better-auth 1.2.0-beta.5 → 1.2.0-beta.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (177) hide show
  1. package/dist/adapters/drizzle.cjs +3 -3
  2. package/dist/adapters/drizzle.d.cts +1 -1
  3. package/dist/adapters/drizzle.d.ts +1 -1
  4. package/dist/adapters/drizzle.js +1 -1
  5. package/dist/adapters/kysely.cjs +3 -3
  6. package/dist/adapters/kysely.d.cts +1 -1
  7. package/dist/adapters/kysely.d.ts +1 -1
  8. package/dist/adapters/kysely.js +1 -1
  9. package/dist/adapters/memory.cjs +2 -2
  10. package/dist/adapters/memory.d.cts +1 -1
  11. package/dist/adapters/memory.d.ts +1 -1
  12. package/dist/adapters/memory.js +1 -1
  13. package/dist/adapters/mongodb.cjs +3 -3
  14. package/dist/adapters/mongodb.d.cts +1 -1
  15. package/dist/adapters/mongodb.d.ts +1 -1
  16. package/dist/adapters/mongodb.js +1 -1
  17. package/dist/adapters/prisma.cjs +3 -3
  18. package/dist/adapters/prisma.d.cts +1 -1
  19. package/dist/adapters/prisma.d.ts +1 -1
  20. package/dist/adapters/prisma.js +1 -1
  21. package/dist/adapters/test.d.cts +1 -1
  22. package/dist/adapters/test.d.ts +1 -1
  23. package/dist/api.cjs +41 -41
  24. package/dist/api.d.cts +1 -1
  25. package/dist/api.d.ts +1 -1
  26. package/dist/api.js +1 -1
  27. package/dist/{auth-BIKkqX3w.d.ts → auth-BfbTouIV.d.ts} +5 -5
  28. package/dist/{auth-DYJ8ix3G.d.cts → auth-CC4kpwks.d.cts} +5 -5
  29. package/dist/{chunk-7P2P7Y35.js → chunk-2F3IX7O2.js} +1 -1
  30. package/dist/{chunk-VG5Y5QXC.js → chunk-4KMR5H5T.js} +1 -1
  31. package/dist/{chunk-XXGFGD3E.js → chunk-52TDJNDX.js} +11 -10
  32. package/dist/{chunk-YTMPZIP7.js → chunk-5AOJMBJI.js} +25 -3
  33. package/dist/{chunk-HQFWDJO3.cjs → chunk-5ECP2UE2.cjs} +5 -5
  34. package/dist/{chunk-VLA6IUW4.js → chunk-5G6XUCMS.js} +51 -2
  35. package/dist/{chunk-7H42DKFN.cjs → chunk-5KTUVZ3H.cjs} +5 -5
  36. package/dist/{chunk-QBBUTLKA.cjs → chunk-5RR5WN52.cjs} +5 -5
  37. package/dist/{chunk-XWK7ZOPU.cjs → chunk-75SPUXMY.cjs} +8 -8
  38. package/dist/{chunk-5LTLUS6A.js → chunk-BZOIXJ2Q.js} +1 -1
  39. package/dist/{chunk-SOFKSYNA.js → chunk-CG2CK6HR.js} +1 -1
  40. package/dist/{chunk-YZFX73MG.cjs → chunk-DURU7ZRA.cjs} +20 -20
  41. package/dist/{chunk-CLHJAEU2.js → chunk-EQYRCOOF.js} +5 -2
  42. package/dist/{chunk-IBIVHEIM.js → chunk-FX2ZHENM.js} +1 -1
  43. package/dist/{chunk-G6W6UQWJ.js → chunk-GWJDRQJ3.js} +2 -2
  44. package/dist/{chunk-C5LREWPU.cjs → chunk-HUDPJXOF.cjs} +24 -24
  45. package/dist/{chunk-DSB4P3WF.cjs → chunk-IUGQVFPG.cjs} +6 -6
  46. package/dist/{chunk-K46S33M5.cjs → chunk-K6WRBJAV.cjs} +3 -3
  47. package/dist/{chunk-C37NPGBI.cjs → chunk-KAEQXMEV.cjs} +46 -46
  48. package/dist/{chunk-CV5JTF37.cjs → chunk-KAR56MJZ.cjs} +5 -2
  49. package/dist/{chunk-6FRITF4C.cjs → chunk-LIGJVOZ4.cjs} +4 -4
  50. package/dist/{chunk-WKBV4PRW.cjs → chunk-MKNDCNWD.cjs} +3 -3
  51. package/dist/{chunk-WKXM7XUV.cjs → chunk-N7UWN6ND.cjs} +16 -4
  52. package/dist/{chunk-TV24P5IW.cjs → chunk-OALLKKNX.cjs} +52 -30
  53. package/dist/{chunk-3BXU3Z5H.js → chunk-QKCLO6S5.js} +1 -1
  54. package/dist/{chunk-E3CHTKRP.js → chunk-QLKU77BF.js} +1 -1
  55. package/dist/{chunk-CYI7H6T2.js → chunk-RMPI2YZ3.js} +1 -1
  56. package/dist/{chunk-R62AOMGV.js → chunk-SCXZXQTZ.js} +16 -4
  57. package/dist/{chunk-G365UCY7.js → chunk-ST2CQ4A2.js} +2 -2
  58. package/dist/{chunk-5RIBF22K.cjs → chunk-U44XLDNH.cjs} +22 -21
  59. package/dist/{chunk-OLGASOBP.cjs → chunk-UZNKBUDH.cjs} +11 -11
  60. package/dist/{chunk-7S7YLBK4.js → chunk-V56HFQQX.js} +1 -1
  61. package/dist/{chunk-HCHSHY7R.cjs → chunk-WD65CNWK.cjs} +77 -28
  62. package/dist/{chunk-H4A3GCFC.cjs → chunk-XKCN2VRG.cjs} +5 -5
  63. package/dist/{chunk-QG2HKEKG.js → chunk-XREMX2NV.js} +1 -1
  64. package/dist/{chunk-MHZNWING.js → chunk-ZDYKAJ67.js} +110 -2
  65. package/dist/{chunk-6QI5735F.js → chunk-ZKMUJOIP.js} +1 -1
  66. package/dist/{chunk-LHWLPZ6K.cjs → chunk-ZUUQ3FFY.cjs} +113 -5
  67. package/dist/client/plugins.d.cts +2 -2
  68. package/dist/client/plugins.d.ts +2 -2
  69. package/dist/client.d.cts +1 -1
