This is page 12 of 51. Use http://codebase.md/better-auth/better-auth?lines=false&page={x} to view the full context.
# Directory Structure
```
├── .gitattributes
├── .github
│ ├── CODEOWNERS
│ ├── FUNDING.yml
│ ├── ISSUE_TEMPLATE
│ │ ├── bug_report.yml
│ │ └── feature_request.yml
│ ├── renovate.json5
│ └── workflows
│ ├── ci.yml
│ ├── e2e.yml
│ ├── preview.yml
│ └── release.yml
├── .gitignore
├── .npmrc
├── .nvmrc
├── .vscode
│ └── settings.json
├── banner-dark.png
├── banner.png
├── biome.json
├── bump.config.ts
├── CODE_OF_CONDUCT.md
├── CONTRIBUTING.md
├── demo
│ ├── expo-example
│ │ ├── .env.example
│ │ ├── .gitignore
│ │ ├── app.config.ts
│ │ ├── assets
│ │ │ ├── bg-image.jpeg
│ │ │ ├── fonts
│ │ │ │ └── SpaceMono-Regular.ttf
│ │ │ ├── icon.png
│ │ │ └── images
│ │ │ ├── adaptive-icon.png
│ │ │ ├── favicon.png
│ │ │ ├── logo.png
│ │ │ ├── partial-react-logo.png
│ │ │ ├── react-logo.png
│ │ │ ├── [email protected]
│ │ │ ├── [email protected]
│ │ │ └── splash.png
│ │ ├── babel.config.js
│ │ ├── components.json
│ │ ├── expo-env.d.ts
│ │ ├── index.ts
│ │ ├── metro.config.js
│ │ ├── nativewind-env.d.ts
│ │ ├── package.json
│ │ ├── README.md
│ │ ├── src
│ │ │ ├── app
│ │ │ │ ├── _layout.tsx
│ │ │ │ ├── api
│ │ │ │ │ └── auth
│ │ │ │ │ └── [...route]+api.ts
│ │ │ │ ├── dashboard.tsx
│ │ │ │ ├── forget-password.tsx
│ │ │ │ ├── index.tsx
│ │ │ │ └── sign-up.tsx
│ │ │ ├── components
│ │ │ │ ├── icons
│ │ │ │ │ └── google.tsx
│ │ │ │ └── ui
│ │ │ │ ├── avatar.tsx
│ │ │ │ ├── button.tsx
│ │ │ │ ├── card.tsx
│ │ │ │ ├── dialog.tsx
│ │ │ │ ├── input.tsx
│ │ │ │ ├── separator.tsx
│ │ │ │ └── text.tsx
│ │ │ ├── global.css
│ │ │ └── lib
│ │ │ ├── auth-client.ts
│ │ │ ├── auth.ts
│ │ │ ├── icons
│ │ │ │ ├── iconWithClassName.ts
│ │ │ │ └── X.tsx
│ │ │ └── utils.ts
│ │ ├── tailwind.config.js
│ │ └── tsconfig.json
│ └── nextjs
│ ├── .env.example
│ ├── .gitignore
│ ├── app
│ │ ├── (auth)
│ │ │ ├── forget-password
│ │ │ │ └── page.tsx
│ │ │ ├── reset-password
│ │ │ │ └── page.tsx
│ │ │ ├── sign-in
│ │ │ │ ├── loading.tsx
│ │ │ │ └── page.tsx
│ │ │ └── two-factor
│ │ │ ├── otp
│ │ │ │ └── page.tsx
│ │ │ └── page.tsx
│ │ ├── accept-invitation
│ │ │ └── [id]
│ │ │ ├── invitation-error.tsx
│ │ │ └── page.tsx
│ │ ├── admin
│ │ │ └── page.tsx
│ │ ├── api
│ │ │ └── auth
│ │ │ └── [...all]
│ │ │ └── route.ts
│ │ ├── apps
│ │ │ └── register
│ │ │ └── page.tsx
│ │ ├── client-test
│ │ │ └── page.tsx
│ │ ├── dashboard
│ │ │ ├── change-plan.tsx
│ │ │ ├── client.tsx
│ │ │ ├── organization-card.tsx
│ │ │ ├── page.tsx
│ │ │ ├── upgrade-button.tsx
│ │ │ └── user-card.tsx
│ │ ├── device
│ │ │ ├── approve
│ │ │ │ └── page.tsx
│ │ │ ├── denied
│ │ │ │ └── page.tsx
│ │ │ ├── layout.tsx
│ │ │ ├── page.tsx
│ │ │ └── success
│ │ │ └── page.tsx
│ │ ├── favicon.ico
│ │ ├── features.tsx
│ │ ├── fonts
│ │ │ ├── GeistMonoVF.woff
│ │ │ └── GeistVF.woff
│ │ ├── globals.css
│ │ ├── layout.tsx
│ │ ├── oauth
│ │ │ └── authorize
│ │ │ ├── concet-buttons.tsx
│ │ │ └── page.tsx
│ │ ├── page.tsx
│ │ └── pricing
│ │ └── page.tsx
│ ├── components
│ │ ├── account-switch.tsx
│ │ ├── blocks
│ │ │ └── pricing.tsx
│ │ ├── logo.tsx
│ │ ├── one-tap.tsx
│ │ ├── sign-in-btn.tsx
│ │ ├── sign-in.tsx
│ │ ├── sign-up.tsx
│ │ ├── theme-provider.tsx
│ │ ├── theme-toggle.tsx
│ │ ├── tier-labels.tsx
│ │ ├── ui
│ │ │ ├── accordion.tsx
│ │ │ ├── alert-dialog.tsx
│ │ │ ├── alert.tsx
│ │ │ ├── aspect-ratio.tsx
│ │ │ ├── avatar.tsx
│ │ │ ├── badge.tsx
│ │ │ ├── breadcrumb.tsx
│ │ │ ├── button.tsx
│ │ │ ├── calendar.tsx
│ │ │ ├── card.tsx
│ │ │ ├── carousel.tsx
│ │ │ ├── chart.tsx
│ │ │ ├── checkbox.tsx
│ │ │ ├── collapsible.tsx
│ │ │ ├── command.tsx
│ │ │ ├── context-menu.tsx
│ │ │ ├── copy-button.tsx
│ │ │ ├── dialog.tsx
│ │ │ ├── drawer.tsx
│ │ │ ├── dropdown-menu.tsx
│ │ │ ├── form.tsx
│ │ │ ├── hover-card.tsx
│ │ │ ├── input-otp.tsx
│ │ │ ├── input.tsx
│ │ │ ├── label.tsx
│ │ │ ├── menubar.tsx
│ │ │ ├── navigation-menu.tsx
│ │ │ ├── pagination.tsx
│ │ │ ├── password-input.tsx
│ │ │ ├── popover.tsx
│ │ │ ├── progress.tsx
│ │ │ ├── radio-group.tsx
│ │ │ ├── resizable.tsx
│ │ │ ├── scroll-area.tsx
│ │ │ ├── select.tsx
│ │ │ ├── separator.tsx
│ │ │ ├── sheet.tsx
│ │ │ ├── skeleton.tsx
│ │ │ ├── slider.tsx
│ │ │ ├── sonner.tsx
│ │ │ ├── switch.tsx
│ │ │ ├── table.tsx
│ │ │ ├── tabs.tsx
│ │ │ ├── tabs2.tsx
│ │ │ ├── textarea.tsx
│ │ │ ├── toast.tsx
│ │ │ ├── toaster.tsx
│ │ │ ├── toggle-group.tsx
│ │ │ ├── toggle.tsx
│ │ │ └── tooltip.tsx
│ │ └── wrapper.tsx
│ ├── components.json
│ ├── hooks
│ │ └── use-toast.ts
│ ├── lib
│ │ ├── auth-client.ts
│ │ ├── auth-types.ts
│ │ ├── auth.ts
│ │ ├── email
│ │ │ ├── invitation.tsx
│ │ │ ├── resend.ts
│ │ │ └── reset-password.tsx
│ │ ├── metadata.ts
│ │ ├── shared.ts
│ │ └── utils.ts
│ ├── next.config.ts
│ ├── package.json
│ ├── postcss.config.mjs
│ ├── proxy.ts
│ ├── public
│ │ ├── __og.png
│ │ ├── _og.png
│ │ ├── favicon
│ │ │ ├── android-chrome-192x192.png
│ │ │ ├── android-chrome-512x512.png
│ │ │ ├── apple-touch-icon.png
│ │ │ ├── favicon-16x16.png
│ │ │ ├── favicon-32x32.png
│ │ │ ├── favicon.ico
│ │ │ ├── light
│ │ │ │ ├── android-chrome-192x192.png
│ │ │ │ ├── android-chrome-512x512.png
│ │ │ │ ├── apple-touch-icon.png
│ │ │ │ ├── favicon-16x16.png
│ │ │ │ ├── favicon-32x32.png
│ │ │ │ ├── favicon.ico
│ │ │ │ └── site.webmanifest
│ │ │ └── site.webmanifest
│ │ ├── logo.svg
│ │ └── og.png
│ ├── README.md
│ ├── tailwind.config.ts
│ ├── tsconfig.json
│ └── turbo.json
├── docker-compose.yml
├── docs
│ ├── .env.example
│ ├── .gitignore
│ ├── app
│ │ ├── api
│ │ │ ├── ai-chat
│ │ │ │ └── route.ts
│ │ │ ├── analytics
│ │ │ │ ├── conversation
│ │ │ │ │ └── route.ts
│ │ │ │ ├── event
│ │ │ │ │ └── route.ts
│ │ │ │ └── feedback
│ │ │ │ └── route.ts
│ │ │ ├── chat
│ │ │ │ └── route.ts
│ │ │ ├── og
│ │ │ │ └── route.tsx
│ │ │ ├── og-release
│ │ │ │ └── route.tsx
│ │ │ ├── search
│ │ │ │ └── route.ts
│ │ │ └── support
│ │ │ └── route.ts
│ │ ├── blog
│ │ │ ├── _components
│ │ │ │ ├── _layout.tsx
│ │ │ │ ├── blog-list.tsx
│ │ │ │ ├── changelog-layout.tsx
│ │ │ │ ├── default-changelog.tsx
│ │ │ │ ├── fmt-dates.tsx
│ │ │ │ ├── icons.tsx
│ │ │ │ ├── stat-field.tsx
│ │ │ │ └── support.tsx
│ │ │ ├── [[...slug]]
│ │ │ │ └── page.tsx
│ │ │ └── layout.tsx
│ │ ├── changelogs
│ │ │ ├── _components
│ │ │ │ ├── _layout.tsx
│ │ │ │ ├── changelog-layout.tsx
│ │ │ │ ├── default-changelog.tsx
│ │ │ │ ├── fmt-dates.tsx
│ │ │ │ ├── grid-pattern.tsx
│ │ │ │ ├── icons.tsx
│ │ │ │ └── stat-field.tsx
│ │ │ ├── [[...slug]]
│ │ │ │ └── page.tsx
│ │ │ └── layout.tsx
│ │ ├── community
│ │ │ ├── _components
│ │ │ │ ├── header.tsx
│ │ │ │ └── stats.tsx
│ │ │ └── page.tsx
│ │ ├── docs
│ │ │ ├── [[...slug]]
│ │ │ │ ├── page.client.tsx
│ │ │ │ └── page.tsx
│ │ │ ├── layout.tsx
│ │ │ └── lib
│ │ │ └── get-llm-text.ts
│ │ ├── global.css
│ │ ├── layout.config.tsx
│ │ ├── layout.tsx
│ │ ├── llms.txt
│ │ │ ├── [...slug]
│ │ │ │ └── route.ts
│ │ │ └── route.ts
│ │ ├── not-found.tsx
│ │ ├── page.tsx
│ │ ├── reference
│ │ │ └── route.ts
│ │ ├── sitemap.xml
│ │ ├── static.json
│ │ │ └── route.ts
│ │ └── v1
│ │ ├── _components
│ │ │ └── v1-text.tsx
│ │ ├── bg-line.tsx
│ │ └── page.tsx
│ ├── assets
│ │ ├── Geist.ttf
│ │ └── GeistMono.ttf
│ ├── components
│ │ ├── ai-chat-modal.tsx
│ │ ├── anchor-scroll-fix.tsx
│ │ ├── api-method-tabs.tsx
│ │ ├── api-method.tsx
│ │ ├── banner.tsx
│ │ ├── blocks
│ │ │ └── features.tsx
│ │ ├── builder
│ │ │ ├── beam.tsx
│ │ │ ├── code-tabs
│ │ │ │ ├── code-editor.tsx
│ │ │ │ ├── code-tabs.tsx
│ │ │ │ ├── index.tsx
│ │ │ │ ├── tab-bar.tsx
│ │ │ │ └── theme.ts
│ │ │ ├── index.tsx
│ │ │ ├── sign-in.tsx
│ │ │ ├── sign-up.tsx
│ │ │ ├── social-provider.tsx
│ │ │ ├── store.ts
│ │ │ └── tabs.tsx
│ │ ├── display-techstack.tsx
│ │ ├── divider-text.tsx
│ │ ├── docs
│ │ │ ├── docs.client.tsx
│ │ │ ├── docs.tsx
│ │ │ ├── layout
│ │ │ │ ├── nav.tsx
│ │ │ │ ├── theme-toggle.tsx
│ │ │ │ ├── toc-thumb.tsx
│ │ │ │ └── toc.tsx
│ │ │ ├── page.client.tsx
│ │ │ ├── page.tsx
│ │ │ ├── shared.tsx
│ │ │ └── ui
│ │ │ ├── button.tsx
│ │ │ ├── collapsible.tsx
│ │ │ ├── popover.tsx
│ │ │ └── scroll-area.tsx
│ │ ├── endpoint.tsx
│ │ ├── features.tsx
│ │ ├── floating-ai-search.tsx
│ │ ├── fork-button.tsx
│ │ ├── generate-apple-jwt.tsx
│ │ ├── generate-secret.tsx
│ │ ├── github-stat.tsx
│ │ ├── icons.tsx
│ │ ├── landing
│ │ │ ├── gradient-bg.tsx
│ │ │ ├── grid-pattern.tsx
│ │ │ ├── hero.tsx
│ │ │ ├── section-svg.tsx
│ │ │ ├── section.tsx
│ │ │ ├── spotlight.tsx
│ │ │ └── testimonials.tsx
│ │ ├── logo-context-menu.tsx
│ │ ├── logo.tsx
│ │ ├── markdown-renderer.tsx
│ │ ├── markdown.tsx
│ │ ├── mdx
│ │ │ ├── add-to-cursor.tsx
│ │ │ └── database-tables.tsx
│ │ ├── message-feedback.tsx
│ │ ├── mobile-search-icon.tsx
│ │ ├── nav-bar.tsx
│ │ ├── nav-link.tsx
│ │ ├── nav-mobile.tsx
│ │ ├── promo-card.tsx
│ │ ├── resource-card.tsx
│ │ ├── resource-grid.tsx
│ │ ├── resource-section.tsx
│ │ ├── ripple.tsx
│ │ ├── search-dialog.tsx
│ │ ├── side-bar.tsx
│ │ ├── sidebar-content.tsx
│ │ ├── techstack-icons.tsx
│ │ ├── theme-provider.tsx
│ │ ├── theme-toggler.tsx
│ │ └── ui
│ │ ├── accordion.tsx
│ │ ├── alert-dialog.tsx
│ │ ├── alert.tsx
│ │ ├── aside-link.tsx
│ │ ├── aspect-ratio.tsx
│ │ ├── avatar.tsx
│ │ ├── background-beams.tsx
│ │ ├── background-boxes.tsx
│ │ ├── badge.tsx
│ │ ├── breadcrumb.tsx
│ │ ├── button.tsx
│ │ ├── calendar.tsx
│ │ ├── callout.tsx
│ │ ├── card.tsx
│ │ ├── carousel.tsx
│ │ ├── chart.tsx
│ │ ├── checkbox.tsx
│ │ ├── code-block.tsx
│ │ ├── collapsible.tsx
│ │ ├── command.tsx
│ │ ├── context-menu.tsx
│ │ ├── dialog.tsx
│ │ ├── drawer.tsx
│ │ ├── dropdown-menu.tsx
│ │ ├── dynamic-code-block.tsx
│ │ ├── fade-in.tsx
│ │ ├── form.tsx
│ │ ├── hover-card.tsx
│ │ ├── input-otp.tsx
│ │ ├── input.tsx
│ │ ├── label.tsx
│ │ ├── menubar.tsx
│ │ ├── navigation-menu.tsx
│ │ ├── pagination.tsx
│ │ ├── popover.tsx
│ │ ├── progress.tsx
│ │ ├── radio-group.tsx
│ │ ├── resizable.tsx
│ │ ├── scroll-area.tsx
│ │ ├── select.tsx
│ │ ├── separator.tsx
│ │ ├── sheet.tsx
│ │ ├── sidebar.tsx
│ │ ├── skeleton.tsx
│ │ ├── slider.tsx
│ │ ├── sonner.tsx
│ │ ├── sparkles.tsx
│ │ ├── switch.tsx
│ │ ├── table.tsx
│ │ ├── tabs.tsx
│ │ ├── textarea.tsx
│ │ ├── toggle-group.tsx
│ │ ├── toggle.tsx
│ │ ├── tooltip-docs.tsx
│ │ ├── tooltip.tsx
│ │ └── use-copy-button.tsx
│ ├── components.json
│ ├── content
│ │ ├── blogs
│ │ │ ├── 0-supabase-auth-to-planetscale-migration.mdx
│ │ │ ├── 1-3.mdx
│ │ │ ├── authjs-joins-better-auth.mdx
│ │ │ └── seed-round.mdx
│ │ ├── changelogs
│ │ │ ├── 1-2.mdx
│ │ │ └── 1.0.mdx
│ │ └── docs
│ │ ├── adapters
│ │ │ ├── community-adapters.mdx
│ │ │ ├── drizzle.mdx
│ │ │ ├── mongo.mdx
│ │ │ ├── mssql.mdx
│ │ │ ├── mysql.mdx
│ │ │ ├── other-relational-databases.mdx
│ │ │ ├── postgresql.mdx
│ │ │ ├── prisma.mdx
│ │ │ └── sqlite.mdx
│ │ ├── authentication
│ │ │ ├── apple.mdx
│ │ │ ├── atlassian.mdx
│ │ │ ├── cognito.mdx
│ │ │ ├── discord.mdx
│ │ │ ├── dropbox.mdx
│ │ │ ├── email-password.mdx
│ │ │ ├── facebook.mdx
│ │ │ ├── figma.mdx
│ │ │ ├── github.mdx
│ │ │ ├── gitlab.mdx
│ │ │ ├── google.mdx
│ │ │ ├── huggingface.mdx
│ │ │ ├── kakao.mdx
│ │ │ ├── kick.mdx
│ │ │ ├── line.mdx
│ │ │ ├── linear.mdx
│ │ │ ├── linkedin.mdx
│ │ │ ├── microsoft.mdx
│ │ │ ├── naver.mdx
│ │ │ ├── notion.mdx
│ │ │ ├── other-social-providers.mdx
│ │ │ ├── paypal.mdx
│ │ │ ├── reddit.mdx
│ │ │ ├── roblox.mdx
│ │ │ ├── salesforce.mdx
│ │ │ ├── slack.mdx
│ │ │ ├── spotify.mdx
│ │ │ ├── tiktok.mdx
│ │ │ ├── twitch.mdx
│ │ │ ├── twitter.mdx
│ │ │ ├── vk.mdx
│ │ │ └── zoom.mdx
│ │ ├── basic-usage.mdx
│ │ ├── comparison.mdx
│ │ ├── concepts
│ │ │ ├── api.mdx
│ │ │ ├── cli.mdx
│ │ │ ├── client.mdx
│ │ │ ├── cookies.mdx
│ │ │ ├── database.mdx
│ │ │ ├── email.mdx
│ │ │ ├── hooks.mdx
│ │ │ ├── oauth.mdx
│ │ │ ├── plugins.mdx
│ │ │ ├── rate-limit.mdx
│ │ │ ├── session-management.mdx
│ │ │ ├── typescript.mdx
│ │ │ └── users-accounts.mdx
│ │ ├── examples
│ │ │ ├── astro.mdx
│ │ │ ├── next-js.mdx
│ │ │ ├── nuxt.mdx
│ │ │ ├── remix.mdx
│ │ │ └── svelte-kit.mdx
│ │ ├── guides
│ │ │ ├── auth0-migration-guide.mdx
│ │ │ ├── browser-extension-guide.mdx
│ │ │ ├── clerk-migration-guide.mdx
│ │ │ ├── create-a-db-adapter.mdx
│ │ │ ├── next-auth-migration-guide.mdx
│ │ │ ├── optimizing-for-performance.mdx
│ │ │ ├── saml-sso-with-okta.mdx
│ │ │ ├── supabase-migration-guide.mdx
│ │ │ └── your-first-plugin.mdx
│ │ ├── installation.mdx
│ │ ├── integrations
│ │ │ ├── astro.mdx
│ │ │ ├── convex.mdx
│ │ │ ├── elysia.mdx
│ │ │ ├── expo.mdx
│ │ │ ├── express.mdx
│ │ │ ├── fastify.mdx
│ │ │ ├── hono.mdx
│ │ │ ├── lynx.mdx
│ │ │ ├── nestjs.mdx
│ │ │ ├── next.mdx
│ │ │ ├── nitro.mdx
│ │ │ ├── nuxt.mdx
│ │ │ ├── remix.mdx
│ │ │ ├── solid-start.mdx
│ │ │ ├── svelte-kit.mdx
│ │ │ ├── tanstack.mdx
│ │ │ └── waku.mdx
│ │ ├── introduction.mdx
│ │ ├── meta.json
│ │ ├── plugins
│ │ │ ├── 2fa.mdx
│ │ │ ├── admin.mdx
│ │ │ ├── anonymous.mdx
│ │ │ ├── api-key.mdx
│ │ │ ├── autumn.mdx
│ │ │ ├── bearer.mdx
│ │ │ ├── captcha.mdx
│ │ │ ├── community-plugins.mdx
│ │ │ ├── device-authorization.mdx
│ │ │ ├── dodopayments.mdx
│ │ │ ├── dub.mdx
│ │ │ ├── email-otp.mdx
│ │ │ ├── generic-oauth.mdx
│ │ │ ├── have-i-been-pwned.mdx
│ │ │ ├── jwt.mdx
│ │ │ ├── last-login-method.mdx
│ │ │ ├── magic-link.mdx
│ │ │ ├── mcp.mdx
│ │ │ ├── multi-session.mdx
│ │ │ ├── oauth-proxy.mdx
│ │ │ ├── oidc-provider.mdx
│ │ │ ├── one-tap.mdx
│ │ │ ├── one-time-token.mdx
│ │ │ ├── open-api.mdx
│ │ │ ├── organization.mdx
│ │ │ ├── passkey.mdx
│ │ │ ├── phone-number.mdx
│ │ │ ├── polar.mdx
│ │ │ ├── siwe.mdx
│ │ │ ├── sso.mdx
│ │ │ ├── stripe.mdx
│ │ │ └── username.mdx
│ │ └── reference
│ │ ├── contributing.mdx
│ │ ├── faq.mdx
│ │ ├── options.mdx
│ │ ├── resources.mdx
│ │ ├── security.mdx
│ │ └── telemetry.mdx
│ ├── hooks
│ │ └── use-mobile.ts
│ ├── ignore-build.sh
│ ├── lib
│ │ ├── blog.ts
│ │ ├── chat
│ │ │ └── inkeep-qa-schema.ts
│ │ ├── constants.ts
│ │ ├── export-search-indexes.ts
│ │ ├── inkeep-analytics.ts
│ │ ├── is-active.ts
│ │ ├── metadata.ts
│ │ ├── source.ts
│ │ └── utils.ts
│ ├── next.config.js
│ ├── package.json
│ ├── postcss.config.js
│ ├── proxy.ts
│ ├── public
│ │ ├── avatars
│ │ │ └── beka.jpg
│ │ ├── blogs
│ │ │ ├── authjs-joins.png
│ │ │ ├── seed-round.png
│ │ │ └── supabase-ps.png
│ │ ├── branding
│ │ │ ├── better-auth-brand-assets.zip
│ │ │ ├── better-auth-logo-dark.png
│ │ │ ├── better-auth-logo-dark.svg
│ │ │ ├── better-auth-logo-light.png
│ │ │ ├── better-auth-logo-light.svg
│ │ │ ├── better-auth-logo-wordmark-dark.png
│ │ │ ├── better-auth-logo-wordmark-dark.svg
│ │ │ ├── better-auth-logo-wordmark-light.png
│ │ │ └── better-auth-logo-wordmark-light.svg
│ │ ├── extension-id.png
│ │ ├── favicon
│ │ │ ├── android-chrome-192x192.png
│ │ │ ├── android-chrome-512x512.png
│ │ │ ├── apple-touch-icon.png
│ │ │ ├── favicon-16x16.png
│ │ │ ├── favicon-32x32.png
│ │ │ ├── favicon.ico
