npm - better-auth - Versions diffs - 1.4.4 → 1.4.5 - Mend

better-auth 1.4.4 → 1.4.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (149) hide show

package/dist/{adapter-factory-CXEYdBBi.mjs → adapter-factory-HF3JB9cT.mjs} RENAMED Viewed

@@ -227,6 +227,7 @@ const createAdapterFactory = ({ adapter: customAdapter, config: cfg }) => (optio
 			if (fieldAttributes.references?.field === "id" && useNumberId) if (Array.isArray(newValue)) newValue = newValue.map((x) => x !== null ? Number(x) : null);
 			else newValue = newValue !== null ? Number(newValue) : null;
 			else if (config.supportsJSON === false && typeof newValue === "object" && fieldAttributes.type === "json") newValue = JSON.stringify(newValue);
+			else if (config.supportsJSON === false && Array.isArray(newValue) && (fieldAttributes.type === "string[]" || fieldAttributes.type === "number[]")) newValue = JSON.stringify(newValue);
 			else if (config.supportsDates === false && newValue instanceof Date && fieldAttributes.type === "date") newValue = newValue.toISOString();
 			else if (config.supportsBooleans === false && typeof newValue === "boolean") newValue = newValue ? 1 : 0;
 			if (config.customTransformInput) newValue = config.customTransformInput({
@@ -261,6 +262,7 @@ const createAdapterFactory = ({ adapter: customAdapter, config: cfg }) => (optio
 					if (originalKey === "id" || field.references?.field === "id") {
 						if (typeof newValue !== "undefined" && newValue !== null) newValue = String(newValue);
 					} else if (config.supportsJSON === false && typeof newValue === "string" && field.type === "json") newValue = safeJSONParse(newValue);
+					else if (config.supportsJSON === false && typeof newValue === "string" && (field.type === "string[]" || field.type === "number[]")) newValue = safeJSONParse(newValue);
 					else if (config.supportsDates === false && typeof newValue === "string" && field.type === "date") newValue = new Date(newValue);
 					else if (config.supportsBooleans === false && typeof newValue === "number" && field.type === "boolean") newValue = newValue === 1;
 					if (config.customTransformOutput) newValue = config.customTransformOutput({

package/dist/adapters/drizzle-adapter/index.mjs CHANGED Viewed

@@ -3,7 +3,7 @@ import "../../utils-db7gNqd-.mjs";
 import "../../crypto-CFUhAR9W.mjs";
 import "../../misc-BwNc0MKr.mjs";
 import "../../json-CnHxKYpj.mjs";
-import { t as createAdapterFactory } from "../../adapter-factory-CXEYdBBi.mjs";
+import { t as createAdapterFactory } from "../../adapter-factory-HF3JB9cT.mjs";
 import { logger } from "@better-auth/core/env";
 import { BetterAuthError } from "@better-auth/core/error";
 import { and, asc, count, desc, eq, gt, gte, inArray, like, lt, lte, ne, notInArray, or, sql } from "drizzle-orm";

package/dist/adapters/index.d.mts CHANGED Viewed

@@ -1,8 +1,7 @@
-import { $t as AdapterSchemaCreation, an as Where$1, in as TransactionAdapter } from "../index-DWd5qAaC.mjs";
-import "../types-C4QTth8-.mjs";
-import { u as Prettify } from "../helper-BTuR6T4N.mjs";
-import "../index-DlUBRPjP.mjs";
-import "../plugins-B2LAIIX7.mjs";
+import { Bt as Where$1, Pt as AdapterSchemaCreation, zt as TransactionAdapter } from "../index-COnelCGa.mjs";
+import "../types-CEepZ-RG.mjs";
+import { u as Prettify } from "../helper-DFzV6jvx.mjs";
+import "../plugins-Dmw3tk5H.mjs";
 import { BetterAuthOptions } from "@better-auth/core";
 import * as _better_auth_core_db23 from "@better-auth/core/db";
 import { BetterAuthDBSchema, DBFieldAttribute } from "@better-auth/core/db";