  70. package/dist/client.d.ts +1 -1
  71. package/dist/cookies.d.cts +1 -1
  72. package/dist/cookies.d.ts +1 -1
  73. package/dist/db.cjs +12 -12
  74. package/dist/db.d.cts +2 -2
  75. package/dist/db.d.ts +2 -2
  76. package/dist/db.js +1 -1
  77. package/dist/{index-DOB91DVD.d.ts → index-CtbEb8Ls.d.ts} +107 -1
  78. package/dist/{index-BL6paKGE.d.cts → index-F5NLq5XF.d.cts} +107 -1
  79. package/dist/index.cjs +11 -11
  80. package/dist/index.d.cts +2 -2
  81. package/dist/index.d.ts +2 -2
  82. package/dist/index.js +4 -4
  83. package/dist/next-js.cjs +20 -20
  84. package/dist/next-js.d.cts +1 -1
  85. package/dist/next-js.d.ts +1 -1
  86. package/dist/next-js.js +19 -19
  87. package/dist/node.d.cts +1 -1
  88. package/dist/node.d.ts +1 -1
  89. package/dist/oauth2.d.cts +2 -2
  90. package/dist/oauth2.d.ts +2 -2
  91. package/dist/plugins/admin.cjs +3 -3
  92. package/dist/plugins/admin.d.cts +64 -8
  93. package/dist/plugins/admin.d.ts +64 -8
  94. package/dist/plugins/admin.js +2 -2
  95. package/dist/plugins/anonymous.cjs +3 -3
  96. package/dist/plugins/anonymous.d.cts +1 -1
  97. package/dist/plugins/anonymous.d.ts +1 -1
  98. package/dist/plugins/anonymous.js +2 -2
  99. package/dist/plugins/bearer.cjs +3 -3
  100. package/dist/plugins/bearer.d.cts +1 -1
  101. package/dist/plugins/bearer.d.ts +1 -1
  102. package/dist/plugins/bearer.js +2 -2
  103. package/dist/plugins/custom-session.cjs +3 -3
  104. package/dist/plugins/custom-session.d.cts +1 -1
  105. package/dist/plugins/custom-session.d.ts +1 -1
  106. package/dist/plugins/custom-session.js +2 -2
  107. package/dist/plugins/email-otp.cjs +3 -3
  108. package/dist/plugins/email-otp.d.cts +1 -1
  109. package/dist/plugins/email-otp.d.ts +1 -1
  110. package/dist/plugins/email-otp.js +2 -2
  111. package/dist/plugins/generic-oauth.cjs +3 -3
  112. package/dist/plugins/generic-oauth.d.cts +74 -1
  113. package/dist/plugins/generic-oauth.d.ts +74 -1
  114. package/dist/plugins/generic-oauth.js +2 -2
  115. package/dist/plugins/jwt.cjs +3 -3
  116. package/dist/plugins/jwt.d.cts +1 -1
  117. package/dist/plugins/jwt.d.ts +1 -1
  118. package/dist/plugins/jwt.js +2 -2
  119. package/dist/plugins/magic-link.cjs +3 -3
  120. package/dist/plugins/magic-link.d.cts +4 -0
  121. package/dist/plugins/magic-link.d.ts +4 -0
  122. package/dist/plugins/magic-link.js +2 -2
  123. package/dist/plugins/multi-session.cjs +3 -3
  124. package/dist/plugins/multi-session.d.cts +1 -1
  125. package/dist/plugins/multi-session.d.ts +1 -1
  126. package/dist/plugins/multi-session.js +2 -2
  127. package/dist/plugins/oidc-provider.cjs +3 -3
  128. package/dist/plugins/oidc-provider.js +2 -2
  129. package/dist/plugins/one-tap.cjs +3 -3
  130. package/dist/plugins/one-tap.js +2 -2
  131. package/dist/plugins/open-api.cjs +4 -4
  132. package/dist/plugins/open-api.d.cts +1 -1
  133. package/dist/plugins/open-api.d.ts +1 -1
  134. package/dist/plugins/open-api.js +3 -3
  135. package/dist/plugins/organization.cjs +3 -3
  136. package/dist/plugins/organization.d.cts +2 -2
  137. package/dist/plugins/organization.d.ts +2 -2
  138. package/dist/plugins/organization.js +2 -2
  139. package/dist/plugins/passkey.cjs +14 -14
  140. package/dist/plugins/passkey.d.cts +1 -1
  141. package/dist/plugins/passkey.d.ts +1 -1
  142. package/dist/plugins/passkey.js +1 -1
  143. package/dist/plugins/phone-number.cjs +3 -3
  144. package/dist/plugins/phone-number.d.cts +2 -2
  145. package/dist/plugins/phone-number.d.ts +2 -2
  146. package/dist/plugins/phone-number.js +2 -2
  147. package/dist/plugins/sso.cjs +9 -9
  148. package/dist/plugins/sso.d.cts +1 -1
  149. package/dist/plugins/sso.d.ts +1 -1
  150. package/dist/plugins/sso.js +1 -1
  151. package/dist/plugins/two-factor.cjs +3 -3
  152. package/dist/plugins/two-factor.d.cts +1 -1
  153. package/dist/plugins/two-factor.d.ts +1 -1
  154. package/dist/plugins/two-factor.js +2 -2
  155. package/dist/plugins/username.cjs +3 -3
  156. package/dist/plugins/username.d.cts +1 -1
