better-auth 1.2.6-beta.7 → 1.2.7-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/drizzle-adapter/index.cjs +186 -249
- package/dist/adapters/drizzle-adapter/index.d.cts +11 -49
- package/dist/adapters/drizzle-adapter/index.d.mts +11 -49
- package/dist/adapters/drizzle-adapter/index.d.ts +11 -49
- package/dist/adapters/drizzle-adapter/index.mjs +186 -249
- package/dist/adapters/index.cjs +26 -0
- package/dist/adapters/index.d.cts +17 -0
- package/dist/adapters/index.d.mts +17 -0
- package/dist/adapters/index.d.ts +17 -0
- package/dist/adapters/index.mjs +20 -0
- package/dist/adapters/kysely-adapter/index.cjs +7 -7
- package/dist/adapters/kysely-adapter/index.d.cts +17 -49
- package/dist/adapters/kysely-adapter/index.d.mts +17 -49
- package/dist/adapters/kysely-adapter/index.d.ts +17 -49
- package/dist/adapters/kysely-adapter/index.mjs +8 -8
- package/dist/adapters/memory-adapter/index.cjs +7 -8
- package/dist/adapters/memory-adapter/index.d.cts +9 -49
- package/dist/adapters/memory-adapter/index.d.mts +9 -49
- package/dist/adapters/memory-adapter/index.d.ts +9 -49
- package/dist/adapters/memory-adapter/index.mjs +8 -9
- package/dist/adapters/mongodb-adapter/index.cjs +2 -2
- package/dist/adapters/mongodb-adapter/index.d.cts +4 -4
- package/dist/adapters/mongodb-adapter/index.d.mts +4 -4
- package/dist/adapters/mongodb-adapter/index.d.ts +4 -4
- package/dist/adapters/mongodb-adapter/index.mjs +3 -3
- package/dist/adapters/prisma-adapter/index.cjs +130 -203
- package/dist/adapters/prisma-adapter/index.d.cts +17 -49
- package/dist/adapters/prisma-adapter/index.d.mts +17 -49
- package/dist/adapters/prisma-adapter/index.d.ts +17 -49
- package/dist/adapters/prisma-adapter/index.mjs +131 -204
- package/dist/adapters/test.cjs +710 -377
- package/dist/adapters/test.d.cts +64 -5
- package/dist/adapters/test.d.mts +64 -5
- package/dist/adapters/test.d.ts +64 -5
- package/dist/adapters/test.mjs +712 -380
- package/dist/api/index.cjs +61 -25
- package/dist/api/index.d.cts +3 -3
- package/dist/api/index.d.mts +3 -3
- package/dist/api/index.d.ts +3 -3
- package/dist/api/index.mjs +63 -27
- package/dist/client/index.d.cts +3 -3
- package/dist/client/index.d.mts +3 -3
- package/dist/client/index.d.ts +3 -3
- package/dist/client/plugins/index.cjs +13 -15
- package/dist/client/plugins/index.d.cts +80 -19
- package/dist/client/plugins/index.d.mts +80 -19
- package/dist/client/plugins/index.d.ts +80 -19
- package/dist/client/plugins/index.mjs +13 -16
- package/dist/client/react/index.cjs +4 -4
- package/dist/client/react/index.d.cts +3 -3
- package/dist/client/react/index.d.mts +3 -3
- package/dist/client/react/index.d.ts +3 -3
- package/dist/client/solid/index.d.cts +3 -3
- package/dist/client/solid/index.d.mts +3 -3
- package/dist/client/solid/index.d.ts +3 -3
- package/dist/client/svelte/index.d.cts +3 -3
- package/dist/client/svelte/index.d.mts +3 -3
- package/dist/client/svelte/index.d.ts +3 -3
- package/dist/client/vue/index.d.cts +3 -3
- package/dist/client/vue/index.d.mts +3 -3
- package/dist/client/vue/index.d.ts +3 -3
- package/dist/cookies/index.cjs +13 -2
- package/dist/cookies/index.d.cts +3 -3
- package/dist/cookies/index.d.mts +3 -3
- package/dist/cookies/index.d.ts +3 -3
- package/dist/cookies/index.mjs +13 -2
- package/dist/db/index.cjs +6 -5
- package/dist/db/index.d.cts +4 -4
- package/dist/db/index.d.mts +4 -4
- package/dist/db/index.d.ts +4 -4
- package/dist/db/index.mjs +7 -6
- package/dist/index.cjs +11 -7
- package/dist/index.d.cts +4 -4
- package/dist/index.d.mts +4 -4
- package/dist/index.d.ts +4 -4
- package/dist/index.mjs +14 -10
- package/dist/integrations/next-js.cjs +4 -5
- package/dist/integrations/next-js.d.cts +3 -3
- package/dist/integrations/next-js.d.mts +3 -3
- package/dist/integrations/next-js.d.ts +3 -3
- package/dist/integrations/next-js.mjs +5 -6
- package/dist/integrations/node.d.cts +3 -3
- package/dist/integrations/node.d.mts +3 -3
- package/dist/integrations/node.d.ts +3 -3
- package/dist/integrations/react-start.cjs +5 -6
- package/dist/integrations/react-start.d.cts +3 -3
- package/dist/integrations/react-start.d.mts +3 -3
- package/dist/integrations/react-start.d.ts +3 -3
- package/dist/integrations/react-start.mjs +6 -7
- package/dist/integrations/svelte-kit.d.cts +3 -3
- package/dist/integrations/svelte-kit.d.mts +3 -3
- package/dist/integrations/svelte-kit.d.ts +3 -3
- package/dist/oauth2/index.d.cts +5 -5
- package/dist/oauth2/index.d.mts +5 -5
- package/dist/oauth2/index.d.ts +5 -5
- package/dist/plugins/access/index.d.cts +1 -1
- package/dist/plugins/access/index.d.mts +1 -1
- package/dist/plugins/access/index.d.ts +1 -1
- package/dist/plugins/admin/access/index.d.cts +1 -1
- package/dist/plugins/admin/access/index.d.mts +1 -1
- package/dist/plugins/admin/access/index.d.ts +1 -1
- package/dist/plugins/admin/index.cjs +4 -4
- package/dist/plugins/admin/index.d.cts +74 -14
- package/dist/plugins/admin/index.d.mts +74 -14
- package/dist/plugins/admin/index.d.ts +74 -14
- package/dist/plugins/admin/index.mjs +5 -5
- package/dist/plugins/anonymous/index.cjs +4 -5
- package/dist/plugins/anonymous/index.d.cts +3 -3
- package/dist/plugins/anonymous/index.d.mts +3 -3
- package/dist/plugins/anonymous/index.d.ts +3 -3
- package/dist/plugins/anonymous/index.mjs +5 -6
- package/dist/plugins/bearer/index.cjs +2 -2
- package/dist/plugins/bearer/index.d.cts +3 -3
- package/dist/plugins/bearer/index.d.mts +3 -3
- package/dist/plugins/bearer/index.d.ts +3 -3
- package/dist/plugins/bearer/index.mjs +3 -3
- package/dist/plugins/captcha/index.cjs +110 -45
- package/dist/plugins/captcha/index.d.cts +26 -6
- package/dist/plugins/captcha/index.d.mts +26 -6
- package/dist/plugins/captcha/index.d.ts +26 -6
- package/dist/plugins/captcha/index.mjs +110 -45
- package/dist/plugins/custom-session/index.cjs +24 -5
- package/dist/plugins/custom-session/index.d.cts +25 -6
- package/dist/plugins/custom-session/index.d.mts +25 -6
