payload-auth 1.0.1 → 1.1.0

package/dist/better-auth/plugin/collections/users/hooks/clean-up-user-after-delete.js

@@ -1,33 +0,0 @@
-export const cleanUpUserAfterDelete = async ({ doc, req })=>{
-    try {
-        const { payload } = req;
-        const betterAuthContext = await payload.betterAuth.$context;
-        const userId = doc.id;
-        const beforeDelete = betterAuthContext.options.user?.deleteUser?.beforeDelete;
-        if (typeof beforeDelete === 'function') {
-            await beforeDelete(doc, req);
-        }
-        await betterAuthContext.internalAdapter.deleteSessions(userId);
-        await betterAuthContext.internalAdapter.deleteAccounts(userId);
-        if (payload.collections.verifications) {
-            await payload.delete({
-                collection: payload.collections.verifications.config.slug,
-                where: {
-                    value: {
-                        like: `"${userId}"`
-                    }
-                }
-            });
-        }
-        const afterDelete = betterAuthContext.options.user?.deleteUser?.afterDelete;
-        if (typeof afterDelete === 'function') {
-            await afterDelete(doc, req);
-        }
-        return doc;
-    } catch (error) {
-        console.error('Error in user afterDelete hook:', error);
-        return doc;
-    }
-};
-
-//# sourceMappingURL=clean-up-user-after-delete.js.map

package/dist/better-auth/plugin/collections/users/hooks/clean-up-user-after-delete.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../../src/plugin/collections/users/hooks/clean-up-user-after-delete.ts"],"sourcesContent":["import type { CollectionAfterDeleteHook } from 'payload'\nimport type { CollectionHookWithBetterAuth } from '../../../types'\n\ntype CollectionAfterDeleteHookWithBetterAuth =\n  CollectionHookWithBetterAuth<CollectionAfterDeleteHook>\n\nexport const cleanUpUserAfterDelete: CollectionAfterDeleteHookWithBetterAuth = async ({\n  doc,\n  req,\n}) => {\n  try {\n    const { payload } = req\n    const betterAuthContext = await payload.betterAuth.$context\n    const userId = doc.id\n    const beforeDelete = betterAuthContext.options.user?.deleteUser?.beforeDelete\n    if (typeof beforeDelete === 'function') {\n      await beforeDelete(doc, req as Request)\n    }\n    await betterAuthContext.internalAdapter.deleteSessions(userId)\n    await betterAuthContext.internalAdapter.deleteAccounts(userId)\n    if (payload.collections.verifications) {\n      await payload.delete({\n        collection: payload.collections.verifications.config.slug,\n        where: {\n          value: {\n            like: `\"${userId}\"`,\n          },\n        },\n      })\n    }\n    const afterDelete = betterAuthContext.options.user?.deleteUser?.afterDelete\n    if (typeof afterDelete === 'function') {\n      await afterDelete(doc, req as Request)\n    }\n    return doc\n  } catch (error) {\n    console.error('Error in user afterDelete hook:', error)\n    return doc\n  }\n}\n"],"names":["cleanUpUserAfterDelete","doc","req","payload","betterAuthContext","betterAuth","$context","userId","id","beforeDelete","options","user","deleteUser","internalAdapter","deleteSessions","deleteAccounts","collections","verifications","delete","collection","config","slug","where","value","like","afterDelete","error","console"],"mappings":"AAMA,OAAO,MAAMA,yBAAkE,OAAO,EACpFC,GAAG,EACHC,GAAG,EACJ;IACC,IAAI;QACF,MAAM,EAAEC,OAAO,EAAE,GAAGD;QACpB,MAAME,oBAAoB,MAAMD,QAAQE,UAAU,CAACC,QAAQ;QAC3D,MAAMC,SAASN,IAAIO,EAAE;QACrB,MAAMC,eAAeL,kBAAkBM,OAAO,CAACC,IAAI,EAAEC,YAAYH;QACjE,IAAI,OAAOA,iBAAiB,YAAY;YACtC,MAAMA,aAAaR,KAAKC;QAC1B;QACA,MAAME,kBAAkBS,eAAe,CAACC,cAAc,CAACP;QACvD,MAAMH,kBAAkBS,eAAe,CAACE,cAAc,CAACR;QACvD,IAAIJ,QAAQa,WAAW,CAACC,aAAa,EAAE;YACrC,MAAMd,QAAQe,MAAM,CAAC;gBACnBC,YAAYhB,QAAQa,WAAW,CAACC,aAAa,CAACG,MAAM,CAACC,IAAI;gBACzDC,OAAO;oBACLC,OAAO;wBACLC,MAAM,CAAC,CAAC,EAAEjB,OAAO,CAAC,CAAC;oBACrB;gBACF;YACF;QACF;QACA,MAAMkB,cAAcrB,kBAAkBM,OAAO,CAACC,IAAI,EAAEC,YAAYa;QAChE,IAAI,OAAOA,gBAAgB,YAAY;YACrC,MAAMA,YAAYxB,KAAKC;QACzB;QACA,OAAOD;IACT,EAAE,OAAOyB,OAAO;QACdC,QAAQD,KAAK,CAAC,mCAAmCA;QACjD,OAAOzB;IACT;AACF,EAAC"}

package/dist/better-auth/plugin/collections/users/hooks/on-verified-change.d.ts

@@ -1,2 +0,0 @@
-import { CollectionBeforeChangeHook } from 'payload';
-export declare const onVerifiedChange: CollectionBeforeChangeHook;

package/dist/better-auth/plugin/collections/users/hooks/on-verified-change.js

@@ -1,14 +0,0 @@
-export const onVerifiedChange = async ({ data, originalDoc })=>{
-    const isVerifiedChangingToTrue = Boolean(data._verified) && !Boolean(originalDoc?._verified);
-    const isEmailVerifiedChangingToTrue = Boolean(data.emailVerified) && !Boolean(originalDoc?.emailVerified);
-    if (!isVerifiedChangingToTrue && !isEmailVerifiedChangingToTrue) {
-        return data;
-    }
-    return {
-        ...data,
-        _verified: true,
-        emailVerified: true
-    };
-};
-
-//# sourceMappingURL=on-verified-change.js.map

package/dist/better-auth/plugin/collections/users/hooks/on-verified-change.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../../src/plugin/collections/users/hooks/on-verified-change.ts"],"sourcesContent":["import { CollectionBeforeChangeHook } from 'payload'\n\nexport const onVerifiedChange: CollectionBeforeChangeHook = async ({ data, originalDoc }) => {\n  const isVerifiedChangingToTrue = Boolean(data._verified) && !Boolean(originalDoc?._verified)\n  const isEmailVerifiedChangingToTrue =\n    Boolean(data.emailVerified) && !Boolean(originalDoc?.emailVerified)\n\n  if (!isVerifiedChangingToTrue && !isEmailVerifiedChangingToTrue) {\n    return data\n  }\n\n  return {\n    ...data,\n    _verified: true,\n    emailVerified: true,\n  }\n}\n"],"names":["onVerifiedChange","data","originalDoc","isVerifiedChangingToTrue","Boolean","_verified","isEmailVerifiedChangingToTrue","emailVerified"],"mappings":"AAEA,OAAO,MAAMA,mBAA+C,OAAO,EAAEC,IAAI,EAAEC,WAAW,EAAE;IACtF,MAAMC,2BAA2BC,QAAQH,KAAKI,SAAS,KAAK,CAACD,QAAQF,aAAaG;IAClF,MAAMC,gCACJF,QAAQH,KAAKM,aAAa,KAAK,CAACH,QAAQF,aAAaK;IAEvD,IAAI,CAACJ,4BAA4B,CAACG,+BAA+B;QAC/D,OAAOL;IACT;IAEA,OAAO;QACL,GAAGA,IAAI;QACPI,WAAW;QACXE,eAAe;IACjB;AACF,EAAC"}

