jazz-tools 0.18.5 → 0.18.7

package/dist/worker/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/worker/index.ts"],"sourcesContent":["import { AgentSecret, CryptoProvider, LocalNode, Peer } from \"cojson\";\nimport {\n  type AnyWebSocketConstructor,\n  WebSocketPeerWithReconnection,\n} from \"cojson-transport-ws\";\nimport { WasmCrypto } from \"cojson/crypto/WasmCrypto\";\nimport {\n  Account,\n  AccountClass,\n  AnyAccountSchema,\n  CoValueFromRaw,\n  Inbox,\n  InstanceOfSchema,\n  createJazzContextFromExistingCredentials,\n  randomSessionProvider,\n} from \"jazz-tools\";\n\ntype WorkerOptions<\n  S extends\n    | (AccountClass<Account> & CoValueFromRaw<Account>)\n    | AnyAccountSchema,\n> = {\n  accountID?: string;\n  accountSecret?: string;\n  syncServer?: string;\n  WebSocket?: AnyWebSocketConstructor;\n  AccountSchema?: S;\n  crypto?: CryptoProvider;\n};\n\n/** @category Context Creation */\nexport async function startWorker<\n  S extends\n    | (AccountClass<Account> & CoValueFromRaw<Account>)\n    | AnyAccountSchema,\n>(options: WorkerOptions<S>) {\n  const {\n    accountID = process.env.JAZZ_WORKER_ACCOUNT,\n    accountSecret = process.env.JAZZ_WORKER_SECRET,\n    syncServer = \"wss://cloud.jazz.tools\",\n    AccountSchema = Account as unknown as S,\n  } = options;\n\n  let node: LocalNode | undefined = undefined;\n\n  const peersToLoadFrom: Peer[] = [];\n\n  const wsPeer = new WebSocketPeerWithReconnection({\n    peer: syncServer,\n    reconnectionTimeout: 100,\n    addPeer: (peer) => {\n      if (node) {\n        node.syncManager.addPeer(peer);\n      } else {\n        peersToLoadFrom.push(peer);\n      }\n    },\n    removePeer: () => {},\n    WebSocketConstructor: options.WebSocket,\n  });\n\n  wsPeer.enable();\n\n  if (!accountID) {\n    throw new Error(\"No accountID provided\");\n  }\n  if (!accountSecret) {\n    throw new Error(\"No accountSecret provided\");\n  }\n  if (!accountID.startsWith(\"co_\")) {\n    throw new Error(\"Invalid accountID\");\n  }\n  if (!accountSecret?.startsWith(\"sealerSecret_\")) {\n    throw new Error(\"Invalid accountSecret\");\n  }\n\n  const context = await createJazzContextFromExistingCredentials({\n    credentials: {\n      accountID: accountID,\n      secret: accountSecret as AgentSecret,\n    },\n    AccountSchema,\n    // TODO: locked sessions similar to browser\n    sessionProvider: randomSessionProvider,\n    peersToLoadFrom,\n    crypto: options.crypto ?? (await WasmCrypto.create()),\n  });\n\n  const account = context.account as InstanceOfSchema<S>;\n  node = account.$jazz.localNode;\n\n  if (!account.