package/dist/adapters/index.mjs CHANGED Viewed

@@ -3,7 +3,7 @@ import "../utils-db7gNqd-.mjs";
 import "../crypto-CFUhAR9W.mjs";
 import "../misc-BwNc0MKr.mjs";
 import "../json-CnHxKYpj.mjs";
-import { n as initGetFieldAttributes, r as initGetIdField, t as createAdapterFactory } from "../adapter-factory-CXEYdBBi.mjs";
+import { n as initGetFieldAttributes, r as initGetIdField, t as createAdapterFactory } from "../adapter-factory-HF3JB9cT.mjs";
 export * from "@better-auth/core/db/adapter"

package/dist/adapters/kysely-adapter/index.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { t as KyselyDatabaseType } from "../../types-C4QTth8-.mjs";
+import { t as KyselyDatabaseType } from "../../types-CEepZ-RG.mjs";
 import { BetterAuthOptions } from "@better-auth/core";
 import { Kysely } from "kysely";
 import { DBAdapter, DBAdapterDebugLogOption } from "@better-auth/core/db/adapter";

package/dist/adapters/kysely-adapter/index.mjs CHANGED Viewed

@@ -1,10 +1,10 @@
-import { n as getKyselyDatabaseType, t as createKyselyAdapter } from "../../dialect-BLBufKXb.mjs";
+import { n as getKyselyDatabaseType, t as createKyselyAdapter } from "../../dialect-D9ZUZA4J.mjs";
 import "../../get-model-name-D4DUV7S2.mjs";
 import "../../utils-db7gNqd-.mjs";
 import "../../crypto-CFUhAR9W.mjs";
 import "../../misc-BwNc0MKr.mjs";
 import "../../json-CnHxKYpj.mjs";
-import { t as createAdapterFactory } from "../../adapter-factory-CXEYdBBi.mjs";
+import { t as createAdapterFactory } from "../../adapter-factory-HF3JB9cT.mjs";
 import { sql } from "kysely";
 //#region src/adapters/kysely-adapter/kysely-adapter.ts

package/dist/adapters/memory-adapter/index.mjs CHANGED Viewed

@@ -3,7 +3,7 @@ import "../../utils-db7gNqd-.mjs";
 import "../../crypto-CFUhAR9W.mjs";
 import "../../misc-BwNc0MKr.mjs";
 import "../../json-CnHxKYpj.mjs";
-import { t as createAdapterFactory } from "../../adapter-factory-CXEYdBBi.mjs";
+import { t as createAdapterFactory } from "../../adapter-factory-HF3JB9cT.mjs";
 import { logger } from "@better-auth/core/env";
 //#region src/adapters/memory-adapter/memory-adapter.ts

package/dist/adapters/mongodb-adapter/index.mjs CHANGED Viewed

@@ -3,7 +3,7 @@ import "../../utils-db7gNqd-.mjs";
 import "../../crypto-CFUhAR9W.mjs";
 import "../../misc-BwNc0MKr.mjs";
 import "../../json-CnHxKYpj.mjs";
-import { t as createAdapterFactory } from "../../adapter-factory-CXEYdBBi.mjs";
+import { t as createAdapterFactory } from "../../adapter-factory-HF3JB9cT.mjs";
 import { ObjectId } from "mongodb";
 //#region src/adapters/mongodb-adapter/mongodb-adapter.ts
@@ -30,9 +30,9 @@ const mongodbAdapter = (db, config) => {
 							return v;
 						}
 						if (v instanceof ObjectId) return v;
-						throw new Error("Invalid id value, recieved: " + JSON.stringify(v));
+						throw new Error("Invalid id value, received: " + JSON.stringify(v));
 					});
-					throw new Error("Invalid id value, recieved: " + JSON.stringify(value));
+					throw new Error("Invalid id value, received: " + JSON.stringify(value));
 				}
 				try {
 					return new ObjectId(value);