- package/dist/plugins/custom-session/index.d.ts +25 -6
- package/dist/plugins/custom-session/index.mjs +25 -6
- package/dist/plugins/email-otp/index.cjs +96 -30
- package/dist/plugins/email-otp/index.d.cts +33 -10
- package/dist/plugins/email-otp/index.d.mts +33 -10
- package/dist/plugins/email-otp/index.d.ts +33 -10
- package/dist/plugins/email-otp/index.mjs +97 -31
- package/dist/plugins/generic-oauth/index.cjs +81 -20
- package/dist/plugins/generic-oauth/index.d.cts +46 -3
- package/dist/plugins/generic-oauth/index.d.mts +46 -3
- package/dist/plugins/generic-oauth/index.d.ts +46 -3
- package/dist/plugins/generic-oauth/index.mjs +82 -21
- package/dist/plugins/haveibeenpwned/index.cjs +98 -0
- package/dist/plugins/haveibeenpwned/index.d.cts +36 -0
- package/dist/plugins/haveibeenpwned/index.d.mts +36 -0
- package/dist/plugins/haveibeenpwned/index.d.ts +36 -0
- package/dist/plugins/haveibeenpwned/index.mjs +96 -0
- package/dist/plugins/index.cjs +583 -19
- package/dist/plugins/index.d.cts +7 -5
- package/dist/plugins/index.d.mts +7 -5
- package/dist/plugins/index.d.ts +7 -5
- package/dist/plugins/index.mjs +583 -21
- package/dist/plugins/jwt/index.cjs +45 -21
- package/dist/plugins/jwt/index.d.cts +52 -6
- package/dist/plugins/jwt/index.d.mts +52 -6
- package/dist/plugins/jwt/index.d.ts +52 -6
- package/dist/plugins/jwt/index.mjs +46 -22
- package/dist/plugins/magic-link/index.cjs +3 -3
- package/dist/plugins/magic-link/index.mjs +4 -4
- package/dist/plugins/multi-session/index.cjs +3 -3
- package/dist/plugins/multi-session/index.d.cts +3 -3
- package/dist/plugins/multi-session/index.d.mts +3 -3
- package/dist/plugins/multi-session/index.d.ts +3 -3
- package/dist/plugins/multi-session/index.mjs +4 -4
- package/dist/plugins/oauth-proxy/index.cjs +4 -4
- package/dist/plugins/oauth-proxy/index.d.cts +3 -3
- package/dist/plugins/oauth-proxy/index.d.mts +3 -3
- package/dist/plugins/oauth-proxy/index.d.ts +3 -3
- package/dist/plugins/oauth-proxy/index.mjs +5 -5
- package/dist/plugins/oidc-provider/index.cjs +227 -8
- package/dist/plugins/oidc-provider/index.d.cts +215 -3
- package/dist/plugins/oidc-provider/index.d.mts +215 -3
- package/dist/plugins/oidc-provider/index.d.ts +215 -3
- package/dist/plugins/oidc-provider/index.mjs +228 -9
- package/dist/plugins/one-tap/index.cjs +5 -5
- package/dist/plugins/one-tap/index.mjs +6 -6
- package/dist/plugins/one-time-token/index.cjs +119 -0
- package/dist/plugins/one-time-token/index.d.cts +134 -0
- package/dist/plugins/one-time-token/index.d.mts +134 -0
- package/dist/plugins/one-time-token/index.d.ts +134 -0
- package/dist/plugins/one-time-token/index.mjs +117 -0
- package/dist/plugins/open-api/index.cjs +3 -3
- package/dist/plugins/open-api/index.d.cts +3 -3
- package/dist/plugins/open-api/index.d.mts +3 -3
- package/dist/plugins/open-api/index.d.ts +3 -3
- package/dist/plugins/open-api/index.mjs +4 -4
- package/dist/plugins/organization/access/index.d.cts +1 -1
- package/dist/plugins/organization/access/index.d.mts +1 -1
- package/dist/plugins/organization/access/index.d.ts +1 -1
- package/dist/plugins/organization/index.cjs +4 -4
- package/dist/plugins/organization/index.d.cts +708 -55
- package/dist/plugins/organization/index.d.mts +708 -55
- package/dist/plugins/organization/index.d.ts +708 -55
- package/dist/plugins/organization/index.mjs +5 -5
- package/dist/plugins/passkey/index.cjs +82 -8
- package/dist/plugins/passkey/index.d.cts +72 -3
- package/dist/plugins/passkey/index.d.mts +72 -3
- package/dist/plugins/passkey/index.d.ts +72 -3
- package/dist/plugins/passkey/index.mjs +83 -9
- package/dist/plugins/phone-number/index.cjs +194 -26
- package/dist/plugins/phone-number/index.d.cts +132 -8
- package/dist/plugins/phone-number/index.d.mts +132 -8
- package/dist/plugins/phone-number/index.d.ts +132 -8
- package/dist/plugins/phone-number/index.mjs +195 -27
- package/dist/plugins/sso/index.cjs +190 -7
- package/dist/plugins/sso/index.d.cts +181 -15
- package/dist/plugins/sso/index.d.mts +181 -15
- package/dist/plugins/sso/index.d.ts +181 -15
- package/dist/plugins/sso/index.mjs +191 -8
- package/dist/plugins/two-factor/index.cjs +443 -92
- package/dist/plugins/two-factor/index.d.cts +230 -396
- package/dist/plugins/two-factor/index.d.mts +230 -396
- package/dist/plugins/two-factor/index.d.ts +230 -396
- package/dist/plugins/two-factor/index.mjs +431 -80
- package/dist/plugins/username/index.cjs +34 -31
- package/dist/plugins/username/index.d.cts +15 -12
- package/dist/plugins/username/index.d.mts +15 -12
- package/dist/plugins/username/index.d.ts +15 -12
- package/dist/plugins/username/index.mjs +35 -32
- package/dist/shared/better-auth.1DR6suCQ.mjs +307 -0
- package/dist/shared/{better-auth.BSsp73pg.cjs → better-auth.B7cZ2juS.cjs} +15 -14
- package/dist/shared/{better-auth.bKwabe3I.d.mts → better-auth.B88xucNq.d.mts} +529 -39
- package/dist/shared/{better-auth.CApEjVDP.cjs → better-auth.BW8BpneG.cjs} +4 -1
- package/dist/shared/{better-auth.BiQsvaIP.d.cts → better-auth.BcU1Kjyq.d.cts} +2051 -518
- package/dist/shared/better-auth.BfG24BjZ.cjs +118 -0
- package/dist/shared/{better-auth.A3TjrU8G.mjs → better-auth.Bk5IMdhM.mjs} +32 -12
- package/dist/shared/{better-auth.D9VnBkRI.mjs → better-auth.Bm9HxIzE.mjs} +47 -24
- package/dist/shared/{better-auth.BRf6Iynu.d.ts → better-auth.Bwc-6kOr.d.ts} +1 -1
- package/dist/shared/{better-auth.D-oLmHIj.d.mts → better-auth.CA2hFK4N.d.ts} +2051 -518
- package/dist/shared/{better-auth.Dmhe30iW.d.mts → better-auth.CGukGrxT.d.cts} +1 -1
- package/dist/shared/{better-auth.CsSpq0zL.cjs → better-auth.CHUzBidy.cjs} +46 -23
- package/dist/shared/{better-auth.DWRligF8.d.cts → better-auth.CT9J6rD-.d.cts} +539 -7
- package/dist/shared/better-auth.CVCo5Z2T.cjs +310 -0
- package/dist/shared/{better-auth.D4jH-sJA.mjs → better-auth.CWwVo_61.mjs} +458 -118
- package/dist/shared/{better-auth.Bi8FQwDD.d.cts → better-auth.CYegVoq1.d.cts} +1 -1
