better-auth 1.4.8-beta.2 → 1.4.8-beta.3

package/dist/api/index.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"index.mjs","names":["methods: string[]","conflicts: {\n\t\tpath: string;\n\t\tplugins: string[];\n\t\tconflictingMethods: string[];\n\t}[]","conflictingMethods: string[]","APIError"],"sources":["../../src/api/index.ts"],"sourcesContent":["import type {\n\tAuthContext,\n\tAwaitable,\n\tBetterAuthOptions,\n\tBetterAuthPlugin,\n} from \"@better-auth/core\";\nimport type { InternalLogger } from \"@better-auth/core/env\";\nimport { logger } from \"@better-auth/core/env\";\nimport type { Endpoint, Middleware } from \"better-call\";\nimport { APIError, createRouter } from \"better-call\";\nimport type { UnionToIntersection } from \"../types/helper\";\nimport { originCheckMiddleware } from \"./middlewares\";\nimport { onRequestRateLimit } from \"./rate-limiter\";\nimport {\n\taccountInfo,\n\tcallbackOAuth,\n\tchangeEmail,\n\tchangePassword,\n\tdeleteUser,\n\tdeleteUserCallback,\n\terror,\n\tgetAccessToken,\n\tgetSession,\n\tlinkSocialAccount,\n\tlistSessions,\n\tlistUserAccounts,\n\tok,\n\trefreshToken,\n\trequestPasswordReset,\n\trequestPasswordResetCallback,\n\tresetPassword,\n\trevokeOtherSessions,\n\trevokeSession,\n\trevokeSessions,\n\tsendVerificationEmail,\n\tsetPassword,\n\tsignInEmail,\n\tsignInSocial,\n\tsignOut,\n\tsignUpEmail,\n\tunlinkAccount,\n\tupdateUser,\n\tverifyEmail,\n} from \"./routes\";\nimport { toAuthEndpoints } from \"./to-auth-endpoints\";\n\nexport function checkEndpointConflicts(\n\toptions: BetterAuthOptions,\n\tlogger: InternalLogger,\n) {\n\tconst endpointRegistry = new Map<\n\t\tstring,\n\t\t{ pluginId: string; endpointKey: string; methods: string[] }[]\n\t>();\n\n\toptions.plugins?.forEach((plugin) => {\n\t\tif (plugin.endpoints) {\n\t\t\tfor (const [key, endpoint] of Object.entries(plugin.endpoints)) {\n\t\t\t\tif (\n\t\t\t\t\tendpoint &&\n\t\t\t\t\t\"path\" in endpoint &&\n\t\t\t\t\ttypeof endpoint.path === \"string\"\n\t\t\t\t) {\n\t\t\t\t\tconst path = endpoint.path;\n\t\t\t\t\tlet methods: string[] = [];\n\t\t\t\t\tif (endpoint.options && \"method\" in endpoint.options) {\n\t\t\t\t\t\tif (Array.isArray(endpoint.options.method)) {\n\t\t\t\t\t\t\tmethods = endpoint.options.method;\n\t\t\t\t\t\t} else if (typeof endpoint.options.method === \"string\") {\n\t\t\t\t\t\t\tmethods = [endpoint.options.method];\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (methods.length === 0) {\n\t\t\t\t\t\tmethods = [\"*\"];\n\t\t\t\t\t}\n\n\t\t\t\t\tif (!endpointRegistry.has(path)) {\n\t\t\t\t\t\tendpointRegistry.set(path, []);\n\t\t\t\t\t}\n\t\t\t\t\tendpointRegistry.get(path)!.push({\n\t\t\t\t\t\tpluginId: plugin.id,\n\t\t\t\t\t\tendpointKey: key,\n\t\t\t\t\t\tmethods,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t});\n\n\tconst conflicts: {\n\t\tpath: string;\n\t\tplugins: string[];\n\t\tconflictingMethods: string[];\n\t}[] = [];\n\tfor (const [path, entries] of endpointRegistry.entries()) {\n\t\tif (entries.length > 1) {\n\t\t\tconst methodMap = new Map<string, string[]>();\n\t\t\tlet hasConflict = false;\n\n\t\t\tfor (const entry of entries) {\n\t\t\t\tfor (const method of entry.methods) {\n\t\t\t\t\tif (!methodMap.has(method)) {\n\t\t\t\t\t\tmethodMap.set(method, []);\n\t\t\t\t\t}\n\t\t\t\t\tmethodMap.get(method)!.push(entry.pluginId);\n\n\t\t\t\t\tif (methodMap.get(method)!.length > 1) {\n\t\t\t\t\t\thasConflict = true;\n\t\t\t\t\t}\n\n\t\t\t\t\tif (method === \"*\" && entries.length > 1) {\n\t\t\t\t\t\thasConflict = true;\n\t\t\t\t\t} else if (method !== \"*\" && methodMap.has(\"*\")) {\n\t\t\t\t\t\thasConflict = true;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (hasConflict) {\n\t\t\t\tconst uniquePlugins = [...new Set(entries.map((e) => e.pluginId))];\n\t\t\t\tconst conflictingMethods: string[] = [];\n\n\t\t\t\tfor (const [method, plugins] of methodMap.entries()) {\n\t\t\t\t\tif (\n\t\t\t\t\t\tplugins.length > 1 ||\n\t\t\t\t\t\t(method === \"*\" && entries.length > 1) ||\n\t\t\t\t\t\t(method !== \"*\" && methodMap.has(\"*\"))\n\t\t\t\t\t) {\n\t\t\t\t\t\tconflictingMethods.push(method);\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tconflicts.push({\n\t\t\t\t\tpath,\n\t\t\t\t\tplugins: uniquePlugins,\n\t\t\t\t\tconflictingMethods,\n\t\t\t\t});\n\t\t\t}\n\t\t}\n\t}\n\n\tif (conflicts.length > 0) {\n\t\tconst conflictMessages = conflicts\n\t\t\t.map(\n\t\t\t\t(conflict) =>\n\t\t\t\t\t`  - \"${conflict.path}\" [${conflict.conflictingMethods.join(\", \")}] used by plugins: ${conflict.plugins.join(\", \")}`,\n\t\t\t)\n\t\t\t.join(\"\\n\");\n\t\tlogger.error(\n\t\t\t`Endpoint path conflicts detected! Multiple plugins are trying to use the same endpoint paths with conflicting HTTP methods:\n${conflictMessages}\n\nTo resolve this, you can:\n\t1. Use only one of the conflicting plugins\n\t2. Configure the plugins to use different paths (if supported)\n\t3. Ensure plugins use different HTTP methods for the same path\n`,\n\t\t);\n\t}\n}\n\nexport function getEndpoints<Option extends BetterAuthOptions>(\n\tctx: Awaitable<AuthContext>,\n\toptions: Option,\n) {\n\tconst pluginEndpoints =\n\t\toptions.plugins?.reduce<Record<string, Endpoint>>((acc, plugin) => {\n\t\t\treturn {\n\t\t\t\t...acc,\n\t\t\t\t...plugin.endpoints,\n\t\t\t};\n\t\t}, {}) ?? {};\n\n\ttype PluginEndpoint = UnionToIntersection<\n\t\tOption[\"plugins\"] extends Array<infer T>\n\t\t\t? T extends BetterAuthPlugin\n\t\t\t\t? T extends {\n\t\t\t\t\t\tendpoints: infer E;\n\t\t\t\t\t}\n\t\t\t\t\t? E\n\t\t\t\t\t: {}\n\t\t\t\t: {}\n\t\t\t: {}\n\t>;\n\n\tconst middlewares =\n\t\toptions.plugins\n\t\t\t?.map((plugin) =>\n\t\t\t\tplugin.middlewares?.map((m) => {\n\t\t\t\t\tconst middleware = (async (context: any) => {\n\t\t\t\t\t\tconst authContext = await ctx;\n\t\t\t\t\t\treturn m.middleware({\n\t\t\t\t\t\t\t...context,\n\t\t\t\t\t\t\tcontext: {\n\t\t\t\t\t\t\t\t...authContext,\n\t\t\t\t\t\t\t\t...context.context,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t});\n\t\t\t\t\t}) as Middleware;\n\t\t\t\t\tmiddleware.options = m.middleware.options;\n\t\t\t\t\treturn {\n\t\t\t\t\t\tpath: m.path,\n\t\t\t\t\t\tmiddleware,\n\t\t\t\t\t};\n\t\t\t\t}),\n\t\t\t)\n\t\t\t.filter((plugin) => plugin !== undefined)\n\t\t\t.flat() || [];\n\n\tconst baseEndpoints = {\n\t\tsignInSocial: signInSocial<Option>(),\n\t\tcallbackOAuth,\n\t\tgetSession: getSession<Option>(),\n\t\tsignOut,\n\t\tsignUpEmail: signUpEmail<Option>(),\n\t\tsignInEmail: signInEmail<Option>(),\n\t\tresetPassword,\n\t\tverifyEmail,\n\t\tsendVerificationEmail,\n\t\tchangeEmail,\n\t\tchangePassword,\n\t\tsetPassword,\n\t\tupdateUser: updateUser<Option>(),\n\t\tdeleteUser,\n\t\trequestPasswordReset,\n\t\trequestPasswordResetCallback,\n\t\tlistSessions: listSessions<Option>(),\n\t\trevokeSession,\n\t\trevokeSessions,\n\t\trevokeOtherSessions,\n\t\tlinkSocialAccount,\n\t\tlistUserAccounts,\n\t\tdeleteUserCallback,\n\t\tunlinkAccount,\n\t\trefreshToken,\n\t\tgetAccessToken,\n\t\taccountInfo,\n\t};\n\tconst endpoints = {\n\t\t...baseEndpoints,\n\t\t...pluginEndpoints,\n\t\tok,\n\t\terror,\n\t} as const;\n\tconst api = toAuthEndpoints(endpoints, ctx);\n\treturn {\n\t\tapi: api as typeof endpoints & PluginEndpoint,\n\t\tmiddlewares,\n\t};\n}\nexport const router = <Option extends BetterAuthOptions>(\n\tctx: AuthContext,\n\toptions: Option,\n) => {\n\tconst { api, middlewares } = getEndpoints(ctx, options);\n\tconst basePath = new URL(ctx.baseURL).pathname;\n\n\treturn createRouter(api, {\n\t\trouterContext: ctx,\n\t\topenapi: {\n\t\t\tdisabled: true,\n\t\t},\n\t\tbasePath,\n\t\trouterMiddleware: [\n\t\t\t{\n\t\t\t\tpath: \"/**\",\n\t\t\t\tmiddleware: originCheckMiddleware,\n\t\t\t},\n\t\t\t...middlewares,\n\t\t],\n\t\tallowedMediaTypes: [\"application/json\"],\n\t\tasync onRequest(req) {\n\t\t\t//handle disabled paths\n\t\t\tconst disabledPaths = ctx.options.disabledPaths || [];\n\t\t\tconst pathname = new URL(req.url).pathname.replace(/\\/+$/, \"\") || \"/\";\n\t\t\tconst normalizedPath =\n\t\t\t\tbasePath === \"/\"\n\t\t\t\t\t? pathname\n\t\t\t\t\t: pathname.startsWith(basePath)\n\t\t\t\t\t\t? pathname.slice(basePath.length).replace(/\\/+$/, \"\") || \"/\"\n\t\t\t\t\t\t: pathname;\n\t\t\tif (disabledPaths.includes(normalizedPath)) {\n\t\t\t\treturn new Response(\"Not Found\", { status: 404 });\n\t\t\t}\n\t\t\tfor (const plugin of ctx.options.plugins || []) {\n\t\t\t\tif (plugin.onRequest) {\n\t\t\t\t\tconst response = await plugin.onRequest(req, ctx);\n\t\t\t\t\tif (response && \"response\" in response) {\n\t\t\t\t\t\treturn response.response;\n\t\t\t\t\t}\n\t\t\t\t\tif (response && \"request\" in response) {\n\t\t\t\t\t\tconst rateLimitResponse = await onRequestRateLimit(\n\t\t\t\t\t\t\tresponse.request,\n\t\t\t\t\t\t\tctx,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tif (rateLimitResponse) {\n\t\t\t\t\t\t\treturn rateLimitResponse;\n\t\t\t\t\t\t}\n\t\t\t\t\t\treturn response.request;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn onRequestRateLimit(req, ctx);\n\t\t},\n\t\tasync onResponse(res) {\n\t\t\tfor (const plugin of ctx.options.plugins || []) {\n\t\t\t\tif (plugin.onResponse) {\n\t\t\t\t\tconst response = await plugin.onResponse(res, ctx);\n\t\t\t\t\tif (response) {\n\t\t\t\t\t\treturn response.response;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn res;\n\t\t},\n\t\tonError(e) {\n\t\t\tif (e instanceof APIError && e.status === \"FOUND\") {\n\t\t\t\treturn;\n\t\t\t}\n\t\t\tif (options.onAPIError?.throw) {\n\t\t\t\tthrow e;\n\t\t\t}\n\t\t\tif (options.onAPIError?.onError) {\n\t\t\t\toptions.onAPIError.onError(e, ctx);\n\t\t\t\treturn;\n\t\t\t}\n\n\t\t\tconst optLogLevel = options.logger?.level;\n\t\t\tconst log =\n\t\t\t\toptLogLevel === \"error\" ||\n\t\t\t\toptLogLevel === \"warn\" ||\n\t\t\t\toptLogLevel === \"debug\"\n\t\t\t\t\t? logger\n\t\t\t\t\t: undefined;\n\t\t\tif (options.logger?.disabled !== true) {\n\t\t\t\tif (\n\t\t\t\t\te &&\n\t\t\t\t\ttypeof e === \"object\" &&\n\t\t\t\t\t\"message\" in e &&\n\t\t\t\t\ttypeof e.message === \"string\"\n\t\t\t\t) {\n\t\t\t\t\tif (\n\t\t\t\t\t\te.message.includes(\"no column\") ||\n\t\t\t\t\t\te.message.includes(\"column\") ||\n\t\t\t\t\t\te.message.includes(\"relation\") ||\n\t\t\t\t\t\te.message.includes(\"table\") ||\n\t\t\t\t\t\te.message.includes(\"does not exist\")\n\t\t\t\t\t) {\n\t\t\t\t\t\tctx.logger?.error(e.message);\n\t\t\t\t\t\treturn;\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tif (e instanceof APIError) {\n\t\t\t\t\tif (e.status === \"INTERNAL_SERVER_ERROR\") {\n\t\t\t\t\t\tctx.logger.error(e.status, e);\n\t\t\t\t\t}\n\t\t\t\t\tlog?.error(e.message);\n\t\t\t\t} else {\n\t\t\t\t\tctx.logger?.error(\n\t\t\t\t\t\te && typeof e === \"object\" && \"name\" in e ? (e.name as string) : \"\",\n\t\t\t\t\t\te,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t}\n\t\t},\n\t});\n};\n\nexport {\n\ttype AuthEndpoint,\n\ttype AuthMiddleware,\n\tcreateAuthEndpoint,\n\tcreateAuthMiddleware,\n\toptionsMiddleware,\n} from \"@better-auth/core/api\";\nexport { APIError } from \"better-call\";\nexport { getIp } from \"../utils/get-request-ip\";\nexport * from \"./middlewares\";\nexport * from \"./routes\";\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AA8CA,SAAgB,uBACf,SACA,UACC;CACD,MAAM,mCAAmB,IAAI,KAG1B;AAEH,SAAQ,SAAS,SAAS,WAAW;AACpC,MAAI,OAAO,WACV;QAAK,MAAM,CAAC,KAAK,aAAa,OAAO,QAAQ,OAAO,UAAU,CAC7D,KACC,YACA,UAAU,YACV,OAAO,SAAS,SAAS,UACxB;IACD,MAAM,OAAO,SAAS;IACtB,IAAIA,UAAoB,EAAE;AAC1B,QAAI,SAAS,WAAW,YAAY,SAAS,SAC5C;SAAI,MAAM,QAAQ,SAAS,QAAQ,OAAO,CACzC,WAAU,SAAS,QAAQ;cACjB,OAAO,SAAS,QAAQ,WAAW,SAC7C,WAAU,CAAC,SAAS,QAAQ,OAAO;;AAGrC,QAAI,QAAQ,WAAW,EACtB,WAAU,CAAC,IAAI;AAGhB,QAAI,CAAC,iBAAiB,IAAI,KAAK,CAC9B,kBAAiB,IAAI,MAAM,EAAE,CAAC;AAE/B,qBAAiB,IAAI,KAAK,CAAE,KAAK;KAChC,UAAU,OAAO;KACjB,aAAa;KACb;KACA,CAAC;;;GAIJ;CAEF,MAAMC,YAIA,EAAE;AACR,MAAK,MAAM,CAAC,MAAM,YAAY,iBAAiB,SAAS,CACvD,KAAI,QAAQ,SAAS,GAAG;EACvB,MAAM,4BAAY,IAAI,KAAuB;EAC7C,IAAI,cAAc;AAElB,OAAK,MAAM,SAAS,QACnB,MAAK,MAAM,UAAU,MAAM,SAAS;AACnC,OAAI,CAAC,UAAU,IAAI,OAAO,CACzB,WAAU,IAAI,QAAQ,EAAE,CAAC;AAE1B,aAAU,IAAI,OAAO,CAAE,KAAK,MAAM,SAAS;AAE3C,OAAI,UAAU,IAAI,OAAO,CAAE,SAAS,EACnC,eAAc;AAGf,OAAI,WAAW,OAAO,QAAQ,SAAS,EACtC,eAAc;YACJ,WAAW,OAAO,UAAU,IAAI,IAAI,CAC9C,eAAc;;AAKjB,MAAI,aAAa;GAChB,MAAM,gBAAgB,CAAC,GAAG,IAAI,IAAI,QAAQ,KAAK,MAAM,EAAE,SAAS,CAAC,CAAC;GAClE,MAAMC,qBAA+B,EAAE;AAEvC,QAAK,MAAM,CAAC,QAAQ,YAAY,UAAU,SAAS,CAClD,KACC,QAAQ,SAAS,KAChB,WAAW,OAAO,QAAQ,SAAS,KACnC,WAAW,OAAO,UAAU,IAAI,IAAI,CAErC,oBAAmB,KAAK,OAAO;AAIjC,aAAU,KAAK;IACd;IACA,SAAS;IACT;IACA,CAAC;;;AAKL,KAAI,UAAU,SAAS,GAAG;EACzB,MAAM,mBAAmB,UACvB,KACC,aACA,QAAQ,SAAS,KAAK,KAAK,SAAS,mBAAmB,KAAK,KAAK,CAAC,qBAAqB,SAAS,QAAQ,KAAK,KAAK,GACnH,CACA,KAAK,KAAK;AACZ,WAAO,MACN;EACD,iBAAiB;;;;;;EAOhB;;;AAIH,SAAgB,aACf,KACA,SACC;CACD,MAAM,kBACL,QAAQ,SAAS,QAAkC,KAAK,WAAW;AAClE,SAAO;GACN,GAAG;GACH,GAAG,OAAO;GACV;IACC,EAAE,CAAC,IAAI,EAAE;CAcb,MAAM,cACL,QAAQ,SACL,KAAK,WACN,OAAO,aAAa,KAAK,MAAM;EAC9B,MAAM,cAAc,OAAO,YAAiB;GAC3C,MAAM,cAAc,MAAM;AAC1B,UAAO,EAAE,WAAW;IACnB,GAAG;IACH,SAAS;KACR,GAAG;KACH,GAAG,QAAQ;KACX;IACD,CAAC;;AAEH,aAAW,UAAU,EAAE,WAAW;AAClC,SAAO;GACN,MAAM,EAAE;GACR;GACA;GACA,CACF,CACA,QAAQ,WAAW,WAAW,OAAU,CACxC,MAAM,IAAI,EAAE;AAsCf,QAAO;EACN,KAFW,gBANM;GA5BjB,cAAc,cAAsB;GACpC;GACA,YAAY,YAAoB;GAChC;GACA,aAAa,aAAqB;GAClC,aAAa,aAAqB;GAClC;GACA;GACA;GACA;GACA;GACA;GACA,YAAY,YAAoB;GAChC;GACA;GACA;GACA,cAAc,cAAsB;GACpC;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GAIA,GAAG;GACH;GACA;GACA,EACsC,IAAI;EAG1C;EACA;;AAEF,MAAa,UACZ,KACA,YACI;CACJ,MAAM,EAAE,KAAK,gBAAgB,aAAa,KAAK,QAAQ;CACvD,MAAM,WAAW,IAAI,IAAI,IAAI,QAAQ,CAAC;AAEtC,QAAO,aAAa,KAAK;EACxB,eAAe;EACf,SAAS,EACR,UAAU,MACV;EACD;EACA,kBAAkB,CACjB;GACC,MAAM;GACN,YAAY;GACZ,EACD,GAAG,YACH;EACD,mBAAmB,CAAC,mBAAmB;EACvC,MAAM,UAAU,KAAK;GAEpB,MAAM,gBAAgB,IAAI,QAAQ,iBAAiB,EAAE;GACrD,MAAM,WAAW,IAAI,IAAI,IAAI,IAAI,CAAC,SAAS,QAAQ,QAAQ,GAAG,IAAI;GAClE,MAAM,iBACL,aAAa,MACV,WACA,SAAS,WAAW,SAAS,GAC5B,SAAS,MAAM,SAAS,OAAO,CAAC,QAAQ,QAAQ,GAAG,IAAI,MACvD;AACL,OAAI,cAAc,SAAS,eAAe,CACzC,QAAO,IAAI,SAAS,aAAa,EAAE,QAAQ,KAAK,CAAC;AAElD,QAAK,MAAM,UAAU,IAAI,QAAQ,WAAW,EAAE,CAC7C,KAAI,OAAO,WAAW;IACrB,MAAM,WAAW,MAAM,OAAO,UAAU,KAAK,IAAI;AACjD,QAAI,YAAY,cAAc,SAC7B,QAAO,SAAS;AAEjB,QAAI,YAAY,aAAa,UAAU;KACtC,MAAM,oBAAoB,MAAM,mBAC/B,SAAS,SACT,IACA;AACD,SAAI,kBACH,QAAO;AAER,YAAO,SAAS;;;AAInB,UAAO,mBAAmB,KAAK,IAAI;;EAEpC,MAAM,WAAW,KAAK;AACrB,QAAK,MAAM,UAAU,IAAI,QAAQ,WAAW,EAAE,CAC7C,KAAI,OAAO,YAAY;IACtB,MAAM,WAAW,MAAM,OAAO,WAAW,KAAK,IAAI;AAClD,QAAI,SACH,QAAO,SAAS;;AAInB,UAAO;;EAER,QAAQ,GAAG;AACV,OAAI,aAAaC,cAAY,EAAE,WAAW,QACzC;AAED,OAAI,QAAQ,YAAY,MACvB,OAAM;AAEP,OAAI,QAAQ,YAAY,SAAS;AAChC,YAAQ,WAAW,QAAQ,GAAG,IAAI;AAClC;;GAGD,MAAM,cAAc,QAAQ,QAAQ;GACpC,MAAM,MACL,gBAAgB,WAChB,gBAAgB,UAChB,gBAAgB,UACb,SACA;AACJ,OAAI,QAAQ,QAAQ,aAAa,MAAM;AACtC,QACC,KACA,OAAO,MAAM,YACb,aAAa,KACb,OAAO,EAAE,YAAY,UAErB;SACC,EAAE,QAAQ,SAAS,YAAY,IAC/B,EAAE,QAAQ,SAAS,SAAS,IAC5B,EAAE,QAAQ,SAAS,WAAW,IAC9B,EAAE,QAAQ,SAAS,QAAQ,IAC3B,EAAE,QAAQ,SAAS,iBAAiB,EACnC;AACD,UAAI,QAAQ,MAAM,EAAE,QAAQ;AAC5B;;;AAIF,QAAI,aAAaA,YAAU;AAC1B,SAAI,EAAE,WAAW,wBAChB,KAAI,OAAO,MAAM,EAAE,QAAQ,EAAE;AAE9B,UAAK,MAAM,EAAE,QAAQ;UAErB,KAAI,QAAQ,MACX,KAAK,OAAO,MAAM,YAAY,UAAU,IAAK,EAAE,OAAkB,IACjE,EACA;;;EAIJ,CAAC"}
