* docs(api-key): move schema section to the bottom
* fix: shouldn't refresh a token if access token expires is undefined or null (#3577)
* fix: ensure session is added to context when reading from cookie cache (#3578)
When session data is present in the cookie, `get-session` was
early-returning without adding the session to the context, causing hooks
to receive a null session.
This change ensures the session is consistently added to the context.
* chore: export siwe in better-auth/plugins (#3596)
The docs were using this import path, yet `siwe` wasn't exported there. This PR fixes this.
* chore: fix cookies test
* docs: make client-side vs. server-side explicit (#3603)
* docs: fix broken link to ERC-4361 in siwe docs (#3604)
* fix(jwt): ensure alg is added to the jwks when generating via /token endpoint (#3601)
* fix: Ensure alg is added to the jwks when generating via /token endpoint
* chore: resolve linting issues
* fix: cast dates from db to Date when using date methods
* fix lint
---------
Co-authored-by: Bereket Engida <Bekacru@gmail.com>
Co-authored-by: Bereket Engida <86073083+Bekacru@users.noreply.github.com>
Co-authored-by: Gagan G <80091397+gaganref@users.noreply.github.com>
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
Co-authored-by: Justin <127172022+jl33-ai@users.noreply.github.com>
Co-authored-by: Fraol Lemecha <fraol0912@gmail.com>
Co-authored-by: Elliott Minns <elliott.minns@pm.me>
* docs(api-key): move schema section to the bottom
* fix: shouldn't refresh a token if access token expires is undefined or null (#3577)
* fix: ensure session is added to context when reading from cookie cache (#3578)
When session data is present in the cookie, `get-session` was
early-returning without adding the session to the context, causing hooks
to receive a null session.
This change ensures the session is consistently added to the context.
* chore: export siwe in better-auth/plugins (#3596)
The docs were using this import path, yet `siwe` wasn't exported there. This PR fixes this.
* chore: fix cookies test
* fix: client inference for organization additional fields
* improve additional fields
* fix build
* fix test
---------
Co-authored-by: Gagan G <80091397+gaganref@users.noreply.github.com>
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
* docs(api-key): move schema section to the bottom
* fix: shouldn't refresh a token if access token expires is undefined or null (#3577)
* fix: ensure session is added to context when reading from cookie cache (#3578)
When session data is present in the cookie, `get-session` was
early-returning without adding the session to the context, causing hooks
to receive a null session.
This change ensures the session is consistently added to the context.
* feat(organization): add membersLimit param to allow to fetch more or less members than the membership limit
* add test
* Update packages/better-auth/src/plugins/organization/adapter.ts
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
* feat(organization): add list members with pagination and filter
* chore: lint
* cleannup
---------
Co-authored-by: Gagan G <80091397+gaganref@users.noreply.github.com>
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
* docs(api-key): move schema section to the bottom
* fix: shouldn't refresh a token if access token expires is undefined or null (#3577)
* fix: ensure session is added to context when reading from cookie cache (#3578)
When session data is present in the cookie, `get-session` was
early-returning without adding the session to the context, causing hooks
to receive a null session.
This change ensures the session is consistently added to the context.
* feat(organization): add membersLimit param to allow to fetch more or less members than the membership limit
* add test
* Update packages/better-auth/src/plugins/organization/adapter.ts
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
---------
Co-authored-by: Gagan G <80091397+gaganref@users.noreply.github.com>
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
* fix: use same expires at date for cookie session data payload and signature
* chore: lint
---------
Co-authored-by: ping-maxwell <maxwell.multinite@gmail.com>
* chore: consistent package names
* chore: init changesets
* chore: update contribution doc to include generating a changeset
* chore: configure all better auth packages to always have the same version number
* chore: update nextjs demo package name
* chore(changesets): ignore all private packages
* chore(changesets): check for changesets in CI
* chore(changesets): install chagesets cli
* chore(changesets): use orgin as main
* chore(changesets): fix typo
* chore(changesets): check for changes since main in ci
* chore(changesets): check for changes since main in ci with the correct command
* chore(changesets): check against `origin/main`
* chore(changesets): checking for changesets should be the last action
* chore(changesets): run changelog check after stoping the docker containers
* chore(changesets): run changelog check after building
* chore(changesets): run changelog check after starting docker compose
* chore(changesets): run changelog check after linting
* chore(changesets): run changelog check after testing
* Revert "chore(changesets): run changelog check after testing"
This reverts commit 6dc000f78d.
