better-auth 1.4.7-beta.2 → 1.4.7-beta.4

package/dist/api/index.mjs

@@ -25,7 +25,7 @@ function checkEndpointConflicts(options, logger$1) {
 	const endpointRegistry = /* @__PURE__ */ new Map();
 	options.plugins?.forEach((plugin) => {
 		if (plugin.endpoints) {
-			for (const [key, endpoint] of Object.entries(plugin.endpoints)) if (endpoint && "path" in endpoint) {
+			for (const [key, endpoint] of Object.entries(plugin.endpoints)) if (endpoint && "path" in endpoint && typeof endpoint.path === "string") {
 				const path = endpoint.path;
 				let methods = [];
 				if (endpoint.options && "method" in endpoint.options) {

package/dist/api/index.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"index.mjs","names":["methods: string[]","conflicts: {\n\t\tpath: string;\n\t\tplugins: string[];\n\t\tconflictingMethods: string[];\n\t}[]","conflictingMethods: string[]","APIError"],"sources":["../../src/api/index.ts"],"sourcesContent":["import type {\n\tAuthContext,\n\tBetterAuthOptions,\n\tBetterAuthPlugin,\n} from \"@better-auth/core\";\nimport type { InternalLogger } from \"@better-auth/core/env\";\nimport { logger } from \"@better-auth/core/env\";\nimport type { Endpoint, Middleware } from \"better-call\";\nimport { APIError, createRouter } from \"better-call\";\nimport type { UnionToIntersection } from \"../types/helper\";\nimport { originCheckMiddleware } from \"./middlewares\";\nimport { onRequestRateLimit } from \"./rate-limiter\";\nimport {\n\taccountInfo,\n\tcallbackOAuth,\n\tchangeEmail,\n\tchangePassword,\n\tdeleteUser,\n\tdeleteUserCallback,\n\terror,\n\tgetAccessToken,\n\tgetSession,\n\tlinkSocialAccount,\n\tlistSessions,\n\tlistUserAccounts,\n\tok,\n\trefreshToken,\n\trequestPasswordReset,\n\trequestPasswordResetCallback,\n\tresetPassword,\n\trevokeOtherSessions,\n\trevokeSession,\n\trevokeSessions,\n\tsendVerificationEmail,\n\tsetPassword,\n\tsignInEmail,\n\tsignInSocial,\n\tsignOut,\n\tsignUpEmail,\n\tunlinkAccount,\n\tupdateUser,\n\tverifyEmail,\n} from \"./routes\";\nimport { toAuthEndpoints } from \"./to-auth-endpoints\";\n\nexport function checkEndpointConflicts(\n\toptions: BetterAuthOptions,\n\tlogger: InternalLogger,\n) {\n\tconst endpointRegistry = new Map<\n\t\tstring,\n\t\t{ pluginId: string; endpointKey: string; methods: string[] }[]\n\t>();\n\n\toptions.plugins?.forEach((plugin) => {\n\t\tif (plugin.endpoints) {\n\t\t\tfor (const [key, endpoint] of Object.entries(plugin.endpoints)) {\n\t\t\t\tif (endpoint && \"path\" in endpoint) {\n\t\t\t\t\tconst path = endpoint.path;\n\t\t\t\t\tlet methods: string[] = [];\n\t\t\t\t\tif (endpoint.options && \"method\" in endpoint.options) {\n\t\t\t\t\t\tif (Array.isArray(endpoint.options.method)) {\n\t\t\t\t\t\t\tmethods = endpoint.options.method;\n\t\t\t\t\t\t} else if (typeof endpoint.options.method === \"string\") {\n\t\t\t\t\t\t\tmethods = [endpoint.options.method];\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (methods.length === 0) {\n\t\t\t\t\t\tmethods = [\"*\"];\n\t\t\t\t\t}\n\n\t\t\t\t\tif (!endpointRegistry.has(path)) {\n\t\t\t\t\t\tendpointRegistry.set(path, []);\n\t\t\t\t\t}\n\t\t\t\t\tendpointRegistry.get(path)!.push({\n\t\t\t\t\t\tpluginId: plugin.id,\n\t\t\t\t\t\tendpointKey: key,\n\t\t\t\t\t\tmethods,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t});\n\n\tconst conflicts: {\n\t\tpath: string;\n\t\tplugins: string[];\n\t\tconflictingMethods: string[];\n\t}[] = [];\n\tfor (const [path, entries] of endpointRegistry.entries()) {\n\t\tif (entries.length > 1) {\n\t\t\tconst methodMap = new Map<string, string[]>();\n\t\t\tlet hasConflict = false;\n\n\t\t\tfor (const entry of entries) {\n\t\t\t\tfor (const method of entry.methods) {\n\t\t\t\t\tif (!methodMap.has(method)) {\n\t\t\t\t\t\tmethodMap.set(method, []);\n\t\t\t\t\t}\n\t\t\t\t\tmethodMap.get(method)!.push(entry.pluginId);\n\n\t\t\t\t\tif (methodMap.get(method)!.length > 1) {\n\t\t\t\t\t\thasConflict = true;\n\t\t\t\t\t}\n\n\t\t\t\t\tif (method === \"*\" && entries.length > 1) {\n\t\t\t\t\t\thasConflict = true;\n\t\t\t\t\t} else if (method !== \"*\" && methodMap.has(\"*\")) {\n\t\t\t\t\t\thasConflict = true;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (hasConflict) {\n\t\t\t\tconst uniquePlugins = [...new Set(entries.map((e) => e.pluginId))];\n\t\t\t\tconst conflictingMethods: string[] = [];\n\n\t\t\t\tfor (const [method, plugins] of methodMap.entries()) {\n\t\t\t\t\tif (\n\t\t\t\t\t\tplugins.length > 1 ||\n\t\t\t\t\t\t(method === \"*\" && entries.length > 1) ||\n\t\t\t\t\t\t(method !