better-auth 1.2.6-beta.7 → 1.2.7-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (273) hide show
  1. package/dist/adapters/drizzle-adapter/index.cjs +186 -249
  2. package/dist/adapters/drizzle-adapter/index.d.cts +11 -49
  3. package/dist/adapters/drizzle-adapter/index.d.mts +11 -49
  4. package/dist/adapters/drizzle-adapter/index.d.ts +11 -49
  5. package/dist/adapters/drizzle-adapter/index.mjs +186 -249
  6. package/dist/adapters/index.cjs +26 -0
  7. package/dist/adapters/index.d.cts +17 -0
  8. package/dist/adapters/index.d.mts +17 -0
  9. package/dist/adapters/index.d.ts +17 -0
  10. package/dist/adapters/index.mjs +20 -0
  11. package/dist/adapters/kysely-adapter/index.cjs +7 -7
  12. package/dist/adapters/kysely-adapter/index.d.cts +17 -49
  13. package/dist/adapters/kysely-adapter/index.d.mts +17 -49
  14. package/dist/adapters/kysely-adapter/index.d.ts +17 -49
  15. package/dist/adapters/kysely-adapter/index.mjs +8 -8
  16. package/dist/adapters/memory-adapter/index.cjs +7 -8
  17. package/dist/adapters/memory-adapter/index.d.cts +9 -49
  18. package/dist/adapters/memory-adapter/index.d.mts +9 -49
  19. package/dist/adapters/memory-adapter/index.d.ts +9 -49
  20. package/dist/adapters/memory-adapter/index.mjs +8 -9
  21. package/dist/adapters/mongodb-adapter/index.cjs +2 -2
  22. package/dist/adapters/mongodb-adapter/index.d.cts +4 -4
  23. package/dist/adapters/mongodb-adapter/index.d.mts +4 -4
  24. package/dist/adapters/mongodb-adapter/index.d.ts +4 -4
  25. package/dist/adapters/mongodb-adapter/index.mjs +3 -3
  26. package/dist/adapters/prisma-adapter/index.cjs +130 -203
  27. package/dist/adapters/prisma-adapter/index.d.cts +17 -49
  28. package/dist/adapters/prisma-adapter/index.d.mts +17 -49
  29. package/dist/adapters/prisma-adapter/index.d.ts +17 -49
  30. package/dist/adapters/prisma-adapter/index.mjs +131 -204
  31. package/dist/adapters/test.cjs +710 -377
  32. package/dist/adapters/test.d.cts +64 -5
  33. package/dist/adapters/test.d.mts +64 -5
  34. package/dist/adapters/test.d.ts +64 -5
  35. package/dist/adapters/test.mjs +712 -380
  36. package/dist/api/index.cjs +61 -25
  37. package/dist/api/index.d.cts +3 -3
  38. package/dist/api/index.d.mts +3 -3
  39. package/dist/api/index.d.ts +3 -3
  40. package/dist/api/index.mjs +63 -27
  41. package/dist/client/index.d.cts +3 -3
  42. package/dist/client/index.d.mts +3 -3
  43. package/dist/client/index.d.ts +3 -3
  44. package/dist/client/plugins/index.cjs +13 -15
  45. package/dist/client/plugins/index.d.cts +80 -19
  46. package/dist/client/plugins/index.d.mts +80 -19
  47. package/dist/client/plugins/index.d.ts +80 -19
  48. package/dist/client/plugins/index.mjs +13 -16
  49. package/dist/client/react/index.cjs +4 -4
  50. package/dist/client/react/index.d.cts +3 -3
  51. package/dist/client/react/index.d.mts +3 -3
  52. package/dist/client/react/index.d.ts +3 -3
  53. package/dist/client/solid/index.d.cts +3 -3
  54. package/dist/client/solid/index.d.mts +3 -3
  55. package/dist/client/solid/index.d.ts +3 -3
  56. package/dist/client/svelte/index.d.cts +3 -3
  57. package/dist/client/svelte/index.d.mts +3 -3
  58. package/dist/client/svelte/index.d.ts +3 -3
  59. package/dist/client/vue/index.d.cts +3 -3
  60. package/dist/client/vue/index.d.mts +3 -3
  61. package/dist/client/vue/index.d.ts +3 -3
  62. package/dist/cookies/index.cjs +13 -2
  63. package/dist/cookies/index.d.cts +3 -3
  64. package/dist/cookies/index.d.mts +3 -3
  65. package/dist/cookies/index.d.ts +3 -3
  66. package/dist/cookies/index.mjs +13 -2
  67. package/dist/db/index.cjs +6 -5
  68. package/dist/db/index.d.cts +4 -4
  69. package/dist/db/index.d.mts +4 -4
  70. package/dist/db/index.d.ts +4 -4
  71. package/dist/db/index.mjs +7 -6
  72. package/dist/index.cjs +11 -7
  73. package/dist/index.d.cts +4 -4
  74. package/dist/index.d.mts +4 -4
  75. package/dist/index.d.ts +4 -4
  76. package/dist/index.mjs +14 -10
  77. package/dist/integrations/next-js.cjs +4 -5
  78. package/dist/integrations/next-js.d.cts +3 -3
  79. package/dist/integrations/next-js.d.mts +3 -3
  80. package/dist/integrations/next-js.d.ts +3 -3
  81. package/dist/integrations/next-js.mjs +5 -6
  82. package/dist/integrations/node.d.cts +3 -3
  83. package/dist/integrations/node.d.mts +3 -3
  84. package/dist/integrations/node.d.ts +3 -3
  85. package/dist/integrations/react-start.cjs +5 -6
  86. package/dist/integrations/react-start.d.cts +3 -3
  87. package/dist/integrations/react-start.d.mts +3 -3
  88. package/dist/integrations/react-start.d.ts +3 -3
  89. package/dist/integrations/react-start.mjs +6 -7