package/dist/adapters/prisma-adapter/index.mjs CHANGED Viewed

@@ -3,7 +3,7 @@ import "../../utils-db7gNqd-.mjs";
 import "../../crypto-CFUhAR9W.mjs";
 import "../../misc-BwNc0MKr.mjs";
 import "../../json-CnHxKYpj.mjs";
-import { t as createAdapterFactory } from "../../adapter-factory-CXEYdBBi.mjs";
+import { t as createAdapterFactory } from "../../adapter-factory-HF3JB9cT.mjs";
 import { BetterAuthError } from "@better-auth/core/error";
 //#region src/adapters/prisma-adapter/prisma-adapter.ts

package/dist/{admin-ChOe8fFj.mjs → admin-D-OMdNIc.mjs} RENAMED Viewed

@@ -1,7 +1,7 @@
-import { l as parseUserOutput, t as mergeSchema, u as getDate } from "./schema-CgMdD0f9.mjs";
-import { t as APIError } from "./api-wsWZUpFT.mjs";
-import { c as setSessionCookie, n as deleteSessionCookie } from "./cookies-LjbrTFKV.mjs";
-import { r as getSessionFromCtx } from "./session-hq_qEU9r.mjs";
+import { l as parseUserOutput, t as mergeSchema, u as getDate } from "./schema-Bb7wzeK_.mjs";
+import { t as APIError } from "./api-CkmycQ2x.mjs";
+import { c as setSessionCookie, n as deleteSessionCookie } from "./cookies-D72PbWdz.mjs";
+import { r as getSessionFromCtx } from "./session-AaRl3_x-.mjs";
 import { t as hasPermission } from "./has-permission-qCjQqGds.mjs";
 import { t as getEndpointResponse } from "./plugin-helper-zFdFWLgL.mjs";
 import { BASE_ERROR_CODES } from "@better-auth/core/error";

package/dist/{anonymous-DBicc9SO.mjs → anonymous-DxoIOUPc.mjs} RENAMED Viewed

@@ -1,8 +1,8 @@
 import { t as generateId } from "./utils-db7gNqd-.mjs";
-import { t as mergeSchema } from "./schema-CgMdD0f9.mjs";
-import { t as APIError } from "./api-wsWZUpFT.mjs";
-import { c as setSessionCookie, l as parseSetCookieHeader } from "./cookies-LjbrTFKV.mjs";
-import { r as getSessionFromCtx } from "./session-hq_qEU9r.mjs";
+import { t as mergeSchema } from "./schema-Bb7wzeK_.mjs";
+import { t as APIError } from "./api-CkmycQ2x.mjs";
+import { c as setSessionCookie, l as parseSetCookieHeader } from "./cookies-D72PbWdz.mjs";
+import { r as getSessionFromCtx } from "./session-AaRl3_x-.mjs";
 import { defineErrorCodes } from "@better-auth/core/utils";
 import * as z from "zod";
 import { createAuthEndpoint, createAuthMiddleware } from "@better-auth/core/api";