+{"version":3,"file":"index.mjs","names":["methods: string[]","conflicts: {\n\t\tpath: string;\n\t\tplugins: string[];\n\t\tconflictingMethods: string[];\n\t}[]","conflictingMethods: string[]","APIError"],"sources":["../../src/api/index.ts"],"sourcesContent":["import type {\n\tAuthContext,\n\tAwaitable,\n\tBetterAuthOptions,\n\tBetterAuthPlugin,\n} from \"@better-auth/core\";\nimport type { InternalLogger } from \"@better-auth/core/env\";\nimport { logger } from \"@better-auth/core/env\";\nimport type { Endpoint, Middleware } from \"better-call\";\nimport { APIError, createRouter } from \"better-call\";\nimport type { UnionToIntersection } from \"../types/helper\";\nimport { originCheckMiddleware } from \"./middlewares\";\nimport { onRequestRateLimit } from \"./rate-limiter\";\nimport {\n\taccountInfo,\n\tcallbackOAuth,\n\tchangeEmail,\n\tchangePassword,\n\tdeleteUser,\n\tdeleteUserCallback,\n\terror,\n\tgetAccessToken,\n\tgetSession,\n\tlinkSocialAccount,\n\tlistSessions,\n\tlistUserAccounts,\n\tok,\n\trefreshToken,\n\trequestPasswordReset,\n\trequestPasswordResetCallback,\n\tresetPassword,\n\trevokeOtherSessions,\n\trevokeSession,\n\trevokeSessions,\n\tsendVerificationEmail,\n\tsetPassword,\n\tsignInEmail,\n\tsignInSocial,\n\tsignOut,\n\tsignUpEmail,\n\tunlinkAccount,\n\tupdateUser,\n\tverifyEmail,\n} from \"./routes\";\nimport { toAuthEndpoints } from \"./to-auth-endpoints\";\n\nexport function checkEndpointConflicts(\n\toptions: BetterAuthOptions,\n\tlogger: InternalLogger,\n) {\n\tconst endpointRegistry = new Map<\n\t\tstring,\n\t\t{ pluginId: string; endpointKey: string; methods: string[] }[]\n\t>();\n\n\toptions.plugins?.forEach((plugin) => {\n\t\tif (plugin.endpoints) {\n\t\t\tfor (const [key, endpoint] of Object.entries(plugin.endpoints)) {\n\t\t\t\tif (\n\t\t\t\t\tendpoint &&\n\t\t\t\t\t\"path\" in endpoint &&\n\t\t\t\t\ttypeof endpoint.path === \"string\"\n\t\t\t\t) {\n\t\t\t\t\tconst path = endpoint.path;\n\t\t\t\t\tlet methods: string[] = [];\n\t\t\t\t\tif (endpoint.options && \"method\" in endpoint.options) {\n\t\t\t\t\t\tif (Array.isArray(endpoint.options.method)) {\n\t\t\t\t\t\t\tmethods = endpoint.options.method;\n\t\t\t\t\t\t} else if (typeof endpoint.options.method === \"string\") {\n\t\t\t\t\t\t\tmethods = [endpoint.options.method];\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (methods.length === 0) {\n\t\t\t\t\t\tmethods = [\"*\"];\n\t\t\t\t\t}\n\n\t\t\t\t\tif (!endpointRegistry.has(path)) {\n\t\t\t\t\t\tendpointRegistry.set(path, []);\n\t\t\t\t\t}\n\t\t\t\t\tendpointRegistry.get(path)!.push({\n\t\t\t\t\t\tpluginId: plugin.id,\n\t\t\t\t\t\tendpointKey: key,\n\t\t\t\t\t\tmethods,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t});\n\n\tconst conflicts: {\n\t\tpath: string;\n\t\tplugins: string[];\n\t\tconflictingMethods: string[];\n\t}[] = [];\n\tfor (const [path, entries] of endpointRegistry.entries()) {\n\t\tif (entries.length > 1) {\n\t\t\tconst methodMap = new Map<string, string[]>();\n\t\t\tlet hasConflict = false;\n\n\t\t\tfor (const entry of entries) {\n\t\t\t\tfor (const method of entry.methods) {\n\t\t\t\t\tif (!methodMap.has(method)) {\n\t\t\t\t\t\tmethodMap.set(method, []);\n\t\t\t\t\t}\n\t\t\t\t\tmethodMap.get(method)!.push(entry.pluginId);\n\n\t\t\t\t\tif (methodMap.get(method)!.length > 1) {\n\t\t\t\t\t\thasConflict = true;\n\t\t\t\t\t}\n\n\t\t\t\t\tif (method === \"*\" && entries.length > 1) {\n\t\t\t\t\t\thasConflict = true;\n\t\t\t\t\t} else if (method !== \"*\" && methodMap.has(\"*\")) {\n\t\t\t\t\t\thasConflict = true;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (hasConflict) {\n\t\t\t\tconst uniquePlugins = [...new Set(entries.map((e) => e.pluginId))];\n\t\t\t\tconst conflictingMethods: string[] = [];\n\n\t\t\t\tfor (const [method, plugins] of methodMap.entries()) {\n\t\t\t\t\tif (\n\t\t\t\t\t\tplugins.length > 1 ||\n\t\t\t\t\t\t(method === \"*\" && entries.length > 1) ||\n\t\t\t\t\t\t(method !== \"*\" && methodMap.has(\"*\"))\n\t\t\t\t\t) {\n\t\t\t\t\t\tconflictingMethods.push(method);\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tconflicts.push({\n\t\t\t\t\tpath,\n\t\t\t\t\tplugins: uniquePlugins,\n\t\t\t\t\tconflictingMethods,\n\t\t\t\t});\n\t\t\t}\n\t\t}\n\t}\n\n\tif (conflicts.length > 0) {\n\t\tconst conflictMessages = conflicts\n\t\t\t.map(\n\t\t\t\t(conflict) =>\n\t\t\t\t\t`  - \"${conflict.path}\" [${conflict.conflictingMethods.join(\", \")}] used by plugins: ${conflict.plugins.join(\", \")}`,\n\t\t\t)\n\t\t\t.join(\"\\n\");\n\t\tlogger.error(\n\t\t\t`Endpoint path conflicts detected! Multiple plugins are trying to use the same endpoint paths with conflicting HTTP methods:\n${conflictMessages}\n\nTo resolve this, you can:\n\t1. Use only one of the conflicting plugins\n\t2. Configure the plugins to use different paths (if supported)\n\t3. Ensure plugins use different HTTP methods for the same path\n`,\n\t\t);\n\t}\n}\n\nexport function getEndpoints<Option extends BetterAuthOptions>(\n\tctx: Awaitable<AuthContext>,\n\toptions: Option,\n) {\n\tconst pluginEndpoints =\n\t\toptions.plugins?.reduce<Record<string, Endpoint>>((acc, plugin) => {\n\t\t\treturn {\n\t\t\t\t...acc,\n\t\t\t\t...plugin.endpoints,\n\t\t\t};\n\t\t}, {}) ?? {};\n\n\ttype PluginEndpoint = UnionToIntersection<\n\t\tOption[\"plugins\"] extends Array<infer T>\n\t\t\t? T extends BetterAuthPlugin\n\t\t\t\t? T extends {\n\t\t\t\t\t\tendpoints: infer E;\n\t\t\t\t\t}\n\t\t\t\t\t? E\n\t\t\t\t\t: {}\n\t\t\t\t: {}\n\t\t\t: {}\n\t>;\n\n\tconst middlewares =\n\t\toptions.plugins\n\t\t\t?.map((plugin) =>\n\t\t\t\tplugin.middlewares?.map((m) => {\n\t\t\t\t\tconst middleware = (async (context: any) => {\n\t\t\t\t\t\tconst authContext = await ctx;\n\t\t\t\t\t\treturn m.middleware({\n\t\t\t\t\t\t\t...context,\n\t\t\t\t\t\t\tcontext: {\n\t\t\t\t\t\t\t\t...authContext,\n\t\t\t\t\t\t\t\t...context.context,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t});\n\t\t\t\t\t}) as Middleware;\n\t\t\t\t\tmiddleware.options = m.middleware.options;\n\t\t\t\t\treturn {\n\t\t\t\t\t\tpath: m.path,\n\t\t\t\t\t\tmiddleware,\n\t\t\t\t\t};\n\t\t\t\t}),\n\t\t\t)\n\t\t\t.filter((plugin) => plugin !== undefined)\n\t\t\t.flat() || [];\n\n\tconst baseEndpoints = {\n\t\tsignInSocial: signInSocial<Option>(),\n\t\tcallbackOAuth,\n\t\tgetSession: getSession<Option>(),\n\t\tsignOut,\n\t\tsignUpEmail: signUpEmail<Option>(),\n\t\tsignInEmail: signInEmail<Option>(),\n\t\tresetPassword,\n\t\tverifyEmail,\n\t\tsendVerificationEmail,\n\t\tchangeEmail,\n\t\tchangePassword,\n\t\tsetPassword,\n\t\tupdateUser: updateUser<Option>(),\n\t\tdeleteUser,\n\t\trequestPasswordReset,\n\t\trequestPasswordResetCallback,\n\t\tlistSessions: listSessions<Option>(),\n\t\trevokeSession,\n\t\trevokeSessions,\n\t\trevokeOtherSessions,\n\t\tlinkSocialAccount,\n\t\tlistUserAccounts,\n\t\tdeleteUserCallback,\n\t\tunlinkAccount,\n\t\trefreshToken,\n\t\tgetAccessToken,\n\t\taccountInfo,\n\t};\n\tconst endpoints = {\n\t\t...baseEndpoints,\n\t\t...pluginEndpoints,\n\t\tok,\n\t\terror,\n\t} as const;\n\tconst api = toAuthEndpoints(endpoints, ctx);\n\treturn {\n\t\tapi: api as typeof endpoints & PluginEndpoint,\n\t\tmiddlewares,\n\t};\n}\nexport const router = <Option extends BetterAuthOptions>(\n\tctx: AuthContext,\n\toptions: Option,\n) => {\n\tconst { api, middlewares } = getEndpoints(ctx, options);\n\tconst basePath = new URL(ctx.baseURL).pathname;\n\n\treturn createRouter(api, {\n\t\trouterContext: ctx,\n\t\topenapi: {\n\t\t\tdisabled: true,\n\t\t},\n\t\tbasePath,\n\t\trouterMiddleware: [\n\t\t\t{\n\t\t\t\tpath: \"/**\",\n\t\t\t\tmiddleware: originCheckMiddleware,\n\t\t\t},\n\t\t\t...middlewares,\n\t\t],\n\t\tallowedMediaTypes: [\"application/json\"],\n\t\tasync onRequest(req) {\n\t\t\t//handle disabled paths\n\t\t\tconst disabledPaths = ctx.options.disabledPaths || [];\n\t\t\tconst pathname = new URL(req.url).pathname.replace(/\\/+$/, \"\") || \"/\";\n\n\t\t\tconst normalizedPath =\n\t\t\t\tbasePath === \"/\"\n\t\t\t\t\t? pathname\n\t\t\t\t\t: pathname.startsWith(basePath)\n\t\t\t\t\t\t? pathname.slice(basePath.length).replace(/\\/+$/, \"\") || \"/\"\n\t\t\t\t\t\t: pathname;\n\t\t\tif (disabledPaths.includes(normalizedPath)) {\n\t\t\t\treturn new Response(\"Not Found\", { status: 404 });\n\t\t\t}\n\t\t\tfor (const plugin of ctx.options.plugins || []) {\n\t\t\t\tif (plugin.onRequest) {\n\t\t\t\t\tconst response = await plugin.onRequest(req, ctx);\n\t\t\t\t\tif (response && \"response\" in response) {\n\t\t\t\t\t\treturn response.response;\n\t\t\t\t\t}\n\t\t\t\t\tif (response && \"request\" in response) {\n\t\t\t\t\t\tconst rateLimitResponse = await onRequestRateLimit(\n\t\t\t\t\t\t\tresponse.request,\n\t\t\t\t\t\t\tctx,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tif (rateLimitResponse) {\n\t\t\t\t\t\t\treturn rateLimitResponse;\n\t\t\t\t\t\t}\n\t\t\t\t\t\treturn response.request;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn onRequestRateLimit(req, ctx);\n\t\t},\n\t\tasync onResponse(res) {\n\t\t\tfor (const plugin of ctx.options.plugins || []) {\n\t\t\t\tif (plugin.onResponse) {\n\t\t\t\t\tconst response = await plugin.onResponse(res, ctx);\n\t\t\t\t\tif (response) {\n\t\t\t\t\t\treturn response.response;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn res;\n\t\t},\n\t\tonError(e) {\n\t\t\tif (e instanceof APIError && e.status === \"FOUND\") {\n\t\t\t\treturn;\n\t\t\t}\n\t\t\tif (options.onAPIError?.throw) {\n\t\t\t\tthrow e;\n\t\t\t}\n\t\t\tif (options.onAPIError?.onError) {\n\t\t\t\toptions.onAPIError.onError(e, ctx);\n\t\t\t\treturn;\n\t\t\t}\n\n\t\t\tconst optLogLevel = options.logger?.level;\n\t\t\tconst log =\n\t\t\t\toptLogLevel === \"error\" ||\n\t\t\t\toptLogLevel === \"warn\" ||\n\t\t\t\toptLogLevel === \"debug\"\n\t\t\t\t\t? logger\n\t\t\t\t\t: undefined;\n\t\t\tif (options.logger?.disabled !== true) {\n\t\t\t\tif (\n\t\t\t\t\te &&\n\t\t\t\t\ttypeof e === \"object\" &&\n\t\t\t\t\t\"message\" in e &&\n\t\t\t\t\ttypeof e.message === \"string\"\n\t\t\t\t) {\n\t\t\t\t\tif (\n\t\t\t\t\t\te.message.includes(\"no column\") ||\n\t\t\t\t\t\te.message.includes(\"column\") ||\n\t\t\t\t\t\te.message.includes(\"relation\") ||\n\t\t\t\t\t\te.message.includes(\"table\") ||\n\t\t\t\t\t\te.message.includes(\"does not exist\")\n\t\t\t\t\t) {\n\t\t\t\t\t\tctx.logger?.error(e.message);\n\t\t\t\t\t\treturn;\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tif (e instanceof APIError) {\n\t\t\t\t\tif (e.status === \"INTERNAL_SERVER_ERROR\") {\n\t\t\t\t\t\tctx.logger.error(e.status, e);\n\t\t\t\t\t}\n\t\t\t\t\tlog?.error(e.message);\n\t\t\t\t} else {\n\t\t\t\t\tctx.logger?.error(\n\t\t\t\t\t\te && typeof e === \"object\" && \"name\" in e ? (e.name as string) : \"\",\n\t\t\t\t\t\te,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t}\n\t\t},\n\t});\n};\n\nexport {\n\ttype AuthEndpoint,\n\ttype AuthMiddleware,\n\tcreateAuthEndpoint,\n\tcreateAuthMiddleware,\n\toptionsMiddleware,\n} from \"@better-auth/core/api\";\nexport { APIError } from \"better-call\";\nexport { getIp } from \"../utils/get-request-ip\";\nexport * from \"./middlewares\";\nexport * from \"./routes\";\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AA8CA,SAAgB,uBACf,SACA,UACC;CACD,MAAM,mCAAmB,IAAI,KAG1B;AAEH,SAAQ,SAAS,SAAS,WAAW;AACpC,MAAI,OAAO,WACV;QAAK,MAAM,CAAC,KAAK,aAAa,OAAO,QAAQ,OAAO,UAAU,CAC7D,KACC,YACA,UAAU,YACV,OAAO,SAAS,SAAS,UACxB;IACD,MAAM,OAAO,SAAS;IACtB,IAAIA,UAAoB,EAAE;AAC1B,QAAI,SAAS,WAAW,YAAY,SAAS,SAC5C;SAAI,MAAM,QAAQ,SAAS,QAAQ,OAAO,CACzC,WAAU,SAAS,QAAQ;cACjB,OAAO,SAAS,QAAQ,WAAW,SAC7C,WAAU,CAAC,SAAS,QAAQ,OAAO;;AAGrC,QAAI,QAAQ,WAAW,EACtB,WAAU,CAAC,IAAI;AAGhB,QAAI,CAAC,iBAAiB,IAAI,KAAK,CAC9B,kBAAiB,IAAI,MAAM,EAAE,CAAC;AAE/B,qBAAiB,IAAI,KAAK,CAAE,KAAK;KAChC,UAAU,OAAO;KACjB,aAAa;KACb;KACA,CAAC;;;GAIJ;CAEF,MAAMC,YAIA,EAAE;AACR,MAAK,MAAM,CAAC,MAAM,YAAY,iBAAiB,SAAS,CACvD,KAAI,QAAQ,SAAS,GAAG;EACvB,MAAM,4BAAY,IAAI,KAAuB;EAC7C,IAAI,cAAc;AAElB,OAAK,MAAM,SAAS,QACnB,MAAK,MAAM,UAAU,MAAM,SAAS;AACnC,OAAI,CAAC,UAAU,IAAI,OAAO,CACzB,WAAU,IAAI,QAAQ,EAAE,CAAC;AAE1B,aAAU,IAAI,OAAO,CAAE,KAAK,MAAM,SAAS;AAE3C,OAAI,UAAU,IAAI,OAAO,CAAE,SAAS,EACnC,eAAc;AAGf,OAAI,WAAW,OAAO,QAAQ,SAAS,EACtC,eAAc;YACJ,WAAW,OAAO,UAAU,IAAI,IAAI,CAC9C,eAAc;;AAKjB,MAAI,aAAa;GAChB,MAAM,gBAAgB,CAAC,GAAG,IAAI,IAAI,QAAQ,KAAK,MAAM,EAAE,SAAS,CAAC,CAAC;GAClE,MAAMC,qBAA+B,EAAE;AAEvC,QAAK,MAAM,CAAC,QAAQ,YAAY,UAAU,SAAS,CAClD,KACC,QAAQ,SAAS,KAChB,WAAW,OAAO,QAAQ,SAAS,KACnC,WAAW,OAAO,UAAU,IAAI,IAAI,CAErC,oBAAmB,KAAK,OAAO;AAIjC,aAAU,KAAK;IACd;IACA,SAAS;IACT;IACA,CAAC;;;AAKL,KAAI,UAAU,SAAS,GAAG;EACzB,MAAM,mBAAmB,UACvB,KACC,aACA,QAAQ,SAAS,KAAK,KAAK,SAAS,mBAAmB,KAAK,KAAK,CAAC,qBAAqB,SAAS,QAAQ,KAAK,KAAK,GACnH,CACA,KAAK,KAAK;AACZ,WAAO,MACN;EACD,iBAAiB;;;;;;EAOhB;;;AAIH,SAAgB,aACf,KACA,SACC;CACD,MAAM,kBACL,QAAQ,SAAS,QAAkC,KAAK,WAAW;AAClE,SAAO;GACN,GAAG;GACH,GAAG,OAAO;GACV;IACC,EAAE,CAAC,IAAI,EAAE;CAcb,MAAM,cACL,QAAQ,SACL,KAAK,WACN,OAAO,aAAa,KAAK,MAAM;EAC9B,MAAM,cAAc,OAAO,YAAiB;GAC3C,MAAM,cAAc,MAAM;AAC1B,UAAO,EAAE,WAAW;IACnB,GAAG;IACH,SAAS;KACR,GAAG;KACH,GAAG,QAAQ;KACX;IACD,CAAC;;AAEH,aAAW,UAAU,EAAE,WAAW;AAClC,SAAO;GACN,MAAM,EAAE;GACR;GACA;GACA,CACF,CACA,QAAQ,WAAW,WAAW,OAAU,CACxC,MAAM,IAAI,EAAE;AAsCf,QAAO;EACN,KAFW,gBANM;GA5BjB,cAAc,cAAsB;GACpC;GACA,YAAY,YAAoB;GAChC;GACA,aAAa,aAAqB;GAClC,aAAa,aAAqB;GAClC;GACA;GACA;GACA;GACA;GACA;GACA,YAAY,YAAoB;GAChC;GACA;GACA;GACA,cAAc,cAAsB;GACpC;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GAIA,GAAG;GACH;GACA;GACA,EACsC,IAAI;EAG1C;EACA;;AAEF,MAAa,UACZ,KACA,YACI;CACJ,MAAM,EAAE,KAAK,gBAAgB,aAAa,KAAK,QAAQ;CACvD,MAAM,WAAW,IAAI,IAAI,IAAI,QAAQ,CAAC;AAEtC,QAAO,aAAa,KAAK;EACxB,eAAe;EACf,SAAS,EACR,UAAU,MACV;EACD;EACA,kBAAkB,CACjB;GACC,MAAM;GACN,YAAY;GACZ,EACD,GAAG,YACH;EACD,mBAAmB,CAAC,mBAAmB;EACvC,MAAM,UAAU,KAAK;GAEpB,MAAM,gBAAgB,IAAI,QAAQ,iBAAiB,EAAE;GACrD,MAAM,WAAW,IAAI,IAAI,IAAI,IAAI,CAAC,SAAS,QAAQ,QAAQ,GAAG,IAAI;GAElE,MAAM,iBACL,aAAa,MACV,WACA,SAAS,WAAW,SAAS,GAC5B,SAAS,MAAM,SAAS,OAAO,CAAC,QAAQ,QAAQ,GAAG,IAAI,MACvD;AACL,OAAI,cAAc,SAAS,eAAe,CACzC,QAAO,IAAI,SAAS,aAAa,EAAE,QAAQ,KAAK,CAAC;AAElD,QAAK,MAAM,UAAU,IAAI,QAAQ,WAAW,EAAE,CAC7C,KAAI,OAAO,WAAW;IACrB,MAAM,WAAW,MAAM,OAAO,UAAU,KAAK,IAAI;AACjD,QAAI,YAAY,cAAc,SAC7B,QAAO,SAAS;AAEjB,QAAI,YAAY,aAAa,UAAU;KACtC,MAAM,oBAAoB,MAAM,mBAC/B,SAAS,SACT,IACA;AACD,SAAI,kBACH,QAAO;AAER,YAAO,SAAS;;;AAInB,UAAO,mBAAmB,KAAK,IAAI;;EAEpC,MAAM,WAAW,KAAK;AACrB,QAAK,MAAM,UAAU,IAAI,QAAQ,WAAW,EAAE,CAC7C,KAAI,OAAO,YAAY;IACtB,MAAM,WAAW,MAAM,OAAO,WAAW,KAAK,IAAI;AAClD,QAAI,SACH,QAAO,SAAS;;AAInB,UAAO;;EAER,QAAQ,GAAG;AACV,OAAI,aAAaC,cAAY,EAAE,WAAW,QACzC;AAED,OAAI,QAAQ,YAAY,MACvB,OAAM;AAEP,OAAI,QAAQ,YAAY,SAAS;AAChC,YAAQ,WAAW,QAAQ,GAAG,IAAI;AAClC;;GAGD,MAAM,cAAc,QAAQ,QAAQ;GACpC,MAAM,MACL,gBAAgB,WAChB,gBAAgB,UAChB,gBAAgB,UACb,SACA;AACJ,OAAI,QAAQ,QAAQ,aAAa,MAAM;AACtC,QACC,KACA,OAAO,MAAM,YACb,aAAa,KACb,OAAO,EAAE,YAAY,UAErB;SACC,EAAE,QAAQ,SAAS,YAAY,IAC/B,EAAE,QAAQ,SAAS,SAAS,IAC5B,EAAE,QAAQ,SAAS,WAAW,IAC9B,EAAE,QAAQ,SAAS,QAAQ,IAC3B,EAAE,QAAQ,SAAS,iBAAiB,EACnC;AACD,UAAI,QAAQ,MAAM,EAAE,QAAQ;AAC5B;;;AAIF,QAAI,aAAaA,YAAU;AAC1B,SAAI,EAAE,WAAW,wBAChB,KAAI,OAAO,MAAM,EAAE,QAAQ,EAAE;AAE9B,UAAK,MAAM,EAAE,QAAQ;UAErB,KAAI,QAAQ,MACX,KAAK,OAAO,MAAM,YAAY,UAAU,IAAK,EAAE,OAAkB,IACjE,EACA;;;EAIJ,CAAC"}