  90. package/dist/integrations/svelte-kit.d.cts +3 -3
  91. package/dist/integrations/svelte-kit.d.mts +3 -3
  92. package/dist/integrations/svelte-kit.d.ts +3 -3
  93. package/dist/oauth2/index.d.cts +5 -5
  94. package/dist/oauth2/index.d.mts +5 -5
  95. package/dist/oauth2/index.d.ts +5 -5
  96. package/dist/plugins/access/index.d.cts +1 -1
  97. package/dist/plugins/access/index.d.mts +1 -1
  98. package/dist/plugins/access/index.d.ts +1 -1
  99. package/dist/plugins/admin/access/index.d.cts +1 -1
  100. package/dist/plugins/admin/access/index.d.mts +1 -1
  101. package/dist/plugins/admin/access/index.d.ts +1 -1
  102. package/dist/plugins/admin/index.cjs +4 -4
  103. package/dist/plugins/admin/index.d.cts +74 -14
  104. package/dist/plugins/admin/index.d.mts +74 -14
  105. package/dist/plugins/admin/index.d.ts +74 -14
  106. package/dist/plugins/admin/index.mjs +5 -5
  107. package/dist/plugins/anonymous/index.cjs +4 -5
  108. package/dist/plugins/anonymous/index.d.cts +3 -3
  109. package/dist/plugins/anonymous/index.d.mts +3 -3
  110. package/dist/plugins/anonymous/index.d.ts +3 -3
  111. package/dist/plugins/anonymous/index.mjs +5 -6
  112. package/dist/plugins/bearer/index.cjs +2 -2
  113. package/dist/plugins/bearer/index.d.cts +3 -3
  114. package/dist/plugins/bearer/index.d.mts +3 -3
  115. package/dist/plugins/bearer/index.d.ts +3 -3
  116. package/dist/plugins/bearer/index.mjs +3 -3
  117. package/dist/plugins/captcha/index.cjs +110 -45
  118. package/dist/plugins/captcha/index.d.cts +26 -6
  119. package/dist/plugins/captcha/index.d.mts +26 -6
  120. package/dist/plugins/captcha/index.d.ts +26 -6
  121. package/dist/plugins/captcha/index.mjs +110 -45
  122. package/dist/plugins/custom-session/index.cjs +24 -5
  123. package/dist/plugins/custom-session/index.d.cts +25 -6
  124. package/dist/plugins/custom-session/index.d.mts +25 -6
  125. package/dist/plugins/custom-session/index.d.ts +25 -6
  126. package/dist/plugins/custom-session/index.mjs +25 -6
  127. package/dist/plugins/email-otp/index.cjs +96 -30
  128. package/dist/plugins/email-otp/index.d.cts +33 -10
  129. package/dist/plugins/email-otp/index.d.mts +33 -10
  130. package/dist/plugins/email-otp/index.d.ts +33 -10
  131. package/dist/plugins/email-otp/index.mjs +97 -31
  132. package/dist/plugins/generic-oauth/index.cjs +81 -20
  133. package/dist/plugins/generic-oauth/index.d.cts +46 -3
  134. package/dist/plugins/generic-oauth/index.d.mts +46 -3
  135. package/dist/plugins/generic-oauth/index.d.ts +46 -3
  136. package/dist/plugins/generic-oauth/index.mjs +82 -21
  137. package/dist/plugins/haveibeenpwned/index.cjs +98 -0
  138. package/dist/plugins/haveibeenpwned/index.d.cts +36 -0
  139. package/dist/plugins/haveibeenpwned/index.d.mts +36 -0
  140. package/dist/plugins/haveibeenpwned/index.d.ts +36 -0
  141. package/dist/plugins/haveibeenpwned/index.mjs +96 -0
  142. package/dist/plugins/index.cjs +583 -19
  143. package/dist/plugins/index.d.cts +7 -5
  144. package/dist/plugins/index.d.mts +7 -5
  145. package/dist/plugins/index.d.ts +7 -5
  146. package/dist/plugins/index.mjs +583 -21
  147. package/dist/plugins/jwt/index.cjs +45 -21
  148. package/dist/plugins/jwt/index.d.cts +52 -6
  149. package/dist/plugins/jwt/index.d.mts +52 -6
  150. package/dist/plugins/jwt/index.d.ts +52 -6
  151. package/dist/plugins/jwt/index.mjs +46 -22
  152. package/dist/plugins/magic-link/index.cjs +3 -3
  153. package/dist/plugins/magic-link/index.mjs +4 -4
  154. package/dist/plugins/multi-session/index.cjs +3 -3
  155. package/dist/plugins/multi-session/index.d.cts +3 -3
  156. package/dist/plugins/multi-session/index.d.mts +3 -3
  157. package/dist/plugins/multi-session/index.d.ts +3 -3
  158. package/dist/plugins/multi-session/index.mjs +4 -4
  159. package/dist/plugins/oauth-proxy/index.cjs +4 -4
  160. package/dist/plugins/oauth-proxy/index.d.cts +3 -3
  161. package/dist/plugins/oauth-proxy/index.d.mts +3 -3
  162. package/dist/plugins/oauth-proxy/index.d.ts +3 -3
  163. package/dist/plugins/oauth-proxy/index.mjs +5 -5
  164. package/dist/plugins/oidc-provider/index.cjs +227 -8
  165. package/dist/plugins/oidc-provider/index.d.cts +215 -3
  166. package/dist/plugins/oidc-provider/index.d.mts +215 -3
  167. package/dist/plugins/oidc-provider/index.d.ts +215 -3
  168. package/dist/plugins/oidc-provider/index.mjs +228 -9
  169. package/dist/plugins/one-tap/index.cjs +5 -5
  170. package/dist/plugins/one-tap/index.mjs +6 -6
  171. package/dist/plugins/one-time-token/index.cjs +119 -0
  172. package/dist/plugins/one-time-token/index.d.cts +134 -0
