better-auth 1.4.9 → 1.5.0-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api/index.d.mts +396 -395
- package/dist/api/index.mjs +6 -4
- package/dist/api/index.mjs.map +1 -1
- package/dist/api/middlewares/origin-check.d.mts +3 -3
- package/dist/api/middlewares/origin-check.mjs +14 -4
- package/dist/api/middlewares/origin-check.mjs.map +1 -1
- package/dist/api/routes/account.d.mts +11 -11
- package/dist/api/routes/account.mjs +59 -30
- package/dist/api/routes/account.mjs.map +1 -1
- package/dist/api/routes/callback.d.mts +2 -2
- package/dist/api/routes/email-verification.d.mts +4 -4
- package/dist/api/routes/email-verification.mjs +14 -14
- package/dist/api/routes/email-verification.mjs.map +1 -1
- package/dist/api/routes/error.d.mts +2 -2
- package/dist/api/routes/ok.d.mts +2 -2
- package/dist/api/routes/reset-password.d.mts +5 -5
- package/dist/api/routes/reset-password.mjs +9 -7
- package/dist/api/routes/reset-password.mjs.map +1 -1
- package/dist/api/routes/session.d.mts +14 -14
- package/dist/api/routes/session.mjs +31 -11
- package/dist/api/routes/session.mjs.map +1 -1
- package/dist/api/routes/sign-in.d.mts +3 -3
- package/dist/api/routes/sign-in.mjs +22 -17
- package/dist/api/routes/sign-in.mjs.map +1 -1
- package/dist/api/routes/sign-out.d.mts +2 -2
- package/dist/api/routes/sign-up.d.mts +2 -2
- package/dist/api/routes/sign-up.mjs +15 -12
- package/dist/api/routes/sign-up.mjs.map +1 -1
- package/dist/api/routes/update-user.d.mts +13 -13
- package/dist/api/routes/update-user.mjs +29 -24
- package/dist/api/routes/update-user.mjs.map +1 -1
- package/dist/api/to-auth-endpoints.mjs +7 -6
- package/dist/api/to-auth-endpoints.mjs.map +1 -1
- package/dist/client/lynx/index.d.mts +15 -15
- package/dist/client/plugins/index.d.mts +12 -2
- package/dist/client/plugins/index.mjs +11 -1
- package/dist/client/react/index.d.mts +13 -13
- package/dist/client/solid/index.d.mts +13 -13
- package/dist/client/svelte/index.d.mts +15 -15
- package/dist/client/types.d.mts +4 -1
- package/dist/client/vue/index.d.mts +13 -13
- package/dist/context/create-context.mjs +2 -2
- package/dist/context/create-context.mjs.map +1 -1
- package/dist/context/helpers.mjs +2 -2
- package/dist/context/helpers.mjs.map +1 -1
- package/dist/db/field.d.mts +6 -6
- package/dist/db/schema.mjs +14 -5
- package/dist/db/schema.mjs.map +1 -1
- package/dist/index.d.mts +1 -1
- package/dist/integrations/next-js.d.mts +4 -4
- package/dist/integrations/svelte-kit.d.mts +2 -2
- package/dist/integrations/tanstack-start.d.mts +4 -4
- package/dist/oauth2/link-account.mjs +3 -2
- package/dist/oauth2/link-account.mjs.map +1 -1
- package/dist/oauth2/state.mjs +3 -3
- package/dist/oauth2/state.mjs.map +1 -1
- package/dist/plugins/admin/admin.d.mts +200 -137
- package/dist/plugins/admin/admin.mjs +3 -4
- package/dist/plugins/admin/admin.mjs.map +1 -1
- package/dist/plugins/admin/client.d.mts +87 -0
- package/dist/plugins/admin/client.mjs +3 -1
- package/dist/plugins/admin/client.mjs.map +1 -1
- package/dist/plugins/admin/error-codes.d.mts +90 -0
- package/dist/plugins/admin/error-codes.mjs.map +1 -1
- package/dist/plugins/admin/routes.mjs +40 -46
- package/dist/plugins/admin/routes.mjs.map +1 -1
- package/dist/plugins/anonymous/client.d.mts +19 -0
- package/dist/plugins/anonymous/client.mjs +4 -1
- package/dist/plugins/anonymous/client.mjs.map +1 -1
- package/dist/plugins/anonymous/error-codes.d.mts +22 -0
- package/dist/plugins/anonymous/index.d.mts +21 -9
- package/dist/plugins/anonymous/index.mjs +5 -5
- package/dist/plugins/anonymous/index.mjs.map +1 -1
- package/dist/plugins/api-key/client.d.mts +103 -0
- package/dist/plugins/api-key/client.mjs +4 -1
- package/dist/plugins/api-key/client.mjs.map +1 -1
- package/dist/plugins/api-key/error-codes.d.mts +106 -0
- package/dist/plugins/api-key/error-codes.mjs +34 -0
- package/dist/plugins/api-key/error-codes.mjs.map +1 -0
- package/dist/plugins/api-key/index.d.mts +181 -112
- package/dist/plugins/api-key/index.mjs +7 -34
- package/dist/plugins/api-key/index.mjs.map +1 -1
- package/dist/plugins/api-key/rate-limit.mjs +3 -2
- package/dist/plugins/api-key/rate-limit.mjs.map +1 -1
- package/dist/plugins/api-key/routes/create-api-key.mjs +19 -17
- package/dist/plugins/api-key/routes/create-api-key.mjs.map +1 -1
- package/dist/plugins/api-key/routes/delete-api-key.mjs +7 -5
- package/dist/plugins/api-key/routes/delete-api-key.mjs.map +1 -1
- package/dist/plugins/api-key/routes/get-api-key.mjs +5 -3
- package/dist/plugins/api-key/routes/get-api-key.mjs.map +1 -1
- package/dist/plugins/api-key/routes/update-api-key.mjs +18 -16
- package/dist/plugins/api-key/routes/update-api-key.mjs.map +1 -1
- package/dist/plugins/api-key/routes/verify-api-key.mjs +16 -35
- package/dist/plugins/api-key/routes/verify-api-key.mjs.map +1 -1
- package/dist/plugins/bearer/index.d.mts +3 -3
- package/dist/plugins/captcha/index.d.mts +2 -2
- package/dist/plugins/captcha/index.mjs +3 -3
- package/dist/plugins/captcha/index.mjs.map +1 -1
- package/dist/plugins/captcha/verify-handlers/captchafox.mjs +2 -2
- package/dist/plugins/captcha/verify-handlers/captchafox.mjs.map +1 -1
- package/dist/plugins/captcha/verify-handlers/cloudflare-turnstile.mjs +2 -2
- package/dist/plugins/captcha/verify-handlers/cloudflare-turnstile.mjs.map +1 -1
- package/dist/plugins/captcha/verify-handlers/google-recaptcha.mjs +2 -2
- package/dist/plugins/captcha/verify-handlers/google-recaptcha.mjs.map +1 -1
- package/dist/plugins/captcha/verify-handlers/h-captcha.mjs +2 -2
- package/dist/plugins/captcha/verify-handlers/h-captcha.mjs.map +1 -1
- package/dist/plugins/custom-session/index.d.mts +5 -5
- package/dist/plugins/device-authorization/index.d.mts +54 -18
- package/dist/plugins/device-authorization/routes.mjs +18 -18
- package/dist/plugins/device-authorization/routes.mjs.map +1 -1
- package/dist/plugins/email-otp/client.d.mts +15 -0
- package/dist/plugins/email-otp/client.mjs +4 -1
- package/dist/plugins/email-otp/client.mjs.map +1 -1
- package/dist/plugins/email-otp/error-codes.d.mts +18 -0
- package/dist/plugins/email-otp/error-codes.mjs +12 -0
- package/dist/plugins/email-otp/error-codes.mjs.map +1 -0
- package/dist/plugins/email-otp/index.d.mts +64 -55
- package/dist/plugins/email-otp/index.mjs +4 -3
- package/dist/plugins/email-otp/index.mjs.map +1 -1
- package/dist/plugins/email-otp/routes.mjs +30 -35
- package/dist/plugins/email-otp/routes.mjs.map +1 -1
- package/dist/plugins/generic-oauth/client.d.mts +27 -0
- package/dist/plugins/generic-oauth/client.mjs +4 -1
- package/dist/plugins/generic-oauth/client.mjs.map +1 -1
- package/dist/plugins/generic-oauth/error-codes.d.mts +30 -0
- package/dist/plugins/generic-oauth/index.d.mts +55 -37
- package/dist/plugins/generic-oauth/index.mjs +4 -4
- package/dist/plugins/generic-oauth/index.mjs.map +1 -1
- package/dist/plugins/generic-oauth/routes.mjs +11 -12
- package/dist/plugins/generic-oauth/routes.mjs.map +1 -1
- package/dist/plugins/haveibeenpwned/index.d.mts +7 -4
- package/dist/plugins/haveibeenpwned/index.mjs +5 -4
- package/dist/plugins/haveibeenpwned/index.mjs.map +1 -1
- package/dist/plugins/index.d.mts +4 -2
- package/dist/plugins/index.mjs +6 -4
- package/dist/plugins/jwt/index.d.mts +9 -9
- package/dist/plugins/jwt/index.mjs +2 -2
- package/dist/plugins/jwt/index.mjs.map +1 -1
- package/dist/plugins/last-login-method/index.d.mts +4 -4
- package/dist/plugins/magic-link/index.d.mts +4 -4
- package/dist/plugins/mcp/authorize.mjs +1 -1
- package/dist/plugins/mcp/authorize.mjs.map +1 -1
- package/dist/plugins/mcp/index.d.mts +10 -10
- package/dist/plugins/multi-session/client.d.mts +10 -14
- package/dist/plugins/multi-session/client.mjs +5 -2
- package/dist/plugins/multi-session/client.mjs.map +1 -1
- package/dist/plugins/multi-session/error-codes.d.mts +10 -0
- package/dist/plugins/multi-session/error-codes.mjs +8 -0
- package/dist/plugins/multi-session/error-codes.mjs.map +1 -0
- package/dist/plugins/multi-session/index.d.mts +18 -14
- package/dist/plugins/multi-session/index.mjs +6 -7
- package/dist/plugins/multi-session/index.mjs.map +1 -1
- package/dist/plugins/oauth-proxy/index.d.mts +8 -8
- package/dist/plugins/oidc-provider/authorize.mjs +1 -1
- package/dist/plugins/oidc-provider/authorize.mjs.map +1 -1
- package/dist/plugins/oidc-provider/error.mjs +1 -1
- package/dist/plugins/oidc-provider/error.mjs.map +1 -1
- package/dist/plugins/oidc-provider/index.d.mts +15 -15
- package/dist/plugins/one-tap/client.d.mts +2 -2
- package/dist/plugins/one-tap/index.d.mts +2 -2
- package/dist/plugins/one-time-token/index.d.mts +5 -5
- package/dist/plugins/open-api/index.d.mts +3 -3
- package/dist/plugins/organization/client.d.mts +229 -2
- package/dist/plugins/organization/client.mjs +3 -1
- package/dist/plugins/organization/client.mjs.map +1 -1
- package/dist/plugins/organization/error-codes.d.mts +224 -56
- package/dist/plugins/organization/organization.d.mts +7 -7
- package/dist/plugins/organization/organization.mjs +4 -4
- package/dist/plugins/organization/organization.mjs.map +1 -1
- package/dist/plugins/organization/routes/crud-access-control.d.mts +22 -22
- package/dist/plugins/organization/routes/crud-access-control.mjs +40 -39
- package/dist/plugins/organization/routes/crud-access-control.mjs.map +1 -1
- package/dist/plugins/organization/routes/crud-invites.d.mts +58 -58
- package/dist/plugins/organization/routes/crud-invites.mjs +42 -40
- package/dist/plugins/organization/routes/crud-invites.mjs.map +1 -1
- package/dist/plugins/organization/routes/crud-members.d.mts +67 -67
- package/dist/plugins/organization/routes/crud-members.mjs +41 -54
- package/dist/plugins/organization/routes/crud-members.mjs.map +1 -1
- package/dist/plugins/organization/routes/crud-org.d.mts +51 -51
- package/dist/plugins/organization/routes/crud-org.mjs +28 -25
- package/dist/plugins/organization/routes/crud-org.mjs.map +1 -1
- package/dist/plugins/organization/routes/crud-team.d.mts +77 -77
- package/dist/plugins/organization/routes/crud-team.mjs +41 -47
- package/dist/plugins/organization/routes/crud-team.mjs.map +1 -1
- package/dist/plugins/phone-number/client.d.mts +51 -0
- package/dist/plugins/phone-number/client.mjs +4 -1
- package/dist/plugins/phone-number/client.mjs.map +1 -1
- package/dist/plugins/phone-number/error-codes.d.mts +54 -0
- package/dist/plugins/phone-number/index.d.mts +81 -45
- package/dist/plugins/phone-number/index.mjs +2 -2
- package/dist/plugins/phone-number/index.mjs.map +1 -1
- package/dist/plugins/phone-number/routes.mjs +27 -28