package/dist/api/middlewares/origin-check.d.mts

@@ -1,5 +1,5 @@
 import { GenericEndpointContext } from "@better-auth/core";
-import * as better_call684 from "better-call";
+import * as better_call764 from "better-call";
 
 //#region src/api/middlewares/origin-check.d.ts
 
@@ -7,8 +7,8 @@ import * as better_call684 from "better-call";
  * A middleware to validate callbackURL and origin against
  * trustedOrigins.
  */
-declare const originCheckMiddleware: (inputContext: better_call684.MiddlewareInputContext<better_call684.MiddlewareOptions>) => Promise<void>;
-declare const originCheck: (getValue: (ctx: GenericEndpointContext) => string | string[]) => (inputContext: better_call684.MiddlewareInputContext<better_call684.MiddlewareOptions>) => Promise<void>;
+declare const originCheckMiddleware: (inputContext: better_call764.MiddlewareInputContext<better_call764.MiddlewareOptions>) => Promise<void>;
+declare const originCheck: (getValue: (ctx: GenericEndpointContext) => string | string[]) => (inputContext: better_call764.MiddlewareInputContext<better_call764.MiddlewareOptions>) => Promise<void>;
 //#endregion
 export { originCheck, originCheckMiddleware };
 //# sourceMappingURL=origin-check.d.mts.map

package/dist/api/routes/account.d.mts

@@ -1,11 +1,11 @@
 import * as _better_auth_core_oauth28 from "@better-auth/core/oauth2";
 import * as z from "zod";
-import * as better_call688 from "better-call";
+import * as better_call696 from "better-call";
 