  157. package/dist/plugins/username.d.ts +1 -1
  158. package/dist/plugins/username.js +2 -2
  159. package/dist/plugins.cjs +39 -39
  160. package/dist/plugins.d.cts +3 -3
  161. package/dist/plugins.d.ts +3 -3
  162. package/dist/plugins.js +19 -19
  163. package/dist/react.d.cts +2 -3
  164. package/dist/react.d.ts +2 -3
  165. package/dist/solid.d.cts +1 -1
  166. package/dist/solid.d.ts +1 -1
  167. package/dist/{state-DXzHe8jb.d.ts → state-BlyN0kTT.d.ts} +1 -1
  168. package/dist/{state-CEqdZ_y_.d.cts → state-ClV1x8my.d.cts} +1 -1
  169. package/dist/svelte-kit.d.cts +1 -1
  170. package/dist/svelte-kit.d.ts +1 -1
  171. package/dist/svelte.d.cts +1 -1
  172. package/dist/svelte.d.ts +1 -1
  173. package/dist/types.d.cts +3 -3
  174. package/dist/types.d.ts +3 -3
  175. package/dist/vue.d.cts +1 -1
  176. package/dist/vue.d.ts +1 -1
  177. package/package.json +1 -1
@@ -1,6 +1,6 @@
1
1
  'use strict';
2
2
 
3
- var chunkWKXM7XUV_cjs = require('./chunk-WKXM7XUV.cjs');
3
+ var chunkN7UWN6ND_cjs = require('./chunk-N7UWN6ND.cjs');
4
4
  var chunkV6HE2MP7_cjs = require('./chunk-V6HE2MP7.cjs');
5
5
  var zod = require('zod');
6
6
  var fetch = require('@better-fetch/fetch');
@@ -14,7 +14,7 @@ function toBoolean(value) {
14
14
  var oneTap = (options) => ({
15
15
  id: "one-tap",
16
16
  endpoints: {
17
- oneTapCallback: chunkWKXM7XUV_cjs.createAuthEndpoint(
17
+ oneTapCallback: chunkN7UWN6ND_cjs.createAuthEndpoint(
18
18
  "/one-tap/callback",
19
19
  {
20
20
  method: "POST",
@@ -66,7 +66,7 @@ var oneTap = (options) => ({
66
66
  );
67
67
  if (!user) {
68
68
  if (options?.disableSignup) {
69
- throw new chunkWKXM7XUV_cjs.APIError("BAD_GATEWAY", {
69
+ throw new chunkN7UWN6ND_cjs.APIError("BAD_GATEWAY", {
70
70
  message: "User not found"
71
71
  });
72
72
  }
@@ -83,7 +83,7 @@ var oneTap = (options) => ({
83
83
  }
84
84
  );
85
85
  if (!user2) {
86
- throw new chunkWKXM7XUV_cjs.APIError("INTERNAL_SERVER_ERROR", {
86
+ throw new chunkN7UWN6ND_cjs.APIError("INTERNAL_SERVER_ERROR", {
87
87
  message: "Could not create user"
88
88
  });
89
89
  }
@@ -1,6 +1,6 @@
1
1
  'use strict';
2
2
 
3
- var chunkWKXM7XUV_cjs = require('./chunk-WKXM7XUV.cjs');
3
+ var chunkN7UWN6ND_cjs = require('./chunk-N7UWN6ND.cjs');
4
4
  var chunkV6HE2MP7_cjs = require('./chunk-V6HE2MP7.cjs');
5
5
  var betterCall = require('better-call');
6
6
  var hmac = require('@better-auth/utils/hmac');
@@ -16,7 +16,7 @@ var bearer = (options) => {
16
16
  context.request?.headers.get("authorization") || context.headers?.get("authorization")
17
17
  );
18
18
  },
19
- handler: chunkWKXM7XUV_cjs.createAuthMiddleware(async (c) => {
19
+ handler: chunkN7UWN6ND_cjs.createAuthMiddleware(async (c) => {
20
20
  const token = c.request?.headers.get("authorization")?.replace("Bearer ", "") || c.headers?.get("Authorization")?.replace("Bearer ", "");
21
21
  if (!token) {
22
22
  return;
@@ -67,7 +67,7 @@ var bearer = (options) => {
67
67
  matcher(context) {
68
68
  return true;
69
69
  },
70
- handler: chunkWKXM7XUV_cjs.createAuthMiddleware(async (ctx) => {
70
+ handler: chunkN7UWN6ND_cjs.createAuthMiddleware(async (ctx) => {
71
71
  const setCookie = ctx.context.responseHeaders?.get("set-cookie");
72
72
  if (!setCookie) {
73
73
  return;
@@ -161,7 +161,7 @@ function wildcardMatch(pattern, options) {
161
161
 
162
162
  // src/api/middlewares/origin-check.ts
163
163
  var originCheckMiddleware = createAuthMiddleware(async (ctx) => {
164
- if (ctx.request?.method !== "POST") {
164
+ if (ctx.request?.method !== "POST" || !ctx.request) {
165
165
  return;
166
166
  }
167
167
  const { body, query, context } = ctx;
@@ -170,7 +170,10 @@ var originCheckMiddleware = createAuthMiddleware(async (ctx) => {
170
170
  const redirectURL = body?.redirectTo;
171
171
  const errorCallbackURL = body?.errorCallbackURL;
172
172
  const newUserCallbackURL = body?.newUserCallbackURL;
173
- const trustedOrigins = context.trustedOrigins;
173
+ const trustedOrigins = Array.isArray(context.options.trustedOrigins) ? context.trustedOrigins : [