- package/dist/plugins/phone-number/routes.mjs.map +1 -1
- package/dist/plugins/siwe/index.d.mts +3 -3
- package/dist/plugins/siwe/index.mjs +7 -6
- package/dist/plugins/siwe/index.mjs.map +1 -1
- package/dist/plugins/two-factor/backup-codes/index.mjs +7 -7
- package/dist/plugins/two-factor/backup-codes/index.mjs.map +1 -1
- package/dist/plugins/two-factor/client.d.mts +39 -0
- package/dist/plugins/two-factor/client.mjs +4 -1
- package/dist/plugins/two-factor/client.mjs.map +1 -1
- package/dist/plugins/two-factor/error-code.d.mts +36 -9
- package/dist/plugins/two-factor/index.d.mts +54 -27
- package/dist/plugins/two-factor/index.mjs +4 -5
- package/dist/plugins/two-factor/index.mjs.map +1 -1
- package/dist/plugins/two-factor/otp/index.mjs +8 -6
- package/dist/plugins/two-factor/otp/index.mjs.map +1 -1
- package/dist/plugins/two-factor/totp/index.mjs +16 -8
- package/dist/plugins/two-factor/totp/index.mjs.map +1 -1
- package/dist/plugins/two-factor/verify-two-factor.mjs +9 -6
- package/dist/plugins/two-factor/verify-two-factor.mjs.map +1 -1
- package/dist/plugins/username/client.d.mts +35 -0
- package/dist/plugins/username/client.mjs +4 -1
- package/dist/plugins/username/client.mjs.map +1 -1
- package/dist/plugins/username/error-codes.d.mts +32 -8
- package/dist/plugins/username/index.d.mts +41 -17
- package/dist/plugins/username/index.mjs +21 -31
- package/dist/plugins/username/index.mjs.map +1 -1
- package/dist/plugins/username/schema.d.mts +3 -3
- package/dist/test-utils/test-instance.d.mts +1349 -1198
- package/dist/utils/is-api-error.d.mts +7 -0
- package/dist/utils/is-api-error.mjs +11 -0
- package/dist/utils/is-api-error.mjs.map +1 -0
- package/dist/utils/password.mjs +3 -3
- package/dist/utils/password.mjs.map +1 -1
- package/dist/utils/plugin-helper.mjs +2 -2
- package/dist/utils/plugin-helper.mjs.map +1 -1
- package/package.json +3 -3
|
@@ -2,7 +2,7 @@ import { DeepPartial, Expand, HasRequiredKeys, LiteralNumber, LiteralUnion, Omit
|
|
|
2
2
|
import { InferActions, InferClientAPI, InferErrorCodes, IsSignal } from "../types.mjs";
|
|
3
3
|
import { BetterAuthClientOptions, BetterAuthClientPlugin } from "@better-auth/core";
|
|
4
4
|
import { BASE_ERROR_CODES } from "@better-auth/core/error";
|
|
5
|
-
import * as
|
|
5
|
+
import * as _better_fetch_fetch47 from "@better-fetch/fetch";
|
|
6
6
|
import { BetterFetchError } from "@better-fetch/fetch";
|
|
7
7
|
import { Accessor } from "solid-js";
|
|
8
8
|
export * from "nanostores";
|
|
@@ -46,21 +46,21 @@ declare function createAuthClient<Option extends BetterAuthClientOptions>(option
|
|
|
46
46
|
error: null;
|
|
47
47
|
} ? S : Res extends Record<string, any> ? Res : never : never>;
|
|
48
48
|
};
|
|
49
|
-
$fetch:
|
|
50
|
-
plugins: (
|
|
49
|
+
$fetch: _better_fetch_fetch47.BetterFetch<{
|
|
50
|
+
plugins: (_better_fetch_fetch47.BetterFetchPlugin<Record<string, any>> | {
|
|
51
51
|
id: string;
|
|
52
52
|
name: string;
|
|
53
53
|
hooks: {
|
|
54
|
-
onSuccess(context:
|
|
54
|
+
onSuccess(context: _better_fetch_fetch47.SuccessContext<any>): void;
|
|
55
55
|
};
|
|
56
56
|
} | {
|
|
57
57
|
id: string;
|
|
58
58
|
name: string;
|
|
59
59
|
hooks: {
|
|
60
|
-
onSuccess: ((context:
|
|
61
|
-
onError: ((context:
|
|
62
|
-
onRequest: (<T extends Record<string, any>>(context:
|
|
63
|
-
onResponse: ((context:
|
|
60
|
+
onSuccess: ((context: _better_fetch_fetch47.SuccessContext<any>) => Promise<void> | void) | undefined;
|
|
61
|
+
onError: ((context: _better_fetch_fetch47.ErrorContext) => Promise<void> | void) | undefined;
|
|
62
|
+
onRequest: (<T extends Record<string, any>>(context: _better_fetch_fetch47.RequestContext<T>) => Promise<_better_fetch_fetch47.RequestContext | void> | _better_fetch_fetch47.RequestContext | void) | undefined;
|
|
63
|
+
onResponse: ((context: _better_fetch_fetch47.ResponseContext) => Promise<Response | void | _better_fetch_fetch47.ResponseContext> | Response | _better_fetch_fetch47.ResponseContext | void) | undefined;
|
|
64
64
|
};
|
|
65
65
|
})[];
|
|
66
66
|
cache?: RequestCache | undefined;
|
|
@@ -80,12 +80,12 @@ declare function createAuthClient<Option extends BetterAuthClientOptions>(option
|
|
|
80
80
|
referrerPolicy?: ReferrerPolicy | undefined;
|
|
81
81
|
signal?: (AbortSignal | null) | undefined;
|
|
82
82
|
window?: null | undefined;
|
|
83
|
-
onRetry?: ((response:
|
|
83
|
+
onRetry?: ((response: _better_fetch_fetch47.ResponseContext) => Promise<void> | void) | undefined;
|
|
84
84
|
hookOptions?: {
|
|
85
85
|
cloneResponse?: boolean;
|
|
86
86
|
} | undefined;
|
|
87
87
|
timeout?: number | undefined;
|
|
88
|
-
customFetchImpl:
|
|
88
|
+
customFetchImpl: _better_fetch_fetch47.FetchEsque;
|
|
89
89
|
baseURL: string;
|
|
90
90
|
throw?: boolean | undefined;
|
|
91
91
|
auth?: ({
|
|
@@ -105,10 +105,10 @@ declare function createAuthClient<Option extends BetterAuthClientOptions>(option
|
|
|
105
105
|
params?: any;
|
|
106
106
|
duplex?: "full" | "half" | undefined;
|
|
107
107
|
jsonParser: (text: string) => Promise<any> | any;
|
|
108
|
-
retry?:
|
|
108
|
+
retry?: _better_fetch_fetch47.RetryOptions | undefined;
|
|
109
109
|
retryAttempt?: number | undefined;
|
|
110
|
-
output?: (
|
|
111
|
-
errorSchema?:
|
|
110
|
+
output?: (_better_fetch_fetch47.StandardSchemaV1 | typeof Blob | typeof File) | undefined;
|
|
111
|
+
errorSchema?: _better_fetch_fetch47.StandardSchemaV1 | undefined;
|
|
112
112
|
disableValidation?: boolean | undefined;
|
|
113
113
|
disableSignal?: boolean | undefined;
|
|
114
114
|
}, unknown, unknown, {}>;
|
|
@@ -2,9 +2,9 @@ import { DeepPartial, Expand, HasRequiredKeys, LiteralNumber, LiteralUnion, Omit
|
|
|
2
2
|
import { InferActions, InferClientAPI, InferErrorCodes, IsSignal } from "../types.mjs";
|
|
3
3
|
import { BetterAuthClientOptions, BetterAuthClientPlugin } from "@better-auth/core";
|
|
4
4
|
import { BASE_ERROR_CODES } from "@better-auth/core/error";
|
|
5
|
-
import * as
|
|
5
|
+
import * as nanostores1 from "nanostores";
|
|
6
6
|
import { Atom } from "nanostores";
|
|
7
|
-
import * as
|
|
7
|
+
import * as _better_fetch_fetch31 from "@better-fetch/fetch";
|
|
8
8
|
import { BetterFetchError } from "@better-fetch/fetch";
|
|
9
9
|
export * from "nanostores";
|
|
10
10
|
export * from "@better-fetch/fetch";
|
|
@@ -32,21 +32,21 @@ declare function createAuthClient<Option extends BetterAuthClientOptions>(option
|
|
|
32
32
|
isPending: boolean;
|
|
33
33
|
isRefetching: boolean;
|
|
34
34
|
}>;
|
|
35
|
-
$fetch:
|
|
36
|
-
plugins: (
|
|
35
|
+
$fetch: _better_fetch_fetch31.BetterFetch<{
|
|
36
|
+
plugins: (_better_fetch_fetch31.BetterFetchPlugin<Record<string, any>> | {
|
|
37
37
|
id: string;
|
|
38
38
|
name: string;
|
|
39
39
|
hooks: {
|
|
40
|
-
onSuccess(context:
|
|
40
|
+
onSuccess(context: _better_fetch_fetch31.SuccessContext<any>): void;
|
|
41
41
|
};
|
|
42
42
|
} | {
|
|
43
43
|
id: string;
|
|
44
44
|
name: string;
|
|
45
45
|
hooks: {
|
|
46
|
-
onSuccess: ((context:
|
|
47
|
-
onError: ((context:
|
|
48
|
-
onRequest: (<T extends Record<string, any>>(context:
|
|
49
|
-
onResponse: ((context:
|
|
46
|
+
onSuccess: ((context: _better_fetch_fetch31.SuccessContext<any>) => Promise<void> | void) | undefined;
|
|
47
|
+
onError: ((context: _better_fetch_fetch31.ErrorContext) => Promise<void> | void) | undefined;
|
|
48
|
+
onRequest: (<T extends Record<string, any>>(context: _better_fetch_fetch31.RequestContext<T>) => Promise<_better_fetch_fetch31.RequestContext | void> | _better_fetch_fetch31.RequestContext | void) | undefined;
|
|
49
|
+
onResponse: ((context: _better_fetch_fetch31.ResponseContext) => Promise<Response | void | _better_fetch_fetch31.ResponseContext> | Response | _better_fetch_fetch31.ResponseContext | void) | undefined;
|
|
50
50
|
};
|
|
51
51
|
})[];
|
|
52
52
|
cache?: RequestCache | undefined;
|
|
@@ -66,12 +66,12 @@ declare function createAuthClient<Option extends BetterAuthClientOptions>(option
|
|
|
66
66
|
referrerPolicy?: ReferrerPolicy | undefined;
|
|
67
67
|
signal?: (AbortSignal | null) | undefined;
|
|
68
68
|
window?: null | undefined;
|
|
69
|
-
onRetry?: ((response:
|
|
69
|
+
onRetry?: ((response: _better_fetch_fetch31.ResponseContext) => Promise<void> | void) | undefined;
|
|
70
70
|
hookOptions?: {
|
|
71
71
|
cloneResponse?: boolean;
|
|
72
72
|
} | undefined;
|
|
73
73
|
timeout?: number | undefined;
|
|
74
|
-
customFetchImpl:
|
|
74
|
+
customFetchImpl: _better_fetch_fetch31.FetchEsque;
|
|
75
75
|
baseURL: string;
|
|
76
76
|
throw?: boolean | undefined;
|
|
77
77
|
auth?: ({
|
|
@@ -91,17 +91,17 @@ declare function createAuthClient<Option extends BetterAuthClientOptions>(option
|
|
|
91
91
|
params?: any;
|
|
92
92
|
duplex?: "full" | "half" | undefined;
|
|
93
93
|
jsonParser: (text: string) => Promise<any> | any;
|
|
94
|
-
retry?:
|
|
94
|
+
retry?: _better_fetch_fetch31.RetryOptions | undefined;
|
|
95
95
|
retryAttempt?: number | undefined;
|
|
96
|
-
output?: (
|
|
97
|
-
errorSchema?:
|
|
96
|
+
output?: (_better_fetch_fetch31.StandardSchemaV1 | typeof Blob | typeof File) | undefined;
|
|
97
|
+
errorSchema?: _better_fetch_fetch31.StandardSchemaV1 | undefined;
|
|
98
98
|
disableValidation?: boolean | undefined;
|
|
99
99
|
disableSignal?: boolean | undefined;
|
|
100
100
|
}, unknown, unknown, {}>;
|
|
101
101
|
$store: {
|
|
102
102
|
notify: (signal?: (Omit<string, "$sessionSignal"> | "$sessionSignal") | undefined) => void;
|
|
103
103
|
listen: (signal: Omit<string, "$sessionSignal"> | "$sessionSignal", listener: (value: boolean, oldValue?: boolean | undefined) => void) => void;
|
|
104
|
-
atoms: Record<string,
|
|
104
|
+
atoms: Record<string, nanostores1.WritableAtom<any>>;
|
|
105
105
|
};
|
|
106
106
|
$Infer: {
|
|
107
107
|
Session: NonNullable<InferClientAPI<Option> extends {
|
package/dist/client/types.d.mts
CHANGED
|
@@ -32,7 +32,10 @@ type InferActions<O extends BetterAuthClientOptions$1> = (O["plugins"] extends A
|
|
|
32
32
|
} ? Endpoints : {} : {} : {}, O>;
|
|
33
33
|
type InferErrorCodes<O extends BetterAuthClientOptions$1> = O["plugins"] extends Array<infer Plugin> ? UnionToIntersection<Plugin extends BetterAuthClientPlugin$1 ? Plugin["$InferServerPlugin"] extends {
|
|
34
34
|
$ERROR_CODES: infer E;
|
|
35
|
-
} ? E extends Record<string,
|
|
35
|
+
} ? E extends Record<string, {
|
|
36
|
+
code: string;
|
|
37
|
+
message: string;
|
|
38
|
+
}> ? E : {} : {} : {}> : {};
|
|
36
39
|
/**
|
|
37
40
|
* signals are just used to recall a computed value.
