npm - better-auth - Versions diffs - 1.2.3-beta.1 → 1.2.3-beta.3 - Mend

better-auth 1.2.3-beta.1 → 1.2.3-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/dist/integrations/next-js.cjs +0 -1
package/dist/integrations/next-js.mjs +0 -1
package/dist/plugins/admin/index.cjs +1 -2
package/dist/plugins/admin/index.d.cts +9 -0
package/dist/plugins/admin/index.d.mts +9 -0
package/dist/plugins/admin/index.d.ts +9 -0
package/dist/plugins/admin/index.mjs +1 -2
package/dist/plugins/index.cjs +1 -2
package/dist/plugins/index.mjs +1 -2
package/dist/plugins/multi-session/index.cjs +3 -3
package/dist/plugins/multi-session/index.mjs +3 -3
package/dist/shared/{better-auth.BxiPGoZk.cjs → better-auth.DXbPkpEx.cjs} +21 -12
package/dist/shared/{better-auth.CMzBOV3L.mjs → better-auth.K251u4eV.mjs} +11 -2
package/package.json +1 -1
package/dist/shared/better-auth.DUb9p_mV.cjs +0 -23
package/dist/shared/better-auth.Do0oI2pb.mjs +0 -21

package/dist/integrations/next-js.cjs CHANGED Viewed

@@ -24,7 +24,6 @@ require('@better-auth/utils/hex');
 require('@noble/hashes/utils');
 require('../shared/better-auth.CMz4USTt.cjs');
 require('@better-auth/utils/otp');
-require('../shared/better-auth.DUb9p_mV.cjs');
 require('../plugins/admin/access/index.cjs');
 require('@better-fetch/fetch');
 require('@better-auth/utils/random');

package/dist/integrations/next-js.mjs CHANGED Viewed

@@ -22,7 +22,6 @@ import '@better-auth/utils/hex';
 import '@noble/hashes/utils';
 import '../shared/better-auth.Bd1H94Nk.mjs';
 import '@better-auth/utils/otp';
-import '../shared/better-auth.Do0oI2pb.mjs';
 import '../plugins/admin/access/index.mjs';
 import '@better-fetch/fetch';
 import '@better-auth/utils/random';

package/dist/plugins/admin/index.cjs CHANGED Viewed

@@ -1,6 +1,6 @@
 'use strict';
-const admin = require('../../shared/better-auth.BxiPGoZk.cjs');
+const admin = require('../../shared/better-auth.DXbPkpEx.cjs');
 require('zod');
 require('better-call');
 require('../../shared/better-auth.BzKRBwSF.cjs');
@@ -35,7 +35,6 @@ require('../../shared/better-auth.DhfiEsxl.cjs');
 require('jose/errors');
 require('@better-auth/utils/binary');
 require('../../shared/better-auth.DNqtHmvg.cjs');
-require('../../shared/better-auth.DUb9p_mV.cjs');
 require('./access/index.cjs');
 require('../access/index.cjs');

package/dist/plugins/admin/index.d.cts CHANGED Viewed

@@ -24,6 +24,15 @@ interface AdminOptions {
      * @default "user"
      */
     defaultRole?: string;
+    /**
+     * Roles that are considered admin roles.
+     *
+     * Any user role that isn't in this list, even if they have the permission,
+     * will not be considered an admin.
+     *
+     * @default ["admin"]
+     */
+    adminRoles?: string | string[];
     /**
      * A default ban reason
      *

package/dist/plugins/admin/index.d.mts CHANGED Viewed

@@ -24,6 +24,15 @@ interface AdminOptions {
      * @default "user"
      */
     defaultRole?: string;
+    /**
+     * Roles that are considered admin roles.
+     *
+     * Any user role that isn't in this list, even if they have the permission,
+     * will not be considered an admin.
+     *
+     * @default ["admin"]
+     */
+    adminRoles?: string | string[];
     /**
      * A default ban reason
      *

package/dist/plugins/admin/index.d.ts CHANGED Viewed

@@ -24,6 +24,15 @@ interface AdminOptions {
      * @default "user"
      */
     defaultRole?: string;
+    /**
+     * Roles that are considered admin roles.
+     *
+     * Any user role that isn't in this list, even if they have the permission,
+     * will not be considered an admin.
+     *
+     * @default ["admin"]
+     */
+    adminRoles?: string | string[];
     /**
      * A default ban reason
      *