- package/dist/shared/{better-auth.Bi8FQwDD.d.mts → better-auth.CYegVoq1.d.mts} +1 -1
- package/dist/shared/{better-auth.Bi8FQwDD.d.ts → better-auth.CYegVoq1.d.ts} +1 -1
- package/dist/shared/{better-auth.CepcSj5H.mjs → better-auth.Cc72UxUH.mjs} +1 -2
- package/dist/shared/{better-auth.BWp5dztg.d.ts → better-auth.CmN4mlPh.d.ts} +539 -7
- package/dist/shared/{better-auth.DH3YjMQH.mjs → better-auth.Cqykj82J.mjs} +1 -1
- package/dist/shared/{better-auth.wcdMj2cT.d.mts → better-auth.DIt2e3lu.d.mts} +539 -7
- package/dist/shared/{better-auth.BANAxdkL.d.ts → better-auth.DNTAFSt1.d.ts} +529 -39
- package/dist/shared/{better-auth.DU2QNVc_.d.ts → better-auth.DQ7OSJbI.d.mts} +2051 -518
- package/dist/shared/{better-auth.DLTzKoOS.cjs → better-auth.DSVbLSt7.cjs} +4 -1
- package/dist/shared/{better-auth.B2Fw1vhH.d.cts → better-auth.DTiSPWEk.d.cts} +529 -39
- package/dist/shared/better-auth.DURsStt9.mjs +116 -0
- package/dist/shared/{better-auth.BIjcZ_vt.cjs → better-auth.DYoLD99C.cjs} +31 -11
- package/dist/shared/{better-auth.CV1L7TPV.cjs → better-auth.D_ZIX1O8.cjs} +317 -47
- package/dist/shared/{better-auth.C5H9XEzZ.cjs → better-auth.DcWKCjjf.cjs} +1 -2
- package/dist/shared/{better-auth.BDYXUcLv.cjs → better-auth.Dg0siV5C.cjs} +457 -117
- package/dist/shared/better-auth.DjryM8pE.cjs +760 -0
- package/dist/shared/{better-auth.DPBQN9Fs.mjs → better-auth.Dn_Ms1Uf.mjs} +318 -48
- package/dist/shared/{better-auth.DiG4KL2x.mjs → better-auth.OuYYTHC7.mjs} +4 -1
- package/dist/shared/{better-auth.DtC8i3pf.d.cts → better-auth.S1jimRbX.d.mts} +1 -1
- package/dist/shared/better-auth.SPmq4a4z.d.mts +344 -0
- package/dist/shared/{better-auth.cOCrlspr.mjs → better-auth.bkwPl2G4.mjs} +4 -1
- package/dist/shared/better-auth.cp2rC2iM.d.ts +344 -0
- package/dist/shared/better-auth.eVy4DZvP.d.cts +344 -0
- package/dist/shared/{better-auth.BrOpzmqo.mjs → better-auth.iKoUsdFE.mjs} +15 -14
- package/dist/shared/better-auth.rSYJCd3o.mjs +758 -0
- package/dist/social-providers/index.cjs +75 -3
- package/dist/social-providers/index.d.cts +2 -2
- package/dist/social-providers/index.d.mts +2 -2
- package/dist/social-providers/index.d.ts +2 -2
- package/dist/social-providers/index.mjs +77 -6
- package/dist/types/index.d.cts +4 -4
- package/dist/types/index.d.mts +4 -4
- package/dist/types/index.d.ts +4 -4
- package/package.json +42 -5
- package/dist/chunks/server.cjs +0 -905
- package/dist/chunks/server.mjs +0 -895
- package/dist/shared/better-auth.BcoSd9tC.mjs +0 -10
- package/dist/shared/better-auth.BnRFp-t0.mjs +0 -405
- package/dist/shared/better-auth.C1-vpKly.cjs +0 -12
- package/dist/shared/better-auth.ClTSOgiD.mjs +0 -140
- package/dist/shared/better-auth.DC8JQbiE.mjs +0 -173
- package/dist/shared/better-auth.DWHWPllD.cjs +0 -175
- package/dist/shared/better-auth.DqLjzBlO.cjs +0 -408
- package/dist/shared/better-auth.m575EIBC.cjs +0 -144
|
@@ -4,7 +4,8 @@ import { createMiddleware, createEndpoint, APIError } from 'better-call';
|
|
|
4
4
|
import { SocialProviderListEnum, socialProviderList } from '../social-providers/index.mjs';
|
|
5
5
|
import '@better-auth/utils/random';
|
|
6
6
|
import { g as generateState, p as parseState } from './better-auth.BdyOG_p4.mjs';
|
|
7
|
-
import {
|
|
7
|
+
import { l as logger } from './better-auth.Cqykj82J.mjs';
|
|
8
|
+
import { s as safeJSONParse } from './better-auth.tB5eU6EY.mjs';
|
|
8
9
|
import { g as getDate } from './better-auth.CW6D9eSx.mjs';
|
|
9
10
|
import { g as generateId } from './better-auth.BUPPRXfK.mjs';
|
|
10
11
|
import '@better-auth/utils/hash';
|
|
@@ -18,7 +19,7 @@ import '@better-auth/utils';
|
|
|
18
19
|
import '@better-auth/utils/hex';
|
|
19
20
|
import '@noble/hashes/utils';
|
|
20
21
|
import { g as generateRandomString } from './better-auth.B4Qoxdgc.mjs';
|
|
21
|
-
import { f as parseUserInput } from './better-auth.
|
|
22
|
+
import { f as parseUserInput } from './better-auth.Cc72UxUH.mjs';
|
|
22
23
|
import { b as isDevelopment } from './better-auth.8zoxzg-F.mjs';
|
|
23
24
|
import { createHMAC } from '@better-auth/utils/hmac';
|
|
24
25
|
import '@better-fetch/fetch';
|
|
@@ -26,7 +27,6 @@ import 'defu';
|
|
|
26
27
|
import { s as signJWT } from './better-auth.DDEbWX-S.mjs';
|
|
27
28
|
import { b as getHost, c as getProtocol, g as getOrigin } from './better-auth.VTXNLFMT.mjs';
|
|
28
29
|
import { JWTExpired } from 'jose/errors';
|
|
29
|
-
import { s as safeJSONParse } from './better-auth.tB5eU6EY.mjs';
|
|
30
30
|
import { binary } from '@better-auth/utils/binary';
|
|
31
31
|
|
|
32
32
|
const optionsMiddleware = createMiddleware(async () => {
|
|
@@ -321,14 +321,13 @@ const getSession = () => createAuthEndpoint(
|
|
|
321
321
|
type: "object",
|
|
322
322
|
properties: {
|
|
323
323
|
session: {
|
|
324
|
-
type: "object",
|
|
325
324
|
$ref: "#/components/schemas/Session"
|
|
326
325
|
},
|
|
327
326
|
user: {
|
|
328
|
-
type: "object",
|
|
329
327
|
$ref: "#/components/schemas/User"
|
|
330
328
|
}
|
|
331
|
-
}
|
|
329
|
+
},
|
|
330
|
+
required: ["session", "user"]
|
|
332
331
|
}
|
|
333
332
|
}
|
|
334
333
|
}
|
|
@@ -404,7 +403,7 @@ const getSession = () => createAuthEndpoint(
|
|
|
404
403
|
const updateAge = ctx.context.sessionConfig.updateAge;
|
|
405
404
|
const sessionIsDueToBeUpdatedDate = session.session.expiresAt.valueOf() - expiresIn * 1e3 + updateAge * 1e3;
|
|
406
405
|
const shouldBeUpdated = sessionIsDueToBeUpdatedDate <= Date.now();
|
|
407
|
-
if (shouldBeUpdated) {
|
|
406
|
+
if (shouldBeUpdated && (!ctx.query?.disableRefresh || !ctx.context.options.session?.disableSessionRefresh)) {
|
|
408
407
|
const updatedSession = await ctx.context.internalAdapter.updateSession(
|
|
409
408
|
session.session.token,
|
|
410
409
|
{
|
|
@@ -521,18 +520,7 @@ const listSessions = () => createAuthEndpoint(
|
|
|
521
520
|
schema: {
|
|
522
521
|
type: "array",
|
|
523
522
|
items: {
|
|
524
|
-
|
|
525
|
-
properties: {
|
|
526
|
-
token: {
|
|
527
|
-
type: "string"
|
|
528
|
-
},
|
|
529
|
-
userId: {
|
|
530