== \"*\" && methodMap.has(\"*\"))\n\t\t\t\t\t) {\n\t\t\t\t\t\tconflictingMethods.push(method);\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tconflicts.push({\n\t\t\t\t\tpath,\n\t\t\t\t\tplugins: uniquePlugins,\n\t\t\t\t\tconflictingMethods,\n\t\t\t\t});\n\t\t\t}\n\t\t}\n\t}\n\n\tif (conflicts.length > 0) {\n\t\tconst conflictMessages = conflicts\n\t\t\t.map(\n\t\t\t\t(conflict) =>\n\t\t\t\t\t`  - \"${conflict.path}\" [${conflict.conflictingMethods.join(\", \")}] used by plugins: ${conflict.plugins.join(\", \")}`,\n\t\t\t)\n\t\t\t.join(\"\\n\");\n\t\tlogger.error(\n\t\t\t`Endpoint path conflicts detected! Multiple plugins are trying to use the same endpoint paths with conflicting HTTP methods:\n${conflictMessages}\n\nTo resolve this, you can:\n\t1. Use only one of the conflicting plugins\n\t2. Configure the plugins to use different paths (if supported)\n\t3. Ensure plugins use different HTTP methods for the same path\n`,\n\t\t);\n\t}\n}\n\nexport function getEndpoints<Option extends BetterAuthOptions>(\n\tctx: Promise<AuthContext> | AuthContext,\n\toptions: Option,\n) {\n\tconst pluginEndpoints =\n\t\toptions.plugins?.reduce<Record<string, Endpoint>>((acc, plugin) => {\n\t\t\treturn {\n\t\t\t\t...acc,\n\t\t\t\t...plugin.endpoints,\n\t\t\t};\n\t\t}, {}) ?? {};\n\n\ttype PluginEndpoint = UnionToIntersection<\n\t\tOption[\"plugins\"] extends Array<infer T>\n\t\t\t? T extends BetterAuthPlugin\n\t\t\t\t? T extends {\n\t\t\t\t\t\tendpoints: infer E;\n\t\t\t\t\t}\n\t\t\t\t\t? E\n\t\t\t\t\t: {}\n\t\t\t\t: {}\n\t\t\t: {}\n\t>;\n\n\tconst middlewares =\n\t\toptions.plugins\n\t\t\t?.map((plugin) =>\n\t\t\t\tplugin.middlewares?.map((m) => {\n\t\t\t\t\tconst middleware = (async (context: any) => {\n\t\t\t\t\t\tconst authContext = await ctx;\n\t\t\t\t\t\treturn m.middleware({\n\t\t\t\t\t\t\t...context,\n\t\t\t\t\t\t\tcontext: {\n\t\t\t\t\t\t\t\t...authContext,\n\t\t\t\t\t\t\t\t...context.context,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t});\n\t\t\t\t\t}) as Middleware;\n\t\t\t\t\tmiddleware.options = m.middleware.options;\n\t\t\t\t\treturn {\n\t\t\t\t\t\tpath: m.path,\n\t\t\t\t\t\tmiddleware,\n\t\t\t\t\t};\n\t\t\t\t}),\n\t\t\t)\n\t\t\t.filter((plugin) => plugin !== undefined)\n\t\t\t.flat() || [];\n\n\tconst baseEndpoints = {\n\t\tsignInSocial: signInSocial<Option>(),\n\t\tcallbackOAuth,\n\t\tgetSession: getSession<Option>(),\n\t\tsignOut,\n\t\tsignUpEmail: signUpEmail<Option>(),\n\t\tsignInEmail: signInEmail<Option>(),\n\t\tresetPassword,\n\t\tverifyEmail,\n\t\tsendVerificationEmail,\n\t\tchangeEmail,\n\t\tchangePassword,\n\t\tsetPassword,\n\t\tupdateUser: updateUser<Option>(),\n\t\tdeleteUser,\n\t\trequestPasswordReset,\n\t\trequestPasswordResetCallback,\n\t\tlistSessions: listSessions<Option>(),\n\t\trevokeSession,\n\t\trevokeSessions,\n\t\trevokeOtherSessions,\n\t\tlinkSocialAccount,\n\t\tlistUserAccounts,\n\t\tdeleteUserCallback,\n\t\tunlinkAccount,\n\t\trefreshToken,\n\t\tgetAccessToken,\n\t\taccountInfo,\n\t};\n\tconst endpoints = {\n\t\t...baseEndpoints,\n\t\t...pluginEndpoints,\n\t\tok,\n\t\terror,\n\t} as const;\n\tconst api = toAuthEndpoints(endpoints, ctx);\n\treturn {\n\t\tapi: api as typeof endpoints & PluginEndpoint,\n\t\tmiddlewares,\n\t};\n}\nexport const router = <Option extends BetterAuthOptions>(\n\tctx: AuthContext,\n\toptions: Option,\n) => {\n\tconst { api, middlewares } = getEndpoints(ctx, options);\n\tconst basePath = new URL(ctx.baseURL).pathname;\n\n\treturn createRouter(api, {\n\t\trouterContext: ctx,\n\t\topenapi: {\n\t\t\tdisabled: true,\n\t\t},\n\t\tbasePath,\n\t\trouterMiddleware: [\n\t\t\t{\n\t\t\t\tpath: \"/**\",\n\t\t\t\tmiddleware: originCheckMiddleware,\n\t\t\t},\n\t\t\t...middlewares,\n\t\t],\n\t\tallowedMediaTypes: [\"application/json\"],\n\t\tasync onRequest(req) {\n\t\t\t//handle disabled paths\n\t\t\tconst disabledPaths = ctx.options.disabledPaths || [];\n\t\t\tconst pathname = new URL(req.url).pathname.replace(/\\/+$/, \"\") || \"/\";\n\t\t\tconst normalizedPath =\n\t\t\t\tbasePath === \"/\"\n\t\t\t\t\t? pathname\n\t\t\t\t\t: pathname.startsWith(basePath)\n\t\t\t\t\t\t? pathname.slice(basePath.length).replace(/\\/+$/, \"\") || \"/\"\n\t\t\t\t\t\t: pathname;\n\t\t\tif (disabledPaths.includes(normalizedPath)) {\n\t\t\t\treturn new Response(\"Not Found\", { status: 404 });\n\t\t\t}\n\t\t\tfor (const plugin of ctx.options.plugins || []) {\n\t\t\t\tif (plugin.onRequest) {\n\t\t\t\t\tconst response = await plugin.onRequest(req, ctx);\n\t\t\t\t\tif (response && \"response\" in response) {\n\t\t\t\t\t\treturn response.response;\n\t\t\t\t\t}\n\t\t\t\t\tif (response && \"request\" in response) {\n\t\t\t\t\t\tconst rateLimitResponse = await onRequestRateLimit(\n\t\t\t\t\t\t\tresponse.request,\n\t\t\t\t\t\t\tctx,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tif (rateLimitResponse) {\n\t\t\t\t\t\t\treturn rateLimitResponse;\n\t\t\t\t\t\t}\n\t\t\t\t\t\treturn response.request;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn onRequestRateLimit(req, ctx);\n\t\t},\n\t\tasync onResponse(res) {\n\t\t\tfor (const plugin of ctx.options.plugins || []) {\n\t\t\t\tif (plugin.onResponse) {\n\t\t\t\t\tconst response = await plugin.onResponse(res, ctx);\n\t\t\t\t\tif (response) {\n\t\t\t\t\t\treturn response.response;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn res;\n\t\t},\n\t\tonError(e) {\n\t\t\tif (e instanceof APIError && e.status === \"FOUND\") {\n\t\t\t\treturn;\n\t\t\t}\n\t\t\tif (options.onAPIError?.throw) {\n\t\t\t\tthrow e;\n\t\t\t}\n\t\t\tif (options.onAPIError?.onError) {\n\t\t\t\toptions.onAPIError.onError(e, ctx);\n\t\t\t\treturn;\n\t\t\t}\n\n\t\t\tconst optLogLevel = options.logger?.level;\n\t\t\tconst log =\n\t\t\t\toptLogLevel === \"error\" ||\n\t\t\t\toptLogLevel === \"warn\" ||\n\t\t\t\toptLogLevel === \"debug\"\n\t\t\t\t\t? logger\n\t\t\t\t\t: undefined;\n\t\t\tif (options.logger?.disabled !