package/dist/better-auth/plugin/collections/users/hooks/sync-account.js

@@ -1,82 +0,0 @@
-import { BETTER_AUTH_CONTEXT_KEY } from 'payload-auth/better-auth/adapter';
-export const getSyncAccountHook = (options)=>{
-    const hook = async ({ doc, req, operation, context })=>{
-        if (context?.syncPasswordToUser) return doc;
-        if (operation !== 'create' && operation !== 'update') return doc;
-        const user = await req.payload.findByID({
-            collection: options.userSlug,
-            id: doc.id,
-            depth: 0,
-            req,
-            showHiddenFields: true
-        });
-        if (!user || !user.hash || !user.salt) return doc;
-        const passwordValue = `${user.salt}:${user.hash}`;
-        const userField = req.payload.betterAuth.options.account?.fields?.userId || 'userId';
-        if (operation === 'create' && !(BETTER_AUTH_CONTEXT_KEY in context)) {
-            try {
-                await req.payload.create({
-                    collection: options.accountSlug,
-                    data: {
-                        [userField]: doc.id,
-                        accountId: doc.id.toString(),
-                        providerId: 'credential',
-                        password: passwordValue,
-                        context: {
-                            syncAccountHook: true
-                        }
-                    },
-                    req
-                });
-            } catch (error) {
-                console.error('Failed to create account for user:', error);
-            }
-        }
-        if (operation === 'update') {
-            try {
-                const accounts = await req.payload.find({
-                    collection: options.accountSlug,
-                    where: {
-                        and: [
-                            {
-                                [userField]: {
-                                    equals: doc.id
-                                }
-                            },
-                            {
-                                providerId: {
-                                    equals: 'credential'
-                                }
-                            }
-                        ]
-                    },
-                    req,
-                    depth: 0,
-                    context: {
-                        syncAccountHook: true
-                    }
-                });
-                const account = accounts.docs.at(0);
-                if (account) {
-                    await req.payload.update({
-                        collection: options.accountSlug,
-                        id: account.id,
-                        data: {
-                            password: passwordValue
-                        },
-                        req,
-                        context: {
-                            syncAccountHook: true
-                        }
-                    });
-                }
-            } catch (error) {
-                console.error('Failed to sync hash/salt to account:', error);
-            }
-        }
-        return doc;
-    };
-    return hook;
-};
-
-//# sourceMappingURL=sync-account.js.map

package/dist/better-auth/plugin/collections/users/hooks/sync-account.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../../src/plugin/collections/users/hooks/sync-account.ts"],"sourcesContent":["import type { CollectionAfterChangeHook } from 'payload'\nimport type { CollectionHookWithBetterAuth } from '../../../types'\nimport { BETTER_AUTH_CONTEXT_KEY } from 'payload-auth/better-auth/adapter'\n\ntype CollectionAfterChangeHookWithBetterAuth =\n  CollectionHookWithBetterAuth<CollectionAfterChangeHook>\n\ntype SyncAccountOptions = {\n  userSlug: string\n  accountSlug: string\n}\n\nexport const getSyncAccountHook = (options: SyncAccountOptions): CollectionAfterChangeHook => {\n  const hook: CollectionAfterChangeHookWithBetterAuth = async ({\n    doc,\n    req,\n    operation,\n    context,\n  }) => {\n    if (context?.syncPasswordToUser) return doc\n\n    if (operation !== 'create' && operation !== 'update') return doc\n\n    const user = await req.payload.findByID({\n      collection: options.userSlug,\n      id: doc.id,\n      depth: 0,\n      req,\n      showHiddenFields: true,\n    })\n\n    if (!user || !user.hash || !user.salt) return doc\n\n    const passwordValue = `${user.salt}:${user.hash}`\n    const userField = req.payload.betterAuth.options.account?.fields?.userId || 'userId'\n\n    if (operation === 'create' && !(BETTER_AUTH_CONTEXT_KEY in context)) {\n      try {\n        await req.payload.create({\n          collection: options.accountSlug,\n          data: {\n            [userField]: doc.id,\n            accountId: doc.id.toString(),\n            providerId: 'credential',\n            password: passwordValue,\n            context: { syncAccountHook: true },\n          },\n          req,\n        })\n      } catch (error) {\n        console.error('Failed to create account for user:', error)\n      }\n    }\n\n    if (operation === 'update') {\n      try {\n        const accounts = await req.payload.find({\n          collection: options.accountSlug,\n          where: {\n            and: [{ [userField]: { equals: doc.id } }, { providerId: { equals: 'credential' } }],\n          },\n          req,\n          depth: 0,\n          context: { syncAccountHook: true },\n        })\n\n        const account = accounts.docs.at(0)\n        if (account) {\n          await req.payload.update({\n            collection: options.accountSlug,\n            id: account.id,\n            data: {\n              password: passwordValue,\n            },\n            req,\n            context: { syncAccountHook: true },\n          })\n        }\n      } catch (error) {\n        console.error('Failed to sync hash/salt to account:', error)\n      }\n    }\n\n    return doc\n  }\n\n  return hook as CollectionAfterChangeHook\n}\n"],"names":["BETTER_AUTH_CONTEXT_KEY","getSyncAccountHook","options","hook","doc","req","operation","context","syncPasswordToUser","user","payload","findByID","collection","userSlug","id","depth","showHiddenFields","hash","salt","passwordValue","userField","betterAuth","account","fields","userId","create","accountSlug","data","accountId","toString","providerId","password","syncAccountHook","error","console","accounts","find","where","and","equals","docs","at","update"],"mappings":"AAEA,SAASA,uBAAuB,QAAQ,mCAAkC;AAU1E,OAAO,MAAMC,qBAAqB,CAACC;IACjC,MAAMC,OAAgD,OAAO,EAC3DC,GAAG,EACHC,GAAG,EACHC,SAAS,EACTC,OAAO,EACR;QACC,IAAIA,SAASC,oBAAoB,OAAOJ;QAExC,IAAIE,cAAc,YAAYA,cAAc,UAAU,OAAOF;QAE7D,MAAMK,OAAO,MAAMJ,IAAIK,OAAO,CAACC,QAAQ,CAAC;YACtCC,YAAYV,QAAQW,QAAQ;YAC5BC,IAAIV,IAAIU,EAAE;YACVC,OAAO;YACPV;YACAW,kBAAkB;QACpB;QAEA,IAAI,CAACP,QAAQ,CAACA,KAAKQ,IAAI,IAAI,CAACR,KAAKS,IAAI,EAAE,OAAOd;QAE9C,MAAMe,gBAAgB,GAAGV,KAAKS,IAAI,CAAC,CAAC,EAAET,KAAKQ,IAAI,EAAE;QACjD,MAAMG,YAAYf,IAAIK,OAAO,CAACW,UAAU,CAACnB,OAAO,CAACoB,OAAO,EAAEC,QAAQC,UAAU;QAE5E,IAAIlB,cAAc,YAAY,CAAEN,CAAAA,2BAA2BO,OAAM,GAAI;YACnE,IAAI;gBACF,MAAMF,IAAIK,OAAO,CAACe,MAAM,CAAC;oBACvBb,YAAYV,QAAQwB,WAAW;oBAC/BC,MAAM;wBACJ,CAACP,UAAU,EAAEhB,IAAIU,EAAE;wBACnBc,WAAWxB,IAAIU,EAAE,CAACe,QAAQ;wBAC1BC,YAAY;wBACZC,UAAUZ;wBACVZ,SAAS;4BAAEyB,iBAAiB;wBAAK;oBACnC;oBACA3B;gBACF;YACF,EAAE,OAAO4B,OAAO;gBACdC,QAAQD,KAAK,CAAC,sCAAsCA;YACtD;QACF;QAEA,IAAI3B,cAAc,UAAU;YAC1B,IAAI;gBACF,MAAM6B,WAAW,MAAM9B,IAAIK,OAAO,CAAC0B,IAAI,CAAC;oBACtCxB,YAAYV,QAAQwB,WAAW;oBAC/BW,OAAO;wBACLC,KAAK;4BAAC;gCAAE,CAAClB,UAAU,EAAE;oCAAEmB,QAAQnC,IAAIU,EAAE;gCAAC;4BAAE;4BAAG;gCAAEgB,YAAY;oCAAES,QAAQ;gCAAa;4BAAE;yBAAE;oBACtF;oBACAlC;oBACAU,OAAO;oBACPR,SAAS;wBAAEyB,iBAAiB;oBAAK;gBACnC;gBAEA,MAAMV,UAAUa,SAASK,IAAI,CAACC,EAAE,CAAC;gBACjC,IAAInB,SAAS;oBACX,MAAMjB,IAAIK,OAAO,CAACgC,MAAM,CAAC;wBACvB9B,YAAYV,QAAQwB,WAAW;wBAC/BZ,IAAIQ,QAAQR,EAAE;wBACda,MAAM;4BACJI,UAAUZ;wBACZ;wBACAd;wBACAE,SAAS;4BAAEyB,iBAAiB;wBAAK;oBACnC;gBACF;YACF,EAAE,OAAOC,OAAO;gBACdC,QAAQD,KAAK,CAAC,wCAAwCA;YACxD;QACF;QAEA,OAAO7B;IACT;IAEA,OAAOD;AACT,EAAC"}