$jazz.refs.profile?.id) {\n    throw new Error(\"Account has no profile\");\n  }\n\n  const inbox = await Inbox.load(account);\n\n  async function done() {\n    await context.account.$jazz.waitForAllCoValuesSync();\n\n    wsPeer.disable();\n    context.done();\n  }\n\n  const inboxPublicApi = {\n    subscribe: inbox.subscribe.bind(inbox) as Inbox[\"subscribe\"],\n  };\n\n  return {\n    worker: context.account as InstanceOfSchema<S>,\n    experimental: {\n      inbox: inboxPublicApi,\n    },\n    waitForConnection() {\n      return wsPeer.waitUntilConnected();\n    },\n    subscribeToConnectionChange(listener: (connected: boolean) => void) {\n      wsPeer.subscribe(listener);\n\n      return () => {\n        wsPeer.unsubscribe(listener);\n      };\n    },\n    done,\n  };\n}\n"],"mappings":";AACA;AAAA,EAEE;AAAA,OACK;AACP,SAAS,kBAAkB;AAC3B;AAAA,EACE;AAAA,EAIA;AAAA,EAEA;AAAA,EACA;AAAA,OACK;AAgBP,eAAsB,YAIpB,SAA2B;AAC3B,QAAM;AAAA,IACJ,YAAY,QAAQ,IAAI;AAAA,IACxB,gBAAgB,QAAQ,IAAI;AAAA,IAC5B,aAAa;AAAA,IACb,gBAAgB;AAAA,EAClB,IAAI;AAEJ,MAAI,OAA8B;AAElC,QAAM,kBAA0B,CAAC;AAEjC,QAAM,SAAS,IAAI,8BAA8B;AAAA,IAC/C,MAAM;AAAA,IACN,qBAAqB;AAAA,IACrB,SAAS,CAAC,SAAS;AACjB,UAAI,MAAM;AACR,aAAK,YAAY,QAAQ,IAAI;AAAA,MAC/B,OAAO;AACL,wBAAgB,KAAK,IAAI;AAAA,MAC3B;AAAA,IACF;AAAA,IACA,YAAY,MAAM;AAAA,IAAC;AAAA,IACnB,sBAAsB,QAAQ;AAAA,EAChC,CAAC;AAED,SAAO,OAAO;AAEd,MAAI,CAAC,WAAW;AACd,UAAM,IAAI,MAAM,uBAAuB;AAAA,EACzC;AACA,MAAI,CAAC,eAAe;AAClB,UAAM,IAAI,MAAM,2BAA2B;AAAA,EAC7C;AACA,MAAI,CAAC,UAAU,WAAW,KAAK,GAAG;AAChC,UAAM,IAAI,MAAM,mBAAmB;AAAA,EACrC;AACA,MAAI,CAAC,eAAe,WAAW,eAAe,GAAG;AAC/C,UAAM,IAAI,MAAM,uBAAuB;AAAA,EACzC;AAEA,QAAM,UAAU,MAAM,yCAAyC;AAAA,IAC7D,aAAa;AAAA,MACX;AAAA,MACA,QAAQ;AAAA,IACV;AAAA,IACA;AAAA;AAAA,IAEA,iBAAiB;AAAA,IACjB;AAAA,IACA,QAAQ,QAAQ,UAAW,MAAM,WAAW,OAAO;AAAA,EACrD,CAAC;AAED,QAAM,UAAU,QAAQ;AACxB,SAAO,QAAQ,MAAM;AAErB,MAAI,CAAC,QAAQ,MAAM,KAAK,SAAS,IAAI;AACnC,UAAM,IAAI,MAAM,wBAAwB;AAAA,EAC1C;AAEA,QAAM,QAAQ,MAAM,MAAM,KAAK,OAAO;AAEtC,iBAAe,OAAO;AACpB,UAAM,QAAQ,QAAQ,MAAM,uBAAuB;AAEnD,WAAO,QAAQ;AACf,YAAQ,KAAK;AAAA,EACf;AAEA,QAAM,iBAAiB;AAAA,IACrB,WAAW,MAAM,UAAU,KAAK,KAAK;AAAA,EACvC;AAEA,SAAO;AAAA,IACL,QAAQ,QAAQ;AAAA,IAChB,cAAc;AAAA,MACZ,OAAO;AAAA,IACT;AAAA,IACA,oBAAoB;AAClB,aAAO,OAAO,mBAAmB;AAAA,IACnC;AAAA,IACA,4BAA4B,UAAwC;AAClE,aAAO,UAAU,QAAQ;AAEzB,aAAO,MAAM;AACX,eAAO,YAAY,QAAQ;AAAA,MAC7B;AAAA,IACF;AAAA,IACA;AAAA,EACF;AACF;","names":[]}