174
+ ...context.trustedOrigins,
175
+ ...context.options.trustedOrigins?.(ctx.request) || []
176
+ ];
174
177
  const usesCookies = ctx.headers?.has("cookie");
175
178
  const matchesPattern = (url, pattern) => {
176
179
  if (url.startsWith("/")) {
@@ -208,9 +211,17 @@ var originCheckMiddleware = createAuthMiddleware(async (ctx) => {
208
211
  newUserCallbackURL && validateURL(newUserCallbackURL, "newUserCallbackURL");
209
212
  });
210
213
  var originCheck = (getValue) => createAuthMiddleware(async (ctx) => {
214
+ if (!ctx.request) {
215
+ return;
216
+ }
211
217
  const { context } = ctx;
212
218
  const callbackURL = getValue(ctx);
213
- const trustedOrigins = context.trustedOrigins;
219
+ const trustedOrigins = Array.isArray(
220
+ context.options.trustedOrigins
221
+ ) ? context.trustedOrigins : [
222
+ ...context.trustedOrigins,
223
+ ...context.options.trustedOrigins?.(ctx.request) || []
224
+ ];
214
225
  const matchesPattern = (url, pattern) => {
215
226
  if (url.startsWith("/")) {
216
227
  return false;
@@ -1096,6 +1107,7 @@ async function handleOAuthUserInfo(c, {
1096
1107
  );
1097
1108
  }
1098
1109
  } catch (e) {
1110
+ chunkH74YRRNV_cjs.logger.error(e);
1099
1111
  if (e instanceof betterCall.APIError) {
1100
1112
  return {
1101
1113
  error: e.message,
@@ -3112,7 +3124,7 @@ function getRetryAfter(lastRequest, window) {
3112
3124
  return Math.ceil((lastRequest + windowInMs - now) / 1e3);
3113
3125
  }
3114
3126
  function createDBStorage(ctx, modelName) {
3115
- const model = "rateLimit";
3127
+ const model = ctx.options.rateLimit?.modelName || "rateLimit";
3116
3128
  const db = ctx.adapter;
3117
3129
  return {
3118
3130
  get: async (key) => {
@@ -1,7 +1,7 @@
1
1
  'use strict';
2
2
 
3
3
  var chunkJUPDDQC4_cjs = require('./chunk-JUPDDQC4.cjs');
4
- var chunkWKXM7XUV_cjs = require('./chunk-WKXM7XUV.cjs');
4
+ var chunkN7UWN6ND_cjs = require('./chunk-N7UWN6ND.cjs');
5
5
  var chunkV6HE2MP7_cjs = require('./chunk-V6HE2MP7.cjs');
6
6
  var chunkB5UCLTPZ_cjs = require('./chunk-B5UCLTPZ.cjs');
7
7
  var chunk2HPSCSV7_cjs = require('./chunk-2HPSCSV7.cjs');
@@ -20,14 +20,14 @@ var admin = (options) => {
20
20
  YOU_CANNOT_BAN_YOURSELF: "You cannot ban yourself",
21
21
  ONLY_ADMINS_CAN_ACCESS_THIS_ENDPOINT: "Only admins can access this endpoint"
22
22
  };
23
- const adminMiddleware = chunkWKXM7XUV_cjs.createAuthMiddleware(async (ctx) => {
24
- const session = await chunkWKXM7XUV_cjs.getSessionFromCtx(ctx);
23
+ const adminMiddleware = chunkN7UWN6ND_cjs.createAuthMiddleware(async (ctx) => {
24
+ const session = await chunkN7UWN6ND_cjs.getSessionFromCtx(ctx);
25
25
  if (!session?.session) {
26
- throw new chunkWKXM7XUV_cjs.APIError("UNAUTHORIZED");
26
+ throw new chunkN7UWN6ND_cjs.APIError("UNAUTHORIZED");
27
27
  }
28
28
  const user = session.user;
29
29
  if (!user.role || (Array.isArray(opts.adminRole) ? !opts.adminRole.includes(user.role) : user.role !== opts.adminRole)) {
30
- throw new chunkWKXM7XUV_cjs.APIError("FORBIDDEN", {
30
+ throw new chunkN7UWN6ND_cjs.APIError("FORBIDDEN", {
31
31
  message: "Only admins can access this endpoint"
32
32
  });
33
33
  }
@@ -52,8 +52,7 @@ var admin = (options) => {
52
52
  }
53
53
  return {
54
54
  data: {
55
- role: options?.defaultRole ?? "user",
56
- ...user
55
+ role: options?.defaultRole ?? "user"
57
56
  }
58
57
  };
59
58
  }
@@ -89,7 +88,7 @@ var admin = (options) => {
89
88
  matcher(context) {
90
89
  return context.path === "/list-sessions";
91
90
  },
92
- handler: chunkWKXM7XUV_cjs.createAuthMiddleware(async (ctx) => {
91
+ handler: chunkN7UWN6ND_cjs.createAuthMiddleware(async (ctx) => {
93
92
  const response = await chunkJUPDDQC4_cjs.getEndpointResponse(ctx);
94
93
  if (!response) {
95
94
  return;
@@ -103,7 +102,7 @@ var admin = (options) => {
103
102
  ]
104
103
  },
105
104
  endpoints: {
106
- setRole: chunkWKXM7XUV_cjs.createAuthEndpoint(
105
+ setRole: chunkN7UWN6ND_cjs.createAuthEndpoint(
107
106
  "/admin/set-role",
108
107
