better-auth 1.2.0-beta.5 → 1.2.0-beta.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/drizzle.cjs +3 -3
- package/dist/adapters/drizzle.d.cts +1 -1
- package/dist/adapters/drizzle.d.ts +1 -1
- package/dist/adapters/drizzle.js +1 -1
- package/dist/adapters/kysely.cjs +3 -3
- package/dist/adapters/kysely.d.cts +1 -1
- package/dist/adapters/kysely.d.ts +1 -1
- package/dist/adapters/kysely.js +1 -1
- package/dist/adapters/memory.cjs +2 -2
- package/dist/adapters/memory.d.cts +1 -1
- package/dist/adapters/memory.d.ts +1 -1
- package/dist/adapters/memory.js +1 -1
- package/dist/adapters/mongodb.cjs +3 -3
- package/dist/adapters/mongodb.d.cts +1 -1
- package/dist/adapters/mongodb.d.ts +1 -1
- package/dist/adapters/mongodb.js +1 -1
- package/dist/adapters/prisma.cjs +3 -3
- package/dist/adapters/prisma.d.cts +1 -1
- package/dist/adapters/prisma.d.ts +1 -1
- package/dist/adapters/prisma.js +1 -1
- package/dist/adapters/test.d.cts +1 -1
- package/dist/adapters/test.d.ts +1 -1
- package/dist/api.cjs +41 -41
- package/dist/api.d.cts +1 -1
- package/dist/api.d.ts +1 -1
- package/dist/api.js +1 -1
- package/dist/{auth-BIKkqX3w.d.ts → auth-BfbTouIV.d.ts} +5 -5
- package/dist/{auth-DYJ8ix3G.d.cts → auth-CC4kpwks.d.cts} +5 -5
- package/dist/{chunk-7P2P7Y35.js → chunk-2F3IX7O2.js} +1 -1
- package/dist/{chunk-VG5Y5QXC.js → chunk-4KMR5H5T.js} +1 -1
- package/dist/{chunk-XXGFGD3E.js → chunk-52TDJNDX.js} +11 -10
- package/dist/{chunk-YTMPZIP7.js → chunk-5AOJMBJI.js} +25 -3
- package/dist/{chunk-HQFWDJO3.cjs → chunk-5ECP2UE2.cjs} +5 -5
- package/dist/{chunk-VLA6IUW4.js → chunk-5G6XUCMS.js} +51 -2
- package/dist/{chunk-7H42DKFN.cjs → chunk-5KTUVZ3H.cjs} +5 -5
- package/dist/{chunk-QBBUTLKA.cjs → chunk-5RR5WN52.cjs} +5 -5
- package/dist/{chunk-XWK7ZOPU.cjs → chunk-75SPUXMY.cjs} +8 -8
- package/dist/{chunk-5LTLUS6A.js → chunk-BZOIXJ2Q.js} +1 -1
- package/dist/{chunk-SOFKSYNA.js → chunk-CG2CK6HR.js} +1 -1
- package/dist/{chunk-YZFX73MG.cjs → chunk-DURU7ZRA.cjs} +20 -20
- package/dist/{chunk-CLHJAEU2.js → chunk-EQYRCOOF.js} +5 -2
- package/dist/{chunk-IBIVHEIM.js → chunk-FX2ZHENM.js} +1 -1
- package/dist/{chunk-G6W6UQWJ.js → chunk-GWJDRQJ3.js} +2 -2
- package/dist/{chunk-C5LREWPU.cjs → chunk-HUDPJXOF.cjs} +24 -24
- package/dist/{chunk-DSB4P3WF.cjs → chunk-IUGQVFPG.cjs} +6 -6
- package/dist/{chunk-K46S33M5.cjs → chunk-K6WRBJAV.cjs} +3 -3
- package/dist/{chunk-C37NPGBI.cjs → chunk-KAEQXMEV.cjs} +46 -46
- package/dist/{chunk-CV5JTF37.cjs → chunk-KAR56MJZ.cjs} +5 -2
- package/dist/{chunk-6FRITF4C.cjs → chunk-LIGJVOZ4.cjs} +4 -4
- package/dist/{chunk-WKBV4PRW.cjs → chunk-MKNDCNWD.cjs} +3 -3
- package/dist/{chunk-WKXM7XUV.cjs → chunk-N7UWN6ND.cjs} +16 -4
- package/dist/{chunk-TV24P5IW.cjs → chunk-OALLKKNX.cjs} +52 -30
- package/dist/{chunk-3BXU3Z5H.js → chunk-QKCLO6S5.js} +1 -1
- package/dist/{chunk-E3CHTKRP.js → chunk-QLKU77BF.js} +1 -1
- package/dist/{chunk-CYI7H6T2.js → chunk-RMPI2YZ3.js} +1 -1
- package/dist/{chunk-R62AOMGV.js → chunk-SCXZXQTZ.js} +16 -4
- package/dist/{chunk-G365UCY7.js → chunk-ST2CQ4A2.js} +2 -2
- package/dist/{chunk-5RIBF22K.cjs → chunk-U44XLDNH.cjs} +22 -21
- package/dist/{chunk-OLGASOBP.cjs → chunk-UZNKBUDH.cjs} +11 -11
- package/dist/{chunk-7S7YLBK4.js → chunk-V56HFQQX.js} +1 -1
- package/dist/{chunk-HCHSHY7R.cjs → chunk-WD65CNWK.cjs} +77 -28
- package/dist/{chunk-H4A3GCFC.cjs → chunk-XKCN2VRG.cjs} +5 -5
- package/dist/{chunk-QG2HKEKG.js → chunk-XREMX2NV.js} +1 -1
- package/dist/{chunk-MHZNWING.js → chunk-ZDYKAJ67.js} +110 -2
- package/dist/{chunk-6QI5735F.js → chunk-ZKMUJOIP.js} +1 -1
- package/dist/{chunk-LHWLPZ6K.cjs → chunk-ZUUQ3FFY.cjs} +113 -5
- package/dist/client/plugins.d.cts +2 -2
- package/dist/client/plugins.d.ts +2 -2
- package/dist/client.d.cts +1 -1
- package/dist/client.d.ts +1 -1
- package/dist/cookies.d.cts +1 -1
- package/dist/cookies.d.ts +1 -1
- package/dist/db.cjs +12 -12
- package/dist/db.d.cts +2 -2
- package/dist/db.d.ts +2 -2
- package/dist/db.js +1 -1
- package/dist/{index-DOB91DVD.d.ts → index-CtbEb8Ls.d.ts} +107 -1