+{"version":3,"sources":["../../src/worker/index.ts"],"sourcesContent":["import { AgentSecret, CryptoProvider, LocalNode, Peer } from \"cojson\";\nimport {\n  type AnyWebSocketConstructor,\n  WebSocketPeerWithReconnection,\n} from \"cojson-transport-ws\";\nimport { WasmCrypto } from \"cojson/crypto/WasmCrypto\";\nimport {\n  Account,\n  AccountClass,\n  AnyAccountSchema,\n  CoValueFromRaw,\n  Inbox,\n  InstanceOfSchema,\n  Loaded,\n  createJazzContextFromExistingCredentials,\n  randomSessionProvider,\n} from \"jazz-tools\";\n\ntype WorkerOptions<\n  S extends\n    | (AccountClass<Account> & CoValueFromRaw<Account>)\n    | AnyAccountSchema,\n> = {\n  accountID?: string;\n  accountSecret?: string;\n  syncServer?: string;\n  WebSocket?: AnyWebSocketConstructor;\n  AccountSchema?: S;\n  crypto?: CryptoProvider;\n  /**\n   * If true, the inbox will not be loaded.\n   */\n  skipInboxLoad?: boolean;\n  /**\n   * If false, the worker will not set in the global account context\n   */\n  asActiveAccount?: boolean;\n};\n\n/** @category Context Creation */\nexport async function startWorker<\n  S extends\n    | (AccountClass<Account> & CoValueFromRaw<Account>)\n    | AnyAccountSchema,\n>(options: WorkerOptions<S>) {\n  const {\n    accountID = process.env.JAZZ_WORKER_ACCOUNT,\n    accountSecret = process.env.JAZZ_WORKER_SECRET,\n    syncServer = \"wss://cloud.jazz.tools\",\n    AccountSchema = Account as unknown as S,\n    skipInboxLoad = false,\n    asActiveAccount = true,\n  } = options;\n\n  let node: LocalNode | undefined = undefined;\n\n  const peersToLoadFrom: Peer[] = [];\n\n  const wsPeer = new WebSocketPeerWithReconnection({\n    peer: syncServer,\n    reconnectionTimeout: 100,\n    addPeer: (peer) => {\n      if (node) {\n        node.syncManager.addPeer(peer);\n      } else {\n        peersToLoadFrom.push(peer);\n      }\n    },\n    removePeer: () => {},\n    WebSocketConstructor: options.WebSocket,\n  });\n\n  wsPeer.enable();\n\n  if (!accountID) {\n    throw new Error(\"No accountID provided\");\n  }\n  if (!accountSecret) {\n    throw new Error(\"No accountSecret provided\");\n  }\n  if (!accountID.startsWith(\"co_\")) {\n    throw new Error(\"Invalid accountID\");\n  }\n  if (!accountSecret?.startsWith(\"sealerSecret_\")) {\n    throw new Error(\"Invalid accountSecret\");\n  }\n\n  const context = await createJazzContextFromExistingCredentials({\n    credentials: {\n      accountID: accountID,\n      secret: accountSecret as AgentSecret,\n    },\n    AccountSchema,\n    // TODO: locked sessions similar to browser\n    sessionProvider: randomSessionProvider,\n    peersToLoadFrom,\n    crypto: options.crypto ?? (await WasmCrypto.create()),\n    asActiveAccount,\n  });\n\n  const account = context.account as InstanceOfSchema<S>;\n  node = account.$jazz.localNode;\n\n  if (!account.$jazz.refs.profile?.id) {\n    throw new Error(\"Account has no profile\");\n  }\n\n  const inbox = skipInboxLoad ? undefined : await Inbox.load(account);\n\n  async function done() {\n    await context.account.