  173. package/dist/plugins/one-time-token/index.d.mts +134 -0
  174. package/dist/plugins/one-time-token/index.d.ts +134 -0
  175. package/dist/plugins/one-time-token/index.mjs +117 -0
  176. package/dist/plugins/open-api/index.cjs +3 -3
  177. package/dist/plugins/open-api/index.d.cts +3 -3
  178. package/dist/plugins/open-api/index.d.mts +3 -3
  179. package/dist/plugins/open-api/index.d.ts +3 -3
  180. package/dist/plugins/open-api/index.mjs +4 -4
  181. package/dist/plugins/organization/access/index.d.cts +1 -1
  182. package/dist/plugins/organization/access/index.d.mts +1 -1
  183. package/dist/plugins/organization/access/index.d.ts +1 -1
  184. package/dist/plugins/organization/index.cjs +4 -4
  185. package/dist/plugins/organization/index.d.cts +708 -55
  186. package/dist/plugins/organization/index.d.mts +708 -55
  187. package/dist/plugins/organization/index.d.ts +708 -55
  188. package/dist/plugins/organization/index.mjs +5 -5
  189. package/dist/plugins/passkey/index.cjs +82 -8
  190. package/dist/plugins/passkey/index.d.cts +72 -3
  191. package/dist/plugins/passkey/index.d.mts +72 -3
  192. package/dist/plugins/passkey/index.d.ts +72 -3
  193. package/dist/plugins/passkey/index.mjs +83 -9
  194. package/dist/plugins/phone-number/index.cjs +194 -26
  195. package/dist/plugins/phone-number/index.d.cts +132 -8
  196. package/dist/plugins/phone-number/index.d.mts +132 -8
  197. package/dist/plugins/phone-number/index.d.ts +132 -8
  198. package/dist/plugins/phone-number/index.mjs +195 -27
  199. package/dist/plugins/sso/index.cjs +190 -7
  200. package/dist/plugins/sso/index.d.cts +181 -15
  201. package/dist/plugins/sso/index.d.mts +181 -15
  202. package/dist/plugins/sso/index.d.ts +181 -15
  203. package/dist/plugins/sso/index.mjs +191 -8
  204. package/dist/plugins/two-factor/index.cjs +443 -92
  205. package/dist/plugins/two-factor/index.d.cts +230 -396
  206. package/dist/plugins/two-factor/index.d.mts +230 -396
  207. package/dist/plugins/two-factor/index.d.ts +230 -396
  208. package/dist/plugins/two-factor/index.mjs +431 -80
  209. package/dist/plugins/username/index.cjs +34 -31
  210. package/dist/plugins/username/index.d.cts +15 -12
  211. package/dist/plugins/username/index.d.mts +15 -12
  212. package/dist/plugins/username/index.d.ts +15 -12
  213. package/dist/plugins/username/index.mjs +35 -32
  214. package/dist/shared/better-auth.1DR6suCQ.mjs +307 -0
  215. package/dist/shared/{better-auth.BSsp73pg.cjs → better-auth.B7cZ2juS.cjs} +15 -14
  216. package/dist/shared/{better-auth.bKwabe3I.d.mts → better-auth.B88xucNq.d.mts} +529 -39
  217. package/dist/shared/{better-auth.CApEjVDP.cjs → better-auth.BW8BpneG.cjs} +4 -1
  218. package/dist/shared/{better-auth.BiQsvaIP.d.cts → better-auth.BcU1Kjyq.d.cts} +2051 -518
  219. package/dist/shared/better-auth.BfG24BjZ.cjs +118 -0
  220. package/dist/shared/{better-auth.A3TjrU8G.mjs → better-auth.Bk5IMdhM.mjs} +32 -12
  221. package/dist/shared/{better-auth.D9VnBkRI.mjs → better-auth.Bm9HxIzE.mjs} +47 -24
  222. package/dist/shared/{better-auth.BRf6Iynu.d.ts → better-auth.Bwc-6kOr.d.ts} +1 -1
  223. package/dist/shared/{better-auth.D-oLmHIj.d.mts → better-auth.CA2hFK4N.d.ts} +2051 -518
  224. package/dist/shared/{better-auth.Dmhe30iW.d.mts → better-auth.CGukGrxT.d.cts} +1 -1
  225. package/dist/shared/{better-auth.CsSpq0zL.cjs → better-auth.CHUzBidy.cjs} +46 -23
  226. package/dist/shared/{better-auth.DWRligF8.d.cts → better-auth.CT9J6rD-.d.cts} +539 -7
  227. package/dist/shared/better-auth.CVCo5Z2T.cjs +310 -0
  228. package/dist/shared/{better-auth.D4jH-sJA.mjs → better-auth.CWwVo_61.mjs} +458 -118
  229. package/dist/shared/{better-auth.Bi8FQwDD.d.cts → better-auth.CYegVoq1.d.cts} +1 -1
  230. package/dist/shared/{better-auth.Bi8FQwDD.d.mts → better-auth.CYegVoq1.d.mts} +1 -1
  231. package/dist/shared/{better-auth.Bi8FQwDD.d.ts → better-auth.CYegVoq1.d.ts} +1 -1
  232. package/dist/shared/{better-auth.CepcSj5H.mjs → better-auth.Cc72UxUH.mjs} +1 -2
  233. package/dist/shared/{better-auth.BWp5dztg.d.ts → better-auth.CmN4mlPh.d.ts} +539 -7
  234. package/dist/shared/{better-auth.DH3YjMQH.mjs → better-auth.Cqykj82J.mjs} +1 -1
  235. package/dist/shared/{better-auth.wcdMj2cT.d.mts → better-auth.DIt2e3lu.d.mts} +539 -7
  236. package/dist/shared/{better-auth.BANAxdkL.d.ts → better-auth.DNTAFSt1.d.ts} +529 -39
  237. package/dist/shared/{better-auth.DU2QNVc_.d.ts → better-auth.DQ7OSJbI.d.mts} +2051 -518
  238. package/dist/shared/{better-auth.DLTzKoOS.cjs → better-auth.DSVbLSt7.cjs} +4 -1