package/dist/plugins/admin/index.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-export { a as admin } from '../../shared/better-auth.CMzBOV3L.mjs';
+export { a as admin } from '../../shared/better-auth.K251u4eV.mjs';
 import 'zod';
 import 'better-call';
 import '../../shared/better-auth.npe3WWSD.mjs';
@@ -33,6 +33,5 @@ import '../../shared/better-auth.NcLhHEks.mjs';
 import 'jose/errors';
 import '@better-auth/utils/binary';
 import '../../shared/better-auth.DQI8AD7d.mjs';
-import '../../shared/better-auth.Do0oI2pb.mjs';
 import './access/index.mjs';
 import '../access/index.mjs';

package/dist/plugins/index.cjs CHANGED Viewed

@@ -8,7 +8,7 @@ const account = require('../shared/better-auth.BzKRBwSF.cjs');
 const plugins_magicLink_index = require('./magic-link/index.cjs');
 const plugins_phoneNumber_index = require('./phone-number/index.cjs');
 const plugins_anonymous_index = require('./anonymous/index.cjs');
-const admin = require('../shared/better-auth.BxiPGoZk.cjs');
+const admin = require('../shared/better-auth.DXbPkpEx.cjs');
 const plugins_genericOauth_index = require('./generic-oauth/index.cjs');
 const plugins_jwt_index = require('./jwt/index.cjs');
 const plugins_multiSession_index = require('./multi-session/index.cjs');
@@ -65,7 +65,6 @@ require('../shared/better-auth.DhfiEsxl.cjs');
 require('jose/errors');
 require('@better-auth/utils/binary');
 require('../shared/better-auth.DNqtHmvg.cjs');
-require('../shared/better-auth.DUb9p_mV.cjs');
 require('./admin/access/index.cjs');
 require('../shared/better-auth.BG6vHVNT.cjs');
 require('../api/index.cjs');

package/dist/plugins/index.mjs CHANGED Viewed

@@ -7,7 +7,7 @@ export { H as HIDE_METADATA, N as optionsMiddleware } from '../shared/better-aut
 export { magicLink } from './magic-link/index.mjs';
 export { phoneNumber } from './phone-number/index.mjs';
 export { anonymous } from './anonymous/index.mjs';
-export { a as admin } from '../shared/better-auth.CMzBOV3L.mjs';
+export { a as admin } from '../shared/better-auth.K251u4eV.mjs';
 export { genericOAuth } from './generic-oauth/index.mjs';
 export { getJwtToken, jwt } from './jwt/index.mjs';
 export { multiSession } from './multi-session/index.mjs';
@@ -64,7 +64,6 @@ import '../shared/better-auth.NcLhHEks.mjs';
 import 'jose/errors';
 import '@better-auth/utils/binary';
 import '../shared/better-auth.DQI8AD7d.mjs';
-import '../shared/better-auth.Do0oI2pb.mjs';
 import './admin/access/index.mjs';
 import '../shared/better-auth.fsvwNeUx.mjs';
 import '../api/index.mjs';

package/dist/plugins/multi-session/index.cjs CHANGED Viewed

@@ -105,7 +105,7 @@ const multiSession = (options) => {
         },
         async (ctx) => {
           const sessionToken = ctx.body.sessionToken;
-          const multiSessionCookieName = `${ctx.context.authCookies.sessionToken.name}_multi-${sessionToken}`;
+          const multiSessionCookieName = `${ctx.context.authCookies.sessionToken.name}_multi-${sessionToken.toLowerCase()}`;
           const sessionCookie = await ctx.getSignedCookie(
             multiSessionCookieName,
             ctx.context.secret
@@ -254,8 +254,8 @@ const multiSession = (options) => {
                   ...ctx.context.authCookies.sessionToken.options,
                   maxAge: 0
                 });
-                const id = key.split("_multi-")[1];
-                return id;
+                const token = cookies[key].split(".")[0];
+                return token;
               }
               return null;
             }).filter((v) => v !== null);

