create-authhero 0.47.3 → 0.48.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -30,7 +30,7 @@ var c = new e(), l = {
30
30
  decrypt: "node --env-file=.env scripts/decrypt-field.mjs"
31
31
  },
32
32
  dependencies: {
33
- "@authhero/kysely-adapter": a,
33
+ "@authhero/drizzle": a,
34
34
  ...i && { "@authhero/admin": a },
35
35
  "@authhero/widget": a,
36
36
  "@hono/swagger-ui": "^0.6.0",
@@ -38,8 +38,8 @@ var c = new e(), l = {
38
38
  "@hono/node-server": "latest",
39
39
  authhero: a,
40
40
  "better-sqlite3": "latest",
41
+ "drizzle-orm": "^0.44.0",
41
42
  hono: "^4.12.0",
42
- kysely: "latest",
43
43
  ...t && { "@authhero/multi-tenancy": a },
44
44
  ...n && { bcryptjs: "latest" }
45
45
  },
@@ -441,9 +441,10 @@ function d(e, t = !1, n = "authhero-local", r) {
441
441
  }
442
442
  }
443
443
  ` : "";
444
- return `import { SqliteDialect, Kysely } from "kysely";
445
- import Database from "better-sqlite3";
446
- import createAdapters from "@authhero/kysely-adapter";
444
+ return `import Database from "better-sqlite3";
445
+ import { drizzle } from "drizzle-orm/better-sqlite3";
446
+ import createAdapters from "@authhero/drizzle";
447
+ import * as schema from "@authhero/drizzle/schema/sqlite";
447
448
  import { seed, createEncryptedDataAdapter, loadEncryptionKey${t ? ", USERNAME_PASSWORD_PROVIDER" : ""} } from "authhero";
448
449
 
449
450
  interface ExtraClient {
@@ -454,6 +455,9 @@ interface ExtraClient {
454
455
  allowed_logout_urls?: string[];
455
456
  web_origins?: string[];
456
457
  auth0_conformant?: boolean;
458
+ oidc_logout?: {
459
+ backchannel_logout_urls?: string[];
460
+ };
457
461
  }
458
462
 
459
463
  function parseFlag(name: string): string | undefined {
@@ -493,11 +497,8 @@ async function main() {
493
497
  ? JSON.parse(userProfileJson)
494
498
  : {};
495
499
 
496
- const dialect = new SqliteDialect({
497
- database: new Database("db.sqlite"),
498
- });
499
-
500
- const db = new Kysely<any>({ dialect });
500
+ const sqlite = new Database("db.sqlite");
501
+ const db = drizzle(sqlite, { schema });
501
502
  let adapters = createAdapters(db);
502
503
 
503
504
  // Match the server: encrypt seeded secrets at rest when a key is configured.
@@ -535,6 +536,7 @@ async function main() {
535
536
  ...(c.auth0_conformant !== undefined && {
536
537
  auth0_conformant: c.auth0_conformant,
537
538
  }),
539
+ ...(c.oidc_logout !== undefined && { oidc_logout: c.oidc_logout }),
538
540
  });
539
541
  console.log(\`✅ Created client "\${c.client_id}"\`);
540
542
  }
@@ -544,7 +546,7 @@ async function main() {
544
546
  console.log(\`✅ Updated profile of user "\${seedResult.username}"\`);
545
547
  }
546
548
  ${f}
547
- await db.destroy();
549
+ sqlite.close();
548
550
  }
549
551
 