- package/dist/{index-BL6paKGE.d.cts → index-F5NLq5XF.d.cts} +107 -1
- package/dist/index.cjs +11 -11
- package/dist/index.d.cts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.js +4 -4
- package/dist/next-js.cjs +20 -20
- package/dist/next-js.d.cts +1 -1
- package/dist/next-js.d.ts +1 -1
- package/dist/next-js.js +19 -19
- package/dist/node.d.cts +1 -1
- package/dist/node.d.ts +1 -1
- package/dist/oauth2.d.cts +2 -2
- package/dist/oauth2.d.ts +2 -2
- package/dist/plugins/admin.cjs +3 -3
- package/dist/plugins/admin.d.cts +64 -8
- package/dist/plugins/admin.d.ts +64 -8
- package/dist/plugins/admin.js +2 -2
- package/dist/plugins/anonymous.cjs +3 -3
- package/dist/plugins/anonymous.d.cts +1 -1
- package/dist/plugins/anonymous.d.ts +1 -1
- package/dist/plugins/anonymous.js +2 -2
- package/dist/plugins/bearer.cjs +3 -3
- package/dist/plugins/bearer.d.cts +1 -1
- package/dist/plugins/bearer.d.ts +1 -1
- package/dist/plugins/bearer.js +2 -2
- package/dist/plugins/custom-session.cjs +3 -3
- package/dist/plugins/custom-session.d.cts +1 -1
- package/dist/plugins/custom-session.d.ts +1 -1
- package/dist/plugins/custom-session.js +2 -2
- package/dist/plugins/email-otp.cjs +3 -3
- package/dist/plugins/email-otp.d.cts +1 -1
- package/dist/plugins/email-otp.d.ts +1 -1
- package/dist/plugins/email-otp.js +2 -2
- package/dist/plugins/generic-oauth.cjs +3 -3
- package/dist/plugins/generic-oauth.d.cts +74 -1
- package/dist/plugins/generic-oauth.d.ts +74 -1
- package/dist/plugins/generic-oauth.js +2 -2
- package/dist/plugins/jwt.cjs +3 -3
- package/dist/plugins/jwt.d.cts +1 -1
- package/dist/plugins/jwt.d.ts +1 -1
- package/dist/plugins/jwt.js +2 -2
- package/dist/plugins/magic-link.cjs +3 -3
- package/dist/plugins/magic-link.d.cts +4 -0
- package/dist/plugins/magic-link.d.ts +4 -0
- package/dist/plugins/magic-link.js +2 -2
- package/dist/plugins/multi-session.cjs +3 -3
- package/dist/plugins/multi-session.d.cts +1 -1
- package/dist/plugins/multi-session.d.ts +1 -1
- package/dist/plugins/multi-session.js +2 -2
- package/dist/plugins/oidc-provider.cjs +3 -3
- package/dist/plugins/oidc-provider.js +2 -2
- package/dist/plugins/one-tap.cjs +3 -3
- package/dist/plugins/one-tap.js +2 -2
- package/dist/plugins/open-api.cjs +4 -4
- package/dist/plugins/open-api.d.cts +1 -1
- package/dist/plugins/open-api.d.ts +1 -1
- package/dist/plugins/open-api.js +3 -3
- package/dist/plugins/organization.cjs +3 -3
- package/dist/plugins/organization.d.cts +2 -2
- package/dist/plugins/organization.d.ts +2 -2
- package/dist/plugins/organization.js +2 -2
- package/dist/plugins/passkey.cjs +14 -14
- package/dist/plugins/passkey.d.cts +1 -1
- package/dist/plugins/passkey.d.ts +1 -1
- package/dist/plugins/passkey.js +1 -1
- package/dist/plugins/phone-number.cjs +3 -3
- package/dist/plugins/phone-number.d.cts +2 -2
- package/dist/plugins/phone-number.d.ts +2 -2
- package/dist/plugins/phone-number.js +2 -2
- package/dist/plugins/sso.cjs +9 -9
- package/dist/plugins/sso.d.cts +1 -1
- package/dist/plugins/sso.d.ts +1 -1
- package/dist/plugins/sso.js +1 -1
- package/dist/plugins/two-factor.cjs +3 -3
- package/dist/plugins/two-factor.d.cts +1 -1
- package/dist/plugins/two-factor.d.ts +1 -1
- package/dist/plugins/two-factor.js +2 -2
- package/dist/plugins/username.cjs +3 -3
- package/dist/plugins/username.d.cts +1 -1
- package/dist/plugins/username.d.ts +1 -1
- package/dist/plugins/username.js +2 -2
- package/dist/plugins.cjs +39 -39
- package/dist/plugins.d.cts +3 -3
- package/dist/plugins.d.ts +3 -3
- package/dist/plugins.js +19 -19
- package/dist/react.d.cts +2 -3
- package/dist/react.d.ts +2 -3
- package/dist/solid.d.cts +1 -1
- package/dist/solid.d.ts +1 -1
- package/dist/{state-DXzHe8jb.d.ts → state-BlyN0kTT.d.ts} +1 -1
- package/dist/{state-CEqdZ_y_.d.cts → state-ClV1x8my.d.cts} +1 -1
- package/dist/svelte-kit.d.cts +1 -1
- package/dist/svelte-kit.d.ts +1 -1
- package/dist/svelte.d.cts +1 -1
- package/dist/svelte.d.ts +1 -1
- package/dist/types.d.cts +3 -3
- package/dist/types.d.ts +3 -3