package/dist/better-auth/plugin/helpers/generate-verify-email-url.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/plugin/helpers/generate-verify-email-url.ts"],"sourcesContent":["import { SignJWT } from 'jose'\n\n/**\n * Generates a verification URL for email verification\n *\n * This utility function creates a JWT token containing the user's email and\n * expiration information, signs it with the provided secret, and constructs\n * a verification URL with the token as a query parameter.\n *\n * @param userEmail - The email address of the user to verify\n * @param secret - The secret used to sign the JWT\n * @param expiresIn - Duration in seconds for token expiration (default: 3600)\n * @param verifyRouteUrl - The base URL for the verification endpoint\n * @param callbackURL - Optional callback URL after verification (default: \"/\")\n * @returns The complete verification URL with token\n *\n * @example\n * const url = await generateVerifyEmailUrl({\n *   userEmail: 'user@example.com',\n *   secret: 'your-secret-key',\n *   verifyRouteUrl: 'https://your-app.com/api/auth/verify-email',\n *   callbackURL: '/profile'\n * });\n */\nexport const generateVerifyEmailUrl = async ({\n  userEmail,\n  secret,\n  expiresIn = 3600,\n  verifyRouteUrl,\n  callbackURL = '/',\n}: {\n  userEmail: string\n  secret: string\n  expiresIn?: number\n  verifyRouteUrl: string\n  callbackURL?: string\n}): Promise<string> => {\n  if (!userEmail) {\n    throw new Error('userEmail is required to generate a verification URL')\n  }\n\n  if (!secret) {\n    throw new Error('secret is required to sign the JWT token')\n  }\n\n  if (!verifyRouteUrl) {\n    throw new Error('verifyRouteUrl is required to generate a verification URL')\n  }\n\n  // Create and sign the JWT token\n  const jwt = await new SignJWT({\n    email: userEmail,\n    iat: Math.floor(Date.now() / 1000),\n    exp: Math.floor(Date.now() / 1000) + expiresIn,\n  })\n    .setProtectedHeader({ alg: 'HS256' })\n    .sign(new TextEncoder().encode(secret))\n\n  // Build the verification URL\n  const verifyUrl = `${verifyRouteUrl}?token=${jwt}${callbackURL ? `&callbackURL=${encodeURIComponent(callbackURL)}` : ''}`\n\n  return verifyUrl\n}\n"],"names":["SignJWT","generateVerifyEmailUrl","userEmail","secret","expiresIn","verifyRouteUrl","callbackURL","Error","jwt","email","iat","Math","floor","Date","now","exp","setProtectedHeader","alg","sign","TextEncoder","encode","verifyUrl","encodeURIComponent"],"mappings":"AAAA,SAASA,OAAO,QAAQ,OAAM;AAE9B;;;;;;;;;;;;;;;;;;;;;CAqBC,GACD,OAAO,MAAMC,yBAAyB,OAAO,EAC3CC,SAAS,EACTC,MAAM,EACNC,YAAY,IAAI,EAChBC,cAAc,EACdC,cAAc,GAAG,EAOlB;IACC,IAAI,CAACJ,WAAW;QACd,MAAM,IAAIK,MAAM;IAClB;IAEA,IAAI,CAACJ,QAAQ;QACX,MAAM,IAAII,MAAM;IAClB;IAEA,IAAI,CAACF,gBAAgB;QACnB,MAAM,IAAIE,MAAM;IAClB;IAEA,gCAAgC;IAChC,MAAMC,MAAM,MAAM,IAAIR,QAAQ;QAC5BS,OAAOP;QACPQ,KAAKC,KAAKC,KAAK,CAACC,KAAKC,GAAG,KAAK;QAC7BC,KAAKJ,KAAKC,KAAK,CAACC,KAAKC,GAAG,KAAK,QAAQV;IACvC,GACGY,kBAAkB,CAAC;QAAEC,KAAK;IAAQ,GAClCC,IAAI,CAAC,IAAIC,cAAcC,MAAM,CAACjB;IAEjC,6BAA6B;IAC7B,MAAMkB,YAAY,GAAGhB,eAAe,OAAO,EAAEG,MAAMF,cAAc,CAAC,aAAa,EAAEgB,mBAAmBhB,cAAc,GAAG,IAAI;IAEzH,OAAOe;AACT,EAAC"}