|
|
38
41
|
* as a convention they start with "$"
|
|
@@ -3,7 +3,7 @@ import { InferActions, InferClientAPI, InferErrorCodes, IsSignal } from "../type
|
|
|
3
3
|
import { BetterAuthClientOptions, BetterAuthClientPlugin } from "@better-auth/core";
|
|
4
4
|
import { BASE_ERROR_CODES } from "@better-auth/core/error";
|
|
5
5
|
import * as nanostores0 from "nanostores";
|
|
6
|
-
import * as
|
|
6
|
+
import * as _better_fetch_fetch0 from "@better-fetch/fetch";
|
|
7
7
|
import { BetterFetchError } from "@better-fetch/fetch";
|
|
8
8
|
import { DeepReadonly, Ref } from "vue";
|
|
9
9
|
export * from "nanostores";
|
|
@@ -70,21 +70,21 @@ declare function createAuthClient<Option extends BetterAuthClientOptions>(option
|
|
|
70
70
|
error: null;
|
|
71
71
|
} ? S : Res extends Record<string, any> ? Res : never : never>;
|
|
72
72
|
};
|
|
73
|
-
$fetch:
|
|
74
|
-
plugins: (
|
|
73
|
+
$fetch: _better_fetch_fetch0.BetterFetch<{
|
|
74
|
+
plugins: (_better_fetch_fetch0.BetterFetchPlugin<Record<string, any>> | {
|
|
75
75
|
id: string;
|
|
76
76
|
name: string;
|
|
77
77
|
hooks: {
|
|
78
|
-
onSuccess(context:
|
|
78
|
+
onSuccess(context: _better_fetch_fetch0.SuccessContext<any>): void;
|
|
79
79
|
};
|
|
80
80
|
} | {
|
|
81
81
|
id: string;
|
|
82
82
|
name: string;
|
|
83
83
|
hooks: {
|
|
84
|
-
onSuccess: ((context:
|
|
85
|
-
onError: ((context:
|
|
86
|
-
onRequest: (<T extends Record<string, any>>(context:
|
|
87
|
-
onResponse: ((context:
|
|
84
|
+
onSuccess: ((context: _better_fetch_fetch0.SuccessContext<any>) => Promise<void> | void) | undefined;
|
|
85
|
+
onError: ((context: _better_fetch_fetch0.ErrorContext) => Promise<void> | void) | undefined;
|
|
86
|
+
onRequest: (<T extends Record<string, any>>(context: _better_fetch_fetch0.RequestContext<T>) => Promise<_better_fetch_fetch0.RequestContext | void> | _better_fetch_fetch0.RequestContext | void) | undefined;
|
|
87
|
+
onResponse: ((context: _better_fetch_fetch0.ResponseContext) => Promise<Response | void | _better_fetch_fetch0.ResponseContext> | Response | _better_fetch_fetch0.ResponseContext | void) | undefined;
|
|
88
88
|
};
|
|
89
89
|
})[];
|
|
90
90
|
cache?: RequestCache | undefined;
|
|
@@ -104,12 +104,12 @@ declare function createAuthClient<Option extends BetterAuthClientOptions>(option
|
|
|
104
104
|
referrerPolicy?: ReferrerPolicy | undefined;
|
|
105
105
|
signal?: (AbortSignal | null) | undefined;
|
|
106
106
|
window?: null | undefined;
|
|
107
|
-
onRetry?: ((response:
|
|
107
|
+
onRetry?: ((response: _better_fetch_fetch0.ResponseContext) => Promise<void> | void) | undefined;
|
|
108
108
|
hookOptions?: {
|
|
109
109
|
cloneResponse?: boolean;
|
|
110
110
|
} | undefined;
|
|
111
111
|
timeout?: number | undefined;
|
|
112
|
-
customFetchImpl:
|
|
112
|
+
customFetchImpl: _better_fetch_fetch0.FetchEsque;
|
|
113
113
|
baseURL: string;
|
|
114
114
|
throw?: boolean | undefined;
|
|
115
115
|
auth?: ({
|
|
@@ -129,10 +129,10 @@ declare function createAuthClient<Option extends BetterAuthClientOptions>(option
|
|
|
129
129
|
params?: any;
|
|
130
130
|
duplex?: "full" | "half" | undefined;
|
|
131
131
|
jsonParser: (text: string) => Promise<any> | any;
|
|
132
|
-
retry?:
|
|
132
|
+
retry?: _better_fetch_fetch0.RetryOptions | undefined;
|
|
133
133
|
retryAttempt?: number | undefined;
|
|
134
|
-
output?: (
|
|
135
|
-
errorSchema?:
|
|
134
|
+
output?: (_better_fetch_fetch0.StandardSchemaV1 | typeof Blob | typeof File) | undefined;
|
|
135
|
+
errorSchema?: _better_fetch_fetch0.StandardSchemaV1 | undefined;
|
|
136
136
|
disableValidation?: boolean | undefined;
|
|
137
137
|
disableSignal?: boolean | undefined;
|
|
138
138
|
}, unknown, unknown, {}>;
|
|
@@ -14,7 +14,7 @@ import { createLogger, env, isProduction, isTest } from "@better-auth/core/env";
|
|
|
14
14
|
import { BetterAuthError } from "@better-auth/core/error";
|
|
15
15
|
import { socialProviders } from "@better-auth/core/social-providers";
|
|
16
16
|
import { createTelemetry } from "@better-auth/telemetry";
|
|
17
|
-
import defu
|
|
17
|
+
import defu from "defu";
|
|
18
18
|
|
|
19
19
|
//#region src/context/create-context.ts
|
|
20
20
|
/**
|
|
@@ -41,7 +41,7 @@ function validateSecret(secret, logger$1) {
|
|
|
41
41
|
if (estimateEntropy(secret) < 120) logger$1.warn("[better-auth] Warning: your BETTER_AUTH_SECRET appears low-entropy. Use a randomly generated secret for production.");
|
|
42
42
|
}
|
|
43
43
|
async function createAuthContext(adapter, options, getDatabaseType) {
|
|
44
|
-
if (!options.database) options = defu
|
|
44
|
+
if (!options.database) options = defu(options, {
|
|
45
45
|
session: { cookieCache: {
|
|
46
46
|
enabled: true,
|
|
47
47
|
strategy: "jwe",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"create-context.mjs","names":["defu","logger","providers: OAuthProvider[]","generateIdFunc: AuthContext[\"generateId\"]","ctx: AuthContext","context: AuthContext"],"sources":["../../src/context/create-context.ts"],"sourcesContent":["import type { AuthContext, BetterAuthOptions } from \"@better-auth/core\";\nimport { getAuthTables } from \"@better-auth/core/db\";\nimport type { DBAdapter } from \"@better-auth/core/db/adapter\";\nimport { createLogger, env, isProduction, isTest } from \"@better-auth/core/env\";\nimport { BetterAuthError } from \"@better-auth/core/error\";\nimport type { OAuthProvider } from \"@better-auth/core/oauth2\";\nimport type { SocialProviders } from \"@better-auth/core/social-providers\";\nimport { socialProviders } from \"@better-auth/core/social-providers\";\nimport { createTelemetry } from \"@better-auth/telemetry\";\nimport defu from \"defu\";\nimport type { Entries } from \"type-fest\";\nimport { checkEndpointConflicts } from \"../api\";\nimport { matchesOriginPattern } from \"../auth/trusted-origins\";\nimport { createCookieGetter, getCookies } from \"../cookies\";\nimport { hashPassword, verifyPassword } from \"../crypto/password\";\nimport { createInternalAdapter } from \"../db/internal-adapter\";\nimport { generateId } from \"../utils\";\nimport { DEFAULT_SECRET } from \"../utils/constants\";\nimport { isPromise } from \"../utils/is-promise\";\nimport { checkPassword } from \"../utils/password\";\nimport { getBaseURL } from \"../utils/url\";\nimport {\n\tgetInternalPlugins,\n\tgetTrustedOrigins,\n\trunPluginInit,\n} from \"./helpers\";\n\n/**\n * Estimates the entropy of a string in bits.\n * This is a simple approximation that helps detect low-entropy secrets.\n */\nfunction estimateEntropy(str: string): number {\n\tconst unique = new Set(str).size;\n\tif (unique === 0) return 0;\n\treturn Math.log2(Math.pow(unique, str.length));\n}\n\n/**\n * Validates that the secret meets minimum security requirements.\n * Throws BetterAuthError if the secret is invalid.\n * Skips validation for DEFAULT_SECRET in test environments only.\n * Only throws for DEFAULT_SECRET in production environment.\n */\nfunction validateSecret(\n\tsecret: string,\n\tlogger: ReturnType<typeof createLogger>,\n): void {\n\tconst isDefaultSecret = secret === DEFAULT_SECRET;\n\n\tif (isTest()) {\n\t\treturn;\n\t}\n\n\tif (isDefaultSecret && isProduction) {\n\t\tthrow new BetterAuthError(\n\t\t\t\"You are using the default secret. Please set `BETTER_AUTH_SECRET` in your environment variables or pass `secret` in your auth config.\",\n\t\t);\n\t}\n\n\tif (!secret) {\n\t\tthrow new BetterAuthError(\n\t\t\t\"BETTER_AUTH_SECRET is missing. Set it in your environment or pass `secret` to betterAuth({ secret }).\",\n\t\t);\n\t}\n\n\tif (secret.length < 32) {\n\t\tthrow new BetterAuthError(\n\t\t\t`Invalid BETTER_AUTH_SECRET: must be at least 32 characters long for adequate security. Generate one with \\`npx @better-auth/cli secret\\` or \\`openssl rand -base64 32\\`.`,\n\t\t);\n\t}\n\n\t// Optional high-entropy check: warn if entropy appears low\n\tconst entropy = estimateEntropy(secret);\n\tif (entropy < 120) {\n\t\tlogger.warn(\n\t\t\t\"[better-auth] Warning: your BETTER_AUTH_SECRET appears low-entropy. Use a randomly generated secret for production.\",\n\t\t);\n\t}\n}\n\nexport async function createAuthContext(\n\tadapter: DBAdapter<BetterAuthOptions>,\n\toptions: BetterAuthOptions,\n\tgetDatabaseType: (database: BetterAuthOptions[\"database\"]) => string,\n): Promise<AuthContext> {\n\t//set default options for stateless mode\n\tif (!options.database) {\n\t\toptions = defu(options, {\n\t\t\tsession: {\n\t\t\t\tcookieCache: {\n\t\t\t\t\tenabled: true,\n\t\t\t\t\tstrategy: \"jwe\" as const,\n\t\t\t\t\trefreshCache: true,\n\t\t\t\t},\n\t\t\t},\n\t\t\taccount: {\n\t\t\t\tstoreStateStrategy: \"cookie\" as const,\n\t\t\t\tstoreAccountCookie: true,\n\t\t\t},\n\t\t});\n\t}\n\tconst plugins = options.plugins || [];\n\tconst internalPlugins = getInternalPlugins(options);\n\tconst logger = createLogger(options.logger);\n\tconst baseURL = getBaseURL(options.baseURL, options.basePath);\n\n\tif (!baseURL) {\n\t\tlogger.warn(\n\t\t\t`[better-auth] Base URL could not be determined. Please set a valid base URL using the baseURL config option or the BETTER_AUTH_BASE_URL environment variable. Without this, callbacks and redirects may not work correctly.`,\n\t\t);\n\t}\n\n\tconst secret =\n\t\toptions.secret ||\n\t\tenv.BETTER_AUTH_SECRET ||\n\t\tenv.AUTH_SECRET ||\n\t\tDEFAULT_SECRET;\n\n\tvalidateSecret(secret, logger);\n\n\toptions = {\n\t\t...options,\n\t\tsecret,\n\t\tbaseURL: baseURL ? new URL(baseURL).origin : \"\",\n\t\tbasePath: options.basePath || \"/api/auth\",\n\t\tplugins: plugins.concat(internalPlugins),\n\t};\n\n\tcheckEndpointConflicts(options, logger);\n\tconst cookies = getCookies(options);\n\tconst tables = getAuthTables(options);\n\tconst providers: OAuthProvider[] = (\n\t\tObject.entries(\n\t\t\toptions.socialProviders || {},\n\t\t) as unknown as Entries<SocialProviders>\n\t)\n\t\t.map(([key, config]) => {\n\t\t\tif (config == null) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tif (config.enabled === false) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tif (!config.clientId) {\n\t\t\t\tlogger.warn(\n\t\t\t\t\t`Social provider ${key} is missing clientId or clientSecret`,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst provider = socialProviders[key](config as never);\n\t\t\t(provider as OAuthProvider).disableImplicitSignUp =\n\t\t\t\tconfig.disableImplicitSignUp;\n\t\t\treturn provider;\n\t\t})\n\t\t.filter((x) => x !