$jazz.waitForAllCoValuesSync();\n\n    wsPeer.disable();\n    context.done();\n  }\n\n  const inboxPublicApi = inbox\n    ? {\n        subscribe: inbox.subscribe.bind(inbox) as Inbox[\"subscribe\"],\n      }\n    : {\n        subscribe: () => {},\n      };\n\n  return {\n    worker: context.account as Loaded<S>,\n    experimental: {\n      inbox: inboxPublicApi,\n    },\n    waitForConnection() {\n      return wsPeer.waitUntilConnected();\n    },\n    subscribeToConnectionChange(listener: (connected: boolean) => void) {\n      wsPeer.subscribe(listener);\n\n      return () => {\n        wsPeer.unsubscribe(listener);\n      };\n    },\n    done,\n  };\n}\n"],"mappings":";AACA;AAAA,EAEE;AAAA,OACK;AACP,SAAS,kBAAkB;AAC3B;AAAA,EACE;AAAA,EAIA;AAAA,EAGA;AAAA,EACA;AAAA,OACK;AAwBP,eAAsB,YAIpB,SAA2B;AAC3B,QAAM;AAAA,IACJ,YAAY,QAAQ,IAAI;AAAA,IACxB,gBAAgB,QAAQ,IAAI;AAAA,IAC5B,aAAa;AAAA,IACb,gBAAgB;AAAA,IAChB,gBAAgB;AAAA,IAChB,kBAAkB;AAAA,EACpB,IAAI;AAEJ,MAAI,OAA8B;AAElC,QAAM,kBAA0B,CAAC;AAEjC,QAAM,SAAS,IAAI,8BAA8B;AAAA,IAC/C,MAAM;AAAA,IACN,qBAAqB;AAAA,IACrB,SAAS,CAAC,SAAS;AACjB,UAAI,MAAM;AACR,aAAK,YAAY,QAAQ,IAAI;AAAA,MAC/B,OAAO;AACL,wBAAgB,KAAK,IAAI;AAAA,MAC3B;AAAA,IACF;AAAA,IACA,YAAY,MAAM;AAAA,IAAC;AAAA,IACnB,sBAAsB,QAAQ;AAAA,EAChC,CAAC;AAED,SAAO,OAAO;AAEd,MAAI,CAAC,WAAW;AACd,UAAM,IAAI,MAAM,uBAAuB;AAAA,EACzC;AACA,MAAI,CAAC,eAAe;AAClB,UAAM,IAAI,MAAM,2BAA2B;AAAA,EAC7C;AACA,MAAI,CAAC,UAAU,WAAW,KAAK,GAAG;AAChC,UAAM,IAAI,MAAM,mBAAmB;AAAA,EACrC;AACA,MAAI,CAAC,eAAe,WAAW,eAAe,GAAG;AAC/C,UAAM,IAAI,MAAM,uBAAuB;AAAA,EACzC;AAEA,QAAM,UAAU,MAAM,yCAAyC;AAAA,IAC7D,aAAa;AAAA,MACX;AAAA,MACA,QAAQ;AAAA,IACV;AAAA,IACA;AAAA;AAAA,IAEA,iBAAiB;AAAA,IACjB;AAAA,IACA,QAAQ,QAAQ,UAAW,MAAM,WAAW,OAAO;AAAA,IACnD;AAAA,EACF,CAAC;AAED,QAAM,UAAU,QAAQ;AACxB,SAAO,QAAQ,MAAM;AAErB,MAAI,CAAC,QAAQ,MAAM,KAAK,SAAS,IAAI;AACnC,UAAM,IAAI,MAAM,wBAAwB;AAAA,EAC1C;AAEA,QAAM,QAAQ,gBAAgB,SAAY,MAAM,MAAM,KAAK,OAAO;AAElE,iBAAe,OAAO;AACpB,UAAM,QAAQ,QAAQ,MAAM,uBAAuB;AAEnD,WAAO,QAAQ;AACf,YAAQ,KAAK;AAAA,EACf;AAEA,QAAM,iBAAiB,QACnB;AAAA,IACE,WAAW,MAAM,UAAU,KAAK,KAAK;AAAA,EACvC,IACA;AAAA,IACE,WAAW,MAAM;AAAA,IAAC;AAAA,EACpB;AAEJ,SAAO;AAAA,IACL,QAAQ,QAAQ;AAAA,IAChB,cAAc;AAAA,MACZ,OAAO;AAAA,IACT;AAAA,IACA,oBAAoB;AAClB,aAAO,OAAO,mBAAmB;AAAA,IACnC;AAAA,IACA,4BAA4B,UAAwC;AAClE,aAAO,UAAU,QAAQ;AAEzB,aAAO,MAAM;AACX,eAAO,YAAY,QAAQ;AAAA,MAC7B;AAAA,IACF;AAAA,IACA;AAAA,EACF;AACF;","names":[]}

package/package.json

@@ -167,7 +167,7 @@
   },
   "type": "module",
   "license": "MIT",
-  "version": "0.18.5",
+  "version": "0.18.7",
   "dependencies": {
     "@manuscripts/prosemirror-recreate-steps": "^0.1.4",
