feat: add expo plugin and trusted origins

.env.example

@@ -23,6 +23,7 @@ DATABASE_URL="postgres://${DOCKER_DATABASE_USERNAME}:${DOCKER_DATABASE_PASSWORD}
 BETTER_AUTH_SECRET="REPLACE ME" # You can use `npx @better-auth/cli@latest secret` to a generated secret
 SESSION_EXPIRATION_IN_SECONDS=2592000 # 30 days
 SESSION_UPDATE_AGE_IN_SECONDS=86400 # 1 day (every 1 day the session expiration is updated)
+AUTH_TRUSTED_ORIGIN="start-ui-native://,start-ui-native://*" # Mobile app scheme for trustedOrigins config
 
 # GITHUB
 GITHUB_CLIENT_ID="REPLACE ME"

app/env/server.ts

@@ -12,6 +12,7 @@ export const envServer = createEnv({
     BETTER_AUTH_SECRET: z.string(),
     SESSION_EXPIRATION_IN_SECONDS: z.coerce.number().int().default(2592000), // 30 days by default
     SESSION_UPDATE_AGE_IN_SECONDS: z.coerce.number().int().default(86400), // 1 day by default
+    AUTH_TRUSTED_ORIGIN: z.string().optional(),
 
     GITHUB_CLIENT_ID: zOptionalWithReplaceMe(),
     GITHUB_CLIENT_SECRET: zOptionalWithReplaceMe(),

app/locales/ar/auth.json

@@ -50,6 +50,7 @@
     "PASSWORD_TOO_SHORT": "كلمة المرور قصيرة جدًا",
     "PASSWORD_TOO_LONG": "كلمة المرور طويلة جدًا",
     "USER_ALREADY_EXISTS": "المستخدم موجود بالفعل",
+    "USER_ALREADY_HAS_PASSWORD": "المستخدم لديه كلمة مرور بالفعل",
     "EMAIL_CAN_NOT_BE_UPDATED": "لا يمكن تحديث البريد الإلكتروني",
     "CREDENTIAL_ACCOUNT_NOT_FOUND": "حساب بيانات الاعتماد غير موجود",
     "SESSION_EXPIRED": "انتهت صلاحية الجلسة. أعد المصادقة لتنفيذ هذا الإجراء.",

app/locales/en/auth.json

@@ -93,6 +93,7 @@
     "PASSWORD_TOO_SHORT": "Password too short",
     "PASSWORD_TOO_LONG": "Password too long",
     "USER_ALREADY_EXISTS": "User already exists",
+    "USER_ALREADY_HAS_PASSWORD": "User already has password",
     "EMAIL_CAN_NOT_BE_UPDATED": "Email can not be updated",
     "CREDENTIAL_ACCOUNT_NOT_FOUND": "Credential account not found",
     "SESSION_EXPIRED": "Session expired. Re-authenticate to perform this action.",

app/locales/fr/auth.json

@@ -63,6 +63,7 @@
     "PASSWORD_TOO_SHORT": "Mot de passe trop court",
     "PASSWORD_TOO_LONG": "Mot de passe trop long",
     "USER_ALREADY_EXISTS": "L'utilisateur existe déjà",
+    "USER_ALREADY_HAS_PASSWORD": "L'utilisateur a déjà un mot de passe",
     "EMAIL_CAN_NOT_BE_UPDATED": "L'email ne peut pas être mis à jour",
     "CREDENTIAL_ACCOUNT_NOT_FOUND": "Compte d'identification non trouvé",
     "SESSION_EXPIRED": "Session expirée. Authentifiez-vous à nouveau pour effectuer cette action.",

app/locales/sw/auth.json

@@ -50,6 +50,7 @@
     "PASSWORD_TOO_SHORT": "Nenosiri fupi sana",
     "PASSWORD_TOO_LONG": "Nenosiri refu sana",
     "USER_ALREADY_EXISTS": "Mtumiaji tayari yupo",
+    "USER_ALREADY_HAS_PASSWORD": "Mtumiaji tayari ana nenosiri",
     "EMAIL_CAN_NOT_BE_UPDATED": "Barua pepe haiwezi kusasishwa",
     "CREDENTIAL_ACCOUNT_NOT_FOUND": "Akaunti ya kitambulisho haijapatikana",
     "SESSION_EXPIRED": "Kipindi kimeisha. Thibitisha tena ili kufanya kitendo hiki.",

app/server/auth.tsx

@@ -1,3 +1,4 @@
+import { expo } from '@better-auth/expo';
 import { betterAuth } from 'better-auth';
 import { prismaAdapter } from 'better-auth/adapters/prisma';
 import { admin, emailOTP, openAPI } from 'better-auth/plugins';
@@ -24,6 +25,10 @@ export const auth = betterAuth({
     expiresIn: envServer.SESSION_EXPIRATION_IN_SECONDS,
     updateAge: envServer.SESSION_UPDATE_AGE_IN_SECONDS,
   },
+  // Allows an Expo native app to use social auth, can be delete if no needed
+  trustedOrigins: envServer.AUTH_TRUSTED_ORIGIN
+    ? envServer.AUTH_TRUSTED_ORIGIN.split(',')
+    : undefined,
   database: prismaAdapter(db, {
     provider: 'postgresql',
   }),
@@ -46,7 +51,9 @@ export const auth = betterAuth({
       disableImplicitSignUp: !AUTH_SIGNUP_ENABLED,
     },
   },
+
   plugins: [
+    expo(), // Allows an Expo native app to use auth, can be delete if no needed
     openAPI({
       disableDefaultReference: true, // Use custom exposition in /routes/api/openapi folder
     }),

package.json

@@ -44,6 +44,7 @@
     "@base-ui-components/react": "1.0.0-beta.1",
     "@bearstudio/ui-state": "1.0.2",
     "@fontsource-variable/inter": "5.2.6",
+    "@better-auth/expo": "1.2.10",
     "@headlessui/react": "2.2.2",
     "@hookform/resolvers": "5.0.1",
     "@orpc/client": "1.5.2",
@@ -64,7 +65,7 @@
     "@tanstack/react-start": "1.131.50",
     "@tanstack/zod-adapter": "1.131.50",
     "@uidotdev/usehooks": "2.4.1",
-    "better-auth": "1.2.7",
+    "better-auth": "1.2.10",
     "boring-avatars": "1.11.2",
     "class-variance-authority": "0.7.1",
     "clsx": "2.1.1",