package/dist/api/index.d.mts CHANGED Viewed

@@ -1,6 +1,5 @@
-import { $ as createEmailVerificationToken, A as deleteUser, B as getSessionFromCtx, C as createAuthEndpoint, D as router, E as optionsMiddleware, F as signOut, G as revokeSessions, H as requestOnlySessionMiddleware, I as signInEmail, J as requestPasswordReset, K as sensitiveSessionMiddleware, L as signInSocial, M as setPassword, N as updateUser, O as changeEmail, P as signUpEmail, Q as error, R as freshSessionMiddleware, S as checkEndpointConflicts, T as getEndpoints, U as revokeOtherSessions, V as listSessions, W as revokeSession, X as resetPassword, Y as requestPasswordResetCallback, Z as ok, at as getAccessToken, b as AuthEndpoint, ct as refreshToken, dt as originCheckMiddleware, et as sendVerificationEmail, ft as getOAuthState, it as accountInfo, j as deleteUserCallback, k as changePassword, lt as unlinkAccount, nt as verifyEmail, ot as linkSocialAccount, pt as getIp, q as sessionMiddleware, rt as callbackOAuth, st as listUserAccounts, tt as sendVerificationEmailFn, ut as originCheck, w as createAuthMiddleware, x as AuthMiddleware, y as APIError, z as getSession } from "../index-DWd5qAaC.mjs";
-import "../types-C4QTth8-.mjs";
-import "../helper-BTuR6T4N.mjs";
-import "../index-DlUBRPjP.mjs";
-import "../plugins-B2LAIIX7.mjs";
+import { $ as createEmailVerificationToken, A as deleteUser, B as getSessionFromCtx, C as createAuthEndpoint, D as router, E as optionsMiddleware, F as signOut, G as revokeSessions, H as requestOnlySessionMiddleware, I as signInEmail, J as requestPasswordReset, K as sensitiveSessionMiddleware, L as signInSocial, M as setPassword, N as updateUser, O as changeEmail, P as signUpEmail, Q as error, R as freshSessionMiddleware, S as checkEndpointConflicts, T as getEndpoints, U as revokeOtherSessions, V as listSessions, W as revokeSession, X as resetPassword, Y as requestPasswordResetCallback, Z as ok, at as getAccessToken, b as AuthEndpoint, ct as refreshToken, dt as originCheckMiddleware, et as sendVerificationEmail, ft as getOAuthState, it as accountInfo, j as deleteUserCallback, k as changePassword, lt as unlinkAccount, nt as verifyEmail, ot as linkSocialAccount, pt as getIp, q as sessionMiddleware, rt as callbackOAuth, st as listUserAccounts, tt as sendVerificationEmailFn, ut as originCheck, w as createAuthMiddleware, x as AuthMiddleware, y as APIError, z as getSession } from "../index-COnelCGa.mjs";
+import "../types-CEepZ-RG.mjs";
+import "../helper-DFzV6jvx.mjs";
+import "../plugins-Dmw3tk5H.mjs";
 export { APIError, AuthEndpoint, AuthMiddleware, accountInfo, callbackOAuth, changeEmail, changePassword, checkEndpointConflicts, createAuthEndpoint, createAuthMiddleware, createEmailVerificationToken, deleteUser, deleteUserCallback, error, freshSessionMiddleware, getAccessToken, getEndpoints, getIp, getOAuthState, getSession, getSessionFromCtx, linkSocialAccount, listSessions, listUserAccounts, ok, optionsMiddleware, originCheck, originCheckMiddleware, refreshToken, requestOnlySessionMiddleware, requestPasswordReset, requestPasswordResetCallback, resetPassword, revokeOtherSessions, revokeSession, revokeSessions, router, sendVerificationEmail, sendVerificationEmailFn, sensitiveSessionMiddleware, sessionMiddleware, setPassword, signInEmail, signInSocial, signOut, signUpEmail, unlinkAccount, updateUser, verifyEmail };