== true) {\n\t\t\t\tif (\n\t\t\t\t\te &&\n\t\t\t\t\ttypeof e === \"object\" &&\n\t\t\t\t\t\"message\" in e &&\n\t\t\t\t\ttypeof e.message === \"string\"\n\t\t\t\t) {\n\t\t\t\t\tif (\n\t\t\t\t\t\te.message.includes(\"no column\") ||\n\t\t\t\t\t\te.message.includes(\"column\") ||\n\t\t\t\t\t\te.message.includes(\"relation\") ||\n\t\t\t\t\t\te.message.includes(\"table\") ||\n\t\t\t\t\t\te.message.includes(\"does not exist\")\n\t\t\t\t\t) {\n\t\t\t\t\t\tctx.logger?.error(e.message);\n\t\t\t\t\t\treturn;\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tif (e instanceof APIError) {\n\t\t\t\t\tif (e.status === \"INTERNAL_SERVER_ERROR\") {\n\t\t\t\t\t\tctx.logger.error(e.status, e);\n\t\t\t\t\t}\n\t\t\t\t\tlog?.error(e.message);\n\t\t\t\t} else {\n\t\t\t\t\tctx.logger?.error(\n\t\t\t\t\t\te && typeof e === \"object\" && \"name\" in e ? (e.name as string) : \"\",\n\t\t\t\t\t\te,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t}\n\t\t},\n\t});\n};\n\nexport {\n\ttype AuthEndpoint,\n\ttype AuthMiddleware,\n\tcreateAuthEndpoint,\n\tcreateAuthMiddleware,\n\toptionsMiddleware,\n} from \"@better-auth/core/api\";\nexport { APIError } from \"better-call\";\nexport { getIp } from \"../utils/get-request-ip\";\nexport * from \"./middlewares\";\nexport * from \"./routes\";\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AA6CA,SAAgB,uBACf,SACA,UACC;CACD,MAAM,mCAAmB,IAAI,KAG1B;AAEH,SAAQ,SAAS,SAAS,WAAW;AACpC,MAAI,OAAO,WACV;QAAK,MAAM,CAAC,KAAK,aAAa,OAAO,QAAQ,OAAO,UAAU,CAC7D,KAAI,YAAY,UAAU,UAAU;IACnC,MAAM,OAAO,SAAS;IACtB,IAAIA,UAAoB,EAAE;AAC1B,QAAI,SAAS,WAAW,YAAY,SAAS,SAC5C;SAAI,MAAM,QAAQ,SAAS,QAAQ,OAAO,CACzC,WAAU,SAAS,QAAQ;cACjB,OAAO,SAAS,QAAQ,WAAW,SAC7C,WAAU,CAAC,SAAS,QAAQ,OAAO;;AAGrC,QAAI,QAAQ,WAAW,EACtB,WAAU,CAAC,IAAI;AAGhB,QAAI,CAAC,iBAAiB,IAAI,KAAK,CAC9B,kBAAiB,IAAI,MAAM,EAAE,CAAC;AAE/B,qBAAiB,IAAI,KAAK,CAAE,KAAK;KAChC,UAAU,OAAO;KACjB,aAAa;KACb;KACA,CAAC;;;GAIJ;CAEF,MAAMC,YAIA,EAAE;AACR,MAAK,MAAM,CAAC,MAAM,YAAY,iBAAiB,SAAS,CACvD,KAAI,QAAQ,SAAS,GAAG;EACvB,MAAM,4BAAY,IAAI,KAAuB;EAC7C,IAAI,cAAc;AAElB,OAAK,MAAM,SAAS,QACnB,MAAK,MAAM,UAAU,MAAM,SAAS;AACnC,OAAI,CAAC,UAAU,IAAI,OAAO,CACzB,WAAU,IAAI,QAAQ,EAAE,CAAC;AAE1B,aAAU,IAAI,OAAO,CAAE,KAAK,MAAM,SAAS;AAE3C,OAAI,UAAU,IAAI,OAAO,CAAE,SAAS,EACnC,eAAc;AAGf,OAAI,WAAW,OAAO,QAAQ,SAAS,EACtC,eAAc;YACJ,WAAW,OAAO,UAAU,IAAI,IAAI,CAC9C,eAAc;;AAKjB,MAAI,aAAa;GAChB,MAAM,gBAAgB,CAAC,GAAG,IAAI,IAAI,QAAQ,KAAK,MAAM,EAAE,SAAS,CAAC,CAAC;GAClE,MAAMC,qBAA+B,EAAE;AAEvC,QAAK,MAAM,CAAC,QAAQ,YAAY,UAAU,SAAS,CAClD,KACC,QAAQ,SAAS,KAChB,WAAW,OAAO,QAAQ,SAAS,KACnC,WAAW,OAAO,UAAU,IAAI,IAAI,CAErC,oBAAmB,KAAK,OAAO;AAIjC,aAAU,KAAK;IACd;IACA,SAAS;IACT;IACA,CAAC;;;AAKL,KAAI,UAAU,SAAS,GAAG;EACzB,MAAM,mBAAmB,UACvB,KACC,aACA,QAAQ,SAAS,KAAK,KAAK,SAAS,mBAAmB,KAAK,KAAK,CAAC,qBAAqB,SAAS,QAAQ,KAAK,KAAK,GACnH,CACA,KAAK,KAAK;AACZ,WAAO,MACN;EACD,iBAAiB;;;;;;EAOhB;;;AAIH,SAAgB,aACf,KACA,SACC;CACD,MAAM,kBACL,QAAQ,SAAS,QAAkC,KAAK,WAAW;AAClE,SAAO;GACN,GAAG;GACH,GAAG,OAAO;GACV;IACC,EAAE,CAAC,IAAI,EAAE;CAcb,MAAM,cACL,QAAQ,SACL,KAAK,WACN,OAAO,aAAa,KAAK,MAAM;EAC9B,MAAM,cAAc,OAAO,YAAiB;GAC3C,MAAM,cAAc,MAAM;AAC1B,UAAO,EAAE,WAAW;IACnB,GAAG;IACH,SAAS;KACR,GAAG;KACH,GAAG,QAAQ;KACX;IACD,CAAC;;AAEH,aAAW,UAAU,EAAE,WAAW;AAClC,SAAO;GACN,MAAM,EAAE;GACR;GACA;GACA,CACF,CACA,QAAQ,WAAW,WAAW,OAAU,CACxC,MAAM,IAAI,EAAE;AAsCf,QAAO;EACN,KAFW,gBANM;GA5BjB,cAAc,cAAsB;GACpC;GACA,YAAY,YAAoB;GAChC;GACA,aAAa,aAAqB;GAClC,aAAa,aAAqB;GAClC;GACA;GACA;GACA;GACA;GACA;GACA,YAAY,YAAoB;GAChC;GACA;GACA;GACA,cAAc,cAAsB;GACpC;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GAIA,GAAG;GACH;GACA;GACA,EACsC,IAAI;EAG1C;EACA;;AAEF,MAAa,UACZ,KACA,YACI;CACJ,MAAM,EAAE,KAAK,gBAAgB,aAAa,KAAK,QAAQ;CACvD,MAAM,WAAW,IAAI,IAAI,IAAI,QAAQ,CAAC;AAEtC,QAAO,aAAa,KAAK;EACxB,eAAe;EACf,SAAS,EACR,UAAU,MACV;EACD;EACA,kBAAkB,CACjB;GACC,MAAM;GACN,YAAY;GACZ,EACD,GAAG,YACH;EACD,mBAAmB,CAAC,mBAAmB;EACvC,MAAM,UAAU,KAAK;GAEpB,MAAM,gBAAgB,IAAI,QAAQ,iBAAiB,EAAE;GACrD,MAAM,WAAW,IAAI,IAAI,IAAI,IAAI,CAAC,SAAS,QAAQ,QAAQ,GAAG,IAAI;GAClE,MAAM,iBACL,aAAa,MACV,WACA,SAAS,WAAW,SAAS,GAC5B,SAAS,MAAM,SAAS,OAAO,CAAC,QAAQ,QAAQ,GAAG,IAAI,MACvD;AACL,OAAI,cAAc,SAAS,eAAe,CACzC,QAAO,IAAI,SAAS,aAAa,EAAE,QAAQ,KAAK,CAAC;AAElD,QAAK,MAAM,UAAU,IAAI,QAAQ,WAAW,EAAE,CAC7C,KAAI,OAAO,WAAW;IACrB,MAAM,WAAW,MAAM,OAAO,UAAU,KAAK,IAAI;AACjD,QAAI,YAAY,cAAc,SAC7B,QAAO,SAAS;AAEjB,QAAI,YAAY,aAAa,UAAU;KACtC,MAAM,oBAAoB,MAAM,mBAC/B,SAAS,SACT,IACA;AACD,SAAI,kBACH,QAAO;AAER,YAAO,SAAS;;;AAInB,UAAO,mBAAmB,KAAK,IAAI;;EAEpC,MAAM,WAAW,KAAK;AACrB,QAAK,MAAM,UAAU,IAAI,QAAQ,WAAW,EAAE,CAC7C,KAAI,OAAO,YAAY;IACtB,MAAM,WAAW,MAAM,OAAO,WAAW,KAAK,IAAI;AAClD,QAAI,SACH,QAAO,SAAS;;AAInB,UAAO;;EAER,QAAQ,GAAG;AACV,OAAI,aAAaC,cAAY,EAAE,WAAW,QACzC;AAED,OAAI,QAAQ,YAAY,MACvB,OAAM;AAEP,OAAI,QAAQ,YAAY,SAAS;AAChC,YAAQ,WAAW,QAAQ,GAAG,IAAI;AAClC;;GAGD,MAAM,cAAc,QAAQ,QAAQ;GACpC,MAAM,MACL,gBAAgB,WAChB,gBAAgB,UAChB,gBAAgB,UACb,SACA;AACJ,OAAI,QAAQ,QAAQ,aAAa,MAAM;AACtC,QACC,KACA,OAAO,MAAM,YACb,aAAa,KACb,OAAO,EAAE,YAAY,UAErB;SACC,EAAE,QAAQ,SAAS,YAAY,IAC/B,EAAE,QAAQ,SAAS,SAAS,IAC5B,EAAE,QAAQ,SAAS,WAAW,IAC9B,EAAE,QAAQ,SAAS,QAAQ,IAC3B,EAAE,QAAQ,SAAS,iBAAiB,EACnC;AACD,UAAI,QAAQ,MAAM,EAAE,QAAQ;AAC5B;;;AAIF,QAAI,aAAaA,YAAU;AAC1B,SAAI,EAAE,WAAW,wBAChB,KAAI,OAAO,MAAM,EAAE,QAAQ,EAAE;AAE9B,UAAK,MAAM,EAAE,QAAQ;UAErB,KAAI,QAAQ,MACX,KAAK,OAAO,MAAM,YAAY,UAAU,IAAK,EAAE,OAAkB,IACjE,EACA;;;EAIJ,CAAC"}