     "@scure/base": "1.2.1",
@@ -182,10 +182,11 @@
     "prosemirror-schema-basic": "^1.2.2",
     "prosemirror-state": "^1.4.3",
     "prosemirror-transform": "^1.9.0",
+    "use-sync-external-store": "^1.5.0",
     "zod": "3.25.76",
-    "cojson": "0.18.5",
-    "cojson-storage-indexeddb": "0.18.5",
-    "cojson-transport-ws": "0.18.5"
+    "cojson": "0.18.7",
+    "cojson-storage-indexeddb": "0.18.7",
+    "cojson-transport-ws": "0.18.7"
   },
   "devDependencies": {
     "@scure/bip39": "^1.3.0",
@@ -197,6 +198,7 @@
     "@testing-library/svelte": "^5.2.6",
     "@types/react": "19.1.0",
     "@types/react-dom": "19.1.0",
+    "@types/use-sync-external-store": "^1.5.0",
     "@vitest/browser": "^3.2.4",
     "msw": "^2.10.3",
     "oauth2-mock-server": "^8.1.0",

package/src/better-auth/auth/client.ts

@@ -7,6 +7,13 @@ import type {
 } from "jazz-tools";
 import type { jazzPlugin } from "./server.js";
 
+const SIGNUP_URLS = [
+  "/sign-up",
+  "/sign-in/social",
+  "/sign-in/oauth2",
+  "/email-otp/send-verification-otp",
+];
+
 /**
  * @example
  * ```ts
@@ -83,8 +90,7 @@ export const jazzPluginClient = () => {
         hooks: {
           async onRequest(context) {
             if (
-              context.url.toString().includes("/sign-up") ||
-              context.url.toString().includes("/sign-in/social")
+              SIGNUP_URLS.some((url) => context.url.toString().includes(url))
             ) {
               const credentials = await authSecretStorage.get();
 

package/src/better-auth/auth/react.tsx

@@ -1,21 +1,9 @@
 "use client";
 
-import type { ClientOptions } from "better-auth";
 import { createAuthClient } from "better-auth/client";
-import type {
-  Account,
-  AccountClass,
-  AnyAccountSchema,
-  CoValueFromRaw,
-} from "jazz-tools";
-import {
-  type JazzProviderProps,
-  JazzReactProvider,
-  useAuthSecretStorage,
-  useJazzContext,
-} from "jazz-tools/react";
+import { useAuthSecretStorage, useJazzContext } from "jazz-tools/react-core";
 import { useEffect } from "react";
-import { type PropsWithChildren, createContext } from "react";
+import { type PropsWithChildren } from "react";
 import { jazzPluginClient } from "./client.js";
 
 type AuthClient = ReturnType<
@@ -24,8 +12,6 @@ type AuthClient = ReturnType<
   }>
 >;
 
-export const AuthContext = createContext<AuthClient | null>(null);
-
 /**
  * @param props.children - The children to render.
  * @param props.betterAuthClient - The BetterAuth client with the Jazz plugin.
@@ -68,38 +54,3 @@ export function AuthProvider({
 
   return children;
 }
-
-/**
- * @param props - The props for the JazzReactProvider.