550
552
  main().catch((err) => {
@@ -1011,7 +1013,7 @@ c.version("1.0.0").description("Create a new AuthHero project").argument("[proje
1011
1013
  ]
1012
1014
  }])).setupType;
1013
1015
  let h;
1014
- h = m === "cloudflare-control-plane" ? !0 : m === "proxy" || m === "cloudflare-wfp-dispatcher" || m === "cloudflare-wfp-tenant" ? !1 : i.multiTenant === void 0 ? o ? !1 : (await t.prompt([{
1016
+ h = m === "cloudflare-control-plane" ? !0 : m === "proxy" || m === "cloudflare-wfp-dispatcher" || m === "cloudflare-wfp-tenant" ? !1 : i.multiTenant === void 0 ? !o && (await t.prompt([{
1015
1017
  type: "confirm",
1016
1018
  name: "multiTenant",
1017
1019
  message: "Would you like to enable multi-tenant mode?",
@@ -1125,7 +1127,7 @@ ENCRYPTION_KEY=${s()}
1125
1127
  }])).shouldMigrate, n && (console.log("\n🔄 Running migrations...\n"), await x(`${e} run migrate`, p));
1126
1128
  }
1127
1129
  let n;
1128
- n = i.skipStart || o ? !1 : (await t.prompt([{
1130
+ n = !i.skipStart && !o && (await t.prompt([{
1129
1131
  type: "confirm",
1130
1132
  name: "shouldStart",
1131
1133
  message: "Would you like to start the development server?",
@@ -1,8 +1,8 @@
1
1
  import { serve } from "@hono/node-server";
2
- import { SqliteDialect } from "kysely";
3
- import { Kysely } from "kysely";
4
2
  import Database from "better-sqlite3";
5
- import createAdapters from "@authhero/kysely-adapter";
3
+ import { drizzle, BetterSQLite3Database } from "drizzle-orm/better-sqlite3";
4
+ import createAdapters from "@authhero/drizzle";
5
+ import * as schema from "@authhero/drizzle/schema/sqlite";
6
6
  import { createEncryptedDataAdapter, loadEncryptionKey } from "authhero";
7
7
  import createApp from "./app";
8
8
  import fs from "fs";
@@ -85,12 +85,9 @@ function ensureCertificates() {
85
85
  }
86
86
 
87
87
  // Initialize SQLite database
88
- let db: Kysely<any>;
88
+ let db: BetterSQLite3Database<typeof schema>;
89
89
  try {
90
- const dialect = new SqliteDialect({
91
- database: new Database("db.sqlite"),
92
- });
93
- db = new Kysely<any>({ dialect });
90
+ db = drizzle(new Database("db.sqlite"), { schema });
94
91
  } catch (error) {
95
92
  console.error("❌ Failed to initialize database:");
96
93
  console.error(
@@ -1,25 +1,26 @@
1
- import { SqliteDialect, Kysely } from "kysely";
2
1
  import Database from "better-sqlite3";
3
- import { migrateToLatest } from "@authhero/kysely-adapter";
2
+ import { drizzle } from "drizzle-orm/better-sqlite3";
3
+ import { migrate } from "drizzle-orm/better-sqlite3/migrator";
4
4
 
5
- async function migrate() {
6
- const dialect = new SqliteDialect({
7
- database: new Database("db.sqlite"),
8
- });
5
+ // Migrations are pre-generated and shipped with the @authhero/drizzle package.
6
+ // The schema is managed by AuthHero — do not generate your own migrations.
7
+ const migrationsFolder = "node_modules/@authhero/drizzle/drizzle";
9
8
 
10
- const db = new Kysely<any>({ dialect });
9
+ function migrateDb() {
10
+ const sqlite = new Database("db.sqlite");
11
+ const db = drizzle(sqlite);
11
12
 
12
13
  console.log("Running migrations...");
13
14
 
14
15
  try {
15
- await migrateToLatest(db, true);
16
+ migrate(db, { migrationsFolder });
16
17
  console.log("✅ All migrations completed successfully");
17
18
  } catch (error) {
18
19
  console.error("Migration failed:", error);
19
20
  process.exit(1);
20
21
  } finally {
21
- await db.destroy();
22
+ sqlite.close();
22
23
  }
23
24
  }
24
25
 
25
- migrate();
26
+ migrateDb();
@@ -29,34 +29,35 @@ export const proxyConfig: StaticProxyAdapterOptions = {
29
29
 
30
30
  The proxy reads its routes through a `ProxyDataAdapter`. Three implementations are common:
31
31
 
32
- | Adapter | Best for | Notes |
33
- | --- | --- | --- |
34
- | **Static** (default) | Local dev, small fixed deployments | Routes baked into the worker bundle; re-deploy to change them. |
35
- | **Database** | Same-process or co-located deployments | Reads directly from the proxy_routes table that authhero writes to. |
32
+ | Adapter | Best for | Notes |
33
+ | ------------------------- | -------------------------------------------------- | -------------------------------------------------------------------------- |
34
+ | **Static** (default) | Local dev, small fixed deployments | Routes baked into the worker bundle; re-deploy to change them. |
35
+ | **Database** | Same-process or co-located deployments | Reads directly from the proxy_routes table that authhero writes to. |
36
36
  | **HTTP / management API** | Geographically distributed proxies, hosted Workers | Calls `/api/v2/proxy-routes` on your authhero server with a service token. |
37
37
 
38
38
  The authhero server exposes the management API (`/api/v2/proxy-routes`) and creates the underlying table automatically once the standard adapter migrations have run — see the `local` template's [src/index.ts](../local/src/index.ts).
39
39
 