== null);\n\n\tconst generateIdFunc: AuthContext[\"generateId\"] = ({ model, size }) => {\n\t\tif (typeof (options.advanced as any)?.generateId === \"function\") {\n\t\t\treturn (options.advanced as any).generateId({ model, size });\n\t\t}\n\t\tif (typeof options?.advanced?.database?.generateId === \"function\") {\n\t\t\treturn options.advanced.database.generateId({ model, size });\n\t\t}\n\t\treturn generateId(size);\n\t};\n\n\tconst { publish } = await createTelemetry(options, {\n\t\tadapter: adapter.id,\n\t\tdatabase:\n\t\t\ttypeof options.database === \"function\"\n\t\t\t\t? \"adapter\"\n\t\t\t\t: getDatabaseType(options.database),\n\t});\n\n\tlet ctx: AuthContext = {\n\t\tappName: options.appName || \"Better Auth\",\n\t\tsocialProviders: providers,\n\t\toptions,\n\t\toauthConfig: {\n\t\t\tstoreStateStrategy:\n\t\t\t\toptions.account?.storeStateStrategy ||\n\t\t\t\t(options.database ? \"database\" : \"cookie\"),\n\t\t\tskipStateCookieCheck: !!options.account?.skipStateCookieCheck,\n\t\t},\n\t\ttables,\n\t\ttrustedOrigins: await getTrustedOrigins(options),\n\t\tisTrustedOrigin(\n\t\t\turl: string,\n\t\t\tsettings?: {\n\t\t\t\tallowRelativePaths: boolean;\n\t\t\t},\n\t\t) {\n\t\t\treturn ctx.trustedOrigins.some((origin) =>\n\t\t\t\tmatchesOriginPattern(url, origin, settings),\n\t\t\t);\n\t\t},\n\t\tbaseURL: baseURL || \"\",\n\t\tsessionConfig: {\n\t\t\tupdateAge:\n\t\t\t\toptions.session?.updateAge !== undefined\n\t\t\t\t\t? options.session.updateAge\n\t\t\t\t\t: 24 * 60 * 60,\n\t\t\texpiresIn: options.session?.expiresIn || 60 * 60 * 24 * 7,\n\t\t\tfreshAge:\n\t\t\t\toptions.session?.freshAge === undefined\n\t\t\t\t\t? 60 * 60 * 24\n\t\t\t\t\t: options.session.freshAge,\n\t\t\tcookieRefreshCache: (() => {\n\t\t\t\tconst refreshCache = options.session?.cookieCache?.refreshCache;\n\t\t\t\tconst maxAge = options.session?.cookieCache?.maxAge || 60 * 5;\n\n\t\t\t\t// `refreshCache` is intended for fully stateless / DB-less setups.\n\t\t\t\t// If a server-side store is configured, prefer fetching/refreshing from that source\n\t\t\t\t// and disable stateless refresh behavior to avoid confusing/unsafe configurations.\n\t\t\t\tconst isStateful = !!options.database || !!options.secondaryStorage;\n\t\t\t\tif (isStateful && refreshCache) {\n\t\t\t\t\tlogger.warn(\n\t\t\t\t\t\t\"[better-auth] `session.cookieCache.refreshCache` is enabled while `database` or `secondaryStorage` is configured. `refreshCache` is meant for stateless (DB-less) setups. Disabling `refreshCache` — remove it from your config to silence this warning.\",\n\t\t\t\t\t);\n\t\t\t\t\treturn false;\n\t\t\t\t}\n\n\t\t\t\tif (refreshCache === false || refreshCache === undefined) {\n\t\t\t\t\treturn false;\n\t\t\t\t}\n\n\t\t\t\tif (refreshCache === true) {\n\t\t\t\t\treturn {\n\t\t\t\t\t\tenabled: true,\n\t\t\t\t\t\tupdateAge: Math.floor(maxAge * 0.2),\n\t\t\t\t\t};\n\t\t\t\t}\n\n\t\t\t\treturn {\n\t\t\t\t\tenabled: true,\n\t\t\t\t\tupdateAge:\n\t\t\t\t\t\trefreshCache.updateAge !== undefined\n\t\t\t\t\t\t\t? refreshCache.updateAge\n\t\t\t\t\t\t\t: Math.floor(maxAge * 0.2),\n\t\t\t\t};\n\t\t\t})(),\n\t\t},\n\t\tsecret,\n\t\trateLimit: {\n\t\t\t...options.rateLimit,\n\t\t\tenabled: options.rateLimit?.enabled ?? isProduction,\n\t\t\twindow: options.rateLimit?.window || 10,\n\t\t\tmax: options.rateLimit?.max || 100,\n\t\t\tstorage:\n\t\t\t\toptions.rateLimit?.storage ||\n\t\t\t\t(options.secondaryStorage ? \"secondary-storage\" : \"memory\"),\n\t\t},\n\t\tauthCookies: cookies,\n\t\tlogger,\n\t\tgenerateId: generateIdFunc,\n\t\tsession: null,\n\t\tsecondaryStorage: options.secondaryStorage,\n\t\tpassword: {\n\t\t\thash: options.emailAndPassword?.password?.hash || hashPassword,\n\t\t\tverify: options.emailAndPassword?.password?.verify || verifyPassword,\n\t\t\tconfig: {\n\t\t\t\tminPasswordLength: options.emailAndPassword?.minPasswordLength || 8,\n\t\t\t\tmaxPasswordLength: options.emailAndPassword?.maxPasswordLength || 128,\n\t\t\t},\n\t\t\tcheckPassword,\n\t\t},\n\t\tsetNewSession(session) {\n\t\t\tthis.newSession = session;\n\t\t},\n\t\tnewSession: null,\n\t\tadapter: adapter,\n\t\tinternalAdapter: createInternalAdapter(adapter, {\n\t\t\toptions,\n\t\t\tlogger,\n\t\t\thooks: options.databaseHooks ? [options.databaseHooks] : [],\n\t\t\tgenerateId: generateIdFunc,\n\t\t}),\n\t\tcreateAuthCookie: createCookieGetter(options),\n\t\tasync runMigrations() {\n\t\t\tthrow new BetterAuthError(\n\t\t\t\t\"runMigrations will be set by the specific init implementation\",\n\t\t\t);\n\t\t},\n\t\tpublishTelemetry: publish,\n\t\tskipCSRFCheck: !!options.advanced?.disableCSRFCheck,\n\t\tskipOriginCheck:\n\t\t\toptions.advanced?.disableOriginCheck !== undefined\n\t\t\t\t? options.advanced.disableOriginCheck\n\t\t\t\t: isTest()\n\t\t\t\t\t? true\n\t\t\t\t\t: false,\n\t\trunInBackground:\n\t\t\toptions.advanced?.backgroundTasks?.handler ??\n\t\t\t((p) => {\n\t\t\t\tp.catch(() => {});\n\t\t\t}),\n\t\tasync runInBackgroundOrAwait(\n\t\t\tpromise: Promise<unknown> | Promise<void> | void | unknown,\n\t\t) {\n\t\t\ttry {\n\t\t\t\tif (options.advanced?.backgroundTasks?.handler) {\n\t\t\t\t\tif (promise instanceof Promise) {\n\t\t\t\t\t\toptions.advanced.backgroundTasks.handler(\n\t\t\t\t\t\t\tpromise.catch((e) => {\n\t\t\t\t\t\t\t\tlogger.error(\"Failed to run background task:\", e);\n\t\t\t\t\t\t\t}),\n\t\t\t\t\t\t);\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\tawait promise;\n\t\t\t\t}\n\t\t\t} catch (e) {\n\t\t\t\tlogger.error(\"Failed to run background task:\", e);\n\t\t\t}\n\t\t},\n\t};\n\n\tconst initOrPromise = runPluginInit(ctx);\n\tlet context: AuthContext;\n\tif (isPromise(initOrPromise)) {\n\t\t({ context } = await initOrPromise);\n\t} else {\n\t\t({ context } = initOrPromise);\n\t}\n\n\treturn context;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AA+BA,SAAS,gBAAgB,KAAqB;CAC7C,MAAM,SAAS,IAAI,IAAI,IAAI,CAAC;AAC5B,KAAI,WAAW,EAAG,QAAO;AACzB,QAAO,KAAK,KAAK,KAAK,IAAI,QAAQ,IAAI,OAAO,CAAC;;;;;;;;AAS/C,SAAS,eACR,QACA,UACO;CACP,MAAM,kBAAkB,WAAW;AAEnC,KAAI,QAAQ,CACX;AAGD,KAAI,mBAAmB,aACtB,OAAM,IAAI,gBACT,wIACA;AAGF,KAAI,CAAC,OACJ,OAAM,IAAI,gBACT,wGACA;AAGF,KAAI,OAAO,SAAS,GACnB,OAAM,IAAI,gBACT,2KACA;AAKF,KADgB,gBAAgB,OAAO,GACzB,IACb,UAAO,KACN,sHACA;;AAIH,eAAsB,kBACrB,SACA,SACA,iBACuB;AAEvB,KAAI,CAAC,QAAQ,SACZ,WAAUA,OAAK,SAAS;EACvB,SAAS,EACR,aAAa;GACZ,SAAS;GACT,UAAU;GACV,cAAc;GACd,EACD;EACD,SAAS;GACR,oBAAoB;GACpB,oBAAoB;GACpB;EACD,CAAC;CAEH,MAAM,UAAU,QAAQ,WAAW,EAAE;CACrC,MAAM,kBAAkB,mBAAmB,QAAQ;CACnD,MAAMC,WAAS,aAAa,QAAQ,OAAO;CAC3C,MAAM,UAAU,WAAW,QAAQ,SAAS,QAAQ,SAAS;AAE7D,KAAI,CAAC,QACJ,UAAO,KACN,8NACA;CAGF,MAAM,SACL,QAAQ,UACR,IAAI,sBACJ,IAAI,eACJ;AAED,gBAAe,QAAQA,SAAO;AAE9B,WAAU;EACT,GAAG;EACH;EACA,SAAS,UAAU,IAAI,IAAI,QAAQ,CAAC,SAAS;EAC7C,UAAU,QAAQ,YAAY;EAC9B,SAAS,QAAQ,OAAO,gBAAgB;EACxC;AAED,wBAAuB,SAASA,SAAO;CACvC,MAAM,UAAU,WAAW,QAAQ;CACnC,MAAM,SAAS,cAAc,QAAQ;CACrC,MAAMC,YACL,OAAO,QACN,QAAQ,mBAAmB,EAAE,CAC7B,CAEA,KAAK,CAAC,KAAK,YAAY;AACvB,MAAI,UAAU,KACb,QAAO;AAER,MAAI,OAAO,YAAY,MACtB,QAAO;AAER,MAAI,CAAC,OAAO,SACX,UAAO,KACN,mBAAmB,IAAI,sCACvB;EAEF,MAAM,WAAW,gBAAgB,KAAK,OAAgB;AACtD,EAAC,SAA2B,wBAC3B,OAAO;AACR,SAAO;GACN,CACD,QAAQ,MAAM,MAAM,KAAK;CAE3B,MAAMC,kBAA6C,EAAE,OAAO,WAAW;AACtE,MAAI,OAAQ,QAAQ,UAAkB,eAAe,WACpD,QAAQ,QAAQ,SAAiB,WAAW;GAAE;GAAO;GAAM,CAAC;AAE7D,MAAI,OAAO,SAAS,UAAU,UAAU,eAAe,WACtD,QAAO,QAAQ,SAAS,SAAS,WAAW;GAAE;GAAO;GAAM,CAAC;AAE7D,SAAO,WAAW,KAAK;;CAGxB,MAAM,EAAE,YAAY,MAAM,gBAAgB,SAAS;EAClD,SAAS,QAAQ;EACjB,UACC,OAAO,QAAQ,aAAa,aACzB,YACA,gBAAgB,QAAQ,SAAS;EACrC,CAAC;CAEF,IAAIC,MAAmB;EACtB,SAAS,QAAQ,WAAW;EAC5B,iBAAiB;EACjB;EACA,aAAa;GACZ,oBACC,QAAQ,SAAS,uBAChB,QAAQ,WAAW,aAAa;GAClC,sBAAsB,CAAC,CAAC,QAAQ,SAAS;GACzC;EACD;EACA,gBAAgB,MAAM,kBAAkB,QAAQ;EAChD,gBACC,KACA,UAGC;AACD,UAAO,IAAI,eAAe,MAAM,WAC/B,qBAAqB,KAAK,QAAQ,SAAS,CAC3C;;EAEF,SAAS,WAAW;EACpB,eAAe;GACd,WACC,QAAQ,SAAS,cAAc,SAC5B,QAAQ,QAAQ,YAChB,OAAU;GACd,WAAW,QAAQ,SAAS,aAAa,OAAU,KAAK;GACxD,UACC,QAAQ,SAAS,aAAa,SAC3B,OAAU,KACV,QAAQ,QAAQ;GACpB,2BAA2B;IAC1B,MAAM,eAAe,QAAQ,SAAS,aAAa;IACnD,MAAM,SAAS,QAAQ,SAAS,aAAa,UAAU;AAMvD,SADmB,CAAC,CAAC,QAAQ,YAAY,CAAC,CAAC,QAAQ,qBACjC,cAAc;AAC/B,cAAO,KACN,2PACA;AACD,YAAO;;AAGR,QAAI,iBAAiB,SAAS,iBAAiB,OAC9C,QAAO;AAGR,QAAI,iBAAiB,KACpB,QAAO;KACN,SAAS;KACT,WAAW,KAAK,MAAM,SAAS,GAAI;KACnC;AAGF,WAAO;KACN,SAAS;KACT,WACC,aAAa,cAAc,SACxB,aAAa,YACb,KAAK,MAAM,SAAS,GAAI;KAC5B;OACE;GACJ;EACD;EACA,WAAW;GACV,GAAG,QAAQ;GACX,SAAS,QAAQ,WAAW,WAAW;GACvC,QAAQ,QAAQ,WAAW,UAAU;GACrC,KAAK,QAAQ,WAAW,OAAO;GAC/B,SACC,QAAQ,WAAW,YAClB,QAAQ,mBAAmB,sBAAsB;GACnD;EACD,aAAa;EACb;EACA,YAAY;EACZ,SAAS;EACT,kBAAkB,QAAQ;EAC1B,UAAU;GACT,MAAM,QAAQ,kBAAkB,UAAU,QAAQ;GAClD,QAAQ,QAAQ,kBAAkB,UAAU,UAAU;GACtD,QAAQ;IACP,mBAAmB,QAAQ,kBAAkB,qBAAqB;IAClE,mBAAmB,QAAQ,kBAAkB,qBAAqB;IAClE;GACD;GACA;EACD,cAAc,SAAS;AACtB,QAAK,aAAa;;EAEnB,YAAY;EACH;EACT,iBAAiB,sBAAsB,SAAS;GAC/C;GACA;GACA,OAAO,QAAQ,gBAAgB,CAAC,QAAQ,cAAc,GAAG,EAAE;GAC3D,YAAY;GACZ,CAAC;EACF,kBAAkB,mBAAmB,QAAQ;EAC7C,MAAM,gBAAgB;AACrB,SAAM,IAAI,gBACT,gEACA;;EAEF,kBAAkB;EAClB,eAAe,CAAC,CAAC,QAAQ,UAAU;EACnC,iBACC,QAAQ,UAAU,uBAAuB,SACtC,QAAQ,SAAS,qBACjB,QAAQ,GACP,OACA;EACL,iBACC,QAAQ,UAAU,iBAAiB,aACjC,MAAM;AACP,KAAE,YAAY,GAAG;;EAEnB,MAAM,uBACL,SACC;AACD,OAAI;AACH,QAAI,QAAQ,UAAU,iBAAiB,SACtC;SAAI,mBAAmB,QACtB,SAAQ,SAAS,gBAAgB,QAChC,QAAQ,OAAO,MAAM;AACpB,eAAO,MAAM,kCAAkC,EAAE;OAChD,CACF;UAGF,OAAM;YAEC,GAAG;AACX,aAAO,MAAM,kCAAkC,EAAE;;;EAGnD;CAED,MAAM,gBAAgB,cAAc,IAAI;CACxC,IAAIC;AACJ,KAAI,UAAU,cAAc,CAC3B,EAAC,CAAE,WAAY,MAAM;KAErB,EAAC,CAAE,WAAY;AAGhB,QAAO"}
|
|
1
|
+