- * @param props.betterAuth - The options for the BetterAuth client.
- * @returns The JazzReactProvider with the BetterAuth plugin.
- *
- * @example
- * ```ts
- * <JazzReactProviderWithBetterAuth
- *  betterAuth={{
- *    baseURL: "http://localhost:3000",
- *  }}
- *  sync={{
- *    peer: "ws://localhost:4200",
- *  }}
- * >
- *   <App />
- * </JazzReactProviderWithBetterAuth>
- * ```
- */
-export const JazzReactProviderWithBetterAuth = <
-  S extends
-    | (AccountClass<Account> & CoValueFromRaw<Account>)
-    | AnyAccountSchema,
->(
-  props: { betterAuthClient: AuthClient } & JazzProviderProps<S>,
-) => {
-  return (
-    <JazzReactProvider {...props}>
-      <AuthProvider betterAuthClient={props.betterAuthClient}>
-        {props.children}
-      </AuthProvider>
-    </JazzReactProvider>
-  );
-};

package/src/better-auth/auth/server.ts

@@ -85,20 +85,27 @@ export const jazzPlugin: () => JazzPlugin = () => {
             },
             verification: {
               create: {
-                before: async (verification, context) => {
-                  // If a jazzAuth is provided, save it for later usage.
-                  if (contextContainsJazzAuth(context)) {
-                    const parsed = JSON.parse(verification.value);
-                    const newValue = JSON.stringify({
-                      ...parsed,
-                      jazzAuth: context.jazzAuth,
-                    });
-
-                    return {
-                      data: {
-                        value: newValue,
+                after: async (verification, context) => {
+                  /**
+                   * For: Email OTP plugin
+                   * After a verification is created, if it is from the EmailOTP plugin,
+                   * create a new verification value with the jazzAuth with the same expiration.
+                   */
+                  if (
+                    contextContainsJazzAuth(context) &&
+                    verification.identifier.startsWith("sign-in-otp-")
+                  ) {
+                    const identifier = `jazz-auth-${verification.identifier}`;
+                    await context.context.internalAdapter.deleteVerificationValue(
+                      identifier,
+                    );
+                    await context.context.internalAdapter.createVerificationValue(
+                      {
+                        value: JSON.stringify({ jazzAuth: context.jazzAuth }),
+                        identifier: identifier,
+                        expiresAt: verification.expiresAt,
                       },
-                    };
+                    );
                   }
                 },
               },
@@ -147,6 +154,7 @@ export const jazzPlugin: () => JazzPlugin = () => {
         },
 
         /**
+         * For: Social / OAuth2 plugin
          * /callback is the endpoint that BetterAuth uses to authenticate the user coming from a social provider.
          * 1. Catch the state
          * 2. Find the verification value
@@ -162,17 +170,12 @@ export const jazzPlugin: () => JazzPlugin = () => {
           handler: createAuthMiddleware(async (ctx) => {
             const state = ctx.query?.state || ctx.body?.state;
 
-            const data = await ctx.context.adapter.findOne<{ value: string }>({
-              model: ctx.context.tables.verification!.modelName,
-              where: [
-                {
-                  field: "identifier",
-                  operator: "eq",
-                  value: state,
-                },
-              ],
-              select: ["value"],
-            });
+            const identifier = `jazz-auth-${state}`;
+
+            const data =
+              await ctx.context.internalAdapter.findVerificationValue(
+                identifier,
+              );
 
             // if not found, the social plugin will throw later anyway
             if (!data) {
@@ -197,6 +200,45 @@ export const jazzPlugin: () => JazzPlugin = () => {
             }
           }),
         },
+        /**
+         * For: Email OTP plugin
+         * When the user sends an OTP, we try to find the jazzAuth.
+         * If it isn't a sign-up, we expect to not find a verification value.