package/dist/better-auth/plugin/helpers/get-ip.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/plugin/helpers/get-ip.ts"],"sourcesContent":["import type { BetterAuthOptions } from 'better-auth'\n\nexport function getIp(headers: Headers, options: BetterAuthOptions): string | null {\n  if (options.advanced?.ipAddress?.disableIpTracking) {\n    return null\n  }\n  const testIP = '127.0.0.1'\n  if ((process.env.NODE_ENV === 'test' || process.env.NODE_ENV === 'development') ?? false) {\n    return testIP\n  }\n  const ipHeaders = options.advanced?.ipAddress?.ipAddressHeaders\n  const keys = ipHeaders || [\n    'x-client-ip',\n    'x-forwarded-for',\n    'cf-connecting-ip',\n    'fastly-client-ip',\n    'x-real-ip',\n    'x-cluster-client-ip',\n    'x-forwarded',\n    'forwarded-for',\n    'forwarded',\n  ]\n  for (const key of keys) {\n    const value = headers.get(key)\n    if (typeof value === 'string') {\n      const ip = value.split(',')[0].trim()\n      if (ip) return ip\n    }\n  }\n  return null\n}\n"],"names":["getIp","headers","options","advanced","ipAddress","disableIpTracking","testIP","process","env","NODE_ENV","ipHeaders","ipAddressHeaders","keys","key","value","get","ip","split","trim"],"mappings":"AAEA,OAAO,SAASA,MAAMC,OAAgB,EAAEC,OAA0B;IAChE,IAAIA,QAAQC,QAAQ,EAAEC,WAAWC,mBAAmB;QAClD,OAAO;IACT;IACA,MAAMC,SAAS;IACf,IAAI,AAACC,CAAAA,QAAQC,GAAG,CAACC,QAAQ,KAAK,UAAUF,QAAQC,GAAG,CAACC,QAAQ,KAAK,aAAY,KAAM,OAAO;QACxF,OAAOH;IACT;IACA,MAAMI,YAAYR,QAAQC,QAAQ,EAAEC,WAAWO;IAC/C,MAAMC,OAAOF,aAAa;QACxB;QACA;QACA;QACA;QACA;QACA;QACA;QACA;QACA;KACD;IACD,KAAK,MAAMG,OAAOD,KAAM;QACtB,MAAME,QAAQb,QAAQc,GAAG,CAACF;QAC1B,IAAI,OAAOC,UAAU,UAAU;YAC7B,MAAME,KAAKF,MAAMG,KAAK,CAAC,IAAI,CAAC,EAAE,CAACC,IAAI;YACnC,IAAIF,IAAI,OAAOA;QACjB;IACF;IACA,OAAO;AACT"}

package/dist/better-auth/plugin/helpers/index.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/plugin/helpers/index.ts"],"sourcesContent":["export { generateVerifyEmailUrl } from './generate-verify-email-url'; "],"names":["generateVerifyEmailUrl"],"mappings":"AAAA,SAASA,sBAAsB,QAAQ,8BAA8B"}