│ │ │ ├── light
│ │ │ │ ├── android-chrome-192x192.png
│ │ │ │ ├── android-chrome-512x512.png
│ │ │ │ ├── apple-touch-icon.png
│ │ │ │ ├── favicon-16x16.png
│ │ │ │ ├── favicon-32x32.png
│ │ │ │ ├── favicon.ico
│ │ │ │ └── site.webmanifest
│ │ │ └── site.webmanifest
│ │ ├── images
│ │ │ └── blogs
│ │ │ └── better auth (1).png
│ │ ├── logo.png
│ │ ├── logo.svg
│ │ ├── LogoDark.webp
│ │ ├── LogoLight.webp
│ │ ├── og.png
│ │ ├── open-api-reference.png
│ │ ├── people-say
│ │ │ ├── code-with-antonio.jpg
│ │ │ ├── dagmawi-babi.png
│ │ │ ├── dax.png
│ │ │ ├── dev-ed.png
│ │ │ ├── egoist.png
│ │ │ ├── guillermo-rauch.png
│ │ │ ├── jonathan-wilke.png
│ │ │ ├── josh-tried-coding.jpg
│ │ │ ├── kitze.jpg
│ │ │ ├── lazar-nikolov.png
│ │ │ ├── nizzy.png
│ │ │ ├── omar-mcadam.png
│ │ │ ├── ryan-vogel.jpg
│ │ │ ├── saltyatom.jpg
│ │ │ ├── sebastien-chopin.png
│ │ │ ├── shreyas-mididoddi.png
│ │ │ ├── tech-nerd.png
│ │ │ ├── theo.png
│ │ │ ├── vybhav-bhargav.png
│ │ │ └── xavier-pladevall.jpg
│ │ ├── plus.svg
│ │ ├── release-og
│ │ │ ├── 1-2.png
│ │ │ ├── 1-3.png
│ │ │ └── changelog-og.png
│ │ └── v1-og.png
│ ├── README.md
│ ├── scripts
│ │ ├── endpoint-to-doc
│ │ │ ├── index.ts
│ │ │ ├── input.ts
│ │ │ ├── output.mdx
│ │ │ └── readme.md
│ │ └── sync-orama.ts
│ ├── source.config.ts
│ ├── tailwind.config.js
│ ├── tsconfig.json
│ └── turbo.json
├── e2e
│ ├── integration
│ │ ├── package.json
│ │ ├── playwright.config.ts
│ │ ├── solid-vinxi
│ │ │ ├── .gitignore
│ │ │ ├── app.config.ts
│ │ │ ├── e2e
│ │ │ │ ├── test.spec.ts
│ │ │ │ └── utils.ts
│ │ │ ├── package.json
│ │ │ ├── public
│ │ │ │ └── favicon.ico
│ │ │ ├── src
│ │ │ │ ├── app.tsx
│ │ │ │ ├── entry-client.tsx
│ │ │ │ ├── entry-server.tsx
│ │ │ │ ├── global.d.ts
│ │ │ │ ├── lib
│ │ │ │ │ ├── auth-client.ts
│ │ │ │ │ └── auth.ts
│ │ │ │ └── routes
│ │ │ │ ├── [...404].tsx
│ │ │ │ ├── api
│ │ │ │ │ └── auth
│ │ │ │ │ └── [...all].ts
│ │ │ │ └── index.tsx
│ │ │ └── tsconfig.json
│ │ ├── test-utils
│ │ │ ├── package.json
│ │ │ └── src
│ │ │ └── playwright.ts
│ │ └── vanilla-node
│ │ ├── e2e
│ │ │ ├── app.ts
│ │ │ ├── domain.spec.ts
│ │ │ ├── postgres-js.spec.ts
│ │ │ ├── test.spec.ts
│ │ │ └── utils.ts
│ │ ├── index.html
│ │ ├── package.json
│ │ ├── src
│ │ │ ├── main.ts
│ │ │ └── vite-env.d.ts
│ │ ├── tsconfig.json
│ │ └── vite.config.ts
│ └── smoke
│ ├── package.json
│ ├── test
│ │ ├── bun.spec.ts
│ │ ├── cloudflare.spec.ts
│ │ ├── deno.spec.ts
│ │ ├── fixtures
│ │ │ ├── bun-simple.ts
│ │ │ ├── cloudflare
│ │ │ │ ├── .gitignore
│ │ │ │ ├── drizzle
│ │ │ │ │ ├── 0000_clean_vector.sql
│ │ │ │ │ └── meta
│ │ │ │ │ ├── _journal.json
│ │ │ │ │ └── 0000_snapshot.json
│ │ │ │ ├── drizzle.config.ts
│ │ │ │ ├── package.json
│ │ │ │ ├── src
│ │ │ │ │ ├── auth-schema.ts
│ │ │ │ │ ├── db.ts
│ │ │ │ │ └── index.ts
│ │ │ │ ├── test
│ │ │ │ │ ├── apply-migrations.ts
│ │ │ │ │ ├── env.d.ts
│ │ │ │ │ └── index.test.ts
│ │ │ │ ├── tsconfig.json
│ │ │ │ ├── vitest.config.ts
│ │ │ │ ├── worker-configuration.d.ts
│ │ │ │ └── wrangler.json
│ │ │ ├── deno-simple.ts
│ │ │ ├── tsconfig-decelration
│ │ │ │ ├── package.json
│ │ │ │ ├── src
│ │ │ │ │ ├── demo.ts
│ │ │ │ │ └── index.ts
│ │ │ │ └── tsconfig.json
│ │ │ ├── tsconfig-exact-optional-property-types
│ │ │ │ ├── package.json
│ │ │ │ ├── src
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── organization.ts
│ │ │ │ │ ├── user-additional-fields.ts
│ │ │ │ │ └── username.ts
│ │ │ │ └── tsconfig.json
│ │ │ ├── tsconfig-isolated-module-bundler
│ │ │ │ ├── package.json
│ │ │ │ ├── src
│ │ │ │ │ └── index.ts
│ │ │ │ └── tsconfig.json
│ │ │ ├── tsconfig-verbatim-module-syntax-node10
│ │ │ │ ├── package.json
│ │ │ │ ├── src
│ │ │ │ │ └── index.ts
│ │ │ │ └── tsconfig.json
│ │ │ └── vite
│ │ │ ├── package.json
│ │ │ ├── src
│ │ │ │ ├── client.ts
│ │ │ │ └── server.ts
│ │ │ ├── tsconfig.json
│ │ │ └── vite.config.ts
│ │ ├── ssr.ts
│ │ ├── typecheck.spec.ts
│ │ └── vite.spec.ts
│ └── tsconfig.json
├── LICENSE.md
├── package.json
├── packages
│ ├── better-auth
│ │ ├── package.json
│ │ ├── README.md
│ │ ├── src
│ │ │ ├── __snapshots__
│ │ │ │ └── init.test.ts.snap
│ │ │ ├── adapters
│ │ │ │ ├── adapter-factory
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── test
│ │ │ │ │ │ ├── __snapshots__
│ │ │ │ │ │ │ └── adapter-factory.test.ts.snap
│ │ │ │ │ │ └── adapter-factory.test.ts
│ │ │ │ │ └── types.ts
│ │ │ │ ├── create-test-suite.ts
│ │ │ │ ├── drizzle-adapter
│ │ │ │ │ ├── drizzle-adapter.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── test
│ │ │ │ │ ├── .gitignore
│ │ │ │ │ ├── adapter.drizzle.mysql.test.ts
│ │ │ │ │ ├── adapter.drizzle.pg.test.ts
│ │ │ │ │ ├── adapter.drizzle.sqlite.test.ts
│ │ │ │ │ └── generate-schema.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── kysely-adapter
│ │ │ │ │ ├── bun-sqlite-dialect.ts
│ │ │ │ │ ├── dialect.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── kysely-adapter.ts
│ │ │ │ │ ├── node-sqlite-dialect.ts
│ │ │ │ │ ├── test
│ │ │ │ │ │ ├── adapter.kysely.mssql.test.ts
│ │ │ │ │ │ ├── adapter.kysely.mysql.test.ts
│ │ │ │ │ │ ├── adapter.kysely.pg.test.ts
│ │ │ │ │ │ ├── adapter.kysely.sqlite.test.ts
│ │ │ │ │ │ └── node-sqlite-dialect.test.ts
│ │ │ │ │ └── types.ts
│ │ │ │ ├── memory-adapter
│ │ │ │ │ ├── adapter.memory.test.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── memory-adapter.ts
│ │ │ │ ├── mongodb-adapter
│ │ │ │ │ ├── adapter.mongo-db.test.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── mongodb-adapter.ts
│ │ │ │ ├── prisma-adapter
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── prisma-adapter.ts
│ │ │ │ │ └── test
│ │ │ │ │ ├── .gitignore
│ │ │ │ │ ├── base.prisma
│ │ │ │ │ ├── generate-auth-config.ts
│ │ │ │ │ ├── generate-prisma-schema.ts
│ │ │ │ │ ├── get-prisma-client.ts
│ │ │ │ │ ├── prisma.mysql.test.ts
│ │ │ │ │ ├── prisma.pg.test.ts
│ │ │ │ │ ├── prisma.sqlite.test.ts
│ │ │ │ │ └── push-prisma-schema.ts
│ │ │ │ ├── test-adapter.ts
│ │ │ │ ├── test.ts
│ │ │ │ ├── tests
│ │ │ │ │ ├── auth-flow.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── normal.ts
│ │ │ │ │ ├── number-id.ts
│ │ │ │ │ ├── performance.ts
│ │ │ │ │ └── transactions.ts
│ │ │ │ └── utils.ts
│ │ │ ├── api
│ │ │ │ ├── check-endpoint-conflicts.test.ts
│ │ │ │ ├── index.test.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── middlewares
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── origin-check.test.ts
│ │ │ │ │ └── origin-check.ts
│ │ │ │ ├── rate-limiter
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── rate-limiter.test.ts
│ │ │ │ ├── routes
│ │ │ │ │ ├── account.test.ts
│ │ │ │ │ ├── account.ts
│ │ │ │ │ ├── callback.ts
│ │ │ │ │ ├── email-verification.test.ts
│ │ │ │ │ ├── email-verification.ts
│ │ │ │ │ ├── error.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── ok.ts
│ │ │ │ │ ├── reset-password.test.ts
│ │ │ │ │ ├── reset-password.ts
│ │ │ │ │ ├── session-api.test.ts
│ │ │ │ │ ├── session.ts
│ │ │ │ │ ├── sign-in.test.ts
│ │ │ │ │ ├── sign-in.ts
│ │ │ │ │ ├── sign-out.test.ts
│ │ │ │ │ ├── sign-out.ts
│ │ │ │ │ ├── sign-up.test.ts
│ │ │ │ │ ├── sign-up.ts
│ │ │ │ │ ├── update-user.test.ts
│ │ │ │ │ └── update-user.ts
│ │ │ │ ├── to-auth-endpoints.test.ts
│ │ │ │ └── to-auth-endpoints.ts
│ │ │ ├── auth.test.ts
│ │ │ ├── auth.ts
│ │ │ ├── call.test.ts
│ │ │ ├── client
│ │ │ │ ├── client-ssr.test.ts
│ │ │ │ ├── client.test.ts
│ │ │ │ ├── config.ts
│ │ │ │ ├── fetch-plugins.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── lynx
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── lynx-store.ts
│ │ │ │ ├── parser.ts
│ │ │ │ ├── path-to-object.ts
│ │ │ │ ├── plugins
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── infer-plugin.ts
│ │ │ │ ├── proxy.ts
│ │ │ │ ├── query.ts
│ │ │ │ ├── react
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── react-store.ts
│ │ │ │ ├── session-atom.ts
│ │ │ │ ├── solid
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── solid-store.ts
│ │ │ │ ├── svelte
│ │ │ │ │ └── index.ts
│ │ │ │ ├── test-plugin.ts
│ │ │ │ ├── types.ts
│ │ │ │ ├── url.test.ts
│ │ │ │ ├── vanilla.ts
│ │ │ │ └── vue
│ │ │ │ ├── index.ts
│ │ │ │ └── vue-store.ts
│ │ │ ├── cookies
│ │ │ │ ├── check-cookies.ts
│ │ │ │ ├── cookie-utils.ts
│ │ │ │ ├── cookies.test.ts
│ │ │ │ └── index.ts
│ │ │ ├── crypto
│ │ │ │ ├── buffer.ts
│ │ │ │ ├── hash.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── jwt.ts
│ │ │ │ ├── password.test.ts
│ │ │ │ ├── password.ts
│ │ │ │ └── random.ts
│ │ │ ├── db
│ │ │ │ ├── db.test.ts
│ │ │ │ ├── field.ts
│ │ │ │ ├── get-migration.ts
│ │ │ │ ├── get-schema.ts
│ │ │ │ ├── get-tables.test.ts
│ │ │ │ ├── get-tables.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── internal-adapter.test.ts
│ │ │ │ ├── internal-adapter.ts
│ │ │ │ ├── schema.ts
│ │ │ │ ├── secondary-storage.test.ts
│ │ │ │ ├── to-zod.ts
│ │ │ │ ├── utils.ts
│ │ │ │ └── with-hooks.ts
│ │ │ ├── index.ts
│ │ │ ├── init.test.ts
│ │ │ ├── init.ts
│ │ │ ├── integrations
│ │ │ │ ├── next-js.ts
│ │ │ │ ├── node.ts
│ │ │ │ ├── react-start.ts
│ │ │ │ ├── solid-start.ts
│ │ │ │ └── svelte-kit.ts
│ │ │ ├── oauth2
│ │ │ │ ├── index.ts
│ │ │ │ ├── link-account.test.ts
│ │ │ │ ├── link-account.ts
│ │ │ │ ├── state.ts
│ │ │ │ └── utils.ts
│ │ │ ├── plugins
│ │ │ │ ├── access
│ │ │ │ │ ├── access.test.ts
│ │ │ │ │ ├── access.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── types.ts
│ │ │ │ ├── additional-fields
│ │ │ │ │ ├── additional-fields.test.ts
│ │ │ │ │ └── client.ts
│ │ │ │ ├── admin
│ │ │ │ │ ├── access
│ │ │ │ │ │ ├── index.ts
│ │ │ │ │ │ └── statement.ts
│ │ │ │ │ ├── admin.test.ts
│ │ │ │ │ ├── admin.ts
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── error-codes.ts
│ │ │ │ │ ├── has-permission.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── schema.ts
│ │ │ │ │ └── types.ts
│ │ │ │ ├── anonymous
│ │ │ │ │ ├── anon.test.ts
│ │ │ │ │ ├── client.ts
│ │ │ │ │ └── index.ts
│ │ │ │ ├── api-key
│ │ │ │ │ ├── api-key.test.ts
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── rate-limit.ts
│ │ │ │ │ ├── routes
│ │ │ │ │ │ ├── create-api-key.ts
│ │ │ │ │ │ ├── delete-all-expired-api-keys.ts
│ │ │ │ │ │ ├── delete-api-key.ts
│ │ │ │ │ │ ├── get-api-key.ts
│ │ │ │ │ │ ├── index.ts
│ │ │ │ │ │ ├── list-api-keys.ts
│ │ │ │ │ │ ├── update-api-key.ts
│ │ │ │ │ │ └── verify-api-key.ts
│ │ │ │ │ ├── schema.ts
│ │ │ │ │ └── types.ts
│ │ │ │ ├── bearer
│ │ │ │ │ ├── bearer.test.ts
│ │ │ │ │ └── index.ts
│ │ │ │ ├── captcha
│ │ │ │ │ ├── captcha.test.ts
│ │ │ │ │ ├── constants.ts
│ │ │ │ │ ├── error-codes.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── types.ts
│ │ │ │ │ ├── utils.ts
│ │ │ │ │ └── verify-handlers
│ │ │ │ │ ├── captchafox.ts
│ │ │ │ │ ├── cloudflare-turnstile.ts
│ │ │ │ │ ├── google-recaptcha.ts
│ │ │ │ │ ├── h-captcha.ts
│ │ │ │ │ └── index.ts
│ │ │ │ ├── custom-session
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── custom-session.test.ts
│ │ │ │ │ └── index.ts
│ │ │ │ ├── device-authorization
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── device-authorization.test.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── schema.ts
│ │ │ │ ├── email-otp
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── email-otp.test.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── utils.ts
│ │ │ │ ├── generic-oauth
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── generic-oauth.test.ts
│ │ │ │ │ └── index.ts
│ │ │ │ ├── haveibeenpwned
│ │ │ │ │ ├── haveibeenpwned.test.ts
│ │ │ │ │ └── index.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── jwt
│ │ │ │ │ ├── adapter.ts
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── jwt.test.ts
│ │ │ │ │ ├── schema.ts
│ │ │ │ │ ├── sign.ts
│ │ │ │ │ ├── types.ts
│ │ │ │ │ └── utils.ts
│ │ │ │ ├── last-login-method
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── custom-prefix.test.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── last-login-method.test.ts
│ │ │ │ ├── magic-link
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── magic-link.test.ts
│ │ │ │ │ └── utils.ts
│ │ │ │ ├── mcp
│ │ │ │ │ ├── authorize.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── mcp.test.ts
│ │ │ │ ├── multi-session
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── multi-session.test.ts
│ │ │ │ ├── oauth-proxy
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── oauth-proxy.test.ts
│ │ │ │ ├── oidc-provider
│ │ │ │ │ ├── authorize.ts
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── oidc.test.ts
│ │ │ │ │ ├── schema.ts
│ │ │ │ │ ├── types.ts
│ │ │ │ │ ├── ui.ts
│ │ │ │ │ └── utils.ts
│ │ │ │ ├── one-tap
│ │ │ │ │ ├── client.ts
│ │ │ │ │ └── index.ts
│ │ │ │ ├── one-time-token
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── one-time-token.test.ts
│ │ │ │ │ └── utils.ts
│ │ │ │ ├── open-api
│ │ │ │ │ ├── generator.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── logo.ts
│ │ │ │ │ └── open-api.test.ts
│ │ │ │ ├── organization
│ │ │ │ │ ├── access
│ │ │ │ │ │ ├── index.ts
│ │ │ │ │ │ └── statement.ts
│ │ │ │ │ ├── adapter.ts
│ │ │ │ │ ├── call.ts
│ │ │ │ │ ├── client.test.ts
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── error-codes.ts
│ │ │ │ │ ├── has-permission.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── organization-hook.test.ts
│ │ │ │ │ ├── organization.test.ts
│ │ │ │ │ ├── organization.ts
│ │ │ │ │ ├── permission.ts
│ │ │ │ │ ├── routes
│ │ │ │ │ │ ├── crud-access-control.test.ts
│ │ │ │ │ │ ├── crud-access-control.ts
│ │ │ │ │ │ ├── crud-invites.ts
│ │ │ │ │ │ ├── crud-members.test.ts
│ │ │ │ │ │ ├── crud-members.ts
│ │ │ │ │ │ ├── crud-org.test.ts
│ │ │ │ │ │ ├── crud-org.ts
│ │ │ │ │ │ └── crud-team.ts
│ │ │ │ │ ├── schema.ts
│ │ │ │ │ ├── team.test.ts
│ │ │ │ │ └── types.ts
│ │ │ │ ├── passkey
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ └── passkey.test.ts
│ │ │ │ ├── phone-number
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── phone-number-error.ts
│ │ │ │ │ └── phone-number.test.ts
│ │ │ │ ├── siwe
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── schema.ts
│ │ │ │ │ ├── siwe.test.ts
│ │ │ │ │ └── types.ts
│ │ │ │ ├── two-factor
│ │ │ │ │ ├── backup-codes
│ │ │ │ │ │ └── index.ts
│ │ │ │ │ ├── client.ts
│ │ │ │ │ ├── constant.ts
│ │ │ │ │ ├── error-code.ts
│ │ │ │ │ ├── index.ts
│ │ │ │ │ ├── otp
│ │ │ │ │ │ └── index.ts
│ │ │ │ │ ├── schema.ts
│ │ │ │ │ ├── totp
│ │ │ │ │ │ └── index.ts
│ │ │ │ │ ├── two-factor.test.ts
│ │ │ │ │ ├── types.ts
│ │ │ │ │ ├── utils.ts
│ │ │ │ │ └── verify-two-factor.ts
│ │ │ │ └── username
│ │ │ │ ├── client.ts
│ │ │ │ ├── error-codes.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── schema.ts
│ │ │ │ └── username.test.ts
│ │ │ ├── social-providers
│ │ │ │ └── index.ts
│ │ │ ├── social.test.ts
│ │ │ ├── test-utils
│ │ │ │ ├── headers.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── state.ts
