better-auth 1.4.18 → 1.4.19

package/dist/plugins/admin/admin.d.mts

@@ -1,11 +1,11 @@
 import { AccessControl, Statements } from "../access/types.mjs";
 import { AdminOptions, InferAdminRolesFromOption, SessionWithImpersonatedBy, UserWithRole } from "./types.mjs";
 import "../index.mjs";
-import * as _better_auth_core29 from "@better-auth/core";
-import * as _better_auth_core_db10 from "@better-auth/core/db";
-import * as better_call675 from "better-call";
-import * as zod1850 from "zod";
-import * as zod_v4_core264 from "zod/v4/core";
+import * as _better_auth_core43 from "@better-auth/core";
+import * as _better_auth_core_db23 from "@better-auth/core/db";
+import * as better_call706 from "better-call";
+import * as zod1930 from "zod";
+import * as zod_v4_core269 from "zod/v4/core";
 
 //#region src/plugins/admin/admin.d.ts
 declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
@@ -48,7 +48,7 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
               token: string;
               ipAddress?: string | null | undefined;
               userAgent?: string | null | undefined;
-            } & Record<string, unknown>, ctx: _better_auth_core29.GenericEndpointContext | null): Promise<void>;
+            } & Record<string, unknown>, ctx: _better_auth_core43.GenericEndpointContext | null): Promise<void>;
           };
         };
       };
@@ -56,22 +56,22 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
   };
   hooks: {
     after: {
-      matcher(context: _better_auth_core29.HookEndpointContext): boolean;
-      handler: (inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<SessionWithImpersonatedBy[] | undefined>;
+      matcher(context: _better_auth_core43.HookEndpointContext): boolean;
+      handler: (inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<SessionWithImpersonatedBy[] | undefined>;
     }[];
   };
   endpoints: {
-    setRole: better_call675.StrictEndpoint<"/admin/set-role", {
+    setRole: better_call706.StrictEndpoint<"/admin/set-role", {
       method: "POST";
-      body: zod1850.ZodObject<{
-        userId: zod1850.ZodCoercedString<unknown>;
-        role: zod1850.ZodUnion<readonly [zod1850.ZodString, zod1850.ZodArray<zod1850.ZodString>]>;
-      }, zod_v4_core264.$strip>;
+      body: zod1930.ZodObject<{
+        userId: zod1930.ZodCoercedString<unknown>;
+        role: zod1930.ZodUnion<readonly [zod1930.ZodString, zod1930.ZodArray<zod1930.ZodString>]>;
+      }, zod_v4_core269.$strip>;
       requireHeaders: true;
-      use: ((inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<{
+      use: ((inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<{
         session: {
           user: UserWithRole;
-          session: _better_auth_core_db10.Session;
+          session: _better_auth_core_db23.Session;
         };
       }>)[];
       metadata: {
@@ -107,15 +107,15 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
     }, {
       user: UserWithRole;
     }>;
-    getUser: better_call675.StrictEndpoint<"/admin/get-user", {
+    getUser: better_call706.StrictEndpoint<"/admin/get-user", {
       method: "GET";
-      query: zod1850.ZodObject<{
-        id: zod1850.ZodString;
-      }, zod_v4_core264.$strip>;
-      use: ((inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<{
+      query: zod1930.ZodObject<{
+        id: zod1930.ZodString;
+      }, zod_v4_core269.$strip>;
+      use: ((inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<{
         session: {
           user: UserWithRole;
-          session: _better_auth_core_db10.Session;
+          session: _better_auth_core_db23.Session;
         };
       }>)[];
       metadata: {
@@ -143,15 +143,15 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
         };
       };
     }, UserWithRole>;
-    createUser: better_call675.StrictEndpoint<"/admin/create-user", {
+    createUser: better_call706.StrictEndpoint<"/admin/create-user", {
       method: "POST";
-      body: zod1850.ZodObject<{
-        email: zod1850.ZodString;
-        password: zod1850.ZodOptional<zod1850.ZodString>;
-        name: zod1850.ZodString;
-        role: zod1850.ZodOptional<zod1850.ZodUnion<readonly [zod1850.ZodString, zod1850.ZodArray<zod1850.ZodString>]>>;
-        data: zod1850.ZodOptional<zod1850.ZodRecord<zod1850.ZodString, zod1850.ZodAny>>;