  {
109
108
  method: "POST",
@@ -153,7 +152,7 @@ var admin = (options) => {
153
152
  });
154
153
  }
155
154
  ),
156
- createUser: chunkWKXM7XUV_cjs.createAuthEndpoint(
155
+ createUser: chunkN7UWN6ND_cjs.createAuthEndpoint(
157
156
  "/admin/create-user",
158
157
  {
159
158
  method: "POST",
@@ -210,7 +209,7 @@ var admin = (options) => {
210
209
  ctx.body.email
211
210
  );
212
211
  if (existUser) {
213
- throw new chunkWKXM7XUV_cjs.APIError("BAD_REQUEST", {
212
+ throw new chunkN7UWN6ND_cjs.APIError("BAD_REQUEST", {
214
213
  message: ERROR_CODES.USER_ALREADY_EXISTS
215
214
  });
216
215
  }
@@ -221,7 +220,7 @@ var admin = (options) => {
221
220
  ...ctx.body.data
222
221
  });
223
222
  if (!user) {
224
- throw new chunkWKXM7XUV_cjs.APIError("INTERNAL_SERVER_ERROR", {
223
+ throw new chunkN7UWN6ND_cjs.APIError("INTERNAL_SERVER_ERROR", {
225
224
  message: ERROR_CODES.FAILED_TO_CREATE_USER
226
225
  });
227
226
  }
@@ -239,7 +238,7 @@ var admin = (options) => {
239
238
  });
240
239
  }
241
240
  ),
242
- listUsers: chunkWKXM7XUV_cjs.createAuthEndpoint(
241
+ listUsers: chunkN7UWN6ND_cjs.createAuthEndpoint(
243
242
  "/admin/list-users",
244
243
  {
245
244
  method: "GET",
@@ -354,7 +353,7 @@ var admin = (options) => {
354
353
  }
355
354
  }
356
355
  ),
357
- listUserSessions: chunkWKXM7XUV_cjs.createAuthEndpoint(
356
+ listUserSessions: chunkN7UWN6ND_cjs.createAuthEndpoint(
358
357
  "/admin/list-user-sessions",
359
358
  {
360
359
  method: "POST",
@@ -401,7 +400,7 @@ var admin = (options) => {
401
400
  };
402
401
  }
403
402
  ),
404
- unbanUser: chunkWKXM7XUV_cjs.createAuthEndpoint(
403
+ unbanUser: chunkN7UWN6ND_cjs.createAuthEndpoint(
405
404
  "/admin/unban-user",
406
405
  {
407
406
  method: "POST",
@@ -448,7 +447,7 @@ var admin = (options) => {
448
447
  });
449
448
  }
450
449
  ),
451
- banUser: chunkWKXM7XUV_cjs.createAuthEndpoint(
450
+ banUser: chunkN7UWN6ND_cjs.createAuthEndpoint(
452
451
  "/admin/ban-user",
453
452
  {
454
453
  method: "POST",
@@ -497,7 +496,7 @@ var admin = (options) => {
497
496
  },
498
497
  async (ctx) => {
499
498
  if (ctx.body.userId === ctx.context.session.user.id) {
500
- throw new chunkWKXM7XUV_cjs.APIError("BAD_REQUEST", {
499
+ throw new chunkN7UWN6ND_cjs.APIError("BAD_REQUEST", {
501
500
  message: ERROR_CODES.YOU_CANNOT_BAN_YOURSELF
502
501
  });
503
502
  }
@@ -515,7 +514,7 @@ var admin = (options) => {
515
514
  });
516
515
  }
517
516
  ),
518
- impersonateUser: chunkWKXM7XUV_cjs.createAuthEndpoint(
517
+ impersonateUser: chunkN7UWN6ND_cjs.createAuthEndpoint(
519
518
  "/admin/impersonate-user",
520
519
  {
521
520
  method: "POST",
@@ -558,7 +557,7 @@ var admin = (options) => {
558
557
  ctx.body.userId
559
558
  );
560
559
  if (!targetUser) {
561
- throw new chunkWKXM7XUV_cjs.APIError("NOT_FOUND", {
560
+ throw new chunkN7UWN6ND_cjs.APIError("NOT_FOUND", {
562
561
  message: "User not found"
563
562
  });
564
563
  }
@@ -573,7 +572,7 @@ var admin = (options) => {
573
572
  }
574
573
  );
575
574
  if (!session) {
576
- throw new chunkWKXM7XUV_cjs.APIError("INTERNAL_SERVER_ERROR", {
575
+ throw new chunkN7UWN6ND_cjs.APIError("INTERNAL_SERVER_ERROR", {
577
576
  message: ERROR_CODES.FAILED_TO_CREATE_USER
578
577
  });
579
578
  }
@@ -599,18 +598,18 @@ var admin = (options) => {
599
598
  });
600
599
  }
601
600
  ),
602
- stopImpersonating: chunkWKXM7XUV_cjs.createAuthEndpoint(
601
+ stopImpersonating: chunkN7UWN6ND_cjs.createAuthEndpoint(
603
602
  "/admin/stop-impersonating",
604
603
  {
605
604
  method: "POST"
606
605
  },
607
606
  async (ctx) => {
608
- const session = await chunkWKXM7XUV_cjs.getSessionFromCtx(ctx);
607
+ const session = await chunkN7UWN6ND_cjs.getSessionFromCtx(ctx);
609
608
  if (!session) {
610
- throw new chunkWKXM7XUV_cjs.APIError("UNAUTHORIZED");
609
+ throw new chunkN7UWN6ND_cjs.APIError("UNAUTHORIZED");
611
610
  }
612
611
  if (!session.session.impersonatedBy) {
613
- throw new chunkWKXM7XUV_cjs.APIError("BAD_REQUEST", {
612
+ throw new chunkN7UWN6ND_cjs.APIError("BAD_REQUEST", {