package/dist/plugins/multi-session/index.mjs CHANGED Viewed

@@ -103,7 +103,7 @@ const multiSession = (options) => {
         },
         async (ctx) => {
           const sessionToken = ctx.body.sessionToken;
-          const multiSessionCookieName = `${ctx.context.authCookies.sessionToken.name}_multi-${sessionToken}`;
+          const multiSessionCookieName = `${ctx.context.authCookies.sessionToken.name}_multi-${sessionToken.toLowerCase()}`;
           const sessionCookie = await ctx.getSignedCookie(
             multiSessionCookieName,
             ctx.context.secret
@@ -252,8 +252,8 @@ const multiSession = (options) => {
                   ...ctx.context.authCookies.sessionToken.options,
                   maxAge: 0
                 });
-                const id = key.split("_multi-")[1];
-                return id;
+                const token = cookies[key].split(".")[0];
+                return token;
               }
               return null;
             }).filter((v) => v !== null);

package/dist/shared/{better-auth.BxiPGoZk.cjs → better-auth.DXbPkpEx.cjs} RENAMED Viewed

@@ -10,7 +10,6 @@ require('./better-auth.GpOOav9x.cjs');
 require('defu');
 const date = require('./better-auth.C1hdVENX.cjs');
 const pluginHelper = require('./better-auth.DNqtHmvg.cjs');
-const call = require('./better-auth.DUb9p_mV.cjs');
 const plugins_admin_access_index = require('../plugins/admin/access/index.cjs');
 const ADMIN_ERROR_CODES = {
@@ -47,8 +46,18 @@ const hasPermission = (input) => {
 const admin = (options) => {
   const opts = {
     defaultRole: "user",
+    adminRoles: ["admin"],
     ...options
   };
+  const adminMiddleware = account.createAuthMiddleware(async (ctx) => {
+    const session = await account.getSessionFromCtx(ctx);
+    if ((!session?.session || !opts.adminRoles.includes(session.user.role)) && !opts.adminUserIds?.includes(session?.user.id || "")) {
+      throw new betterCall.APIError("UNAUTHORIZED");
+    }
+    return {
+      session
+    };
+  });
   return {
     id: "admin",
     init(ctx) {
@@ -123,7 +132,7 @@ const admin = (options) => {
               description: "The role to set. `admin` or `user` by default"
             })
           }),
-          use: [call.adminMiddleware],
+          use: [adminMiddleware],
           metadata: {
             openapi: {
               operationId: "setRole",
@@ -201,7 +210,7 @@ const admin = (options) => {
               })
             )
           }),
-          use: [call.adminMiddleware],
+          use: [adminMiddleware],
           metadata: {
             openapi: {
               operationId: "createUser",
@@ -282,7 +291,7 @@ const admin = (options) => {
         "/admin/list-users",
         {
           method: "GET",
-          use: [call.adminMiddleware],
+          use: [adminMiddleware],
           query: zod.z.object({
             searchValue: zod.z.string({
               description: "The value to search for"
@@ -411,7 +420,7 @@ const admin = (options) => {
         "/admin/list-user-sessions",
         {
           method: "POST",
-          use: [call.adminMiddleware],
+          use: [adminMiddleware],
           body: zod.z.object({
             userId: zod.z.string({
               description: "The user id"
@@ -477,7 +486,7 @@ const admin = (options) => {
               description: "The user id"
             })
           }),
-          use: [call.adminMiddleware],
+          use: [adminMiddleware],
           metadata: {
             openapi: {
               operationId: "unbanUser",
@@ -552,7 +561,7 @@ const admin = (options) => {
               description: "The number of seconds until the ban expires"
             }).optional()
           }),
-          use: [call.adminMiddleware],
+          use: [adminMiddleware],
           metadata: {
             openapi: {
               operationId: "banUser",
@@ -622,7 +631,7 @@ const admin = (options) => {
               description: "The user id"
             })
           }),
-          use: [call.adminMiddleware],
+          use: [adminMiddleware],
           metadata: {
             openapi: {
               operationId: "impersonateUser",
@@ -763,7 +772,7 @@ const admin = (options) => {
               description: "The session token"
             })
           }),
-          use: [call.adminMiddleware],
+          use: [adminMiddleware],
           metadata: {
             openapi: {
               operationId: "revokeUserSession",
@@ -821,7 +830,7 @@ const admin = (options) => {
               description: "The user id"
             })
           }),
-          use: [call.adminMiddleware],
+          use: [adminMiddleware],
           metadata: {
             openapi: {
               operationId: "revokeUserSessions",
@@ -877,7 +886,7 @@ const admin = (options) => {
               description: "The user id"
             })
           }),
-          use: [call.adminMiddleware],
+          use: [adminMiddleware],
           metadata: {
             openapi: {
               operationId: "removeUser",
@@ -936,7 +945,7 @@ const admin = (options) => {
               description: "The user id"
             })
           }),
-          use: [call.adminMiddleware],
+          use: [adminMiddleware],
           metadata: {
             openapi: {
               operationId: "setUserPassword",