package/dist/better-auth/plugin/helpers/serialize-cookie.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/plugin/helpers/serialize-cookie.ts"],"sourcesContent":["import { subtle } from 'uncrypto'\n\ntype CookiePrefixOptions = 'host' | 'secure'\n\ntype CookieOptions = {\n  /**\n   * Domain of the cookie\n   *\n   * The Domain attribute specifies which server can receive a cookie. If specified, cookies are\n   * available on the specified server and its subdomains. If the it is not\n   * specified, the cookies are available on the server that sets it but not on\n   * its subdomains.\n   *\n   * @example\n   * `domain: \"example.com\"`\n   */\n  domain?: string\n  /**\n   * A lifetime of a cookie. Permanent cookies are deleted after the date specified in the\n   * Expires attribute:\n   *\n   * Expires has been available for longer than Max-Age, however Max-Age is less error-prone, and\n   * takes precedence when both are set. The rationale behind this is that when you set an\n   * Expires date and time, they're relative to the client the cookie is being set on. If the\n   * server is set to a different time, this could cause errors\n   */\n  expires?: Date\n  /**\n   * Forbids JavaScript from accessing the cookie, for example, through the Document.cookie\n   * property. Note that a cookie that has been created with HttpOnly will still be sent with\n   * JavaScript-initiated requests, for example, when calling XMLHttpRequest.send() or fetch().\n   * This mitigates attacks against cross-site scripting\n   */\n  httpOnly?: boolean\n  /**\n   * Indicates the number of seconds until the cookie expires. A zero or negative number will\n   * expire the cookie immediately. If both Expires and Max-Age are set, Max-Age has precedence.\n   *\n   * @example 604800 - 7 days\n   */\n  maxAge?: number\n  /**\n   * Indicates the path that must exist in the requested URL for the browser to send the Cookie\n   * header.\n   *\n   * @example\n   * \"/docs\"\n   * // -> the request paths /docs, /docs/, /docs/Web/, and /docs/Web/HTTP will all match. the request paths /, /fr/docs will not match.\n   */\n  path?: string\n  /**\n   * Indicates that the cookie is sent to the server only when a request is made with the https:\n   * scheme (except on localhost), and therefore, is more resistant to man-in-the-middle attacks.\n   */\n  secure?: boolean\n  /**\n   * Controls whether or not a cookie is sent with cross-site requests, providing some protection\n   * against cross-site request forgery attacks (CSRF).\n   *\n   * Strict -  Means that the browser sends the cookie only for same-site requests, that is,\n   * requests originating from the same site that set the cookie. If a request originates from a\n   * different domain or scheme (even with the same domain), no cookies with the SameSite=Strict\n   * attribute are sent.\n   *\n   * Lax - Means that the cookie is not sent on cross-site requests, such as on requests to load\n   * images or frames, but is sent when a user is navigating to the origin site from an external\n   * site (for example, when following a link). This is the default behavior if the SameSite\n   * attribute is not specified.\n   *\n   * None - Means that the browser sends the cookie with both cross-site and same-site requests.\n   * The Secure attribute must also be set when setting this value.\n   */\n  sameSite?: 'Strict' | 'Lax' | 'None' | 'strict' | 'lax' | 'none'\n  /**\n   * Indicates that the cookie should be stored using partitioned storage. Note that if this is\n   * set, the Secure directive must also be set.\n   *\n   * @see https://developer.mozilla.org/en-US/docs/Web/Privacy/Privacy_sandbox/Partitioned_cookies\n   */\n  partitioned?: boolean\n  /**\n   * Cooke Prefix\n   *\n   * - secure: `__Secure-` -> `__Secure-cookie-name`\n   * - host: `__Host-` -> `__Host-cookie-name`\n   *\n   * `secure` must be set to true to use prefixes\n   */\n  prefix?: CookiePrefixOptions\n}\n\nexport const verifySignature = async (\n  base64Signature: string,\n  value: string,\n  secret: CryptoKey,\n): Promise<boolean> => {\n  try {\n    const signatureBinStr = atob(base64Signature)\n    const signature = new Uint8Array(signatureBinStr.length)\n    for (let i = 0, len = signatureBinStr.length; i < len; i++) {\n      signature[i] = signatureBinStr.charCodeAt(i)\n    }\n    return await subtle.verify(algorithm, secret, signature, new TextEncoder().encode(value))\n  } catch (e) {\n    return false\n  }\n}\n\nconst _serialize = (key: string, value: string, opt: CookieOptions = {}) => {\n  let cookie: string\n\n  if (opt?.prefix === 'secure') {\n    cookie = `${`__Secure-${key}`}=${value}`\n  } else if (opt?.prefix === 'host') {\n    cookie = `${`__Host-${key}`}=${value}`\n  } else {\n    cookie = `${key}=${value}`\n  }\n\n  if (key.startsWith('__Secure-') && !opt.secure) {\n    opt.secure = true\n  }\n\n  if (key.startsWith('__Host-')) {\n    if (!opt.secure) {\n      opt.secure = true\n    }\n\n    if (opt.path !== '/') {\n      opt.path = '/'\n    }\n\n    if (opt.domain) {\n      opt.domain = undefined\n    }\n  }\n\n  if (opt && typeof opt.maxAge === 'number' && opt.maxAge >= 0) {\n    if (opt.maxAge > 34560000) {\n      throw new Error(\n        'Cookies Max-Age SHOULD NOT be greater than 400 days (34560000 seconds) in duration.',\n      )\n    }\n    cookie += `; Max-Age=${Math.floor(opt.maxAge)}`\n  }\n\n  if (opt.domain && opt.prefix !== 'host') {\n    cookie += `; Domain=${opt.domain}`\n  }\n\n  if (opt.path) {\n    cookie += `; Path=${opt.path}`\n  }\n\n  if (opt.expires) {\n    if (opt.expires.getTime() - Date.now() > 34560000_000) {\n      throw new Error(\n        'Cookies Expires SHOULD NOT be greater than 400 days (34560000 seconds) in the future.',\n      )\n    }\n    cookie += `; Expires=${opt.expires.toUTCString()}`\n  }\n\n  if (opt.httpOnly) {\n    cookie += '; HttpOnly'\n  }\n\n  if (opt.secure) {\n    cookie += '; Secure'\n  }\n\n  if (opt.sameSite) {\n    cookie += `; SameSite=${opt.sameSite.charAt(0).toUpperCase() + opt.sameSite.slice(1)}`\n  }\n\n  if (opt.partitioned) {\n    if (!opt.secure) {\n      opt.secure = true\n    }\n    cookie += '; Partitioned'\n  }\n\n  return cookie\n}\n\nconst algorithm = { name: 'HMAC', hash: 'SHA-256' }\n\nconst getCryptoKey = async (secret: string | BufferSource) => {\n  const secretBuf = typeof secret === 'string' ? new TextEncoder().encode(secret) : secret\n  return await subtle.importKey('raw', secretBuf, algorithm, false, ['sign', 'verify'])\n}\n\nconst makeSignature = async (value: string, secret: string | BufferSource): Promise<string> => {\n  const key = await getCryptoKey(secret)\n  const signature = await subtle.sign(algorithm.name, key, new TextEncoder().encode(value))\n  // the returned base64 encoded signature will always be 44 characters long and end with one or two equal signs\n  return btoa(String.fromCharCode(...new Uint8Array(signature)))\n}\n\nexport const signCookieValue = async (value: string, secret: string | BufferSource) => {\n  const signature = await makeSignature(value, secret)\n  value = `${value}.${signature}`\n  value = encodeURIComponent(value)\n  value = decodeURIComponent(value)\n  return value\n}\n\nexport const serializeCookie = (key: string, value: string, opt?: CookieOptions) => {\n  value = encodeURIComponent(value)\n  return _serialize(key, value, opt)\n}\n\nexport const serializeSignedCookie = async (\n  key: string,\n  value: string,\n  secret: string,\n  opt?: CookieOptions,\n) => {\n  value = await signCookieValue(value, secret)\n  return _serialize(key, value, opt)\n}\n\nexport const getCookieKey = (key: string, prefix?: CookiePrefixOptions) => {\n  let finalKey = key\n  if (prefix) {\n    if (prefix === 'secure') {\n      finalKey = '__Secure-' + key\n    } else if (prefix === 'host') {\n      finalKey = '__Host-' + key\n    } else {\n      return undefined\n    }\n  }\n  return finalKey\n}\n\nexport function tryDecode(str: string) {\n  try {\n    return str.includes('%') ? decodeURIComponent(str) : str\n  } catch {\n    return str\n  }\n}\n\n/**\n * Parse an HTTP Cookie header string and returning an object of all cookie\n * name-value pairs.