- package/dist/vue.d.cts +1 -1
- package/dist/vue.d.ts +1 -1
- package/package.json +1 -1
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
var
|
|
3
|
+
var chunkN7UWN6ND_cjs = require('./chunk-N7UWN6ND.cjs');
|
|
4
4
|
var chunkV6HE2MP7_cjs = require('./chunk-V6HE2MP7.cjs');
|
|
5
5
|
var zod = require('zod');
|
|
6
6
|
var fetch = require('@better-fetch/fetch');
|
|
@@ -14,7 +14,7 @@ function toBoolean(value) {
|
|
|
14
14
|
var oneTap = (options) => ({
|
|
15
15
|
id: "one-tap",
|
|
16
16
|
endpoints: {
|
|
17
|
-
oneTapCallback:
|
|
17
|
+
oneTapCallback: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
18
18
|
"/one-tap/callback",
|
|
19
19
|
{
|
|
20
20
|
method: "POST",
|
|
@@ -66,7 +66,7 @@ var oneTap = (options) => ({
|
|
|
66
66
|
);
|
|
67
67
|
if (!user) {
|
|
68
68
|
if (options?.disableSignup) {
|
|
69
|
-
throw new
|
|
69
|
+
throw new chunkN7UWN6ND_cjs.APIError("BAD_GATEWAY", {
|
|
70
70
|
message: "User not found"
|
|
71
71
|
});
|
|
72
72
|
}
|
|
@@ -83,7 +83,7 @@ var oneTap = (options) => ({
|
|
|
83
83
|
}
|
|
84
84
|
);
|
|
85
85
|
if (!user2) {
|
|
86
|
-
throw new
|
|
86
|
+
throw new chunkN7UWN6ND_cjs.APIError("INTERNAL_SERVER_ERROR", {
|
|
87
87
|
message: "Could not create user"
|
|
88
88
|
});
|
|
89
89
|
}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
var
|
|
3
|
+
var chunkN7UWN6ND_cjs = require('./chunk-N7UWN6ND.cjs');
|
|
4
4
|
var chunkV6HE2MP7_cjs = require('./chunk-V6HE2MP7.cjs');
|
|
5
5
|
var betterCall = require('better-call');
|
|
6
6
|
var hmac = require('@better-auth/utils/hmac');
|
|
@@ -16,7 +16,7 @@ var bearer = (options) => {
|
|
|
16
16
|
context.request?.headers.get("authorization") || context.headers?.get("authorization")
|
|
17
17
|
);
|
|
18
18
|
},
|
|
19
|
-
handler:
|
|
19
|
+
handler: chunkN7UWN6ND_cjs.createAuthMiddleware(async (c) => {
|
|
20
20
|
const token = c.request?.headers.get("authorization")?.replace("Bearer ", "") || c.headers?.get("Authorization")?.replace("Bearer ", "");
|
|
21
21
|
if (!token) {
|
|
22
22
|
return;
|
|
@@ -67,7 +67,7 @@ var bearer = (options) => {
|
|
|
67
67
|
matcher(context) {
|
|
68
68
|
return true;
|
|
69
69
|
},
|
|
70
|
-
handler:
|
|
70
|
+
handler: chunkN7UWN6ND_cjs.createAuthMiddleware(async (ctx) => {
|
|
71
71
|
const setCookie = ctx.context.responseHeaders?.get("set-cookie");
|
|
72
72
|
if (!setCookie) {
|
|
73
73
|
return;
|
|
@@ -161,7 +161,7 @@ function wildcardMatch(pattern, options) {
|
|
|
161
161
|
|
|
162
162
|
// src/api/middlewares/origin-check.ts
|
|
163
163
|
var originCheckMiddleware = createAuthMiddleware(async (ctx) => {
|
|
164
|
-
if (ctx.request?.method !== "POST") {
|
|
164
|
+
if (ctx.request?.method !== "POST" || !ctx.request) {
|
|
165
165
|
return;
|
|
166
166
|
}
|
|
167
167
|
const { body, query, context } = ctx;
|
|
@@ -170,7 +170,10 @@ var originCheckMiddleware = createAuthMiddleware(async (ctx) => {
|
|
|
170
170
|
const redirectURL = body?.redirectTo;
|
|
171
171
|
const errorCallbackURL = body?.errorCallbackURL;
|
|
172
172
|
const newUserCallbackURL = body?.newUserCallbackURL;
|
|
173
|
-
const trustedOrigins = context.trustedOrigins
|
|
173
|
+
const trustedOrigins = Array.isArray(context.options.trustedOrigins) ? context.trustedOrigins : [
|
|
174
|
+
...context.trustedOrigins,
|
|
175
|
+
...context.options.trustedOrigins?.(ctx.request) || []
|
|
176
|
+
];
|
|
174
177
|
const usesCookies = ctx.headers?.has("cookie");
|
|
175
178
|
const matchesPattern = (url, pattern) => {
|
|
176
179
|
if (url.startsWith("/")) {
|
|
@@ -208,9 +211,17 @@ var originCheckMiddleware = createAuthMiddleware(async (ctx) => {
|
|
|
208
211
|
newUserCallbackURL && validateURL(newUserCallbackURL, "newUserCallbackURL");
|
|
209
212
|
});
|
|
210
213
|
var originCheck = (getValue) => createAuthMiddleware(async (ctx) => {
|
|
214
|
+
if (!ctx.request) {
|
|
215
|
+
return;
|
|
216
|
+
}
|
|
211
217
|
const { context } = ctx;
|
|
212
218
|
const callbackURL = getValue(ctx);
|
|
213
|
-
const trustedOrigins =
|
|
219
|
+
const trustedOrigins = Array.isArray(