614
613
  message: "You are not impersonating anyone"
615
614
  });
616
615
  }
@@ -618,7 +617,7 @@ var admin = (options) => {
618
617
  session.session.impersonatedBy
619
618
  );
620
619
  if (!user) {
621
- throw new chunkWKXM7XUV_cjs.APIError("INTERNAL_SERVER_ERROR", {
620
+ throw new chunkN7UWN6ND_cjs.APIError("INTERNAL_SERVER_ERROR", {
622
621
  message: "Failed to find user"
623
622
  });
624
623
  }
@@ -627,13 +626,13 @@ var admin = (options) => {
627
626
  ctx.context.secret
628
627
  );
629
628
  if (!adminCookie) {
630
- throw new chunkWKXM7XUV_cjs.APIError("INTERNAL_SERVER_ERROR", {
629
+ throw new chunkN7UWN6ND_cjs.APIError("INTERNAL_SERVER_ERROR", {
631
630
  message: "Failed to find admin session"
632
631
  });
633
632
  }
634
633
  const adminSession = await ctx.context.internalAdapter.findSession(adminCookie);
635
634
  if (!adminSession || adminSession.session.userId !== user.id) {
636
- throw new chunkWKXM7XUV_cjs.APIError("INTERNAL_SERVER_ERROR", {
635
+ throw new chunkN7UWN6ND_cjs.APIError("INTERNAL_SERVER_ERROR", {
637
636
  message: "Failed to find admin session"
638
637
  });
639
638
  }
@@ -641,7 +640,7 @@ var admin = (options) => {
641
640
  return ctx.json(adminSession);
642
641
  }
643
642
  ),
644
- revokeUserSession: chunkWKXM7XUV_cjs.createAuthEndpoint(
643
+ revokeUserSession: chunkN7UWN6ND_cjs.createAuthEndpoint(
645
644
  "/admin/revoke-user-session",
646
645
  {
647
646
  method: "POST",
@@ -685,7 +684,7 @@ var admin = (options) => {
685
684
  });
686
685
  }
687
686
  ),
688
- revokeUserSessions: chunkWKXM7XUV_cjs.createAuthEndpoint(
687
+ revokeUserSessions: chunkN7UWN6ND_cjs.createAuthEndpoint(
689
688
  "/admin/revoke-user-sessions",
690
689
  {
691
690
  method: "POST",
@@ -727,7 +726,7 @@ var admin = (options) => {
727
726
  });
728
727
  }
729
728
  ),
730
- removeUser: chunkWKXM7XUV_cjs.createAuthEndpoint(
729
+ removeUser: chunkN7UWN6ND_cjs.createAuthEndpoint(
731
730
  "/admin/remove-user",
732
731
  {
733
732
  method: "POST",
@@ -768,6 +767,29 @@ var admin = (options) => {
768
767
  success: true
769
768
  });
770
769
  }
770
+ ),
771
+ setUserPassword: chunkN7UWN6ND_cjs.createAuthEndpoint(
772
+ "/admin/set-user-password",
773
+ {
774
+ method: "POST",
775
+ body: zod.z.object({
776
+ newPassword: zod.z.string(),
777
+ userId: zod.z.string()
778
+ }),
779
+ use: [adminMiddleware]
780
+ },
781
+ async (ctx) => {
782
+ const hashedPassword = await ctx.context.password.hash(
783
+ ctx.body.newPassword
784
+ );
785
+ await ctx.context.internalAdapter.updatePassword(
786
+ ctx.body.userId,
787
+ hashedPassword
788
+ );
789
+ return ctx.json({
790
+ status: true
791
+ });
792
+ }
771
793
  )
772
794
  },
773
795
  $ERROR_CODES: ERROR_CODES,
@@ -1,4 +1,4 @@
1
- import { createAuthEndpoint, originCheck, createAuthMiddleware } from './chunk-R62AOMGV.js';
1
+ import { createAuthEndpoint, originCheck, createAuthMiddleware } from './chunk-SCXZXQTZ.js';
2
2
  import { getOrigin } from './chunk-XFCIANZX.js';
3
3
  import { symmetricDecrypt, symmetricEncrypt } from './chunk-DBPOZRMS.js';
4
4
  import { env } from './chunk-TQQSPPNA.js';
@@ -1,5 +1,5 @@
1
1
  import { getEndpointResponse } from './chunk-JEYF2ARX.js';
2
- import { createAuthEndpoint, APIError, createAuthMiddleware } from './chunk-R62AOMGV.js';
2
+ import { createAuthEndpoint, APIError, createAuthMiddleware } from './chunk-SCXZXQTZ.js';
3
3
  import { setSessionCookie } from './chunk-QQGZ3XGI.js';
4
4
  import { generateRandomString } from './chunk-DBPOZRMS.js';
5
5
  import { getDate } from './chunk-FURNA6HY.js';
@@ -1,4 +1,4 @@
1
- import { createAuthMiddleware, createAuthEndpoint, sessionMiddleware, APIError, getSessionFromCtx } from './chunk-R62AOMGV.js';
1
+ import { createAuthMiddleware, createAuthEndpoint, sessionMiddleware, APIError, getSessionFromCtx } from './chunk-SCXZXQTZ.js';
2
2
  import { parseSetCookieHeader } from './chunk-QQGZ3XGI.js';
3
3
  import { generateRandomString } from './chunk-DBPOZRMS.js';
4
4