* chore: export siwe in better-auth/plugins (#3596)
The docs were using this import path, yet `siwe` wasn't exported there. This PR fixes this.
* chore: fix cookies test
* docs: make client-side vs. server-side explicit (#3603)
* docs: fix broken link to ERC-4361 in siwe docs (#3604)
* fix(jwt): ensure alg is added to the jwks when generating via /token endpoint (#3601)
* fix: Ensure alg is added to the jwks when generating via /token endpoint
* chore: resolve linting issues
* chore(example): fix SvelteKit example (#1742)
* refactor: upgrade Svelte, Vite and related packages
* refactor: replace no longer supported `body.callbackURL` with `onSuccess`
* fix: add missing `svelte-kit sync` on `prepare`
* fix: add missing `import`s
* chore(svelte-kit-example): show message & redirect to index after sign up
* chore: add npm script to migrate database
* doc: add more commands to set up
* chore: explicitly disable verification email on sign up
The example does not work if you set `sendOnSignUp: true` without setting up the email server.
* refactor(svelte-kit-example): add type for hooks
* chore(svelte-kit-example): redirect to sign in page if users open dashboard without log in
* chore: diable some rules for svelte-kit-example due to Biome's limited Svelte support
* style: fix format
* chore: update pnpm-lock.yaml
* chore: fix lock file
---------
Co-authored-by: Bereket Engida <Bekacru@gmail.com>
* fix: make sveltekit plugin ALS-agnostic (#3533)
* svelte cookie
* udpate
* update
* update
* update
* chore(cli): update zod to v4 (#3618)
* fix: correct typo in freeTrial variable name in Stripe integration
* chore: fix lock file
* chore: add changeset for typo fix in freeTrial
---------
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
Co-authored-by: Bereket Engida <Bekacru@gmail.com>
Co-authored-by: Justin <127172022+jl33-ai@users.noreply.github.com>
Co-authored-by: Elliott Minns <elliott.minns@pm.me>
Co-authored-by: Jumpei Ogawa <git@phanective.org>
Co-authored-by: KinfeMichael Tariku <65047246+Kinfe123@users.noreply.github.com>
* refactor: upgrade Svelte, Vite and related packages
* refactor: replace no longer supported `body.callbackURL` with `onSuccess`
* fix: add missing `svelte-kit sync` on `prepare`
* fix: add missing `import`s
* chore(svelte-kit-example): show message & redirect to index after sign up
* chore: add npm script to migrate database
* doc: add more commands to set up
* chore: explicitly disable verification email on sign up
The example does not work if you set `sendOnSignUp: true` without setting up the email server.
* refactor(svelte-kit-example): add type for hooks
* chore(svelte-kit-example): redirect to sign in page if users open dashboard without log in
* chore: diable some rules for svelte-kit-example due to Biome's limited Svelte support
* style: fix format
* chore: update pnpm-lock.yaml
* chore: fix lock file
---------
Co-authored-by: Bereket Engida <Bekacru@gmail.com>
When session data is present in the cookie, `get-session` was
early-returning without adding the session to the context, causing hooks
to receive a null session.
This change ensures the session is consistently added to the context.
I was mistaken a [previous fix](452069aed9), it just moved the error.
This value should be the default model name to match [transformInput](76c90f2e59/packages/better-auth/src/adapters/create-adapter/index.ts (L324)) schema lookup.
The schema looks like this
```
{
...
rateLimit: {
modelName: 'rateLimits',
fields: {
key: [Object],
count: [Object],
lastRequest: [Object],
id: [Object]
}
}
}
```
Matching on the default name returns the correct schema.
This test is now passing locally a different rateLimiter model.
```
it ( "should hit rate limit on forth login attempt within 10s", async () => {
for ( let i = 0; i < 3; i++ ) {
const response = await request( testApp )
.post( usernameSignInPath )
.send( { username: testUsername, password: testPassword } );
expect( response.statusCode ).toEqual( 200 );
}
const res = await request( testApp )
.post( usernameSignInPath )
.send( { username: testUsername, password: testPassword } );
expect( res.statusCode ).toEqual( 429 );
expect( res.headers ).toHaveProperty( "x-retry-after" );
} );
```