|
|
220
|
+
context.options.trustedOrigins
|
|
221
|
+
) ? context.trustedOrigins : [
|
|
222
|
+
...context.trustedOrigins,
|
|
223
|
+
...context.options.trustedOrigins?.(ctx.request) || []
|
|
224
|
+
];
|
|
214
225
|
const matchesPattern = (url, pattern) => {
|
|
215
226
|
if (url.startsWith("/")) {
|
|
216
227
|
return false;
|
|
@@ -1096,6 +1107,7 @@ async function handleOAuthUserInfo(c, {
|
|
|
1096
1107
|
);
|
|
1097
1108
|
}
|
|
1098
1109
|
} catch (e) {
|
|
1110
|
+
chunkH74YRRNV_cjs.logger.error(e);
|
|
1099
1111
|
if (e instanceof betterCall.APIError) {
|
|
1100
1112
|
return {
|
|
1101
1113
|
error: e.message,
|
|
@@ -3112,7 +3124,7 @@ function getRetryAfter(lastRequest, window) {
|
|
|
3112
3124
|
return Math.ceil((lastRequest + windowInMs - now) / 1e3);
|
|
3113
3125
|
}
|
|
3114
3126
|
function createDBStorage(ctx, modelName) {
|
|
3115
|
-
const model = "rateLimit";
|
|
3127
|
+
const model = ctx.options.rateLimit?.modelName || "rateLimit";
|
|
3116
3128
|
const db = ctx.adapter;
|
|
3117
3129
|
return {
|
|
3118
3130
|
get: async (key) => {
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
3
|
var chunkJUPDDQC4_cjs = require('./chunk-JUPDDQC4.cjs');
|
|
4
|
-
var
|
|
4
|
+
var chunkN7UWN6ND_cjs = require('./chunk-N7UWN6ND.cjs');
|
|
5
5
|
var chunkV6HE2MP7_cjs = require('./chunk-V6HE2MP7.cjs');
|
|
6
6
|
var chunkB5UCLTPZ_cjs = require('./chunk-B5UCLTPZ.cjs');
|
|
7
7
|
var chunk2HPSCSV7_cjs = require('./chunk-2HPSCSV7.cjs');
|
|
@@ -20,14 +20,14 @@ var admin = (options) => {
|
|
|
20
20
|
YOU_CANNOT_BAN_YOURSELF: "You cannot ban yourself",
|
|
21
21
|
ONLY_ADMINS_CAN_ACCESS_THIS_ENDPOINT: "Only admins can access this endpoint"
|
|
22
22
|
};
|
|
23
|
-
const adminMiddleware =
|
|
24
|
-
const session = await
|
|
23
|
+
const adminMiddleware = chunkN7UWN6ND_cjs.createAuthMiddleware(async (ctx) => {
|
|
24
|
+
const session = await chunkN7UWN6ND_cjs.getSessionFromCtx(ctx);
|
|
25
25
|
if (!session?.session) {
|
|
26
|
-
throw new
|
|
26
|
+
throw new chunkN7UWN6ND_cjs.APIError("UNAUTHORIZED");
|
|
27
27
|
}
|
|
28
28
|
const user = session.user;
|
|
29
29
|
if (!user.role || (Array.isArray(opts.adminRole) ? !opts.adminRole.includes(user.role) : user.role !== opts.adminRole)) {
|
|
30
|
-
throw new
|
|
30
|
+
throw new chunkN7UWN6ND_cjs.APIError("FORBIDDEN", {
|
|
31
31
|
message: "Only admins can access this endpoint"
|
|
32
32
|
});
|
|
33
33
|
}
|
|
@@ -52,8 +52,7 @@ var admin = (options) => {
|
|
|
52
52
|
}
|
|
53
53
|
return {
|
|
54
54
|
data: {
|
|
55
|
-
role: options?.defaultRole ?? "user"
|
|
56
|
-
...user
|
|
55
|
+
role: options?.defaultRole ?? "user"
|
|
57
56
|
}
|
|
58
57
|
};
|
|
59
58
|
}
|
|
@@ -89,7 +88,7 @@ var admin = (options) => {
|
|
|
89
88
|
matcher(context) {
|
|
90
89
|
return context.path === "/list-sessions";
|
|
91
90
|
},
|
|
92
|
-
handler:
|
|
91
|
+
handler: chunkN7UWN6ND_cjs.createAuthMiddleware(async (ctx) => {
|
|
93
92
|
const response = await chunkJUPDDQC4_cjs.getEndpointResponse(ctx);
|
|
94
93
|
if (!response) {
|
|
95
94
|
return;
|
|
@@ -103,7 +102,7 @@ var admin = (options) => {
|
|
|
103
102
|
]
|
|
104
103
|
},
|
|
105
104
|
endpoints: {
|
|
106
|
-
setRole:
|
|
105
|
+
setRole: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
107
106
|
"/admin/set-role",
|
|
108
107
|
{
|
|
109
108
|
method: "POST",
|
|
@@ -153,7 +152,7 @@ var admin = (options) => {
|
|
|
153
152
|
});
|
|
154
153
|
}
|
|
155
154
|
),
|
|
156
|
-
createUser:
|
|
155
|
+
createUser: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
157
156
|
"/admin/create-user",
|
|
158
157
|
{
|
|
159
158
|
method: "POST",
|
|
@@ -210,7 +209,7 @@ var admin = (options) => {
|
|
|
210
209
|
ctx.body.email
|
|
211
210
|
);
|
|
212
211
|
if (existUser) {
|
|
213
|
-
throw new
|
|
212
|
+
throw new chunkN7UWN6ND_cjs.APIError("BAD_REQUEST", {
|
|
214
213
|
message: ERROR_CODES.USER_ALREADY_EXISTS
|
|
215
214
|
});
|
|
216
215
|
}
|
|
@@ -221,7 +220,7 @@ var admin = (options) => {
|
|
|
221
220
|
...ctx.body.data
|
|
222