-      }, zod_v4_core264.$strip>;
+      body: zod1930.ZodObject<{
+        email: zod1930.ZodString;
+        password: zod1930.ZodOptional<zod1930.ZodString>;
+        name: zod1930.ZodString;
+        role: zod1930.ZodOptional<zod1930.ZodUnion<readonly [zod1930.ZodString, zod1930.ZodArray<zod1930.ZodString>]>>;
+        data: zod1930.ZodOptional<zod1930.ZodRecord<zod1930.ZodString, zod1930.ZodAny>>;
+      }, zod_v4_core269.$strip>;
       metadata: {
         openapi: {
           operationId: string;
@@ -188,16 +188,16 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
     }, {
       user: UserWithRole;
     }>;
-    adminUpdateUser: better_call675.StrictEndpoint<"/admin/update-user", {
+    adminUpdateUser: better_call706.StrictEndpoint<"/admin/update-user", {
       method: "POST";
-      body: zod1850.ZodObject<{
-        userId: zod1850.ZodCoercedString<unknown>;
-        data: zod1850.ZodRecord<zod1850.ZodAny, zod1850.ZodAny>;
-      }, zod_v4_core264.$strip>;
-      use: ((inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<{
+      body: zod1930.ZodObject<{
+        userId: zod1930.ZodCoercedString<unknown>;
+        data: zod1930.ZodRecord<zod1930.ZodAny, zod1930.ZodAny>;
+      }, zod_v4_core269.$strip>;
+      use: ((inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<{
         session: {
           user: UserWithRole;
-          session: _better_auth_core_db10.Session;
+          session: _better_auth_core_db23.Session;
         };
       }>)[];
       metadata: {
@@ -225,35 +225,35 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
         };
       };
     }, UserWithRole>;
-    listUsers: better_call675.StrictEndpoint<"/admin/list-users", {
+    listUsers: better_call706.StrictEndpoint<"/admin/list-users", {
       method: "GET";
-      use: ((inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<{
+      use: ((inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<{
         session: {
           user: UserWithRole;
-          session: _better_auth_core_db10.Session;
+          session: _better_auth_core_db23.Session;
         };
       }>)[];
-      query: zod1850.ZodObject<{
-        searchValue: zod1850.ZodOptional<zod1850.ZodString>;
-        searchField: zod1850.ZodOptional<zod1850.ZodEnum<{
+      query: zod1930.ZodObject<{
+        searchValue: zod1930.ZodOptional<zod1930.ZodString>;
+        searchField: zod1930.ZodOptional<zod1930.ZodEnum<{
           name: "name";
           email: "email";
         }>>;
-        searchOperator: zod1850.ZodOptional<zod1850.ZodEnum<{
+        searchOperator: zod1930.ZodOptional<zod1930.ZodEnum<{
           contains: "contains";
           starts_with: "starts_with";
           ends_with: "ends_with";
         }>>;
-        limit: zod1850.ZodOptional<zod1850.ZodUnion<[zod1850.ZodString, zod1850.ZodNumber]>>;
-        offset: zod1850.ZodOptional<zod1850.ZodUnion<[zod1850.ZodString, zod1850.ZodNumber]>>;
-        sortBy: zod1850.ZodOptional<zod1850.ZodString>;
-        sortDirection: zod1850.ZodOptional<zod1850.ZodEnum<{
+        limit: zod1930.ZodOptional<zod1930.ZodUnion<[zod1930.ZodString, zod1930.ZodNumber]>>;
+        offset: zod1930.ZodOptional<zod1930.ZodUnion<[zod1930.ZodString, zod1930.ZodNumber]>>;
+        sortBy: zod1930.ZodOptional<zod1930.ZodString>;
+        sortDirection: zod1930.ZodOptional<zod1930.ZodEnum<{
           asc: "asc";
           desc: "desc";
         }>>;
-        filterField: zod1850.ZodOptional<zod1850.ZodString>;
-        filterValue: zod1850.ZodOptional<zod1850.ZodUnion<[zod1850.ZodUnion<[zod1850.ZodString, zod1850.ZodNumber]>, zod1850.ZodBoolean]>>;
-        filterOperator: zod1850.ZodOptional<zod1850.ZodEnum<{
+        filterField: zod1930.ZodOptional<zod1930.ZodString>;
+        filterValue: zod1930.ZodOptional<zod1930.ZodUnion<[zod1930.ZodUnion<[zod1930.ZodString, zod1930.ZodNumber]>, zod1930.ZodBoolean]>>;
+        filterOperator: zod1930.ZodOptional<zod1930.ZodEnum<{
           eq: "eq";
           ne: "ne";
           lt: "lt";
@@ -262,7 +262,7 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
           gte: "gte";
           contains: "contains";
         }>>;
-      }, zod_v4_core264.$strip>;
+      }, zod_v4_core269.$strip>;
       metadata: {
         openapi: {
           operationId: string;