  import { SignJWT } from 'jose';
@@ -156,7 +156,7 @@ function wildcardMatch(pattern, options) {
156
156
 
157
157
  // src/api/middlewares/origin-check.ts
158
158
  var originCheckMiddleware = createAuthMiddleware(async (ctx) => {
159
- if (ctx.request?.method !== "POST") {
159
+ if (ctx.request?.method !== "POST" || !ctx.request) {
160
160
  return;
161
161
  }
162
162
  const { body, query, context } = ctx;
@@ -165,7 +165,10 @@ var originCheckMiddleware = createAuthMiddleware(async (ctx) => {
165
165
  const redirectURL = body?.redirectTo;
166
166
  const errorCallbackURL = body?.errorCallbackURL;
167
167
  const newUserCallbackURL = body?.newUserCallbackURL;
168
- const trustedOrigins = context.trustedOrigins;
168
+ const trustedOrigins = Array.isArray(context.options.trustedOrigins) ? context.trustedOrigins : [
169
+ ...context.trustedOrigins,
170
+ ...context.options.trustedOrigins?.(ctx.request) || []
171
+ ];
169
172
  const usesCookies = ctx.headers?.has("cookie");
170
173
  const matchesPattern = (url, pattern) => {
171
174
  if (url.startsWith("/")) {
@@ -203,9 +206,17 @@ var originCheckMiddleware = createAuthMiddleware(async (ctx) => {
203
206
  newUserCallbackURL && validateURL(newUserCallbackURL, "newUserCallbackURL");
204
207
  });
205
208
  var originCheck = (getValue) => createAuthMiddleware(async (ctx) => {
209
+ if (!ctx.request) {
210
+ return;
211
+ }
206
212
  const { context } = ctx;
207
213
  const callbackURL = getValue(ctx);
208
- const trustedOrigins = context.trustedOrigins;
214
+ const trustedOrigins = Array.isArray(
215
+ context.options.trustedOrigins
216
+ ) ? context.trustedOrigins : [
217
+ ...context.trustedOrigins,
218
+ ...context.options.trustedOrigins?.(ctx.request) || []
219
+ ];
209
220
  const matchesPattern = (url, pattern) => {
210
221
  if (url.startsWith("/")) {
211
222
  return false;
@@ -1091,6 +1102,7 @@ async function handleOAuthUserInfo(c, {
1091
1102
  );
1092
1103
  }
1093
1104
  } catch (e) {
1105
+ logger.error(e);
1094
1106
  if (e instanceof APIError) {
1095
1107
  return {
1096
1108
  error: e.message,
@@ -3107,7 +3119,7 @@ function getRetryAfter(lastRequest, window) {
3107
3119
  return Math.ceil((lastRequest + windowInMs - now) / 1e3);
3108
3120
  }
3109
3121
  function createDBStorage(ctx, modelName) {
3110
- const model = "rateLimit";
3122
+ const model = ctx.options.rateLimit?.modelName || "rateLimit";
3111
3123
  const db = ctx.adapter;
3112
3124
  return {
3113
3125
  get: async (key) => {
@@ -1,4 +1,4 @@
1
- import { createAuthEndpoint, BASE_ERROR_CODES, originCheck } from './chunk-R62AOMGV.js';
1
+ import { createAuthEndpoint, BASE_ERROR_CODES, originCheck } from './chunk-SCXZXQTZ.js';
2
2
  import { setSessionCookie } from './chunk-QQGZ3XGI.js';
3
3
  import { generateRandomString } from './chunk-DBPOZRMS.js';
4
4
  import { z } from 'zod';
@@ -57,7 +57,7 @@ var magicLink = (options) => {
57
57
  });
58
58
  }
59
59
  }
60
- const verificationToken = generateRandomString(32, "a-z", "A-Z");
60
+ const verificationToken = options?.generateToken ? await options.generateToken(email) : generateRandomString(32, "a-z", "A-Z");
61
61
  await ctx.context.internalAdapter.createVerificationValue({
62
62
  identifier: verificationToken,
63
63
  value: JSON.stringify({ email, name: ctx.body.name }),
@@ -1,6 +1,6 @@
1
1
  'use strict';
2
2
 
3
- var chunkWKXM7XUV_cjs = require('./chunk-WKXM7XUV.cjs');
3
+ var chunkN7UWN6ND_cjs = require('./chunk-N7UWN6ND.cjs');
4
4
  var chunkV6HE2MP7_cjs = require('./chunk-V6HE2MP7.cjs');
5
5
  var chunkB5UCLTPZ_cjs = require('./chunk-B5UCLTPZ.cjs');
6
6
  var chunkG2LZ73E2_cjs = require('./chunk-G2LZ73E2.cjs');
@@ -32,7 +32,7 @@ var phoneNumber = (options) => {
32
32
  return {
33
33
  id: "phone-number",
34
34
  endpoints: {
35
- signInPhoneNumber: chunkWKXM7XUV_cjs.createAuthEndpoint(
35
+ signInPhoneNumber: chunkN7UWN6ND_cjs.createAuthEndpoint(
36
36
  "/sign-in/phone-number",
37
37
  {
38
38
  method: "POST",
@@ -140,7 +140,7 @@ var phoneNumber = (options) => {
140