+{"version":3,"file":"index.mjs","names":["methods: string[]","conflicts: {\n\t\tpath: string;\n\t\tplugins: string[];\n\t\tconflictingMethods: string[];\n\t}[]","conflictingMethods: string[]","APIError"],"sources":["../../src/api/index.ts"],"sourcesContent":["import type {\n\tAuthContext,\n\tBetterAuthOptions,\n\tBetterAuthPlugin,\n} from \"@better-auth/core\";\nimport type { InternalLogger } from \"@better-auth/core/env\";\nimport { logger } from \"@better-auth/core/env\";\nimport type { Endpoint, Middleware } from \"better-call\";\nimport { APIError, createRouter } from \"better-call\";\nimport type { UnionToIntersection } from \"../types/helper\";\nimport { originCheckMiddleware } from \"./middlewares\";\nimport { onRequestRateLimit } from \"./rate-limiter\";\nimport {\n\taccountInfo,\n\tcallbackOAuth,\n\tchangeEmail,\n\tchangePassword,\n\tdeleteUser,\n\tdeleteUserCallback,\n\terror,\n\tgetAccessToken,\n\tgetSession,\n\tlinkSocialAccount,\n\tlistSessions,\n\tlistUserAccounts,\n\tok,\n\trefreshToken,\n\trequestPasswordReset,\n\trequestPasswordResetCallback,\n\tresetPassword,\n\trevokeOtherSessions,\n\trevokeSession,\n\trevokeSessions,\n\tsendVerificationEmail,\n\tsetPassword,\n\tsignInEmail,\n\tsignInSocial,\n\tsignOut,\n\tsignUpEmail,\n\tunlinkAccount,\n\tupdateUser,\n\tverifyEmail,\n} from \"./routes\";\nimport { toAuthEndpoints } from \"./to-auth-endpoints\";\n\nexport function checkEndpointConflicts(\n\toptions: BetterAuthOptions,\n\tlogger: InternalLogger,\n) {\n\tconst endpointRegistry = new Map<\n\t\tstring,\n\t\t{ pluginId: string; endpointKey: string; methods: string[] }[]\n\t>();\n\n\toptions.plugins?.forEach((plugin) => {\n\t\tif (plugin.endpoints) {\n\t\t\tfor (const [key, endpoint] of Object.entries(plugin.endpoints)) {\n\t\t\t\tif (\n\t\t\t\t\tendpoint &&\n\t\t\t\t\t\"path\" in endpoint &&\n\t\t\t\t\ttypeof endpoint.path === \"string\"\n\t\t\t\t) {\n\t\t\t\t\tconst path = endpoint.path;\n\t\t\t\t\tlet methods: string[] = [];\n\t\t\t\t\tif (endpoint.options && \"method\" in endpoint.options) {\n\t\t\t\t\t\tif (Array.isArray(endpoint.options.method)) {\n\t\t\t\t\t\t\tmethods = endpoint.options.method;\n\t\t\t\t\t\t} else if (typeof endpoint.options.method === \"string\") {\n\t\t\t\t\t\t\tmethods = [endpoint.options.method];\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (methods.length === 0) {\n\t\t\t\t\t\tmethods = [\"*\"];\n\t\t\t\t\t}\n\n\t\t\t\t\tif (!endpointRegistry.has(path)) {\n\t\t\t\t\t\tendpointRegistry.set(path, []);\n\t\t\t\t\t}\n\t\t\t\t\tendpointRegistry.get(path)!.push({\n\t\t\t\t\t\tpluginId: plugin.id,\n\t\t\t\t\t\tendpointKey: key,\n\t\t\t\t\t\tmethods,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t});\n\n\tconst conflicts: {\n\t\tpath: string;\n\t\tplugins: string[];\n\t\tconflictingMethods: string[];\n\t}[] = [];\n\tfor (const [path, entries] of endpointRegistry.entries()) {\n\t\tif (entries.length > 1) {\n\t\t\tconst methodMap = new Map<string, string[]>();\n\t\t\tlet hasConflict = false;\n\n\t\t\tfor (const entry of entries) {\n\t\t\t\tfor (const method of entry.methods) {\n\t\t\t\t\tif (!methodMap.has(method)) {\n\t\t\t\t\t\tmethodMap.set(method, []);\n\t\t\t\t\t}\n\t\t\t\t\tmethodMap.get(method)!.push(entry.pluginId);\n\n\t\t\t\t\tif (methodMap.get(method)!.length > 1) {\n\t\t\t\t\t\thasConflict = true;\n\t\t\t\t\t}\n\n\t\t\t\t\tif (method === \"*\" && entries.length > 1) {\n\t\t\t\t\t\thasConflict = true;\n\t\t\t\t\t} else if (method !== \"*\" && methodMap.has(\"*\")) {\n\t\t\t\t\t\thasConflict = true;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (hasConflict) {\n\t\t\t\tconst uniquePlugins = [...new Set(entries.map((e) => e.pluginId))];\n\t\t\t\tconst conflictingMethods: string[] = [];\n\n\t\t\t\tfor (const [method, plugins] of methodMap.entries()) {\n\t\t\t\t\tif (\n\t\t\t\t\t\tplugins.length > 1 ||\n\t\t\t\t\t\t(method === \"*\" && entries.length > 1) ||\n\t\t\t\t\t\t(method !== \"*\" && methodMap.has(\"*\"))\n\t\t\t\t\t) {\n\t\t\t\t\t\tconflictingMethods.push(method);\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tconflicts.push({\n\t\t\t\t\tpath,\n\t\t\t\t\tplugins: uniquePlugins,\n\t\t\t\t\tconflictingMethods,\n\t\t\t\t});\n\t\t\t}\n\t\t}\n\t}\n\n\tif (conflicts.length > 0) {\n\t\tconst conflictMessages = conflicts\n\t\t\t.map(\n\t\t\t\t(conflict) =>\n\t\t\t\t\t`  - \"${conflict.path}\" [${conflict.conflictingMethods.join(\", \")}] used by plugins: ${conflict.plugins.join(\", \")}`,\n\t\t\t)\n\t\t\t.join(\"\\n\");\n\t\tlogger.error(\n\t\t\t`Endpoint path conflicts detected! Multiple plugins are trying to use the same endpoint paths with conflicting HTTP methods:\n${conflictMessages}\n\nTo resolve this, you can:\n\t1. Use only one of the conflicting plugins\n\t2. Configure the plugins to use different paths (if supported)\n\t3. Ensure plugins use