  239. package/dist/shared/{better-auth.B2Fw1vhH.d.cts → better-auth.DTiSPWEk.d.cts} +529 -39
  240. package/dist/shared/better-auth.DURsStt9.mjs +116 -0
  241. package/dist/shared/{better-auth.BIjcZ_vt.cjs → better-auth.DYoLD99C.cjs} +31 -11
  242. package/dist/shared/{better-auth.CV1L7TPV.cjs → better-auth.D_ZIX1O8.cjs} +317 -47
  243. package/dist/shared/{better-auth.C5H9XEzZ.cjs → better-auth.DcWKCjjf.cjs} +1 -2
  244. package/dist/shared/{better-auth.BDYXUcLv.cjs → better-auth.Dg0siV5C.cjs} +457 -117
  245. package/dist/shared/better-auth.DjryM8pE.cjs +760 -0
  246. package/dist/shared/{better-auth.DPBQN9Fs.mjs → better-auth.Dn_Ms1Uf.mjs} +318 -48
  247. package/dist/shared/{better-auth.DiG4KL2x.mjs → better-auth.OuYYTHC7.mjs} +4 -1
  248. package/dist/shared/{better-auth.DtC8i3pf.d.cts → better-auth.S1jimRbX.d.mts} +1 -1
  249. package/dist/shared/better-auth.SPmq4a4z.d.mts +344 -0
  250. package/dist/shared/{better-auth.cOCrlspr.mjs → better-auth.bkwPl2G4.mjs} +4 -1
  251. package/dist/shared/better-auth.cp2rC2iM.d.ts +344 -0
  252. package/dist/shared/better-auth.eVy4DZvP.d.cts +344 -0
  253. package/dist/shared/{better-auth.BrOpzmqo.mjs → better-auth.iKoUsdFE.mjs} +15 -14
  254. package/dist/shared/better-auth.rSYJCd3o.mjs +758 -0
  255. package/dist/social-providers/index.cjs +75 -3
  256. package/dist/social-providers/index.d.cts +2 -2
  257. package/dist/social-providers/index.d.mts +2 -2
  258. package/dist/social-providers/index.d.ts +2 -2
  259. package/dist/social-providers/index.mjs +77 -6
  260. package/dist/types/index.d.cts +4 -4
  261. package/dist/types/index.d.mts +4 -4
  262. package/dist/types/index.d.ts +4 -4
  263. package/package.json +42 -5
  264. package/dist/chunks/server.cjs +0 -905
  265. package/dist/chunks/server.mjs +0 -895
  266. package/dist/shared/better-auth.BcoSd9tC.mjs +0 -10
  267. package/dist/shared/better-auth.BnRFp-t0.mjs +0 -405
  268. package/dist/shared/better-auth.C1-vpKly.cjs +0 -12
  269. package/dist/shared/better-auth.ClTSOgiD.mjs +0 -140
  270. package/dist/shared/better-auth.DC8JQbiE.mjs +0 -173
  271. package/dist/shared/better-auth.DWHWPllD.cjs +0 -175
  272. package/dist/shared/better-auth.DqLjzBlO.cjs +0 -408
  273. package/dist/shared/better-auth.m575EIBC.cjs +0 -144
@@ -1,15 +1,17 @@
1
1
  import { APIError } from 'better-call';
2
2
  import { z } from 'zod';
3
- import { c as createAuthMiddleware, s as sessionMiddleware, a as createAuthEndpoint, g as getSessionFromCtx, B as BASE_ERROR_CODES, N as requestOnlySessionMiddleware } from './better-auth.D4jH-sJA.mjs';
3
+ import { c as createAuthMiddleware, s as sessionMiddleware, a as createAuthEndpoint, g as getSessionFromCtx, B as BASE_ERROR_CODES, N as requestOnlySessionMiddleware } from './better-auth.CWwVo_61.mjs';
4
4
  import './better-auth.8zoxzg-F.mjs';
5
5
  import '@better-auth/utils/base64';
6
6
  import '@better-auth/utils/hmac';
7
- import './better-auth.CepcSj5H.mjs';
7
+ import './better-auth.Cc72UxUH.mjs';
8
8
  import { g as getDate } from './better-auth.CW6D9eSx.mjs';
9
9
  import { B as BetterAuthError } from './better-auth.DdzSJf-n.mjs';
10
10
  import { p as parseJSON } from './better-auth.ffWeg50w.mjs';
11
- import './better-auth.DH3YjMQH.mjs';
11
+ import './better-auth.Cqykj82J.mjs';
12
12
  import 'defu';
13
+ import { h as hasPermission } from './better-auth.OuYYTHC7.mjs';
14
+ import { setSessionCookie } from '../cookies/index.mjs';
13
15
  import { g as generateId } from './better-auth.BUPPRXfK.mjs';
14
16
  import '@better-auth/utils/hash';
15
17
  import '@noble/ciphers/chacha';
@@ -21,8 +23,6 @@ import '@better-auth/utils';
21
23
  import '@better-auth/utils/hex';
22
24
  import '@noble/hashes/utils';
23
25
  import './better-auth.B4Qoxdgc.mjs';
24
- import { h as hasPermission } from './better-auth.DiG4KL2x.mjs';
25
- import { setSessionCookie } from '../cookies/index.mjs';
26
26
  import { defaultRoles } from '../plugins/organization/access/index.mjs';
27
27
 
28
28
  const shimContext = (originalObject, newContext) => {
@@ -574,6 +574,36 @@ const getOrgAdapter = (context, options) => {
574
574
  (invite) => new Date(invite.expiresAt) > /* @__PURE__ */ new Date()
575
575
  );
576
576
  },
577
+ findPendingInvitations: async (data) => {
578
+ const invitations = await adapter.findMany({
579
+ model: "invitation",
580
+ where: [
581
+ {
582
+ field: "organizationId",
583
+ value: data.organizationId
584
+ },
585
+ {
586
+ field: "status",
587
+ value: "pending"
588
+ }
589
+ ]
590
+ });
591
+ return invitations.filter(
592
+ (invite) => new Date(invite.expiresAt) > /* @__PURE__ */ new Date()
593
+ );
594