package/dist/shared/{better-auth.CMzBOV3L.mjs → better-auth.K251u4eV.mjs} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { z } from 'zod';
 import { APIError } from 'better-call';
-import { a as createAuthEndpoint, c as createAuthMiddleware, g as getSessionFromCtx } from './better-auth.npe3WWSD.mjs';
+import { c as createAuthMiddleware, g as getSessionFromCtx, a as createAuthEndpoint } from './better-auth.npe3WWSD.mjs';
 import { setSessionCookie, deleteSessionCookie } from '../cookies/index.mjs';
 import { m as mergeSchema } from './better-auth.C24Bzw4w.mjs';
 import './better-auth.8zoxzg-F.mjs';
@@ -8,7 +8,6 @@ import './better-auth.DH3YjMQH.mjs';
 import 'defu';
 import { g as getDate } from './better-auth.CW6D9eSx.mjs';
 import { g as getEndpointResponse } from './better-auth.DQI8AD7d.mjs';
-import { a as adminMiddleware } from './better-auth.Do0oI2pb.mjs';
 import { defaultRoles } from '../plugins/admin/access/index.mjs';
 const ADMIN_ERROR_CODES = {
@@ -45,8 +44,18 @@ const hasPermission = (input) => {
 const admin = (options) => {
   const opts = {
     defaultRole: "user",
+    adminRoles: ["admin"],
     ...options
   };
+  const adminMiddleware = createAuthMiddleware(async (ctx) => {
+    const session = await getSessionFromCtx(ctx);
+    if ((!session?.session || !opts.adminRoles.includes(session.user.role)) && !opts.adminUserIds?.includes(session?.user.id || "")) {
+      throw new APIError("UNAUTHORIZED");
+    }
+    return {
+      session
+    };
+  });
   return {
     id: "admin",
     init(ctx) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "better-auth",
-  "version": "1.2.3-beta.1",
+  "version": "1.2.3-beta.3",
   "description": "The most comprehensive authentication library for TypeScript.",
   "type": "module",
   "repository": {

package/dist/shared/better-auth.DUb9p_mV.cjs DELETED Viewed

@@ -1,23 +0,0 @@
-'use strict';
-const betterCall = require('better-call');
-const account = require('./better-auth.BzKRBwSF.cjs');
-require('zod');
-require('./better-auth.DiSjtgs9.cjs');
-require('@better-auth/utils/base64');
-require('@better-auth/utils/hmac');
-require('./better-auth.CHyZMcYK.cjs');
-require('./better-auth.GpOOav9x.cjs');
-require('defu');
-const adminMiddleware = account.createAuthMiddleware(async (ctx) => {
-  const session = await account.getSessionFromCtx(ctx);
-  if (!session?.session) {
-    throw new betterCall.APIError("UNAUTHORIZED");
-  }
-  return {
-    session
-  };
-});
-exports.adminMiddleware = adminMiddleware;

package/dist/shared/better-auth.Do0oI2pb.mjs DELETED Viewed

@@ -1,21 +0,0 @@
-import { APIError } from 'better-call';
-import { c as createAuthMiddleware, g as getSessionFromCtx } from './better-auth.npe3WWSD.mjs';
-import 'zod';
-import './better-auth.8zoxzg-F.mjs';
-import '@better-auth/utils/base64';
-import '@better-auth/utils/hmac';
-import './better-auth.C24Bzw4w.mjs';
-import './better-auth.DH3YjMQH.mjs';
-import 'defu';
-const adminMiddleware = createAuthMiddleware(async (ctx) => {
-  const session = await getSessionFromCtx(ctx);
-  if (!session?.session) {
-    throw new APIError("UNAUTHORIZED");
-  }
-  return {
-    session
-  };
-});
-export { adminMiddleware as a };