package/dist/api/index.mjs CHANGED Viewed

@@ -1,15 +1,15 @@
-import "../dialect-BLBufKXb.mjs";
+import "../dialect-D9ZUZA4J.mjs";
 import "../get-model-name-D4DUV7S2.mjs";
-import "../get-migration-o_lo2MLQ.mjs";
+import "../get-migration-Bf0TuCzm.mjs";
 import { a as getOAuthState } from "../utils-db7gNqd-.mjs";
 import "../crypto-CFUhAR9W.mjs";
 import "../misc-BwNc0MKr.mjs";
-import "../schema-CgMdD0f9.mjs";
+import "../schema-Bb7wzeK_.mjs";
 import { t as getIp } from "../get-request-ip-D6st-mto.mjs";
 import "../json-CnHxKYpj.mjs";
 import "../url-CB8xCwz-.mjs";
-import { A as getAccessToken, C as createEmailVerificationToken, D as callbackOAuth, E as verifyEmail, L as originCheck, M as listUserAccounts, N as refreshToken, P as unlinkAccount, R as originCheckMiddleware, S as error, T as sendVerificationEmailFn, _ as signInSocial, a as getEndpoints, b as resetPassword, c as changeEmail, d as deleteUserCallback, f as setPassword, g as signInEmail, h as signOut, i as createAuthMiddleware, j as linkSocialAccount, k as accountInfo, l as changePassword, m as signUpEmail, n as checkEndpointConflicts, o as optionsMiddleware, p as updateUser, r as createAuthEndpoint, s as router, t as APIError, u as deleteUser, v as requestPasswordReset, w as sendVerificationEmail, x as ok, y as requestPasswordResetCallback } from "../api-wsWZUpFT.mjs";
-import "../cookies-LjbrTFKV.mjs";
-import { a as requestOnlySessionMiddleware, c as revokeSessions, i as listSessions, l as sensitiveSessionMiddleware, n as getSession, o as revokeOtherSessions, r as getSessionFromCtx, s as revokeSession, t as freshSessionMiddleware, u as sessionMiddleware } from "../session-hq_qEU9r.mjs";
+import { A as getAccessToken, C as createEmailVerificationToken, D as callbackOAuth, E as verifyEmail, L as originCheck, M as listUserAccounts, N as refreshToken, P as unlinkAccount, R as originCheckMiddleware, S as error, T as sendVerificationEmailFn, _ as signInSocial, a as getEndpoints, b as resetPassword, c as changeEmail, d as deleteUserCallback, f as setPassword, g as signInEmail, h as signOut, i as createAuthMiddleware, j as linkSocialAccount, k as accountInfo, l as changePassword, m as signUpEmail, n as checkEndpointConflicts, o as optionsMiddleware, p as updateUser, r as createAuthEndpoint, s as router, t as APIError, u as deleteUser, v as requestPasswordReset, w as sendVerificationEmail, x as ok, y as requestPasswordResetCallback } from "../api-CkmycQ2x.mjs";
+import "../cookies-D72PbWdz.mjs";
+import { a as requestOnlySessionMiddleware, c as revokeSessions, i as listSessions, l as sensitiveSessionMiddleware, n as getSession, o as revokeOtherSessions, r as getSessionFromCtx, s as revokeSession, t as freshSessionMiddleware, u as sessionMiddleware } from "../session-AaRl3_x-.mjs";
 export { APIError, accountInfo, callbackOAuth, changeEmail, changePassword, checkEndpointConflicts, createAuthEndpoint, createAuthMiddleware, createEmailVerificationToken, deleteUser, deleteUserCallback, error, freshSessionMiddleware, getAccessToken, getEndpoints, getIp, getOAuthState, getSession, getSessionFromCtx, linkSocialAccount, listSessions, listUserAccounts, ok, optionsMiddleware, originCheck, originCheckMiddleware, refreshToken, requestOnlySessionMiddleware, requestPasswordReset, requestPasswordResetCallback, resetPassword, revokeOtherSessions, revokeSession, revokeSessions, router, sendVerificationEmail, sendVerificationEmailFn, sensitiveSessionMiddleware, sessionMiddleware, setPassword, signInEmail, signInSocial, signOut, signUpEmail, unlinkAccount, updateUser, verifyEmail };