|
-
type: "string"
|
|
531
|
-
},
|
|
532
|
-
expiresAt: {
|
|
533
|
-
type: "string"
|
|
534
|
-
}
|
|
535
|
-
}
|
|
523
|
+
$ref: "#/components/schemas/Session"
|
|
536
524
|
}
|
|
537
525
|
}
|
|
538
526
|
}
|
|
@@ -580,13 +568,33 @@ const revokeSession = createAuthEndpoint(
|
|
|
580
568
|
type: "object",
|
|
581
569
|
properties: {
|
|
582
570
|
token: {
|
|
583
|
-
type: "string"
|
|
571
|
+
type: "string",
|
|
572
|
+
description: "The token to revoke"
|
|
584
573
|
}
|
|
585
574
|
},
|
|
586
575
|
required: ["token"]
|
|
587
576
|
}
|
|
588
577
|
}
|
|
589
578
|
}
|
|
579
|
+
},
|
|
580
|
+
responses: {
|
|
581
|
+
"200": {
|
|
582
|
+
description: "Success",
|
|
583
|
+
content: {
|
|
584
|
+
"application/json": {
|
|
585
|
+
schema: {
|
|
586
|
+
type: "object",
|
|
587
|
+
properties: {
|
|
588
|
+
status: {
|
|
589
|
+
type: "boolean",
|
|
590
|
+
description: "Indicates if the session was revoked successfully"
|
|
591
|
+
}
|
|
592
|
+
},
|
|
593
|
+
required: ["status"]
|
|
594
|
+
}
|
|
595
|
+
}
|
|
596
|
+
}
|
|
597
|
+
}
|
|
590
598
|
}
|
|
591
599
|
}
|
|
592
600
|
}
|
|
@@ -634,7 +642,8 @@ const revokeSessions = createAuthEndpoint(
|
|
|
634
642
|
type: "object",
|
|
635
643
|
properties: {
|
|
636
644
|
status: {
|
|
637
|
-
type: "boolean"
|
|
645
|
+
type: "boolean",
|
|
646
|
+
description: "Indicates if all sessions were revoked successfully"
|
|
638
647
|
}
|
|
639
648
|
},
|
|
640
649
|
required: ["status"]
|
|
@@ -681,9 +690,11 @@ const revokeOtherSessions = createAuthEndpoint(
|
|
|
681
690
|
type: "object",
|
|
682
691
|
properties: {
|
|
683
692
|
status: {
|
|
684
|
-
type: "boolean"
|
|
693
|
+
type: "boolean",
|
|
694
|
+
description: "Indicates if all other sessions were revoked successfully"
|
|
685
695
|
}
|
|
686
|
-
}
|
|
696
|
+
},
|
|
697
|
+
required: ["status"]
|
|
687
698
|
}
|
|
688
699
|
}
|
|
689
700
|
}
|
|
@@ -774,11 +785,14 @@ const sendVerificationEmail = createAuthEndpoint(
|
|
|
774
785
|
properties: {
|
|
775
786
|
email: {
|
|
776
787
|
type: "string",
|
|
777
|
-
description: "The email to send the verification email to"
|
|
788
|
+
description: "The email to send the verification email to",
|
|
789
|
+
example: "user@example.com"
|
|
778
790
|
},
|
|
779
791
|
callbackURL: {
|
|
780
792
|
type: "string",
|
|
781
|
-
description: "The URL to use for email verification callback"
|
|
793
|
+
description: "The URL to use for email verification callback",
|
|
794
|
+
example: "https://example.com/callback",
|
|
795
|
+
nullable: true
|
|
782
796
|
}
|
|
783
797
|
},
|
|
784
798
|
required: ["email"]
|
|
@@ -795,7 +809,26 @@ const sendVerificationEmail = createAuthEndpoint(
|
|
|
795
809
|
type: "object",
|
|
796
810
|
properties: {
|
|
797
811
|
status: {
|
|
798
|
-
type: "boolean"
|
|
812
|
+
type: "boolean",
|
|
813
|
+
description: "Indicates if the email was sent successfully",
|
|
814
|
+
example: true
|
|
815
|
+
}
|
|
816
|
+
}
|
|
817
|
+
}
|
|
818
|
+
}
|
|
819
|
+
}
|
|
820
|
+
},
|
|
821
|
+
"400": {
|
|
822
|
+
description: "Bad Request",
|
|
823
|
+
content: {
|
|
824
|
+
"application/json": {
|
|
825
|
+
schema: {
|
|
826
|
+
type: "object",
|
|
827
|
+
properties: {
|
|
828
|
+
message: {
|
|
829
|
+
type: "string",
|
|
830
|
+
description: "Error message",
|
|
831
|
+
example: "Verification email isn't enabled"
|
|
799
832
|
}
|
|
800
833
|
}
|
|
801
834
|
}
|
|
@@ -842,6 +875,26 @@ const verifyEmail = createAuthEndpoint(
|
|
|
842
875
|
metadata: {
|
|
843
876
|
openapi: {
|
|
844
877
|
description: "Verify the email of the user",
|
|
878
|
+
parameters: [
|
|
879
|
+
{
|
|
880
|
+
name: "token",
|
|
881
|
+
in: "query",
|
|
882
|
+
description: "The token to verify the email",
|
|
883
|
+
required: true,
|
|
884
|
+
schema: {
|
|
885
|
+
type: "string"
|
|
886
|
+
}
|
|
887
|
+
},
|
|
888
|
+
{
|
|
889
|
+
name: "callbackURL",
|
|
890
|
+
in: "query",
|
|
891
|
+
description: "The URL to redirect to after email verification",
|
|
892
|
+
required: false,
|
|
893
|
+
schema: {
|
|
894
|
+
type: "string"
|
|
895
|
+
}
|
|
896
|
+
}
|
|
897
|
+
],
|
|
845
898
|
responses: {
|
|
846
899
|
"200": {
|
|
847
900
|
description: "Success",
|
|
@@ -852,13 +905,52 @@ const verifyEmail = createAuthEndpoint(
|
|
|
852
905
|
properties: {
|
|
853
906
|
user: {
|
|
854
907
|
type: "object",
|
|
855
|
-
|
|
908
|
+
properties: {
|
|
909
|
+
id: {
|
|
910
|
+
type: "string",
|
|
911
|
+
description: "User ID"
|
|
912
|
+
},
|
|
913
|
+
email: {
|
|
914
|
+
type: "string",
|
|
915
|
+
description: "User email"
|
|
916
|
+
},
|
|
917
|
+
name: {
|
|
918
|
+
type: "string",
|
|
919
|
+
description: "User name"
|
|
920
|
+
},
|
|
921
|
+
image: {
|
|
922
|
+
type: "string",
|
|
923
|
+
description: "User image URL"
|
|
924
|
+
},
|
|
925
|
+
emailVerified: {
|
|
926
|
+
type: "boolean",
|
|
927
|
+
description: "Indicates if the user email is verified"
|
|
928
|
+
},
|
|
929
|
+
createdAt: {
|
|
930
|
+
type: "string",
|
|
931
|
+
description: "User creation date"
|
|
932
|
+
},
|
|
933
|
+
updatedAt: {
|
|
934
|
+
type: "string",
|
|
935
|
+
description: "User update date"
|
|
936
|
+
}
|
|
937
|
+
},
|
|
938
|
+
required: [
|
|
939
|
+
"id",
|
|
940
|
+
"email",
|
|
941
|
+
"name",
|
|
942
|
+
"image",
|
|
943
|
+
"emailVerified",
|
|
944
|
+
"createdAt",
|
|
945
|
+
"updatedAt"
|
|
946
|
+
]
|
|
856
947
|
},
|
|
857
948
|
status: {
|
|
858
|
-
type: "boolean"
|
|
859
|
-
|
|
860
|
-
|
|
861
|
-
|
|
949
|
+
type: "boolean",
|
|
950
|
+
description: "Indicates if the email was verified successfully"
|
|
951
|
+
},
|
|
952
|
+
required: ["user", "status"]
|
|
953
|
+
}
|
|
862
954
|
}
|
|
863
955
|
}
|
|
864
956
|
}
|
|
@@ -980,7 +1072,7 @@ const verifyEmail = createAuthEndpoint(
|
|
|
980
1072
|
if (!currentSession || currentSession.user.email !== parsed.email) {
|
|
981
1073
|
const session = await ctx.context.internalAdapter.createSession(
|
|
982
1074
|
user.user.id,
|
|
983
|
-
ctx.