different HTTP methods for the same path\n`,\n\t\t);\n\t}\n}\n\nexport function getEndpoints<Option extends BetterAuthOptions>(\n\tctx: Promise<AuthContext> | AuthContext,\n\toptions: Option,\n) {\n\tconst pluginEndpoints =\n\t\toptions.plugins?.reduce<Record<string, Endpoint>>((acc, plugin) => {\n\t\t\treturn {\n\t\t\t\t...acc,\n\t\t\t\t...plugin.endpoints,\n\t\t\t};\n\t\t}, {}) ?? {};\n\n\ttype PluginEndpoint = UnionToIntersection<\n\t\tOption[\"plugins\"] extends Array<infer T>\n\t\t\t? T extends BetterAuthPlugin\n\t\t\t\t? T extends {\n\t\t\t\t\t\tendpoints: infer E;\n\t\t\t\t\t}\n\t\t\t\t\t? E\n\t\t\t\t\t: {}\n\t\t\t\t: {}\n\t\t\t: {}\n\t>;\n\n\tconst middlewares =\n\t\toptions.plugins\n\t\t\t?.map((plugin) =>\n\t\t\t\tplugin.middlewares?.map((m) => {\n\t\t\t\t\tconst middleware = (async (context: any) => {\n\t\t\t\t\t\tconst authContext = await ctx;\n\t\t\t\t\t\treturn m.middleware({\n\t\t\t\t\t\t\t...context,\n\t\t\t\t\t\t\tcontext: {\n\t\t\t\t\t\t\t\t...authContext,\n\t\t\t\t\t\t\t\t...context.context,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t});\n\t\t\t\t\t}) as Middleware;\n\t\t\t\t\tmiddleware.options = m.middleware.options;\n\t\t\t\t\treturn {\n\t\t\t\t\t\tpath: m.path,\n\t\t\t\t\t\tmiddleware,\n\t\t\t\t\t};\n\t\t\t\t}),\n\t\t\t)\n\t\t\t.filter((plugin) => plugin !== undefined)\n\t\t\t.flat() || [];\n\n\tconst baseEndpoints = {\n\t\tsignInSocial: signInSocial<Option>(),\n\t\tcallbackOAuth,\n\t\tgetSession: getSession<Option>(),\n\t\tsignOut,\n\t\tsignUpEmail: signUpEmail<Option>(),\n\t\tsignInEmail: signInEmail<Option>(),\n\t\tresetPassword,\n\t\tverifyEmail,\n\t\tsendVerificationEmail,\n\t\tchangeEmail,\n\t\tchangePassword,\n\t\tsetPassword,\n\t\tupdateUser: updateUser<Option>(),\n\t\tdeleteUser,\n\t\trequestPasswordReset,\n\t\trequestPasswordResetCallback,\n\t\tlistSessions: listSessions<Option>(),\n\t\trevokeSession,\n\t\trevokeSessions,\n\t\trevokeOtherSessions,\n\t\tlinkSocialAccount,\n\t\tlistUserAccounts,\n\t\tdeleteUserCallback,\n\t\tunlinkAccount,\n\t\trefreshToken,\n\t\tgetAccessToken,\n\t\taccountInfo,\n\t};\n\tconst endpoints = {\n\t\t...baseEndpoints,\n\t\t...pluginEndpoints,\n\t\tok,\n\t\terror,\n\t} as const;\n\tconst api = toAuthEndpoints(endpoints, ctx);\n\treturn {\n\t\tapi: api as typeof endpoints & PluginEndpoint,\n\t\tmiddlewares,\n\t};\n}\nexport const router = <Option extends BetterAuthOptions>(\n\tctx: AuthContext,\n\toptions: Option,\n) => {\n\tconst { api, middlewares } = getEndpoints(ctx, options);\n\tconst basePath = new URL(ctx.baseURL).pathname;\n\n\treturn createRouter(api, {\n\t\trouterContext: ctx,\n\t\topenapi: {\n\t\t\tdisabled: true,\n\t\t},\n\t\tbasePath,\n\t\trouterMiddleware: [\n\t\t\t{\n\t\t\t\tpath: \"/**\",\n\t\t\t\tmiddleware: originCheckMiddleware,\n\t\t\t},\n\t\t\t...middlewares,\n\t\t],\n\t\tallowedMediaTypes: [\"application/json\"],\n\t\tasync onRequest(req) {\n\t\t\t//handle disabled paths\n\t\t\tconst disabledPaths = ctx.options.disabledPaths || [];\n\t\t\tconst pathname = new URL(req.url).pathname.replace(/\\/+$/, \"\") || \"/\";\n\t\t\tconst normalizedPath =\n\t\t\t\tbasePath === \"/\"\n\t\t\t\t\t? pathname\n\t\t\t\t\t: pathname.startsWith(basePath)\n\t\t\t\t\t\t? pathname.slice(basePath.length).replace(/\\/+$/, \"\") || \"/\"\n\t\t\t\t\t\t: pathname;\n\t\t\tif (disabledPaths.includes(normalizedPath)) {\n\t\t\t\treturn new Response(\"Not Found\", { status: 404 });\n\t\t\t}\n\t\t\tfor (const plugin of ctx.options.plugins || []) {\n\t\t\t\tif (plugin.onRequest) {\n\t\t\t\t\tconst response = await plugin.onRequest(req, ctx);\n\t\t\t\t\tif (response && \"response\" in response) {\n\t\t\t\t\t\treturn response.response;\n\t\t\t\t\t}\n\t\t\t\t\tif (response && \"request\" in response) {\n\t\t\t\t\t\tconst rateLimitResponse = await onRequestRateLimit(\n\t\t\t\t\t\t\tresponse.request,\n\t\t\t\t\t\t\tctx,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tif (rateLimitResponse) {\n\t\t\t\t\t\t\treturn rateLimitResponse;\n\t\t\t\t\t\t}\n\t\t\t\t\t\treturn response.request;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn onRequestRateLimit(req, ctx);\n\t\t},\n\t\tasync onResponse(res) {\n\t\t\tfor (const plugin of ctx.options.plugins || []) {\n\t\t\t\tif (plugin.onResponse) {\n\t\t\t\t\tconst response = await plugin.onResponse(res, ctx);\n\t\t\t\t\tif (response) {\n\t\t\t\t\t\treturn response.response;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn res;\n\t\t},\n\t\tonError(e) {\n\t\t\tif (e instanceof APIError && e.status === \"FOUND\") {\n\t\t\t\treturn;\n\t\t\t}\n\t\t\tif (options.onAPIError?.throw) {\n\t\t\t\tthrow e;\n\t\t\t}\n\t\t\tif (options.onAPIError?.onError) {\n\t\t\t\toptions.onAPIError.onError(e, ctx);\n\t\t\t\treturn;\n\t\t\t}\n\n\t\t\tconst optLogLevel = options.logger?.level;\n\t\t\tconst log =\n\t\t\t\toptLogLevel === \"error\" ||\n\t\t\t\toptLogLevel === \"warn\" ||\n\t\t\t\toptLogLevel === \"debug\"\n\t\t\t\t\t? logger\n\t\t\t\t\t: undefined;\n\t\t\tif (options.logger?.disabled !