package/dist/{api-wsWZUpFT.mjs → api-CkmycQ2x.mjs} RENAMED Viewed

@@ -1,11 +1,11 @@
 import { i as parseState, n as HIDE_METADATA, r as generateState, t as generateId } from "./utils-db7gNqd-.mjs";
 import { n as symmetricEncrypt, o as signJWT, r as generateRandomString, t as symmetricDecrypt } from "./crypto-CFUhAR9W.mjs";
-import { c as parseUserInput, l as parseUserOutput, u as getDate } from "./schema-CgMdD0f9.mjs";
+import { c as parseUserInput, l as parseUserOutput, u as getDate } from "./schema-Bb7wzeK_.mjs";
 import { t as getIp } from "./get-request-ip-D6st-mto.mjs";
 import { t as safeJSONParse } from "./json-CnHxKYpj.mjs";
 import { i as getProtocol, n as getHost, r as getOrigin } from "./url-CB8xCwz-.mjs";
-import { c as setSessionCookie, g as setAccountCookie, n as deleteSessionCookie, p as getAccountCookie } from "./cookies-LjbrTFKV.mjs";
-import { c as revokeSessions, i as listSessions, l as sensitiveSessionMiddleware, n as getSession, o as revokeOtherSessions, r as getSessionFromCtx, s as revokeSession, t as freshSessionMiddleware, u as sessionMiddleware } from "./session-hq_qEU9r.mjs";
+import { c as setSessionCookie, f as getAccountCookie, h as setAccountCookie, n as deleteSessionCookie } from "./cookies-D72PbWdz.mjs";
+import { c as revokeSessions, i as listSessions, l as sensitiveSessionMiddleware, n as getSession, o as revokeOtherSessions, r as getSessionFromCtx, s as revokeSession, t as freshSessionMiddleware, u as sessionMiddleware } from "./session-AaRl3_x-.mjs";
 import { hasRequestState, runWithEndpointContext, runWithRequestState, runWithTransaction } from "@better-auth/core/context";
 import { isDevelopment, isProduction, logger, shouldPublishLog } from "@better-auth/core/env";
 import { BASE_ERROR_CODES } from "@better-auth/core/error";
@@ -1803,13 +1803,12 @@ function redirectCallback(ctx, callbackURL, query) {
 }
 const requestPasswordReset = createAuthEndpoint("/request-password-reset", {
 	method: "POST",
-	operationId: "forgetPassword",
 	body: z.object({
 		email: z.email().meta({ description: "The email address of the user to send a password reset email to" }),
 		redirectTo: z.string().meta({ description: "The URL to redirect the user to reset their password. If the token isn't valid or expired, it'll be redirected with a query parameter `?error=INVALID_TOKEN`. If the token is valid, it'll be redirected with a query parameter `?token=VALID_TOKEN" }).optional()
 	}),
 	metadata: { openapi: {
-		operationId: "forgetPassword",
+		operationId: "requestPasswordReset",
 		description: "Send a password reset email to the user",
 		responses: { "200": {
 			description: "Success",
@@ -1851,11 +1850,7 @@ const requestPasswordReset = createAuthEndpoint("/request-password-reset", {
 	});
 	const callbackURL = redirectTo ? encodeURIComponent(redirectTo) : "";
 	const url = `${ctx.context.baseURL}/reset-password/${verificationToken}?callbackURL=${callbackURL}`;
-	/**
-	* We send the email in the background to prevent timing attacks.
-	* This is to ensure that the response time is consistent regardless of whether the email was sent or not.
-	*/
-	ctx.context.options.emailAndPassword.sendResetPassword({
+	await ctx.context.options.emailAndPassword.sendResetPassword({
 		user: user.user,
 		url,
 		token: verificationToken
@@ -2446,7 +2441,8 @@ const updateUser = () => createAuthEndpoint("/update-user", {
 					},
 					image: {
 						type: "string",
-						description: "The image of the user"
+						description: "The image of the user",
+						nullable: true
 					}
 				}
 			} } } },

package/dist/auth/minimal.d.mts CHANGED Viewed

@@ -1,8 +1,7 @@
-import { o as Auth } from "../index-DWd5qAaC.mjs";
-import "../types-C4QTth8-.mjs";
-import "../helper-BTuR6T4N.mjs";
-import "../index-DlUBRPjP.mjs";
-import "../plugins-B2LAIIX7.mjs";
+import { o as Auth } from "../index-COnelCGa.mjs";
+import "../types-CEepZ-RG.mjs";
+import "../helper-DFzV6jvx.mjs";
+import "../plugins-Dmw3tk5H.mjs";
 import { BetterAuthOptions } from "@better-auth/core";
 //#region src/auth/minimal.d.ts