@@ -303,23 +303,18 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
     }, {
       users: UserWithRole[];
       total: number;
-      limit: number | undefined;
-      offset: number | undefined;
-    } | {
-      users: never[];
-      total: number;
     }>;
-    listUserSessions: better_call675.StrictEndpoint<"/admin/list-user-sessions", {
+    listUserSessions: better_call706.StrictEndpoint<"/admin/list-user-sessions", {
       method: "POST";
-      use: ((inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<{
+      use: ((inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<{
         session: {
           user: UserWithRole;
-          session: _better_auth_core_db10.Session;
+          session: _better_auth_core_db23.Session;
         };
       }>)[];
-      body: zod1850.ZodObject<{
-        userId: zod1850.ZodCoercedString<unknown>;
-      }, zod_v4_core264.$strip>;
+      body: zod1930.ZodObject<{
+        userId: zod1930.ZodCoercedString<unknown>;
+      }, zod_v4_core269.$strip>;
       metadata: {
         openapi: {
           operationId: string;
@@ -350,15 +345,15 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
     }, {
       sessions: SessionWithImpersonatedBy[];
     }>;
-    unbanUser: better_call675.StrictEndpoint<"/admin/unban-user", {
+    unbanUser: better_call706.StrictEndpoint<"/admin/unban-user", {
       method: "POST";
-      body: zod1850.ZodObject<{
-        userId: zod1850.ZodCoercedString<unknown>;
-      }, zod_v4_core264.$strip>;
-      use: ((inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<{
+      body: zod1930.ZodObject<{
+        userId: zod1930.ZodCoercedString<unknown>;
+      }, zod_v4_core269.$strip>;
+      use: ((inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<{
         session: {
           user: UserWithRole;
-          session: _better_auth_core_db10.Session;
+          session: _better_auth_core_db23.Session;
         };
       }>)[];
       metadata: {
@@ -388,17 +383,17 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
     }, {
       user: UserWithRole;
     }>;
-    banUser: better_call675.StrictEndpoint<"/admin/ban-user", {
+    banUser: better_call706.StrictEndpoint<"/admin/ban-user", {
       method: "POST";
-      body: zod1850.ZodObject<{
-        userId: zod1850.ZodCoercedString<unknown>;
-        banReason: zod1850.ZodOptional<zod1850.ZodString>;
-        banExpiresIn: zod1850.ZodOptional<zod1850.ZodNumber>;
-      }, zod_v4_core264.$strip>;
-      use: ((inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<{
+      body: zod1930.ZodObject<{
+        userId: zod1930.ZodCoercedString<unknown>;
+        banReason: zod1930.ZodOptional<zod1930.ZodString>;
+        banExpiresIn: zod1930.ZodOptional<zod1930.ZodNumber>;
+      }, zod_v4_core269.$strip>;
+      use: ((inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<{
         session: {
           user: UserWithRole;
-          session: _better_auth_core_db10.Session;
+          session: _better_auth_core_db23.Session;
         };
       }>)[];
       metadata: {
@@ -428,15 +423,15 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
     }, {
       user: UserWithRole;
     }>;
-    impersonateUser: better_call675.StrictEndpoint<"/admin/impersonate-user", {
+    impersonateUser: better_call706.StrictEndpoint<"/admin/impersonate-user", {
       method: "POST";
-      body: zod1850.ZodObject<{
-        userId: zod1850.ZodCoercedString<unknown>;
-      }, zod_v4_core264.$strip>;
-      use: ((inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<{
+      body: zod1930.ZodObject<{
+        userId: zod1930.ZodCoercedString<unknown>;
+      }, zod_v4_core269.$strip>;
+      use: ((inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<{
         session: {
           user: UserWithRole;
-          session: _better_auth_core_db10.Session;
+          session: _better_auth_core_db23.Session;
         };
       }>)[];
       metadata: {
@@ -479,7 +474,7 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
       };
       user: UserWithRole;
     }>;
-    stopImpersonating: better_call675.StrictEndpoint<"/admin/stop-impersonating", {
+    stopImpersonating: better_call706.StrictEndpoint<"/admin/stop-impersonating", {
       method: "POST";
       requireHeaders: true;