│ │ │ │ └── test-instance.ts
│ │ │ ├── types
│ │ │ │ ├── adapter.ts
│ │ │ │ ├── api.ts
│ │ │ │ ├── helper.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── models.ts
│ │ │ │ ├── plugins.ts
│ │ │ │ └── types.test.ts
│ │ │ └── utils
│ │ │ ├── await-object.ts
│ │ │ ├── boolean.ts
│ │ │ ├── clone.ts
│ │ │ ├── constants.ts
│ │ │ ├── date.ts
│ │ │ ├── ensure-utc.ts
│ │ │ ├── get-request-ip.ts
│ │ │ ├── hashing.ts
│ │ │ ├── hide-metadata.ts
│ │ │ ├── id.ts
│ │ │ ├── import-util.ts
│ │ │ ├── index.ts
│ │ │ ├── is-atom.ts
│ │ │ ├── is-promise.ts
│ │ │ ├── json.ts
│ │ │ ├── merger.ts
│ │ │ ├── middleware-response.ts
│ │ │ ├── misc.ts
│ │ │ ├── password.ts
│ │ │ ├── plugin-helper.ts
│ │ │ ├── shim.ts
│ │ │ ├── time.ts
│ │ │ ├── url.ts
│ │ │ └── wildcard.ts
│ │ ├── tsconfig.json
│ │ ├── tsdown.config.ts
│ │ ├── vitest.config.ts
│ │ └── vitest.setup.ts
│ ├── cli
│ │ ├── CHANGELOG.md
│ │ ├── package.json
│ │ ├── README.md
│ │ ├── src
│ │ │ ├── commands
│ │ │ │ ├── generate.ts
│ │ │ │ ├── info.ts
│ │ │ │ ├── init.ts
│ │ │ │ ├── login.ts
│ │ │ │ ├── mcp.ts
│ │ │ │ ├── migrate.ts
│ │ │ │ └── secret.ts
│ │ │ ├── generators
│ │ │ │ ├── auth-config.ts
│ │ │ │ ├── drizzle.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── kysely.ts
│ │ │ │ ├── prisma.ts
│ │ │ │ └── types.ts
│ │ │ ├── index.ts
│ │ │ └── utils
│ │ │ ├── add-svelte-kit-env-modules.ts
│ │ │ ├── check-package-managers.ts
│ │ │ ├── format-ms.ts
│ │ │ ├── get-config.ts
│ │ │ ├── get-package-info.ts
│ │ │ ├── get-tsconfig-info.ts
│ │ │ └── install-dependencies.ts
│ │ ├── test
│ │ │ ├── __snapshots__
│ │ │ │ ├── auth-schema-mysql-enum.txt
│ │ │ │ ├── auth-schema-mysql-number-id.txt
│ │ │ │ ├── auth-schema-mysql-passkey-number-id.txt
│ │ │ │ ├── auth-schema-mysql-passkey.txt
│ │ │ │ ├── auth-schema-mysql.txt
│ │ │ │ ├── auth-schema-number-id.txt
│ │ │ │ ├── auth-schema-pg-enum.txt
│ │ │ │ ├── auth-schema-pg-passkey.txt
│ │ │ │ ├── auth-schema-sqlite-enum.txt
│ │ │ │ ├── auth-schema-sqlite-number-id.txt
│ │ │ │ ├── auth-schema-sqlite-passkey-number-id.txt
│ │ │ │ ├── auth-schema-sqlite-passkey.txt
│ │ │ │ ├── auth-schema-sqlite.txt
│ │ │ │ ├── auth-schema.txt
│ │ │ │ ├── migrations.sql
│ │ │ │ ├── schema-mongodb.prisma
│ │ │ │ ├── schema-mysql-custom.prisma
│ │ │ │ ├── schema-mysql.prisma
│ │ │ │ ├── schema-numberid.prisma
│ │ │ │ └── schema.prisma
│ │ │ ├── generate-all-db.test.ts
│ │ │ ├── generate.test.ts
│ │ │ ├── get-config.test.ts
│ │ │ ├── info.test.ts
│ │ │ └── migrate.test.ts
│ │ ├── tsconfig.json
│ │ ├── tsconfig.test.json
│ │ └── tsdown.config.ts
│ ├── core
│ │ ├── package.json
│ │ ├── src
│ │ │ ├── api
│ │ │ │ └── index.ts
│ │ │ ├── async_hooks
│ │ │ │ └── index.ts
│ │ │ ├── context
│ │ │ │ ├── endpoint-context.ts
│ │ │ │ ├── index.ts
│ │ │ │ └── transaction.ts
│ │ │ ├── db
│ │ │ │ ├── adapter
│ │ │ │ │ └── index.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── plugin.ts
│ │ │ │ ├── schema
│ │ │ │ │ ├── account.ts
│ │ │ │ │ ├── rate-limit.ts
│ │ │ │ │ ├── session.ts
│ │ │ │ │ ├── shared.ts
│ │ │ │ │ ├── user.ts
│ │ │ │ │ └── verification.ts
│ │ │ │ └── type.ts
│ │ │ ├── env
│ │ │ │ ├── color-depth.ts
│ │ │ │ ├── env-impl.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── logger.test.ts
│ │ │ │ └── logger.ts
│ │ │ ├── error
│ │ │ │ ├── codes.ts
│ │ │ │ └── index.ts
│ │ │ ├── index.ts
│ │ │ ├── oauth2
│ │ │ │ ├── client-credentials-token.ts
│ │ │ │ ├── create-authorization-url.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── oauth-provider.ts
│ │ │ │ ├── refresh-access-token.ts
│ │ │ │ ├── utils.ts
│ │ │ │ └── validate-authorization-code.ts
│ │ │ ├── social-providers
│ │ │ │ ├── apple.ts
│ │ │ │ ├── atlassian.ts
│ │ │ │ ├── cognito.ts
│ │ │ │ ├── discord.ts
│ │ │ │ ├── dropbox.ts
│ │ │ │ ├── facebook.ts
│ │ │ │ ├── figma.ts
│ │ │ │ ├── github.ts
│ │ │ │ ├── gitlab.ts
│ │ │ │ ├── google.ts
│ │ │ │ ├── huggingface.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── kakao.ts
│ │ │ │ ├── kick.ts
│ │ │ │ ├── line.ts
│ │ │ │ ├── linear.ts
│ │ │ │ ├── linkedin.ts
│ │ │ │ ├── microsoft-entra-id.ts
│ │ │ │ ├── naver.ts
│ │ │ │ ├── notion.ts
│ │ │ │ ├── paypal.ts
│ │ │ │ ├── reddit.ts
│ │ │ │ ├── roblox.ts
│ │ │ │ ├── salesforce.ts
│ │ │ │ ├── slack.ts
│ │ │ │ ├── spotify.ts
│ │ │ │ ├── tiktok.ts
│ │ │ │ ├── twitch.ts
│ │ │ │ ├── twitter.ts
│ │ │ │ ├── vk.ts
│ │ │ │ └── zoom.ts
│ │ │ ├── types
│ │ │ │ ├── context.ts
│ │ │ │ ├── cookie.ts
│ │ │ │ ├── helper.ts
│ │ │ │ ├── index.ts
│ │ │ │ ├── init-options.ts
│ │ │ │ ├── plugin-client.ts
│ │ │ │ └── plugin.ts
│ │ │ └── utils
│ │ │ ├── error-codes.ts
│ │ │ └── index.ts
│ │ ├── tsconfig.json
│ │ └── tsdown.config.ts
│ ├── expo
│ │ ├── CHANGELOG.md
│ │ ├── package.json
│ │ ├── README.md
│ │ ├── src
│ │ │ ├── client.ts
│ │ │ ├── expo.test.ts
│ │ │ └── index.ts
│ │ ├── tsconfig.json
│ │ └── tsdown.config.ts
│ ├── sso
│ │ ├── package.json
│ │ ├── src
│ │ │ ├── client.ts
│ │ │ ├── index.ts
│ │ │ ├── oidc.test.ts
│ │ │ └── saml.test.ts
│ │ ├── tsconfig.json
│ │ └── tsdown.config.ts
│ ├── stripe
│ │ ├── CHANGELOG.md
│ │ ├── package.json
│ │ ├── src
│ │ │ ├── client.ts
│ │ │ ├── hooks.ts
│ │ │ ├── index.ts
│ │ │ ├── schema.ts
│ │ │ ├── stripe.test.ts
│ │ │ ├── types.ts
│ │ │ └── utils.ts
│ │ ├── tsconfig.json
│ │ ├── tsdown.config.ts
│ │ └── vitest.config.ts
│ └── telemetry
│ ├── package.json
│ ├── src
│ │ ├── detectors
│ │ │ ├── detect-auth-config.ts
│ │ │ ├── detect-database.ts
│ │ │ ├── detect-framework.ts
│ │ │ ├── detect-project-info.ts
│ │ │ ├── detect-runtime.ts
│ │ │ └── detect-system-info.ts
│ │ ├── index.ts
│ │ ├── project-id.ts
│ │ ├── telemetry.test.ts
│ │ ├── types.ts
│ │ └── utils
│ │ ├── hash.ts
│ │ ├── id.ts
│ │ ├── import-util.ts
│ │ └── package-json.ts
│ ├── tsconfig.json
│ └── tsdown.config.ts
├── pnpm-lock.yaml
├── pnpm-workspace.yaml
├── README.md
├── SECURITY.md
├── tsconfig.json
└── turbo.json
```
# Files
--------------------------------------------------------------------------------
/packages/better-auth/src/plugins/additional-fields/additional-fields.test.ts:
--------------------------------------------------------------------------------
```typescript
import { type Session } from "./../../types";
import { describe, expect, expectTypeOf, it } from "vitest";
import { getTestInstance } from "../../test-utils/test-instance";
import { createAuthClient } from "../../client";
import { inferAdditionalFields } from "./client";
import { twoFactor, twoFactorClient } from "../two-factor";
describe("additionalFields", async () => {
const { auth, signInWithTestUser, customFetchImpl, sessionSetter } =
await getTestInstance({
plugins: [twoFactor()],
user: {
additionalFields: {
newField: {
type: "string",
defaultValue: "default-value",
},
nonRequiredFiled: {
type: "string",
required: false,
},
},
},
});
it("should extends fields", async () => {
const { headers } = await signInWithTestUser();
const res = await auth.api.getSession({
headers,
});
expect(res?.user.newField).toBeDefined();
expect(res?.user.nonRequiredFiled).toBeNull();
});
it("should require additional fields on signUp", async () => {
await auth.api
.signUpEmail({
body: {
email: "[email protected]",
name: "test",
password: "test-password",
newField: "new-field",
nonRequiredFiled: "non-required-field",
},
})
.catch(() => {});
const client = createAuthClient({
plugins: [
inferAdditionalFields({
user: {
newField: {
type: "string",
},
nonRequiredFiled: {
type: "string",
defaultValue: "test",
},
},
}),
],
baseURL: "http://localhost:3000",
fetchOptions: {
customFetchImpl,
},
});
const headers = new Headers();
await client.signUp.email(
{
email: "[email protected]",
name: "test3",
password: "test-password",
newField: "new-field",
},
{
onSuccess: sessionSetter(headers),
},
);
const res = await client.getSession({
fetchOptions: {
headers,
},
});
expect(res.data?.user.newField).toBe("new-field");
});
it("should infer additional fields on update", async () => {
const client = createAuthClient({
plugins: [
inferAdditionalFields({
user: {
newField: {
type: "string",
},
},
}),
],
baseURL: "http://localhost:3000",
fetchOptions: {
customFetchImpl,
},
});
const headers = new Headers();
await client.signUp.email(
{
email: "[email protected]",
name: "test5",
password: "test-password",
newField: "new-field",
},
{
onSuccess: sessionSetter(headers),
},
);
const res = await client.updateUser({
name: "test",
newField: "updated-field",
fetchOptions: {
headers,
},
});
const session = await client.getSession({
fetchOptions: {
headers,
throw: true,
},
});
expect(session?.user.newField).toBe("updated-field");
});
it("should work with other plugins", async () => {
const client = createAuthClient({
plugins: [
inferAdditionalFields({
user: {
newField: {
type: "string",
required: true,
},
},
}),
twoFactorClient(),
],
baseURL: "http://localhost:3000",
fetchOptions: {
customFetchImpl,
},
});
expectTypeOf(client.twoFactor).toMatchTypeOf<{}>();
const headers = new Headers();
await client.signUp.email(
{
email: "[email protected]",
name: "test4",
password: "test-password",
newField: "new-field",
},
{
onSuccess: sessionSetter(headers),
},
);
const res = await client.updateUser(
{
name: "test",
newField: "updated-field",
},
{
headers,
},
);
});
it("should infer it on the client", async () => {
const client = createAuthClient({
plugins: [inferAdditionalFields<typeof auth>()],
});
type t = Awaited<ReturnType<typeof client.getSession>>["data"];
expectTypeOf<t>().toMatchTypeOf<{
user: {
id: string;
email: string;
emailVerified: boolean;
name: string;
createdAt: Date;
updatedAt: Date;
image?: string | undefined;
newField: string;
nonRequiredFiled?: string | undefined;
};
session: Session;
} | null>;
});
it("should infer it on the client without direct import", async () => {
const client = createAuthClient({
plugins: [
inferAdditionalFields({
user: {
newField: {
type: "string",
},
},
}),
],
});
type t = Awaited<ReturnType<typeof client.getSession>>["data"];
expectTypeOf<t>().toMatchTypeOf<{
user: {
id: string;
email: string;
emailVerified: boolean;
name: string;
createdAt: Date;
updatedAt: Date;
image?: string | undefined;
newField: string;
};
session: Session;
} | null>;
});
});
```
--------------------------------------------------------------------------------
/docs/content/docs/plugins/captcha.mdx:
--------------------------------------------------------------------------------
```markdown
---
title: Captcha
description: Captcha plugin
---
The **Captcha Plugin** integrates bot protection into your Better Auth system by adding captcha verification for key endpoints. This plugin ensures that only human users can perform actions like signing up, signing in, or resetting passwords. The following providers are currently supported:
- [Google reCAPTCHA](https://developers.google.com/recaptcha)
- [Cloudflare Turnstile](https://www.cloudflare.com/application-services/products/turnstile/)
- [hCaptcha](https://www.hcaptcha.com/)
- [CaptchaFox](https://captchafox.com/)
<Callout type="info">
This plugin works out of the box with <Link href="/docs/authentication/email-password">Email & Password</Link> authentication. To use it with other authentication methods, you will need to configure the <Link href="/docs/plugins/captcha#plugin-options">endpoints</Link> array in the plugin options.
</Callout>
## Installation
<Steps>
<Step>
### Add the plugin to your **auth** config
```ts title="auth.ts"
import { betterAuth } from "better-auth";
import { captcha } from "better-auth/plugins";
export const auth = betterAuth({
plugins: [ // [!code highlight]
captcha({ // [!code highlight]
provider: "cloudflare-turnstile", // or google-recaptcha, hcaptcha, captchafox // [!code highlight]
secretKey: process.env.TURNSTILE_SECRET_KEY!, // [!code highlight]
}), // [!code highlight]
], // [!code highlight]
});
```
</Step>
<Step>
### Add the captcha token to your request headers
Add the captcha token to your request headers for all protected endpoints. This example shows how to include it in a `signIn` request:
```ts
await authClient.signIn.email({
email: "[email protected]",
password: "secure-password",
fetchOptions: { // [!code highlight]
headers: { // [!code highlight]
"x-captcha-response": turnstileToken, // [!code highlight]
"x-captcha-user-remote-ip": userIp, // optional: forwards the user's IP address to the captcha service // [!code highlight]
}, // [!code highlight]
}, // [!code highlight]
});
```
- To implement Cloudflare Turnstile on the client side, follow the official [Cloudflare Turnstile documentation](https://developers.cloudflare.com/turnstile/) or use a library like [react-turnstile](https://www.npmjs.com/package/@marsidev/react-turnstile).
- To implement Google reCAPTCHA on the client side, follow the official [Google reCAPTCHA documentation](https://developers.google.com/recaptcha/intro) or use libraries like [react-google-recaptcha](https://www.npmjs.com/package/react-google-recaptcha) (v2) and [react-google-recaptcha-v3](https://www.npmjs.com/package/react-google-recaptcha-v3) (v3).
- To implement hCaptcha on the client side, follow the official [hCaptcha documentation](https://docs.hcaptcha.com/#add-the-hcaptcha-widget-to-your-webpage) or use libraries like [@hcaptcha/react-hcaptcha](https://www.npmjs.com/package/@hcaptcha/react-hcaptcha)
- To implement CaptchaFox on the client side, follow the official [CaptchaFox documentation](https://docs.captchafox.com/getting-started) or use libraries like [@captchafox/react](https://www.npmjs.com/package/@captchafox/react)
</Step>
</Steps>
## How it works
<Steps>
<Step>
The plugin acts as a middleware: it intercepts all `POST` requests to configured endpoints (see `endpoints`
in the [Plugin Options](#plugin-options) section).
</Step>
<Step>
it validates the captcha token on the server, by calling the captcha provider's `/siteverify`.
</Step>
<Step>
- if the token is missing, gets rejected by the captcha provider, or if the `/siteverify` endpoint is
unavailable, the plugin returns an error and interrupts the request.
- if the token is accepted by the captcha provider, the middleware returns `undefined`, meaning the request is allowed to proceed.
</Step>
</Steps>
## Plugin Options
- **`provider` (required)**: your captcha provider.
- **`secretKey` (required)**: your provider's secret key used for the server-side validation.
- `endpoints` (optional): overrides the default array of paths where captcha validation is enforced. Default is: `["/sign-up/email", "/sign-in/email", "/forget-password",]`.
- `minScore` (optional - only *Google ReCAPTCHA v3*): minimum score threshold. Default is `0.5`.
- `siteKey` (optional - only *hCaptcha* and *CaptchaFox*): prevents tokens issued on one sitekey from being redeemed elsewhere.
- `siteVerifyURLOverride` (optional): overrides endpoint URL for the captcha verification request.
