@better-auth/expo
Version:
Better Auth integration for Expo and React Native applications.
1 lines • 5.98 kB
Source Map (JSON)
{"version":3,"file":"index.mjs","names":[],"sources":["../src/routes.ts","../src/index.ts"],"sourcesContent":["import { HIDE_METADATA } from \"better-auth\";\nimport { APIError, createAuthEndpoint } from \"better-auth/api\";\nimport * as z from \"zod\";\n\nexport const expoAuthorizationProxy = createAuthEndpoint(\n\t\"/expo-authorization-proxy\",\n\t{\n\t\tmethod: \"GET\",\n\t\tquery: z.object({\n\t\t\tauthorizationURL: z.string(),\n\t\t\toauthState: z.string().optional(),\n\t\t}),\n\t\tmetadata: HIDE_METADATA,\n\t},\n\tasync (ctx) => {\n\t\tconst { oauthState } = ctx.query;\n\t\tif (oauthState) {\n\t\t\tconst oauthStateCookie = ctx.context.createAuthCookie(\"oauth_state\", {\n\t\t\t\tmaxAge: 10 * 60, // 10 minutes\n\t\t\t});\n\t\t\tctx.setCookie(\n\t\t\t\toauthStateCookie.name,\n\t\t\t\toauthState,\n\t\t\t\toauthStateCookie.attributes,\n\t\t\t);\n\t\t\treturn ctx.redirect(ctx.query.authorizationURL);\n\t\t}\n\n\t\tconst { authorizationURL } = ctx.query;\n\t\tconst url = new URL(authorizationURL);\n\t\tconst state = url.searchParams.get(\"state\");\n\t\tif (!state) {\n\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\tmessage: \"Unexpected error\",\n\t\t\t});\n\t\t}\n\t\tconst stateCookie = ctx.context.createAuthCookie(\"state\", {\n\t\t\tmaxAge: 5 * 60, // 5 minutes\n\t\t});\n\t\tawait ctx.setSignedCookie(\n\t\t\tstateCookie.name,\n\t\t\tstate,\n\t\t\tctx.context.secret,\n\t\t\tstateCookie.attributes,\n\t\t);\n\t\treturn ctx.redirect(ctx.query.authorizationURL);\n\t},\n);\n","import type { BetterAuthPlugin } from \"@better-auth/core\";\nimport { createAuthMiddleware } from \"@better-auth/core/api\";\nimport { expoAuthorizationProxy } from \"./routes\";\n\nexport interface ExpoOptions {\n\t/**\n\t * Disable origin override for expo API routes\n\t * When set to true, the origin header will not be overridden for expo API routes\n\t */\n\tdisableOriginOverride?: boolean | undefined;\n}\n\nexport const expo = (options?: ExpoOptions | undefined) => {\n\treturn {\n\t\tid: \"expo\",\n\t\tinit: (ctx) => {\n\t\t\tconst trustedOrigins =\n\t\t\t\tprocess.env.NODE_ENV === \"development\" ? [\"exp://\"] : [];\n\n\t\t\treturn {\n\t\t\t\toptions: {\n\t\t\t\t\ttrustedOrigins,\n\t\t\t\t},\n\t\t\t};\n\t\t},\n\t\tasync onRequest(request, ctx) {\n\t\t\tif (options?.disableOriginOverride || request.headers.get(\"origin\")) {\n\t\t\t\treturn;\n\t\t\t}\n\t\t\t/**\n\t\t\t * To bypass origin check from expo, we need to set the origin\n\t\t\t * header to the expo-origin header\n\t\t\t */\n\t\t\tconst expoOrigin = request.headers.get(\"expo-origin\");\n\t\t\tif (!expoOrigin) {\n\t\t\t\treturn;\n\t\t\t}\n\t\t\tconst req = request.clone();\n\t\t\treq.headers.set(\"origin\", expoOrigin);\n\t\t\treturn {\n\t\t\t\trequest: req,\n\t\t\t};\n\t\t},\n\t\thooks: {\n\t\t\tafter: [\n\t\t\t\t{\n\t\t\t\t\tmatcher(context) {\n\t\t\t\t\t\treturn !!