221
|
});
|
|
223
222
|
if (!user) {
|
|
224
|
-
throw new
|
|
223
|
+
throw new chunkN7UWN6ND_cjs.APIError("INTERNAL_SERVER_ERROR", {
|
|
225
224
|
message: ERROR_CODES.FAILED_TO_CREATE_USER
|
|
226
225
|
});
|
|
227
226
|
}
|
|
@@ -239,7 +238,7 @@ var admin = (options) => {
|
|
|
239
238
|
});
|
|
240
239
|
}
|
|
241
240
|
),
|
|
242
|
-
listUsers:
|
|
241
|
+
listUsers: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
243
242
|
"/admin/list-users",
|
|
244
243
|
{
|
|
245
244
|
method: "GET",
|
|
@@ -354,7 +353,7 @@ var admin = (options) => {
|
|
|
354
353
|
}
|
|
355
354
|
}
|
|
356
355
|
),
|
|
357
|
-
listUserSessions:
|
|
356
|
+
listUserSessions: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
358
357
|
"/admin/list-user-sessions",
|
|
359
358
|
{
|
|
360
359
|
method: "POST",
|
|
@@ -401,7 +400,7 @@ var admin = (options) => {
|
|
|
401
400
|
};
|
|
402
401
|
}
|
|
403
402
|
),
|
|
404
|
-
unbanUser:
|
|
403
|
+
unbanUser: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
405
404
|
"/admin/unban-user",
|
|
406
405
|
{
|
|
407
406
|
method: "POST",
|
|
@@ -448,7 +447,7 @@ var admin = (options) => {
|
|
|
448
447
|
});
|
|
449
448
|
}
|
|
450
449
|
),
|
|
451
|
-
banUser:
|
|
450
|
+
banUser: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
452
451
|
"/admin/ban-user",
|
|
453
452
|
{
|
|
454
453
|
method: "POST",
|
|
@@ -497,7 +496,7 @@ var admin = (options) => {
|
|
|
497
496
|
},
|
|
498
497
|
async (ctx) => {
|
|
499
498
|
if (ctx.body.userId === ctx.context.session.user.id) {
|
|
500
|
-
throw new
|
|
499
|
+
throw new chunkN7UWN6ND_cjs.APIError("BAD_REQUEST", {
|
|
501
500
|
message: ERROR_CODES.YOU_CANNOT_BAN_YOURSELF
|
|
502
501
|
});
|
|
503
502
|
}
|
|
@@ -515,7 +514,7 @@ var admin = (options) => {
|
|
|
515
514
|
});
|
|
516
515
|
}
|
|
517
516
|
),
|
|
518
|
-
impersonateUser:
|
|
517
|
+
impersonateUser: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
519
518
|
"/admin/impersonate-user",
|
|
520
519
|
{
|
|
521
520
|
method: "POST",
|
|
@@ -558,7 +557,7 @@ var admin = (options) => {
|
|
|
558
557
|
ctx.body.userId
|
|
559
558
|
);
|
|
560
559
|
if (!targetUser) {
|
|
561
|
-
throw new
|
|
560
|
+
throw new chunkN7UWN6ND_cjs.APIError("NOT_FOUND", {
|
|
562
561
|
message: "User not found"
|
|
563
562
|
});
|
|
564
563
|
}
|
|
@@ -573,7 +572,7 @@ var admin = (options) => {
|
|
|
573
572
|
}
|
|
574
573
|
);
|
|
575
574
|
if (!session) {
|
|
576
|
-
throw new
|
|
575
|
+
throw new chunkN7UWN6ND_cjs.APIError("INTERNAL_SERVER_ERROR", {
|
|
577
576
|
message: ERROR_CODES.FAILED_TO_CREATE_USER
|
|
578
577
|
});
|
|
579
578
|
}
|
|
@@ -599,18 +598,18 @@ var admin = (options) => {
|
|
|
599
598
|
});
|
|
600
599
|
}
|
|
601
600
|
),
|
|
602
|
-
stopImpersonating:
|
|
601
|
+
stopImpersonating: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
603
602
|
"/admin/stop-impersonating",
|
|
604
603
|
{
|
|
605
604
|
method: "POST"
|
|
606
605
|
},
|
|
607
606
|
async (ctx) => {
|
|
608
|
-
const session = await
|
|
607
|
+
const session = await chunkN7UWN6ND_cjs.getSessionFromCtx(ctx);
|
|
609
608
|
if (!session) {
|
|
610
|
-
throw new
|
|
609
|
+
throw new chunkN7UWN6ND_cjs.APIError("UNAUTHORIZED");
|
|
611
610
|
}
|
|
612
611
|
if (!session.session.impersonatedBy) {
|
|
613
|
-
throw new
|
|
612
|
+
throw new chunkN7UWN6ND_cjs.APIError("BAD_REQUEST", {
|
|
614
613
|
message: "You are not impersonating anyone"
|
|
615
614
|
});
|
|
616
615
|
}
|
|
@@ -618,7 +617,7 @@ var admin = (options) => {
|
|
|
618
617
|
session.session.impersonatedBy
|
|
619
618
|
);
|
|
620
619
|
if (!user) {
|
|
621
|
-
throw new
|
|
620
|
+
throw new chunkN7UWN6ND_cjs.APIError("INTERNAL_SERVER_ERROR", {
|
|
622
621
|
message: "Failed to find user"
|
|
623
622
|
});
|
|
624
623
|
}
|
|
@@ -627,13 +626,13 @@ var admin = (options) => {
|
|
|
627
626
|
ctx.context.secret
|
|
628
627
|
);
|
|
629
628
|
if (!adminCookie) {
|
|
630
|
-
throw new
|
|
629
|
+
throw new chunkN7UWN6ND_cjs.APIError("INTERNAL_SERVER_ERROR", {
|
|
631
630
|