```
--------------------------------------------------------------------------------
/demo/nextjs/components/one-tap.tsx:
--------------------------------------------------------------------------------
```typescript
"use client";
import { client, signIn } from "@/lib/auth-client";
import { useEffect, useState } from "react";
import {
Dialog,
DialogContent,
DialogDescription,
DialogHeader,
DialogTitle,
} from "./ui/dialog";
import { Input } from "./ui/input";
import { useRouter } from "next/navigation";
import Link from "next/link";
import { PasswordInput } from "./ui/password-input";
import { Checkbox } from "./ui/checkbox";
import { Button } from "./ui/button";
import { Key, Loader2 } from "lucide-react";
import { toast } from "sonner";
import { Label } from "./ui/label";
export function OneTap() {
const [isOpen, setIsOpen] = useState(false);
useEffect(() => {
client.oneTap({
onPromptNotification(notification) {
setIsOpen(true);
},
});
}, []);
return (
<Dialog open={isOpen} onOpenChange={(change) => setIsOpen(change)}>
<DialogContent>
<DialogHeader>
<DialogTitle className="text-lg md:text-xl">Sign In</DialogTitle>
<DialogDescription className="text-xs md:text-sm">
Enter your email below to login to your account
</DialogDescription>
</DialogHeader>
<SignInBox />
</DialogContent>
</Dialog>
);
}
function SignInBox() {
const [email, setEmail] = useState("");
const [password, setPassword] = useState("");
const [rememberMe, setRememberMe] = useState(false);
const router = useRouter();
const [loading, setLoading] = useState(false);
return (
<div className="grid gap-4">
<div className="grid gap-2">
<Label htmlFor="email">Email</Label>
<Input
id="email"
type="email"
placeholder="[email protected]"
required
onChange={(e: React.ChangeEvent<HTMLInputElement>) => {
setEmail(e.target.value);
}}
value={email}
/>
</div>
<div className="grid gap-2">
<div className="flex items-center">
<Label htmlFor="password">Password</Label>
<Link
href="/forget-password"
className="ml-auto inline-block text-sm underline"
>
Forgot your password?
</Link>
</div>
<PasswordInput
id="password"
value={password}
onChange={(e: React.ChangeEvent<HTMLInputElement>) =>
setPassword(e.target.value)
}
autoComplete="password"
placeholder="Password"
/>
</div>
<div className="flex items-center gap-2">
<Checkbox
onClick={() => {
setRememberMe(!rememberMe);
}}
/>
<Label>Remember me</Label>
</div>
<Button
type="submit"
className="w-full"
disabled={loading}
onClick={async () => {
await signIn.email(
{
email: email,
password: password,
callbackURL: "/dashboard",
rememberMe,
},
{
onRequest: () => {
setLoading(true);
},
onResponse: () => {
setLoading(false);
},
onError: (ctx) => {
toast.error(ctx.error.message);
},
},
);
}}
>
{loading ? <Loader2 size={16} className="animate-spin" /> : "Login"}
</Button>
<Button
variant="outline"
className=" gap-2"
onClick={async () => {
await signIn.social({
provider: "google",
callbackURL: "/dashboard",
});
}}
>
<svg
xmlns="http://www.w3.org/2000/svg"
width="0.98em"
height="1em"
viewBox="0 0 256 262"
>
<path
fill="#4285F4"
d="M255.878 133.451c0-10.734-.871-18.567-2.756-26.69H130.55v48.448h71.947c-1.45 12.04-9.283 30.172-26.69 42.356l-.244 1.622l38.755 30.023l2.685.268c24.659-22.774 38.875-56.282 38.875-96.027"
/>
<path
fill="#34A853"
d="M130.55 261.1c35.248 0 64.839-11.605 86.453-31.622l-41.196-31.913c-11.024 7.688-25.82 13.055-45.257 13.055c-34.523 0-63.824-22.773-74.269-54.25l-1.531.13l-40.298 31.187l-.527 1.465C35.393 231.798 79.49 261.1 130.55 261.1"
/>
<path
fill="#FBBC05"
d="M56.281 156.37c-2.756-8.123-4.351-16.827-4.351-25.82c0-8.994 1.595-17.697 4.206-25.82l-.073-1.73L15.26 71.312l-1.335.635C5.077 89.644 0 109.517 0 130.55s5.077 40.905 13.925 58.602z"
/>
<path
fill="#EB4335"
d="M130.55 50.479c24.514 0 41.05 10.589 50.479 19.438l36.844-35.974C195.245 12.91 165.798 0 130.55 0C79.49 0 35.393 29.301 13.925 71.947l42.211 32.783c10.59-31.477 39.891-54.251 74.414-54.251"
/>
</svg>
<p>Continue With Google</p>
</Button>
<Button
variant="outline"
className="gap-2"
onClick={async () => {
await signIn.passkey({
fetchOptions: {
onSuccess(context) {
router.push("/dashboard");
},
onError(context) {
toast.error(context.error.message);
},
},
});
}}
>
<Key size={16} />
Sign-in with Passkey
</Button>
</div>
);
}
```
--------------------------------------------------------------------------------
/demo/nextjs/app/client-test/page.tsx:
--------------------------------------------------------------------------------
```typescript
"use client";
import { useState, useTransition } from "react";
import { signIn, client } from "@/lib/auth-client";
import { Button } from "@/components/ui/button";
import {
Card,
CardContent,
CardDescription,
CardHeader,
CardTitle,
CardFooter,
} from "@/components/ui/card";
import { Input } from "@/components/ui/input";
import { Label } from "@/components/ui/label";
import { toast } from "sonner";
import { Loader2 } from "lucide-react";
export default function ClientTest() {
const [email, setEmail] = useState("");
const [password, setPassword] = useState("");
const [loading, startTransition] = useTransition();
// Get the session data using the useSession hook
const { data: session, isPending, error } = client.useSession();
const handleLogin = async () => {
startTransition(async () => {
await signIn.email(
{
email,
password,
callbackURL: "/client-test",
},
{
onError: (ctx) => {
toast.error(ctx.error.message);
},
onSuccess: () => {
toast.success("Successfully logged in!");
setEmail("");
setPassword("");
},
},
);
});
};
return (
<div className="container mx-auto py-10 space-y-8">
<h1 className="text-2xl font-bold text-center">
Client Authentication Test
</h1>
<div className="grid grid-cols-1 md:grid-cols-2 gap-8">
{/* Login Form */}
<Card>
<CardHeader>
<CardTitle>Sign In</CardTitle>
<CardDescription>
Enter your email and password to sign in
</CardDescription>
</CardHeader>
<CardContent>
<div className="grid gap-4">
<div className="grid gap-2">
<Label htmlFor="email">Email</Label>
<Input
id="email"
type="email"
placeholder="[email protected]"
value={email}
onChange={(e) => setEmail(e.target.value)}
/>
</div>
<div className="grid gap-2">
<Label htmlFor="password">Password</Label>
<Input
id="password"
type="password"
placeholder="••••••••"
value={password}
onChange={(e) => setPassword(e.target.value)}
/>
</div>
</div>
</CardContent>
<CardFooter>
<Button className="w-full" onClick={handleLogin} disabled={loading}>
{loading ? (
<>
<Loader2 size={16} className="mr-2 animate-spin" />
Signing in...
</>
) : (
"Sign In"
)}
</Button>
</CardFooter>
</Card>
{/* Session Display */}
<Card>
<CardHeader>
<CardTitle>Session Information</CardTitle>
<CardDescription>
{isPending
? "Loading session..."
: session
? "You are currently logged in"
: "You are not logged in"}
</CardDescription>
</CardHeader>
<CardContent>
{isPending ? (
<div className="flex justify-center py-4">
<Loader2 className="h-8 w-8 animate-spin text-muted-foreground" />
</div>
) : error ? (
<div className="p-4 bg-destructive/10 text-destructive rounded-md">
Error: {error.message}
</div>
) : session ? (
<div className="space-y-4">
<div className="flex items-center gap-4">
{session.user.image ? (
<img
src={session.user.image}
alt="Profile"
className="h-12 w-12 rounded-full object-cover"
/>
) : (
<div className="h-12 w-12 rounded-full bg-muted flex items-center justify-center">
<span className="text-lg font-medium">
{session.user.name?.charAt(0) ||
session.user.email?.charAt(0)}
</span>
</div>
)}
<div>
<p className="font-medium">{session.user.name}</p>
<p className="text-sm text-muted-foreground">
{session.user.email}
</p>
</div>
</div>
<div className="rounded-md bg-muted p-4">
<p className="text-sm font-medium mb-2">Session Details:</p>
<pre className="text-xs overflow-auto max-h-40">
{JSON.stringify(session, null, 2)}
</pre>
</div>
</div>
) : (
<div className="py-8 text-center text-muted-foreground">
<p>Sign in to view your session information</p>
</div>
)}
</CardContent>
{session && (
<CardFooter>
<Button
variant="outline"
className="w-full"
onClick={() =>
client.signOut({
fetchOptions: {
onSuccess: () => {
toast.success("Successfully signed out!");
},
},
})
}
>
Sign Out
</Button>
</CardFooter>
)}
</Card>
</div>
</div>
);
}
```
--------------------------------------------------------------------------------
/docs/content/docs/plugins/magic-link.mdx:
--------------------------------------------------------------------------------
```markdown
---
title: Magic link
description: Magic link plugin
---
Magic link or email link is a way to authenticate users without a password. When a user enters their email, a link is sent to their email. When the user clicks on the link, they are authenticated.
## Installation
<Steps>
<Step>
### Add the server Plugin
Add the magic link plugin to your server:
```ts title="server.ts"
import { betterAuth } from "better-auth";
import { magicLink } from "better-auth/plugins";
export const auth = betterAuth({
plugins: [
magicLink({
sendMagicLink: async ({ email, token, url }, request) => {
// send email to user
}
})
]
})
```
</Step>
<Step>
### Add the client Plugin
Add the magic link plugin to your client:
```ts title="auth-client.ts"
import { createAuthClient } from "better-auth/client";
import { magicLinkClient } from "better-auth/client/plugins";
export const authClient = createAuthClient({
plugins: [
magicLinkClient()
]
});
```
</Step>
</Steps>
## Usage
### Sign In with Magic Link
To sign in with a magic link, you need to call `signIn.magicLink` with the user's email address. The `sendMagicLink` function is called to send the magic link to the user's email.
<APIMethod
path="/sign-in/magic-link"
method="POST"
requireSession
>
```ts
type signInMagicLink = {
/**
* Email address to send the magic link.
*/
email: string = "[email protected]"
/**
* User display name. Only used if the user is registering for the first time.
*/
name?: string = "my-name"
/**
* URL to redirect after magic link verification.
*/
callbackURL?: string = "/dashboard"
/**
* URL to redirect after new user signup
*/
newUserCallbackURL?: string = "/welcome"
/**
* URL to redirect if an error happen on verification
* If only callbackURL is provided but without an `errorCallbackURL` then they will be
* redirected to the callbackURL with an `error` query parameter.
*/
errorCallbackURL?: string = "/error"
}
```
</APIMethod>
<Callout>
If the user has not signed up, unless `disableSignUp` is set to `true`, the user will be signed up automatically.
</Callout>
### Verify Magic Link
When you send the URL generated by the `sendMagicLink` function to a user, clicking the link will authenticate them and redirect them to the `callbackURL` specified in the `signIn.magicLink` function. If an error occurs, the user will be redirected to the `callbackURL` with an error query parameter.
<Callout type="warn">
If no `callbackURL` is provided, the user will be redirected to the root URL.
</Callout>
If you want to handle the verification manually, (e.g, if you send the user a different URL), you can use the `verify` function.
<APIMethod
path="/magic-link/verify"
method="GET"
requireSession
>
```ts
type magicLinkVerify = {
/**
* Verification token.
*/
token: string = "123456"
/**
* URL to redirect after magic link verification, if not provided will return the session.
*/
callbackURL?: string = "/dashboard"
}
```
</APIMethod>
## Configuration Options
**sendMagicLink**: The `sendMagicLink` function is called when a user requests a magic link. It takes an object with the following properties:
- `email`: The email address of the user.
- `url`: The URL to be sent to the user. This URL contains the token.
- `token`: The token if you want to send the token with custom URL.
and a `request` object as the second parameter.
**expiresIn**: specifies the time in seconds after which the magic link will expire. The default value is `300` seconds (5 minutes).
**disableSignUp**: If set to `true`, the user will not be able to sign up using the magic link. The default value is `false`.
**generateToken**: The `generateToken` function is called to generate a token which is used to uniquely identify the user. The default value is a random string. There is one parameter:
- `email`: The email address of the user.
<Callout type="warn">
When using `generateToken`, ensure that the returned string is hard to guess
because it is used to verify who someone actually is in a confidential way. By
default, we return a long and cryptographically secure string.
</Callout>
**storeToken**: The `storeToken` function is called to store the magic link token in the database. The default value is `"plain"`.
The `storeToken` function can be one of the following:
- `"plain"`: The token is stored in plain text.
- `"hashed"`: The token is hashed using the default hasher.
- `{ type: "custom-hasher", hash: (token: string) => Promise<string> }`: The token is hashed using a custom hasher.
```
--------------------------------------------------------------------------------
/packages/better-auth/src/adapters/tests/auth-flow.ts:
--------------------------------------------------------------------------------
```typescript
import { expect } from "vitest";
import { createTestSuite } from "../create-test-suite";
/**
* This test suite tests basic authentication flow using the adapter.
*/
export const authFlowTestSuite = createTestSuite(
"auth-flow",
{},
(
{ generate, getAuth, modifyBetterAuthOptions, tryCatch },
debug?: { showDB?: () => Promise<void> },
) => ({
"should successfully sign up": async () => {
await modifyBetterAuthOptions(
{
emailAndPassword: {
enabled: true,
password: { hash: async (password) => password },
},
},
false,
);
const auth = await getAuth();
const user = await generate("user");
const start = Date.now();
const result = await auth.api.signUpEmail({
body: {
email: user.email,
password: crypto.randomUUID(),
name: user.name,
image: user.image || "",
},
});
const end = Date.now();
console.log(`signUpEmail took ${end - start}ms (without hashing)`);
expect(result.user).toBeDefined();
expect(result.user.email).toBe(user.email);
expect(result.user.name).toBe(user.name);
expect(result.user.image).toBe(user.image || "");
expect(result.user.emailVerified).toBe(false);
expect(result.user.createdAt).toBeDefined();
expect(result.user.updatedAt).toBeDefined();
},
"should successfully sign in": async () => {
await modifyBetterAuthOptions(
{
emailAndPassword: {
enabled: true,
password: {
hash: async (password) => password,
async verify(data) {
return data.hash === data.password;
},
},
},
},
false,
);
const auth = await getAuth();
const user = await generate("user");
const password = crypto.randomUUID();
const signUpResult = await auth.api.signUpEmail({
body: {
email: user.email,
password: password,
name: user.name,
image: user.image || "",
},
});
const start = Date.now();
const result = await auth.api.signInEmail({
body: { email: user.email, password: password },
});
const end = Date.now();
console.log(`signInEmail took ${end - start}ms (without hashing)`);
expect(result.user).toBeDefined();
expect(result.user.id).toBe(signUpResult.user.id);
},
"should successfully get session": async () => {
await modifyBetterAuthOptions(
{
emailAndPassword: {
enabled: true,
password: { hash: async (password) => password },
},
},
false,
);
const auth = await getAuth();
const user = await generate("user");
const password = crypto.randomUUID();
const { headers, response: signUpResult } = await auth.api.signUpEmail({
body: {
email: user.email,
password: password,
name: user.name,
image: user.image || "",
},
returnHeaders: true,
});
// Convert set-cookie header to cookie header for getSession call
const modifiedHeaders = new Headers(headers);
if (headers.has("set-cookie")) {
modifiedHeaders.set("cookie", headers.getSetCookie().join("; "));
modifiedHeaders.delete("set-cookie");
}
const start = Date.now();
const result = await auth.api.getSession({
headers: modifiedHeaders,
});
const end = Date.now();
console.log(`getSession took ${end - start}ms`);
expect(result?.user).toBeDefined();
expect(result?.user).toStrictEqual(signUpResult.user);
expect(result?.session).toBeDefined();
},
"should not sign in with invalid email": async () => {
await modifyBetterAuthOptions(
{ emailAndPassword: { enabled: true } },
false,
);
const auth = await getAuth();
const user = await generate("user");
const { data, error } = await tryCatch(
auth.api.signInEmail({
body: { email: user.email, password: crypto.randomUUID() },
}),
);
expect(data).toBeNull();
expect(error).toBeDefined();
},
"should store and retrieve timestamps correctly across timezones":
async () => {
using _ = recoverProcessTZ();
await modifyBetterAuthOptions(
{ emailAndPassword: { enabled: true } },
false,
);
const auth = await getAuth();
const user = await generate("user");
const password = crypto.randomUUID();
const userSignUp = await auth.api.signUpEmail({
body: {
email: user.email,
password: password,
name: user.name,
image: user.image || "",
},
});
process.env.TZ = "Europe/London";
const userSignIn = await auth.api.signInEmail({
body: { email: user.email, password: password },
});
process.env.TZ = "America/Los_Angeles";
expect(userSignUp.user.createdAt.toISOString()).toStrictEqual(
userSignIn.user.createdAt.toISOString(),
);
},
}),
);
function recoverProcessTZ() {
const originalTZ = process.env.TZ;
return {
[Symbol.dispose]: () => {
process.env.TZ = originalTZ;
},
};
}
```
--------------------------------------------------------------------------------
/docs/content/docs/integrations/remix.mdx:
--------------------------------------------------------------------------------
```markdown
---
title: Remix Integration
description: Integrate Better Auth with Remix.
---
Better Auth can be easily integrated with Remix. This guide will show you how to integrate Better Auth with Remix.
You can follow the steps from [installation](/docs/installation) to get started or you can follow this guide to make it the Remix-way.
If you have followed the installation steps, you can skip the first step.
## Create auth instance
Create a file named `auth.server.ts` in one of these locations:
- Project root
- `lib/` folder
- `utils/` folder
You can also nest any of these folders under `app/` folder. (e.g. `app/lib/auth.server.ts`)
And in this file, import Better Auth and create your instance.
<Callout type="warn">
Make sure to export the auth instance with the variable name `auth` or as a `default` export.
</Callout>
```ts title="app/lib/auth.server.ts"
import { betterAuth } from "better-auth"
export const auth = betterAuth({
database: {
provider: "postgres", //change this to your database provider
url: process.env.DATABASE_URL, // path to your database or connection string
}
})
```
## Create API Route
We need to mount the handler to a API route. Create a resource route file `api.auth.$.ts` inside `app/routes/` directory. And add the following code:
```ts title="app/routes/api.auth.$.ts"
import { auth } from '~/lib/auth.server' // Adjust the path as necessary
import type { LoaderFunctionArgs, ActionFunctionArgs } from "@remix-run/node"
export async function loader({ request }: LoaderFunctionArgs) {
return auth.handler(request)
}
export async function action({ request }: ActionFunctionArgs) {
return auth.handler(request)
}
```
<Callout type="info">
You can change the path on your better-auth configuration but it's recommended to keep it as `routes/api.auth.$.ts`
</Callout>
## Create a client
Create a client instance. Here we are creating `auth-client.ts` file inside the `lib/` directory.
```ts title="app/lib/auth-client.ts"
import { createAuthClient } from "better-auth/react" // make sure to import from better-auth/react
export const authClient = createAuthClient({
//you can pass client configuration here
})
```
Once you have created the client, you can use it to sign up, sign in, and perform other actions.