+ },
595
+ listInvitations: async (data) => {
596
+ const invitations = await adapter.findMany({
597
+ model: "invitation",
598
+ where: [
599
+ {
600
+ field: "organizationId",
601
+ value: data.organizationId
602
+ }
603
+ ]
604
+ });
605
+ return invitations;
606
+ },
577
607
  updateInvitation: async (data) => {
578
608
  const invitation = await adapter.update({
579
609
  model: "invitation",
@@ -638,7 +668,8 @@ const ORGANIZATION_ERROR_CODES = {
638
668
  ORGANIZATION_MEMBERSHIP_LIMIT_REACHED: "Organization membership limit reached",
639
669
  YOU_ARE_NOT_ALLOWED_TO_CREATE_TEAMS_IN_THIS_ORGANIZATION: "You are not allowed to create teams in this organization",
640
670
  YOU_ARE_NOT_ALLOWED_TO_DELETE_TEAMS_IN_THIS_ORGANIZATION: "You are not allowed to delete teams in this organization",
641
- YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_TEAM: "You are not allowed to update this team"
671
+ YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_TEAM: "You are not allowed to update this team",
672
+ INVITATION_LIMIT_REACHED: "Invitation limit reached"
642
673
  };
643
674
 
644
675
  const createInvitation = (option) => createAuthEndpoint(
@@ -724,14 +755,6 @@ const createInvitation = (option) => createAuthEndpoint(
724
755
  }
725
756
  },
726
757
  async (ctx) => {
727
- if (!ctx.context.orgOptions.sendInvitationEmail) {
728
- ctx.context.logger.warn(
729
- "Invitation email is not enabled. Pass `sendInvitationEmail` to the plugin options to enable it."
730
- );
731
- throw new APIError("BAD_REQUEST", {
732
- message: "Invitation email is not enabled"
733
- });
734
- }
735
758
  const session = ctx.context.session;
736
759
  const organizationId = ctx.body.organizationId || session.session.activeOrganizationId;
737
760
  if (!organizationId) {
@@ -752,7 +775,7 @@ const createInvitation = (option) => createAuthEndpoint(
752
775
  const canInvite = hasPermission({
753
776
  role: member.role,
754
777
  options: ctx.context.orgOptions,
755
- permission: {
778
+ permissions: {
756
779
  invitation: ["create"]
757
780
  }
758
781
  });
@@ -786,10 +809,38 @@ const createInvitation = (option) => createAuthEndpoint(
786
809
  message: ORGANIZATION_ERROR_CODES.USER_IS_ALREADY_INVITED_TO_THIS_ORGANIZATION
787
810
  });
788
811
  }
812
+ if (alreadyInvited.length && ctx.context.orgOptions.cancelPendingInvitationsOnReInvite) {
813
+ await adapter.updateInvitation({
814
+ invitationId: alreadyInvited[0].id,
815
+ status: "canceled"
816
+ });
817
+ }
818
+ const organization = await adapter.findOrganizationById(organizationId);
819
+ if (!organization) {
820
+ throw new APIError("BAD_REQUEST", {
821
+ message: ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND
822
+ });
823
+ }
824
+ const invitationLimit = typeof ctx.context.orgOptions.invitationLimit === "function" ? await ctx.context.orgOptions.invitationLimit(
825
+ {
826
+ user: session.user,
827
+ organization,
828
+ member
829
+ },
830
+ ctx.context
831
+ ) : ctx.context.orgOptions.invitationLimit ?? 100;
832
+ const pendingInvitations = await adapter.findPendingInvitations({
833
+ organizationId
834
+ });
835
+ if (pendingInvitations.length >= invitationLimit) {
836
+ throw new APIError("FORBIDDEN", {
837
+ message: ORGANIZATION_ERROR_CODES.INVITATION_LIMIT_REACHED
838
+ });
839
+ }
789
840
  const invitation = await adapter.createInvitation({
790
841
  invitation: {
791
842
  role: roles,
792
- email: ctx.body.email,
843
+ email: ctx.body.email.toLowerCase(),
793
844
  organizationId,
794
845
  ..."teamId" in ctx.body ? {
795
846
  teamId: ctx.body.teamId
@@ -797,12 +848,6 @@ const createInvitation = (option) => createAuthEndpoint(
797
848
  },
798
849
  user: session.user
799
850
  });
800
- const organization = await adapter.findOrganizationById(organizationId);
801
- if (!organization) {
802
- throw new APIError("BAD_REQUEST", {
803
- message: ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND
804
- });
805
- }
806
851
  await ctx.context.orgOptions.sendInvitationEmail?.(
807
852
  {
808
853
  id: invitation.id,
@@ -865,7 +910,7 @@ const acceptInvitation = createAuthEndpoint(
865
910
  message: ORGANIZATION_ERROR_CODES.INVITATION_NOT_FOUND
866
911
  });
867
912
  }
868
- if (invitation.email !== session.user.email) {
913
+ if (invitation.email.toLowerCase() !== session.user.email.toLowerCase()) {
869
914
  throw new APIError("FORBIDDEN", {
870
915
  message: ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION
871
916
  });
@@ -960,7 +1005,7 @@ const rejectInvitation = createAuthEndpoint(
960
1005
  message: "Invitation not found!"
