&&(d=d?n.reduce((f,p)=>d?.[p]?{...f,[p]:d[p]}:f,{}):null),t?.transform){let l=t.transform.schema[o];return d=d&&l?ye(d,l,t.transform):d,d||null}return d||null},async findMany(r){let{model:o,where:i,limit:n,offset:a,sortBy:c}=r,s=e.selectFrom(o),{and:d,or:l}=ae(i);d&&(s=s.where(p=>p.and(d.map(u=>u(p))))),l&&(s=s.where(p=>p.or(l.map(u=>u(p))))),s=s.limit(n||100),a&&(s=s.offset(a)),c&&(s=s.orderBy(c.field,c.direction));let f=await s.selectAll().execute();if(t?.transform){let p=t.transform.schema[o];return p?f.map(u=>ye(u,p,t.transform)):f}return f},async update(r){let{model:o,where:i,update:n}=r,{and:a,or:c}=ae(i);t?.transform&&(n=lr(n,t.transform)),n.id&&(n.id=void 0);let s=e.updateTable(o).set(n);a&&(s=s.where(l=>l.and(a.map(f=>f(l))))),c&&(s=s.where(l=>l.or(c.map(f=>f(l)))));let d=await s.returningAll().executeTakeFirst()||null;if(t?.transform){let l=t.transform.schema[o];return l?ye(d,l,t.transform):d}return d},async delete(r){let{model:o,where:i}=r,{and:n,or:a}=ae(i),c=e.deleteFrom(o);n&&(c=c.where(s=>s.and(n.map(d=>d(s))))),a&&(c=c.where(s=>s.or(a.map(d=>d(s))))),await c.execute()},async deleteMany(r){let{model:o,where:i}=r,{and:n,or:a}=ae(i),c=e.deleteFrom(o);n&&(c=c.where(s=>s.and(n.map(d=>d(s))))),a&&(c=c.where(s=>s.or(a.map(d=>d(s))))),await c.execute()}});async function pr(e){if(!e.database)throw new E("Database configuration is required");if("create"in e.database)return e.database;let{kysely:t,databaseType:r}=await se(e);if(!t)throw new E("Failed to initialize database adapter");let o=q(e),i={};for(let n of Object.values(o))i[n.tableName]=n.fields;return ur(t,{transform:{schema:i,date:!0,boolean:r==="sqlite"},generateId:"generateId"in e.database?e.database.generateId:void 0})}function _e(e,t){let r={id:t.id};for(let o in e){let i=e[o],n=t[o];r[i.fieldName||o]=n}return r}function v(e,t){if(!t)return null;let r={id:t.id};for(let[o,i]of Object.entries(e))r[o]=t[i.fieldName||o];return r}function fr(e,t){let r=t.hooks,o=q(t.options);async function i(a,c,s){let d=a,l=o[c];for(let u of r||[]){let g=u[c]?.create?.before;if(g){let h=await g(a);if(h===!1)return null;typeof h=="object"&&"data"in h&&(d=h.data)}}let f=s?await s.fn(d):null,p=!s||s.executeMainFn?await e.create({model:l.tableName,data:{..._e(l.fields,d),id:d.id||U()}}):f;for(let u of r||[]){let g=u[c]?.create?.after;g&&await g(p)}return v(l.fields,p)}async function n(a,c,s,d){let l=a;for(let u of r||[]){let g=u[s]?.update?.before;if(g){let h=await g(a);if(h===!1)return null;l=typeof h=="object"?h.data:h}}let f=d?await d.fn(l):null,p=!d||d.executeMainFn?await e.update({model:o[s].tableName,update:_e(o[s].fields,l),where:c}):f;for(let u of r||[]){let g=u[s]?.update?.after;g&&await g(p)}return v(o[s].fields,p)}return{createWithHooks:i,updateWithHooks:n}}var Ce=(e,t)=>{let r=t.options,o=r.secondaryStorage,i=r.session?.expiresIn||60*60*24*7,n=q(r),{createWithHooks:a,updateWithHooks:c}=fr(e,t);return{createOAuthUser:async(s,d)=>{try{let l=await a({id:U(),createdAt:new Date,updatedAt:new Date,...s},"user"),f=await a({id:U(),...d,userId:l.id||s.id},"account");return{user:l,account:f}}catch(l){return console.log(l),null}},createUser:async s=>await a({id:U(),createdAt:new Date,updatedAt:new Date,emailVerified:!1,...s},"user"),createAccount:async s=>await a({id:U(),createdAt:new Date,updatedAt:new Date,...s},"account"),listSessions:async s=>await e.findMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:s}]}),listUsers:async(s,d,l,f)=>(await e.findMany({model:n.user.tableName,limit:s,offset:d,sortBy:l,where:f})).map(u=>v(n.user.fields,u)),deleteUser:async s=>{await e.delete({model:n.account.tableName,where:[{field:n.account.fields.userId.fieldName||"userId",value:s}]}),await e.deleteMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:s}]}),await e.deleteMany({model:n.user.tableName,where:[{field:"id",value:s}]})},createSession:async(s,d,l,f)=>{let p=d instanceof Request?d.headers:d,u={id:U(32),userId:s,expiresAt:l?B(60*60*24,"sec"):B(i,"sec"),ipAddress:d&&he(d)||"",userAgent:p?.get("user-agent")||"",...f};return await a(u,"session",o?