### Example usage
#### Sign Up
```ts title="app/routes/signup.tsx"
import { Form } from "@remix-run/react"
import { useState } from "react"
import { authClient } from "~/lib/auth-client"
export default function SignUp() {
const [email, setEmail] = useState("")
const [name, setName] = useState("")
const [password, setPassword] = useState("")
const signUp = async () => {
await authClient.signUp.email(
{
email,
password,
name,
},
{
onRequest: (ctx) => {
// show loading state
},
onSuccess: (ctx) => {
// redirect to home
},
onError: (ctx) => {
alert(ctx.error)
},
},
)
}
return (
<div>
<h2>
Sign Up
</h2>
<Form
onSubmit={signUp}
>
<input
type="text"
value={name}
onChange={(e) => setName(e.target.value)}
placeholder="Name"
/>
<input
type="email"
value={email}
onChange={(e) => setEmail(e.target.value)}
placeholder="Email"
/>
<input
type="password"
value={password}
onChange={(e) => setPassword(e.target.value)}
placeholder="Password"
/>
<button
type="submit"
>
Sign Up
</button>
</Form>
</div>
)
}
```
#### Sign In
```ts title="app/routes/signin.tsx"
import { Form } from "@remix-run/react"
import { useState } from "react"
import { authClient } from "~/services/auth-client"
export default function SignIn() {
const [email, setEmail] = useState("")
const [password, setPassword] = useState("")
const signIn = async () => {
await authClient.signIn.email(
{
email,
password,
},
{
onRequest: (ctx) => {
// show loading state
},
onSuccess: (ctx) => {
// redirect to home
},
onError: (ctx) => {
alert(ctx.error)
},
},
)
}
return (
<div>
<h2>
Sign In
</h2>
<Form onSubmit={signIn}>
<input
type="email"
value={email}
onChange={(e) => setEmail(e.target.value)}
/>
<input
type="password"
value={password}
onChange={(e) => setPassword(e.target.value)}
/>
<button
type="submit"
>
Sign In
</button>
</Form>
</div>
)
}
```
```
--------------------------------------------------------------------------------
/packages/better-auth/src/plugins/organization/error-codes.ts:
--------------------------------------------------------------------------------
```typescript
import { defineErrorCodes } from "@better-auth/core/utils";
export const ORGANIZATION_ERROR_CODES = defineErrorCodes({
YOU_ARE_NOT_ALLOWED_TO_CREATE_A_NEW_ORGANIZATION:
"You are not allowed to create a new organization",
YOU_HAVE_REACHED_THE_MAXIMUM_NUMBER_OF_ORGANIZATIONS:
"You have reached the maximum number of organizations",
ORGANIZATION_ALREADY_EXISTS: "Organization already exists",
ORGANIZATION_SLUG_ALREADY_TAKEN: "Organization slug already taken",
ORGANIZATION_NOT_FOUND: "Organization not found",
USER_IS_NOT_A_MEMBER_OF_THE_ORGANIZATION:
"User is not a member of the organization",
YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_ORGANIZATION:
"You are not allowed to update this organization",
YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_ORGANIZATION:
"You are not allowed to delete this organization",
NO_ACTIVE_ORGANIZATION: "No active organization",
USER_IS_ALREADY_A_MEMBER_OF_THIS_ORGANIZATION:
"User is already a member of this organization",
MEMBER_NOT_FOUND: "Member not found",
ROLE_NOT_FOUND: "Role not found",
YOU_ARE_NOT_ALLOWED_TO_CREATE_A_NEW_TEAM:
"You are not allowed to create a new team",
TEAM_ALREADY_EXISTS: "Team already exists",
TEAM_NOT_FOUND: "Team not found",
YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER:
"You cannot leave the organization as the only owner",
YOU_CANNOT_LEAVE_THE_ORGANIZATION_WITHOUT_AN_OWNER:
"You cannot leave the organization without an owner",
YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_MEMBER:
"You are not allowed to delete this member",
YOU_ARE_NOT_ALLOWED_TO_INVITE_USERS_TO_THIS_ORGANIZATION:
"You are not allowed to invite users to this organization",
USER_IS_ALREADY_INVITED_TO_THIS_ORGANIZATION:
"User is already invited to this organization",
INVITATION_NOT_FOUND: "Invitation not found",
YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION:
"You are not the recipient of the invitation",
EMAIL_VERIFICATION_REQUIRED_BEFORE_ACCEPTING_OR_REJECTING_INVITATION:
"Email verification required before accepting or rejecting invitation",
YOU_ARE_NOT_ALLOWED_TO_CANCEL_THIS_INVITATION:
"You are not allowed to cancel this invitation",
INVITER_IS_NO_LONGER_A_MEMBER_OF_THE_ORGANIZATION:
"Inviter is no longer a member of the organization",
YOU_ARE_NOT_ALLOWED_TO_INVITE_USER_WITH_THIS_ROLE:
"You are not allowed to invite a user with this role",
FAILED_TO_RETRIEVE_INVITATION: "Failed to retrieve invitation",
YOU_HAVE_REACHED_THE_MAXIMUM_NUMBER_OF_TEAMS:
"You have reached the maximum number of teams",
UNABLE_TO_REMOVE_LAST_TEAM: "Unable to remove last team",
YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER:
"You are not allowed to update this member",
ORGANIZATION_MEMBERSHIP_LIMIT_REACHED:
"Organization membership limit reached",
YOU_ARE_NOT_ALLOWED_TO_CREATE_TEAMS_IN_THIS_ORGANIZATION:
"You are not allowed to create teams in this organization",
YOU_ARE_NOT_ALLOWED_TO_DELETE_TEAMS_IN_THIS_ORGANIZATION:
"You are not allowed to delete teams in this organization",
YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_TEAM:
"You are not allowed to update this team",
YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_TEAM:
"You are not allowed to delete this team",
INVITATION_LIMIT_REACHED: "Invitation limit reached",
TEAM_MEMBER_LIMIT_REACHED: "Team member limit reached",
USER_IS_NOT_A_MEMBER_OF_THE_TEAM: "User is not a member of the team",
YOU_CAN_NOT_ACCESS_THE_MEMBERS_OF_THIS_TEAM:
"You are not allowed to list the members of this team",
YOU_DO_NOT_HAVE_AN_ACTIVE_TEAM: "You do not have an active team",
YOU_ARE_NOT_ALLOWED_TO_CREATE_A_NEW_TEAM_MEMBER:
"You are not allowed to create a new member",
YOU_ARE_NOT_ALLOWED_TO_REMOVE_A_TEAM_MEMBER:
"You are not allowed to remove a team member",
YOU_ARE_NOT_ALLOWED_TO_ACCESS_THIS_ORGANIZATION:
"You are not allowed to access this organization as an owner",
YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION:
"You are not a member of this organization",
MISSING_AC_INSTANCE:
"Dynamic Access Control requires a pre-defined ac instance on the server auth plugin. Read server logs for more information",
YOU_MUST_BE_IN_AN_ORGANIZATION_TO_CREATE_A_ROLE:
"You must be in an organization to create a role",
YOU_ARE_NOT_ALLOWED_TO_CREATE_A_ROLE: "You are not allowed to create a role",
YOU_ARE_NOT_ALLOWED_TO_UPDATE_A_ROLE: "You are not allowed to update a role",
YOU_ARE_NOT_ALLOWED_TO_DELETE_A_ROLE: "You are not allowed to delete a role",
YOU_ARE_NOT_ALLOWED_TO_READ_A_ROLE: "You are not allowed to read a role",
YOU_ARE_NOT_ALLOWED_TO_LIST_A_ROLE: "You are not allowed to list a role",
YOU_ARE_NOT_ALLOWED_TO_GET_A_ROLE: "You are not allowed to get a role",
TOO_MANY_ROLES: "This organization has too many roles",
INVALID_RESOURCE: "The provided permission includes an invalid resource",
ROLE_NAME_IS_ALREADY_TAKEN: "That role name is already taken",
CANNOT_DELETE_A_PRE_DEFINED_ROLE: "Cannot delete a pre-defined role",
});
```
--------------------------------------------------------------------------------
/packages/telemetry/src/detectors/detect-system-info.ts:
--------------------------------------------------------------------------------
```typescript
import { env } from "@better-auth/core/env";
import { importRuntime } from "../utils/import-util";
function getVendor() {
const hasAny = (...keys: string[]) =>
keys.some((k) => Boolean((env as any)[k]));
if (
hasAny("CF_PAGES", "CF_PAGES_URL", "CF_ACCOUNT_ID") ||
(typeof navigator !== "undefined" &&
navigator.userAgent === "Cloudflare-Workers")
) {
return "cloudflare";
}
if (hasAny("VERCEL", "VERCEL_URL", "VERCEL_ENV")) return "vercel";
if (hasAny("NETLIFY", "NETLIFY_URL")) return "netlify";
if (
hasAny(
"RENDER",
"RENDER_URL",
"RENDER_INTERNAL_HOSTNAME",
"RENDER_SERVICE_ID",
)
) {
return "render";
}
if (
hasAny("AWS_LAMBDA_FUNCTION_NAME", "AWS_EXECUTION_ENV", "LAMBDA_TASK_ROOT")
) {
return "aws";
}
if (
hasAny(
"GOOGLE_CLOUD_FUNCTION_NAME",
"GOOGLE_CLOUD_PROJECT",
"GCP_PROJECT",
"K_SERVICE",
)
) {
return "gcp";
}
if (
hasAny(
"AZURE_FUNCTION_NAME",
"FUNCTIONS_WORKER_RUNTIME",
"WEBSITE_INSTANCE_ID",
"WEBSITE_SITE_NAME",
)
) {
return "azure";
}
if (hasAny("DENO_DEPLOYMENT_ID", "DENO_REGION")) return "deno-deploy";
if (hasAny("FLY_APP_NAME", "FLY_REGION", "FLY_ALLOC_ID")) return "fly-io";
if (hasAny("RAILWAY_STATIC_URL", "RAILWAY_ENVIRONMENT_NAME"))
return "railway";
if (hasAny("DYNO", "HEROKU_APP_NAME")) return "heroku";
if (hasAny("DO_DEPLOYMENT_ID", "DO_APP_NAME", "DIGITALOCEAN"))
return "digitalocean";
if (hasAny("KOYEB", "KOYEB_DEPLOYMENT_ID", "KOYEB_APP_NAME")) return "koyeb";
return null;
}
export async function detectSystemInfo() {
try {
//check if it's cloudflare
if (getVendor() === "cloudflare") return "cloudflare";
const os = await importRuntime<typeof import("os")>("os");
const cpus = os.cpus();
return {
deploymentVendor: getVendor(),
systemPlatform: os.platform(),
systemRelease: os.release(),
systemArchitecture: os.arch(),
cpuCount: cpus.length,
cpuModel: cpus.length ? cpus[0]!.model : null,
cpuSpeed: cpus.length ? cpus[0]!.speed : null,
memory: os.totalmem(),
isWSL: await isWsl(),
isDocker: await isDocker(),
isTTY:
typeof process !== "undefined" && (process as any).stdout
? (process as any).stdout.isTTY
: null,
};
} catch (e) {
return {
systemPlatform: null,
systemRelease: null,
systemArchitecture: null,
cpuCount: null,
cpuModel: null,
cpuSpeed: null,
memory: null,
isWSL: null,
isDocker: null,
isTTY: null,
};
}
}
let isDockerCached: boolean | undefined;
async function hasDockerEnv() {
if (getVendor() === "cloudflare") return false;
try {
const fs = await importRuntime<typeof import("fs")>("fs");
fs.statSync("/.dockerenv");
return true;
} catch {
return false;
}
}
async function hasDockerCGroup() {
if (getVendor() === "cloudflare") return false;
try {
const fs = await importRuntime<typeof import("fs")>("fs");
return fs.readFileSync("/proc/self/cgroup", "utf8").includes("docker");
} catch {
return false;
}
}
async function isDocker() {
if (getVendor() === "cloudflare") return false;
if (isDockerCached === undefined) {
isDockerCached = (await hasDockerEnv()) || (await hasDockerCGroup());
}
return isDockerCached;
}
async function isWsl() {
try {
if (getVendor() === "cloudflare") return false;
if (typeof process === "undefined" || process?.platform !== "linux") {
return false;
}
const fs = await importRuntime<typeof import("fs")>("fs");
const os = await importRuntime<typeof import("os")>("os");
if (os.release().toLowerCase().includes("microsoft")) {
if (await isInsideContainer()) {
return false;
}
return true;
}
return fs
.readFileSync("/proc/version", "utf8")
.toLowerCase()
.includes("microsoft")
? !(await isInsideContainer())
: false;
} catch {
return false;
}
}
let isInsideContainerCached: boolean | undefined;
const hasContainerEnv = async () => {
if (getVendor() === "cloudflare") return false;
try {
const fs = await importRuntime<typeof import("fs")>("fs");
fs.statSync("/run/.containerenv");
return true;
} catch {
return false;
}
};
async function isInsideContainer() {
if (isInsideContainerCached === undefined) {
isInsideContainerCached = (await hasContainerEnv()) || (await isDocker());
}
return isInsideContainerCached;
}
export function isCI() {
return (
env.CI !== "false" &&
("BUILD_ID" in env || // Jenkins, Cloudbees
"BUILD_NUMBER" in env || // Jenkins, TeamCity (fixed typo: extra space removed)
"CI" in env || // Travis CI, CircleCI, Cirrus CI, Gitlab CI, Appveyor, CodeShip, dsari, Cloudflare
"CI_APP_ID" in env || // Appflow
"CI_BUILD_ID" in env || // Appflow
"CI_BUILD_NUMBER" in env || // Appflow
"CI_NAME" in env || // Codeship and others
"CONTINUOUS_INTEGRATION" in env || // Travis CI, Cirrus CI
"RUN_ID" in env) // TaskCluster, dsari
);
}
```
--------------------------------------------------------------------------------
/docs/content/docs/guides/optimizing-for-performance.mdx:
--------------------------------------------------------------------------------
```markdown
---
title: Optimizing for Performance
description: A guide to optimizing your Better Auth application for performance.
---
In this guide, we’ll go over some of the ways you can optimize your application for a more performant Better Auth app.
## Caching
Caching is a powerful technique that can significantly improve the performance of your Better Auth application by reducing the number of database queries and speeding up response times.
### Cookie Cache
Calling your database every time `useSession` or `getSession` is invoked isn’t ideal, especially if sessions don’t change frequently. Cookie caching handles this by storing session data in a short-lived, signed cookie similar to how JWT access tokens are used with refresh tokens.
To turn on cookie caching, just set `session.cookieCache` in your auth config:
```ts title="auth.ts"
import { betterAuth } from "better-auth";
export const auth = betterAuth({
session: {
cookieCache: {
enabled: true,
maxAge: 5 * 60, // Cache duration in seconds
},
},
});
```
Read more about [cookie caching](/docs/concepts/session-management#cookie-cache).
### Framework Caching
Here are examples of how you can do caching in different frameworks and environments:
<Tabs items={["Next", "Remix", "SolidStart", "React Query"]}>
<Tab value="Next">
Since Next v15, we can use the `"use cache"` directive to cache the response of a server function.
```ts
export async function getUsers() {
'use cache' // [!code highlight]
const { users } = await auth.api.listUsers();
return users
}
```
Learn more about NextJS use cache directive <Link href="https://nextjs.org/docs/app/api-reference/directives/use-cache">here</Link>.
</Tab>
<Tab value="Remix">
In Remix, you can use the `cache` option in the `loader` function to cache responses on the server. Here’s an example:
```ts
import { json } from '@remix-run/node';
export const loader = async () => {
const { users } = await auth.api.listUsers();
return json(users, {
headers: {
'Cache-Control': 'max-age=3600', // Cache for 1 hour
},
});
};
```
You can read a nice guide on Loader vs Route Cache Headers in Remix <Link href="https://sergiodxa.com/articles/loader-vs-route-cache-headers-in-remix">here</Link>.
</Tab>
<Tab value="SolidStart">
In SolidStart, you can use the `query` function to cache data. Here’s an example:
```tsx
const getUsers = query(
async () => (await auth.api.listUsers()).users,
"getUsers"
);
```
Learn more about SolidStart `query` function <Link href="https://docs.solidjs.com/solid-router/reference/data-apis/query">here</Link>.
</Tab>
<Tab value="React Query">
With React Query you can use the `useQuery` hook to cache data. Here’s an example:
```ts
import { useQuery } from '@tanstack/react-query';
const fetchUsers = async () => {
const { users } = await auth.api.listUsers();
return users;
};
export default function Users() {
const { data: users, isLoading } = useQuery('users', fetchUsers, {
staleTime: 1000 * 60 * 15, // Cache for 15 minutes
});
if (isLoading) return <div>Loading...</div>;
return (
<ul>
{users.map(user => (
<li key={user.id}>{user.name}</li>
))}
</ul>
);
}
```
Learn more about React Query use cache directive <Link href="https://react-query.tanstack.com/reference/useQuery#usecache">here</Link>.
</Tab>
</Tabs>
## SSR Optimizations
If you're using a framework that supports server-side rendering, it's usually best to pre-fetch the user session on the server and use it as a fallback on the client.
```ts
const session = await auth.api.getSession({
headers: await headers(),
});
//then pass the session to the client
```
## Database optimizations
Optimizing database performance is essential to get the best out of Better Auth.
#### Recommended fields to index
| Table | Fields | Plugin |
| ------------- | -------------------------- | ------------ |
| users | `email` | |
| accounts | `userId` | |
| sessions | `userId`, `token` | |
| verifications | `identifier` | |
| invitations | `email`, `organizationId` | organization |
| members | `userId`, `organizationId` | organization |
| organizations | `slug` | organization |
| passkey | `userId` | passkey |
| twoFactor | `secret` | twoFactor |
<Callout>
We intend to add indexing support in our schema generation tool in the future.
</Callout>
```
--------------------------------------------------------------------------------
/packages/better-auth/src/db/schema.ts:
--------------------------------------------------------------------------------
```typescript
import type { BetterAuthPluginDBSchema } from "@better-auth/core/db";
import type { BetterAuthOptions } from "@better-auth/core";
import { APIError } from "better-call";
import type { Account, Session, User } from "../types";
import type { DBFieldAttribute } from "@better-auth/core/db";
// Cache for parsed schemas to avoid reparsing on every request
const cache = new WeakMap<
BetterAuthOptions,
Map<string, Record<string, DBFieldAttribute>>
>();
function parseOutputData<T extends Record<string, any>>(
data: T,
schema: {
fields: Record<string, DBFieldAttribute>;
},
) {
const fields = schema.fields;
const parsedData: Record<string, any> = {};
for (const key in data) {
const field = fields[key];
if (!field) {
parsedData[key] = data[key];
continue;
}
if (field.returned === false) {
continue;
}
parsedData[key] = data[key];
}
return parsedData as T;
}
function getAllFields(options: BetterAuthOptions, table: string) {
if (!cache.has(options)) {
cache.set(options, new Map());
}
const tableCache = cache.get(options)!;
if (tableCache.has(table)) {
return tableCache.get(table)!;
}
let schema: Record<string, DBFieldAttribute> = {
...(table === "user" ? options.user?.additionalFields : {}),
...(table === "session" ? options.session?.additionalFields : {}),
};
for (const plugin of options.plugins || []) {
if (plugin.schema && plugin.schema[table]) {
schema = {
...schema,
...plugin.schema[table].fields,
};
}
}
cache.get(options)!.set(table, schema);
return schema;
}
export function parseUserOutput(options: BetterAuthOptions, user: User) {
const schema = getAllFields(options, "user");
return parseOutputData(user, { fields: schema });
}
export function parseAccountOutput(
options: BetterAuthOptions,
account: Account,
) {
const schema = getAllFields(options, "account");
return parseOutputData(account, { fields: schema });
}
export function parseSessionOutput(
options: BetterAuthOptions,
session: Session,
) {
const schema = getAllFields(options, "session");
return parseOutputData(session, { fields: schema });
}
export function parseInputData<T extends Record<string, any>>(
data: T,
schema: {
fields: Record<string, DBFieldAttribute>;
action?: "create" | "update";
},
) {
const action = schema.action || "create";
const fields = schema.fields;
const parsedData: Record<string, any> = Object.assign(
Object.create(null),
null,
);
for (const key in fields) {
if (key in data) {
if (fields[key]!.input === false) {
if (fields[key]!.defaultValue !== undefined) {
parsedData[key] = fields[key]!.defaultValue;
continue;
}
if (parsedData[key]) {
throw new APIError("BAD_REQUEST", {
message: `${key} is not allowed to be set`,
});
}
continue;
}
if (fields[key]!.validator?.input && data[key] !== undefined) {
parsedData[key] = fields[key]!.validator.input.parse(data[key]);
continue;
}
if (fields[key]!.transform?.input && data[key] !== undefined) {
parsedData[key] = fields[key]!.transform?.input(data[key]);
continue;
}
parsedData[key] = data[key];
continue;
}
if (fields[key]!.defaultValue !== undefined && action === "create") {
parsedData[key] = fields[key]!.defaultValue;
continue;
}
if (fields[key]!.required && action === "create") {
throw new APIError("BAD_REQUEST", {
message: `${key} is required`,
});
}
}
return parsedData as Partial<T>;
}
export function parseUserInput(
options: BetterAuthOptions,
user: Record<string, any> = {},
action: "create" | "update",
) {
const schema = getAllFields(options, "user");
return parseInputData(user, { fields: schema, action });
}
export function parseAdditionalUserInput(
options: BetterAuthOptions,
user?: Record<string, any>,
) {
const schema = getAllFields(options, "user");
return parseInputData(user || {}, { fields: schema });
}
export function parseAccountInput(
options: BetterAuthOptions,
account: Partial<Account>,
) {
const schema = getAllFields(options, "account");
return parseInputData(account, { fields: schema });
}
export function parseSessionInput(
options: BetterAuthOptions,
session: Partial<Session>,
) {
const schema = getAllFields(options, "session");
return parseInputData(session, { fields: schema });
}
export function mergeSchema<S extends BetterAuthPluginDBSchema>(
schema: S,
newSchema?: {
[K in keyof S]?: {
modelName?: string;
fields?: {
[P: string]: string;
};
};
},
) {
if (!newSchema) {
return schema;
}
for (const table in newSchema) {
const newModelName = newSchema[table]?.modelName;
if (newModelName) {
schema[table]!.modelName = newModelName;
}
for (const field in schema[table]!.fields) {
const newField = newSchema[table]?.fields?.[field];
if (!newField) {
continue;
}
schema[table]!.fields[field]!.fieldName = newField;
}
}
return schema;
}
```
--------------------------------------------------------------------------------
/packages/better-auth/src/plugins/one-tap/index.ts:
--------------------------------------------------------------------------------
```typescript
import * as z from "zod";
import { APIError } from "../../api";
import { createAuthEndpoint } from "@better-auth/core/api";
import { setSessionCookie } from "../../cookies";
import type { BetterAuthPlugin } from "@better-auth/core";
import { jwtVerify, createRemoteJWKSet } from "jose";
import { toBoolean } from "../../utils/boolean";
interface OneTapOptions {
/**
* Disable the signup flow
*
* @default false
*/
disableSignup?: boolean;
/**
* Google Client ID
*
* If a client ID is provided in the social provider configuration,
* it will be used.