(\n\t\t\t\t\t\t\tcontext.path?.startsWith(\"/callback\") ||\n\t\t\t\t\t\t\tcontext.path?.startsWith(\"/oauth2/callback\") ||\n\t\t\t\t\t\t\tcontext.path?.startsWith(\"/magic-link/verify\") ||\n\t\t\t\t\t\t\tcontext.path?.startsWith(\"/verify-email\")\n\t\t\t\t\t\t);\n\t\t\t\t\t},\n\t\t\t\t\thandler: createAuthMiddleware(async (ctx) => {\n\t\t\t\t\t\tconst headers = ctx.context.responseHeaders;\n\t\t\t\t\t\tconst location = headers?.get(\"location\");\n\t\t\t\t\t\tif (!location) {\n\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t}\n\t\t\t\t\t\tconst isProxyURL = location.includes(\"/oauth-proxy-callback\");\n\t\t\t\t\t\tif (isProxyURL) {\n\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t}\n\t\t\t\t\t\tconst trustedOrigins = ctx.context.trustedOrigins.filter(\n\t\t\t\t\t\t\t(origin: string) => !origin.startsWith(\"http\"),\n\t\t\t\t\t\t);\n\t\t\t\t\t\tconst isTrustedOrigin = trustedOrigins.some((origin: string) =>\n\t\t\t\t\t\t\tlocation?.startsWith(origin),\n\t\t\t\t\t\t);\n\t\t\t\t\t\tif (!isTrustedOrigin) {\n\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t}\n\t\t\t\t\t\tconst cookie = headers?.get(\"set-cookie\");\n\t\t\t\t\t\tif (!cookie) {\n\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t}\n\t\t\t\t\t\tconst url = new URL(location);\n\t\t\t\t\t\turl.searchParams.set(\"cookie\", cookie);\n\t\t\t\t\t\tctx.setHeader(\"location\", url.toString());\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t],\n\t\t},\n\t\tendpoints: {\n\t\t\texpoAuthorizationProxy,\n\t\t},\n\t\toptions,\n\t} satisfies BetterAuthPlugin;\n};\n"],"mappings":";;;;;;AAIA,MAAa,yBAAyB,mBACrC,6BACA;CACC,QAAQ;CACR,OAAO,EAAE,OAAO;EACf,kBAAkB,EAAE,QAAQ;EAC5B,YAAY,EAAE,QAAQ,CAAC,UAAU;EACjC,CAAC;CACF,UAAU;CACV,EACD,OAAO,QAAQ;CACd,MAAM,EAAE,eAAe,IAAI;AAC3B,KAAI,YAAY;EACf,MAAM,mBAAmB,IAAI,QAAQ,iBAAiB,eAAe,EACpE,QAAQ,KACR,CAAC;AACF,MAAI,UACH,iBAAiB,MACjB,YACA,iBAAiB,WACjB;AACD,SAAO,IAAI,SAAS,IAAI,MAAM,iBAAiB;;CAGhD,MAAM,EAAE,qBAAqB,IAAI;CAEjC,MAAM,QADM,IAAI,IAAI,iBAAiB,CACnB,aAAa,IAAI,QAAQ;AAC3C,KAAI,CAAC,MACJ,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,oBACT,CAAC;CAEH,MAAM,cAAc,IAAI,QAAQ,iBAAiB,SAAS,EACzD,QAAQ,KACR,CAAC;AACF,OAAM,IAAI,gBACT,YAAY,MACZ,OACA,IAAI,QAAQ,QACZ,YAAY,WACZ;AACD,QAAO,IAAI,SAAS,IAAI,MAAM,iBAAiB;EAEhD;;;;ACnCD,MAAa,QAAQ,YAAsC;AAC1D,QAAO;EACN,IAAI;EACJ,OAAO,QAAQ;AAId,UAAO,EACN,SAAS,EACR,gBAJD,QAAQ,IAAI,aAAa,gBAAgB,CAAC,SAAS,GAAG,EAAE,EAKvD,EACD;;EAEF,MAAM,UAAU,SAAS,KAAK;AAC7B,OAAI,SAAS,yBAAyB,QAAQ,QAAQ,IAAI,SAAS,CAClE;;;;;GAMD,MAAM,aAAa,QAAQ,QAAQ,IAAI,cAAc;AACrD,OAAI,CAAC,WACJ;GAED,MAAM,MAAM,QAAQ,OAAO;AAC3B,OAAI,QAAQ,IAAI,UAAU,WAAW;AACrC,UAAO,EACN,SAAS,KACT;;EAEF,OAAO,EACN,OAAO,CACN;GACC,QAAQ,SAAS;AAChB,WAAO,CAAC,EACP,QAAQ,MAAM,WAAW,YAAY,IACrC,QAAQ,MAAM,WAAW,mBAAmB,IAC5C,QAAQ,MAAM,WAAW,qBAAqB,IAC9C,QAAQ,MAAM,WAAW,gBAAgB;;GAG3C,SAAS,qBAAqB,OAAO,QAAQ;IAC5C,MAAM,UAAU,IAAI,QAAQ;IAC5B,MAAM,WAAW,SAAS,IAAI,WAAW;AACzC,QAAI,CAAC,SACJ;AAGD,QADmB,SAAS,SAAS,wBAAwB,CAE5D;AAQD,QAAI,CANmB,IAAI,QAAQ,eAAe,QAChD,WAAmB,CAAC,OAAO,WAAW,OAAO,CAC9C,CACsC,MAAM,WAC5C,UAAU,WAAW,OAAO,CAC5B,CAEA;IAED,MAAM,SAAS,SAAS,IAAI,aAAa;AACzC,QAAI,CAAC,OACJ;IAED,MAAM,MAAM,IAAI,IAAI,SAAS;AAC7B,QAAI,aAAa,IAAI,UAAU,OAAO;AACtC,QAAI,UAAU,YAAY,IAAI,UAAU,CAAC;KACxC;GACF,CACD,EACD;EACD,WAAW,EACV,wBACA;EACD;EACA"}