 //#region src/api/routes/account.d.ts
-declare const listUserAccounts: better_call688.StrictEndpoint<"/list-accounts", {
+declare const listUserAccounts: better_call696.StrictEndpoint<"/list-accounts", {
   method: "GET";
-  use: ((inputContext: better_call688.MiddlewareInputContext<better_call688.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call696.MiddlewareInputContext<better_call696.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -87,7 +87,7 @@ declare const listUserAccounts: better_call688.StrictEndpoint<"/list-accounts",
   userId: string;
   scopes: string[];
 }[]>;
-declare const linkSocialAccount: better_call688.StrictEndpoint<"/link-social", {
+declare const linkSocialAccount: better_call696.StrictEndpoint<"/link-social", {
   method: "POST";
   requireHeaders: true;
   body: z.ZodObject<{
@@ -106,7 +106,7 @@ declare const linkSocialAccount: better_call688.StrictEndpoint<"/link-social", {
     disableRedirect: z.ZodOptional<z.ZodBoolean>;
     additionalData: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
   }, z.core.$strip>;
-  use: ((inputContext: better_call688.MiddlewareInputContext<better_call688.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call696.MiddlewareInputContext<better_call696.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -165,13 +165,13 @@ declare const linkSocialAccount: better_call688.StrictEndpoint<"/link-social", {
   url: string;
   redirect: boolean;
 }>;
-declare const unlinkAccount: better_call688.StrictEndpoint<"/unlink-account", {
+declare const unlinkAccount: better_call696.StrictEndpoint<"/unlink-account", {
   method: "POST";
   body: z.ZodObject<{
     providerId: z.ZodString;
     accountId: z.ZodOptional<z.ZodString>;
   }, z.core.$strip>;
-  use: ((inputContext: better_call688.MiddlewareInputContext<better_call688.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call696.MiddlewareInputContext<better_call696.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -219,7 +219,7 @@ declare const unlinkAccount: better_call688.StrictEndpoint<"/unlink-account", {
 }, {
   status: boolean;
 }>;
-declare const getAccessToken: better_call688.StrictEndpoint<"/get-access-token", {
+declare const getAccessToken: better_call696.StrictEndpoint<"/get-access-token", {
   method: "POST";
   body: z.ZodObject<{
     providerId: z.ZodString;
@@ -274,7 +274,7 @@ declare const getAccessToken: better_call688.StrictEndpoint<"/get-access-token",
   scopes: string[];
   idToken: string | undefined;
 }>;
-declare const refreshToken: better_call688.StrictEndpoint<"/refresh-token", {
+declare const refreshToken: better_call696.StrictEndpoint<"/refresh-token", {
   method: "POST";
   body: z.ZodObject<{
     providerId: z.ZodString;
@@ -333,9 +333,9 @@ declare const refreshToken: better_call688.StrictEndpoint<"/refresh-token", {
   providerId: string;
   accountId: string;
 }>;
-declare const accountInfo: better_call688.StrictEndpoint<"/account-info", {
+declare const accountInfo: better_call696.StrictEndpoint<"/account-info", {
   method: "GET";
-  use: ((inputContext: better_call688.MiddlewareInputContext<better_call688.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call696.MiddlewareInputContext<better_call696.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;

package/dist/api/routes/callback.d.mts

@@ -1,8 +1,8 @@
 import * as z from "zod";
-import * as better_call721 from "better-call";
+import * as better_call754 from "better-call";
 
 //#region src/api/routes/callback.d.ts
-declare const callbackOAuth: better_call721.StrictEndpoint<"/callback/:id", {
+declare const callbackOAuth: better_call754.StrictEndpoint<"/callback/:id", {
   method: ("GET" | "POST")[];
   operationId: string;
   body: z.ZodOptional<z.ZodObject<{

package/dist/api/routes/email-verification.d.mts

@@ -2,7 +2,7 @@ import { User } from "../../types/models.mjs";
 import "../../types/index.mjs";
 import { GenericEndpointContext } from "@better-auth/core";
 import * as z from "zod";
-import * as better_call750 from "better-call";
+import * as better_call710 from "better-call";
 
 //#region src/api/routes/email-verification.d.ts
 declare function createEmailVerificationToken(secret: string, email: string,
@@ -22,7 +22,7 @@ extraPayload?: Record<string, any>): Promise<string>;
  * A function to send a verification email to the user
  */
 declare function sendVerificationEmailFn(ctx: GenericEndpointContext, user: User): Promise<void>;
-declare const sendVerificationEmail: better_call750.StrictEndpoint<"/send-verification-email", {
+declare const sendVerificationEmail: better_call710.StrictEndpoint<"/send-verification-email", {
   method: "POST";
   operationId: string;
   body: z.ZodObject<{
@@ -97,14 +97,14 @@ declare const sendVerificationEmail: better_call750.StrictEndpoint<"/send-verifi
 }, {
   status: boolean;
 }>;
-declare const verifyEmail: better_call750.StrictEndpoint<"/verify-email", {
+declare const verifyEmail: better_call710.StrictEndpoint<"/verify-email", {
   method: "GET";
   operationId: string;
   query: z.ZodObject<{
     token: z.ZodString;
     callbackURL: z.ZodOptional<z.ZodString>;
   }, z.core.$strip>;
-  use: ((inputContext: better_call750.MiddlewareInputContext<better_call750.MiddlewareOptions>) => Promise<void>)[];
+  use: ((inputContext: better_call710.MiddlewareInputContext<better_call710.MiddlewareOptions>) => Promise<void>)[];
   metadata: {
     openapi: {
       description: string;

package/dist/api/routes/error.d.mts

@@ -1,7 +1,7 @@
-import * as better_call683 from "better-call";
+import * as better_call695 from "better-call";
 
 //#region src/api/routes/error.d.ts
-declare const error: better_call683.StrictEndpoint<"/error", {
+declare const error: better_call695.StrictEndpoint<"/error", {
   method: "GET";
   metadata: {
     openapi: {

package/dist/api/routes/ok.d.mts

@@ -1,7 +1,7 @@
-import * as better_call720 from "better-call";
+import * as better_call753 from "better-call";
 
 //#region src/api/routes/ok.d.ts
-declare const ok: better_call720.StrictEndpoint<"/ok", {
+declare const ok: better_call753.StrictEndpoint<"/ok", {
   method: "GET";
   metadata: {
     openapi: {

package/dist/api/routes/reset-password.d.mts

@@ -1,8 +1,8 @@
 import * as z from "zod";
-import * as better_call722 from "better-call";
+import * as better_call755 from "better-call";
 
 //#region src/api/routes/reset-password.d.ts
-declare const requestPasswordReset: better_call722.StrictEndpoint<"/request-password-reset", {
+declare const requestPasswordReset: better_call755.StrictEndpoint<"/request-password-reset", {
   method: "POST";
   body: z.ZodObject<{
     email: z.ZodEmail;
@@ -38,13 +38,13 @@ declare const requestPasswordReset: better_call722.StrictEndpoint<"/request-pass
   status: boolean;
   message: string;
 }>;
-declare const requestPasswordResetCallback: better_call722.StrictEndpoint<"/reset-password/:token", {
+declare const requestPasswordResetCallback: better_call755.StrictEndpoint<"/reset-password/:token", {
   method: "GET";
   operationId: string;
   query: z.ZodObject<{
     callbackURL: z.ZodString;
   }, z.core.$strip>;
-  use: ((inputContext: better_call722.MiddlewareInputContext<better_call722.MiddlewareOptions>) => Promise<void>)[];
+  use: ((inputContext: better_call755.MiddlewareInputContext<better_call755.MiddlewareOptions>) => Promise<void>)[];
   metadata: {
     openapi: {
       operationId: string;
@@ -86,7 +86,7 @@ declare const requestPasswordResetCallback: better_call722.StrictEndpoint<"/rese
     };
   };
 }, never>;
-declare const resetPassword: better_call722.StrictEndpoint<"/reset-password", {
+declare const resetPassword: better_call755.StrictEndpoint<"/reset-password", {
   method: "POST";
   operationId: string;
   query: z.ZodOptional<z.ZodObject<{

package/dist/api/routes/session.d.mts

@@ -3,10 +3,10 @@ import { InferSession, InferUser, Session, User } from "../../types/models.mjs";
 import "../../types/index.mjs";
 import { BetterAuthOptions, GenericEndpointContext } from "@better-auth/core";
 import * as z from "zod";
-import * as better_call727 from "better-call";
+import * as better_call714 from "better-call";
 