*/
clientId?: string;
}
export const oneTap = (options?: OneTapOptions) =>
({
id: "one-tap",
endpoints: {
oneTapCallback: createAuthEndpoint(
"/one-tap/callback",
{
method: "POST",
body: z.object({
idToken: z.string().meta({
description:
"Google ID token, which the client obtains from the One Tap API",
}),
}),
metadata: {
openapi: {
summary: "One tap callback",
description:
"Use this endpoint to authenticate with Google One Tap",
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: {
type: "object",
properties: {
session: {
$ref: "#/components/schemas/Session",
},
user: {
$ref: "#/components/schemas/User",
},
},
},
},
},
},
400: {
description: "Invalid token",
},
},
},
},
},
async (ctx) => {
const { idToken } = ctx.body;
let payload: any;
try {
const JWKS = createRemoteJWKSet(
new URL("https://www.googleapis.com/oauth2/v3/certs"),
);
const { payload: verifiedPayload } = await jwtVerify(
idToken,
JWKS,
{
issuer: ["https://accounts.google.com", "accounts.google.com"],
audience:
options?.clientId ||
ctx.context.options.socialProviders?.google?.clientId,
},
);
payload = verifiedPayload;
} catch (error) {
throw new APIError("BAD_REQUEST", {
message: "invalid id token",
});
}
const { email, email_verified, name, picture, sub } = payload;
if (!email) {
return ctx.json({ error: "Email not available in token" });
}
const user = await ctx.context.internalAdapter.findUserByEmail(email);
if (!user) {
if (options?.disableSignup) {
throw new APIError("BAD_GATEWAY", {
message: "User not found",
});
}
const newUser = await ctx.context.internalAdapter.createOAuthUser(
{
email,
emailVerified:
typeof email_verified === "boolean"
? email_verified
: toBoolean(email_verified),
name,
image: picture,
},
{
providerId: "google",
accountId: sub,
},
);
if (!newUser) {
throw new APIError("INTERNAL_SERVER_ERROR", {
message: "Could not create user",
});
}
const session = await ctx.context.internalAdapter.createSession(
newUser.user.id,
);
await setSessionCookie(ctx, {
user: newUser.user,
session,
});
return ctx.json({
token: session.token,
user: {
id: newUser.user.id,
email: newUser.user.email,
emailVerified: newUser.user.emailVerified,
name: newUser.user.name,
image: newUser.user.image,
createdAt: newUser.user.createdAt,
updatedAt: newUser.user.updatedAt,
},
});
}
const account = await ctx.context.internalAdapter.findAccount(sub);
if (!account) {
const accountLinking = ctx.context.options.account?.accountLinking;
const shouldLinkAccount =
accountLinking?.enabled &&
(accountLinking.trustedProviders?.includes("google") ||
email_verified);
if (shouldLinkAccount) {
await ctx.context.internalAdapter.linkAccount({
userId: user.user.id,
providerId: "google",
accountId: sub,
scope: "openid,profile,email",
idToken,
});
} else {
throw new APIError("UNAUTHORIZED", {
message: "Google sub doesn't match",
});
}
}
const session = await ctx.context.internalAdapter.createSession(
user.user.id,
);
await setSessionCookie(ctx, {
user: user.user,
session,
});
return ctx.json({
token: session.token,
user: {
id: user.user.id,
email: user.user.email,
emailVerified: user.user.emailVerified,
name: user.user.name,
image: user.user.image,
createdAt: user.user.createdAt,
updatedAt: user.user.updatedAt,
},
});
},
),
},
}) satisfies BetterAuthPlugin;
```
--------------------------------------------------------------------------------
/docs/content/docs/authentication/google.mdx:
--------------------------------------------------------------------------------
```markdown
---
title: Google
description: Google provider setup and usage.
---
<Steps>
<Step>
### Get your Google credentials
To use Google as a social provider, you need to get your Google credentials. You can get them by creating a new project in the [Google Cloud Console](https://console.cloud.google.com/apis/dashboard).
In the Google Cloud Console > Credentials > Authorized redirect URIs, make sure to set the redirect URL to `http://localhost:3000/api/auth/callback/google` for local development. For production, make sure to set the redirect URL as your application domain, e.g. `https://example.com/api/auth/callback/google`. If you change the base path of the auth routes, you should update the redirect URL accordingly.
</Step>
<Step>
### Configure the provider
To configure the provider, you need to pass the `clientId` and `clientSecret` to `socialProviders.google` in your auth configuration.
```ts title="auth.ts"
import { betterAuth } from "better-auth"
export const auth = betterAuth({
socialProviders: {
google: { // [!code highlight]
clientId: process.env.GOOGLE_CLIENT_ID as string, // [!code highlight]
clientSecret: process.env.GOOGLE_CLIENT_SECRET as string, // [!code highlight]
}, // [!code highlight]
},
})
```
</Step>
</Steps>
## Usage
### Sign In with Google
To sign in with Google, you can use the `signIn.social` function provided by the client. The `signIn` function takes an object with the following properties:
- `provider`: The provider to use. It should be set to `google`.
```ts title="auth-client.ts" /
import { createAuthClient } from "better-auth/client";
const authClient = createAuthClient();
const signIn = async () => {
const data = await authClient.signIn.social({
provider: "google",
});
};
```
### Sign In with Google With ID Token
To sign in with Google using the ID Token, you can use the `signIn.social` function to pass the ID Token.
This is useful when you have the ID Token from Google on the client-side and want to use it to sign in on the server.
<Callout>
If ID token is provided no redirection will happen, and the user will be
signed in directly.
</Callout>
```ts title="auth-client.ts"
const data = await authClient.signIn.social({
provider: "google",
idToken: {
token: // Google ID Token,
accessToken: // Google Access Token
}
})
```
<Callout>
If you want to use google one tap, you can use the [One Tap
Plugin](/docs/plugins/one-tap) guide.
</Callout>
### Always ask to select an account
If you want to always ask the user to select an account, you pass the `prompt` parameter to the provider, setting it to `select_account`.
```ts
socialProviders: {
google: {
prompt: "select_account", // [!code highlight]
clientId: process.env.GOOGLE_CLIENT_ID as string,
clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
},
}
```
### Requesting Additional Google Scopes
If your application needs additional Google scopes after the user has already signed up (e.g., for Google Drive, Gmail, or other Google services), you can request them using the `linkSocial` method with the same Google provider.
```tsx title="auth-client.ts"
const requestGoogleDriveAccess = async () => {
await authClient.linkSocial({
provider: "google",
scopes: ["https://www.googleapis.com/auth/drive.file"],
});
};
// Example usage in a React component
return (
<button onClick={requestGoogleDriveAccess}>
Add Google Drive Permissions
</button>
);
```
This will trigger a new OAuth flow that requests the additional scopes. After completion, your account will have the new scope in the database, and the access token will give you access to the requested Google APIs.
<Callout>
Ensure you're using Better Auth version 1.2.7 or later to avoid "Social
account already linked" errors when requesting additional scopes from the same
provider.
</Callout>
### Always get refresh token
Google only issues a refresh token the first time a user consents to your app.
If the user has already authorized your app, subsequent OAuth flows will only return an access token, not a refresh token.
To always get a refresh token, you can set the `accessType` to `offline`, and `prompt` to `select_account consent` in the provider options.
```ts
socialProviders: {
google: {
clientId: process.env.GOOGLE_CLIENT_ID as string,
clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
accessType: "offline", // [!code highlight]
prompt: "select_account consent", // [!code highlight]
},
}
```
<Callout>
**Revoking Access:** If you want to get a new refresh token for a user who has
already authorized your app, you must have them revoke your app's access in
their Google account settings, then re-authorize.
</Callout>
```
--------------------------------------------------------------------------------
/demo/nextjs/components/ui/navigation-menu.tsx:
--------------------------------------------------------------------------------
```typescript
import * as React from "react";
import { ChevronDownIcon } from "@radix-ui/react-icons";
import * as NavigationMenuPrimitive from "@radix-ui/react-navigation-menu";
import { cva } from "class-variance-authority";
import { cn } from "@/lib/utils";
const NavigationMenu = ({
ref,
className,
children,
...props
}: React.ComponentPropsWithoutRef<typeof NavigationMenuPrimitive.Root> & {
ref: React.RefObject<React.ElementRef<typeof NavigationMenuPrimitive.Root>>;
}) => (
<NavigationMenuPrimitive.Root
ref={ref}
className={cn(
"relative z-10 flex max-w-max flex-1 items-center justify-center",
className,
)}
{...props}
>
{children}
<NavigationMenuViewport />
</NavigationMenuPrimitive.Root>
);
NavigationMenu.displayName = NavigationMenuPrimitive.Root.displayName;
const NavigationMenuList = ({
ref,
className,
...props
}: React.ComponentPropsWithoutRef<typeof NavigationMenuPrimitive.List> & {
ref: React.RefObject<React.ElementRef<typeof NavigationMenuPrimitive.List>>;
}) => (
<NavigationMenuPrimitive.List
ref={ref}
className={cn(
"group flex flex-1 list-none items-center justify-center space-x-1",
className,
)}
{...props}
/>
);
NavigationMenuList.displayName = NavigationMenuPrimitive.List.displayName;
const NavigationMenuItem = NavigationMenuPrimitive.Item;
const navigationMenuTriggerStyle = cva(
"group inline-flex h-9 w-max items-center justify-center rounded-md bg-background px-4 py-2 text-sm font-medium transition-colors hover:bg-accent hover:text-accent-foreground focus:bg-accent focus:text-accent-foreground focus:outline-none disabled:pointer-events-none disabled:opacity-50 data-active:bg-accent/50 data-[state=open]:bg-accent/50",
);
const NavigationMenuTrigger = ({
ref,
className,
children,
...props
}: React.ComponentPropsWithoutRef<typeof NavigationMenuPrimitive.Trigger> & {
ref: React.RefObject<
React.ElementRef<typeof NavigationMenuPrimitive.Trigger>
>;
}) => (
<NavigationMenuPrimitive.Trigger
ref={ref}
className={cn(navigationMenuTriggerStyle(), "group", className)}
{...props}
>
{children}{" "}
<ChevronDownIcon
className="relative top-px ml-1 h-3 w-3 transition duration-300 group-data-[state=open]:rotate-180"
aria-hidden="true"
/>
</NavigationMenuPrimitive.Trigger>
);
NavigationMenuTrigger.displayName = NavigationMenuPrimitive.Trigger.displayName;
const NavigationMenuContent = ({
ref,
className,
...props
}: React.ComponentPropsWithoutRef<typeof NavigationMenuPrimitive.Content> & {
ref: React.RefObject<
React.ElementRef<typeof NavigationMenuPrimitive.Content>
>;
}) => (
<NavigationMenuPrimitive.Content
ref={ref}
className={cn(
"left-0 top-0 w-full data-[motion^=from-]:animate-in data-[motion^=to-]:animate-out data-[motion^=from-]:fade-in data-[motion^=to-]:fade-out data-[motion=from-end]:slide-in-from-right-52 data-[motion=from-start]:slide-in-from-left-52 data-[motion=to-end]:slide-out-to-right-52 data-[motion=to-start]:slide-out-to-left-52 md:absolute md:w-auto ",
className,
)}
{...props}
/>
);
NavigationMenuContent.displayName = NavigationMenuPrimitive.Content.displayName;
const NavigationMenuLink = NavigationMenuPrimitive.Link;
const NavigationMenuViewport = ({
ref,
className,
...props
}: React.ComponentPropsWithoutRef<typeof NavigationMenuPrimitive.Viewport> & {
ref: React.RefObject<
React.ElementRef<typeof NavigationMenuPrimitive.Viewport>
>;
}) => (
<div className={cn("absolute left-0 top-full flex justify-center")}>
<NavigationMenuPrimitive.Viewport
className={cn(
"origin-top-center relative mt-1.5 h-(--radix-navigation-menu-viewport-height) w-full overflow-hidden rounded-md border bg-popover text-popover-foreground shadow data-[state=open]:animate-in data-[state=closed]:animate-out data-[state=closed]:zoom-out-95 data-[state=open]:zoom-in-90 md:w-(--radix-navigation-menu-viewport-width)",
className,
)}
ref={ref}
{...props}
/>
</div>
);
NavigationMenuViewport.displayName =
NavigationMenuPrimitive.Viewport.displayName;
const NavigationMenuIndicator = ({
ref,
className,
...props
}: React.ComponentPropsWithoutRef<typeof NavigationMenuPrimitive.Indicator> & {
ref: React.RefObject<
React.ElementRef<typeof NavigationMenuPrimitive.Indicator>
>;
}) => (
<NavigationMenuPrimitive.Indicator
ref={ref}
className={cn(
"top-full z-1 flex h-1.5 items-end justify-center overflow-hidden data-[state=visible]:animate-in data-[state=hidden]:animate-out data-[state=hidden]:fade-out data-[state=visible]:fade-in",
className,
)}
{...props}
>
<div className="relative top-[60%] h-2 w-2 rotate-45 rounded-tl-sm bg-border shadow-md" />
</NavigationMenuPrimitive.Indicator>
);
NavigationMenuIndicator.displayName =
NavigationMenuPrimitive.Indicator.displayName;
export {
navigationMenuTriggerStyle,
NavigationMenu,
NavigationMenuList,
NavigationMenuItem,
NavigationMenuContent,
NavigationMenuTrigger,
NavigationMenuLink,
NavigationMenuIndicator,
NavigationMenuViewport,
};
```
--------------------------------------------------------------------------------
/packages/cli/src/commands/migrate.ts:
--------------------------------------------------------------------------------
```typescript
import { Command } from "commander";
import * as z from "zod/v4";
import { existsSync } from "fs";
import path from "path";
import yoctoSpinner from "yocto-spinner";
import chalk from "chalk";
import prompts from "prompts";
import { logger, createTelemetry, getTelemetryAuthConfig } from "better-auth";
import { getAdapter, getMigrations } from "better-auth/db";
import { getConfig } from "../utils/get-config";
export async function migrateAction(opts: any) {
const options = z
.object({
cwd: z.string(),
config: z.string().optional(),
y: z.boolean().optional(),
yes: z.boolean().optional(),
})
.parse(opts);
const cwd = path.resolve(options.cwd);
if (!existsSync(cwd)) {
logger.error(`The directory "${cwd}" does not exist.`);
process.exit(1);
}
const config = await getConfig({
cwd,
configPath: options.config,
});
if (!config) {
logger.error(
"No configuration file found. Add a `auth.ts` file to your project or pass the path to the configuration file using the `--config` flag.",
);
return;
}
const db = await getAdapter(config);
if (!db) {
logger.error(
"Invalid database configuration. Make sure you're not using adapters. Migrate command only works with built-in Kysely adapter.",
);
process.exit(1);
}
if (db.id !== "kysely") {
if (db.id === "prisma") {
logger.error(
"The migrate command only works with the built-in Kysely adapter. For Prisma, run `npx @better-auth/cli generate` to create the schema, then use Prisma’s migrate or push to apply it.",
);
try {
const telemetry = await createTelemetry(config);
await telemetry.publish({
type: "cli_migrate",
payload: {
outcome: "unsupported_adapter",
adapter: "prisma",
config: getTelemetryAuthConfig(config),
},
});
} catch {}
process.exit(0);
}
if (db.id === "drizzle") {
logger.error(
"The migrate command only works with the built-in Kysely adapter. For Drizzle, run `npx @better-auth/cli generate` to create the schema, then use Drizzle’s migrate or push to apply it.",
);
try {
const telemetry = await createTelemetry(config);
await telemetry.publish({
type: "cli_migrate",
payload: {
outcome: "unsupported_adapter",
adapter: "drizzle",
config: getTelemetryAuthConfig(config),
},
});
} catch {}
process.exit(0);
}
logger.error("Migrate command isn't supported for this adapter.");
try {
const telemetry = await createTelemetry(config);
await telemetry.publish({
type: "cli_migrate",
payload: {
outcome: "unsupported_adapter",
adapter: db.id,
config: getTelemetryAuthConfig(config),
},
});
} catch {}
process.exit(1);
}
const spinner = yoctoSpinner({ text: "preparing migration..." }).start();
const { toBeAdded, toBeCreated, runMigrations } = await getMigrations(config);
if (!toBeAdded.length && !toBeCreated.length) {
spinner.stop();
logger.info("🚀 No migrations needed.");
try {
const telemetry = await createTelemetry(config);
await telemetry.publish({
type: "cli_migrate",
payload: {
outcome: "no_changes",
config: getTelemetryAuthConfig(config),
},
});
} catch {}
process.exit(0);
}
spinner.stop();
logger.info(`🔑 The migration will affect the following:`);
for (const table of [...toBeCreated, ...toBeAdded]) {
console.log(
"->",
chalk.magenta(Object.keys(table.fields).join(", ")),
chalk.white("fields on"),
chalk.yellow(`${table.table}`),
chalk.white("table."),
);
}
if (options.y) {
console.warn("WARNING: --y is deprecated. Consider -y or --yes");
options.yes = true;
}
let migrate = options.yes;
if (!migrate) {
const response = await prompts({
type: "confirm",
name: "migrate",
message: "Are you sure you want to run these migrations?",
initial: false,
});
migrate = response.migrate;
}
if (!migrate) {
logger.info("Migration cancelled.");
try {
const telemetry = await createTelemetry(config);
await telemetry.publish({
type: "cli_migrate",
payload: { outcome: "aborted", config: getTelemetryAuthConfig(config) },
});
} catch {}
process.exit(0);
}
spinner?.start("migrating...");
await runMigrations();
spinner.stop();
logger.info("🚀 migration was completed successfully!");
try {
const telemetry = await createTelemetry(config);
await telemetry.publish({
type: "cli_migrate",
payload: { outcome: "migrated", config: getTelemetryAuthConfig(config) },
});
} catch {}
process.exit(0);
}
export const migrate = new Command("migrate")
.option(
"-c, --cwd <cwd>",
"the working directory. defaults to the current directory.",
process.cwd(),
)
.option(
"--config <config>",
"the path to the configuration file. defaults to the first configuration file found.",
)
.option(
"-y, --yes",
"automatically accept and run migrations without prompting",
false,
)
.option("--y", "(deprecated) same as --yes", false)
.action(migrateAction);
```
--------------------------------------------------------------------------------
/demo/nextjs/app/accept-invitation/[id]/page.tsx:
--------------------------------------------------------------------------------
```typescript
"use client";
import { Button } from "@/components/ui/button";
import {
Card,
CardContent,
CardDescription,
CardFooter,
CardHeader,
CardTitle,
} from "@/components/ui/card";
import { CheckIcon, XIcon } from "lucide-react";
import { useEffect, useState } from "react";
import { useParams, useRouter } from "next/navigation";
import { Skeleton } from "@/components/ui/skeleton";
import { client, organization } from "@/lib/auth-client";
import { InvitationError } from "./invitation-error";
export default function InvitationPage() {
const params = useParams<{
id: string;
}>();
const router = useRouter();
const [invitationStatus, setInvitationStatus] = useState<
"pending" | "accepted" | "rejected"
>("pending");
const handleAccept = async () => {
await organization
.acceptInvitation({
invitationId: params.id,
})
.then((res) => {
if (res.error) {
setError(res.error.message || "An error occurred");
} else {
setInvitationStatus("accepted");
router.push(`/dashboard`);
}
});
};
const handleReject = async () => {
await organization
.rejectInvitation({
invitationId: params.id,
})
.then((res) => {
if (res.error) {
setError(res.error.message || "An error occurred");
} else {
setInvitationStatus("rejected");
}
});
};
const [invitation, setInvitation] = useState<{
organizationName: string;
organizationSlug: string;
inviterEmail: string;
id: string;
status: "pending" | "accepted" | "rejected" | "canceled";
email: string;
expiresAt: Date;
organizationId: string;
role: string;
inviterId: string;
} | null>(null);
const [error, setError] = useState<string | null>(null);
useEffect(() => {
client.organization
.getInvitation({
query: {
id: params.id,
},
})
.then((res) => {
if (res.error) {
setError(res.error.message || "An error occurred");
} else {
setInvitation(res.data);
}
});
}, []);
return (
<div className="min-h-[80vh] flex items-center justify-center">
<div className="absolute pointer-events-none inset-0 flex items-center justify-center dark:bg-black bg-white mask-[radial-gradient(ellipse_at_center,transparent_20%,black)]"></div>
{invitation ? (
<Card className="w-full max-w-md">
<CardHeader>
<CardTitle>Organization Invitation</CardTitle>
<CardDescription>
You've been invited to join an organization
</CardDescription>
</CardHeader>
<CardContent>
{invitationStatus === "pending" && (
<div className="space-y-4">
<p>
<strong>{invitation?.inviterEmail}</strong> has invited you to
join <strong>{invitation?.organizationName}</strong>.
</p>
<p>
This invitation was sent to{" "}
<strong>{invitation?.email}</strong>.
</p>
</div>
)}
{invitationStatus === "accepted" && (
<div className="space-y-4">
<div className="flex items-center justify-center w-16 h-16 mx-auto bg-green-100 rounded-full">
<CheckIcon className="w-8 h-8 text-green-600" />
</div>
<h2 className="text-2xl font-bold text-center">
Welcome to {invitation?.organizationName}!