{"version":3,"file":"create-context.mjs","names":["logger","providers: OAuthProvider[]","generateIdFunc: AuthContext[\"generateId\"]","ctx: AuthContext","context: AuthContext"],"sources":["../../src/context/create-context.ts"],"sourcesContent":["import type { AuthContext, BetterAuthOptions } from \"@better-auth/core\";\nimport { getAuthTables } from \"@better-auth/core/db\";\nimport type { DBAdapter } from \"@better-auth/core/db/adapter\";\nimport { createLogger, env, isProduction, isTest } from \"@better-auth/core/env\";\nimport { BetterAuthError } from \"@better-auth/core/error\";\nimport type { OAuthProvider } from \"@better-auth/core/oauth2\";\nimport type { SocialProviders } from \"@better-auth/core/social-providers\";\nimport { socialProviders } from \"@better-auth/core/social-providers\";\nimport { createTelemetry } from \"@better-auth/telemetry\";\nimport defu from \"defu\";\nimport type { Entries } from \"type-fest\";\nimport { checkEndpointConflicts } from \"../api\";\nimport { matchesOriginPattern } from \"../auth/trusted-origins\";\nimport { createCookieGetter, getCookies } from \"../cookies\";\nimport { hashPassword, verifyPassword } from \"../crypto/password\";\nimport { createInternalAdapter } from \"../db/internal-adapter\";\nimport { generateId } from \"../utils\";\nimport { DEFAULT_SECRET } from \"../utils/constants\";\nimport { isPromise } from \"../utils/is-promise\";\nimport { checkPassword } from \"../utils/password\";\nimport { getBaseURL } from \"../utils/url\";\nimport {\n\tgetInternalPlugins,\n\tgetTrustedOrigins,\n\trunPluginInit,\n} from \"./helpers\";\n\n/**\n * Estimates the entropy of a string in bits.\n * This is a simple approximation that helps detect low-entropy secrets.\n */\nfunction estimateEntropy(str: string): number {\n\tconst unique = new Set(str).size;\n\tif (unique === 0) return 0;\n\treturn Math.log2(Math.pow(unique, str.length));\n}\n\n/**\n * Validates that the secret meets minimum security requirements.\n * Throws BetterAuthError if the secret is invalid.\n * Skips validation for DEFAULT_SECRET in test environments only.\n * Only throws for DEFAULT_SECRET in production environment.\n */\nfunction validateSecret(\n\tsecret: string,\n\tlogger: ReturnType<typeof createLogger>,\n): void {\n\tconst isDefaultSecret = secret === DEFAULT_SECRET;\n\n\tif (isTest()) {\n\t\treturn;\n\t}\n\n\tif (isDefaultSecret && isProduction) {\n\t\tthrow new BetterAuthError(\n\t\t\t\"You are using the default secret. Please set `BETTER_AUTH_SECRET` in your environment variables or pass `secret` in your auth config.\",\n\t\t);\n\t}\n\n\tif (!secret) {\n\t\tthrow new BetterAuthError(\n\t\t\t\"BETTER_AUTH_SECRET is missing. Set it in your environment or pass `secret` to betterAuth({ secret }).\",\n\t\t);\n\t}\n\n\tif (secret.length < 32) {\n\t\tthrow new BetterAuthError(\n\t\t\t`Invalid BETTER_AUTH_SECRET: must be at least 32 characters long for adequate security. Generate one with \\`npx @better-auth/cli secret\\` or \\`openssl rand -base64 32\\`.`,\n\t\t);\n\t}\n\n\t// Optional high-entropy check: warn if entropy appears low\n\tconst entropy = estimateEntropy(secret);\n\tif (entropy < 120) {\n\t\tlogger.warn(\n\t\t\t\"[better-auth] Warning: your BETTER_AUTH_SECRET appears low-entropy. Use a randomly generated secret for production.\",\n\t\t);\n\t}\n}\n\nexport async function createAuthContext(\n\tadapter: DBAdapter<BetterAuthOptions>,\n\toptions: BetterAuthOptions,\n\tgetDatabaseType: (database: BetterAuthOptions[\"database\"]) => string,\n): Promise<AuthContext> {\n\t//set default options for stateless mode\n\tif (!options.database) {\n\t\toptions = defu(options, {\n\t\t\tsession: {\n\t\t\t\tcookieCache: {\n\t\t\t\t\tenabled: true,\n\t\t\t\t\tstrategy: \"jwe\" as const,\n\t\t\t\t\trefreshCache: true,\n\t\t\t\t},\n\t\t\t},\n\t\t\taccount: {\n\t\t\t\tstoreStateStrategy: \"cookie\" as const,\n\t\t\t\tstoreAccountCookie: true,\n\t\t\t},\n\t\t});\n\t}\n\tconst plugins = options.plugins || [];\n\tconst internalPlugins = getInternalPlugins(options);\n\tconst logger = createLogger(options.logger);\n\tconst baseURL = getBaseURL(options.baseURL, options.basePath);\n\n\tif (!baseURL) {\n\t\tlogger.warn(\n\t\t\t`[better-auth] Base URL could not be determined. Please set a valid base URL using the baseURL config option or the BETTER_AUTH_BASE_URL environment variable. Without this, callbacks and redirects may not work correctly.`,\n\t\t);\n\t}\n\n\tconst secret =\n\t\toptions.secret ||\n\t\tenv.BETTER_AUTH_SECRET ||\n\t\tenv.AUTH_SECRET ||\n\t\tDEFAULT_SECRET;\n\n\tvalidateSecret(secret, logger);\n\n\toptions = {\n\t\t...options,\n\t\tsecret,\n\t\tbaseURL: baseURL ? new URL(baseURL).origin : \"\",\n\t\tbasePath: options.basePath || \"/api/auth\",\n\t\tplugins: plugins.concat(internalPlugins),\n\t};\n\n\tcheckEndpointConflicts(options, logger);\n\tconst cookies = getCookies(options);\n\tconst tables = getAuthTables(options);\n\tconst providers: OAuthProvider[] = (\n\t\tObject.entries(\n\t\t\toptions.socialProviders || {},\n\t\t) as unknown as Entries<SocialProviders>\n\t)\n\t\t.map(([key, config]) => {\n\t\t\tif (config == null) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tif (config.enabled === false) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tif (!config.clientId) {\n\t\t\t\tlogger.warn(\n\t\t\t\t\t`Social provider ${key} is missing clientId or clientSecret`,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst provider = socialProviders[key](config as never);\n\t\t\t(provider as OAuthProvider).disableImplicitSignUp =\n\t\t\t\tconfig.disableImplicitSignUp;\n\t\t\treturn provider;\n\t\t})\n\t\t.filter((x) => x !== null);\n\n\tconst generateIdFunc: AuthContext[\"generateId\"] = ({ model, size }) => {\n\t\tif (typeof (options.advanced as any)?.generateId === \"function\") {\n\t\t\treturn (options.advanced as any).generateId({ model, size });\n\t\t}\n\t\tif (typeof options?.advanced?.database?.generateId === \"function\") {\n\t\t\treturn options.advanced.database.generateId({ model, size });\n\t\t}\n\t\treturn generateId(size);\n\t};\n\n\tconst { publish } = await createTelemetry(options, {\n\t\tadapter: adapter.id,\n\t\tdatabase:\n\t\t\ttypeof options.database === \"function\"\n\t\t\t\t? \"adapter\"\n\t\t\t\t: getDatabaseType(options.database),\n\t});\n\n\tlet ctx: AuthContext = {\n\t\tappName: options.appName || \"Better Auth\",\n\t\tsocialProviders: providers,\n\t\toptions,\n\t\toauthConfig: {\n\t\t\tstoreStateStrategy:\n\t\t\t\toptions.account?.storeStateStrategy ||\n\t\t\t\t(options.database ? \"database\" : \"cookie\"),\n\t\t\tskipStateCookieCheck: !!options.account?.skipStateCookieCheck,\n\t\t},\n\t\ttables,\n\t\ttrustedOrigins: await getTrustedOrigins(options),\n\t\tisTrustedOrigin(\n\t\t\turl: string,\n\t\t\tsettings?: {\n\t\t\t\tallowRelativePaths: boolean;\n\t\t\t},\n\t\t) {\n\t\t\treturn ctx.trustedOrigins.some((origin) =>\n\t\t\t\tmatchesOriginPattern(url, origin, settings),\n\t\t\t);\n\t\t},\n\t\tbaseURL: baseURL || \"\",\n\t\tsessionConfig: {\n\t\t\tupdateAge:\n\t\t\t\toptions.session?.updateAge !== undefined\n\t\t\t\t\t? options.session.updateAge\n\t\t\t\t\t: 24 * 60 * 60,\n\t\t\texpiresIn: options.session?.expiresIn || 60 * 60 * 24 * 7,\n\t\t\tfreshAge:\n\t\t\t\toptions.session?.freshAge === undefined\n\t\t\t\t\t? 60 * 60 * 24\n\t\t\t\t\t: options.session.freshAge,\n\t\t\tcookieRefreshCache: (() => {\n\t\t\t\tconst refreshCache = options.session?.cookieCache?.refreshCache;\n\t\t\t\tconst maxAge = options.session?.cookieCache?.maxAge || 60 * 5;\n\n\t\t\t\t// `refreshCache` is intended for fully stateless / DB-less setups.\n\t\t\t\t// If a server-side store is configured, prefer fetching/refreshing from that source\n\t\t\t\t// and disable stateless refresh behavior to avoid confusing/unsafe configurations.\n\t\t\t\tconst isStateful = !!options.database || !!options.secondaryStorage;\n\t\t\t\tif (isStateful && refreshCache) {\n\t\t\t\t\tlogger.warn(\n\t\t\t\t\t\t\"[better-auth] `session.cookieCache.refreshCache` is enabled while `database` or `secondaryStorage` is configured. `refreshCache` is meant for stateless (DB-less) setups. Disabling `refreshCache` — remove it from your config to silence this warning.\",\n\t\t\t\t\t);\n\t\t\t\t\treturn false;\n\t\t\t\t}\n\n\t\t\t\tif (refreshCache === false || refreshCache === undefined) {\n\t\t\t\t\treturn false;\n\t\t\t\t}\n\n\t\t\t\tif (refreshCache === true) {\n\t\t\t\t\treturn {\n\t\t\t\t\t\tenabled: true,\n\t\t\t\t\t\tupdateAge: Math.floor(maxAge * 0.2),\n\t\t\t\t\t};\n\t\t\t\t}\n\n\t\t\t\treturn {\n\t\t\t\t\tenabled: true,\n\t\t\t\t\tupdateAge:\n\t\t\t\t\t\trefreshCache.updateAge !== undefined\n\t\t\t\t\t\t\t? refreshCache.updateAge\n\t\t\t\t\t\t\t: Math.floor(maxAge * 0.2),\n\t\t\t\t};\n\t\t\t})(),\n\t\t},\n\t\tsecret,\n\t\trateLimit: {\n\t\t\t...options.rateLimit,\n\t\t\tenabled: options.rateLimit?.enabled ?? isProduction,\n\t\t\twindow: options.rateLimit?.window || 10,\n\t\t\tmax: options.rateLimit?.max || 100,\n\t\t\tstorage:\n\t\t\t\toptions.rateLimit?.storage ||\n\t\t\t\t(options.secondaryStorage ? \"secondary-storage\" : \"memory\"),\n\t\t},\n\t\tauthCookies: cookies,\n\t\tlogger,\n\t\tgenerateId: generateIdFunc,\n\t\tsession: null,\n\t\tsecondaryStorage: options.secondaryStorage,\n\t\tpassword: {\n\t\t\thash: options.emailAndPassword?.password?.hash || hashPassword,\n\t\t\tverify: options.emailAndPassword?.password?.verify || verifyPassword,\n\t\t\tconfig: {\n\t\t\t\tminPasswordLength: options.emailAndPassword?.minPasswordLength || 8,\n\t\t\t\tmaxPasswordLength: options.emailAndPassword?.maxPasswordLength || 128,\n\t\t\t},\n\t\t\tcheckPassword,\n\t\t},\n\t\tsetNewSession(session) {\n\t\t\tthis.newSession = session;\n\t\t},\n\t\tnewSession: null,\n\t\tadapter: adapter,\n\t\tinternalAdapter: createInternalAdapter(adapter, {\n\t\t\toptions,\n\t\t\tlogger,\n\t\t\thooks: options.databaseHooks ? [options.databaseHooks] : [],\n\t\t\tgenerateId: generateIdFunc,\n\t\t}),\n\t\tcreateAuthCookie: createCookieGetter(options),\n\t\tasync runMigrations() {\n\t\t\tthrow new BetterAuthError(\n\t\t\t\t\"runMigrations will be set by the specific init implementation\",\n\t\t\t);\n\t\t},\n\t\tpublishTelemetry: publish,\n\t\tskipCSRFCheck: !!options.advanced?.disableCSRFCheck,\n\t\tskipOriginCheck:\n\t\t\toptions.advanced?.disableOriginCheck !