Maintenance update: We fixed lots of issues from the community. Thanks to everyone for contributing to better-auth.
🚀 Features
- Add getActiveRoleMember - by @fathisiddiqi, @Kinfe123 and @himself65 in #4484 (f6f19)
- Database transaction support - by @himself65 and Joel Solano in #4414 (22c39)
- logger: Option to disable colors - by @martiinii and @himself65 in #4402 (53076)
- passkey: Error codes in passkey client - by @frectonz, @Kinfe123 and @Bekacru in #3966 (4b2f5)
- sqlite: Remove autoincrement for SQLite - by @pspeter3 in #4466 (f2c9d)
🐞 Bug Fixes
- Ignore cookiecache on auth sensitive functions - by @Kinfe123 in #4530 (e2a95)
- Custom field for
refreshTokenExpiresAt- by @himself65 in #4569 (cc007) - Return local IP in development mode - by @DiiiaZoTe and @himself65 in #2511 (b4ad6)
- Make cookie cache respect
dontRememberMemode - by @frectonz in #4558 (acb28) - Normalize zod imports - by @gabrielmar in #4593 (adbfc)
- Check endpoint conflicts respect
method- by @himself65 in #4595 (60930) - Respect username validator - by @azaek and @himself65 in #3669 (b8bed)
- Set clientId in ProviderOptions to
unknownby default - by @himself65 in #4596 (78250) - Pick the first clientId for oauth provider - by @himself65 in #4598 (8df46)
- Remove use of
global.crypto- by @himself65 in #4606 (ef450) - Should infer types correctly when empty list of plugins is provided - by @frectonz in #4612 (08fa1)
- Correct MongoDB adapter import path in CLI - by @aajeeth-m in #4602 (58963)
- Make sure fetch function doesn't get called repeatedly on
onMount- by @frectonz in #4669 (9d6e4) - Prevent lastLoginMethod plugin from setting cookie on failed auth - by @Kinfe123 in #4673 (e297c)
- admin:
- anonymous:
- Prevent false positive error on first anonymous sign-in - by @ajanraj and @himself65 in #3662 (96804)
- cli:
infoshows the correct version - by @himself65 in #4547 (7faae)- Add missing JSON type to schema generation - by @TheGB0077 and @Kinfe123 in #4494 (20e87)
- demo:
- docs:
- Remove duplicated RFC compliance mention - by @TheUntraceable in #4581 (5f80c)
- expo:
window.cryptois undefined - by @himself65 in #4620 (7dbc5)- Missing peer deps - by @himself65 in #4617 (16160)
- lastLoginMethod:
- memory-adapter:
- multi-session:
- Multi-session cookie name preface preventing multiple accounts signed in - by @PacifismPostMortem in #4505 (8eb64)
- one-time-token:
- Typo and clean - by @gabrielmar in #4579 (01365)
- organization:
checkRolePermissionshouldn't be a promise - by @ping-maxwell in #4533 (abfc4)- Member and team hooks should apply on create organization - by @Bekacru in #4600 (7fc23)
- Before org create hooks not applying customized data - by @Bekacru in #4623 (da9b8)
- [security] updateOrgRole should check for userId properly - by @Bekacru (12a9d)
- Restrict role check by user id - by @himself65 in #4641 (f5fd8)
- prisma:
- Handle optional field relation types correctly - by @LiYulin-s in #4630 (80b73)
- stripe:
- Properly resolve plans by lookup keys - by @AlexProgrammerDE in #4499 (b531d)
- Subscription is created without completing payment - by @himself65 in #4548 (e663f)
- Prevent multiple free trials for same user - by @RikhiSingh in #4562 (1bb12)
- Use correct request method for billing-portal - by @danielepintore in #4613 (9f23e)
- tiktok:
- Remove
client_secrectfrom authorizationUrl - by @arslan2012 in #4511 (71aeb)
- Remove
- username:
- Add missing normalization - by @bortoz and @himself65 in #3636 (9d316)
- Sign in should work with post normalization - by @Bekacru and @himself65 in #4599 (b2dfb)
- vue:
- Correct baseURL - by @himself65 in #4578 (90ea9)