</h2>
<p className="text-center">
You've successfully joined the organization. We're excited to
have you on board!
</p>
</div>
)}
{invitationStatus === "rejected" && (
<div className="space-y-4">
<div className="flex items-center justify-center w-16 h-16 mx-auto bg-red-100 rounded-full">
<XIcon className="w-8 h-8 text-red-600" />
</div>
<h2 className="text-2xl font-bold text-center">
Invitation Declined
</h2>
<p className="text-center">
You‘ve declined the invitation to join{" "}
{invitation?.organizationName}.
</p>
</div>
)}
</CardContent>
{invitationStatus === "pending" && (
<CardFooter className="flex justify-between">
<Button variant="outline" onClick={handleReject}>
Decline
</Button>
<Button onClick={handleAccept}>Accept Invitation</Button>
</CardFooter>
)}
</Card>
) : error ? (
<InvitationError />
) : (
<InvitationSkeleton />
)}
</div>
);
}
function InvitationSkeleton() {
return (
<Card className="w-full max-w-md mx-auto">
<CardHeader>
<div className="flex items-center space-x-2">
<Skeleton className="w-6 h-6 rounded-full" />
<Skeleton className="h-6 w-24" />
</div>
<Skeleton className="h-4 w-full mt-2" />
<Skeleton className="h-4 w-2/3 mt-2" />
</CardHeader>
<CardContent>
<div className="space-y-2">
<Skeleton className="h-4 w-full" />
<Skeleton className="h-4 w-full" />
<Skeleton className="h-4 w-2/3" />
</div>
</CardContent>
<CardFooter className="flex justify-end">
<Skeleton className="h-10 w-24" />
</CardFooter>
</Card>
);
}
```
--------------------------------------------------------------------------------
/packages/core/src/social-providers/kakao.ts:
--------------------------------------------------------------------------------
```typescript
import { betterFetch } from "@better-fetch/fetch";
import type { OAuthProvider, ProviderOptions } from "../oauth2";
import {
createAuthorizationURL,
validateAuthorizationCode,
refreshAccessToken,
} from "../oauth2";
interface Partner {
/** Partner-specific ID (consent required: kakaotalk_message) */
uuid?: string;
}
interface Profile {
/** Nickname (consent required: profile/nickname) */
nickname?: string;
/** Thumbnail image URL (consent required: profile/profile image) */
thumbnail_image_url?: string;
/** Profile image URL (consent required: profile/profile image) */
profile_image_url?: string;
/** Whether the profile image is the default */
is_default_image?: boolean;
/** Whether the nickname is the default */
is_default_nickname?: boolean;
}
interface KakaoAccount {
/** Consent required: profile info (nickname/profile image) */
profile_needs_agreement?: boolean;
/** Consent required: nickname */
profile_nickname_needs_agreement?: boolean;
/** Consent required: profile image */
profile_image_needs_agreement?: boolean;
/** Profile info */
profile?: Profile;
/** Consent required: name */
name_needs_agreement?: boolean;
/** Name */
name?: string;
/** Consent required: email */
email_needs_agreement?: boolean;
/** Email valid */
is_email_valid?: boolean;
/** Email verified */
is_email_verified?: boolean;
/** Email */
email?: string;
/** Consent required: age range */
age_range_needs_agreement?: boolean;
/** Age range */
age_range?: string;
/** Consent required: birth year */
birthyear_needs_agreement?: boolean;
/** Birth year (YYYY) */
birthyear?: string;
/** Consent required: birthday */
birthday_needs_agreement?: boolean;
/** Birthday (MMDD) */
birthday?: string;
/** Birthday type (SOLAR/LUNAR) */
birthday_type?: string;
/** Whether birthday is in a leap month */
is_leap_month?: boolean;
/** Consent required: gender */
gender_needs_agreement?: boolean;
/** Gender (male/female) */
gender?: string;
/** Consent required: phone number */
phone_number_needs_agreement?: boolean;
/** Phone number */
phone_number?: string;
/** Consent required: CI */
ci_needs_agreement?: boolean;
/** CI (unique identifier) */
ci?: string;
/** CI authentication time (UTC) */
ci_authenticated_at?: string;
}
export interface KakaoProfile {
/** Kakao user ID */
id: number;
/**
* Whether the user has signed up (only present if auto-connection is disabled)
* false: preregistered, true: registered
*/
has_signed_up?: boolean;
/** UTC datetime when the user connected the service */
connected_at?: string;
/** UTC datetime when the user signed up via Kakao Sync */
synched_at?: string;
/** Custom user properties */
properties?: Record<string, any>;
/** Kakao account info */
kakao_account: KakaoAccount;
/** Partner info */
for_partner?: Partner;
}
export interface KakaoOptions extends ProviderOptions<KakaoProfile> {
clientId: string;
}
export const kakao = (options: KakaoOptions) => {
return {
id: "kakao",
name: "Kakao",
createAuthorizationURL({ state, scopes, redirectURI }) {
const _scopes = options.disableDefaultScope
? []
: ["account_email", "profile_image", "profile_nickname"];
options.scope && _scopes.push(...options.scope);
scopes && _scopes.push(...scopes);
return createAuthorizationURL({
id: "kakao",
options,
authorizationEndpoint: "https://kauth.kakao.com/oauth/authorize",
scopes: _scopes,
state,
redirectURI,
});
},
validateAuthorizationCode: async ({ code, redirectURI }) => {
return validateAuthorizationCode({
code,
redirectURI,
options,
tokenEndpoint: "https://kauth.kakao.com/oauth/token",
});
},
refreshAccessToken: options.refreshAccessToken
? options.refreshAccessToken
: async (refreshToken) => {
return refreshAccessToken({
refreshToken,
options: {
clientId: options.clientId,
clientKey: options.clientKey,
clientSecret: options.clientSecret,
},
tokenEndpoint: "https://kauth.kakao.com/oauth/token",
});
},
async getUserInfo(token) {
if (options.getUserInfo) {
return options.getUserInfo(token);
}
const { data: profile, error } = await betterFetch<KakaoProfile>(
"https://kapi.kakao.com/v2/user/me",
{
headers: {
Authorization: `Bearer ${token.accessToken}`,
},
},
);
if (error || !profile) {
return null;
}
const userMap = await options.mapProfileToUser?.(profile);
const account = profile.kakao_account || {};
const kakaoProfile = account.profile || {};
const user = {
id: String(profile.id),
name: kakaoProfile.nickname || account.name || undefined,
email: account.email,
image:
kakaoProfile.profile_image_url || kakaoProfile.thumbnail_image_url,
emailVerified: !!account.is_email_valid && !!account.is_email_verified,
...userMap,
};
return {
user,
data: profile,
};
},
options,
} satisfies OAuthProvider<KakaoProfile>;
};
```
--------------------------------------------------------------------------------
/docs/components/features.tsx:
--------------------------------------------------------------------------------
```typescript
"use client";
import {
Globe2Icon,
PlugIcon,
PlugZap2Icon,
Plus,
RabbitIcon,
ShieldCheckIcon,
Webhook,
} from "lucide-react";
import { LockClosedIcon } from "@radix-ui/react-icons";
import { TechStackDisplay } from "./display-techstack";
import { Ripple } from "./ripple";
import { GithubStat } from "./github-stat";
import { cn } from "@/lib/utils";
import { Testimonial } from "./landing/testimonials";
const features = [
{
id: 1,
label: "Framework Agnostic",
title: "Support for popular <strong>frameworks</strong>.",
description:
"Supports popular frameworks, including React, Vue, Svelte, Astro, Solid, Next.js, Nuxt, Tanstack Start, Hono, and more.",
icon: PlugZap2Icon,
},
{
id: 2,
label: "Authentication",
title: "Email & Password <strong>Authentication</strong>.",
description:
"Built-in support for email and password authentication, with session and account management features.",
icon: LockClosedIcon,
},
{
id: 3,
label: "Social Sign-on",
title: "Support multiple <strong>OAuth providers</strong>.",
description:
"Allow users to sign in with their accounts, including GitHub, Google, Discord, Twitter, and more.",
icon: Webhook,
},
{
id: 4,
label: "Two Factor",
title: "Multi Factor <strong>Authentication</strong>.",
description:
"Secure your users accounts with two factor authentication with a few lines of code.",
icon: ShieldCheckIcon,
},
{
id: 5,
label: "Multi Tenant",
title: "<strong>Organization</strong> Members and Invitation.",
description:
"Multi tenant support with members, organization, teams and invitation with access control.",
icon: RabbitIcon,
},
{
id: 6,
label: "Plugin Ecosystem",
title: "A lot more features with <strong>plugins</strong>.",
description:
"Improve your application experience with our official plugins and those created by the community.",
icon: PlugIcon,
},
];
export default function Features({ stars }: { stars: string | null }) {
return (
<div className="md:w-10/12 mt-10 mx-auto font-geist relative md:border-l-0 md:border-b-0 md:border-[1.2px] rounded-none -pr-2 dark:bg-black/[0.95] ">
<div className="w-full md:mx-0">
<div className="grid grid-cols-1 relative md:grid-rows-2 md:grid-cols-3 border-b-[1.2px]">
<div className="hidden md:grid top-1/2 left-0 -translate-y-1/2 w-full grid-cols-3 z-10 pointer-events-none select-none absolute">
<Plus className="w-8 h-8 text-neutral-300 translate-x-[16.5px] translate-y-[.5px] ml-auto dark:text-neutral-600" />
<Plus className="w-8 h-8 text-neutral-300 ml-auto translate-x-[16.5px] translate-y-[.5px] dark:text-neutral-600" />
</div>
{features.map((feature, index) => (
<div
key={feature.id}
className={cn(
"justify-center border-l-[1.2px] md:min-h-[240px] border-t-[1.2px] md:border-t-0 transform-gpu flex flex-col p-10 2xl:p-12",
index >= 3 && "md:border-t-[1.2px]",
)}
>
<div className="flex items-center gap-2 my-1">
<feature.icon className="w-4 h-4" />
<p className="text-gray-600 dark:text-gray-400">
{feature.label}
</p>
</div>
<div className="mt-2">
<div className="max-w-full">
<div className="flex gap-3 ">
<p
className="max-w-lg text-xl font-normal tracking-tighter md:text-2xl"
dangerouslySetInnerHTML={{
__html: feature.title,
}}
/>
</div>
</div>
<p className="mt-2 text-sm text-left text-muted-foreground">
{feature.description}
<a className="ml-2 underline" href="/docs" target="_blank">
Learn more
</a>
</p>
</div>
</div>
))}
</div>
<div className="w-full border-l-2 hidden md:block">
<Testimonial />
</div>
<div className="relative col-span-3 border-t-[1.2px] border-l-[1.2px] md:border-b-[1.2px] dark:border-b-0 h-full py-20">
<div className="w-full h-full p-16 pt-10 md:px-10 2xl:px-16">
<div className="flex flex-col items-center justify-center w-full h-full gap-3">
<div className="flex items-center gap-2">
<Globe2Icon className="w-4 h-4" />
<p className="text-gray-600 dark:text-gray-400">
Own your auth
</p>
</div>
<p className="max-w-md mx-auto mt-4 text-4xl font-normal tracking-tighter text-center md:text-4xl">
<strong>Roll your own auth with confidence in minutes!</strong>
</p>
<div className="flex mt-[10px] z-20 justify-center items-start">
<TechStackDisplay
skills={[
"nextJs",
"nuxt",
"svelteKit",
"astro",
"solidStart",
// "react",
// "hono",
"expo",
"tanstack",
]}
/>
</div>
<div className="flex items-center gap-2">
<GithubStat stars={stars} />
</div>
<Ripple />
</div>
</div>
</div>
</div>
</div>
);
}
```
--------------------------------------------------------------------------------
/packages/better-auth/src/db/field.ts:
--------------------------------------------------------------------------------
```typescript
import type {
DBFieldAttribute,
DBFieldAttributeConfig,
DBFieldType,
} from "@better-auth/core/db";
import type { BetterAuthOptions } from "@better-auth/core";
export const createFieldAttribute = <
T extends DBFieldType,
C extends DBFieldAttributeConfig,
>(
type: T,
config?: C,
) => {
return {
type,
...config,
} satisfies DBFieldAttribute<T>;
};
export type InferValueType<T extends DBFieldType> = T extends "string"
? string
: T extends "number"
? number
: T extends "boolean"
? boolean
: T extends "date"
? Date
: T extends `${infer T}[]`
? T extends "string"
? string[]
: number[]
: T extends Array<any>
? T[number]
: never;
export type InferFieldsOutput<Field> = Field extends Record<
infer Key,
DBFieldAttribute
>
? {
[key in Key as Field[key]["required"] extends false
? Field[key]["defaultValue"] extends boolean | string | number | Date
? key
: never
: key]: InferFieldOutput<Field[key]>;
} & {
[key in Key as Field[key]["returned"] extends false
? never
: key]?: InferFieldOutput<Field[key]> | null;
}
: {};
export type InferFieldsInput<Field> = Field extends Record<
infer Key,
DBFieldAttribute
>
? {
[key in Key as Field[key]["required"] extends false
? never
: Field[key]["defaultValue"] extends string | number | boolean | Date
? never
: Field[key]["input"] extends false
? never
: key]: InferFieldInput<Field[key]>;
} & {
[key in Key as Field[key]["input"] extends false ? never : key]?:
| InferFieldInput<Field[key]>
| undefined
| null;
}
: {};
/**
* For client will add "?" on optional fields
*/
export type InferFieldsInputClient<Field> = Field extends Record<
infer Key,
DBFieldAttribute
>
? {
[key in Key as Field[key]["required"] extends false
? never
: Field[key]["defaultValue"] extends string | number | boolean | Date
? never
: Field[key]["input"] extends false
? never
: key]: InferFieldInput<Field[key]>;
} & {
[key in Key as Field[key]["input"] extends false
? never
: Field[key]["required"] extends false
? key
: Field[key]["defaultValue"] extends string | number | boolean | Date
? key
: never]?: InferFieldInput<Field[key]> | undefined | null;
}
: {};
type InferFieldOutput<T extends DBFieldAttribute> = T["returned"] extends false
? never
: T["required"] extends false
? InferValueType<T["type"]> | undefined | null
: InferValueType<T["type"]>;
/**
* Converts a Record<string, DBFieldAttribute> to an object type
* with keys and value types inferred from DBFieldAttribute["type"].
*/
export type FieldAttributeToObject<
Fields extends Record<string, DBFieldAttribute>,
> = AddOptionalFields<
{
[K in keyof Fields]: InferValueType<Fields[K]["type"]>;
},
Fields
>;
type AddOptionalFields<
T extends Record<string, any>,
Fields extends Record<keyof T, DBFieldAttribute>,
> = {
// Required fields: required === true
[K in keyof T as Fields[K] extends { required: true } ? K : never]: T[K];
} & {
// Optional fields: required !== true
[K in keyof T as Fields[K] extends { required: true } ? never : K]?: T[K];
};
/**
* Infer the additional fields from the plugin options.
* For example, you can infer the additional fields of the org plugin's organization schema like this:
* ```ts
* type AdditionalFields = InferAdditionalFieldsFromPluginOptions<"organization", OrganizationOptions>
* ```
*/
export type InferAdditionalFieldsFromPluginOptions<
SchemaName extends string,
Options extends {
schema?: {
[key in SchemaName]?: {
additionalFields?: Record<string, DBFieldAttribute>;
};
};
},
isClientSide extends boolean = true,
> = Options["schema"] extends {
[key in SchemaName]?: {
additionalFields: infer Field extends Record<string, DBFieldAttribute>;
};
}
? isClientSide extends true
? FieldAttributeToObject<RemoveFieldsWithInputFalse<Field>>
: FieldAttributeToObject<Field>
: {};
type RemoveFieldsWithInputFalse<T extends Record<string, DBFieldAttribute>> = {
[K in keyof T as T[K]["input"] extends false ? never : K]: T[K];
};
type InferFieldInput<T extends DBFieldAttribute> = InferValueType<T["type"]>;
export type PluginFieldAttribute = Omit<
DBFieldAttribute,
"transform" | "defaultValue" | "hashValue"
>;
export type InferFieldsFromPlugins<
Options extends BetterAuthOptions,
Key extends string,
Format extends "output" | "input" = "output",
> = Options["plugins"] extends []
? {}
: Options["plugins"] extends Array<infer T>
? T extends {
schema: {
[key in Key]: {
fields: infer Field;
};
};
}
? Format extends "output"
? InferFieldsOutput<Field>
: InferFieldsInput<Field>
: {}
: {};
export type InferFieldsFromOptions<
Options extends BetterAuthOptions,
Key extends "session" | "user",
Format extends "output" | "input" = "output",
> = Options[Key] extends {
additionalFields: infer Field;
}
? Format extends "output"
? InferFieldsOutput<Field>
: InferFieldsInput<Field>
: {};
```
--------------------------------------------------------------------------------
/docs/content/docs/integrations/hono.mdx:
--------------------------------------------------------------------------------
```markdown
---
title: Hono Integration
description: Integrate Better Auth with Hono.
---
Before you start, make sure you have a Better Auth instance configured. If you haven't done that yet, check out the [installation](/docs/installation).
### Mount the handler
We need to mount the handler to Hono endpoint.
```ts
import { Hono } from "hono";
import { auth } from "./auth";
import { serve } from "@hono/node-server";
const app = new Hono();
app.on(["POST", "GET"], "/api/auth/*", (c) => {
return auth.handler(c.req.raw);
});
serve(app);
```
### Cors
To configure cors, you need to use the `cors` plugin from `hono/cors`.
```ts
import { Hono } from "hono";
import { auth } from "./auth";
import { serve } from "@hono/node-server";
import { cors } from "hono/cors";
const app = new Hono();
app.use(
"/api/auth/*", // or replace with "*" to enable cors for all routes
cors({
origin: "http://localhost:3001", // replace with your origin
allowHeaders: ["Content-Type", "Authorization"],
allowMethods: ["POST", "GET", "OPTIONS"],
exposeHeaders: ["Content-Length"],
maxAge: 600,
credentials: true,
}),
);
app.on(["POST", "GET"], "/api/auth/*", (c) => {
return auth.handler(c.req.raw);
});
serve(app);
```
> **Important:** CORS middleware must be registered before your routes. This ensures that cross-origin requests are properly handled before they reach your authentication endpoints.
### Middleware
You can add a middleware to save the `session` and `user` in a `context` and also add validations for every route.
```ts
import { Hono } from "hono";
import { auth } from "./auth";
import { serve } from "@hono/node-server";
import { cors } from "hono/cors";
const app = new Hono<{
Variables: {
user: typeof auth.$Infer.Session.user | null;
session: typeof auth.$Infer.Session.session | null
}
}>();
app.use("*", async (c, next) => {
const session = await auth.api.getSession({ headers: c.req.raw.headers });
if (!session) {
c.set("user", null);
c.set("session", null);
return next();
}
c.set("user", session.user);
c.set("session", session.session);
return next();
});
app.on(["POST", "GET"], "/api/auth/*", (c) => {
return auth.handler(c.req.raw);
});
serve(app);
```
This will allow you to access the `user` and `session` object in all of your routes.
```ts
app.get("/session", (c) => {
const session = c.get("session")
const user = c.get("user")
if(!user) return c.body(null, 401);
return c.json({
session,
user
});
});
```
### Cross-Domain Cookies
By default, all Better Auth cookies are set with `SameSite=Lax`. If you need to use cookies across different domains, you’ll need to set `SameSite=None` and `Secure=true`. However, we recommend using subdomains whenever possible, as this allows you to keep `SameSite=Lax`. To enable cross-subdomain cookies, simply turn on `crossSubDomainCookies` in your auth config.
```ts title="auth.ts"
export const auth = createAuth({
advanced: {
crossSubDomainCookies: {
enabled: true
}
}
})
```
If you still need to set `SameSite=None` and `Secure=true`, you can adjust these attributes globally through `cookieOptions` in the `createAuth` configuration.
```ts title="auth.ts"
export const auth = createAuth({
advanced: {
defaultCookieAttributes: {
sameSite: "none",
secure: true,
partitioned: true // New browser standards will mandate this for foreign cookies
}
}
})
```
You can also customize cookie attributes individually by setting them within `cookies` in your auth config.
```ts title="auth.ts"
export const auth = createAuth({
advanced: {
cookies: {
sessionToken: {
attributes: {
sameSite: "none",
secure: true,
partitioned: true // New browser standards will mandate this for foreign cookies
}
}
}
}
})
```
### Client-Side Configuration
When using the Hono client (`@hono/client`) to make requests to your Better Auth-protected endpoints, you need to configure it to send credentials (cookies) with cross-origin requests.
```ts title="api.ts"
import { hc } from "hono/client";
import type { AppType } from "./server"; // Your Hono app type
const client = hc<AppType>("http://localhost:8787/", {
init: {
credentials: "include", // Required for sending cookies cross-origin
},
});
// Now your client requests will include credentials
const response = await client.someProtectedEndpoint.$get();
```
This configuration is necessary when:
- Your client and server are on different domains/ports during development
- You're making cross-origin requests in production
- You need to send authentication cookies with your requests
The `credentials: "include"` option tells the fetch client to send cookies even for cross-origin requests. This works in conjunction with the CORS configuration on your server that has `credentials: true`.