\n *\n * Inspired by https://github.com/unjs/cookie-es/blob/main/src/cookie/parse.ts\n *\n * @param str the string representing a `Cookie` header value\n */\nexport function parseCookies(str: string) {\n  if (typeof str !== 'string') {\n    throw new TypeError('argument str must be a string')\n  }\n\n  const cookies: Map<string, string> = new Map()\n\n  let index = 0\n  while (index < str.length) {\n    const eqIdx = str.indexOf('=', index)\n\n    if (eqIdx === -1) {\n      break\n    }\n\n    let endIdx = str.indexOf(';', index)\n\n    if (endIdx === -1) {\n      endIdx = str.length\n    } else if (endIdx < eqIdx) {\n      index = str.lastIndexOf(';', eqIdx - 1) + 1\n      continue\n    }\n\n    const key = str.slice(index, eqIdx).trim()\n    if (!cookies.has(key)) {\n      let val = str.slice(eqIdx + 1, endIdx).trim()\n      if (val.codePointAt(0) === 0x22) {\n        val = val.slice(1, -1)\n      }\n      cookies.set(key, tryDecode(val))\n    }\n\n    index = endIdx + 1\n  }\n\n  return cookies\n}\n\nexport const getSignedCookie = async (\n  key: string,\n  secret: string,\n  headers: Headers,\n  prefix?: CookiePrefixOptions,\n) => {\n  const finalKey = getCookieKey(key, prefix)\n  if (!finalKey) {\n    return null\n  }\n  const cookieHeader = headers.get('cookie')\n  const parsedCookies = cookieHeader ? parseCookies(cookieHeader) : undefined\n  const value = parsedCookies?.get(finalKey)\n  if (!value) {\n    return null\n  }\n  const signatureStartPos = value.lastIndexOf('.')\n  if (signatureStartPos < 1) {\n    return null\n  }\n  const signedValue = value.substring(0, signatureStartPos)\n  const signature = value.substring(signatureStartPos + 1)\n  if (signature.length !== 44 || !signature.endsWith('=')) {\n    return null\n  }\n  const secretKey = await getCryptoKey(secret)\n  const isVerified = await verifySignature(signature, signedValue, secretKey)\n  return isVerified ? signedValue : false\n}\n"],"names":["subtle","verifySignature","base64Signature","value","secret","signatureBinStr","atob","signature","Uint8Array","length","i","len","charCodeAt","verify","algorithm","TextEncoder","encode","e","_serialize","key","opt","cookie","prefix","startsWith","secure","path","domain","undefined","maxAge","Error","Math","floor","expires","getTime","Date","now","toUTCString","httpOnly","sameSite","charAt","toUpperCase","slice","partitioned","name","hash","getCryptoKey","secretBuf","importKey","makeSignature","sign","btoa","String","fromCharCode","signCookieValue","encodeURIComponent","decodeURIComponent","serializeCookie","serializeSignedCookie","getCookieKey","finalKey","tryDecode","str","includes","parseCookies","TypeError","cookies","Map","index","eqIdx","indexOf","endIdx","lastIndexOf","trim","has","val","codePointAt","set","getSignedCookie","headers","cookieHeader","get","parsedCookies","signatureStartPos","signedValue","substring","endsWith","secretKey","isVerified"],"mappings":"AAAA,SAASA,MAAM,QAAQ,WAAU;AA2FjC,OAAO,MAAMC,kBAAkB,OAC7BC,iBACAC,OACAC;IAEA,IAAI;QACF,MAAMC,kBAAkBC,KAAKJ;QAC7B,MAAMK,YAAY,IAAIC,WAAWH,gBAAgBI,MAAM;QACvD,IAAK,IAAIC,IAAI,GAAGC,MAAMN,gBAAgBI,MAAM,EAAEC,IAAIC,KAAKD,IAAK;YAC1DH,SAAS,CAACG,EAAE,GAAGL,gBAAgBO,UAAU,CAACF;QAC5C;QACA,OAAO,MAAMV,OAAOa,MAAM,CAACC,WAAWV,QAAQG,WAAW,IAAIQ,cAAcC,MAAM,CAACb;IACpF,EAAE,OAAOc,GAAG;QACV,OAAO;IACT;AACF,EAAC;AAED,MAAMC,aAAa,CAACC,KAAahB,OAAeiB,MAAqB,CAAC,CAAC;IACrE,IAAIC;IAEJ,IAAID,KAAKE,WAAW,UAAU;QAC5BD,SAAS,GAAG,CAAC,SAAS,EAAEF,KAAK,CAAC,CAAC,EAAEhB,OAAO;IAC1C,OAAO,IAAIiB,KAAKE,WAAW,QAAQ;QACjCD,SAAS,GAAG,CAAC,OAAO,EAAEF,KAAK,CAAC,CAAC,EAAEhB,OAAO;IACxC,OAAO;QACLkB,SAAS,GAAGF,IAAI,CAAC,EAAEhB,OAAO;IAC5B;IAEA,IAAIgB,IAAII,UAAU,CAAC,gBAAgB,CAACH,IAAII,MAAM,EAAE;QAC9CJ,IAAII,MAAM,GAAG;IACf;IAEA,IAAIL,IAAII,UAAU,CAAC,YAAY;QAC7B,IAAI,CAACH,IAAII,MAAM,EAAE;YACfJ,IAAII,MAAM,GAAG;QACf;QAEA,IAAIJ,IAAIK,IAAI,KAAK,KAAK;YACpBL,IAAIK,IAAI,GAAG;QACb;QAEA,IAAIL,IAAIM,MAAM,EAAE;YACdN,IAAIM,MAAM,GAAGC;QACf;IACF;IAEA,IAAIP,OAAO,OAAOA,IAAIQ,MAAM,KAAK,YAAYR,IAAIQ,MAAM,IAAI,GAAG;QAC5D,IAAIR,IAAIQ,MAAM,GAAG,UAAU;YACzB,MAAM,IAAIC,MACR;QAEJ;QACAR,UAAU,CAAC,UAAU,EAAES,KAAKC,KAAK,CAACX,IAAIQ,MAAM,GAAG;IACjD;IAEA,IAAIR,IAAIM,MAAM,IAAIN,IAAIE,MAAM,KAAK,QAAQ;QACvCD,UAAU,CAAC,SAAS,EAAED,IAAIM,MAAM,EAAE;IACpC;IAEA,IAAIN,IAAIK,IAAI,EAAE;QACZJ,UAAU,CAAC,OAAO,EAAED,IAAIK,IAAI,EAAE;IAChC;IAEA,IAAIL,IAAIY,OAAO,EAAE;QACf,IAAIZ,IAAIY,OAAO,CAACC,OAAO,KAAKC,KAAKC,GAAG,KAAK,cAAc;YACrD,MAAM,IAAIN,MACR;QAEJ;QACAR,UAAU,CAAC,UAAU,EAAED,IAAIY,OAAO,CAACI,WAAW,IAAI;IACpD;IAEA,IAAIhB,IAAIiB,QAAQ,EAAE;QAChBhB,UAAU;IACZ;IAEA,IAAID,IAAII,MAAM,EAAE;QACdH,UAAU;IACZ;IAEA,IAAID,IAAIkB,QAAQ,EAAE;QAChBjB,UAAU,CAAC,WAAW,EAAED,IAAIkB,QAAQ,CAACC,MAAM,CAAC,GAAGC,WAAW,KAAKpB,IAAIkB,QAAQ,CAACG,KAAK,CAAC,IAAI;IACxF;IAEA,IAAIrB,IAAIsB,WAAW,EAAE;QACnB,IAAI,CAACtB,IAAII,MAAM,EAAE;YACfJ,IAAII,MAAM,GAAG;QACf;QACAH,UAAU;IACZ;IAEA,OAAOA;AACT;AAEA,MAAMP,YAAY;IAAE6B,MAAM;IAAQC,MAAM;AAAU;AAElD,MAAMC,eAAe,OAAOzC;IAC1B,MAAM0C,YAAY,OAAO1C,WAAW,WAAW,IAAIW,cAAcC,MAAM,CAACZ,UAAUA;IAClF,OAAO,MAAMJ,OAAO+C,SAAS,CAAC,OAAOD,WAAWhC,WAAW,OAAO;QAAC;QAAQ;KAAS;AACtF;AAEA,MAAMkC,gBAAgB,OAAO7C,OAAeC;IAC1C,MAAMe,MAAM,MAAM0B,aAAazC;IAC/B,MAAMG,YAAY,MAAMP,OAAOiD,IAAI,CAACnC,UAAU6B,IAAI,EAAExB,KAAK,IAAIJ,cAAcC,MAAM,CAACb;IAClF,8GAA8G;IAC9G,OAAO+C,KAAKC,OAAOC,YAAY,IAAI,IAAI5C,WAAWD;AACpD;AAEA,OAAO,MAAM8C,kBAAkB,OAAOlD,OAAeC;IACnD,MAAMG,YAAY,MAAMyC,cAAc7C,OAAOC;IAC7CD,QAAQ,GAAGA,MAAM,CAAC,EAAEI,WAAW;IAC/BJ,QAAQmD,mBAAmBnD;IAC3BA,QAAQoD,mBAAmBpD;IAC3B,OAAOA;AACT,EAAC;AAED,OAAO,MAAMqD,kBAAkB,CAACrC,KAAahB,OAAeiB;IAC1DjB,QAAQmD,mBAAmBnD;IAC3B,OAAOe,WAAWC,KAAKhB,OAAOiB;AAChC,EAAC;AAED,OAAO,MAAMqC,wBAAwB,OACnCtC,KACAhB,OACAC,QACAgB;IAEAjB,QAAQ,MAAMkD,gBAAgBlD,OAAOC;IACrC,OAAOc,WAAWC,KAAKhB,OAAOiB;AAChC,EAAC;AAED,OAAO,MAAMsC,eAAe,CAACvC,KAAaG;IACxC,IAAIqC,WAAWxC;IACf,IAAIG,QAAQ;QACV,IAAIA,WAAW,UAAU;YACvBqC,WAAW,cAAcxC;QAC3B,OAAO,IAAIG,WAAW,QAAQ;YAC5BqC,WAAW,YAAYxC;QACzB,OAAO;YACL,OAAOQ;QACT;IACF;IACA,OAAOgC;AACT,EAAC;AAED,OAAO,SAASC,UAAUC,GAAW;IACnC,IAAI;QACF,OAAOA,IAAIC,QAAQ,CAAC,OAAOP,mBAAmBM,OAAOA;IACvD,EAAE,OAAM;QACN,OAAOA;IACT;AACF;AAEA;;;;;;;CAOC,GACD,OAAO,SAASE,aAAaF,GAAW;IACtC,IAAI,OAAOA,QAAQ,UAAU;QAC3B,MAAM,IAAIG,UAAU;IACtB;IAEA,MAAMC,UAA+B,IAAIC;IAEzC,IAAIC,QAAQ;IACZ,MAAOA,QAAQN,IAAIpD,MAAM,CAAE;QACzB,MAAM2D,QAAQP,IAAIQ,OAAO,CAAC,KAAKF;QAE/B,IAAIC,UAAU,CAAC,GAAG;YAChB;QACF;QAEA,IAAIE,SAAST,IAAIQ,OAAO,CAAC,KAAKF;QAE9B,IAAIG,WAAW,CAAC,GAAG;YACjBA,SAAST,IAAIpD,MAAM;QACrB,OAAO,IAAI6D,SAASF,OAAO;YACzBD,QAAQN,IAAIU,WAAW,CAAC,KAAKH,QAAQ,KAAK;YAC1C;QACF;QAEA,MAAMjD,MAAM0C,IAAIpB,KAAK,CAAC0B,OAAOC,OAAOI,IAAI;QACxC,IAAI,CAACP,QAAQQ,GAAG,CAACtD,MAAM;YACrB,IAAIuD,MAAMb,IAAIpB,KAAK,CAAC2B,QAAQ,GAAGE,QAAQE,IAAI;YAC3C,IAAIE,IAAIC,WAAW,CAAC,OAAO,MAAM;gBAC/BD,MAAMA,IAAIjC,KAAK,CAAC,GAAG,CAAC;YACtB;YACAwB,QAAQW,GAAG,CAACzD,KAAKyC,UAAUc;QAC7B;QAEAP,QAAQG,SAAS;IACnB;IAEA,OAAOL;AACT;AAEA,OAAO,MAAMY,kBAAkB,OAC7B1D,KACAf,QACA0E,SACAxD;IAEA,MAAMqC,WAAWD,aAAavC,KAAKG;IACnC,IAAI,CAACqC,UAAU;QACb,OAAO;IACT;IACA,MAAMoB,eAAeD,QAAQE,GAAG,CAAC;IACjC,MAAMC,gBAAgBF,eAAehB,aAAagB,gBAAgBpD;IAClE,MAAMxB,QAAQ8E,eAAeD,IAAIrB;IACjC,IAAI,CAACxD,OAAO;QACV,OAAO;IACT;IACA,MAAM+E,oBAAoB/E,MAAMoE,WAAW,CAAC;IAC5C,IAAIW,oBAAoB,GAAG;QACzB,OAAO;IACT;IACA,MAAMC,cAAchF,MAAMiF,SAAS,CAAC,GAAGF;IACvC,MAAM3E,YAAYJ,MAAMiF,SAAS,CAACF,oBAAoB;IACtD,IAAI3E,UAAUE,MAAM,KAAK,MAAM,CAACF,UAAU8E,QAAQ,CAAC,MAAM;QACvD,OAAO;IACT;IACA,MAAMC,YAAY,MAAMzC,aAAazC;IACrC,MAAMmF,aAAa,MAAMtF,gBAAgBM,WAAW4E,aAAaG;IACjE,OAAOC,aAAaJ,cAAc;AACpC,EAAC"}