961
1006
  });
962
1007
  }
963
- if (invitation.email !== session.user.email) {
1008
+ if (invitation.email.toLowerCase() !== session.user.email.toLowerCase()) {
964
1009
  throw new APIError("FORBIDDEN", {
965
1010
  message: ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION
966
1011
  });
@@ -1027,7 +1072,7 @@ const cancelInvitation = createAuthEndpoint(
1027
1072
  const canCancel = hasPermission({
1028
1073
  role: member.role,
1029
1074
  options: ctx.context.orgOptions,
1030
- permission: {
1075
+ permissions: {
1031
1076
  invitation: ["cancel"]
1032
1077
  }
1033
1078
  });
@@ -1130,7 +1175,7 @@ const getInvitation = createAuthEndpoint(
1130
1175
  message: "Invitation not found!"
1131
1176
  });
1132
1177
  }
1133
- if (invitation.email !== session.user.email) {
1178
+ if (invitation.email.toLowerCase() !== session.user.email.toLowerCase()) {
1134
1179
  throw new APIError("FORBIDDEN", {
1135
1180
  message: ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION
1136
1181
  });
@@ -1160,6 +1205,46 @@ const getInvitation = createAuthEndpoint(
1160
1205
  });
1161
1206
  }
1162
1207
  );
1208
+ const listInvitations = createAuthEndpoint(
1209
+ "/organization/list-invitations",
1210
+ {
1211
+ method: "GET",
1212
+ use: [orgMiddleware, orgSessionMiddleware],
1213
+ query: z.object({
1214
+ organizationId: z.string({
1215
+ description: "The ID of the organization to list invitations for"
1216
+ }).optional()
1217
+ }).optional()
1218
+ },
1219
+ async (ctx) => {
1220
+ const session = await getSessionFromCtx(ctx);
1221
+ if (!session) {
1222
+ throw new APIError("UNAUTHORIZED", {
1223
+ message: "Not authenticated"
1224
+ });
1225
+ }
1226
+ const orgId = ctx.query?.organizationId || session.session.activeOrganizationId;
1227
+ if (!orgId) {
1228
+ throw new APIError("BAD_REQUEST", {
1229
+ message: "Organization ID is required"
1230
+ });
1231
+ }
1232
+ const adapter = getOrgAdapter(ctx.context, ctx.context.orgOptions);
1233
+ const isMember = await adapter.findMemberByOrgId({
1234
+ userId: session.user.id,
1235
+ organizationId: orgId
1236
+ });
1237
+ if (!isMember) {
1238
+ throw new APIError("FORBIDDEN", {
1239
+ message: "You are not a member of this organization"
1240
+ });
1241
+ }
1242
+ const invitations = await adapter.listInvitations({
1243
+ organizationId: orgId
1244
+ });
1245
+ return ctx.json(invitations);
1246
+ }
1247
+ );
1163
1248
 
1164
1249
  const addMember = () => createAuthEndpoint(
1165
1250
  "/organization/add-member",
@@ -1233,7 +1318,6 @@ const addMember = () => createAuthEndpoint(
1233
1318
  });
1234
1319
  }
1235
1320
  const createdMember = await adapter.createMember({
1236
- id: generateId(),
1237
1321
  organizationId: orgId,
1238
1322
  userId: user.id,
1239
1323
  role: parseRoles(ctx.body.role),
@@ -1360,7 +1444,7 @@ const removeMember = createAuthEndpoint(
1360
1444
  const canDeleteMember = hasPermission({
1361
1445
  role: member.role,
1362
1446
  options: ctx.context.orgOptions,
1363
- permission: {
1447
+ permissions: {
1364
1448
  member: ["delete"]
1365
1449
  }
1366
1450
  });
@@ -1474,7 +1558,7 @@ const updateMemberRole = (option) => createAuthEndpoint(
1474
1558
  const canUpdateMember = hasPermission({
1475
1559
  role: member.role,
1476
1560
  options: ctx.context.orgOptions,
1477
- permission: {
1561
+ permissions: {
1478
1562
  member: ["update"]
1479
1563
  }
1480
1564
  });
@@ -1715,7 +1799,6 @@ const createOrganization = createAuthEndpoint(
1715
1799
  }
1716
1800
  const organization = await adapter.createOrganization({
1717
1801
  organization: {
1718
- id: generateId(),
1719
1802
  slug: ctx.body.slug,
1720
1803
  name: ctx.body.name,
1721
1804
  logo: ctx.body.logo,
@@ -1730,7 +1813,6 @@ const createOrganization = createAuthEndpoint(
1730
1813
  organization,
1731
1814
  ctx.request
1732
1815
  ) || await adapter.createTeam({
1733
- id: generateId(),
1734
1816
  organizationId: organization.id,
1735
1817
  name: `${organization.name}`,
1736
1818
  createdAt: /* @__PURE__ */ new Date()
@@ -1860,7 +1942,7 @@ const updateOrganization = createAuthEndpoint(
1860
1942
  });
1861
1943
  }
1862
1944
  const canUpdateOrg = hasPermission({
1863
- permission: {
1945
+ permissions: {
1864
1946
  organization: ["update"]
1865
1947
  },
1866
1948
  role: member.role,
@@ -1939,7 +2021,7 @@ const deleteOrganization = createAuthEndpoint(
1939
2021
  }
1940
2022
  const canDeleteOrg = hasPermission({
1941
2023
  role: member.role,
1942
- permission: {
2024
+ permissions: {
1943
2025
  organization: ["delete"]
1944
2026
  },
1945
2027
  options: ctx.context.orgOptions
@@ -2173,8 +2255,8 @@ z.object({
2173
2255
  id: z.string().default(generateId),
2174
2256
  name: z.string(),