{fn:async h=>{let m=await e.findOne({model:n.user.tableName,where:[{field:"id",value:s}]});return o.set(h.id,JSON.stringify({session:h,user:m}),i),h},executeMainFn:r.session?.storeSessionInDatabase}:void 0)},findSession:async s=>{if(o){let p=await o.get(s);if(p){let u=JSON.parse(p);return{session:{...u.session,expiresAt:new Date(u.session.expiresAt)},user:{...u.user,createdAt:new Date(u.user.createdAt),updatedAt:new Date(u.user.updatedAt)}}}}let d=await e.findOne({model:n.session.tableName,where:[{value:s,field:"id"}]});if(!d)return null;let l=v(n.session.fields,d),f=await e.findOne({model:n.user.tableName,where:[{value:l.userId,field:"id"}]});return f?{session:l,user:v(n.user.fields,f)}:null},findSessions:async s=>{if(o){let p=[];for(let u of s){let g=await o.get(u);if(g){let h=JSON.parse(g),m={session:{...h.session,expiresAt:new Date(h.session.expiresAt)},user:{...h.user,createdAt:new Date(h.user.createdAt),updatedAt:new Date(h.user.updatedAt)}};p.push(m)}}return p}let d=await e.findMany({model:n.session.tableName,where:[{field:"id",value:s,operator:"in"}]}),l=d.map(p=>v(n.session.fields,p).userId);if(!l.length)return[];let f=await e.findMany({model:n.user.tableName,where:[{field:"id",value:l,operator:"in"}]});return d.map(p=>{let u=f.find(g=>g.id===p.userId);return u?{session:v(n.session.fields,p),user:v(n.user.fields,u)}:null})},updateSession:async(s,d)=>await c(d,[{field:"id",value:s}],"session",o?{async fn(f){let p=await o.get(s),u=null;if(p){let g=JSON.parse(p);u={...g.session,...f},await o.set(s,JSON.stringify({session:u,user:g.user}),g.session.expiresAt?new Date(g.session.expiresAt).getTime():void 0)}else return null},executeMainFn:r.session?.storeSessionInDatabase}:void 0),deleteSession:async s=>{if(o){await o.delete(s),r.session?.storeSessionInDatabase&&await e.delete({model:n.session.tableName,where:[{field:"id",value:s}]});return}await e.delete({model:n.session.tableName,where:[{field:"id",value:s}]})},deleteSessions:async s=>{if(o){let d=await e.findMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:s}]});for(let l of d)await o.delete(l.id);r.session?.storeSessionInDatabase&&await e.delete({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:s}]});return}await e.deleteMany({model:n.session.tableName,where:[{field:n.session.fields.userId.fieldName||"userId",value:s}]})},findUserByEmail:async(s,d)=>{let l=await e.findOne({model:n.user.tableName,where:[{value:s.toLowerCase(),field:n.user.fields.email.fieldName||"email"}]});if(!l)return null;if(d?.includeAccounts){let f=await e.findMany({model:n.account.tableName,where:[{value:l.id,field:n.account.fields.userId.fieldName||"userId"}]});return{user:v(n.user.fields,l),accounts:f.map(p=>v(n.account.fields,p))}}return{user:v(n.user.fields,l),accounts:[]}},findUserById:async s=>await e.findOne({model:n.user.tableName,where:[{field:"id",value:s}]}),linkAccount:async s=>await a({id:U(),...s},"account"),updateUser:async(s,d)=>await c(d,[{field:"id",value:s}],"user"),updateUserByEmail:async(s,d)=>await c(d,[{field:n.user.fields.email.fieldName||"email",value:s}],"user"),updatePassword:async(s,d)=>await c({password:d},[{field:n.account.fields.userId.fieldName||"userId",value:s},{field:n.account.fields.providerId.fieldName||"providerId",value:"credential"}],"account"),findAccounts:async s=>(await e.findMany({model:n.account.tableName,where:[{field:n.account.fields.userId.fieldName||"userId",value:s}]})).map(l=>v(n.account.fields,l)),updateAccount:async(s,d)=>await c(d,[{field:"id",value:s}],"account"),createVerificationValue:async s=>await a({id:U(),...s},"verification"),findVerificationValue:async s=>{let d=await e.findOne({model:n.verification.tableName,where:[{field:n.verification.fields.identifier.fieldName||"identifier",value:s}]});return v(n.verification.fields,d)},deleteVerificationValue:async s=>{await e.delete({model:n.verification.tableName,where:[{field:"id",value:s}]})},updateVerificationValue:async(s,d)=>await c(d,[{field:"id",value:s}],"verification")}};var Vr=require("zod");var pa=require("kysely");var G=require("std-env"),mr=require("defu");var $=require("std-env");function $r(e){try{return new URL(e).pathname!