     }, {
@@ -503,15 +498,15 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
         image?: string | null | undefined;
       } & Record<string, any>;
     }>;
-    revokeUserSession: better_call675.StrictEndpoint<"/admin/revoke-user-session", {
+    revokeUserSession: better_call706.StrictEndpoint<"/admin/revoke-user-session", {
       method: "POST";
-      body: zod1850.ZodObject<{
-        sessionToken: zod1850.ZodString;
-      }, zod_v4_core264.$strip>;
-      use: ((inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<{
+      body: zod1930.ZodObject<{
+        sessionToken: zod1930.ZodString;
+      }, zod_v4_core269.$strip>;
+      use: ((inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<{
         session: {
           user: UserWithRole;
-          session: _better_auth_core_db10.Session;
+          session: _better_auth_core_db23.Session;
         };
       }>)[];
       metadata: {
@@ -541,15 +536,15 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
     }, {
       success: boolean;
     }>;
-    revokeUserSessions: better_call675.StrictEndpoint<"/admin/revoke-user-sessions", {
+    revokeUserSessions: better_call706.StrictEndpoint<"/admin/revoke-user-sessions", {
       method: "POST";
-      body: zod1850.ZodObject<{
-        userId: zod1850.ZodCoercedString<unknown>;
-      }, zod_v4_core264.$strip>;
-      use: ((inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<{
+      body: zod1930.ZodObject<{
+        userId: zod1930.ZodCoercedString<unknown>;
+      }, zod_v4_core269.$strip>;
+      use: ((inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<{
         session: {
           user: UserWithRole;
-          session: _better_auth_core_db10.Session;
+          session: _better_auth_core_db23.Session;
         };
       }>)[];
       metadata: {
@@ -579,15 +574,15 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
     }, {
       success: boolean;
     }>;
-    removeUser: better_call675.StrictEndpoint<"/admin/remove-user", {
+    removeUser: better_call706.StrictEndpoint<"/admin/remove-user", {
       method: "POST";
-      body: zod1850.ZodObject<{
-        userId: zod1850.ZodCoercedString<unknown>;
-      }, zod_v4_core264.$strip>;
-      use: ((inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<{
+      body: zod1930.ZodObject<{
+        userId: zod1930.ZodCoercedString<unknown>;
+      }, zod_v4_core269.$strip>;
+      use: ((inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<{
         session: {
           user: UserWithRole;
-          session: _better_auth_core_db10.Session;
+          session: _better_auth_core_db23.Session;
         };
       }>)[];
       metadata: {
@@ -617,16 +612,16 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
     }, {
       success: boolean;
     }>;
-    setUserPassword: better_call675.StrictEndpoint<"/admin/set-user-password", {
+    setUserPassword: better_call706.StrictEndpoint<"/admin/set-user-password", {
       method: "POST";
-      body: zod1850.ZodObject<{
-        newPassword: zod1850.ZodString;
-        userId: zod1850.ZodCoercedString<unknown>;
-      }, zod_v4_core264.$strip>;
-      use: ((inputContext: better_call675.MiddlewareInputContext<better_call675.MiddlewareOptions>) => Promise<{
+      body: zod1930.ZodObject<{
+        newPassword: zod1930.ZodString;
+        userId: zod1930.ZodCoercedString<unknown>;
+      }, zod_v4_core269.$strip>;
+      use: ((inputContext: better_call706.MiddlewareInputContext<better_call706.MiddlewareOptions>) => Promise<{
         session: {
           user: UserWithRole;
-          session: _better_auth_core_db10.Session;
+          session: _better_auth_core_db23.Session;
         };
       }>)[];
       metadata: {
@@ -656,18 +651,18 @@ declare const admin: <O extends AdminOptions>(options?: O | undefined) => {
     }, {
       status: boolean;
     }>;
-    userHasPermission: better_call675.StrictEndpoint<"/admin/has-permission", {
+    userHasPermission: better_call706.StrictEndpoint<"/admin/has-permission", {
       method: "POST";
-      body: zod1850.ZodIntersection<zod1850.ZodObject<{
-        userId: zod1850.ZodOptional<zod1850.ZodCoercedString<unknown>>;
-        role: zod1850.ZodOptional<zod1850.ZodString>;
-      }, zod_v4_core264.$strip>, zod1850.ZodUnion<readonly [zod1850.ZodObject<{