2175
2257
  slug: z.string(),
2176
- logo: z.string().nullish(),
2177
- metadata: z.record(z.string()).or(z.string().transform((v) => JSON.parse(v))).nullish(),
2258
+ logo: z.string().nullish().optional(),
2259
+ metadata: z.record(z.string()).or(z.string().transform((v) => JSON.parse(v))).optional(),
2178
2260
  createdAt: z.date()
2179
2261
  });
2180
2262
  z.object({
@@ -2211,7 +2293,55 @@ const createTeam = (options) => createAuthEndpoint(
2211
2293
  organizationId: z.string().optional(),
2212
2294
  name: z.string()
2213
2295
  }),
2214
- use: [orgMiddleware]
2296
+ use: [orgMiddleware],
2297
+ metadata: {
2298
+ openapi: {
2299
+ description: "Create a new team within an organization",
2300
+ responses: {
2301
+ "200": {
2302
+ description: "Team created successfully",
2303
+ content: {
2304
+ "application/json": {
2305
+ schema: {
2306
+ type: "object",
2307
+ properties: {
2308
+ id: {
2309
+ type: "string",
2310
+ description: "Unique identifier of the created team"
2311
+ },
2312
+ name: {
2313
+ type: "string",
2314
+ description: "Name of the team"
2315
+ },
2316
+ organizationId: {
2317
+ type: "string",
2318
+ description: "ID of the organization the team belongs to"
2319
+ },
2320
+ createdAt: {
2321
+ type: "string",
2322
+ format: "date-time",
2323
+ description: "Timestamp when the team was created"
2324
+ },
2325
+ updatedAt: {
2326
+ type: "string",
2327
+ format: "date-time",
2328
+ description: "Timestamp when the team was last updated"
2329
+ }
2330
+ },
2331
+ required: [
2332
+ "id",
2333
+ "name",
2334
+ "organizationId",
2335
+ "createdAt",
2336
+ "updatedAt"
2337
+ ]
2338
+ }
2339
+ }
2340
+ }
2341
+ }
2342
+ }
2343
+ }
2344
+ }
2215
2345
  },
2216
2346
  async (ctx) => {
2217
2347
  const session = await getSessionFromCtx(ctx);
@@ -2238,7 +2368,7 @@ const createTeam = (options) => createAuthEndpoint(
2238
2368
  const canCreate = hasPermission({
2239
2369
  role: member.role,
2240
2370
  options: ctx.context.orgOptions,
2241
- permission: {
2371
+ permissions: {
2242
2372
  team: ["create"]
2243
2373
  }
2244
2374
  });
@@ -2263,7 +2393,6 @@ const createTeam = (options) => createAuthEndpoint(
2263
2393
  });
2264
2394
  }
2265
2395
  const createdTeam = await adapter.createTeam({
2266
- id: generateId(),
2267
2396
  name: ctx.body.name,
2268
2397
  organizationId,
2269
2398
  createdAt: /* @__PURE__ */ new Date(),
@@ -2280,7 +2409,32 @@ const removeTeam = createAuthEndpoint(
2280
2409
  teamId: z.string(),
2281
2410
  organizationId: z.string().optional()
2282
2411
  }),
2283
- use: [orgMiddleware]
2412
+ use: [orgMiddleware],
2413
+ metadata: {
2414
+ openapi: {
2415
+ description: "Remove a team from an organization",
2416
+ responses: {
2417
+ "200": {
2418
+ description: "Team removed successfully",
2419
+ content: {
2420
+ "application/json": {
2421
+ schema: {
2422
+ type: "object",
2423
+ properties: {
2424
+ message: {
2425
+ type: "string",
2426
+ description: "Confirmation message indicating successful removal",
2427
+ enum: ["Team removed successfully."]
2428
+ }
2429
+ },
2430
+ required: ["message"]
2431
+ }
2432
+ }
2433
+ }
2434
+ }
2435
+ }
2436
+ }
2437
+ }
2284
2438
  },
2285
2439
  async (ctx) => {
2286
2440
  const session = await getSessionFromCtx(ctx);
@@ -2310,7 +2464,7 @@ const removeTeam = createAuthEndpoint(
2310
2464
  const canRemove = hasPermission({
2311
2465
  role: member.role,
2312
2466
  options: ctx.context.orgOptions,
2313
- permission: {
2467
+ permissions: {
2314
2468
  team: ["delete"]
2315
2469
  }
2316
2470
  });
@@ -2349,7 +2503,55 @@ const updateTeam = createAuthEndpoint(
2349
2503
  teamId: z.string(),
2350
2504
  data: teamSchema.partial()
2351
2505
  }),
2352
- use: [orgMiddleware, orgSessionMiddleware]
2506
+ use: [orgMiddleware, orgSessionMiddleware],
2507
+ metadata: {
2508
+ openapi: {
2509
+ description: "Update an existing team in an organization",
2510
+ responses: {
2511
+ "200": {
2512
+ description: "Team updated successfully",
2513
+ content: {
2514
+ "application/json": {
2515
+ schema: {
2516
+ type: "object",
2517
+ properties: {
2518
+ id: {
2519
+ type: "string",
2520
+ description: "Unique identifier of the updated team"
2521
+ },
2522
+ name: {
2523
+ type: "string",
2524
+ description: "Updated name of the team"
2525
+ },
2526
+ organizationId: {
2527
+ type: "string",
2528
+ description: "ID of the organization the team belongs to"
2529
+ },
2530
+ createdAt: {
2531
+ type: "string",
2532
+ format: "date-time",
2533
+ description: "Timestamp when the team was created"
2534
+ },
2535
+ updatedAt: {
2536
+ type: "string",
2537
+ format: "date-time",
2538
+ description: "Timestamp when the team was last updated"
2539
+ }
2540