+         */
+        {
+          matcher: (context) => {
+            return context.path.startsWith("/sign-in/email-otp");
+          },
+          handler: createAuthMiddleware(async (ctx) => {
+            const email = ctx.body.email;
+            const identifier = `jazz-auth-sign-in-otp-${email}`;
+
+            const data =
+              await ctx.context.internalAdapter.findVerificationValue(
+                identifier,
+              );
+
+            // if not found, it isn't a sign-up
+            if (!data || data.expiresAt < new Date()) {
+              return;
+            }
+
+            const parsed = JSON.parse(data.value);
+
+            if (parsed && "jazzAuth" in parsed) {
+              return {
+                context: {
+                  ...ctx,
+                  jazzAuth: parsed.jazzAuth,
+                },
+              };
+            } else {
+              throw new APIError(500, {
+                message: "JazzAuth not found in verification value",
+              });
+            }
+          }),
+        },
       ],
       after: [
         /**
@@ -227,6 +269,38 @@ export const jazzPlugin: () => JazzPlugin = () => {
             });
           }),
         },
+
+        /**
+         * For: Social / OAuth2 plugin
+         * When the user sign-in via social, we create a verification value with the jazzAuth.
+         */
+        {
+          matcher: (context) => {
+            return context.path.startsWith("/sign-in/social");
+          },
+          handler: createAuthMiddleware(async (ctx) => {
+            if (!contextContainsJazzAuth(ctx)) {
+              throw new APIError(500, {
+                message: "JazzAuth not found in context",
+              });
+            }
+
+            const returned = ctx.context.returned as { url: string };
+
+            const url = new URL(returned.url);
+            const state = url.searchParams.get("state");
+
+            const value = JSON.stringify({ jazzAuth: ctx.jazzAuth });
+            const expiresAt = new Date();
+            expiresAt.setMinutes(expiresAt.getMinutes() + 10);
+
+            await ctx.context.internalAdapter.createVerificationValue({
+              value,
+              identifier: `jazz-auth-${state}`,
+              expiresAt,
+            });
+          }),
+        },
       ],
     },
   } satisfies JazzPlugin;

package/src/better-auth/auth/tests/client.test.ts

@@ -7,14 +7,19 @@ import {
 } from "jazz-tools/testing";
 import { assert, beforeEach, describe, expect, it, vi } from "vitest";
 import { jazzPluginClient } from "../client.js";
+import { emailOTPClient, genericOAuthClient } from "better-auth/client/plugins";
 
-describe("auth client", () => {
+describe("Better-Auth client plugin", () => {
   let account: Account;
   let jazzContextManager: TestJazzContextManager<Account>;
   let authSecretStorage: AuthSecretStorage;
   let authClient: ReturnType<
     typeof createAuthClient<{
-      plugins: ReturnType<typeof jazzPluginClient>[];
+      plugins: ReturnType<
+        | typeof jazzPluginClient
+        | typeof emailOTPClient
+        | typeof genericOAuthClient
+      >[];
     }>
   >;
   let customFetchImpl = vi.fn();
@@ -31,7 +36,7 @@ describe("auth client", () => {
 
     authClient = createAuthClient({
       baseURL: "http://localhost:3000",
-      plugins: [jazzPluginClient()],
+      plugins: [jazzPluginClient(), emailOTPClient(), genericOAuthClient()],
       fetchOptions: {
         customFetchImpl,
       },
@@ -245,5 +250,88 @@ describe("auth client", () => {
     expect(anonymousCredentials).not.toMatchObject(credentials!);
   });
 
-  it.todo("should logout from Better Auth after Jazz's log-out");
+  it("should send Jazz credentials using social login", async () => {
+    const credentials = await authSecretStorage.get();
+    assert(credentials, "Jazz credentials are not available");
+