-        permission: zod1850.ZodRecord<zod1850.ZodString, zod1850.ZodArray<zod1850.ZodString>>;
-        permissions: zod1850.ZodUndefined;
-      }, zod_v4_core264.$strip>, zod1850.ZodObject<{
-        permission: zod1850.ZodUndefined;
-        permissions: zod1850.ZodRecord<zod1850.ZodString, zod1850.ZodArray<zod1850.ZodString>>;
-      }, zod_v4_core264.$strip>]>>;
+      body: zod1930.ZodIntersection<zod1930.ZodObject<{
+        userId: zod1930.ZodOptional<zod1930.ZodCoercedString<unknown>>;
+        role: zod1930.ZodOptional<zod1930.ZodString>;
+      }, zod_v4_core269.$strip>, zod1930.ZodUnion<readonly [zod1930.ZodObject<{
+        permission: zod1930.ZodRecord<zod1930.ZodString, zod1930.ZodArray<zod1930.ZodString>>;
+        permissions: zod1930.ZodUndefined;
+      }, zod_v4_core269.$strip>, zod1930.ZodObject<{
+        permission: zod1930.ZodUndefined;
+        permissions: zod1930.ZodRecord<zod1930.ZodString, zod1930.ZodArray<zod1930.ZodString>>;
+      }, zod_v4_core269.$strip>]>>;
       metadata: {
         openapi: {
           description: string;

package/dist/plugins/admin/admin.mjs

@@ -34,7 +34,7 @@ const admin = (options) => {
 				session: { create: { async before(session, ctx) {
 					if (!ctx) return;
 					const user = await ctx.context.internalAdapter.findUserById(session.userId);
-					if (user.banned) {
+					if (user?.banned) {
 						if (user.banExpires && new Date(user.banExpires).getTime() < Date.now()) {
 							await ctx.context.internalAdapter.updateUser(session.userId, {
 								banned: false,

package/dist/plugins/admin/admin.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"admin.mjs","names":[],"sources":["../../../src/plugins/admin/admin.ts"],"sourcesContent":["import type { BetterAuthPlugin } from \"@better-auth/core\";\nimport { createAuthMiddleware } from \"@better-auth/core/api\";\nimport { BetterAuthError } from \"@better-auth/core/error\";\nimport { APIError } from \"../../api\";\nimport { mergeSchema } from \"../../db/schema\";\nimport { getEndpointResponse } from \"../../utils/plugin-helper\";\nimport { defaultRoles } from \"./access\";\nimport { ADMIN_ERROR_CODES } from \"./error-codes\";\nimport {\n\tadminUpdateUser,\n\tbanUser,\n\tcreateUser,\n\tgetUser,\n\timpersonateUser,\n\tlistUserSessions,\n\tlistUsers,\n\tremoveUser,\n\trevokeUserSession,\n\trevokeUserSessions,\n\tsetRole,\n\tsetUserPassword,\n\tstopImpersonating,\n\tunbanUser,\n\tuserHasPermission,\n} from \"./routes\";\nimport { schema } from \"./schema\";\nimport type {\n\tAdminOptions,\n\tSessionWithImpersonatedBy,\n\tUserWithRole,\n} from \"./types\";\n\nexport const admin = <O extends AdminOptions>(options?: O | undefined) => {\n\tconst opts = {\n\t\t...(options || {}),\n\t\tdefaultRole: options?.defaultRole ?? \"user\",\n\t\tadminRoles: options?.adminRoles ?? [\"admin\"],\n\t\tbannedUserMessage:\n\t\t\toptions?.bannedUserMessage ??\n\t\t\t\"You have been banned from this application. Please contact support if you believe this is an error.\",\n\t} as O &\n\t\tRequired<\n\t\t\tPick<AdminOptions, \"defaultRole\" | \"adminRoles\" | \"bannedUserMessage\">\n\t\t>;\n\n\tif (options?.adminRoles) {\n\t\tconst adminRoles = Array.isArray(options.adminRoles)\n\t\t\t? options.adminRoles\n\t\t\t: [...options.adminRoles.split(\",\")];\n\t\tconst invalidRoles = adminRoles.filter(\n\t\t\t(role) =>\n\t\t\t\t!Object.keys(options?.roles || defaultRoles)\n\t\t\t\t\t.map((r) => r.toLowerCase())\n\t\t\t\t\t.includes(role.toLowerCase()),\n\t\t);\n\t\tif (invalidRoles.length > 0) {\n\t\t\tthrow new BetterAuthError(\n\t\t\t\t`Invalid admin roles: ${invalidRoles.join(\", \")}. Admin roles must be defined in the 'roles' configuration.