+ },
2541
+ required: [
2542
+ "id",
2543
+ "name",
2544
+ "organizationId",
2545
+ "createdAt",
2546
+ "updatedAt"
2547
+ ]
2548
+ }
2549
+ }
2550
+ }
2551
+ }
2552
+ }
2553
+ }
2554
+ }
2353
2555
  },
2354
2556
  async (ctx) => {
2355
2557
  const session = ctx.context.session;
@@ -2375,7 +2577,7 @@ const updateTeam = createAuthEndpoint(
2375
2577
  const canUpdate = hasPermission({
2376
2578
  role: member.role,
2377
2579
  options: ctx.context.orgOptions,
2378
- permission: {
2580
+ permissions: {
2379
2581
  team: ["update"]
2380
2582
  }
2381
2583
  });
@@ -2408,6 +2610,58 @@ const listOrganizationTeams = createAuthEndpoint(
2408
2610
  organizationId: z.string().optional()
2409
2611
  })
2410
2612
  ),
2613
+ metadata: {
2614
+ openapi: {
2615
+ description: "List all teams in an organization",
2616
+ responses: {
2617
+ "200": {
2618
+ description: "Teams retrieved successfully",
2619
+ content: {
2620
+ "application/json": {
2621
+ schema: {
2622
+ type: "array",
2623
+ items: {
2624
+ type: "object",
2625
+ properties: {
2626
+ id: {
2627
+ type: "string",
2628
+ description: "Unique identifier of the team"
2629
+ },
2630
+ name: {
2631
+ type: "string",
2632
+ description: "Name of the team"
2633
+ },
2634
+ organizationId: {
2635
+ type: "string",
2636
+ description: "ID of the organization the team belongs to"
2637
+ },
2638
+ createdAt: {
2639
+ type: "string",
2640
+ format: "date-time",
2641
+ description: "Timestamp when the team was created"
2642
+ },
2643
+ updatedAt: {
2644
+ type: "string",
2645
+ format: "date-time",
2646
+ description: "Timestamp when the team was last updated"
2647
+ }
2648
+ },
2649
+ required: [
2650
+ "id",
2651
+ "name",
2652
+ "organizationId",
2653
+ "createdAt",
2654
+ "updatedAt"
2655
+ ]
2656
+ },
2657
+ description: "Array of team objects within the organization"
2658
+ }
2659
+ }
2660
+ }
2661
+ }
2662
+ }
2663
+ }
2664
+ },
2411
2665
  use: [orgMiddleware, orgSessionMiddleware]
2412
2666
  },
2413
2667
  async (ctx) => {
@@ -2455,7 +2709,8 @@ const organization = (options) => {
2455
2709
  removeMember,
2456
2710
  updateMemberRole: updateMemberRole(),
2457
2711
  getActiveMember,
2458
- leaveOrganization
2712
+ leaveOrganization,
2713
+ listInvitations
2459
2714
  };
2460
2715
  const teamSupport = options?.teams?.enabled;
2461
2716
  const teamEndpoints = {
@@ -2522,9 +2777,19 @@ const organization = (options) => {
2522
2777
  method: "POST",
2523
2778
  requireHeaders: true,
2524
2779
  body: z.object({
2525
- organizationId: z.string().optional(),
2526
- permission: z.record(z.string(), z.array(z.string()))
2527
- }),
2780
+ organizationId: z.string().optional()
2781
+ }).and(
2782
+ z.union([
2783
+ z.object({
2784
+ permission: z.record(z.string(), z.array(z.string())),
2785
+ permissions: z.undefined()
2786
+ }),
2787
+ z.object({
2788
+ permission: z.undefined(),
2789
+ permissions: z.record(z.string(), z.array(z.string()))
2790
+ })
2791
+ ])
2792
+ ),
2528
2793
  use: [orgSessionMiddleware],
2529
2794
  metadata: {
2530
2795
  $Infer: {
@@ -2539,11 +2804,16 @@ const organization = (options) => {
2539
2804
  type: "object",
2540
2805
  properties: {
2541
2806
  permission: {
2807
+ type: "object",
2808
+ description: "The permission to check",
2809
+ deprecated: true
2810
+ },
2811
+ permissions: {
2542
2812
  type: "object",
2543
2813
  description: "The permission to check"
2544
2814
  }
2545
2815
  },
2546
- required: ["permission"]
2816
+ required: ["permissions"]
2547
2817
  }
2548
2818
  }
2549
2819
  }
@@ -2592,7 +2862,7 @@ const organization = (options) => {
2592
2862
  const result = hasPermission({
2593
2863
  role: member.role,
2594
2864
  options,
2595
- permission: ctx.body.permission
2865
+ permissions: ctx.body.permissions ?? ctx.body.permission
2596
2866
  });
2597
2867
  return ctx.json({
2598
2868
  error: null,
@@ -1,11 +1,14 @@
1
1
  import { defaultRoles } from '../plugins/organization/access/index.mjs';
2
2
 
3
3
  const hasPermission = (input) => {
4
+ if (!input.permissions && !input.permission) {
5
+ return false;
6
+ }
4
7
  const roles = input.role.split(",");
5
8
  const acRoles = input.options.roles || defaultRoles;
6
9
  for (const role of roles) {
7
10
  const _role = acRoles[role];
8
- const result = _role?.authorize(input.permission);
11
+ const result = _role?.authorize(input.permissions ?? input.permission);
9
12
  if (result?.success) {
10
13
  return true;
11
14
  }
@@ -1,4 +1,4 @@
1
- import { G as GenericEndpointContext } from './better-auth.BiQsvaIP.cjs';
1
+ import { G as GenericEndpointContext } from './better-auth.DQ7OSJbI.mjs';
2
2
 
3
3
  declare function generateState(c: GenericEndpointContext, link?: {
4
4
  email: string;