40
- ### Database-backed (Kysely)
40
+ ### Database-backed (Drizzle)
41
41
 
42
- Add the adapter and your Kysely driver, then swap the data line:
42
+ Add the adapter and drizzle-orm, then swap the data line:
43
43
 
44
44
  ```bash
45
- npm install @authhero/kysely-adapter kysely
45
+ npm install @authhero/drizzle drizzle-orm
46
46
  ```
47
47
 
48
48
  ```ts
49
- import { Kysely } from "kysely";
49
+ import { drizzle } from "drizzle-orm/d1";
50
50
  import { createProxyApp } from "@authhero/proxy";
51
- import { createProxyDataAdapter } from "@authhero/kysely-adapter";
51
+ import { createProxyDataAdapter } from "@authhero/drizzle";
52
+ import * as schema from "@authhero/drizzle/schema/sqlite";
52
53
 
53
- const db = new Kysely({ dialect: /* your dialect */ });
54
+ const db = drizzle(env.AUTH_DB, { schema });
54
55
  const app = createProxyApp({
55
56
  data: createProxyDataAdapter(db),
56
57
  });
57
58
  ```
58
59
 
59
- Cloudflare Workers can't open SQLite files, so on Workers this path means D1, Hyperdrive, or a remote MySQL/Postgres. For a local Node process, `better-sqlite3` pointing at the same `db.sqlite` your authhero server uses works out of the box.
60
+ On Cloudflare Workers this reads from the same D1 database your authhero worker uses. For a local Node process, use `drizzle-orm/better-sqlite3` pointing at the same `db.sqlite` your authhero server uses. (If your routes live in MySQL/Postgres, `@authhero/kysely-adapter` exposes the same `createProxyDataAdapter` for Kysely dialects.)
60
61
 
61
62
  ### HTTP-backed (management API)
62
63
 
@@ -87,7 +88,7 @@ interface Env {
87
88
 
88
89
  function createHttpProxyAdapter(env: Env): ProxyDataAdapter {
89
90
  const headers = {
90
- "authorization": `Bearer ${env.AUTHHERO_SERVICE_TOKEN}`,
91
+ authorization: `Bearer ${env.AUTHHERO_SERVICE_TOKEN}`,
91
92
  "tenant-id": env.AUTHHERO_TENANT_ID,
92
93
  };
93
94
 
@@ -101,16 +102,29 @@ function createHttpProxyAdapter(env: Env): ProxyDataAdapter {
101
102
  // The proxy data plane only needs resolveHost; the CRUD methods on
102
103
  // proxyRoutes stay unused (writes always go through authhero directly).
103
104
  proxyRoutes: {
104
- list: () => { throw new Error("read-only proxy adapter"); },
105
- get: () => { throw new Error("read-only proxy adapter"); },
106
- create: () => { throw new Error("read-only proxy adapter"); },
107
- update: () => { throw new Error("read-only proxy adapter"); },
108
- remove: () => { throw new Error("read-only proxy adapter"); },
105
+ list: () => {
106
+ throw new Error("read-only proxy adapter");
107
+ },
108
+ get: () => {
109
+ throw new Error("read-only proxy adapter");
110
+ },
111
+ create: () => {
112
+ throw new Error("read-only proxy adapter");
113
+ },
114
+ update: () => {
115
+ throw new Error("read-only proxy adapter");
116
+ },
117
+ remove: () => {
118
+ throw new Error("read-only proxy adapter");
119
+ },
109
120
  },
110
121
  async resolveHost(host): Promise<ResolvedHost | null> {
111
- const domains = await api<{ custom_domains: Array<{
112
- custom_domain_id: string; domain: string;
113
- }> }>("/api/v2/custom-domains");
122
+ const domains = await api<{
123
+ custom_domains: Array<{
124
+ custom_domain_id: string;
125
+ domain: string;
126
+ }>;
127
+ }>("/api/v2/custom-domains");
114
128
  const match = domains.custom_domains.find((d) => d.domain === host);
115
129
  if (!match) return null;
116
130
 
package/package.json CHANGED
@@ -5,7 +5,7 @@
5
5
  "type": "git",
6
6
  "url": "https://github.com/markusahlstrand/authhero"
7
7
  },
8
- "version": "0.47.3",
8
+ "version": "0.48.1",
9
9
  "type": "module",
10
10
  "main": "dist/create-authhero.js",
11
11
  "bin": {