message: "Failed to find admin session"
|
|
632
631
|
});
|
|
633
632
|
}
|
|
634
633
|
const adminSession = await ctx.context.internalAdapter.findSession(adminCookie);
|
|
635
634
|
if (!adminSession || adminSession.session.userId !== user.id) {
|
|
636
|
-
throw new
|
|
635
|
+
throw new chunkN7UWN6ND_cjs.APIError("INTERNAL_SERVER_ERROR", {
|
|
637
636
|
message: "Failed to find admin session"
|
|
638
637
|
});
|
|
639
638
|
}
|
|
@@ -641,7 +640,7 @@ var admin = (options) => {
|
|
|
641
640
|
return ctx.json(adminSession);
|
|
642
641
|
}
|
|
643
642
|
),
|
|
644
|
-
revokeUserSession:
|
|
643
|
+
revokeUserSession: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
645
644
|
"/admin/revoke-user-session",
|
|
646
645
|
{
|
|
647
646
|
method: "POST",
|
|
@@ -685,7 +684,7 @@ var admin = (options) => {
|
|
|
685
684
|
});
|
|
686
685
|
}
|
|
687
686
|
),
|
|
688
|
-
revokeUserSessions:
|
|
687
|
+
revokeUserSessions: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
689
688
|
"/admin/revoke-user-sessions",
|
|
690
689
|
{
|
|
691
690
|
method: "POST",
|
|
@@ -727,7 +726,7 @@ var admin = (options) => {
|
|
|
727
726
|
});
|
|
728
727
|
}
|
|
729
728
|
),
|
|
730
|
-
removeUser:
|
|
729
|
+
removeUser: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
731
730
|
"/admin/remove-user",
|
|
732
731
|
{
|
|
733
732
|
method: "POST",
|
|
@@ -768,6 +767,29 @@ var admin = (options) => {
|
|
|
768
767
|
success: true
|
|
769
768
|
});
|
|
770
769
|
}
|
|
770
|
+
),
|
|
771
|
+
setUserPassword: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
772
|
+
"/admin/set-user-password",
|
|
773
|
+
{
|
|
774
|
+
method: "POST",
|
|
775
|
+
body: zod.z.object({
|
|
776
|
+
newPassword: zod.z.string(),
|
|
777
|
+
userId: zod.z.string()
|
|
778
|
+
}),
|
|
779
|
+
use: [adminMiddleware]
|
|
780
|
+
},
|
|
781
|
+
async (ctx) => {
|
|
782
|
+
const hashedPassword = await ctx.context.password.hash(
|
|
783
|
+
ctx.body.newPassword
|
|
784
|
+
);
|
|
785
|
+
await ctx.context.internalAdapter.updatePassword(
|
|
786
|
+
ctx.body.userId,
|
|
787
|
+
hashedPassword
|
|
788
|
+
);
|
|
789
|
+
return ctx.json({
|
|
790
|
+
status: true
|
|
791
|
+
});
|
|
792
|
+
}
|
|
771
793
|
)
|
|
772
794
|
},
|
|
773
795
|
$ERROR_CODES: ERROR_CODES,
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { createAuthEndpoint, originCheck, createAuthMiddleware } from './chunk-
|
|
1
|
+
import { createAuthEndpoint, originCheck, createAuthMiddleware } from './chunk-SCXZXQTZ.js';
|
|
2
2
|
import { getOrigin } from './chunk-XFCIANZX.js';
|
|
3
3
|
import { symmetricDecrypt, symmetricEncrypt } from './chunk-DBPOZRMS.js';
|
|
4
4
|
import { env } from './chunk-TQQSPPNA.js';
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { getEndpointResponse } from './chunk-JEYF2ARX.js';
|
|
2
|
-
import { createAuthEndpoint, APIError, createAuthMiddleware } from './chunk-
|
|
2
|
+
import { createAuthEndpoint, APIError, createAuthMiddleware } from './chunk-SCXZXQTZ.js';
|
|
3
3
|
import { setSessionCookie } from './chunk-QQGZ3XGI.js';
|
|
4
4
|
import { generateRandomString } from './chunk-DBPOZRMS.js';
|
|
5
5
|
import { getDate } from './chunk-FURNA6HY.js';
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { createAuthMiddleware, createAuthEndpoint, sessionMiddleware, APIError, getSessionFromCtx } from './chunk-
|
|
1
|
+
import { createAuthMiddleware, createAuthEndpoint, sessionMiddleware, APIError, getSessionFromCtx } from './chunk-SCXZXQTZ.js';
|
|
2
2
|
import { parseSetCookieHeader } from './chunk-QQGZ3XGI.js';
|
|
3
3
|
import { generateRandomString } from './chunk-DBPOZRMS.js';
|
|
4
4
|
import { SignJWT } from 'jose';
|
|
@@ -156,7 +156,7 @@ function wildcardMatch(pattern, options) {
|
|
|
156
156
|
|
|
157
157
|
// src/api/middlewares/origin-check.ts
|
|
158
158
|
var originCheckMiddleware = createAuthMiddleware(async (ctx) => {
|
|
159
|
-
if (ctx.request?.method !== "POST") {
|
|
159
|
+
if (ctx.request?.method !== "POST" || !ctx.request) {
|
|
160
160
|
return;
|
|
161
161
|
}
|
|
162
162
|