=="/"}catch{throw new E(`Invalid base URL: ${e}. Please provide a valid base URL.`)}}function Be(e,t="/api/auth"){return $r(e)?e:(t=t.startsWith("/")?t:`/${t}`,`${e}${t}`)}function de(e,t){if(e)return Be(e,t);let r=$.env.BETTER_AUTH_URL||$.env.NEXT_PUBLIC_BETTER_AUTH_URL||$.env.PUBLIC_BETTER_AUTH_URL||$.env.NUXT_PUBLIC_BETTER_AUTH_URL||$.env.NUXT_PUBLIC_AUTH_URL||($.env.BASE_URL!=="/"?$.env.BASE_URL:void 0);if(r)return Be(r,t);if(typeof window<"u")return Be(window.location.origin,t)}var De="better-auth-secret-123456789";var gr=async e=>{let t=await pr(e),r=e.plugins||[],o=jr(e),{kysely:i}=await se(e),n=de(e.baseURL,e.basePath),a=e.secret||G.env.BETTER_AUTH_SECRET||G.env.AUTH_SECRET||De;a===De&&G.isProduction&&b.error("You are using the default secret. Please set `BETTER_AUTH_SECRET` in your environment variables or pass `secret` in your auth config."),e={...e,secret:a,baseURL:n?new URL(n).origin:"",basePath:e.basePath||"/api/auth",plugins:r.concat(o),emailAndPassword:{...e.emailAndPassword,enabled:e.emailAndPassword?.enabled??!1,autoSignIn:e.emailAndPassword?.autoSignIn??!0}};let c=Ue(e),s=q(e),d=Object.keys(e.socialProviders||{}).map(p=>{let u=e.socialProviders?.[p];return u.enabled===!1?null:((!u.clientId||!u.clientSecret)&&b.warn(`Social provider ${p} is missing clientId or clientSecret`),Oe[p](u))}).filter(p=>p!==null),l={appName:e.appName||"Better Auth",socialProviders:d,options:e,tables:s,trustedOrigins:Mr(e),baseURL:n||"",sessionConfig:{updateAge:e.session?.updateAge||24*60*60,expiresIn:e.session?.expiresIn||60*60*24*7},secret:a,rateLimit:{...e.rateLimit,enabled:e.rateLimit?.enabled??G.isProduction,window:e.rateLimit?.window||10,max:e.rateLimit?.max||100,storage:e.rateLimit?.storage||e.secondaryStorage?"secondary-storage":"memory"},authCookies:c,logger:me({disabled:e.logger?.disabled||!1}),db:i,uuid:U,secondaryStorage:e.secondaryStorage,password:{hash:e.emailAndPassword?.password?.hash||ze,verify:e.emailAndPassword?.password?.verify||je,config:{minPasswordLength:e.emailAndPassword?.minPasswordLength||8,maxPasswordLength:e.emailAndPassword?.maxPasswordLength||128}},adapter:t,internalAdapter:Ce(t,{options:e,hooks:e.databaseHooks?[e.databaseHooks]:[]}),createAuthCookie:ve(e)},{context:f}=zr(l);return f};function zr(e){let t=e.options,r=t.plugins||[],o=e,i=[];for(let n of r)if(n.init){let a=n.init(e);typeof a=="object"&&(a.options&&(a.options.databaseHooks&&i.push(a.options.databaseHooks),t=(0,mr.defu)(t,a.options)),a.context&&(o={...o,...a.context}))}return i.push(t.databaseHooks),o.internalAdapter=Ce(e.adapter,{options:t,hooks:i.filter(n=>n!==void 0)}),o.options=t,{context:o}}function jr(e){let t=[];return e.advanced?.crossSubDomainCookies?.enabled,t}function Mr(e){let t=de(e.baseURL,e.basePath);if(!t)return[];let r=[new URL(t).origin];e.trustedOrigins&&r.push(...e.trustedOrigins);let o=G.env.BETTER_AUTH_TRUSTED_ORIGINS;return o&&r.push(...o.split(",")),r}var Hr=e=>{let t=gr(e),{api:r}=Le(t,e);return{handler:async o=>{let i=await t,n=i.options.basePath||"/api/auth",a=new URL(o.url);if(!i.options.baseURL){let s=de(void 0,n)||`${a.origin}${n}`;i.options.baseURL=s,i.baseURL=s,i.trustedOrigins=[a.origin]}if(!i.options.baseURL)return new Response("Base URL not set",{status:400});if(a.pathname===n||a.pathname===`${n}/`)return new Response("Welcome to BetterAuth",{status:200});let{handler:c}=dr(i,e);return c(o)},api:r,options:e,$Infer:{}}};0&&(module.exports={BetterAuthError,HIDE_METADATA,MissingDependencyError,betterAuth,capitalizeFirstLetter,createCookieGetter,createLogger,deleteSessionCookie,generateId,generateState,getCookies,logger,parseCookies,parseSetCookieHeader,parseState,setSessionCookie});
-//# sourceMappingURL=index.cjs.map