All of the changes made will be available here.

Better Auth is comprehensive authentication library for TypeScript that provides a wide range of features to make authentication easier and more secure.


BETTER-AUTH.

v1.2.4

🚀 Features

  • Support promise return trusted origins – @Bekacru
  • Support reverse proxied base URLs – @Bekacru
  • Add Kick social provider – @deestt
  • account: Multiple account with the same provider – @Kinfe123
  • admin: Custom banned user error message – @Bekacru
  • generic-oauth: Allow basic auth – @beermonsterdota
  • oidc-provider: Implement OIDC rfc7591 compliant /register endpoint – @remorses
  • organization: Allow passing teamId in addMember – @Netrifier

🐞 Bug Fixes

  • Update session cookie after in place email change – @Bekacru
  • Lowercase email in change email process, find as it is – @hyoban
  • Should consitently use defaultErrorURL for fallback error redirections – @Bekacru
  • Use account ID instead of compound key for account unlinking – @Bekacru
  • Accept secure cookie flag on getSessionCookie helper – @ahmed-m-abbass
  • Remove otp code from the response of send phone number otp – @Bekacru
  • Use subscription Id to fetch the current active subscription from stripe – @x751685875
  • On change email request for unverified emails should use the newEmail on verification token payload – @Bekacru
  • admin:
  • api-key:
    • Creating API keys metadata always returns null  -  by @ping-maxwell in https://github.com/better-auth/better-auth/issues/1698 <samp>(0ffbb)</samp>
    • Results of verify endpoint's metadata isn't parsed  -  by @ping-maxwell in https://github.com/better-auth/better-auth/issues/1719 <samp>(e4aa6)</samp>
  • drizzle-adapter:
  • jwt:
    • Use context.secret instead of relying on user passed secret to not fail on build  -  by @Bekacru <samp>(ea81d)</samp>
    • Improve private key decryption error handling  -  by @Bekacru <samp>(4d5bc)</samp>
  • multi-session:
    • Return only unique user sessions  -  by @Bekacru <samp>(97a4c)</samp>
    • Use small cased cookie name inside revoke endpoint  -  by @ahmed-m-abbass in https://github.com/better-auth/better-auth/issues/1783 <samp>(284d4)</samp>
  • oauth:
  • organization:
    • Remove unused schema type and make team creator optional  -  by @Bekacru <samp>(c5c5b)</samp>
    • Custom permissions access control type inference breaking on the client  -  by @Bekacru <samp>(c051c)</samp>
    • Use membership limit to fetch members user data  -  by @Bekacru <samp>(535c9)</samp>
    • Properly throw error on update organization  -  by @Bekacru <samp>(e9993)</samp>
    • Check permission types and support multiple permission on hasPermissions checks  -  by @Bekacru <samp>(59765)</samp>
    • Multiple role array not referenced properly  -  by @Netrifier in https://github.com/better-auth/better-auth/issues/1792 <samp>(3af31)</samp>
  • phone-number:
  • rate-limiter:
  • roblox:
    • MapProfileToUser should run before returning user info  -  by @ping-maxwell in https://github.com/better-auth/better-auth/issues/1706 <samp>(5c94c)</samp>
  • stripe:
    • Convert subscription period timestamps to Date objects  -  by @Bekacru <samp>(0d6b4)</samp>
    • Webhook constructor should use async version  -  by @BlueLightStudio in https://github.com/better-auth/better-auth/issues/1664 <samp>(46dcd)</samp>
    • Add origin check on success callback  -  by @Bekacru <samp>(d3d10)</samp>
    • Inconsistent referenceId usage  -  by @Bekacru in https://github.com/better-auth/better-auth/issues/1736 <samp>(0ce3f)</samp>
    • Call onCustomerCreate callback handle error logging  -  by @Bekacru <samp>(21fea)</samp>
    • Rely on subscription Id instead of reference ID for subscriptions  -  by @Bekacru in https://github.com/better-auth/better-auth/issues/1789 <samp>(35fe9)</samp>
  • two-factor:
    • Custom user options should be passed to backup code generator  -  by @Wundero in https://github.com/better-auth/better-auth/issues/1688 <samp>(88bab)</samp>
  • types:
    View changes on GitHub

v1.2.3

🐞 Bug Fixes

  • admin:
    • Missing options parameter on hasPermission checks  -  by @jslno in https://github.com/better-auth/better-auth/issues/1666 <samp>(50637)</samp>
    • Require adminRoles option for a role to be considered an admin role  -  by @Bekacru <samp>(31c97)</samp>
  • jwt:
  • multi-session:
    • Use small cased token name for multi-session cookie management  -  by @Bekacru <samp>(650d5)</samp>
  • stripe:
    View changes on GitHub

v1.2.2

🐞 Bug Fixes

  • Update user type inference should be fully partial – @Bekacru
  • admin:
  • api-key:
    • Use date object for cleanup  -  by @Bekacru in https://github.com/better-auth/better-auth/issues/1632 <samp>(ff34f)</samp>
    • Simplify API key deletion auth check  -  by @Bekacru <samp>(2231d)</samp>
  • discord:
    • Use global name for discord  -  by @juliesaia in https://github.com/better-auth/better-auth/issues/1656 <samp>(122cb)</samp>
  • expo:
  • organization:
    • Two members being created when team is enabled  -  by @Bekacru in https://github.com/better-auth/better-auth/issues/1644 <samp>(32677)</samp>
  • stripe:
  • two-factor:
    View changes on GitHub