|
|
1075
|
+
ctx.headers
|
|
984
1076
|
);
|
|
985
1077
|
if (!session) {
|
|
986
1078
|
throw new APIError("INTERNAL_SERVER_ERROR", {
|
|
@@ -1018,7 +1110,8 @@ async function handleOAuthUserInfo(c, {
|
|
|
1018
1110
|
userInfo,
|
|
1019
1111
|
account,
|
|
1020
1112
|
callbackURL,
|
|
1021
|
-
disableSignUp
|
|
1113
|
+
disableSignUp,
|
|
1114
|
+
overrideUserInfo
|
|
1022
1115
|
}) {
|
|
1023
1116
|
const dbUser = await c.context.internalAdapter.findOAuthUser(
|
|
1024
1117
|
userInfo.email.toLowerCase(),
|
|
@@ -1096,6 +1189,13 @@ async function handleOAuthUserInfo(c, {
|
|
|
1096
1189
|
);
|
|
1097
1190
|
}
|
|
1098
1191
|
}
|
|
1192
|
+
if (overrideUserInfo) {
|
|
1193
|
+
await c.context.internalAdapter.updateUser(dbUser.user.id, {
|
|
1194
|
+
...userInfo,
|
|
1195
|
+
email: userInfo.email.toLowerCase(),
|
|
1196
|
+
emailVerified: userInfo.email.toLocaleLowerCase() === dbUser.user.email ? dbUser.user.emailVerified || userInfo.emailVerified : userInfo.emailVerified
|
|
1197
|
+
});
|
|
1198
|
+
}
|
|
1099
1199
|
} else {
|
|
1100
1200
|
if (disableSignUp) {
|
|
1101
1201
|
return {
|
|
@@ -1105,11 +1205,11 @@ async function handleOAuthUserInfo(c, {
|
|
|
1105
1205
|
};
|
|
1106
1206
|
}
|
|
1107
1207
|
try {
|
|
1208
|
+
const { id: _, ...restUserInfo } = userInfo;
|
|
1108
1209
|
user = await c.context.internalAdapter.createOAuthUser(
|
|
1109
1210
|
{
|
|
1110
|
-
...
|
|
1111
|
-
email: userInfo.email.toLowerCase()
|
|
1112
|
-
id: void 0
|
|
1211
|
+
...restUserInfo,
|
|
1212
|
+
email: userInfo.email.toLowerCase()
|
|
1113
1213
|
},
|
|
1114
1214
|
{
|
|
1115
1215
|
accessToken: account.accessToken,
|
|
@@ -1165,7 +1265,7 @@ async function handleOAuthUserInfo(c, {
|
|
|
1165
1265
|
}
|
|
1166
1266
|
const session = await c.context.internalAdapter.createSession(
|
|
1167
1267
|
user.id,
|
|
1168
|
-
c.
|
|
1268
|
+
c.headers
|
|
1169
1269
|
);
|
|
1170
1270
|
if (!session) {
|
|
1171
1271
|
return {
|
|
@@ -1295,29 +1395,64 @@ const signInSocial = createAuthEndpoint(
|
|
|
1295
1395
|
metadata: {
|
|
1296
1396
|
openapi: {
|
|
1297
1397
|
description: "Sign in with a social provider",
|
|
1398
|
+
operationId: "socialSignIn",
|
|
1298
1399
|
responses: {
|
|
1299
1400
|
"200": {
|
|
1300
|
-
description: "Success",
|
|
1401
|
+
description: "Success - Returns either session details or redirect URL",
|
|
1301
1402
|
content: {
|
|
1302
1403
|
"application/json": {
|
|
1303
1404
|
schema: {
|
|
1405
|
+
// todo: we need support for multiple schema
|
|
1304
1406
|
type: "object",
|
|
1407
|
+
description: "Session response when idToken is provided",
|
|
1305
1408
|
properties: {
|
|
1306
|
-
|
|
1307
|
-
type: "
|
|
1308
|
-
|
|
1309
|
-
user: {
|
|
1310
|
-
type: "object",
|
|
1311
|
-
ref: "#/components/schemas/User"
|
|
1409
|
+
redirect: {
|
|
1410
|
+
type: "boolean",
|
|
1411
|
+
enum: [false]
|
|
1312
1412
|
},
|
|
1313
|
-
|
|
1314
|
-
type: "string"
|
|
1413
|
+
token: {
|
|
1414
|
+
type: "string",
|
|
1415
|
+
description: "Session token",
|
|
1416
|
+
url: {
|
|
1417
|
+
type: "null",
|
|
1418
|
+
nullable: true
|
|
1419
|
+
},
|
|
1420
|
+
user: {
|
|
1421
|
+
type: "object",
|
|
1422
|
+
properties: {
|
|
1423
|
+
id: { type: "string" },
|
|
1424
|
+
email: { type: "string" },
|
|
1425
|
+
name: {
|
|
1426
|
+
type: "string",
|
|
1427
|
+
nullable: true
|
|
1428
|
+
},
|
|
1429
|
+
image: {
|
|
1430
|
+
type: "string",
|
|
1431
|
+
nullable: true
|
|
1432
|
+
},
|
|
1433
|
+
emailVerified: {
|
|
1434
|
+
type: "boolean"
|
|
1435
|
+
},
|
|
1436
|
+
createdAt: {
|
|
1437
|
+
type: "string",
|
|
1438
|
+
format: "date-time"
|
|
1439
|
+
},
|
|
1440
|
+
updatedAt: {
|
|
1441
|
+
type: "string",
|
|
1442
|
+
format: "date-time"
|
|
1443
|
+
}
|
|
1444
|
+
},
|
|
1445
|
+
required: [
|
|
1446
|
+
"id",
|
|
1447
|
+
"email",
|
|
1448
|
+
"emailVerified",
|
|
1449
|
+
"createdAt",
|
|
1450
|
+
"updatedAt"
|
|
1451
|
+
]
|
|
1452
|
+
}
|
|
1315
1453
|
},
|
|
1316
|
-
|
|
1317
|
-
|
|
1318
|
-
}
|
|
1319
|
-
},
|
|
1320
|
-
required: ["redirect"]
|
|
1454
|
+
required: ["redirect", "token", "user"]
|
|
1455
|
+
}
|
|
1321
1456
|
}
|
|
1322
1457
|
}
|
|
1323
1458
|
}
|
|
@@ -1376,7 +1511,14 @@ const signInSocial = createAuthEndpoint(
|
|
|
1376
1511
|
message: BASE_ERROR_CODES.FAILED_TO_GET_USER_INFO
|
|
1377
1512
|
});
|
|
1378
1513
|
}
|
|
1379
|
-
|
|
1514
|
+
const mapProfileToUser = await provider.options?.mapProfileToUser?.(
|
|
1515
|
+
userInfo.user
|
|
1516
|
+
);
|
|
1517
|
+
const userData = {
|
|
1518
|
+
...userInfo.user,
|
|
1519
|
+
...mapProfileToUser
|
|
1520
|
+
};
|
|
1521
|
+
if (!userData.email) {
|
|
1380
1522
|
c.context.logger.error("User email not found", {
|
|
1381
1523
|
provider: c.body.provider
|
|
1382
1524
|
});
|
|
@@ -1386,11 +1528,12 @@ const signInSocial = createAuthEndpoint(
|
|
|
1386
1528
|
}
|
|
1387
1529
|
const data = await handleOAuthUserInfo(c, {
|
|
1388
1530
|
userInfo: {
|
|
1389
|
-
|
|
1390
|
-
|
|
1391
|
-
|
|
1392
|
-
|
|
1393
|
-
|
|
1531
|
+
...userData,
|
|
1532
|
+
email: userData.email,
|
|
1533
|
+
id: userData.id,
|
|
1534
|
+
name: userData.name || "",
|
|
1535
|
+
image: userData.image,
|
|
1536
|
+
emailVerified: userData.emailVerified || false
|
|
1394
1537
|
},
|
|
1395
1538
|
account: {
|