`,\n\t\t\t);\n\t\t}\n\t}\n\n\treturn {\n\t\tid: \"admin\",\n\t\tinit() {\n\t\t\treturn {\n\t\t\t\toptions: {\n\t\t\t\t\tdatabaseHooks: {\n\t\t\t\t\t\tuser: {\n\t\t\t\t\t\t\tcreate: {\n\t\t\t\t\t\t\t\tasync before(user) {\n\t\t\t\t\t\t\t\t\treturn {\n\t\t\t\t\t\t\t\t\t\tdata: {\n\t\t\t\t\t\t\t\t\t\t\trole: options?.defaultRole ?? \"user\",\n\t\t\t\t\t\t\t\t\t\t\t...user,\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t};\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tsession: {\n\t\t\t\t\t\t\tcreate: {\n\t\t\t\t\t\t\t\tasync before(session, ctx) {\n\t\t\t\t\t\t\t\t\tif (!ctx) {\n\t\t\t\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t\tconst user = (await ctx.context.internalAdapter.findUserById(\n\t\t\t\t\t\t\t\t\t\tsession.userId,\n\t\t\t\t\t\t\t\t\t)) as UserWithRole;\n\n\t\t\t\t\t\t\t\t\tif (user.banned) {\n\t\t\t\t\t\t\t\t\t\tif (\n\t\t\t\t\t\t\t\t\t\t\tuser.banExpires &&\n\t\t\t\t\t\t\t\t\t\t\tnew Date(user.banExpires).getTime() < Date.now()\n\t\t\t\t\t\t\t\t\t\t) {\n\t\t\t\t\t\t\t\t\t\t\tawait ctx.context.internalAdapter.updateUser(\n\t\t\t\t\t\t\t\t\t\t\t\tsession.userId,\n\t\t\t\t\t\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\t\t\t\t\t\tbanned: false,\n\t\t\t\t\t\t\t\t\t\t\t\t\tbanReason: null,\n\t\t\t\t\t\t\t\t\t\t\t\t\tbanExpires: null,\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t\t\t\t\t}\n\n\t\t\t\t\t\t\t\t\t\tif (\n\t\t\t\t\t\t\t\t\t\t\tctx &&\n\t\t\t\t\t\t\t\t\t\t\t(ctx.path.startsWith(\"/callback\") ||\n\t\t\t\t\t\t\t\t\t\t\t\tctx.path.startsWith(\"/oauth2/callback\"))\n\t\t\t\t\t\t\t\t\t\t) {\n\t\t\t\t\t\t\t\t\t\t\tconst redirectURI =\n\t\t\t\t\t\t\t\t\t\t\t\tctx.context.options.onAPIError?.errorURL ||\n\t\t\t\t\t\t\t\t\t\t\t\t`${ctx.context.baseURL}/error`;\n\t\t\t\t\t\t\t\t\t\t\tthrow ctx.redirect(\n\t\t\t\t\t\t\t\t\t\t\t\t`${redirectURI}?error=banned&error_description=${opts.bannedUserMessage}`,\n\t\t\t\t\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\t\t\t\t}\n\n\t\t\t\t\t\t\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\t\t\t\t\t\t\tmessage: opts.bannedUserMessage,\n\t\t\t\t\t\t\t\t\t\t\tcode: \"BANNED_USER\",\n\t\t\t\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t};\n\t\t},\n\t\thooks: {\n\t\t\tafter: [\n\t\t\t\t{\n\t\t\t\t\tmatcher(context) {\n\t\t\t\t\t\treturn context.path === \"/list-sessions\";\n\t\t\t\t\t},\n\t\t\t\t\thandler: createAuthMiddleware(async (ctx) => {\n\t\t\t\t\t\tconst response =\n\t\t\t\t\t\t\tawait getEndpointResponse<SessionWithImpersonatedBy[]>(ctx);\n\n\t\t\t\t\t\tif (!response) {\n\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t}\n\t\t\t\t\t\tconst newJson = response.filter((session) => {\n\t\t\t\t\t\t\treturn !session.impersonatedBy;\n\t\t\t\t\t\t});\n\n\t\t\t\t\t\treturn ctx.json(newJson);\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t],\n\t\t},\n\t\tendpoints: {\n\t\t\tsetRole: setRole(opts),\n\t\t\tgetUser: getUser(opts),\n\t\t\tcreateUser: createUser(opts),\n\t\t\tadminUpdateUser: adminUpdateUser(opts),\n\t\t\tlistUsers: listUsers(opts),\n\t\t\tlistUserSessions: listUserSessions(opts),\n\t\t\tunbanUser: unbanUser(opts),\n\t\t\tbanUser: banUser(opts),\n\t\t\timpersonateUser: impersonateUser(opts),\n\t\t\tstopImpersonating: stopImpersonating(),\n\t\t\trevokeUserSession: revokeUserSession(opts),\n\t\t\trevokeUserSessions: revokeUserSessions(opts),\n\t\t\tremoveUser: removeUser(opts),\n\t\t\tsetUserPassword: setUserPassword(opts),\n\t\t\tuserHasPermission: userHasPermission(opts as O),\n\t\t},\n\t\t$ERROR_CODES: ADMIN_ERROR_CODES,\n\t\tschema: mergeSchema(schema, opts.schema),\n\t\toptions: options as NoInfer<O>,\n\t} satisfies BetterAuthPlugin;\n};\n"],"mappings":";;;;;;;;;;;;AAgCA,MAAa,SAAiC,YAA4B;CACzE,MAAM,OAAO;EACZ,GAAI,WAAW,EAAE;EACjB,aAAa,SAAS,eAAe;EACrC,YAAY,SAAS,cAAc,CAAC,QAAQ;EAC5C,mBACC,SAAS,qBACT;EACD;AAKD,KAAI,SAAS,YAAY;EAIxB,MAAM,gBAHa,MAAM,QAAQ,QAAQ,WAAW,GACjD,QAAQ,aACR,CAAC,GAAG,QAAQ,WAAW,MAAM,IAAI,CAAC,EACL,QAC9B,SACA,CAAC,OAAO,KAAK,SAAS,SAAS,aAAa,CAC1C,KAAK,MAAM,EAAE,aAAa,CAAC,CAC3B,SAAS,KAAK,aAAa,CAAC,CAC/B;AACD,MAAI,aAAa,SAAS,EACzB,OAAM,IAAI,gBACT,wBAAwB,aAAa,KAAK,KAAK,CAAC,6DAChD;;AAIH,QAAO;EACN,IAAI;EACJ,OAAO;AACN,UAAO,EACN,SAAS,EACR,eAAe;IACd,MAAM,EACL,QAAQ,EACP,MAAM,OAAO,MAAM;AAClB,YAAO,EACN,MAAM;MACL,MAAM,SAAS,eAAe;MAC9B,GAAG;MACH,EACD;OAEF,EACD;IACD,SAAS,EACR,QAAQ,EACP,MAAM,OAAO,SAAS,KAAK;AAC1B,SAAI,CAAC,IACJ;KAED,MAAM,OAAQ,MAAM,IAAI,QAAQ,gBAAgB,aAC/C,QAAQ,OACR;AAED,SAAI,KAAK,QAAQ;AAChB,UACC,KAAK,cACL,IAAI,KAAK,KAAK,WAAW,CAAC,SAAS,GAAG,KAAK,KAAK,EAC/C;AACD,aAAM,IAAI,QAAQ,gBAAgB,WACjC,QAAQ,QACR;QACC,QAAQ;QACR,WAAW;QACX,YAAY;QACZ,CACD;AACD;;AAGD,UACC,QACC,IAAI,KAAK,WAAW,YAAY,IAChC,IAAI,KAAK,WAAW,mBAAmB,GACvC;OACD,MAAM,cACL,IAAI,QAAQ,QAAQ,YAAY,YAChC,GAAG,IAAI,QAAQ,QAAQ;AACxB,aAAM,IAAI,SACT,GAAG,YAAY,kCAAkC,KAAK,oBACtD;;AAGF,YAAM,IAAI,SAAS,aAAa;OAC/B,SAAS,KAAK;OACd,MAAM;OACN,CAAC;;OAGJ,EACD;IACD,EACD,EACD;;EAEF,OAAO,EACN,OAAO,CACN;GACC,QAAQ,SAAS;AAChB,WAAO,QAAQ,SAAS;;GAEzB,SAAS,qBAAqB,OAAO,QAAQ;IAC5C,MAAM,WACL,MAAM,oBAAiD,IAAI;AAE5D,QAAI,CAAC,SACJ;IAED,MAAM,UAAU,SAAS,QAAQ,YAAY;AAC5C,YAAO,CAAC,QAAQ;MACf;AAEF,WAAO,IAAI,KAAK,QAAQ;KACvB;GACF,CACD,EACD;EACD,WAAW;GACV,SAAS,QAAQ,KAAK;GACtB,SAAS,QAAQ,KAAK;GACtB,YAAY,WAAW,KAAK;GAC5B,iBAAiB,gBAAgB,KAAK;GACtC,WAAW,UAAU,KAAK;GAC1B,kBAAkB,iBAAiB,KAAK;GACxC,WAAW,UAAU,KAAK;GAC1B,SAAS,QAAQ,KAAK;GACtB,iBAAiB,gBAAgB,KAAK;GACtC,mBAAmB,mBAAmB;GACtC,mBAAmB,kBAAkB,KAAK;GAC1C,oBAAoB,mBAAmB,KAAK;GAC5C,YAAY,WAAW,KAAK;GAC5B,iBAAiB,gBAAgB,KAAK;GACtC,mBAAmB,kBAAkB,KAAU;GAC/C;EACD,cAAc;EACd,QAAQ,YAAY,QAAQ,KAAK,OAAO;EAC/B;EACT"}