package/dist/auth/minimal.mjs CHANGED Viewed

@@ -1,17 +1,17 @@
-import "../dialect-BLBufKXb.mjs";
+import "../dialect-D9ZUZA4J.mjs";
 import "../get-model-name-D4DUV7S2.mjs";
-import { d as getBaseAdapter } from "../get-migration-o_lo2MLQ.mjs";
+import { d as getBaseAdapter } from "../get-migration-Bf0TuCzm.mjs";
 import "../utils-db7gNqd-.mjs";
 import "../crypto-CFUhAR9W.mjs";
 import "../misc-BwNc0MKr.mjs";
-import "../schema-CgMdD0f9.mjs";
+import "../schema-Bb7wzeK_.mjs";
 import "../get-request-ip-D6st-mto.mjs";
 import "../json-CnHxKYpj.mjs";
 import "../url-CB8xCwz-.mjs";
-import "../api-wsWZUpFT.mjs";
-import "../cookies-LjbrTFKV.mjs";
-import "../session-hq_qEU9r.mjs";
-import { n as createAuthContext, t as createBetterAuth } from "../base-mEQHMRJA.mjs";
+import "../api-CkmycQ2x.mjs";
+import "../cookies-D72PbWdz.mjs";
+import "../session-AaRl3_x-.mjs";
+import { n as createAuthContext, t as createBetterAuth } from "../base-CiRMFqet.mjs";
 import "../password-BFQK0cLg.mjs";
 import { BetterAuthError } from "@better-auth/core/error";

package/dist/{auth-DXfj7XiL.mjs → auth-DfR8_5w3.mjs} RENAMED Viewed

@@ -1,6 +1,6 @@
-import { n as getKyselyDatabaseType } from "./dialect-BLBufKXb.mjs";
-import { t as getMigrations, u as getAdapter } from "./get-migration-o_lo2MLQ.mjs";
-import { n as createAuthContext, t as createBetterAuth } from "./base-mEQHMRJA.mjs";
+import { n as getKyselyDatabaseType } from "./dialect-D9ZUZA4J.mjs";
+import { t as getMigrations, u as getAdapter } from "./get-migration-Bf0TuCzm.mjs";
+import { n as createAuthContext, t as createBetterAuth } from "./base-CiRMFqet.mjs";
 import { BetterAuthError } from "@better-auth/core/error";
 //#region src/context/init.ts

package/dist/{base-mEQHMRJA.mjs → base-CiRMFqet.mjs} RENAMED Viewed

@@ -1,10 +1,10 @@
 import { a as getAuthTables } from "./get-model-name-D4DUV7S2.mjs";
-import { a as createInternalAdapter } from "./get-migration-o_lo2MLQ.mjs";
+import { a as createInternalAdapter } from "./get-migration-Bf0TuCzm.mjs";
 import { t as generateId } from "./utils-db7gNqd-.mjs";
 import { a as verifyPassword, i as hashPassword } from "./crypto-CFUhAR9W.mjs";
 import { r as getOrigin, t as getBaseURL } from "./url-CB8xCwz-.mjs";
-import { a as getEndpoints, n as checkEndpointConflicts, s as router } from "./api-wsWZUpFT.mjs";
-import { i as getCookies, t as createCookieGetter } from "./cookies-LjbrTFKV.mjs";
+import { a as getEndpoints, n as checkEndpointConflicts, s as router } from "./api-CkmycQ2x.mjs";
+import { i as getCookies, t as createCookieGetter } from "./cookies-D72PbWdz.mjs";
 import { t as checkPassword } from "./password-BFQK0cLg.mjs";
 import { runWithAdapter } from "@better-auth/core/context";
 import { createLogger, env, isProduction, isTest } from "@better-auth/core/env";
@@ -14,7 +14,7 @@ import { createTelemetry } from "@better-auth/telemetry";
 import defu$1, { defu } from "defu";
 //#region src/utils/constants.ts
-const DEFAULT_SECRET = "better-auth-secret-123456789";
+const DEFAULT_SECRET = "better-auth-secret-12345678901234567890";
 //#endregion
 //#region src/utils/is-promise.ts
@@ -74,6 +74,29 @@ function getTrustedOrigins(options) {
 //#endregion
 //#region src/context/create-context.ts
+/**
+* Estimates the entropy of a string in bits.
+* This is a simple approximation that helps detect low-entropy secrets.
+*/
+function estimateEntropy(str) {
+	const unique = new Set(str).size;
+	if (unique === 0) return 0;
+	return Math.log2(Math.pow(unique, str.length));
+}
+/**
+* Validates that the secret meets minimum security requirements.
+* Throws BetterAuthError if the secret is invalid.
+* Skips validation for DEFAULT_SECRET in test environments only.
+* Only throws for DEFAULT_SECRET in production environment.
+*/
+function validateSecret(secret, logger$1) {
+	const isDefaultSecret = secret === DEFAULT_SECRET;
+	if (isTest()) return;
+	if (isDefaultSecret && isProduction) throw new BetterAuthError("You are using the default secret. Please set `BETTER_AUTH_SECRET` in your environment variables or pass `secret` in your auth config.");
+	if (!secret) throw new BetterAuthError("BETTER_AUTH_SECRET is missing. Set it in your environment or pass `secret` to betterAuth({ secret }).");
+	if (secret.length < 32) throw new BetterAuthError(`Invalid BETTER_AUTH_SECRET: must be at least 32 characters long for adequate security. Generate one with \`npx @better-auth/cli secret\` or \`openssl rand -base64 32\`.`);
+	if (estimateEntropy(secret) < 120) logger$1.warn("[better-auth] Warning: your BETTER_AUTH_SECRET appears low-entropy. Use a randomly generated secret for production.");
+}
 async function createAuthContext(adapter, options, getDatabaseType) {
 	if (!options.database) options = defu$1(options, {
 		session: { cookieCache: {
@@ -91,9 +114,7 @@ async function createAuthContext(adapter, options, getDatabaseType) {
 	const logger$1 = createLogger(options.logger);
 	const baseURL = getBaseURL(options.baseURL, options.basePath);
 	const secret = options.secret || env.BETTER_AUTH_SECRET || env.AUTH_SECRET || DEFAULT_SECRET;
-	if (secret === DEFAULT_SECRET) {
-		if (isProduction) logger$1.error("You are using the default secret. Please set `BETTER_AUTH_SECRET` in your environment variables or pass `secret` in your auth config.");
-	}
+	validateSecret(secret, logger$1);
 	options = {
 		...options,
 		secret,