const { body, query, context } = ctx;
|
|
@@ -165,7 +165,10 @@ var originCheckMiddleware = createAuthMiddleware(async (ctx) => {
|
|
|
165
165
|
const redirectURL = body?.redirectTo;
|
|
166
166
|
const errorCallbackURL = body?.errorCallbackURL;
|
|
167
167
|
const newUserCallbackURL = body?.newUserCallbackURL;
|
|
168
|
-
const trustedOrigins = context.trustedOrigins
|
|
168
|
+
const trustedOrigins = Array.isArray(context.options.trustedOrigins) ? context.trustedOrigins : [
|
|
169
|
+
...context.trustedOrigins,
|
|
170
|
+
...context.options.trustedOrigins?.(ctx.request) || []
|
|
171
|
+
];
|
|
169
172
|
const usesCookies = ctx.headers?.has("cookie");
|
|
170
173
|
const matchesPattern = (url, pattern) => {
|
|
171
174
|
if (url.startsWith("/")) {
|
|
@@ -203,9 +206,17 @@ var originCheckMiddleware = createAuthMiddleware(async (ctx) => {
|
|
|
203
206
|
newUserCallbackURL && validateURL(newUserCallbackURL, "newUserCallbackURL");
|
|
204
207
|
});
|
|
205
208
|
var originCheck = (getValue) => createAuthMiddleware(async (ctx) => {
|
|
209
|
+
if (!ctx.request) {
|
|
210
|
+
return;
|
|
211
|
+
}
|
|
206
212
|
const { context } = ctx;
|
|
207
213
|
const callbackURL = getValue(ctx);
|
|
208
|
-
const trustedOrigins =
|
|
214
|
+
const trustedOrigins = Array.isArray(
|
|
215
|
+
context.options.trustedOrigins
|
|
216
|
+
) ? context.trustedOrigins : [
|
|
217
|
+
...context.trustedOrigins,
|
|
218
|
+
...context.options.trustedOrigins?.(ctx.request) || []
|
|
219
|
+
];
|
|
209
220
|
const matchesPattern = (url, pattern) => {
|
|
210
221
|
if (url.startsWith("/")) {
|
|
211
222
|
return false;
|
|
@@ -1091,6 +1102,7 @@ async function handleOAuthUserInfo(c, {
|
|
|
1091
1102
|
);
|
|
1092
1103
|
}
|
|
1093
1104
|
} catch (e) {
|
|
1105
|
+
logger.error(e);
|
|
1094
1106
|
if (e instanceof APIError) {
|
|
1095
1107
|
return {
|
|
1096
1108
|
error: e.message,
|
|
@@ -3107,7 +3119,7 @@ function getRetryAfter(lastRequest, window) {
|
|
|
3107
3119
|
return Math.ceil((lastRequest + windowInMs - now) / 1e3);
|
|
3108
3120
|
}
|
|
3109
3121
|
function createDBStorage(ctx, modelName) {
|
|
3110
|
-
const model = "rateLimit";
|
|
3122
|
+
const model = ctx.options.rateLimit?.modelName || "rateLimit";
|
|
3111
3123
|
const db = ctx.adapter;
|
|
3112
3124
|
return {
|
|
3113
3125
|
get: async (key) => {
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { createAuthEndpoint, BASE_ERROR_CODES, originCheck } from './chunk-
|
|
1
|
+
import { createAuthEndpoint, BASE_ERROR_CODES, originCheck } from './chunk-SCXZXQTZ.js';
|
|
2
2
|
import { setSessionCookie } from './chunk-QQGZ3XGI.js';
|
|
3
3
|
import { generateRandomString } from './chunk-DBPOZRMS.js';
|
|
4
4
|
import { z } from 'zod';
|
|
@@ -57,7 +57,7 @@ var magicLink = (options) => {
|
|
|
57
57
|
});
|
|
58
58
|
}
|
|
59
59
|
}
|
|
60
|
-
const verificationToken = generateRandomString(32, "a-z", "A-Z");
|
|
60
|
+
const verificationToken = options?.generateToken ? await options.generateToken(email) : generateRandomString(32, "a-z", "A-Z");
|
|
61
61
|
await ctx.context.internalAdapter.createVerificationValue({
|
|
62
62
|
identifier: verificationToken,
|
|
63
63
|
value: JSON.stringify({ email, name: ctx.body.name }),
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
var
|
|
3
|
+
var chunkN7UWN6ND_cjs = require('./chunk-N7UWN6ND.cjs');
|
|
4
4
|
var chunkV6HE2MP7_cjs = require('./chunk-V6HE2MP7.cjs');
|
|
5
5
|
var chunkB5UCLTPZ_cjs = require('./chunk-B5UCLTPZ.cjs');
|
|
6
6
|
var chunkG2LZ73E2_cjs = require('./chunk-G2LZ73E2.cjs');
|
|
@@ -32,7 +32,7 @@ var phoneNumber = (options) => {
|
|
|
32
32
|
return {
|
|
33
33
|
id: "phone-number",
|
|
34
34
|
endpoints: {
|
|
35
|
-
signInPhoneNumber:
|
|
35
|
+
signInPhoneNumber: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
36
36
|
"/sign-in/phone-number",
|
|
37
37
|
{
|
|
38
38
|
method: "POST",
|
|
@@ -140,7 +140,7 @@ var phoneNumber = (options) => {
|
|
|
140
140
|
if (!session) {
|
|
141
141
|
ctx.context.logger.error("Failed to create session");
|
|
142