140
  if (!session) {
141
141
  ctx.context.logger.error("Failed to create session");
142
142
  throw new betterCall.APIError("UNAUTHORIZED", {
143
- message: chunkWKXM7XUV_cjs.BASE_ERROR_CODES.FAILED_TO_CREATE_SESSION
143
+ message: chunkN7UWN6ND_cjs.BASE_ERROR_CODES.FAILED_TO_CREATE_SESSION
144
144
  });
145
145
  }
146
146
  await chunkV6HE2MP7_cjs.setSessionCookie(
@@ -167,7 +167,7 @@ var phoneNumber = (options) => {
167
167
  });
168
168
  }
169
169
  ),
170
- sendPhoneNumberOTP: chunkWKXM7XUV_cjs.createAuthEndpoint(
170
+ sendPhoneNumberOTP: chunkN7UWN6ND_cjs.createAuthEndpoint(
171
171
  "/phone-number/send-otp",
172
172
  {
173
173
  method: "POST",
@@ -240,7 +240,7 @@ var phoneNumber = (options) => {
240
240
  );
241
241
  }
242
242
  ),
243
- verifyPhoneNumber: chunkWKXM7XUV_cjs.createAuthEndpoint(
243
+ verifyPhoneNumber: chunkN7UWN6ND_cjs.createAuthEndpoint(
244
244
  "/phone-number/verify",
245
245
  {
246
246
  method: "POST",
@@ -324,10 +324,10 @@ var phoneNumber = (options) => {
324
324
  }
325
325
  await ctx.context.internalAdapter.deleteVerificationValue(otp.id);
326
326
  if (ctx.body.updatePhoneNumber) {
327
- const session = await chunkWKXM7XUV_cjs.getSessionFromCtx(ctx);
327
+ const session = await chunkN7UWN6ND_cjs.getSessionFromCtx(ctx);
328
328
  if (!session) {
329
329
  throw new betterCall.APIError("UNAUTHORIZED", {
330
- message: chunkWKXM7XUV_cjs.BASE_ERROR_CODES.USER_NOT_FOUND
330
+ message: chunkN7UWN6ND_cjs.BASE_ERROR_CODES.USER_NOT_FOUND
331
331
  });
332
332
  }
333
333
  let user2 = await ctx.context.internalAdapter.updateUser(
@@ -362,13 +362,6 @@ var phoneNumber = (options) => {
362
362
  }
363
363
  ]
364
364
  });
365
- await options?.callbackOnVerification?.(
366
- {
367
- phoneNumber: ctx.body.phoneNumber,
368
- user
369
- },
370
- ctx.request
371
- );
372
365
  if (!user) {
373
366
  if (options?.signUpOnVerification) {
374
367
  user = await ctx.context.internalAdapter.createUser({
@@ -383,20 +376,28 @@ var phoneNumber = (options) => {
383
376
  });
384
377
  if (!user) {
385
378
  throw new betterCall.APIError("INTERNAL_SERVER_ERROR", {
386
- message: chunkWKXM7XUV_cjs.BASE_ERROR_CODES.FAILED_TO_CREATE_USER
379
+ message: chunkN7UWN6ND_cjs.BASE_ERROR_CODES.FAILED_TO_CREATE_USER
387
380
  });
388
381
  }
389
- } else {
390
- return ctx.json(null);
391
382
  }
392
383
  } else {
393
384
  user = await ctx.context.internalAdapter.updateUser(user.id, {
394
385
  [opts.phoneNumberVerified]: true
395
386
  });
396
387
  }
388
+ if (!user) {
389
+ return ctx.json(null);
390
+ }
391
+ await options?.callbackOnVerification?.(
392
+ {
393
+ phoneNumber: ctx.body.phoneNumber,
394
+ user
395
+ },
396
+ ctx.request
397
+ );
397
398
  if (!user) {
398
399
  throw new betterCall.APIError("INTERNAL_SERVER_ERROR", {
399
- message: chunkWKXM7XUV_cjs.BASE_ERROR_CODES.FAILED_TO_UPDATE_USER
400
+ message: chunkN7UWN6ND_cjs.BASE_ERROR_CODES.FAILED_TO_UPDATE_USER
400
401
  });
401
402
  }
402
403
  if (!ctx.body.disableSession) {
@@ -406,7 +407,7 @@ var phoneNumber = (options) => {
406
407
  );
407
408
  if (!session) {
408
409
  throw new betterCall.APIError("INTERNAL_SERVER_ERROR", {
409
- message: chunkWKXM7XUV_cjs.BASE_ERROR_CODES.FAILED_TO_CREATE_SESSION
410
+ message: chunkN7UWN6ND_cjs.BASE_ERROR_CODES.FAILED_TO_CREATE_SESSION
410
411
  });
411
412
  }
412
413
  await chunkV6HE2MP7_cjs.setSessionCookie(ctx, {
@@ -446,7 +447,7 @@ var phoneNumber = (options) => {
446
447
  });
447
448
  }
448
449
  ),
449
- forgetPasswordPhoneNumber: chunkWKXM7XUV_cjs.createAuthEndpoint(
450
+ forgetPasswordPhoneNumber: chunkN7UWN6ND_cjs.createAuthEndpoint(
450
451
  "/phone-number/forget-password",
451
452
  {
452
453
  method: "POST",
@@ -487,7 +488,7 @@ var phoneNumber = (options) => {
487
488
  });
488
489
  }
489
490
  ),
490
- resetPasswordPhoneNumber: chunkWKXM7XUV_cjs.createAuthEndpoint(
491
+ resetPasswordPhoneNumber: chunkN7UWN6ND_cjs.createAuthEndpoint(
491
492
  "/phone-number/reset-password",
492
493
  {
493
494
  method: "POST",