== undefined\n\t\t\t\t? options.advanced.disableOriginCheck\n\t\t\t\t: isTest()\n\t\t\t\t\t? true\n\t\t\t\t\t: false,\n\t\trunInBackground:\n\t\t\toptions.advanced?.backgroundTasks?.handler ??\n\t\t\t((p) => {\n\t\t\t\tp.catch(() => {});\n\t\t\t}),\n\t\tasync runInBackgroundOrAwait(\n\t\t\tpromise: Promise<unknown> | Promise<void> | void | unknown,\n\t\t) {\n\t\t\ttry {\n\t\t\t\tif (options.advanced?.backgroundTasks?.handler) {\n\t\t\t\t\tif (promise instanceof Promise) {\n\t\t\t\t\t\toptions.advanced.backgroundTasks.handler(\n\t\t\t\t\t\t\tpromise.catch((e) => {\n\t\t\t\t\t\t\t\tlogger.error(\"Failed to run background task:\", e);\n\t\t\t\t\t\t\t}),\n\t\t\t\t\t\t);\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\tawait promise;\n\t\t\t\t}\n\t\t\t} catch (e) {\n\t\t\t\tlogger.error(\"Failed to run background task:\", e);\n\t\t\t}\n\t\t},\n\t};\n\n\tconst initOrPromise = runPluginInit(ctx);\n\tlet context: AuthContext;\n\tif (isPromise(initOrPromise)) {\n\t\t({ context } = await initOrPromise);\n\t} else {\n\t\t({ context } = initOrPromise);\n\t}\n\n\treturn context;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AA+BA,SAAS,gBAAgB,KAAqB;CAC7C,MAAM,SAAS,IAAI,IAAI,IAAI,CAAC;AAC5B,KAAI,WAAW,EAAG,QAAO;AACzB,QAAO,KAAK,KAAK,KAAK,IAAI,QAAQ,IAAI,OAAO,CAAC;;;;;;;;AAS/C,SAAS,eACR,QACA,UACO;CACP,MAAM,kBAAkB,WAAW;AAEnC,KAAI,QAAQ,CACX;AAGD,KAAI,mBAAmB,aACtB,OAAM,IAAI,gBACT,wIACA;AAGF,KAAI,CAAC,OACJ,OAAM,IAAI,gBACT,wGACA;AAGF,KAAI,OAAO,SAAS,GACnB,OAAM,IAAI,gBACT,2KACA;AAKF,KADgB,gBAAgB,OAAO,GACzB,IACb,UAAO,KACN,sHACA;;AAIH,eAAsB,kBACrB,SACA,SACA,iBACuB;AAEvB,KAAI,CAAC,QAAQ,SACZ,WAAU,KAAK,SAAS;EACvB,SAAS,EACR,aAAa;GACZ,SAAS;GACT,UAAU;GACV,cAAc;GACd,EACD;EACD,SAAS;GACR,oBAAoB;GACpB,oBAAoB;GACpB;EACD,CAAC;CAEH,MAAM,UAAU,QAAQ,WAAW,EAAE;CACrC,MAAM,kBAAkB,mBAAmB,QAAQ;CACnD,MAAMA,WAAS,aAAa,QAAQ,OAAO;CAC3C,MAAM,UAAU,WAAW,QAAQ,SAAS,QAAQ,SAAS;AAE7D,KAAI,CAAC,QACJ,UAAO,KACN,8NACA;CAGF,MAAM,SACL,QAAQ,UACR,IAAI,sBACJ,IAAI,eACJ;AAED,gBAAe,QAAQA,SAAO;AAE9B,WAAU;EACT,GAAG;EACH;EACA,SAAS,UAAU,IAAI,IAAI,QAAQ,CAAC,SAAS;EAC7C,UAAU,QAAQ,YAAY;EAC9B,SAAS,QAAQ,OAAO,gBAAgB;EACxC;AAED,wBAAuB,SAASA,SAAO;CACvC,MAAM,UAAU,WAAW,QAAQ;CACnC,MAAM,SAAS,cAAc,QAAQ;CACrC,MAAMC,YACL,OAAO,QACN,QAAQ,mBAAmB,EAAE,CAC7B,CAEA,KAAK,CAAC,KAAK,YAAY;AACvB,MAAI,UAAU,KACb,QAAO;AAER,MAAI,OAAO,YAAY,MACtB,QAAO;AAER,MAAI,CAAC,OAAO,SACX,UAAO,KACN,mBAAmB,IAAI,sCACvB;EAEF,MAAM,WAAW,gBAAgB,KAAK,OAAgB;AACtD,EAAC,SAA2B,wBAC3B,OAAO;AACR,SAAO;GACN,CACD,QAAQ,MAAM,MAAM,KAAK;CAE3B,MAAMC,kBAA6C,EAAE,OAAO,WAAW;AACtE,MAAI,OAAQ,QAAQ,UAAkB,eAAe,WACpD,QAAQ,QAAQ,SAAiB,WAAW;GAAE;GAAO;GAAM,CAAC;AAE7D,MAAI,OAAO,SAAS,UAAU,UAAU,eAAe,WACtD,QAAO,QAAQ,SAAS,SAAS,WAAW;GAAE;GAAO;GAAM,CAAC;AAE7D,SAAO,WAAW,KAAK;;CAGxB,MAAM,EAAE,YAAY,MAAM,gBAAgB,SAAS;EAClD,SAAS,QAAQ;EACjB,UACC,OAAO,QAAQ,aAAa,aACzB,YACA,gBAAgB,QAAQ,SAAS;EACrC,CAAC;CAEF,IAAIC,MAAmB;EACtB,SAAS,QAAQ,WAAW;EAC5B,iBAAiB;EACjB;EACA,aAAa;GACZ,oBACC,QAAQ,SAAS,uBAChB,QAAQ,WAAW,aAAa;GAClC,sBAAsB,CAAC,CAAC,QAAQ,SAAS;GACzC;EACD;EACA,gBAAgB,MAAM,kBAAkB,QAAQ;EAChD,gBACC,KACA,UAGC;AACD,UAAO,IAAI,eAAe,MAAM,WAC/B,qBAAqB,KAAK,QAAQ,SAAS,CAC3C;;EAEF,SAAS,WAAW;EACpB,eAAe;GACd,WACC,QAAQ,SAAS,cAAc,SAC5B,QAAQ,QAAQ,YAChB,OAAU;GACd,WAAW,QAAQ,SAAS,aAAa,OAAU,KAAK;GACxD,UACC,QAAQ,SAAS,aAAa,SAC3B,OAAU,KACV,QAAQ,QAAQ;GACpB,2BAA2B;IAC1B,MAAM,eAAe,QAAQ,SAAS,aAAa;IACnD,MAAM,SAAS,QAAQ,SAAS,aAAa,UAAU;AAMvD,SADmB,CAAC,CAAC,QAAQ,YAAY,CAAC,CAAC,QAAQ,qBACjC,cAAc;AAC/B,cAAO,KACN,2PACA;AACD,YAAO;;AAGR,QAAI,iBAAiB,SAAS,iBAAiB,OAC9C,QAAO;AAGR,QAAI,iBAAiB,KACpB,QAAO;KACN,SAAS;KACT,WAAW,KAAK,MAAM,SAAS,GAAI;KACnC;AAGF,WAAO;KACN,SAAS;KACT,WACC,aAAa,cAAc,SACxB,aAAa,YACb,KAAK,MAAM,SAAS,GAAI;KAC5B;OACE;GACJ;EACD;EACA,WAAW;GACV,GAAG,QAAQ;GACX,SAAS,QAAQ,WAAW,WAAW;GACvC,QAAQ,QAAQ,WAAW,UAAU;GACrC,KAAK,QAAQ,WAAW,OAAO;GAC/B,SACC,QAAQ,WAAW,YAClB,QAAQ,mBAAmB,sBAAsB;GACnD;EACD,aAAa;EACb;EACA,YAAY;EACZ,SAAS;EACT,kBAAkB,QAAQ;EAC1B,UAAU;GACT,MAAM,QAAQ,kBAAkB,UAAU,QAAQ;GAClD,QAAQ,QAAQ,kBAAkB,UAAU,UAAU;GACtD,QAAQ;IACP,mBAAmB,QAAQ,kBAAkB,qBAAqB;IAClE,mBAAmB,QAAQ,kBAAkB,qBAAqB;IAClE;GACD;GACA;EACD,cAAc,SAAS;AACtB,QAAK,aAAa;;EAEnB,YAAY;EACH;EACT,iBAAiB,sBAAsB,SAAS;GAC/C;GACA;GACA,OAAO,QAAQ,gBAAgB,CAAC,QAAQ,cAAc,GAAG,EAAE;GAC3D,YAAY;GACZ,CAAC;EACF,kBAAkB,mBAAmB,QAAQ;EAC7C,MAAM,gBAAgB;AACrB,SAAM,IAAI,gBACT,gEACA;;EAEF,kBAAkB;EAClB,eAAe,CAAC,CAAC,QAAQ,UAAU;EACnC,iBACC,QAAQ,UAAU,uBAAuB,SACtC,QAAQ,SAAS,qBACjB,QAAQ,GACP,OACA;EACL,iBACC,QAAQ,UAAU,iBAAiB,aACjC,MAAM;AACP,KAAE,YAAY,GAAG;;EAEnB,MAAM,uBACL,SACC;AACD,OAAI;AACH,QAAI,QAAQ,UAAU,iBAAiB,SACtC;SAAI,mBAAmB,QACtB,SAAQ,SAAS,gBAAgB,QAChC,QAAQ,OAAO,MAAM;AACpB,eAAO,MAAM,kCAAkC,EAAE;OAChD,CACF;UAGF,OAAM;YAEC,GAAG;AACX,aAAO,MAAM,kCAAkC,EAAE;;;EAGnD;CAED,MAAM,gBAAgB,cAAc,IAAI;CACxC,IAAIC;AACJ,KAAI,UAAU,cAAc,CAC3B,EAAC,CAAE,WAAY,MAAM;KAErB,EAAC,CAAE,WAAY;AAGhB,QAAO"}
|
package/dist/context/helpers.mjs
CHANGED
|
@@ -3,7 +3,7 @@ import { getBaseURL } from "../utils/url.mjs";
|
|
|
3
3
|
import { isPromise } from "../utils/is-promise.mjs";
|
|
4
4
|
import { env } from "@better-auth/core/env";
|
|
5
5
|
import { BetterAuthError } from "@better-auth/core/error";
|
|
6
|
-
import { defu } from "defu";
|
|
6
|
+
import { defu as defu$1 } from "defu";
|
|
7
7
|
|
|
8
8
|
//#region src/context/helpers.ts
|
|
9
9
|
async function runPluginInit(ctx) {
|
|
@@ -20,7 +20,7 @@ async function runPluginInit(ctx) {
|
|
|
20
20
|
if (result.options) {
|
|
21
21
|
const { databaseHooks, ...restOpts } = result.options;
|
|
22
22
|
if (databaseHooks) dbHooks.push(databaseHooks);
|
|
23
|
-
options = defu(options, restOpts);
|
|
23
|
+
options = defu$1(options, restOpts);
|
|
24
24
|
}
|
|
25
25
|
if (result.context) context = {
|
|
26
26
|
...context,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"helpers.mjs","names":["context: AuthContext","dbHooks: BetterAuthOptions[\"databaseHooks\"][]","result: ReturnType<Required<BetterAuthPlugin>[\"init\"]>","plugins: BetterAuthPlugin[]"],"sources":["../../src/context/helpers.ts"],"sourcesContent":["import type {\n\tAuthContext,\n\tBetterAuthOptions,\n\tBetterAuthPlugin,\n} from \"@better-auth/core\";\nimport { env } from \"@better-auth/core/env\";\nimport { BetterAuthError } from \"@better-auth/core/error\";\nimport { defu } from \"defu\";\nimport { createInternalAdapter } from \"../db/internal-adapter\";\nimport { isPromise } from \"../utils/is-promise\";\nimport { getBaseURL } from \"../utils/url\";\n\nexport async function runPluginInit(ctx: AuthContext) {\n\tlet options = ctx.options;\n\tconst plugins = options.plugins || [];\n\tlet context: AuthContext = ctx;\n\tconst dbHooks: BetterAuthOptions[\"databaseHooks\"][] = [];\n\tfor (const plugin of plugins) {\n\t\tif (plugin.init) {\n\t\t\tlet initPromise = plugin.init(context);\n\t\t\tlet result: ReturnType<Required<BetterAuthPlugin>[\"init\"]>;\n\t\t\tif (isPromise(initPromise)) {\n\t\t\t\tresult = await initPromise;\n\t\t\t} else {\n\t\t\t\tresult = initPromise;\n\t\t\t}\n\t\t\tif (typeof result === \"object\") {\n\t\t\t\tif (result.options) {\n\t\t\t\t\tconst { databaseHooks, ...restOpts } = result.options;\n\t\t\t\t\tif (databaseHooks) {\n\t\t\t\t\t\tdbHooks.push(databaseHooks);\n\t\t\t\t\t}\n\t\t\t\t\toptions = defu(options, restOpts);\n\t\t\t\t}\n\t\t\t\tif (result.context) {\n\t\t\t\t\tcontext = {\n\t\t\t\t\t\t...context,\n\t\t\t\t\t\t...(result.context as Partial<AuthContext>),\n\t\t\t\t\t};\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n\t// Add the global database hooks last\n\tdbHooks.push(options.databaseHooks);\n\tcontext.internalAdapter = createInternalAdapter(context.adapter, {\n\t\toptions,\n\t\tlogger: context.logger,\n\t\thooks: dbHooks.filter((u) => u !== undefined),\n\t\tgenerateId: context.generateId,\n\t});\n\tcontext.options = options;\n\treturn { context };\n}\n\nexport function getInternalPlugins(options: BetterAuthOptions) {\n\tconst plugins: BetterAuthPlugin[] = [];\n\tif (options.advanced?.crossSubDomainCookies?.enabled) {\n\t\t// TODO: add internal plugin\n\t}\n\treturn plugins;\n}\n\nexport async function getTrustedOrigins(\n\toptions: BetterAuthOptions,\n\trequest?: Request,\n) {\n\tconst baseURL = getBaseURL(options.baseURL, options.basePath);\n\tconst trustedOrigins = baseURL ? [new URL(baseURL).origin] : [];\n\tif (options.trustedOrigins) {\n\t\tif (Array.isArray(options.trustedOrigins)) {\n\t\t\ttrustedOrigins.push(...options.trustedOrigins);\n\t\t}\n\t\tif (typeof options.trustedOrigins === \"function\") {\n\t\t\ttrustedOrigins.push(...(await options.trustedOrigins(request)));\n\t\t}\n\t}\n\tconst envTrustedOrigins = env.BETTER_AUTH_TRUSTED_ORIGINS;\n\tif (envTrustedOrigins) {\n\t\ttrustedOrigins.push(...envTrustedOrigins.split(\",\"));\n\t}\n\tif (trustedOrigins.filter((x) => !x).length) {\n\t\tthrow new BetterAuthError(\n\t\t\t\"A provided trusted origin is invalid, make sure your trusted origins list is properly defined.\",\n\t\t);\n\t}\n\treturn trustedOrigins;\n}\n"],"mappings":";;;;;;;;AAYA,eAAsB,cAAc,KAAkB;CACrD,IAAI,UAAU,IAAI;CAClB,MAAM,UAAU,QAAQ,WAAW,EAAE;CACrC,IAAIA,UAAuB;CAC3B,MAAMC,UAAgD,EAAE;AACxD,MAAK,MAAM,UAAU,QACpB,KAAI,OAAO,MAAM;EAChB,IAAI,cAAc,OAAO,KAAK,QAAQ;EACtC,IAAIC;AACJ,MAAI,UAAU,YAAY,CACzB,UAAS,MAAM;MAEf,UAAS;AAEV,MAAI,OAAO,WAAW,UAAU;AAC/B,OAAI,OAAO,SAAS;IACnB,MAAM,EAAE,eAAe,GAAG,aAAa,OAAO;AAC9C,QAAI,cACH,SAAQ,KAAK,cAAc;AAE5B,
|
|
1
|
+