 //#region src/api/routes/session.d.ts
-declare const getSession: <Option extends BetterAuthOptions>() => better_call727.StrictEndpoint<"/get-session", {
+declare const getSession: <Option extends BetterAuthOptions>() => better_call714.StrictEndpoint<"/get-session", {
   method: "GET";
   operationId: string;
   query: z.ZodOptional<z.ZodObject<{
@@ -56,7 +56,7 @@ declare const getSessionFromCtx: <U extends Record<string, any> = Record<string,
 /**
  * The middleware forces the endpoint to require a valid session.
  */
-declare const sessionMiddleware: (inputContext: better_call727.MiddlewareInputContext<better_call727.MiddlewareOptions>) => Promise<{
+declare const sessionMiddleware: (inputContext: better_call714.MiddlewareInputContext<better_call714.MiddlewareOptions>) => Promise<{
   session: {
     session: Record<string, any> & {
       id: string;
@@ -84,7 +84,7 @@ declare const sessionMiddleware: (inputContext: better_call727.MiddlewareInputCo
  * This should be used for sensitive operations like password changes, account deletion, etc.
  * to ensure that revoked sessions cannot be used even if they're still cached in cookies.
  */
-declare const sensitiveSessionMiddleware: (inputContext: better_call727.MiddlewareInputContext<better_call727.MiddlewareOptions>) => Promise<{
+declare const sensitiveSessionMiddleware: (inputContext: better_call714.MiddlewareInputContext<better_call714.MiddlewareOptions>) => Promise<{
   session: {
     session: Record<string, any> & {
       id: string;
@@ -111,7 +111,7 @@ declare const sensitiveSessionMiddleware: (inputContext: better_call727.Middlewa
  * This middleware allows you to call the endpoint on the client if session is valid.
  * However, if called on the server, no session is required.
  */
-declare const requestOnlySessionMiddleware: (inputContext: better_call727.MiddlewareInputContext<better_call727.MiddlewareOptions>) => Promise<{
+declare const requestOnlySessionMiddleware: (inputContext: better_call714.MiddlewareInputContext<better_call714.MiddlewareOptions>) => Promise<{
   session: {
     session: Record<string, any> & {
       id: string;
@@ -141,7 +141,7 @@ declare const requestOnlySessionMiddleware: (inputContext: better_call727.Middle
  * Session freshness check will be skipped if the session config's freshAge
  * is set to 0
  */
-declare const freshSessionMiddleware: (inputContext: better_call727.MiddlewareInputContext<better_call727.MiddlewareOptions>) => Promise<{
+declare const freshSessionMiddleware: (inputContext: better_call714.MiddlewareInputContext<better_call714.MiddlewareOptions>) => Promise<{
   session: {
     session: Record<string, any> & {
       id: string;
@@ -167,10 +167,10 @@ declare const freshSessionMiddleware: (inputContext: better_call727.MiddlewareIn
 /**
  * user active sessions list
  */
-declare const listSessions: <Option extends BetterAuthOptions>() => better_call727.StrictEndpoint<"/list-sessions", {
+declare const listSessions: <Option extends BetterAuthOptions>() => better_call714.StrictEndpoint<"/list-sessions", {
   method: "GET";
   operationId: string;
-  use: ((inputContext: better_call727.MiddlewareInputContext<better_call727.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call714.MiddlewareInputContext<better_call714.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -219,12 +219,12 @@ declare const listSessions: <Option extends BetterAuthOptions>() => better_call7
 /**
  * revoke a single session
  */
-declare const revokeSession: better_call727.StrictEndpoint<"/revoke-session", {
+declare const revokeSession: better_call714.StrictEndpoint<"/revoke-session", {
   method: "POST";
   body: z.ZodObject<{
     token: z.ZodString;
   }, z.core.$strip>;
-  use: ((inputContext: better_call727.MiddlewareInputContext<better_call727.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call714.MiddlewareInputContext<better_call714.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -294,9 +294,9 @@ declare const revokeSession: better_call727.StrictEndpoint<"/revoke-session", {
 /**
  * revoke all user sessions
  */
-declare const revokeSessions: better_call727.StrictEndpoint<"/revoke-sessions", {
+declare const revokeSessions: better_call714.StrictEndpoint<"/revoke-sessions", {
   method: "POST";
-  use: ((inputContext: better_call727.MiddlewareInputContext<better_call727.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call714.MiddlewareInputContext<better_call714.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -347,10 +347,10 @@ declare const revokeSessions: better_call727.StrictEndpoint<"/revoke-sessions",
 }, {
   status: boolean;
 }>;
-declare const revokeOtherSessions: better_call727.StrictEndpoint<"/revoke-other-sessions", {
+declare const revokeOtherSessions: better_call714.StrictEndpoint<"/revoke-other-sessions", {
   method: "POST";
   requireHeaders: true;
-  use: ((inputContext: better_call727.MiddlewareInputContext<better_call727.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call714.MiddlewareInputContext<better_call714.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;

package/dist/api/routes/sign-in.d.mts

@@ -2,7 +2,7 @@ import { InferUser } from "../../types/models.mjs";
 import "../../types/index.mjs";
 import { BetterAuthOptions } from "@better-auth/core";
 import * as z from "zod";
-import * as better_call748 from "better-call";
+import * as better_call760 from "better-call";
 
 //#region src/api/routes/sign-in.d.ts
 declare const socialSignInBodySchema: z.ZodObject<{
@@ -23,7 +23,7 @@ declare const socialSignInBodySchema: z.ZodObject<{
   loginHint: z.ZodOptional<z.ZodString>;
   additionalData: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
 }, z.core.$strip>;
-declare const signInSocial: <O extends BetterAuthOptions>() => better_call748.StrictEndpoint<"/sign-in/social", {
+declare const signInSocial: <O extends BetterAuthOptions>() => better_call760.StrictEndpoint<"/sign-in/social", {
   method: "POST";
   operationId: string;
   body: z.ZodObject<{
@@ -98,7 +98,7 @@ declare const signInSocial: <O extends BetterAuthOptions>() => better_call748.St
   url: undefined;
   user: InferUser<O>;
 }>;
-declare const signInEmail: <O extends BetterAuthOptions>() => better_call748.StrictEndpoint<"/sign-in/email", {
+declare const signInEmail: <O extends BetterAuthOptions>() => better_call760.StrictEndpoint<"/sign-in/email", {
   method: "POST";
   operationId: string;
   body: z.ZodObject<{

package/dist/api/routes/sign-out.d.mts

@@ -1,7 +1,7 @@
-import * as better_call754 from "better-call";
+import * as better_call763 from "better-call";
 
 //#region src/api/routes/sign-out.d.ts
-declare const signOut: better_call754.StrictEndpoint<"/sign-out", {
+declare const signOut: better_call763.StrictEndpoint<"/sign-out", {
   method: "POST";
   operationId: string;
   requireHeaders: true;

package/dist/api/routes/sign-up.d.mts

@@ -2,10 +2,10 @@ import { AdditionalUserFieldsInput, InferUser } from "../../types/models.mjs";
 import "../../types/index.mjs";
 import { BetterAuthOptions } from "@better-auth/core";
 import * as z from "zod";
-import * as better_call755 from "better-call";
+import * as better_call762 from "better-call";
 
 //#region src/api/routes/sign-up.d.ts
-declare const signUpEmail: <O extends BetterAuthOptions>() => better_call755.StrictEndpoint<"/sign-up/email", {
+declare const signUpEmail: <O extends BetterAuthOptions>() => better_call762.StrictEndpoint<"/sign-up/email", {
   method: "POST";
   operationId: string;
   body: z.ZodIntersection<z.ZodObject<{

package/dist/api/routes/update-user.d.mts

@@ -2,14 +2,14 @@ import { AdditionalUserFieldsInput } from "../../types/models.mjs";
 import "../../types/index.mjs";
 import { BetterAuthOptions } from "@better-auth/core";
 import * as z from "zod";
-import * as better_call702 from "better-call";
+import * as better_call735 from "better-call";
 
 //#region src/api/routes/update-user.d.ts
-declare const updateUser: <O extends BetterAuthOptions>() => better_call702.StrictEndpoint<"/update-user", {
+declare const updateUser: <O extends BetterAuthOptions>() => better_call735.StrictEndpoint<"/update-user", {
   method: "POST";
   operationId: string;
   body: z.ZodRecord<z.ZodString, z.ZodAny>;
-  use: ((inputContext: better_call702.MiddlewareInputContext<better_call702.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call735.MiddlewareInputContext<better_call735.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -85,7 +85,7 @@ declare const updateUser: <O extends BetterAuthOptions>() => better_call702.Stri
 }, {
   status: boolean;
 }>;
-declare const changePassword: better_call702.StrictEndpoint<"/change-password", {
+declare const changePassword: better_call735.StrictEndpoint<"/change-password", {
   method: "POST";
   operationId: string;
   body: z.ZodObject<{
@@ -93,7 +93,7 @@ declare const changePassword: better_call702.StrictEndpoint<"/change-password",
     currentPassword: z.ZodString;
     revokeOtherSessions: z.ZodOptional<z.ZodBoolean>;
   }, z.core.$strip>;
-  use: ((inputContext: better_call702.MiddlewareInputContext<better_call702.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call735.MiddlewareInputContext<better_call735.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -193,12 +193,12 @@ declare const changePassword: better_call702.StrictEndpoint<"/change-password",
     updatedAt: Date;
   };
 }>;
-declare const setPassword: better_call702.StrictEndpoint<string, {
+declare const setPassword: better_call735.StrictEndpoint<string, {
   method: "POST";
   body: z.ZodObject<{
     newPassword: z.ZodString;
   }, z.core.$strip>;
-  use: ((inputContext: better_call702.MiddlewareInputContext<better_call702.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call735.MiddlewareInputContext<better_call735.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -224,9 +224,9 @@ declare const setPassword: better_call702.StrictEndpoint<string, {
 }, {
   status: boolean;
 }>;
-declare const deleteUser: better_call702.StrictEndpoint<"/delete-user", {
+declare const deleteUser: better_call735.StrictEndpoint<"/delete-user", {
   method: "POST";
-  use: ((inputContext: better_call702.MiddlewareInputContext<better_call702.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call735.MiddlewareInputContext<better_call735.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;
@@ -311,13 +311,13 @@ declare const deleteUser: better_call702.StrictEndpoint<"/delete-user", {
   success: boolean;
   message: string;
 }>;
-declare const deleteUserCallback: better_call702.StrictEndpoint<"/delete-user/callback", {
+declare const deleteUserCallback: better_call735.StrictEndpoint<"/delete-user/callback", {
   method: "GET";
   query: z.ZodObject<{
     token: z.ZodString;
     callbackURL: z.ZodOptional<z.ZodString>;
   }, z.core.$strip>;
-  use: ((inputContext: better_call702.MiddlewareInputContext<better_call702.MiddlewareOptions>) => Promise<void>)[];
+  use: ((inputContext: better_call735.MiddlewareInputContext<better_call735.MiddlewareOptions>) => Promise<void>)[];
   metadata: {
     openapi: {
       description: string;
@@ -351,13 +351,13 @@ declare const deleteUserCallback: better_call702.StrictEndpoint<"/delete-user/ca
   success: boolean;
   message: string;
 }>;
-declare const changeEmail: better_call702.StrictEndpoint<"/change-email", {
+declare const changeEmail: better_call735.StrictEndpoint<"/change-email", {
   method: "POST";
   body: z.ZodObject<{
     newEmail: z.ZodEmail;
     callbackURL: z.ZodOptional<z.ZodString>;
   }, z.core.$strip>;
-  use: ((inputContext: better_call702.MiddlewareInputContext<better_call702.MiddlewareOptions>) => Promise<{
+  use: ((inputContext: better_call735.MiddlewareInputContext<better_call735.MiddlewareOptions>) => Promise<{
     session: {
       session: Record<string, any> & {
         id: string;

package/dist/auth/base.mjs

@@ -1,5 +1,6 @@
 import { getEndpoints, router } from "../api/index.mjs";
 import { getBaseURL, getOrigin } from "../utils/url.mjs";
+import { getTrustedOrigins } from "../context/helpers.mjs";
 import { runWithAdapter } from "@better-auth/core/context";
 import { BASE_ERROR_CODES, BetterAuthError } from "@better-auth/core/error";
 