package/dist/{bearer-B4-NdmpH.mjs → bearer-C6RSCXv_.mjs} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { l as parseSetCookieHeader } from "./cookies-LjbrTFKV.mjs";
+import { l as parseSetCookieHeader } from "./cookies-D72PbWdz.mjs";
 import { serializeSignedCookie } from "better-call";
 import { createAuthMiddleware } from "@better-auth/core/api";
 import { createHMAC } from "@better-auth/utils/hmac";

package/dist/{chunk-09eW3CcW.mjs → chunk-DbI2OXuS.mjs} RENAMED Viewed

@@ -10,25 +10,40 @@ var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __commonJS = (cb, mod) => function() {
 	return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
 };
-var __export = (all) => {
+var __export = (all, symbols) => {
 	let target = {};
-	for (var name in all) __defProp(target, name, {
-		get: all[name],
-		enumerable: true
-	});
+	for (var name in all) {
+		__defProp(target, name, {
+			get: all[name],
+			enumerable: true
+		});
+	}
+	if (symbols) {
+		__defProp(target, Symbol.toStringTag, { value: "Module" });
+	}
 	return target;
 };
 var __copyProps = (to, from, except, desc) => {
-	if (from && typeof from === "object" || typeof from === "function") for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
-		key = keys[i];
-		if (!__hasOwnProp.call(to, key) && key !== except) __defProp(to, key, {
-			get: ((k) => from[k]).bind(null, key),
-			enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable
-		});
+	if (from && typeof from === "object" || typeof from === "function") {
+		for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
+			key = keys[i];
+			if (!__hasOwnProp.call(to, key) && key !== except) {
+				__defProp(to, key, {
+					get: ((k) => from[k]).bind(null, key),
+					enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable
+				});
+			}
+		}
 	}
 	return to;
 };
-var __reExport = (target, mod, secondTarget) => (__copyProps(target, mod, "default"), secondTarget && __copyProps(secondTarget, mod, "default"));
+var __reExport = (target, mod, secondTarget, symbols) => {
+	if (symbols) {
+		__defProp(target, Symbol.toStringTag, { value: "Module" });
+		secondTarget && __defProp(secondTarget, Symbol.toStringTag, { value: "Module" });
+	}
+	__copyProps(target, mod, "default"), secondTarget && __copyProps(secondTarget, mod, "default");
+};
 var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", {
 	value: mod,
 	enumerable: true