{"version":3,"file":"helpers.mjs","names":["context: AuthContext","dbHooks: BetterAuthOptions[\"databaseHooks\"][]","result: ReturnType<Required<BetterAuthPlugin>[\"init\"]>","defu","plugins: BetterAuthPlugin[]"],"sources":["../../src/context/helpers.ts"],"sourcesContent":["import type {\n\tAuthContext,\n\tBetterAuthOptions,\n\tBetterAuthPlugin,\n} from \"@better-auth/core\";\nimport { env } from \"@better-auth/core/env\";\nimport { BetterAuthError } from \"@better-auth/core/error\";\nimport { defu } from \"defu\";\nimport { createInternalAdapter } from \"../db/internal-adapter\";\nimport { isPromise } from \"../utils/is-promise\";\nimport { getBaseURL } from \"../utils/url\";\n\nexport async function runPluginInit(ctx: AuthContext) {\n\tlet options = ctx.options;\n\tconst plugins = options.plugins || [];\n\tlet context: AuthContext = ctx;\n\tconst dbHooks: BetterAuthOptions[\"databaseHooks\"][] = [];\n\tfor (const plugin of plugins) {\n\t\tif (plugin.init) {\n\t\t\tlet initPromise = plugin.init(context);\n\t\t\tlet result: ReturnType<Required<BetterAuthPlugin>[\"init\"]>;\n\t\t\tif (isPromise(initPromise)) {\n\t\t\t\tresult = await initPromise;\n\t\t\t} else {\n\t\t\t\tresult = initPromise;\n\t\t\t}\n\t\t\tif (typeof result === \"object\") {\n\t\t\t\tif (result.options) {\n\t\t\t\t\tconst { databaseHooks, ...restOpts } = result.options;\n\t\t\t\t\tif (databaseHooks) {\n\t\t\t\t\t\tdbHooks.push(databaseHooks);\n\t\t\t\t\t}\n\t\t\t\t\toptions = defu(options, restOpts);\n\t\t\t\t}\n\t\t\t\tif (result.context) {\n\t\t\t\t\tcontext = {\n\t\t\t\t\t\t...context,\n\t\t\t\t\t\t...(result.context as Partial<AuthContext>),\n\t\t\t\t\t};\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n\t// Add the global database hooks last\n\tdbHooks.push(options.databaseHooks);\n\tcontext.internalAdapter = createInternalAdapter(context.adapter, {\n\t\toptions,\n\t\tlogger: context.logger,\n\t\thooks: dbHooks.filter((u) => u !== undefined),\n\t\tgenerateId: context.generateId,\n\t});\n\tcontext.options = options;\n\treturn { context };\n}\n\nexport function getInternalPlugins(options: BetterAuthOptions) {\n\tconst plugins: BetterAuthPlugin[] = [];\n\tif (options.advanced?.crossSubDomainCookies?.enabled) {\n\t\t// TODO: add internal plugin\n\t}\n\treturn plugins;\n}\n\nexport async function getTrustedOrigins(\n\toptions: BetterAuthOptions,\n\trequest?: Request,\n) {\n\tconst baseURL = getBaseURL(options.baseURL, options.basePath);\n\tconst trustedOrigins = baseURL ? [new URL(baseURL).origin] : [];\n\tif (options.trustedOrigins) {\n\t\tif (Array.isArray(options.trustedOrigins)) {\n\t\t\ttrustedOrigins.push(...options.trustedOrigins);\n\t\t}\n\t\tif (typeof options.trustedOrigins === \"function\") {\n\t\t\ttrustedOrigins.push(...(await options.trustedOrigins(request)));\n\t\t}\n\t}\n\tconst envTrustedOrigins = env.BETTER_AUTH_TRUSTED_ORIGINS;\n\tif (envTrustedOrigins) {\n\t\ttrustedOrigins.push(...envTrustedOrigins.split(\",\"));\n\t}\n\tif (trustedOrigins.filter((x) => !x).length) {\n\t\tthrow new BetterAuthError(\n\t\t\t\"A provided trusted origin is invalid, make sure your trusted origins list is properly defined.\",\n\t\t);\n\t}\n\treturn trustedOrigins;\n}\n"],"mappings":";;;;;;;;AAYA,eAAsB,cAAc,KAAkB;CACrD,IAAI,UAAU,IAAI;CAClB,MAAM,UAAU,QAAQ,WAAW,EAAE;CACrC,IAAIA,UAAuB;CAC3B,MAAMC,UAAgD,EAAE;AACxD,MAAK,MAAM,UAAU,QACpB,KAAI,OAAO,MAAM;EAChB,IAAI,cAAc,OAAO,KAAK,QAAQ;EACtC,IAAIC;AACJ,MAAI,UAAU,YAAY,CACzB,UAAS,MAAM;MAEf,UAAS;AAEV,MAAI,OAAO,WAAW,UAAU;AAC/B,OAAI,OAAO,SAAS;IACnB,MAAM,EAAE,eAAe,GAAG,aAAa,OAAO;AAC9C,QAAI,cACH,SAAQ,KAAK,cAAc;AAE5B,cAAUC,OAAK,SAAS,SAAS;;AAElC,OAAI,OAAO,QACV,WAAU;IACT,GAAG;IACH,GAAI,OAAO;IACX;;;AAML,SAAQ,KAAK,QAAQ,cAAc;AACnC,SAAQ,kBAAkB,sBAAsB,QAAQ,SAAS;EAChE;EACA,QAAQ,QAAQ;EAChB,OAAO,QAAQ,QAAQ,MAAM,MAAM,OAAU;EAC7C,YAAY,QAAQ;EACpB,CAAC;AACF,SAAQ,UAAU;AAClB,QAAO,EAAE,SAAS;;AAGnB,SAAgB,mBAAmB,SAA4B;CAC9D,MAAMC,UAA8B,EAAE;AACtC,KAAI,QAAQ,UAAU,uBAAuB,SAAS;AAGtD,QAAO;;AAGR,eAAsB,kBACrB,SACA,SACC;CACD,MAAM,UAAU,WAAW,QAAQ,SAAS,QAAQ,SAAS;CAC7D,MAAM,iBAAiB,UAAU,CAAC,IAAI,IAAI,QAAQ,CAAC,OAAO,GAAG,EAAE;AAC/D,KAAI,QAAQ,gBAAgB;AAC3B,MAAI,MAAM,QAAQ,QAAQ,eAAe,CACxC,gBAAe,KAAK,GAAG,QAAQ,eAAe;AAE/C,MAAI,OAAO,QAAQ,mBAAmB,WACrC,gBAAe,KAAK,GAAI,MAAM,QAAQ,eAAe,QAAQ,CAAE;;CAGjE,MAAM,oBAAoB,IAAI;AAC9B,KAAI,kBACH,gBAAe,KAAK,GAAG,kBAAkB,MAAM,IAAI,CAAC;AAErD,KAAI,eAAe,QAAQ,MAAM,CAAC,EAAE,CAAC,OACpC,OAAM,IAAI,gBACT,iGACA;AAEF,QAAO"}
|
package/dist/db/field.d.mts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import * as
|
|
1
|
+
import * as _better_auth_core21 from "@better-auth/core";
|
|
2
2
|
import { BetterAuthOptions } from "@better-auth/core";
|
|
3
|
-
import * as
|
|
3
|
+
import * as _better_auth_core_db7 from "@better-auth/core/db";
|
|
4
4
|
import { DBFieldAttribute, DBFieldAttributeConfig, DBFieldType } from "@better-auth/core/db";
|
|
5
5
|
import * as _standard_schema_spec0 from "@standard-schema/spec";
|
|
6
6
|
|
|
@@ -9,11 +9,11 @@ declare const createFieldAttribute: <T extends DBFieldType, C extends DBFieldAtt
|
|
|
9
9
|
required?: boolean | undefined;
|
|
10
10
|
returned?: boolean | undefined;
|
|
11
11
|
input?: boolean | undefined;
|
|
12
|
-
defaultValue?: (
|
|
13
|
-
onUpdate?: (() =>
|
|
12
|
+
defaultValue?: (_better_auth_core_db7.DBPrimitive | (() => _better_auth_core_db7.DBPrimitive)) | undefined;
|
|
13
|
+
onUpdate?: (() => _better_auth_core_db7.DBPrimitive) | undefined;
|
|
14
14
|
transform?: {
|
|
15
|
-
input?: (value:
|
|
16
|
-
output?: (value:
|
|
15
|
+
input?: (value: _better_auth_core_db7.DBPrimitive) => _better_auth_core21.Awaitable<_better_auth_core_db7.DBPrimitive>;
|
|
16
|
+
output?: (value: _better_auth_core_db7.DBPrimitive) => _better_auth_core21.Awaitable<_better_auth_core_db7.DBPrimitive>;
|
|
17
17
|
} | undefined;
|
|
18
18
|
references?: {
|
|
19
19
|
model: string;
|
package/dist/db/schema.mjs
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { APIError } from "better-
|
|
1
|
+
import { APIError, BASE_ERROR_CODES } from "@better-auth/core/error";
|
|
2
2
|
|
|
3
3
|
//#region src/db/schema.ts
|
|
4
4
|
const cache = /* @__PURE__ */ new WeakMap();
|
|
@@ -56,13 +56,19 @@ function parseInputData(data, schema) {
|
|
|
56
56
|
continue;
|
|
57
57
|
}
|
|
58
58
|
}
|
|
59
|
-
if (data[key]) throw
|
|
59
|
+
if (data[key]) throw APIError.from("BAD_REQUEST", {
|
|
60
|
+
...BASE_ERROR_CODES.FIELD_NOT_ALLOWED,
|
|
61
|
+
message: `${key} is not allowed to be set`
|
|
62
|
+
});
|
|
60
63
|
continue;
|
|
61
64
|
}
|
|
62
65
|
if (fields[key].validator?.input && data[key] !== void 0) {
|
|
63
66
|
const result = fields[key].validator.input["~standard"].validate(data[key]);
|
|
64
|
-
if (result instanceof Promise) throw
|
|
65
|
-
if ("issues" in result && result.issues) throw
|
|
67
|
+
if (result instanceof Promise) throw APIError.from("INTERNAL_SERVER_ERROR", BASE_ERROR_CODES.ASYNC_VALIDATION_NOT_SUPPORTED);
|
|
68
|
+
if ("issues" in result && result.issues) throw APIError.from("BAD_REQUEST", {
|
|
69
|
+
...BASE_ERROR_CODES.VALIDATION_ERROR,
|
|
70
|
+
message: result.issues[0]?.message || "Validation Error"
|
|
71
|
+
});
|
|
66
72
|
parsedData[key] = result.value;
|
|
67
73
|
continue;
|
|
68
74
|
}
|
|
@@ -81,7 +87,10 @@ function parseInputData(data, schema) {
|
|
|
81
87
|
parsedData[key] = fields[key].defaultValue;
|
|
82
88
|
continue;
|
|
83
89
|
}
|
|
84
|
-
if (fields[key].required && action === "create") throw
|
|
90
|
+
if (fields[key].required && action === "create") throw APIError.from("BAD_REQUEST", {
|
|
91
|
+
...BASE_ERROR_CODES.MISSING_FIELD,
|
|
92
|
+
message: `${key} is required`
|
|
93
|
+
});
|
|
85
94
|
}
|
|
86
95
|
return parsedData;
|
|
87
96
|
}
|
package/dist/db/schema.mjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"schema.mjs","names":["parsedData: Record<string, any>","schema: Record<string, DBFieldAttribute>"],"sources":["../../src/db/schema.ts"],"sourcesContent":["import type { BetterAuthOptions } from \"@better-auth/core\";\nimport type {\n\tBetterAuthPluginDBSchema,\n\tDBFieldAttribute,\n} from \"@better-auth/core/db\";\nimport { APIError } from \"better-
|
|
1
|
+
{"version":3,"file":"schema.mjs","names":["parsedData: Record<string, any>","schema: Record<string, DBFieldAttribute>"],"sources":["../../src/db/schema.ts"],"sourcesContent":["import type { BetterAuthOptions } from \"@better-auth/core\";\nimport type {\n\tBetterAuthPluginDBSchema,\n\tDBFieldAttribute,\n} from \"@better-auth/core/db\";\nimport { APIError, BASE_ERROR_CODES } from \"@better-auth/core/error\";\nimport type { Account, Session, User } from \"../types\";\n\n// Cache for parsed schemas to avoid reparsing on every request\nconst cache = new WeakMap<\n\tBetterAuthOptions,\n\tMap<string, Record<string, DBFieldAttribute>>\n>();\n\nfunction parseOutputData<T extends Record<string, any>>(\n\tdata: T,\n\tschema: {\n\t\tfields: Record<string, DBFieldAttribute>;\n\t},\n) {\n\tconst fields = schema.fields;\n\tconst parsedData: Record<string, any> = {};\n\tfor (const key in data) {\n\t\tconst field = fields[key];\n\t\tif (!field) {\n\t\t\tparsedData[key] = data[key];\n\t\t\tcontinue;\n\t\t}\n\t\tif (field.returned === false) {\n\t\t\tcontinue;\n\t\t}\n\t\tparsedData[key] = data[key];\n\t}\n\treturn parsedData as T;\n}\n\nfunction getAllFields(options: BetterAuthOptions, table: string) {\n\tif (!cache.has(options)) {\n\t\tcache.set(options, new Map());\n\t}\n\tconst tableCache = cache.get(options)!;\n\tif (tableCache.has(table)) {\n\t\treturn tableCache.get(table)!;\n\t}\n\tlet schema: Record<string, DBFieldAttribute> = {\n\t\t...(table === \"user\" ? options.user?.additionalFields : {}),\n\t\t...(table === \"session\" ? options.session?.additionalFields : {}),\n\t};\n\tfor (const plugin of options.plugins || []) {\n\t\tif (plugin.schema && plugin.schema[table]) {\n\t\t\tschema = {\n\t\t\t\t...schema,\n\t\t\t\t...plugin.schema[table].fields,\n\t\t\t};\n\t\t}\n\t}\n\tcache.get(options)!.set(table, schema);\n\treturn schema;\n}\n\nexport function parseUserOutput(options: BetterAuthOptions, user: User) {\n\tconst schema = getAllFields(options, \"user\");\n\treturn {\n\t\t...parseOutputData(user, { fields: schema }),\n\t\tid: user.id,\n\t};\n}\n\nexport function parseAccountOutput(\n\toptions: BetterAuthOptions,\n\taccount: Account,\n) {\n\tconst schema = getAllFields(options, \"account\");\n\treturn parseOutputData(account, { fields: schema });\n}\n\nexport function parseSessionOutput(\n\toptions: BetterAuthOptions,\n\tsession: Session,\n) {\n\tconst schema = getAllFields(options, \"session\");\n\treturn parseOutputData(session, { fields: schema });\n}\n\nexport function parseInputData<T extends Record<string, any>>(\n\tdata: T,\n\tschema: {\n\t\tfields: Record<string, DBFieldAttribute>;\n\t\taction?: (\"create\" | \"update\") | undefined;\n\t},\n) {\n\tconst action = schema.action || \"create\";\n\tconst fields = schema.fields;\n\tconst parsedData: Record<string, any> = Object.assign(\n\t\tObject.create(null),\n\t\tnull,\n\t);\n\tfor (const key in fields) {\n\t\tif (key in data) {\n\t\t\tif (fields[key]!.input === false) {\n\t\t\t\tif (fields[key]!.defaultValue !