package/dist/better-auth/plugin/index.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/plugin/index.ts"],"sourcesContent":["import type { BasePayload, Config } from 'payload'\nimport type { PayloadBetterAuthPluginOptions } from './types'\nimport { sanitizeBetterAuthOptions } from './lib/sanitize-auth-options'\nimport { getRequiredCollectionSlugs } from './lib/get-required-collection-slugs'\nimport { buildCollectionConfigs } from './lib/build-collection-configs'\nimport { respectSaveToJwtFieldsMiddleware } from './lib/respect-save-to-jwt-fields-middleware'\nimport { initBetterAuth } from './lib/init-better-auth'\n\nexport * from './types'\nexport * from './helpers'\nexport { sanitizeBetterAuthOptions } from './lib/sanitize-auth-options'\nexport { getPayloadAuth } from './lib/get-payload-auth'\n\nexport function betterAuthPlugin(pluginOptions: PayloadBetterAuthPluginOptions) {\n  return (config: Config): Config => {\n    if (pluginOptions.disabled) {\n      return config\n    }\n    config.custom = {\n      ...config.custom,\n      hasBetterAuthPlugin: true,\n    }\n\n    if (!config.collections) {\n      config.collections = []\n    }\n\n    let sanitzedBetterAuthOptions = sanitizeBetterAuthOptions(pluginOptions)\n\n    // Determine which collections to add based on the options and plugins\n    const requiredCollectionSlugs = getRequiredCollectionSlugs({\n      logTables: pluginOptions.logTables ?? false,\n      pluginOptions,\n      sanitizedBAOptions: sanitzedBetterAuthOptions,\n    })\n\n    // Update with the required collections + existing collections\n    config.collections = buildCollectionConfigs({\n      incomingCollections: config.collections ?? [],\n      requiredCollectionSlugs,\n      pluginOptions,\n      sanitizedBAOptions: sanitzedBetterAuthOptions,\n    })\n\n    respectSaveToJwtFieldsMiddleware({\n      sanitizedOptions: sanitzedBetterAuthOptions,\n      payloadConfig: config,\n      pluginOptions,\n    })\n\n    const incomingOnInit = config.onInit\n\n    config.onInit = async (payload) => {\n      // Ensure we are executing any existing onInit functions before running our own.\n      if (incomingOnInit) {\n        await incomingOnInit(payload)\n      }\n\n      // Initialize and set the betterAuth instance\n      const auth = initBetterAuth<NonNullable<typeof sanitzedBetterAuthOptions.plugins>>({\n        payload,\n        options: {\n          ...sanitzedBetterAuthOptions,\n          enableDebugLogs: pluginOptions.enableDebugLogs,\n          plugins: [...(sanitzedBetterAuthOptions.plugins ?? [])],\n        },\n      })\n      ;(payload as BasePayload & { betterAuth: typeof auth }).betterAuth = auth\n    }\n    return config\n  }\n}\n"],"names":["sanitizeBetterAuthOptions","getRequiredCollectionSlugs","buildCollectionConfigs","respectSaveToJwtFieldsMiddleware","initBetterAuth","getPayloadAuth","betterAuthPlugin","pluginOptions","config","disabled","custom","hasBetterAuthPlugin","collections","sanitzedBetterAuthOptions","requiredCollectionSlugs","logTables","sanitizedBAOptions","incomingCollections","sanitizedOptions","payloadConfig","incomingOnInit","onInit","payload","auth","options","enableDebugLogs","plugins","betterAuth"],"mappings":"AAEA,SAASA,yBAAyB,QAAQ,8BAA6B;AACvE,SAASC,0BAA0B,QAAQ,sCAAqC;AAChF,SAASC,sBAAsB,QAAQ,iCAAgC;AACvE,SAASC,gCAAgC,QAAQ,8CAA6C;AAC9F,SAASC,cAAc,QAAQ,yBAAwB;AAEvD,cAAc,UAAS;AACvB,cAAc,YAAW;AACzB,SAASJ,yBAAyB,QAAQ,8BAA6B;AACvE,SAASK,cAAc,QAAQ,yBAAwB;AAEvD,OAAO,SAASC,iBAAiBC,aAA6C;IAC5E,OAAO,CAACC;QACN,IAAID,cAAcE,QAAQ,EAAE;YAC1B,OAAOD;QACT;QACAA,OAAOE,MAAM,GAAG;YACd,GAAGF,OAAOE,MAAM;YAChBC,qBAAqB;QACvB;QAEA,IAAI,CAACH,OAAOI,WAAW,EAAE;YACvBJ,OAAOI,WAAW,GAAG,EAAE;QACzB;QAEA,IAAIC,4BAA4Bb,0BAA0BO;QAE1D,sEAAsE;QACtE,MAAMO,0BAA0Bb,2BAA2B;YACzDc,WAAWR,cAAcQ,SAAS,IAAI;YACtCR;YACAS,oBAAoBH;QACtB;QAEA,8DAA8D;QAC9DL,OAAOI,WAAW,GAAGV,uBAAuB;YAC1Ce,qBAAqBT,OAAOI,WAAW,IAAI,EAAE;YAC7CE;YACAP;YACAS,oBAAoBH;QACtB;QAEAV,iCAAiC;YAC/Be,kBAAkBL;YAClBM,eAAeX;YACfD;QACF;QAEA,MAAMa,iBAAiBZ,OAAOa,MAAM;QAEpCb,OAAOa,MAAM,GAAG,OAAOC;YACrB,gFAAgF;YAChF,IAAIF,gBAAgB;gBAClB,MAAMA,eAAeE;YACvB;YAEA,6CAA6C;YAC7C,MAAMC,OAAOnB,eAAsE;gBACjFkB;gBACAE,SAAS;oBACP,GAAGX,yBAAyB;oBAC5BY,iBAAiBlB,cAAckB,eAAe;oBAC9CC,SAAS;2BAAKb,0BAA0Ba,OAAO,IAAI,EAAE;qBAAE;gBACzD;YACF;YACEJ,QAAsDK,UAAU,GAAGJ;QACvE;QACA,OAAOf;IACT;AACF"}