142
|
throw new betterCall.APIError("UNAUTHORIZED", {
|
|
143
|
-
message:
|
|
143
|
+
message: chunkN7UWN6ND_cjs.BASE_ERROR_CODES.FAILED_TO_CREATE_SESSION
|
|
144
144
|
});
|
|
145
145
|
}
|
|
146
146
|
await chunkV6HE2MP7_cjs.setSessionCookie(
|
|
@@ -167,7 +167,7 @@ var phoneNumber = (options) => {
|
|
|
167
167
|
});
|
|
168
168
|
}
|
|
169
169
|
),
|
|
170
|
-
sendPhoneNumberOTP:
|
|
170
|
+
sendPhoneNumberOTP: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
171
171
|
"/phone-number/send-otp",
|
|
172
172
|
{
|
|
173
173
|
method: "POST",
|
|
@@ -240,7 +240,7 @@ var phoneNumber = (options) => {
|
|
|
240
240
|
);
|
|
241
241
|
}
|
|
242
242
|
),
|
|
243
|
-
verifyPhoneNumber:
|
|
243
|
+
verifyPhoneNumber: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
244
244
|
"/phone-number/verify",
|
|
245
245
|
{
|
|
246
246
|
method: "POST",
|
|
@@ -324,10 +324,10 @@ var phoneNumber = (options) => {
|
|
|
324
324
|
}
|
|
325
325
|
await ctx.context.internalAdapter.deleteVerificationValue(otp.id);
|
|
326
326
|
if (ctx.body.updatePhoneNumber) {
|
|
327
|
-
const session = await
|
|
327
|
+
const session = await chunkN7UWN6ND_cjs.getSessionFromCtx(ctx);
|
|
328
328
|
if (!session) {
|
|
329
329
|
throw new betterCall.APIError("UNAUTHORIZED", {
|
|
330
|
-
message:
|
|
330
|
+
message: chunkN7UWN6ND_cjs.BASE_ERROR_CODES.USER_NOT_FOUND
|
|
331
331
|
});
|
|
332
332
|
}
|
|
333
333
|
let user2 = await ctx.context.internalAdapter.updateUser(
|
|
@@ -362,13 +362,6 @@ var phoneNumber = (options) => {
|
|
|
362
362
|
}
|
|
363
363
|
]
|
|
364
364
|
});
|
|
365
|
-
await options?.callbackOnVerification?.(
|
|
366
|
-
{
|
|
367
|
-
phoneNumber: ctx.body.phoneNumber,
|
|
368
|
-
user
|
|
369
|
-
},
|
|
370
|
-
ctx.request
|
|
371
|
-
);
|
|
372
365
|
if (!user) {
|
|
373
366
|
if (options?.signUpOnVerification) {
|
|
374
367
|
user = await ctx.context.internalAdapter.createUser({
|
|
@@ -383,20 +376,28 @@ var phoneNumber = (options) => {
|
|
|
383
376
|
});
|
|
384
377
|
if (!user) {
|
|
385
378
|
throw new betterCall.APIError("INTERNAL_SERVER_ERROR", {
|
|
386
|
-
message:
|
|
379
|
+
message: chunkN7UWN6ND_cjs.BASE_ERROR_CODES.FAILED_TO_CREATE_USER
|
|
387
380
|
});
|
|
388
381
|
}
|
|
389
|
-
} else {
|
|
390
|
-
return ctx.json(null);
|
|
391
382
|
}
|
|
392
383
|
} else {
|
|
393
384
|
user = await ctx.context.internalAdapter.updateUser(user.id, {
|
|
394
385
|
[opts.phoneNumberVerified]: true
|
|
395
386
|
});
|
|
396
387
|
}
|
|
388
|
+
if (!user) {
|
|
389
|
+
return ctx.json(null);
|
|
390
|
+
}
|
|
391
|
+
await options?.callbackOnVerification?.(
|
|
392
|
+
{
|
|
393
|
+
phoneNumber: ctx.body.phoneNumber,
|
|
394
|
+
user
|
|
395
|
+
},
|
|
396
|
+
ctx.request
|
|
397
|
+
);
|
|
397
398
|
if (!user) {
|
|
398
399
|
throw new betterCall.APIError("INTERNAL_SERVER_ERROR", {
|
|
399
|
-
message:
|
|
400
|
+
message: chunkN7UWN6ND_cjs.BASE_ERROR_CODES.FAILED_TO_UPDATE_USER
|
|
400
401
|
});
|
|
401
402
|
}
|
|
402
403
|
if (!ctx.body.disableSession) {
|
|
@@ -406,7 +407,7 @@ var phoneNumber = (options) => {
|
|
|
406
407
|
);
|
|
407
408
|
if (!session) {
|
|
408
409
|
throw new betterCall.APIError("INTERNAL_SERVER_ERROR", {
|
|
409
|
-
message:
|
|
410
|
+
message: chunkN7UWN6ND_cjs.BASE_ERROR_CODES.FAILED_TO_CREATE_SESSION
|
|
410
411
|
});
|
|
411
412
|
}
|
|
412
413
|
await chunkV6HE2MP7_cjs.setSessionCookie(ctx, {
|
|
@@ -446,7 +447,7 @@ var phoneNumber = (options) => {
|
|
|
446
447
|
});
|
|
447
448
|
}
|
|
448
449
|
),
|
|
449
|
-
forgetPasswordPhoneNumber:
|
|
450
|
+
forgetPasswordPhoneNumber: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
450
451
|
"/phone-number/forget-password",
|
|
451
452
|
{
|
|
452
453
|
method: "POST",
|
|
@@ -487,7 +488,7 @@ var phoneNumber = (options) => {
|
|
|
487
488
|
});
|
|
488
489
|
}
|
|
489
490
|
),
|
|
490
|
-
resetPasswordPhoneNumber:
|
|
491
|
+
resetPasswordPhoneNumber: chunkN7UWN6ND_cjs.createAuthEndpoint(
|
|
491
492
|
"/phone-number/reset-password",
|
|
492
493
|
{
|
|
493
494
|
method: "POST",
|