== undefined) {\n\t\t\t\t\tif (action !== \"update\") {\n\t\t\t\t\t\tparsedData[key] = fields[key]!.defaultValue;\n\t\t\t\t\t\tcontinue;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tif (data[key]) {\n\t\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", {\n\t\t\t\t\t\t...BASE_ERROR_CODES.FIELD_NOT_ALLOWED,\n\t\t\t\t\t\tmessage: `${key} is not allowed to be set`,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t\tcontinue;\n\t\t\t}\n\t\t\tif (fields[key]!.validator?.input && data[key] !== undefined) {\n\t\t\t\tconst result = fields[key]!.validator.input[\"~standard\"].validate(\n\t\t\t\t\tdata[key],\n\t\t\t\t);\n\t\t\t\tif (result instanceof Promise) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"INTERNAL_SERVER_ERROR\",\n\t\t\t\t\t\tBASE_ERROR_CODES.ASYNC_VALIDATION_NOT_SUPPORTED,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\tif (\"issues\" in result && result.issues) {\n\t\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", {\n\t\t\t\t\t\t...BASE_ERROR_CODES.VALIDATION_ERROR,\n\t\t\t\t\t\tmessage: result.issues[0]?.message || \"Validation Error\",\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t\tparsedData[key] = result.value;\n\t\t\t\tcontinue;\n\t\t\t}\n\t\t\tif (fields[key]!.transform?.input && data[key] !== undefined) {\n\t\t\t\tparsedData[key] = fields[key]!.transform?.input(data[key]);\n\t\t\t\tcontinue;\n\t\t\t}\n\t\t\tparsedData[key] = data[key];\n\t\t\tcontinue;\n\t\t}\n\n\t\tif (fields[key]!.defaultValue !== undefined && action === \"create\") {\n\t\t\tif (typeof fields[key]!.defaultValue === \"function\") {\n\t\t\t\tparsedData[key] = fields[key]!.defaultValue();\n\t\t\t\tcontinue;\n\t\t\t}\n\t\t\tparsedData[key] = fields[key]!.defaultValue;\n\t\t\tcontinue;\n\t\t}\n\n\t\tif (fields[key]!.required && action === \"create\") {\n\t\t\tthrow APIError.from(\"BAD_REQUEST\", {\n\t\t\t\t...BASE_ERROR_CODES.MISSING_FIELD,\n\t\t\t\tmessage: `${key} is required`,\n\t\t\t});\n\t\t}\n\t}\n\treturn parsedData as Partial<T>;\n}\n\nexport function parseUserInput(\n\toptions: BetterAuthOptions,\n\tuser: Record<string, any> = {},\n\taction: \"create\" | \"update\",\n) {\n\tconst schema = getAllFields(options, \"user\");\n\treturn parseInputData(user, { fields: schema, action });\n}\n\nexport function parseAdditionalUserInput(\n\toptions: BetterAuthOptions,\n\tuser?: Record<string, any> | undefined,\n) {\n\tconst schema = getAllFields(options, \"user\");\n\treturn parseInputData(user || {}, { fields: schema });\n}\n\nexport function parseAccountInput(\n\toptions: BetterAuthOptions,\n\taccount: Partial<Account>,\n) {\n\tconst schema = getAllFields(options, \"account\");\n\treturn parseInputData(account, { fields: schema });\n}\n\nexport function parseSessionInput(\n\toptions: BetterAuthOptions,\n\tsession: Partial<Session>,\n) {\n\tconst schema = getAllFields(options, \"session\");\n\treturn parseInputData(session, { fields: schema });\n}\n\nexport function mergeSchema<S extends BetterAuthPluginDBSchema>(\n\tschema: S,\n\tnewSchema?:\n\t\t| {\n\t\t\t\t[K in keyof S]?:\n\t\t\t\t\t| {\n\t\t\t\t\t\t\tmodelName?: string | undefined;\n\t\t\t\t\t\t\tfields?:\n\t\t\t\t\t\t\t\t| {\n\t\t\t\t\t\t\t\t\t\t[P: string]: string;\n\t\t\t\t\t\t\t\t }\n\t\t\t\t\t\t\t\t| undefined;\n\t\t\t\t\t }\n\t\t\t\t\t| undefined;\n\t\t }\n\t\t| undefined,\n) {\n\tif (!newSchema) {\n\t\treturn schema;\n\t}\n\tfor (const table in newSchema) {\n\t\tconst newModelName = newSchema[table]?.modelName;\n\t\tif (newModelName) {\n\t\t\tschema[table]!.modelName = newModelName;\n\t\t}\n\t\tfor (const field in schema[table]!.fields) {\n\t\t\tconst newField = newSchema[table]?.fields?.[field];\n\t\t\tif (!newField) {\n\t\t\t\tcontinue;\n\t\t\t}\n\t\t\tschema[table]!.fields[field]!.fieldName = newField;\n\t\t}\n\t}\n\treturn schema;\n}\n"],"mappings":";;;AASA,MAAM,wBAAQ,IAAI,SAGf;AAEH,SAAS,gBACR,MACA,QAGC;CACD,MAAM,SAAS,OAAO;CACtB,MAAMA,aAAkC,EAAE;AAC1C,MAAK,MAAM,OAAO,MAAM;EACvB,MAAM,QAAQ,OAAO;AACrB,MAAI,CAAC,OAAO;AACX,cAAW,OAAO,KAAK;AACvB;;AAED,MAAI,MAAM,aAAa,MACtB;AAED,aAAW,OAAO,KAAK;;AAExB,QAAO;;AAGR,SAAS,aAAa,SAA4B,OAAe;AAChE,KAAI,CAAC,MAAM,IAAI,QAAQ,CACtB,OAAM,IAAI,yBAAS,IAAI,KAAK,CAAC;CAE9B,MAAM,aAAa,MAAM,IAAI,QAAQ;AACrC,KAAI,WAAW,IAAI,MAAM,CACxB,QAAO,WAAW,IAAI,MAAM;CAE7B,IAAIC,SAA2C;EAC9C,GAAI,UAAU,SAAS,QAAQ,MAAM,mBAAmB,EAAE;EAC1D,GAAI,UAAU,YAAY,QAAQ,SAAS,mBAAmB,EAAE;EAChE;AACD,MAAK,MAAM,UAAU,QAAQ,WAAW,EAAE,CACzC,KAAI,OAAO,UAAU,OAAO,OAAO,OAClC,UAAS;EACR,GAAG;EACH,GAAG,OAAO,OAAO,OAAO;EACxB;AAGH,OAAM,IAAI,QAAQ,CAAE,IAAI,OAAO,OAAO;AACtC,QAAO;;AAGR,SAAgB,gBAAgB,SAA4B,MAAY;AAEvE,QAAO;EACN,GAAG,gBAAgB,MAAM,EAAE,QAFb,aAAa,SAAS,OAAO,EAEA,CAAC;EAC5C,IAAI,KAAK;EACT;;AAGF,SAAgB,mBACf,SACA,SACC;AAED,QAAO,gBAAgB,SAAS,EAAE,QADnB,aAAa,SAAS,UAAU,EACG,CAAC;;AAGpD,SAAgB,mBACf,SACA,SACC;AAED,QAAO,gBAAgB,SAAS,EAAE,QADnB,aAAa,SAAS,UAAU,EACG,CAAC;;AAGpD,SAAgB,eACf,MACA,QAIC;CACD,MAAM,SAAS,OAAO,UAAU;CAChC,MAAM,SAAS,OAAO;CACtB,MAAMD,aAAkC,OAAO,OAC9C,OAAO,OAAO,KAAK,EACnB,KACA;AACD,MAAK,MAAM,OAAO,QAAQ;AACzB,MAAI,OAAO,MAAM;AAChB,OAAI,OAAO,KAAM,UAAU,OAAO;AACjC,QAAI,OAAO,KAAM,iBAAiB,QACjC;SAAI,WAAW,UAAU;AACxB,iBAAW,OAAO,OAAO,KAAM;AAC/B;;;AAGF,QAAI,KAAK,KACR,OAAM,SAAS,KAAK,eAAe;KAClC,GAAG,iBAAiB;KACpB,SAAS,GAAG,IAAI;KAChB,CAAC;AAEH;;AAED,OAAI,OAAO,KAAM,WAAW,SAAS,KAAK,SAAS,QAAW;IAC7D,MAAM,SAAS,OAAO,KAAM,UAAU,MAAM,aAAa,SACxD,KAAK,KACL;AACD,QAAI,kBAAkB,QACrB,OAAM,SAAS,KACd,yBACA,iBAAiB,+BACjB;AAEF,QAAI,YAAY,UAAU,OAAO,OAChC,OAAM,SAAS,KAAK,eAAe;KAClC,GAAG,iBAAiB;KACpB,SAAS,OAAO,OAAO,IAAI,WAAW;KACtC,CAAC;AAEH,eAAW,OAAO,OAAO;AACzB;;AAED,OAAI,OAAO,KAAM,WAAW,SAAS,KAAK,SAAS,QAAW;AAC7D,eAAW,OAAO,OAAO,KAAM,WAAW,MAAM,KAAK,KAAK;AAC1D;;AAED,cAAW,OAAO,KAAK;AACvB;;AAGD,MAAI,OAAO,KAAM,iBAAiB,UAAa,WAAW,UAAU;AACnE,OAAI,OAAO,OAAO,KAAM,iBAAiB,YAAY;AACpD,eAAW,OAAO,OAAO,KAAM,cAAc;AAC7C;;AAED,cAAW,OAAO,OAAO,KAAM;AAC/B;;AAGD,MAAI,OAAO,KAAM,YAAY,WAAW,SACvC,OAAM,SAAS,KAAK,eAAe;GAClC,GAAG,iBAAiB;GACpB,SAAS,GAAG,IAAI;GAChB,CAAC;;AAGJ,QAAO;;AAGR,SAAgB,eACf,SACA,OAA4B,EAAE,EAC9B,QACC;AAED,QAAO,eAAe,MAAM;EAAE,QADf,aAAa,SAAS,OAAO;EACE;EAAQ,CAAC;;AAGxD,SAAgB,yBACf,SACA,MACC;CACD,MAAM,SAAS,aAAa,SAAS,OAAO;AAC5C,QAAO,eAAe,QAAQ,EAAE,EAAE,EAAE,QAAQ,QAAQ,CAAC;;AAGtD,SAAgB,kBACf,SACA,SACC;AAED,QAAO,eAAe,SAAS,EAAE,QADlB,aAAa,SAAS,UAAU,EACE,CAAC;;AAGnD,SAAgB,kBACf,SACA,SACC;AAED,QAAO,eAAe,SAAS,EAAE,QADlB,aAAa,SAAS,UAAU,EACE,CAAC;;AAGnD,SAAgB,YACf,QACA,WAcC;AACD,KAAI,CAAC,UACJ,QAAO;AAER,MAAK,MAAM,SAAS,WAAW;EAC9B,MAAM,eAAe,UAAU,QAAQ;AACvC,MAAI,aACH,QAAO,OAAQ,YAAY;AAE5B,OAAK,MAAM,SAAS,OAAO,OAAQ,QAAQ;GAC1C,MAAM,WAAW,UAAU,QAAQ,SAAS;AAC5C,OAAI,CAAC,SACJ;AAED,UAAO,OAAQ,OAAO,OAAQ,YAAY;;;AAG5C,QAAO"}
|
package/dist/index.d.mts
CHANGED
|
@@ -24,8 +24,8 @@ export * from "@better-auth/core/error";
|
|
|
24
24
|
export * from "@better-auth/core/oauth2";
|
|
25
25
|
export * from "@better-auth/core/utils";
|
|
26
26
|
export * from "zod";
|
|
27
|
-
export * from "better-call";
|
|
28
27
|
export * from "@better-auth/core/social-providers";
|
|
28
|
+
export * from "better-call";
|
|
29
29
|
export * from "zod/v4/core";
|
|
30
30
|
export * from "zod/v4";
|
|
31
31
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import * as
|
|
2
|
-
import * as
|
|
1
|
+
import * as _better_auth_core20 from "@better-auth/core";
|
|
2
|
+
import * as better_call240 from "better-call";
|
|
3
3
|
|
|
4
4
|
//#region src/integrations/next-js.d.ts
|
|
5
5
|
declare function toNextJsHandler(auth: {
|
|
@@ -15,8 +15,8 @@ declare const nextCookies: () => {
|
|
|
15
15
|
id: "next-cookies";
|
|
16
16
|
hooks: {
|
|
17
17
|
after: {
|
|
18
|
-
matcher(ctx:
|
|
19
|
-
handler: (inputContext:
|
|
18
|
+
matcher(ctx: _better_auth_core20.HookEndpointContext): true;
|
|
19
|
+
handler: (inputContext: better_call240.MiddlewareInputContext<better_call240.MiddlewareOptions>) => Promise<void>;
|
|
20
20
|
}[];
|
|
21
21
|
};
|
|
22
22
|
};
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { BetterAuthOptions } from "../types/index.mjs";
|
|
2
|
-
import * as
|
|
2
|
+
import * as better_call238 from "better-call";
|
|
3
3
|
import { RequestEvent } from "@sveltejs/kit";
|
|
4
4
|
|
|
5
5
|
//#region src/integrations/svelte-kit.d.ts
|
|
@@ -29,7 +29,7 @@ declare const sveltekitCookies: (getRequestEvent: () => RequestEvent<any, any>)
|
|
|
29
29
|
hooks: {
|
|
30
30
|
after: {
|
|
31
31
|
matcher(): true;
|
|
32
|
-
handler: (inputContext:
|
|
32
|
+
handler: (inputContext: better_call238.MiddlewareInputContext<better_call238.MiddlewareOptions>) => Promise<void>;
|
|
33
33
|
}[];
|
|
34
34
|
};
|
|
35
35
|
};
|
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
import * as
|
|
2
|
-
import * as
|
|
1
|
+
import * as _better_auth_core15 from "@better-auth/core";
|
|
2
|
+
import * as better_call104 from "better-call";
|
|
3
3
|
|
|
4
4
|
//#region src/integrations/tanstack-start.d.ts
|
|
5
5
|
declare const tanstackStartCookies: () => {
|
|
6
6
|
id: "tanstack-start-cookies";
|
|
7
7
|
hooks: {
|
|
8
8
|
after: {
|
|
9
|
-
matcher(ctx:
|
|
10
|
-
handler: (inputContext:
|
|
9
|
+
matcher(ctx: _better_auth_core15.HookEndpointContext): true;
|
|
10
|
+
handler: (inputContext: better_call104.MiddlewareInputContext<better_call104.MiddlewareOptions>) => Promise<void>;
|
|
11
11
|
}[];
|
|
12
12
|
};
|
|
13
13
|
};
|
|
@@ -1,7 +1,8 @@
|
|
|
1
|
+
import { isAPIError } from "../utils/is-api-error.mjs";
|
|
1
2
|
import { setAccountCookie } from "../cookies/session-store.mjs";
|
|
2
3
|
import { setTokenUtil } from "./utils.mjs";
|
|
3
4
|
import { createEmailVerificationToken } from "../api/routes/email-verification.mjs";
|
|
4
|
-
import
|
|
5
|
+
import "../api/index.mjs";
|
|
5
6
|
import { isDevelopment, logger } from "@better-auth/core/env";
|
|
6
7
|
|
|
7
8
|
//#region src/oauth2/link-account.ts
|
|
@@ -106,7 +107,7 @@ async function handleOAuthUserInfo(c, opts) {
|
|
|
106
107
|
}
|
|
107
108
|
} catch (e) {
|
|
108
109
|
logger.error(e);
|
|
109
|
-
if (e
|
|
110
|
+
if (isAPIError(e)) return {
|
|
110
111
|
error: e.message,
|
|
111
112
|
data: null,
|
|
112
113
|
isRegister: false
|