== true) {\n\t\t\t\tif (\n\t\t\t\t\te &&\n\t\t\t\t\ttypeof e === \"object\" &&\n\t\t\t\t\t\"message\" in e &&\n\t\t\t\t\ttypeof e.message === \"string\"\n\t\t\t\t) {\n\t\t\t\t\tif (\n\t\t\t\t\t\te.message.includes(\"no column\") ||\n\t\t\t\t\t\te.message.includes(\"column\") ||\n\t\t\t\t\t\te.message.includes(\"relation\") ||\n\t\t\t\t\t\te.message.includes(\"table\") ||\n\t\t\t\t\t\te.message.includes(\"does not exist\")\n\t\t\t\t\t) {\n\t\t\t\t\t\tctx.logger?.error(e.message);\n\t\t\t\t\t\treturn;\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tif (e instanceof APIError) {\n\t\t\t\t\tif (e.status === \"INTERNAL_SERVER_ERROR\") {\n\t\t\t\t\t\tctx.logger.error(e.status, e);\n\t\t\t\t\t}\n\t\t\t\t\tlog?.error(e.message);\n\t\t\t\t} else {\n\t\t\t\t\tctx.logger?.error(\n\t\t\t\t\t\te && typeof e === \"object\" && \"name\" in e ? (e.name as string) : \"\",\n\t\t\t\t\t\te,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t}\n\t\t},\n\t});\n};\n\nexport {\n\ttype AuthEndpoint,\n\ttype AuthMiddleware,\n\tcreateAuthEndpoint,\n\tcreateAuthMiddleware,\n\toptionsMiddleware,\n} from \"@better-auth/core/api\";\nexport { APIError } from \"better-call\";\nexport { getIp } from \"../utils/get-request-ip\";\nexport * from \"./middlewares\";\nexport * from \"./routes\";\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AA6CA,SAAgB,uBACf,SACA,UACC;CACD,MAAM,mCAAmB,IAAI,KAG1B;AAEH,SAAQ,SAAS,SAAS,WAAW;AACpC,MAAI,OAAO,WACV;QAAK,MAAM,CAAC,KAAK,aAAa,OAAO,QAAQ,OAAO,UAAU,CAC7D,KACC,YACA,UAAU,YACV,OAAO,SAAS,SAAS,UACxB;IACD,MAAM,OAAO,SAAS;IACtB,IAAIA,UAAoB,EAAE;AAC1B,QAAI,SAAS,WAAW,YAAY,SAAS,SAC5C;SAAI,MAAM,QAAQ,SAAS,QAAQ,OAAO,CACzC,WAAU,SAAS,QAAQ;cACjB,OAAO,SAAS,QAAQ,WAAW,SAC7C,WAAU,CAAC,SAAS,QAAQ,OAAO;;AAGrC,QAAI,QAAQ,WAAW,EACtB,WAAU,CAAC,IAAI;AAGhB,QAAI,CAAC,iBAAiB,IAAI,KAAK,CAC9B,kBAAiB,IAAI,MAAM,EAAE,CAAC;AAE/B,qBAAiB,IAAI,KAAK,CAAE,KAAK;KAChC,UAAU,OAAO;KACjB,aAAa;KACb;KACA,CAAC;;;GAIJ;CAEF,MAAMC,YAIA,EAAE;AACR,MAAK,MAAM,CAAC,MAAM,YAAY,iBAAiB,SAAS,CACvD,KAAI,QAAQ,SAAS,GAAG;EACvB,MAAM,4BAAY,IAAI,KAAuB;EAC7C,IAAI,cAAc;AAElB,OAAK,MAAM,SAAS,QACnB,MAAK,MAAM,UAAU,MAAM,SAAS;AACnC,OAAI,CAAC,UAAU,IAAI,OAAO,CACzB,WAAU,IAAI,QAAQ,EAAE,CAAC;AAE1B,aAAU,IAAI,OAAO,CAAE,KAAK,MAAM,SAAS;AAE3C,OAAI,UAAU,IAAI,OAAO,CAAE,SAAS,EACnC,eAAc;AAGf,OAAI,WAAW,OAAO,QAAQ,SAAS,EACtC,eAAc;YACJ,WAAW,OAAO,UAAU,IAAI,IAAI,CAC9C,eAAc;;AAKjB,MAAI,aAAa;GAChB,MAAM,gBAAgB,CAAC,GAAG,IAAI,IAAI,QAAQ,KAAK,MAAM,EAAE,SAAS,CAAC,CAAC;GAClE,MAAMC,qBAA+B,EAAE;AAEvC,QAAK,MAAM,CAAC,QAAQ,YAAY,UAAU,SAAS,CAClD,KACC,QAAQ,SAAS,KAChB,WAAW,OAAO,QAAQ,SAAS,KACnC,WAAW,OAAO,UAAU,IAAI,IAAI,CAErC,oBAAmB,KAAK,OAAO;AAIjC,aAAU,KAAK;IACd;IACA,SAAS;IACT;IACA,CAAC;;;AAKL,KAAI,UAAU,SAAS,GAAG;EACzB,MAAM,mBAAmB,UACvB,KACC,aACA,QAAQ,SAAS,KAAK,KAAK,SAAS,mBAAmB,KAAK,KAAK,CAAC,qBAAqB,SAAS,QAAQ,KAAK,KAAK,GACnH,CACA,KAAK,KAAK;AACZ,WAAO,MACN;EACD,iBAAiB;;;;;;EAOhB;;;AAIH,SAAgB,aACf,KACA,SACC;CACD,MAAM,kBACL,QAAQ,SAAS,QAAkC,KAAK,WAAW;AAClE,SAAO;GACN,GAAG;GACH,GAAG,OAAO;GACV;IACC,EAAE,CAAC,IAAI,EAAE;CAcb,MAAM,cACL,QAAQ,SACL,KAAK,WACN,OAAO,aAAa,KAAK,MAAM;EAC9B,MAAM,cAAc,OAAO,YAAiB;GAC3C,MAAM,cAAc,MAAM;AAC1B,UAAO,EAAE,WAAW;IACnB,GAAG;IACH,SAAS;KACR,GAAG;KACH,GAAG,QAAQ;KACX;IACD,CAAC;;AAEH,aAAW,UAAU,EAAE,WAAW;AAClC,SAAO;GACN,MAAM,EAAE;GACR;GACA;GACA,CACF,CACA,QAAQ,WAAW,WAAW,OAAU,CACxC,MAAM,IAAI,EAAE;AAsCf,QAAO;EACN,KAFW,gBANM;GA5BjB,cAAc,cAAsB;GACpC;GACA,YAAY,YAAoB;GAChC;GACA,aAAa,aAAqB;GAClC,aAAa,aAAqB;GAClC;GACA;GACA;GACA;GACA;GACA;GACA,YAAY,YAAoB;GAChC;GACA;GACA;GACA,cAAc,cAAsB;GACpC;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GAIA,GAAG;GACH;GACA;GACA,EACsC,IAAI;EAG1C;EACA;;AAEF,MAAa,UACZ,KACA,YACI;CACJ,MAAM,EAAE,KAAK,gBAAgB,aAAa,KAAK,QAAQ;CACvD,MAAM,WAAW,IAAI,IAAI,IAAI,QAAQ,CAAC;AAEtC,QAAO,aAAa,KAAK;EACxB,eAAe;EACf,SAAS,EACR,UAAU,MACV;EACD;EACA,kBAAkB,CACjB;GACC,MAAM;GACN,YAAY;GACZ,EACD,GAAG,YACH;EACD,mBAAmB,CAAC,mBAAmB;EACvC,MAAM,UAAU,KAAK;GAEpB,MAAM,gBAAgB,IAAI,QAAQ,iBAAiB,EAAE;GACrD,MAAM,WAAW,IAAI,IAAI,IAAI,IAAI,CAAC,SAAS,QAAQ,QAAQ,GAAG,IAAI;GAClE,MAAM,iBACL,aAAa,MACV,WACA,SAAS,WAAW,SAAS,GAC5B,SAAS,MAAM,SAAS,OAAO,CAAC,QAAQ,QAAQ,GAAG,IAAI,MACvD;AACL,OAAI,cAAc,SAAS,eAAe,CACzC,QAAO,IAAI,SAAS,aAAa,EAAE,QAAQ,KAAK,CAAC;AAElD,QAAK,MAAM,UAAU,IAAI,QAAQ,WAAW,EAAE,CAC7C,KAAI,OAAO,WAAW;IACrB,MAAM,WAAW,MAAM,OAAO,UAAU,KAAK,IAAI;AACjD,QAAI,YAAY,cAAc,SAC7B,QAAO,SAAS;AAEjB,QAAI,YAAY,aAAa,UAAU;KACtC,MAAM,oBAAoB,MAAM,mBAC/B,SAAS,SACT,IACA;AACD,SAAI,kBACH,QAAO;AAER,YAAO,SAAS;;;AAInB,UAAO,mBAAmB,KAAK,IAAI;;EAEpC,MAAM,WAAW,KAAK;AACrB,QAAK,MAAM,UAAU,IAAI,QAAQ,WAAW,EAAE,CAC7C,KAAI,OAAO,YAAY;IACtB,MAAM,WAAW,MAAM,OAAO,WAAW,KAAK,IAAI;AAClD,QAAI,SACH,QAAO,SAAS;;AAInB,UAAO;;EAER,QAAQ,GAAG;AACV,OAAI,aAAaC,cAAY,EAAE,WAAW,QACzC;AAED,OAAI,QAAQ,YAAY,MACvB,OAAM;AAEP,OAAI,QAAQ,YAAY,SAAS;AAChC,YAAQ,WAAW,QAAQ,GAAG,IAAI;AAClC;;GAGD,MAAM,cAAc,QAAQ,QAAQ;GACpC,MAAM,MACL,gBAAgB,WAChB,gBAAgB,UAChB,gBAAgB,UACb,SACA;AACJ,OAAI,QAAQ,QAAQ,aAAa,MAAM;AACtC,QACC,KACA,OAAO,MAAM,YACb,aAAa,KACb,OAAO,EAAE,YAAY,UAErB;SACC,EAAE,QAAQ,SAAS,YAAY,IAC/B,EAAE,QAAQ,SAAS,SAAS,IAC5B,EAAE,QAAQ,SAAS,WAAW,IAC9B,EAAE,QAAQ,SAAS,QAAQ,IAC3B,EAAE,QAAQ,SAAS,iBAAiB,EACnC;AACD,UAAI,QAAQ,MAAM,EAAE,QAAQ;AAC5B;;;AAIF,QAAI,aAAaA,YAAU;AAC1B,SAAI,EAAE,WAAW,wBAChB,KAAI,OAAO,MAAM,EAAE,QAAQ,EAAE;AAE9B,UAAK,MAAM,EAAE,QAAQ;UAErB,KAAI,QAAQ,MACX,KAAK,OAAO,MAAM,YAAY,UAAU,IAAK,EAAE,OAAkB,IACjE,EACA;;;EAIJ,CAAC"}