+{"version":3,"file":"admin.mjs","names":[],"sources":["../../../src/plugins/admin/admin.ts"],"sourcesContent":["import type { BetterAuthPlugin } from \"@better-auth/core\";\nimport { createAuthMiddleware } from \"@better-auth/core/api\";\nimport { BetterAuthError } from \"@better-auth/core/error\";\nimport { APIError } from \"../../api\";\nimport { mergeSchema } from \"../../db/schema\";\nimport { getEndpointResponse } from \"../../utils/plugin-helper\";\nimport { defaultRoles } from \"./access\";\nimport { ADMIN_ERROR_CODES } from \"./error-codes\";\nimport {\n\tadminUpdateUser,\n\tbanUser,\n\tcreateUser,\n\tgetUser,\n\timpersonateUser,\n\tlistUserSessions,\n\tlistUsers,\n\tremoveUser,\n\trevokeUserSession,\n\trevokeUserSessions,\n\tsetRole,\n\tsetUserPassword,\n\tstopImpersonating,\n\tunbanUser,\n\tuserHasPermission,\n} from \"./routes\";\nimport { schema } from \"./schema\";\nimport type {\n\tAdminOptions,\n\tSessionWithImpersonatedBy,\n\tUserWithRole,\n} from \"./types\";\n\nexport const admin = <O extends AdminOptions>(options?: O | undefined) => {\n\tconst opts = {\n\t\t...(options || {}),\n\t\tdefaultRole: options?.defaultRole ?? \"user\",\n\t\tadminRoles: options?.adminRoles ?? [\"admin\"],\n\t\tbannedUserMessage:\n\t\t\toptions?.bannedUserMessage ??\n\t\t\t\"You have been banned from this application. Please contact support if you believe this is an error.\",\n\t} as O &\n\t\tRequired<\n\t\t\tPick<AdminOptions, \"defaultRole\" | \"adminRoles\" | \"bannedUserMessage\">\n\t\t>;\n\n\tif (options?.adminRoles) {\n\t\tconst adminRoles = Array.isArray(options.adminRoles)\n\t\t\t? options.adminRoles\n\t\t\t: [...options.adminRoles.split(\",\")];\n\t\tconst invalidRoles = adminRoles.filter(\n\t\t\t(role) =>\n\t\t\t\t!Object.keys(options?.roles || defaultRoles)\n\t\t\t\t\t.map((r) => r.toLowerCase())\n\t\t\t\t\t.includes(role.toLowerCase()),\n\t\t);\n\t\tif (invalidRoles.length > 0) {\n\t\t\tthrow new BetterAuthError(\n\t\t\t\t`Invalid admin roles: ${invalidRoles.join(\", \")}. Admin roles must be defined in the 'roles' configuration.`,\n\t\t\t);\n\t\t}\n\t}\n\n\treturn {\n\t\tid: \"admin\",\n\t\tinit() {\n\t\t\treturn {\n\t\t\t\toptions: {\n\t\t\t\t\tdatabaseHooks: {\n\t\t\t\t\t\tuser: {\n\t\t\t\t\t\t\tcreate: {\n\t\t\t\t\t\t\t\tasync before(user) {\n\t\t\t\t\t\t\t\t\treturn {\n\t\t\t\t\t\t\t\t\t\tdata: {\n\t\t\t\t\t\t\t\t\t\t\trole: options?.defaultRole ?? \"user\",\n\t\t\t\t\t\t\t\t\t\t\t...user,\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t};\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tsession: {\n\t\t\t\t\t\t\tcreate: {\n\t\t\t\t\t\t\t\tasync before(session, ctx) {\n\t\t\t\t\t\t\t\t\tif (!ctx) {\n\t\t\t\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t\tconst user = (await ctx.context.internalAdapter.findUserById(\n\t\t\t\t\t\t\t\t\t\tsession.userId,\n\t\t\t\t\t\t\t\t\t)) as UserWithRole | null;\n\n\t\t\t\t\t\t\t\t\tif (user?.banned) {\n\t\t\t\t\t\t\t\t\t\tif (\n\t\t\t\t\t\t\t\t\t\t\tuser.banExpires &&\n\t\t\t\t\t\t\t\t\t\t\tnew Date(user.banExpires).getTime() < Date.now()\n\t\t\t\t\t\t\t\t\t\t) {\n\t\t\t\t\t\t\t\t\t\t\tawait ctx.context.internalAdapter.updateUser(\n\t\t\t\t\t\t\t\t\t\t\t\tsession.userId,\n\t\t\t\t\t\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\t\t\t\t\t\tbanned: false,\n\t\t\t\t\t\t\t\t\t\t\t\t\tbanReason: null,\n\t\t\t\t\t\t\t\t\t\t\t\t\tbanExpires: null,\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t\t\t\t\t}\n\n\t\t\t\t\t\t\t\t\t\tif (\n\t\t\t\t\t\t\t\t\t\t\tctx &&\n\t\t\t\t\t\t\t\t\t\t\t(ctx.path.startsWith(\"/callback\") ||\n\t\t\t\t\t\t\t\t\t\t\t\tctx.path.startsWith(\"/oauth2/callback\"))\n\t\t\t\t\t\t\t\t\t\t) {\n\t\t\t\t\t\t\t\t\t\t\tconst redirectURI =\n\t\t\t\t\t\t\t\t\t\t\t\tctx.context.options.onAPIError?.errorURL ||\n\t\t\t\t\t\t\t\t\t\t\t\t`${ctx.context.baseURL}/error`;\n\t\t\t\t\t\t\t\t\t\t\tthrow ctx.redirect(\n\t\t\t\t\t\t\t\t\t\t\t\t`${redirectURI}?error=banned&error_description=${opts.bannedUserMessage}`,\n\t\t\t\t\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\t\t\t\t}\n\n\t\t\t\t\t\t\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\t\t\t\t\t\t\tmessage: opts.bannedUserMessage,\n\t\t\t\t\t\t\t\t\t\t\tcode: \"BANNED_USER\",\n\t\t\t\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t};\n\t\t},\n\t\thooks: {\n\t\t\tafter: [\n\t\t\t\t{\n\t\t\t\t\tmatcher(context) {\n\t\t\t\t\t\treturn context.path === \"/list-sessions\";\n\t\t\t\t\t},\n\t\t\t\t\thandler: createAuthMiddleware(async (ctx) => {\n\t\t\t\t\t\tconst response =\n\t\t\t\t\t\t\tawait getEndpointResponse<SessionWithImpersonatedBy[]>(ctx);\n\n\t\t\t\t\t\tif (!response) {\n\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t}\n\t\t\t\t\t\tconst newJson = response.filter((session) => {\n\t\t\t\t\t\t\treturn !session.impersonatedBy;\n\t\t\t\t\t\t});\n\n\t\t\t\t\t\treturn ctx.json(newJson);\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t],\n\t\t},\n\t\tendpoints: {\n\t\t\tsetRole: setRole(opts),\n\t\t\tgetUser: getUser(opts),\n\t\t\tcreateUser: createUser(opts),\n\t\t\tadminUpdateUser: adminUpdateUser(opts),\n\t\t\tlistUsers: listUsers(opts),\n\t\t\tlistUserSessions: listUserSessions(opts),\n\t\t\tunbanUser: unbanUser(opts),\n\t\t\tbanUser: banUser(opts),\n\t\t\timpersonateUser: impersonateUser(opts),\n\t\t\tstopImpersonating: stopImpersonating(),\n\t\t\trevokeUserSession: revokeUserSession(opts),\n\t\t\trevokeUserSessions: revokeUserSessions(opts),\n\t\t\tremoveUser: removeUser(opts),\n\t\t\tsetUserPassword: setUserPassword(opts),\n\t\t\tuserHasPermission: userHasPermission(opts as O),\n\t\t},\n\t\t$ERROR_CODES: ADMIN_ERROR_CODES,\n\t\tschema: mergeSchema(schema, opts.schema),\n\t\toptions: options as NoInfer<O>,\n\t} satisfies BetterAuthPlugin;\n};\n"],"mappings":";;;;;;;;;;;;AAgCA,MAAa,SAAiC,YAA4B;CACzE,MAAM,OAAO;EACZ,GAAI,WAAW,EAAE;EACjB,aAAa,SAAS,eAAe;EACrC,YAAY,SAAS,cAAc,CAAC,QAAQ;EAC5C,mBACC,SAAS,qBACT;EACD;AAKD,KAAI,SAAS,YAAY;EAIxB,MAAM,gBAHa,MAAM,QAAQ,QAAQ,WAAW,GACjD,QAAQ,aACR,CAAC,GAAG,QAAQ,WAAW,MAAM,IAAI,CAAC,EACL,QAC9B,SACA,CAAC,OAAO,KAAK,SAAS,SAAS,aAAa,CAC1C,KAAK,MAAM,EAAE,aAAa,CAAC,CAC3B,SAAS,KAAK,aAAa,CAAC,CAC/B;AACD,MAAI,aAAa,SAAS,EACzB,OAAM,IAAI,gBACT,wBAAwB,aAAa,KAAK,KAAK,CAAC,6DAChD;;AAIH,QAAO;EACN,IAAI;EACJ,OAAO;AACN,UAAO,EACN,SAAS,EACR,eAAe;IACd,MAAM,EACL,QAAQ,EACP,MAAM,OAAO,MAAM;AAClB,YAAO,EACN,MAAM;MACL,MAAM,SAAS,eAAe;MAC9B,GAAG;MACH,EACD;OAEF,EACD;IACD,SAAS,EACR,QAAQ,EACP,MAAM,OAAO,SAAS,KAAK;AAC1B,SAAI,CAAC,IACJ;KAED,MAAM,OAAQ,MAAM,IAAI,QAAQ,gBAAgB,aAC/C,QAAQ,OACR;AAED,SAAI,MAAM,QAAQ;AACjB,UACC,KAAK,cACL,IAAI,KAAK,KAAK,WAAW,CAAC,SAAS,GAAG,KAAK,KAAK,EAC/C;AACD,aAAM,IAAI,QAAQ,gBAAgB,WACjC,QAAQ,QACR;QACC,QAAQ;QACR,WAAW;QACX,YAAY;QACZ,CACD;AACD;;AAGD,UACC,QACC,IAAI,KAAK,WAAW,YAAY,IAChC,IAAI,KAAK,WAAW,mBAAmB,GACvC;OACD,MAAM,cACL,IAAI,QAAQ,QAAQ,YAAY,YAChC,GAAG,IAAI,QAAQ,QAAQ;AACxB,aAAM,IAAI,SACT,GAAG,YAAY,kCAAkC,KAAK,oBACtD;;AAGF,YAAM,IAAI,SAAS,aAAa;OAC/B,SAAS,KAAK;OACd,MAAM;OACN,CAAC;;OAGJ,EACD;IACD,EACD,EACD;;EAEF,OAAO,EACN,OAAO,CACN;GACC,QAAQ,SAAS;AAChB,WAAO,QAAQ,SAAS;;GAEzB,SAAS,qBAAqB,OAAO,QAAQ;IAC5C,MAAM,WACL,MAAM,oBAAiD,IAAI;AAE5D,QAAI,CAAC,SACJ;IAED,MAAM,UAAU,SAAS,QAAQ,YAAY;AAC5C,YAAO,CAAC,QAAQ;MACf;AAEF,WAAO,IAAI,KAAK,QAAQ;KACvB;GACF,CACD,EACD;EACD,WAAW;GACV,SAAS,QAAQ,KAAK;GACtB,SAAS,QAAQ,KAAK;GACtB,YAAY,WAAW,KAAK;GAC5B,iBAAiB,gBAAgB,KAAK;GACtC,WAAW,UAAU,KAAK;GAC1B,kBAAkB,iBAAiB,KAAK;GACxC,WAAW,UAAU,KAAK;GAC1B,SAAS,QAAQ,KAAK;GACtB,iBAAiB,gBAAgB,KAAK;GACtC,mBAAmB,mBAAmB;GACtC,mBAAmB,kBAAkB,KAAK;GAC1C,oBAAoB,mBAAmB,KAAK;GAC5C,YAAY,WAAW,KAAK;GAC5B,iBAAiB,gBAAgB,KAAK;GACtC,mBAAmB,kBAAkB,KAAU;GAC/C;EACD,cAAc;EACd,QAAQ,YAAY,QAAQ,KAAK,OAAO;EAC/B;EACT"}

package/dist/plugins/admin/routes.mjs

@@ -307,7 +307,7 @@ const listUsers = (opts) => createAuthEndpoint("/admin/list-users", {
 		operator: ctx.query.searchOperator || "contains",
 		value: ctx.query.searchValue
 	});
-	if (ctx.query?.filterValue) where.push({
+	if (ctx.query?.filterValue !== void 0) where.push({
 		field: ctx.query.filterField || "email",
 		operator: ctx.query.filterOperator || "eq",
 		value: ctx.query.filterValue