package/dist/better-auth/plugin/lib/auth-strategy.d.ts

@@ -1,8 +0,0 @@
-import type { AuthStrategy } from 'payload';
-/**
- * Auth strategy for BetterAuth
- * @param adminRoles - Admin roles
- * @param userSlug - User collection slug
- * @returns Auth strategy
- */
-export declare function betterAuthStrategy(adminRoles?: string[], userSlug?: string): AuthStrategy;

package/dist/better-auth/plugin/lib/auth-strategy.js

@@ -1,48 +0,0 @@
-import { getPayloadAuth } from './get-payload-auth';
-/**
- * Auth strategy for BetterAuth
- * @param adminRoles - Admin roles
- * @param userSlug - User collection slug
- * @returns Auth strategy
- */ export function betterAuthStrategy(adminRoles, userSlug) {
-    return {
-        name: 'better-auth',
-        authenticate: async ({ payload, headers })=>{
-            const payloadAuth = await getPayloadAuth(payload.config);
-            const session = await payloadAuth.betterAuth.api.getSession({
-                headers
-            });
-            const sessionUserIdField = payloadAuth.betterAuth.options.session?.fields?.userId ?? 'userId';
-            const userId = session?.session?.[sessionUserIdField] ?? session?.user?.id;
-            if (!session || !userId) {
-                return {
-                    user: null
-                };
-            }
-            try {
-                const user = await payloadAuth.findByID({
-                    collection: userSlug ?? 'users',
-                    id: userId
-                });
-                if (!user) {
-                    return {
-                        user: null
-                    };
-                }
-                return {
-                    user: {
-                        ...user,
-                        collection: userSlug ?? 'users',
-                        _strategy: 'better-auth'
-                    }
-                };
-            } catch  {
-                return {
-                    user: null
-                };
-            }
-        }
-    };
-}
-
-//# sourceMappingURL=auth-strategy.js.map

package/dist/better-auth/plugin/lib/auth-strategy.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/plugin/lib/auth-strategy.ts"],"sourcesContent":["import type { AuthStrategy } from 'payload'\nimport { getPayloadAuth } from './get-payload-auth'\nimport type { TPlugins } from '..'\n\n/**\n * Auth strategy for BetterAuth\n * @param adminRoles - Admin roles\n * @param userSlug - User collection slug\n * @returns Auth strategy\n */\nexport function betterAuthStrategy(adminRoles?: string[], userSlug?: string): AuthStrategy {\n  return {\n    name: 'better-auth',\n    authenticate: async ({ payload, headers }) => {\n      const payloadAuth = await getPayloadAuth<NonNullable<TPlugins>>(payload.config)\n      const session = await payloadAuth.betterAuth.api.getSession({ headers })\n      const sessionUserIdField = payloadAuth.betterAuth.options.session?.fields?.userId ?? 'userId'\n      const userId = (session?.session as any)?.[sessionUserIdField] ?? session?.user?.id\n\n      if (!session || !userId) {\n        return { user: null }\n      }\n      try {\n        const user = await payloadAuth.findByID({\n          collection: userSlug ?? 'users',\n          id: userId,\n        })\n\n        if (!user) {\n          return { user: null }\n        }\n\n        return {\n          user: {\n            ...user,\n            collection: userSlug ?? 'users',\n            _strategy: 'better-auth',\n          },\n        }\n      } catch {\n        return { user: null }\n      }\n    },\n  }\n}\n"],"names":["getPayloadAuth","betterAuthStrategy","adminRoles","userSlug","name","authenticate","payload","headers","payloadAuth","config","session","betterAuth","api","getSession","sessionUserIdField","options","fields","userId","user","id","findByID","collection","_strategy"],"mappings":"AACA,SAASA,cAAc,QAAQ,qBAAoB;AAGnD;;;;;CAKC,GACD,OAAO,SAASC,mBAAmBC,UAAqB,EAAEC,QAAiB;IACzE,OAAO;QACLC,MAAM;QACNC,cAAc,OAAO,EAAEC,OAAO,EAAEC,OAAO,EAAE;YACvC,MAAMC,cAAc,MAAMR,eAAsCM,QAAQG,MAAM;YAC9E,MAAMC,UAAU,MAAMF,YAAYG,UAAU,CAACC,GAAG,CAACC,UAAU,CAAC;gBAAEN;YAAQ;YACtE,MAAMO,qBAAqBN,YAAYG,UAAU,CAACI,OAAO,CAACL,OAAO,EAAEM,QAAQC,UAAU;YACrF,MAAMA,SAAS,AAACP,SAASA,SAAiB,CAACI,mBAAmB,IAAIJ,SAASQ,MAAMC;YAEjF,IAAI,CAACT,WAAW,CAACO,QAAQ;gBACvB,OAAO;oBAAEC,MAAM;gBAAK;YACtB;YACA,IAAI;gBACF,MAAMA,OAAO,MAAMV,YAAYY,QAAQ,CAAC;oBACtCC,YAAYlB,YAAY;oBACxBgB,IAAIF;gBACN;gBAEA,IAAI,CAACC,MAAM;oBACT,OAAO;wBAAEA,MAAM;oBAAK;gBACtB;gBAEA,OAAO;oBACLA,MAAM;wBACJ,GAAGA,IAAI;wBACPG,YAAYlB,YAAY;wBACxBmB,WAAW;oBACb;gBACF;YACF,EAAE,OAAM;gBACN,OAAO;oBAAEJ,MAAM;gBAAK;YACtB;QACF;IACF;AACF"}

package/dist/better-auth/plugin/lib/build-collection-configs.d.ts

@@ -1,11 +0,0 @@
-import type { PayloadBetterAuthPluginOptions, SanitizedBetterAuthOptions } from '..';
-import { CollectionConfig } from 'payload';
-/**
- * Builds the required collections based on the BetterAuth options and plugins
- */
-export declare function buildCollectionConfigs({ incomingCollections, requiredCollectionSlugs, pluginOptions, sanitizedBAOptions, }: {
-    incomingCollections: CollectionConfig[];
-    requiredCollectionSlugs: Set<string>;
-    pluginOptions: PayloadBetterAuthPluginOptions;
-    sanitizedBAOptions: SanitizedBetterAuthOptions;
-}): CollectionConfig[];