|
1396
1539
|
providerId: provider.id,
|
|
@@ -1471,27 +1614,61 @@ const signInEmail = createAuthEndpoint(
|
|
|
1471
1614
|
description: "Sign in with email and password",
|
|
1472
1615
|
responses: {
|
|
1473
1616
|
"200": {
|
|
1474
|
-
description: "Success",
|
|
1617
|
+
description: "Success - Returns either session details or redirect URL",
|
|
1475
1618
|
content: {
|
|
1476
1619
|
"application/json": {
|
|
1477
1620
|
schema: {
|
|
1621
|
+
// todo: we need support for multiple schema
|
|
1478
1622
|
type: "object",
|
|
1623
|
+
description: "Session response when idToken is provided",
|
|
1479
1624
|
properties: {
|
|
1480
|
-
|
|
1481
|
-
type: "
|
|
1625
|
+
redirect: {
|
|
1626
|
+
type: "boolean",
|
|
1627
|
+
enum: [false]
|
|
1482
1628
|
},
|
|
1483
|
-
|
|
1484
|
-
type: "
|
|
1485
|
-
|
|
1629
|
+
token: {
|
|
1630
|
+
type: "string",
|
|
1631
|
+
description: "Session token"
|
|
1486
1632
|
},
|
|
1487
1633
|
url: {
|
|
1488
|
-
type: "
|
|
1634
|
+
type: "null",
|
|
1635
|
+
nullable: true
|
|
1489
1636
|
},
|
|
1490
|
-
|
|
1491
|
-
type: "
|
|
1637
|
+
user: {
|
|
1638
|
+
type: "object",
|
|
1639
|
+
properties: {
|
|
1640
|
+
id: { type: "string" },
|
|
1641
|
+
email: { type: "string" },
|
|
1642
|
+
name: {
|
|
1643
|
+
type: "string",
|
|
1644
|
+
nullable: true
|
|
1645
|
+
},
|
|
1646
|
+
image: {
|
|
1647
|
+
type: "string",
|
|
1648
|
+
nullable: true
|
|
1649
|
+
},
|
|
1650
|
+
emailVerified: {
|
|
1651
|
+
type: "boolean"
|
|
1652
|
+
},
|
|
1653
|
+
createdAt: {
|
|
1654
|
+
type: "string",
|
|
1655
|
+
format: "date-time"
|
|
1656
|
+
},
|
|
1657
|
+
updatedAt: {
|
|
1658
|
+
type: "string",
|
|
1659
|
+
format: "date-time"
|
|
1660
|
+
}
|
|
1661
|
+
},
|
|
1662
|
+
required: [
|
|
1663
|
+
"id",
|
|
1664
|
+
"email",
|
|
1665
|
+
"emailVerified",
|
|
1666
|
+
"createdAt",
|
|
1667
|
+
"updatedAt"
|
|
1668
|
+
]
|
|
1492
1669
|
}
|
|
1493
1670
|
},
|
|
1494
|
-
required: ["
|
|
1671
|
+
required: ["redirect", "token", "user"]
|
|
1495
1672
|
}
|
|
1496
1673
|
}
|
|
1497
1674
|
}
|
|
@@ -1618,7 +1795,8 @@ const schema = z.object({
|
|
|
1618
1795
|
error: z.string().optional(),
|
|
1619
1796
|
device_id: z.string().optional(),
|
|
1620
1797
|
error_description: z.string().optional(),
|
|
1621
|
-
state: z.string().optional()
|
|
1798
|
+
state: z.string().optional(),
|
|
1799
|
+
user: z.string().optional()
|
|
1622
1800
|
});
|
|
1623
1801
|
const callbackOAuth = createAuthEndpoint(
|
|
1624
1802
|
"/callback/:id",
|
|
@@ -1697,7 +1875,10 @@ const callbackOAuth = createAuthEndpoint(
|
|
|
1697
1875
|
c.context.logger.error("", e);
|
|
1698
1876
|
throw redirectOnError("invalid_code");
|
|
1699
1877
|
}
|
|
1700
|
-
const userInfo = await provider.getUserInfo(
|
|
1878
|
+
const userInfo = await provider.getUserInfo({
|
|
1879
|
+
...tokens,
|
|
1880
|
+
user: c.body?.user ? safeJSONParse(c.body.user) : void 0
|
|
1881
|
+
}).then((res) => res?.user);
|
|
1701
1882
|
if (!userInfo) {
|
|
1702
1883
|
c.context.logger.error("Unable to get user info");
|
|
1703
1884
|
return redirectOnError("unable_to_get_user_info");
|
|
@@ -1720,19 +1901,34 @@ const callbackOAuth = createAuthEndpoint(
|
|
|
1720
1901
|
if (existingAccount.userId.toString() !== link.userId.toString()) {
|
|
1721
1902
|
return redirectOnError("account_already_linked_to_different_user");
|
|
1722
1903
|
}
|
|
1723
|
-
|
|
1724
|
-
|
|
1725
|
-
|
|
1726
|
-
|
|
1727
|
-
|
|
1728
|
-
|
|
1729
|
-
|
|
1730
|
-
|
|
1731
|
-
|
|
1732
|
-
|
|
1733
|
-
|
|
1734
|
-
|
|
1735
|
-
|
|
1904
|
+
const updateData = Object.fromEntries(
|
|
1905
|
+
Object.entries({
|
|
1906
|
+
accessToken: tokens.accessToken,
|
|
1907
|
+
idToken: tokens.idToken,
|
|
1908
|
+
refreshToken: tokens.refreshToken,
|
|
1909
|
+
accessTokenExpiresAt: tokens.accessTokenExpiresAt,
|
|
1910
|
+
refreshTokenExpiresAt: tokens.refreshTokenExpiresAt,
|
|
1911
|
+
scope: tokens.scopes?.join(",")
|
|
1912
|
+
}).filter(([_, value]) => value !== void 0)
|
|
1913
|
+
);
|
|
1914
|
+
await c.context.internalAdapter.updateAccount(
|
|
1915
|
+
existingAccount.id,
|
|
1916
|
+
updateData
|
|
1917
|
+
);
|
|
1918
|
+
} else {
|
|
1919
|
+
const newAccount = await c.context.internalAdapter.createAccount(
|
|
1920
|
+
{
|
|
1921
|
+
userId: link.userId,
|
|
1922
|
+
providerId: provider.id,
|
|
1923
|
+
accountId: userInfo.id,
|
|
1924
|
+
...tokens,
|
|
1925
|
+
scope: tokens.scopes?.join(",")
|
|
1926
|
+
},
|
|
1927
|
+
c
|
|
1928
|
+
);
|
|
1929
|
+
if (!newAccount) {
|
|
1930
|
+
return redirectOnError("unable_to_link_account");
|
|
1931
|
+
}
|
|
1736
1932
|
}
|
|
1737
1933
|
let toRedirectTo2;
|
|
1738
1934
|
try {
|
|
@@ -2114,9 +2310,9 @@ const updateUser = () => createAuthEndpoint(
|
|
|
2114
2310
|
schema: {
|
|
2115
2311
|
type: "object",
|
|
2116
2312
|
properties: {
|
|
2117
|
-
|
|
2118
|
-
type: "
|
|
2119
|
-
|
|
2313
|
+
status: {
|
|
2314
|
+
type: "boolean",
|
|
2315
|
+
description: "Indicates if the update was successful"
|
|
2120
2316
|
}
|
|
2121
2317
|
}
|
|
2122
2318
|
}
|
|
@@ -2195,17 +2391,66 @@ const changePassword = createAuthEndpoint(
|
|
|
2195
2391
|
description: "Change the password of the user",
|
|
2196
2392
|
responses: {
|
|
2197
2393
|
"200": {
|
|
2198
|
-
description: "
|
|
2394