@@ -16,6 +17,7 @@ const createBetterAuth = (options, initFn) => {
 				if (baseURL) {
 					ctx.baseURL = baseURL;
 					ctx.options.baseURL = getOrigin(ctx.baseURL) || void 0;
+					ctx.trustedOrigins = getTrustedOrigins(ctx.options);
 				} else throw new BetterAuthError("Could not get base URL from request. Please provide a valid base URL.");
 			}
 			if (typeof options.trustedOrigins === "function") ctx.trustedOrigins = [...ctx.trustedOrigins, ...await options.trustedOrigins(request)];

package/dist/auth/base.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"base.mjs","names":[],"sources":["../../src/auth/base.ts"],"sourcesContent":["import type { AuthContext, BetterAuthOptions } from \"@better-auth/core\";\nimport { runWithAdapter } from \"@better-auth/core/context\";\nimport { BASE_ERROR_CODES, BetterAuthError } from \"@better-auth/core/error\";\nimport { getEndpoints, router } from \"../api\";\nimport type { Auth } from \"../types\";\nimport { getBaseURL, getOrigin } from \"../utils/url\";\n\nexport const createBetterAuth = <Options extends BetterAuthOptions>(\n\toptions: Options &\n\t\t// fixme(alex): do we need Record<never, never> here?\n\t\tRecord<never, never>,\n\tinitFn: (options: Options) => Promise<AuthContext>,\n): Auth<Options> => {\n\tconst authContext = initFn(options);\n\tconst { api } = getEndpoints(authContext, options);\n\tconst errorCodes = options.plugins?.reduce((acc, plugin) => {\n\t\tif (plugin.$ERROR_CODES) {\n\t\t\treturn {\n\t\t\t\t...acc,\n\t\t\t\t...plugin.$ERROR_CODES,\n\t\t\t};\n\t\t}\n\t\treturn acc;\n\t}, {});\n\treturn {\n\t\thandler: async (request: Request) => {\n\t\t\tconst ctx = await authContext;\n\t\t\tconst basePath = ctx.options.basePath || \"/api/auth\";\n\t\t\tif (!ctx.options.baseURL) {\n\t\t\t\tconst baseURL = getBaseURL(\n\t\t\t\t\tundefined,\n\t\t\t\t\tbasePath,\n\t\t\t\t\trequest,\n\t\t\t\t\tundefined,\n\t\t\t\t\tctx.options.advanced?.trustedProxyHeaders,\n\t\t\t\t);\n\t\t\t\tif (baseURL) {\n\t\t\t\t\tctx.baseURL = baseURL;\n\t\t\t\t\tctx.options.baseURL = getOrigin(ctx.baseURL) || undefined;\n\t\t\t\t} else {\n\t\t\t\t\tthrow new BetterAuthError(\n\t\t\t\t\t\t\"Could not get base URL from request. Please provide a valid base URL.\",\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (typeof options.trustedOrigins === \"function\") {\n\t\t\t\tctx.trustedOrigins = [\n\t\t\t\t\t...ctx.trustedOrigins,\n\t\t\t\t\t...(await options.trustedOrigins(request)),\n\t\t\t\t];\n\t\t\t}\n\t\t\tconst { handler } = router(ctx, options);\n\t\t\treturn runWithAdapter(ctx.adapter, () => handler(request));\n\t\t},\n\t\tapi,\n\t\toptions: options,\n\t\t$context: authContext,\n\t\t$ERROR_CODES: {\n\t\t\t...errorCodes,\n\t\t\t...BASE_ERROR_CODES,\n\t\t},\n\t} as any;\n};\n"],"mappings":";;;;;;AAOA,MAAa,oBACZ,SAGA,WACmB;CACnB,MAAM,cAAc,OAAO,QAAQ;CACnC,MAAM,EAAE,QAAQ,aAAa,aAAa,QAAQ;AAUlD,QAAO;EACN,SAAS,OAAO,YAAqB;GACpC,MAAM,MAAM,MAAM;GAClB,MAAM,WAAW,IAAI,QAAQ,YAAY;AACzC,OAAI,CAAC,IAAI,QAAQ,SAAS;IACzB,MAAM,UAAU,WACf,QACA,UACA,SACA,QACA,IAAI,QAAQ,UAAU,oBACtB;AACD,QAAI,SAAS;AACZ,SAAI,UAAU;AACd,SAAI,QAAQ,UAAU,UAAU,IAAI,QAAQ,IAAI;UAEhD,OAAM,IAAI,gBACT,wEACA;;AAIH,OAAI,OAAO,QAAQ,mBAAmB,WACrC,KAAI,iBAAiB,CACpB,GAAG,IAAI,gBACP,GAAI,MAAM,QAAQ,eAAe,QAAQ,CACzC;GAEF,MAAM,EAAE,YAAY,OAAO,KAAK,QAAQ;AACxC,UAAO,eAAe,IAAI,eAAe,QAAQ,QAAQ,CAAC;;EAE3D;EACS;EACT,UAAU;EACV,cAAc;GACb,GA5CiB,QAAQ,SAAS,QAAQ,KAAK,WAAW;AAC3D,QAAI,OAAO,aACV,QAAO;KACN,GAAG;KACH,GAAG,OAAO;KACV;AAEF,WAAO;MACL,EAAE,CAAC;GAqCJ,GAAG;GACH;EACD"}
+{"version":3,"file":"base.mjs","names":[],"sources":["../../src/auth/base.ts"],"sourcesContent":["import type { AuthContext, BetterAuthOptions } from \"@better-auth/core\";\nimport { runWithAdapter } from \"@better-auth/core/context\";\nimport { BASE_ERROR_CODES, BetterAuthError } from \"@better-auth/core/error\";\nimport { getEndpoints, router } from \"../api\";\nimport { getTrustedOrigins } from \"../context/helpers\";\nimport type { Auth } from \"../types\";\nimport { getBaseURL, getOrigin } from \"../utils/url\";\n\nexport const createBetterAuth = <Options extends BetterAuthOptions>(\n\toptions: Options &\n\t\t// fixme(alex): do we need Record<never, never> here?\n\t\tRecord<never, never>,\n\tinitFn: (options: Options) => Promise<AuthContext>,\n): Auth<Options> => {\n\tconst authContext = initFn(options);\n\tconst { api } = getEndpoints(authContext, options);\n\tconst errorCodes = options.plugins?.reduce((acc, plugin) => {\n\t\tif (plugin.$ERROR_CODES) {\n\t\t\treturn {\n\t\t\t\t...acc,\n\t\t\t\t...plugin.$ERROR_CODES,\n\t\t\t};\n\t\t}\n\t\treturn acc;\n\t}, {});\n\treturn {\n\t\thandler: async (request: Request) => {\n\t\t\tconst ctx = await authContext;\n\t\t\tconst basePath = ctx.options.basePath || \"/api/auth\";\n\t\t\tif (!ctx.options.baseURL) {\n\t\t\t\tconst baseURL = getBaseURL(\n\t\t\t\t\tundefined,\n\t\t\t\t\tbasePath,\n\t\t\t\t\trequest,\n\t\t\t\t\tundefined,\n\t\t\t\t\tctx.options.advanced?.trustedProxyHeaders,\n\t\t\t\t);\n\t\t\t\tif (baseURL) {\n\t\t\t\t\tctx.baseURL = baseURL;\n\t\t\t\t\tctx.options.baseURL = getOrigin(ctx.baseURL) || undefined;\n\t\t\t\t\tctx.trustedOrigins = getTrustedOrigins(ctx.options);\n\t\t\t\t} else {\n\t\t\t\t\tthrow new BetterAuthError(\n\t\t\t\t\t\t\"Could not get base URL from request. Please provide a valid base URL.\",\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t}\n\t\t\tif (typeof options.trustedOrigins === \"function\") {\n\t\t\t\tctx.trustedOrigins = [\n\t\t\t\t\t...ctx.trustedOrigins,\n\t\t\t\t\t...(await options.trustedOrigins(request)),\n\t\t\t\t];\n\t\t\t}\n\t\t\tconst { handler } = router(ctx, options);\n\t\t\treturn runWithAdapter(ctx.adapter, () => handler(request));\n\t\t},\n\t\tapi,\n\t\toptions: options,\n\t\t$context: authContext,\n\t\t$ERROR_CODES: {\n\t\t\t...errorCodes,\n\t\t\t...BASE_ERROR_CODES,\n\t\t},\n\t} as any;\n};\n"],"mappings":";;;;;;;AAQA,MAAa,oBACZ,SAGA,WACmB;CACnB,MAAM,cAAc,OAAO,QAAQ;CACnC,MAAM,EAAE,QAAQ,aAAa,aAAa,QAAQ;AAUlD,QAAO;EACN,SAAS,OAAO,YAAqB;GACpC,MAAM,MAAM,MAAM;GAClB,MAAM,WAAW,IAAI,QAAQ,YAAY;AACzC,OAAI,CAAC,IAAI,QAAQ,SAAS;IACzB,MAAM,UAAU,WACf,QACA,UACA,SACA,QACA,IAAI,QAAQ,UAAU,oBACtB;AACD,QAAI,SAAS;AACZ,SAAI,UAAU;AACd,SAAI,QAAQ,UAAU,UAAU,IAAI,QAAQ,IAAI;AAChD,SAAI,iBAAiB,kBAAkB,IAAI,QAAQ;UAEnD,OAAM,IAAI,gBACT,wEACA;;AAGH,OAAI,OAAO,QAAQ,mBAAmB,WACrC,KAAI,iBAAiB,CACpB,GAAG,IAAI,gBACP,GAAI,MAAM,QAAQ,eAAe,QAAQ,CACzC;GAEF,MAAM,EAAE,YAAY,OAAO,KAAK,QAAQ;AACxC,UAAO,eAAe,IAAI,eAAe,QAAQ,QAAQ,CAAC;;EAE3D;EACS;EACT,UAAU;EACV,cAAc;GACb,GA5CiB,QAAQ,SAAS,QAAQ,KAAK,WAAW;AAC3D,QAAI,OAAO,aACV,QAAO;KACN,GAAG;KACH,GAAG,OAAO;KACV;AAEF,WAAO;MACL,EAAE,CAAC;GAqCJ,GAAG;GACH;EACD"}