package/dist/api/routes/account.d.mts

@@ -1,11 +1,11 @@
 import * as _better_auth_core_oauth28 from "@better-auth/core/oauth2";
 import * as z from "zod";
-import * as better_call712 from "better-call";
+import * as better_call694 from "better-call";
 
 //#region src/api/routes/account.d.ts
-declare const listUserAccounts: better_call712.StrictEndpoint<"/list-accounts", {
+declare const listUserAccounts: better_call694.StrictEndpoint<"/list-accounts", {
   method: "GET";
-  use: ((inputContext: better_call712.MiddlewareInputContext<better_call712.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call694.MiddlewareInputContext<better_call694.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -78,8 +78,6 @@ declare const listUserAccounts: better_call712.StrictEndpoint<"/list-accounts",
       };
     };
   };
-} & {
-  use: any[];
 }, {
   id: string;
   providerId: string;
@@ -89,7 +87,7 @@ declare const listUserAccounts: better_call712.StrictEndpoint<"/list-accounts",
   userId: string;
   scopes: string[];
 }[]>;
-declare const linkSocialAccount: better_call712.StrictEndpoint<"/link-social", {
+declare const linkSocialAccount: better_call694.StrictEndpoint<"/link-social", {
   method: "POST";
   requireHeaders: true;
   body: z.ZodObject<{
@@ -108,7 +106,7 @@ declare const linkSocialAccount: better_call712.StrictEndpoint<"/link-social", {
     disableRedirect: z.ZodOptional<z.ZodBoolean>;
     additionalData: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
   }, z.core.$strip>;
-  use: ((inputContext: better_call712.MiddlewareInputContext<better_call712.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call694.MiddlewareInputContext<better_call694.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -163,19 +161,17 @@ declare const linkSocialAccount: better_call712.StrictEndpoint<"/link-social", {
       };
     };
   };
-} & {
-  use: any[];
 }, {
   url: string;
   redirect: boolean;
 }>;
-declare const unlinkAccount: better_call712.StrictEndpoint<"/unlink-account", {
+declare const unlinkAccount: better_call694.StrictEndpoint<"/unlink-account", {
   method: "POST";
   body: z.ZodObject<{
     providerId: z.ZodString;
     accountId: z.ZodOptional<z.ZodString>;
   }, z.core.$strip>;
-  use: ((inputContext: better_call712.MiddlewareInputContext<better_call712.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call694.MiddlewareInputContext<better_call694.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -220,12 +216,10 @@ declare const unlinkAccount: better_call712.StrictEndpoint<"/unlink-account", {
       };
     };
   };
-} & {
-  use: any[];
 }, {
   status: boolean;
 }>;
-declare const getAccessToken: better_call712.StrictEndpoint<"/get-access-token", {
+declare const getAccessToken: better_call694.StrictEndpoint<"/get-access-token", {
   method: "POST";
   body: z.ZodObject<{
     providerId: z.ZodString;
@@ -274,15 +268,13 @@ declare const getAccessToken: better_call712.StrictEndpoint<"/get-access-token",
       };
     };
   };
-} & {
-  use: any[];
 }, {
   accessToken: string;
   accessTokenExpiresAt: Date | undefined;
   scopes: string[];
   idToken: string | undefined;
 }>;
-declare const refreshToken: better_call712.StrictEndpoint<"/refresh-token", {
+declare const refreshToken: better_call694.StrictEndpoint<"/refresh-token", {
   method: "POST";
   body: z.ZodObject<{
     providerId: z.ZodString;
@@ -331,8 +323,6 @@ declare const refreshToken: better_call712.StrictEndpoint<"/refresh-token", {
       };
     };
   };
-} & {
-  use: any[];
 }, {
   accessToken: string | undefined;
   refreshToken: string | undefined;
@@ -343,9 +333,9 @@ declare const refreshToken: better_call712.StrictEndpoint<"/refresh-token", {
   providerId: string;
   accountId: string;
 }>;
-declare const accountInfo: better_call712.StrictEndpoint<"/account-info", {
+declare const accountInfo: better_call694.StrictEndpoint<"/account-info", {
   method: "GET";
-  use: ((inputContext: better_call712.MiddlewareInputContext<better_call712.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call694.MiddlewareInputContext<better_call694.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -418,8 +408,6 @@ declare const accountInfo: better_call712.StrictEndpoint<"/account-info", {
   query: z.ZodOptional<z.ZodObject<{
     accountId: z.ZodOptional<z.ZodString>;
   }, z.core.$strip>>;
-} & {
-  use: any[];
 }, {
   user: _better_auth_core_oauth28.OAuth2UserInfo;
   data: Record<string, any>;

package/dist/api/routes/callback.d.mts

@@ -1,8 +1,8 @@
 import * as z from "zod";
-import * as better_call731 from "better-call";
+import * as better_call693 from "better-call";
 
 //#region src/api/routes/callback.d.ts
-declare const callbackOAuth: better_call731.StrictEndpoint<"/callback/:id", {
+declare const callbackOAuth: better_call693.StrictEndpoint<"/callback/:id", {
   method: ("GET" | "POST")[];
   operationId: string;
   body: z.ZodOptional<z.ZodObject<{
@@ -23,10 +23,8 @@ declare const callbackOAuth: better_call731.StrictEndpoint<"/callback/:id", {
   }, z.core.$strip>>;
   metadata: {
     allowedMediaTypes: string[];
-    isAction: false;
+    scope: "server";
   };
-} & {
-  use: any[];
 }, void>;
 //#endregion
 export { callbackOAuth };

package/dist/api/routes/email-verification.d.mts

@@ -2,7 +2,7 @@ import { User } from "../../types/models.mjs";
 import "../../types/index.mjs";
 import { GenericEndpointContext } from "@better-auth/core";
 import * as z from "zod";
-import * as better_call753 from "better-call";
+import * as better_call757 from "better-call";
 
 //#region src/api/routes/email-verification.d.ts
 declare function createEmailVerificationToken(secret: string, email: string,
@@ -22,7 +22,7 @@ extraPayload?: Record<string, any>): Promise<string>;
  * A function to send a verification email to the user
  */
 declare function sendVerificationEmailFn(ctx: GenericEndpointContext, user: User): Promise<void>;
-declare const sendVerificationEmail: better_call753.StrictEndpoint<"/send-verification-email", {
+declare const sendVerificationEmail: better_call757.StrictEndpoint<"/send-verification-email", {
   method: "POST";
   operationId: string;
   body: z.ZodObject<{
@@ -94,19 +94,17 @@ declare const sendVerificationEmail: better_call753.StrictEndpoint<"/send-verifi
       };
     };
   };
-} & {
-  use: any[];
 }, {
   status: boolean;
 }>;
-declare const verifyEmail: better_call753.StrictEndpoint<"/verify-email", {
+declare const verifyEmail: better_call757.StrictEndpoint<"/verify-email", {
   method: "GET";
   operationId: string;
   query: z.ZodObject<{
     token: z.ZodString;
     callbackURL: z.ZodOptional<z.ZodString>;
   }, z.core.$strip>;
-  use: ((inputContext: better_call753.MiddlewareInputContext<better_call753.MiddlewareOptions>) => Promise<void>)[];
+  use: ((inputContext: better_call757.MiddlewareInputContext<better_call757.MiddlewareOptions>) => Promise<void>)[];
   metadata: {
     openapi: {
       description: string;
@@ -152,8 +150,6 @@ declare const verifyEmail: better_call753.StrictEndpoint<"/verify-email", {
       };
     };
   };
-} & {
-  use: any[];
 }, void | {
   status: boolean;
 }>;

package/dist/api/routes/error.d.mts

@@ -1,7 +1,7 @@
-import * as better_call759 from "better-call";
+import * as better_call750 from "better-call";
 
 //#region src/api/routes/error.d.ts
-declare const error: better_call759.StrictEndpoint<"/error", {
+declare const error: better_call750.StrictEndpoint<"/error", {
   method: "GET";
   metadata: {
     openapi: {
@@ -20,10 +20,8 @@ declare const error: better_call759.StrictEndpoint<"/error", {
         };
       };
     };
-    isAction: false;
+    scope: "server";
   };
-} & {
-  use: any[];
 }, Response>;
 //#endregion
 export { error };

package/dist/api/routes/ok.d.mts

@@ -1,7 +1,7 @@
-import * as better_call693 from "better-call";
+import * as better_call761 from "better-call";
 
 //#region src/api/routes/ok.d.ts
-declare const ok: better_call693.StrictEndpoint<"/ok", {
+declare const ok: better_call761.StrictEndpoint<"/ok", {
   method: "GET";
   metadata: {
     openapi: {
@@ -26,10 +26,8 @@ declare const ok: better_call693.StrictEndpoint<"/ok", {
         };
       };
     };
-    isAction: false;
+    scope: "server";
   };
-} & {
-  use: any[];
 }, {
   ok: boolean;
 }>;

package/dist/api/routes/reset-password.d.mts

@@ -1,8 +1,8 @@
 import * as z from "zod";
-import * as better_call726 from "better-call";
+import * as better_call752 from "better-call";
 