|
+
description: "Password successfully changed",
|
|
2199
2395
|
content: {
|
|
2200
2396
|
"application/json": {
|
|
2201
2397
|
schema: {
|
|
2202
2398
|
type: "object",
|
|
2203
2399
|
properties: {
|
|
2400
|
+
token: {
|
|
2401
|
+
type: "string",
|
|
2402
|
+
nullable: true,
|
|
2403
|
+
// Only present if revokeOtherSessions is true
|
|
2404
|
+
description: "New session token if other sessions were revoked"
|
|
2405
|
+
},
|
|
2204
2406
|
user: {
|
|
2205
|
-
|
|
2206
|
-
|
|
2407
|
+
type: "object",
|
|
2408
|
+
properties: {
|
|
2409
|
+
id: {
|
|
2410
|
+
type: "string",
|
|
2411
|
+
description: "The unique identifier of the user"
|
|
2412
|
+
},
|
|
2413
|
+
email: {
|
|
2414
|
+
type: "string",
|
|
2415
|
+
format: "email",
|
|
2416
|
+
description: "The email address of the user"
|
|
2417
|
+
},
|
|
2418
|
+
name: {
|
|
2419
|
+
type: "string",
|
|
2420
|
+
description: "The name of the user"
|
|
2421
|
+
},
|
|
2422
|
+
image: {
|
|
2423
|
+
type: "string",
|
|
2424
|
+
format: "uri",
|
|
2425
|
+
nullable: true,
|
|
2426
|
+
description: "The profile image URL of the user"
|
|
2427
|
+
},
|
|
2428
|
+
emailVerified: {
|
|
2429
|
+
type: "boolean",
|
|
2430
|
+
description: "Whether the email has been verified"
|
|
2431
|
+
},
|
|
2432
|
+
createdAt: {
|
|
2433
|
+
type: "string",
|
|
2434
|
+
format: "date-time",
|
|
2435
|
+
description: "When the user was created"
|
|
2436
|
+
},
|
|
2437
|
+
updatedAt: {
|
|
2438
|
+
type: "string",
|
|
2439
|
+
format: "date-time",
|
|
2440
|
+
description: "When the user was last updated"
|
|
2441
|
+
}
|
|
2442
|
+
},
|
|
2443
|
+
required: [
|
|
2444
|
+
"id",
|
|
2445
|
+
"email",
|
|
2446
|
+
"name",
|
|
2447
|
+
"emailVerified",
|
|
2448
|
+
"createdAt",
|
|
2449
|
+
"updatedAt"
|
|
2450
|
+
]
|
|
2207
2451
|
}
|
|
2208
|
-
}
|
|
2452
|
+
},
|
|
2453
|
+
required: ["user"]
|
|
2209
2454
|
}
|
|
2210
2455
|
}
|
|
2211
2456
|
}
|
|
@@ -2371,11 +2616,23 @@ const deleteUser = createAuthEndpoint(
|
|
|
2371
2616
|
description: "Delete the user",
|
|
2372
2617
|
responses: {
|
|
2373
2618
|
"200": {
|
|
2374
|
-
description: "
|
|
2619
|
+
description: "User deletion processed successfully",
|
|
2375
2620
|
content: {
|
|
2376
2621
|
"application/json": {
|
|
2377
2622
|
schema: {
|
|
2378
|
-
type: "object"
|
|
2623
|
+
type: "object",
|
|
2624
|
+
properties: {
|
|
2625
|
+
success: {
|
|
2626
|
+
type: "boolean",
|
|
2627
|
+
description: "Indicates if the operation was successful"
|
|
2628
|
+
},
|
|
2629
|
+
message: {
|
|
2630
|
+
type: "string",
|
|
2631
|
+
enum: ["User deleted", "Verification email sent"],
|
|
2632
|
+
description: "Status message of the deletion process"
|
|
2633
|
+
}
|
|
2634
|
+
},
|
|
2635
|
+
required: ["success", "message"]
|
|
2379
2636
|
}
|
|
2380
2637
|
}
|
|
2381
2638
|
}
|
|
@@ -2445,7 +2702,9 @@ const deleteUser = createAuthEndpoint(
|
|
|
2445
2702
|
await ctx.context.internalAdapter.createVerificationValue({
|
|
2446
2703
|
value: session.user.id,
|
|
2447
2704
|
identifier: `delete-account-${token}`,
|
|
2448
|
-
expiresAt: new Date(
|
|
2705
|
+
expiresAt: new Date(
|
|
2706
|
+
Date.now() + (ctx.context.options.user.deleteUser?.deleteTokenExpiresIn || 60 * 60 * 24) * 1e3
|
|
2707
|
+
)
|
|
2449
2708
|
});
|
|
2450
2709
|
const url = `${ctx.context.baseURL}/delete-user/callback?token=${token}&callbackURL=${ctx.body.callbackURL || "/"}`;
|
|
2451
2710
|
await ctx.context.options.user.deleteUser.sendDeleteAccountVerification(
|
|
@@ -2487,7 +2746,36 @@ const deleteUserCallback = createAuthEndpoint(
|
|
|
2487
2746
|
token: z.string(),
|
|
2488
2747
|
callbackURL: z.string().optional()
|
|
2489
2748
|
}),
|
|
2490
|
-
use: [originCheck((ctx) => ctx.query.callbackURL)]
|
|
2749
|
+
use: [originCheck((ctx) => ctx.query.callbackURL)],
|
|
2750
|
+
metadata: {
|
|
2751
|
+
openapi: {
|
|
2752
|
+
description: "Callback to complete user deletion with verification token",
|
|
2753
|
+
responses: {
|
|
2754
|
+
"200": {
|
|
2755
|
+
description: "User successfully deleted",
|
|
2756
|
+
content: {
|
|
2757
|
+
"application/json": {
|
|
2758
|
+
schema: {
|
|
2759
|
+
type: "object",
|
|
2760
|
+
properties: {
|
|
2761
|
+
success: {
|
|
2762
|
+
type: "boolean",
|
|
2763
|
+
description: "Indicates if the deletion was successful"
|
|
2764
|
+
},
|
|
2765
|
+
message: {
|
|
2766
|
+
type: "string",
|
|
2767
|
+
enum: ["User deleted"],
|
|
2768
|
+
description: "Confirmation message"
|
|
2769
|
+
}
|
|
2770
|
+
},
|
|
2771
|
+
required: ["success", "message"]
|
|
2772
|
+
}
|
|
2773
|
+
}
|
|
2774
|
+
}
|
|
2775
|
+
}
|
|
2776
|
+
}
|
|
2777
|
+
}
|
|
2778
|
+
}
|
|
2491
2779
|
},
|
|
2492
2780
|
async (ctx) => {
|
|
2493
2781
|
if (!ctx.context.options.user?.deleteUser?.enabled) {
|
|
@@ -2554,20 +2842,24 @@ const changeEmail = createAuthEndpoint(
|
|
|
2554
2842
|
openapi: {
|
|
2555
2843
|
responses: {
|
|
2556
2844
|
"200": {
|
|
2557
|
-
description: "
|
|
2845
|
+
description: "Email change request processed successfully",
|
|
2558
2846
|
content: {
|
|
2559
2847
|
"application/json": {
|
|
2560
2848
|
schema: {
|
|
2561
2849
|
type: "object",
|
|
2562
2850
|
properties: {
|
|
2563
|
-
user: {
|
|
2564
|
-
type: "object",
|
|
2565
|
-
ref: "#/components/schemas/User"
|
|