> **Note:** Make sure your CORS configuration on the server matches your client's domain, and that `credentials: true` is set in both the server's CORS config and the client's fetch config.
```
--------------------------------------------------------------------------------
/packages/better-auth/src/adapters/adapter-factory/types.ts:
--------------------------------------------------------------------------------
```typescript
import type {
DBFieldAttribute,
BetterAuthDBSchema,
} from "@better-auth/core/db";
import type {
DBAdapterFactoryConfig,
CustomAdapter as CoreCustomAdapter,
} from "@better-auth/core/db/adapter";
import type {
AdapterSchemaCreation,
TransactionAdapter,
Where,
} from "../../types";
import type { BetterAuthOptions } from "@better-auth/core";
import type { Prettify } from "../../types/helper";
export type AdapterFactoryOptions = {
config: AdapterFactoryConfig;
adapter: AdapterFactoryCustomizeAdapterCreator;
};
/**
* @deprecated Use `DBAdapterFactoryConfig` from `@better-auth/core/db/adapter` instead.
*/
export interface AdapterFactoryConfig
extends Omit<DBAdapterFactoryConfig<BetterAuthOptions>, "transaction"> {
/**
* Execute multiple operations in a transaction.
*
* If the database doesn't support transactions, set this to `false` and operations will be executed sequentially.
*
* @default false
*/
transaction?:
| false
| (<R>(callback: (trx: TransactionAdapter) => Promise<R>) => Promise<R>);
}
export type AdapterFactoryCustomizeAdapterCreator = (config: {
options: BetterAuthOptions;
/**
* The schema of the user's Better-Auth instance.
*/
schema: BetterAuthDBSchema;
/**
* The debug log function.
*
* If the config has defined `debugLogs` as `false`, no logs will be shown.
*/
debugLog: (...args: any[]) => void;
/**
* Get the model name which is expected to be saved in the database based on the user's schema.
*/
getModelName: (model: string) => string;
/**
* Get the field name which is expected to be saved in the database based on the user's schema.
*/
getFieldName: ({ model, field }: { model: string; field: string }) => string;
/**
* This function helps us get the default model name from the schema defined by devs.
* Often times, the user will be using the `modelName` which could had been customized by the users.
* This function helps us get the actual model name useful to match against the schema. (eg: schema[model])
*
* If it's still unclear what this does:
*
* 1. User can define a custom modelName.
* 2. When using a custom modelName, doing something like `schema[model]` will not work.
* 3. Using this function helps us get the actual model name based on the user's defined custom modelName.
* 4. Thus allowing us to use `schema[model]`.
*/
getDefaultModelName: (model: string) => string;
/**
* This function helps us get the default field name from the schema defined by devs.
* Often times, the user will be using the `fieldName` which could had been customized by the users.
* This function helps us get the actual field name useful to match against the schema. (eg: schema[model].fields[field])
*
* If it's still unclear what this does:
*
* 1. User can define a custom fieldName.
* 2. When using a custom fieldName, doing something like `schema[model].fields[field]` will not work.
*
*/
getDefaultFieldName: ({
model,
field,
}: {
model: string;
field: string;
}) => string;
/**
* Get the field attributes for a given model and field.
*
* Note: any model name or field name is allowed, whether default to schema or not.
*/
getFieldAttributes: ({
model,
field,
}: {
model: string;
field: string;
}) => DBFieldAttribute;
// The following functions are exposed primarily for the purpose of having wrapper adapters.
transformInput: (
data: Record<string, any>,
defaultModelName: string,
action: "create" | "update",
forceAllowId?: boolean,
) => Promise<Record<string, any>>;
transformOutput: (
data: Record<string, any>,
defaultModelName: string,
select?: string[],
) => Promise<Record<string, any>>;
transformWhereClause: <W extends Where[] | undefined>({
model,
where,
}: {
where: W;
model: string;
}) => W extends undefined ? undefined : CleanedWhere[];
}) => CustomAdapter;
/**
* @deprecated Use `CustomAdapter` from `@better-auth/core/db/adapter` instead.
*/
export interface CustomAdapter extends Omit<CoreCustomAdapter, "createSchema"> {
createSchema?: (props: {
/**
* The file the user may have passed in to the `generate` command as the expected schema file output path.
*/
file?: string;
/**
* The tables from the user's Better-Auth instance schema.
*/
tables: BetterAuthDBSchema;
}) => Promise<AdapterSchemaCreation>;
}
/**
* @deprecated Use `CleanedWhere` from `@better-auth/core/db/adapter` instead.
*/
export type CleanedWhere = Prettify<Required<Where>>;
export type AdapterTestDebugLogs = {
resetDebugLogs: () => void;
printDebugLogs: () => void;
};
/**
* @deprecated Use `AdapterFactoryOptions` instead. This export will be removed in a future version.
*/
export type CreateAdapterOptions = AdapterFactoryOptions;
/**
* @deprecated Use `AdapterFactoryConfig` instead. This export will be removed in a future version.
*/
export type AdapterConfig = AdapterFactoryConfig;
/**
* @deprecated Use `AdapterFactoryCustomizeAdapterCreator` instead. This export will be removed in a future version.
*/
export type CreateCustomAdapter = AdapterFactoryCustomizeAdapterCreator;
```
--------------------------------------------------------------------------------
/docs/content/docs/reference/resources.mdx:
--------------------------------------------------------------------------------
```markdown
---
title: Resources
description: A curated collection of resources to help you learn and master Better Auth.
---
import { Resource } from "@/components/resource-section";
A curated collection of resources to help you learn and master Better Auth. From blog posts to video tutorials, find everything you need to get started.
## Video tutorials
<Resource resources={
[
{
title: "The State of Authentication",
description:
"<strong>Theo(t3.gg)</strong> explores the current landscape of authentication, discussing trends, challenges, and where the industry is heading.",
href: "https://www.youtube.com/watch?v=lxslnp-ZEMw",
tags: ["trends", "showcase", "review"],
},
{
title: "Last Authentication You Will Ever Need",
description:
"A comprehensive tutorial demonstrating why Better Auth could be the final authentication solution you'll need for your projects.",
href: "https://www.youtube.com/watch?v=hFtufpaMcLM",
tags: ["implementation", "showcase"],
},
{
title: "This Might Be My New Favourite Auth Library",
description:
"<strong>developedbyed</strong> explores the features and capabilities of Better Auth, explaining why it stands out among authentication libraries.",
href: "https://www.youtube.com/watch?v=Hjs3zM7o7NE",
tags: ["review", "showcase"],
},
{
title: "8 Reasons To Try Better Auth",
description:
"<strong>CJ</strong> presents 8 compelling reasons why Better Auth is the BEST auth framework he's ever used, demonstrating its superior features and ease of implementation.",
href: "https://www.youtube.com/watch?v=_OApmLmex14",
tags: ["review", "showcase", "implementation"],
},
{
title: "Better Auth is so good that I almost switched programming languages",
description:
"<strong>Dreams of Code</strong> reviews Better Auth's features that nearly made them switch languages.",
href: "https://www.youtube.com/watch?v=dNY4FKXwTsM",
tags: ["review", "showcase", "implementation"],
},
{
title: "Best authentication framework for next.js",
description:
"A detailed comparison of authentication frameworks for Next.js, highlighting why Better Auth might be your best choice.",
href: "https://www.youtube.com/watch?v=V--T0q9FrEw",
tags: ["nextjs", "comparison"],
},
{
title: "Better-Auth: A First Look",
description:
"An introductory overview and demonstration of Better Auth's core features and capabilities.",
href: "https://www.youtube.com/watch?v=2cQTV6NYxis",
tags: ["implementation", "showcase"],
},
{
title: "Stripe was never so easy (with better auth)",
description: "A tutorial on how to integrate Stripe with Better Auth.",
href: "https://www.youtube.com/watch?v=g-RIrzBEX6M",
tags: ["implementation"],
},
{
title: "Nextjs 15 Authentication Made EASY with Better Auth",
description:
"A practical guide showing how to seamlessly integrate Better Auth with Next.js 15 for robust authentication.",
href: "https://www.youtube.com/watch?v=lxslnp-ZEMw",
tags: ["nextjs", "implementation", "tutorial"],
},
{
title: "Better Auth: Headless Authentication for Your TanStack Start App",
description: "<strong>Jack</strong> demonstrates how to implement headless authentication in your TanStack Start application using Better Auth, providing a modern approach to auth.",
href: "https://www.youtube.com/watch?v=Atev8Nxpw7c",
tags: ["tanstack", "implementation"],
},
{
title: "Goodbye Clerk, Hello Better Auth – Full Migration Guide!",
description: "A comprehensive guide showing how to migrate your authentication from Clerk to Better Auth, with step-by-step instructions and best practices.",
href: "https://www.youtube.com/watch?v=Za_QihbDSuk",
tags: ["migration", "clerk", "tutorial"],
},
]
} />
## Blog posts
<Resource resources={
[
{
title: "Better Auth with Hono, Bun, TypeScript, React and Vite",
description:
"You'll learn how to implement authentication with Better Auth in a client - server architecture, where the frontend is separate from the backend.",
href: "https://catalins.tech/better-auth-with-hono-bun-typescript-react-vite",
tags: ["typescript", "react", "bun", "vite"],
},
{
title: "Polar.sh + BetterAuth for Organizations",
description:
"Polar.sh is a platform for building payment integrations. This article will show you how to use Better Auth to authenticate your users.",
href: "https://dev.to/phumudzosly/polarsh-betterauth-for-organizations-1j1b",
tags: ["organizations", "integration", "payments"],
},
{
title: "Authenticating users in Astro with Better Auth",
description:
"Step by step guide on how to authenticate users in Astro with Better Auth.",
href: "https://www.launchfa.st/blog/astro-better-auth",
tags: ["astro", "integration", "tutorial"],
},
{
title: "Building Multi-Tenant Apps With Better-Auth and ZenStack",
description:
"Learn how to build multi-tenant apps with Better-Auth and ZenStack.",
href: "https://zenstack.dev/blog/better-auth",
tags: ["multi-tenant", "zenstack", "architecture"],
},
]
} />
```
--------------------------------------------------------------------------------
/docs/app/changelogs/_components/changelog-layout.tsx:
--------------------------------------------------------------------------------
```typescript
import Link from "next/link";
import { useId } from "react";
import clsx from "clsx";
import { DiscordLogoIcon } from "@radix-ui/react-icons";
function BookIcon(props: React.ComponentPropsWithoutRef<"svg">) {
return (
<svg viewBox="0 0 16 16" aria-hidden="true" fill="currentColor" {...props}>
<path d="M7 3.41a1 1 0 0 0-.668-.943L2.275 1.039a.987.987 0 0 0-.877.166c-.25.192-.398.493-.398.812V12.2c0 .454.296.853.725.977l3.948 1.365A1 1 0 0 0 7 13.596V3.41ZM9 13.596a1 1 0 0 0 1.327.946l3.948-1.365c.429-.124.725-.523.725-.977V2.017c0-.32-.147-.62-.398-.812a.987.987 0 0 0-.877-.166L9.668 2.467A1 1 0 0 0 9 3.41v10.186Z" />
</svg>
);
}
function GitHubIcon(props: React.ComponentPropsWithoutRef<"svg">) {
return (
<svg viewBox="0 0 16 16" aria-hidden="true" fill="currentColor" {...props}>
<path d="M8 .198a8 8 0 0 0-8 8 7.999 7.999 0 0 0 5.47 7.59c.4.076.547-.172.547-.384 0-.19-.007-.694-.01-1.36-2.226.482-2.695-1.074-2.695-1.074-.364-.923-.89-1.17-.89-1.17-.725-.496.056-.486.056-.486.803.056 1.225.824 1.225.824.714 1.224 1.873.87 2.33.666.072-.518.278-.87.507-1.07-1.777-.2-3.644-.888-3.644-3.954 0-.873.31-1.586.823-2.146-.09-.202-.36-1.016.07-2.118 0 0 .67-.214 2.2.82a7.67 7.67 0 0 1 2-.27 7.67 7.67 0 0 1 2 .27c1.52-1.034 2.19-.82 2.19-.82.43 1.102.16 1.916.08 2.118.51.56.82 1.273.82 2.146 0 3.074-1.87 3.75-3.65 3.947.28.24.54.73.54 1.48 0 1.07-.01 1.93-.01 2.19 0 .21.14.46.55.38A7.972 7.972 0 0 0 16 8.199a8 8 0 0 0-8-8Z" />
</svg>
);
}
function FeedIcon(props: React.ComponentPropsWithoutRef<"svg">) {
return (
<svg viewBox="0 0 16 16" aria-hidden="true" fill="currentColor" {...props}>
<path
fillRule="evenodd"
clipRule="evenodd"
d="M2.5 3a.5.5 0 0 1 .5-.5h.5c5.523 0 10 4.477 10 10v.5a.5.5 0 0 1-.5.5h-.5a.5.5 0 0 1-.5-.5v-.5A8.5 8.5 0 0 0 3.5 4H3a.5.5 0 0 1-.5-.5V3Zm0 4.5A.5.5 0 0 1 3 7h.5A5.5 5.5 0 0 1 9 12.5v.5a.5.5 0 0 1-.5.5H8a.5.5 0 0 1-.5-.5v-.5a4 4 0 0 0-4-4H3a.5.5 0 0 1-.5-.5v-.5Zm0 5a1 1 0 1 1 2 0 1 1 0 0 1-2 0Z"
/>
</svg>
);
}
function XIcon(props: React.ComponentPropsWithoutRef<"svg">) {
return (
<svg viewBox="0 0 16 16" aria-hidden="true" fill="currentColor" {...props}>
<path d="M9.51762 6.77491L15.3459 0H13.9648L8.90409 5.88256L4.86212 0H0.200195L6.31244 8.89547L0.200195 16H1.58139L6.92562 9.78782L11.1942 16H15.8562L9.51728 6.77491H9.51762ZM7.62588 8.97384L7.00658 8.08805L2.07905 1.03974H4.20049L8.17706 6.72795L8.79636 7.61374L13.9654 15.0075H11.844L7.62588 8.97418V8.97384Z" />
</svg>
);
}
export function Intro() {
return (
<>
<h1 className="mt-14 font-sans font-semibold tracking-tighter text-5xl">
All of the changes made will be{" "}
<span className="">available here.</span>
</h1>
<p className="mt-4 text-sm text-gray-600 dark:text-gray-300">
Better Auth is comprehensive authentication library for TypeScript that
provides a wide range of features to make authentication easier and more
secure.
</p>
<hr className="h-px bg-gray-300 mt-5" />
<div className="mt-8 flex flex-wrap text-gray-600 dark:text-gray-300 justify-center gap-x-1 gap-y-3 sm:gap-x-2 lg:justify-start">
<IconLink
href="/docs"
icon={BookIcon}
className="flex-none text-gray-600 dark:text-gray-300"
>
Documentation
</IconLink>
<IconLink
href="https://github.com/better-auth/better-auth"
icon={GitHubIcon}
className="flex-none text-gray-600 dark:text-gray-300"
>
GitHub
</IconLink>
<IconLink
href="https://discord.gg/better-auth"
icon={DiscordLogoIcon}
className="flex-none text-gray-600 dark:text-gray-300"
>
Community
</IconLink>
</div>
</>
);
}
export function IntroFooter() {
return (
<p className="flex items-baseline gap-x-2 text-[0.8125rem]/6 text-gray-500">
Brought to you by{" "}
<IconLink href="#" icon={XIcon} compact>
BETTER-AUTH.
</IconLink>
</p>
);
}
export function SignUpForm() {
let id = useId();
return (
<form className="relative isolate mt-8 flex items-center pr-1">
<label htmlFor={id} className="sr-only">
Email address
</label>
<div className="absolute inset-0 -z-10 rounded-lg transition peer-focus:ring-4 peer-focus:ring-sky-300/15" />
<div className="absolute inset-0 -z-10 rounded-lg bg-white/2.5 ring-1 ring-white/15 transition peer-focus:ring-sky-300" />
</form>
);
}
export function IconLink({
children,
className,
compact = false,
icon: Icon,
...props
}: React.ComponentPropsWithoutRef<typeof Link> & {
compact?: boolean;
icon?: React.ComponentType<{ className?: string }>;
}) {
return (
<Link
{...props}
className={clsx(
className,
"group relative isolate flex items-center px-2 py-0.5 text-[0.8125rem]/6 font-medium text-black/70 dark:text-white/30 transition-colors hover:text-stone-300 rounded-none",
compact ? "gap-x-2" : "gap-x-3",
)}
>
<span className="absolute inset-0 -z-10 scale-75 rounded-lg bg-white/5 opacity-0 transition group-hover:scale-100 group-hover:opacity-100" />
{Icon && <Icon className="h-4 w-4 flex-none" />}
<span className="self-baseline text-black/70 dark:text-white">
{children}
</span>
</Link>
);
}
```
--------------------------------------------------------------------------------
/docs/content/docs/reference/contributing.mdx:
--------------------------------------------------------------------------------
```markdown
---
title: Contributing to BetterAuth
description: A concise guide to contributing to BetterAuth
---
Thank you for your interest in contributing to Better Auth! This guide is a concise guide to contributing to Better Auth.
## Getting Started
Before diving in, here are a few important resources:
- Take a look at our existing <Link href="https://github.com/better-auth/better-auth/issues">issues</Link> and <Link href="https://github.com/better-auth/better-auth/pulls">pull requests</Link>
- Join our community discussions in <Link href="https://discord.gg/better-auth">Discord</Link>
## Development Setup
To get started with development:
<Callout type="warn">
Make sure you have <Link href="https://nodejs.org/en/download">Node.JS</Link>{" "}
installed, preferably on LTS.
</Callout>
<Steps>
<Step>
### 1. Fork the repository
Visit https://github.com/better-auth/better-auth
Click the "Fork" button in the top right.
</Step>
<Step>
### 2. Clone your fork
```bash
# Replace YOUR-USERNAME with your GitHub username
git clone https://github.com/YOUR-USERNAME/better-auth.git
cd better-auth
```
</Step>
<Step>
### 3. Install dependencies
Make sure you have <Link href="https://pnpm.io/installation">pnpm</Link> installed!
```bash
pnpm install
```
</Step>
<Step>
### 4. Prepare ENV files
Copy the example env file to create your new `.env` file.
```bash
cp -n ./docs/.env.example ./docs/.env
```
</Step>
</Steps>
## Making changes
Once you have an idea of what you want to contribute, you can start making changes. Here are some steps to get started:
<Steps>
<Step>
### 1. Create a new branch
```bash
# Make sure you're on main
git checkout main
# Pull latest changes
git pull upstream main
# Create and switch to a new branch
git checkout -b feature/your-feature-name
```
</Step>
<Step>
### 2. Start development server
Start the development server:
```bash
pnpm dev
```
To start the docs server:
```bash
pnpm -F docs dev
```
</Step>
<Step>
### 3. Make Your Changes
* Make your changes to the codebase.
* Write tests if needed. (Read more about testing <Link href="/docs/reference/contributing#testing">here</Link>)
* Update documentation. (Read more about documenting <Link href="/docs/reference/contributing#documentation">here</Link>)
</Step>
</Steps>
### Issues and Bug Fixes
- Check our [GitHub issues](https://github.com/better-auth/better-auth/issues) for tasks labeled `good first issue`
- When reporting bugs, include steps to reproduce and expected behavior
- Comment on issues you'd like to work on to avoid duplicate efforts
### Framework Integrations
We welcome contributions to support more frameworks:
- Focus on framework-agnostic solutions where possible
- Keep integrations minimal and maintainable
- All integrations currently live in the main package
### Plugin Development
- For core plugins: Open an issue first to discuss your idea
- For community plugins: Feel free to develop independently
- Follow our plugin architecture guidelines
### Documentation
- Fix typos and errors
- Add examples and clarify existing content
- Ensure documentation is up to date with code changes
## Testing
We use Vitest for testing. Place test files next to the source files they test:
```ts
import { describe, it, expect } from "vitest";
import { getTestInstance } from "./test-utils/test-instance";
describe("Feature", () => {
it("should work as expected", async () => {
const { client } = await getTestInstance();
// Test code here
expect(result).toBeDefined();
});
});
```
### Using the Test Instance Helper
The test instance helper now includes improved async context support for managing user sessions:
```ts
const { client, runWithUser, signInWithTestUser } = await getTestInstance();
// Run tests with a specific user context
await runWithUser("[email protected]", "password", async (headers) => {
// All client calls within this block will use the user's session
const response = await client.getSession();
// headers are automatically applied
});
// Or use the test user with async context
const { runWithDefaultUser } = await signInWithTestUser();
await runWithDefaultUser(async (headers) => {
// Code here runs with the test user's session context
});
```
### Testing Best Practices
- Write clear commit messages
- Update documentation to reflect your changes
- Add tests for new features
- Follow our coding standards
- Keep pull requests focused on a single change
## Need Help?
Don't hesitate to ask for help! You can:
- Open an <Link href="https://github.com/better-auth/better-auth/issues">issue</Link> with questions
- Join our <Link href="https://discord.gg/better-auth">community discussions</Link>
- Reach out to project maintainers
Thank you for contributing to Better Auth!
```