 //#region src/api/routes/reset-password.d.ts
-declare const requestPasswordReset: better_call726.StrictEndpoint<"/request-password-reset", {
+declare const requestPasswordReset: better_call752.StrictEndpoint<"/request-password-reset", {
   method: "POST";
   body: z.ZodObject<{
     email: z.ZodEmail;
@@ -34,19 +34,17 @@ declare const requestPasswordReset: better_call726.StrictEndpoint<"/request-pass
       };
     };
   };
-} & {
-  use: any[];
 }, {
   status: boolean;
   message: string;
 }>;
-declare const requestPasswordResetCallback: better_call726.StrictEndpoint<"/reset-password/:token", {
+declare const requestPasswordResetCallback: better_call752.StrictEndpoint<"/reset-password/:token", {
   method: "GET";
   operationId: string;
   query: z.ZodObject<{
     callbackURL: z.ZodString;
   }, z.core.$strip>;
-  use: ((inputContext: better_call726.MiddlewareInputContext<better_call726.MiddlewareOptions>) => Promise<void>)[];
+  use: ((inputContext: better_call752.MiddlewareInputContext<better_call752.MiddlewareOptions>) => Promise<void>)[];
   metadata: {
     openapi: {
       operationId: string;
@@ -87,10 +85,8 @@ declare const requestPasswordResetCallback: better_call726.StrictEndpoint<"/rese
       };
     };
   };
-} & {
-  use: any[];
 }, never>;
-declare const resetPassword: better_call726.StrictEndpoint<"/reset-password", {
+declare const resetPassword: better_call752.StrictEndpoint<"/reset-password", {
   method: "POST";
   operationId: string;
   query: z.ZodOptional<z.ZodObject<{
@@ -123,8 +119,6 @@ declare const resetPassword: better_call726.StrictEndpoint<"/reset-password", {
       };
     };
   };
-} & {
-  use: any[];
 }, {
   status: boolean;
 }>;

package/dist/api/routes/session.d.mts

@@ -3,10 +3,10 @@ import { InferSession, InferUser, Session, User } from "../../types/models.mjs";
 import "../../types/index.mjs";
 import { BetterAuthOptions, GenericEndpointContext } from "@better-auth/core";
 import * as z from "zod";
-import * as better_call732 from "better-call";
+import * as better_call728 from "better-call";
 
 //#region src/api/routes/session.d.ts
-declare const getSession: <Option extends BetterAuthOptions>() => better_call732.StrictEndpoint<"/get-session", {
+declare const getSession: <Option extends BetterAuthOptions>() => better_call728.StrictEndpoint<"/get-session", {
   method: "GET";
   operationId: string;
   query: z.ZodOptional<z.ZodObject<{
@@ -42,8 +42,6 @@ declare const getSession: <Option extends BetterAuthOptions>() => better_call732
       };
     };
   };
-} & {
-  use: any[];
 }, {
   session: InferSession<Option>;
   user: InferUser<Option>;
@@ -58,7 +56,7 @@ declare const getSessionFromCtx: <U extends Record<string, any> = Record<string,
 /**
  * The middleware forces the endpoint to require a valid session.
  */
-declare const sessionMiddleware: (inputContext: better_call732.MiddlewareInputContext<better_call732.MiddlewareOptions>) => Promise<{
+declare const sessionMiddleware: (inputContext: better_call728.MiddlewareInputContext<better_call728.MiddlewareOptions>) => Promise<{
   session: {
     session: Record<string, any> & {
       id: string;
@@ -86,7 +84,7 @@ declare const sessionMiddleware: (inputContext: better_call732.MiddlewareInputCo
  * This should be used for sensitive operations like password changes, account deletion, etc.
  * to ensure that revoked sessions cannot be used even if they're still cached in cookies.
  */
-declare const sensitiveSessionMiddleware: (inputContext: better_call732.MiddlewareInputContext<better_call732.MiddlewareOptions>) => Promise<{
+declare const sensitiveSessionMiddleware: (inputContext: better_call728.MiddlewareInputContext<better_call728.MiddlewareOptions>) => Promise<{
   session: {
     session: Record<string, any> & {
       id: string;
@@ -113,7 +111,7 @@ declare const sensitiveSessionMiddleware: (inputContext: better_call732.Middlewa
  * This middleware allows you to call the endpoint on the client if session is valid.
  * However, if called on the server, no session is required.
  */
-declare const requestOnlySessionMiddleware: (inputContext: better_call732.MiddlewareInputContext<better_call732.MiddlewareOptions>) => Promise<{
+declare const requestOnlySessionMiddleware: (inputContext: better_call728.MiddlewareInputContext<better_call728.MiddlewareOptions>) => Promise<{
   session: {
     session: Record<string, any> & {
       id: string;
@@ -143,7 +141,7 @@ declare const requestOnlySessionMiddleware: (inputContext: better_call732.Middle
  * Session freshness check will be skipped if the session config's freshAge
  * is set to 0
  */
-declare const freshSessionMiddleware: (inputContext: better_call732.MiddlewareInputContext<better_call732.MiddlewareOptions>) => Promise<{
+declare const freshSessionMiddleware: (inputContext: better_call728.MiddlewareInputContext<better_call728.MiddlewareOptions>) => Promise<{
   session: {
     session: Record<string, any> & {
       id: string;
@@ -169,10 +167,10 @@ declare const freshSessionMiddleware: (inputContext: better_call732.MiddlewareIn
 /**
  * user active sessions list
  */
-declare const listSessions: <Option extends BetterAuthOptions>() => better_call732.StrictEndpoint<"/list-sessions", {
+declare const listSessions: <Option extends BetterAuthOptions>() => better_call728.StrictEndpoint<"/list-sessions", {
   method: "GET";
   operationId: string;
-  use: ((inputContext: better_call732.MiddlewareInputContext<better_call732.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call728.MiddlewareInputContext<better_call728.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -217,18 +215,18 @@ declare const listSessions: <Option extends BetterAuthOptions>() => better_call7
       };
     };
   };
-} & {
-  use: any[];
-}, Prettify$1<InferSession<Option>>[]>;
+}, Prettify$1<InferSession<Option> & {
+  token: undefined;
+}>[]>;
 /**
  * revoke a single session
  */
-declare const revokeSession: better_call732.StrictEndpoint<"/revoke-session", {
+declare const revokeSession: better_call728.StrictEndpoint<"/revoke-session", {
   method: "POST";
   body: z.ZodObject<{
     token: z.ZodString;
   }, z.core.$strip>;
-  use: ((inputContext: better_call732.MiddlewareInputContext<better_call732.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call728.MiddlewareInputContext<better_call728.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -292,17 +290,15 @@ declare const revokeSession: better_call732.StrictEndpoint<"/revoke-session", {
       };
     };
   };
-} & {
-  use: any[];
 }, {
   status: boolean;
 }>;
 /**
  * revoke all user sessions
  */
-declare const revokeSessions: better_call732.StrictEndpoint<"/revoke-sessions", {
+declare const revokeSessions: better_call728.StrictEndpoint<"/revoke-sessions", {
   method: "POST";
-  use: ((inputContext: better_call732.MiddlewareInputContext<better_call732.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call728.MiddlewareInputContext<better_call728.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -350,15 +346,13 @@ declare const revokeSessions: better_call732.StrictEndpoint<"/revoke-sessions",
       };
     };
   };
-} & {
-  use: any[];
 }, {
   status: boolean;
 }>;
-declare const revokeOtherSessions: better_call732.StrictEndpoint<"/revoke-other-sessions", {
+declare const revokeOtherSessions: better_call728.StrictEndpoint<"/revoke-other-sessions", {
   method: "POST";
   requireHeaders: true;
-  use: ((inputContext: better_call732.MiddlewareInputContext<better_call732.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call728.MiddlewareInputContext<better_call728.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -405,8 +399,6 @@ declare const revokeOtherSessions: better_call732.StrictEndpoint<"/revoke-other-
       };
     };
   };
-} & {
-  use: any[];
 }, {
   status: boolean;
 }>;

package/dist/api/routes/session.mjs

@@ -311,6 +311,14 @@ const listSessions = () => createAuthEndpoint("/list-sessions", {
 	try {
 		const activeSessions = (await ctx.context.internalAdapter.listSessions(ctx.context.session.user.id)).filter((session) => {
 			return session.expiresAt > /* @__PURE__ */ new Date();
+		}).map((session) => {
+			return {
+				...session,
+				token: void 0,
+				expiresAt: session.expiresAt.toISOString(),
+				createdAt: session.createdAt.toISOString(),
+				updatedAt: session.updatedAt.toISOString()
+			};
 		});
 		return ctx.json(activeSessions);
 	} catch (e) {