2566
|
-
},
|
|
2567
2851
|
status: {
|
|
2568
|
-
type: "boolean"
|
|
2852
|
+
type: "boolean",
|
|
2853
|
+
description: "Indicates if the request was successful"
|
|
2854
|
+
},
|
|
2855
|
+
message: {
|
|
2856
|
+
type: "string",
|
|
2857
|
+
enum: ["Email updated", "Verification email sent"],
|
|
2858
|
+
description: "Status message of the email change process",
|
|
2859
|
+
nullable: true
|
|
2569
2860
|
}
|
|
2570
|
-
}
|
|
2861
|
+
},
|
|
2862
|
+
required: ["status"]
|
|
2571
2863
|
}
|
|
2572
2864
|
}
|
|
2573
2865
|
}
|
|
@@ -2770,7 +3062,8 @@ const error = createAuthEndpoint(
|
|
|
2770
3062
|
content: {
|
|
2771
3063
|
"text/html": {
|
|
2772
3064
|
schema: {
|
|
2773
|
-
type: "string"
|
|
3065
|
+
type: "string",
|
|
3066
|
+
description: "The HTML content of the error page"
|
|
2774
3067
|
}
|
|
2775
3068
|
}
|
|
2776
3069
|
}
|
|
@@ -2799,16 +3092,18 @@ const ok = createAuthEndpoint(
|
|
|
2799
3092
|
description: "Check if the API is working",
|
|
2800
3093
|
responses: {
|
|
2801
3094
|
"200": {
|
|
2802
|
-
description: "
|
|
3095
|
+
description: "API is working",
|
|
2803
3096
|
content: {
|
|
2804
3097
|
"application/json": {
|
|
2805
3098
|
schema: {
|
|
2806
3099
|
type: "object",
|
|
2807
3100
|
properties: {
|
|
2808
3101
|
ok: {
|
|
2809
|
-
type: "boolean"
|
|
3102
|
+
type: "boolean",
|
|
3103
|
+
description: "Indicates if the API is working"
|
|
2810
3104
|
}
|
|
2811
|
-
}
|
|
3105
|
+
},
|
|
3106
|
+
required: ["ok"]
|
|
2812
3107
|
}
|
|
2813
3108
|
}
|
|
2814
3109
|
}
|
|
@@ -2849,20 +3144,32 @@ const listUserAccounts = createAuthEndpoint(
|
|
|
2849
3144
|
type: "string"
|
|
2850
3145
|
},
|
|
2851
3146
|
createdAt: {
|
|
2852
|
-
type: "string"
|
|
3147
|
+
type: "string",
|
|
3148
|
+
format: "date-time"
|
|
2853
3149
|
},
|
|
2854
3150
|
updatedAt: {
|
|
3151
|
+
type: "string",
|
|
3152
|
+
format: "date-time"
|
|
3153
|
+
}
|
|
3154
|
+
},
|
|
3155
|
+
accountId: {
|
|
3156
|
+
type: "string"
|
|
3157
|
+
},
|
|
3158
|
+
scopes: {
|
|
3159
|
+
type: "array",
|
|
3160
|
+
items: {
|
|
2855
3161
|
type: "string"
|
|
2856
|
-
},
|
|
2857
|
-
accountId: {
|
|
2858
|
-
type: "string"
|
|
2859
|
-
},
|
|
2860
|
-
scopes: {
|
|
2861
|
-
type: "array",
|
|
2862
|
-
items: { type: "string" }
|
|
2863
3162
|
}
|
|
2864
3163
|
}
|
|
2865
|
-
}
|
|
3164
|
+
},
|
|
3165
|
+
required: [
|
|
3166
|
+
"id",
|
|
3167
|
+
"provider",
|
|
3168
|
+
"createdAt",
|
|
3169
|
+
"updatedAt",
|
|
3170
|
+
"accountId",
|
|
3171
|
+
"scopes"
|
|
3172
|
+
]
|
|
2866
3173
|
}
|
|
2867
3174
|
}
|
|
2868
3175
|
}
|
|
@@ -2905,7 +3212,15 @@ const linkSocialAccount = createAuthEndpoint(
|
|
|
2905
3212
|
*/
|
|
2906
3213
|
provider: z.enum(socialProviderList, {
|
|
2907
3214
|
description: "The OAuth2 provider to use"
|
|
2908
|
-
})
|
|
3215
|
+
}),
|
|
3216
|
+
/**
|
|
3217
|
+
* Additional scopes to request when linking the account.
|
|
3218
|
+
* This is useful for requesting additional permissions when
|
|
3219
|
+
* linking a social account compared to the initial authentication.
|
|
3220
|
+
*/
|
|
3221
|
+
scopes: z.array(z.string(), {
|
|
3222
|
+
description: "Additional scopes to request from the provider"
|
|
3223
|
+
}).optional()
|
|
2909
3224
|
}),
|
|
2910
3225
|
use: [sessionMiddleware],
|
|
2911
3226
|
metadata: {
|
|
@@ -2920,10 +3235,12 @@ const linkSocialAccount = createAuthEndpoint(
|
|
|
2920
3235
|
type: "object",
|
|
2921
3236
|
properties: {
|
|
2922
3237
|
url: {
|
|
2923
|
-
type: "string"
|
|
3238
|
+
type: "string",
|
|
3239
|
+
description: "The authorization URL to redirect the user to"
|
|
2924
3240
|
},
|
|
2925
3241
|
redirect: {
|
|
2926
|
-
type: "boolean"
|
|
3242
|
+
type: "boolean",
|
|
3243
|
+
description: "Indicates if the user should be redirected to the authorization URL"
|
|
2927
3244
|
}
|
|
2928
3245
|
},
|
|
2929
3246
|
required: ["url", "redirect"]
|
|
@@ -2958,7 +3275,8 @@ const linkSocialAccount = createAuthEndpoint(
|
|
|
2958
3275
|
const url = await provider.createAuthorizationURL({
|
|
2959
3276
|
state: state.state,
|
|
2960
3277
|
codeVerifier: state.codeVerifier,
|
|
2961
|
-
redirectURI: `${c.context.baseURL}/callback/${provider.id}
|
|
3278
|
+
redirectURI: `${c.context.baseURL}/callback/${provider.id}`,
|
|
3279
|
+
scopes: c.body.scopes
|
|
2962
3280
|
});
|
|
2963
3281
|
return c.json({
|
|
2964
3282
|
url: url.toString(),
|
|
@@ -2974,7 +3292,29 @@ const unlinkAccount = createAuthEndpoint(
|
|
|
2974
3292
|
providerId: z.string(),
|
|
2975
3293
|
accountId: z.string().optional()
|
|
2976
3294
|
}),
|
|
2977
|
-
use: [freshSessionMiddleware]
|
|
3295
|
+
use: [freshSessionMiddleware],
|
|
3296
|
+
metadata: {
|
|
3297
|
+
openapi: {
|
|
3298
|
+
description: "Unlink an account",
|
|
3299
|
+
responses: {
|
|
3300
|
+
"200": {
|
|
3301
|
+
description: "Success",
|
|
3302
|
+
content: {
|
|
3303
|
+
"application/json": {
|
|
3304
|
+
schema: {
|
|
3305
|
+
type: "object",
|
|
3306
|
+
properties: {
|
|
3307
|
+
status: {
|
|
3308
|
+
type: "boolean"
|
|
3309
|
+
}
|
|
3310
|
+
}
|
|
3311
|
+
}
|
|
3312
|
+
}
|
|
3313
|
+
}
|
|
3314
|
+
}
|
|
3315
|
+
}
|
|
3316
|
+
}
|
|
3317
|
+
}
|
|
2978
3318
|
},
|
|
2979
3319
|
async (ctx) => {
|
|
2980
3320
|
const { providerId, accountId } = ctx.body;
|