+    customFetchImpl.mockResolvedValue(new Response(JSON.stringify({})));
+
+    // Sign up
+    await authClient.signIn.social({
+      provider: "github",
+    });
+
+    expect(customFetchImpl).toHaveBeenCalledTimes(1);
+    expect(customFetchImpl.mock.calls[0]![0].toString()).toBe(
+      "http://localhost:3000/api/auth/sign-in/social",
+    );
+
+    // Verify the credentials have been injected in the request body
+    expect(
+      customFetchImpl.mock.calls[0]![1].headers.get("x-jazz-auth")!,
+    ).toEqual(
+      JSON.stringify({
+        accountID: credentials!.accountID,
+        secretSeed: credentials!.secretSeed,
+        accountSecret: credentials!.accountSecret,
+      }),
+    );
+  });
+
+  it("should send Jazz credentials using oauth generic plugin", async () => {
+    const credentials = await authSecretStorage.get();
+    assert(credentials, "Jazz credentials are not available");
+
+    customFetchImpl.mockResolvedValue(new Response(JSON.stringify({})));
+
+    // Sign up
+    await authClient.signIn.oauth2({
+      providerId: "github",
+    });
+
+    expect(customFetchImpl).toHaveBeenCalledTimes(1);
+    expect(customFetchImpl.mock.calls[0]![0].toString()).toBe(
+      "http://localhost:3000/api/auth/sign-in/oauth2",
+    );
+
+    // Verify the credentials have been injected in the request body
+    expect(
+      customFetchImpl.mock.calls[0]![1].headers.get("x-jazz-auth")!,
+    ).toEqual(
+      JSON.stringify({
+        accountID: credentials!.accountID,
+        secretSeed: credentials!.secretSeed,
+        accountSecret: credentials!.accountSecret,
+      }),
+    );
+  });
+
+  it("should send Jazz credentials using email OTP", async () => {
+    const credentials = await authSecretStorage.get();
+    assert(credentials, "Jazz credentials are not available");
+
+    customFetchImpl.mockResolvedValue(new Response(JSON.stringify({})));
+
+    // Sign up
+    await authClient.emailOtp.sendVerificationOtp({
+      email: "test@jazz.dev",
+      type: "sign-in",
+    });
+
+    expect(customFetchImpl).toHaveBeenCalledTimes(1);
+    expect(customFetchImpl.mock.calls[0]![0].toString()).toBe(
+      "http://localhost:3000/api/auth/email-otp/send-verification-otp",
+    );
+
+    // Verify the credentials have been injected in the request body
+    expect(
+      customFetchImpl.mock.calls[0]![1].headers.get("x-jazz-auth")!,
+    ).toEqual(
+      JSON.stringify({
+        accountID: credentials!.accountID,
+        secretSeed: credentials!.secretSeed,
+        accountSecret: credentials!.accountSecret,
+      }),
+    );
+  });
 });

package/src/better-auth/auth/tests/react.test.tsx

@@ -0,0 +1,43 @@
+// @vitest-environment jsdom
+import { render } from "@testing-library/react";
+import { describe, expect, it } from "vitest";
+import { AuthProvider } from "../react";
+import { createAuthClient } from "better-auth/client";
+import { jazzPluginClient } from "../client";
+import { JazzReactProvider } from "jazz-tools/react";
+
+describe("AuthProvider", () => {
+  it("should throw if no JazzContext is set", () => {
+    const betterAuthClient = createAuthClient({
+      plugins: [jazzPluginClient()],
+    });
+
+    expect(() => {
+      render(
+        <AuthProvider betterAuthClient={betterAuthClient}>
+          <div />
+        </AuthProvider>,
+      );
+    }).toThrow(
+      "You need to set up a JazzProvider on top of your app to use this hook.",
+    );
+  });
+
+  it("should render with JazzReactProvider", () => {
+    const betterAuthClient = createAuthClient({
+      plugins: [jazzPluginClient()],
+    });
+
+    render(
+      <JazzReactProvider
+        // @ts-expect-error - no memory storage
+        storage={["memory"]}
+        sync={{ peer: "ws://", when: "never" }}
+      >
+        <AuthProvider betterAuthClient={betterAuthClient}>
+          <div />
+        </AuthProvider>
+      </JazzReactProvider>,
+    );
+  });
+});