import { GenericEndpointContext } from "@better-auth/core"; //#region src/plugins/email-otp/types.d.ts interface EmailOTPOptions { /** * Function to send email verification. * * It is recommended to not await the email sending to avoid timing attacks. * On serverless platforms, use `waitUntil` or similar to ensure the email is sent. */ sendVerificationOTP: (data: { email: string; otp: string; type: "sign-in" | "email-verification" | "forget-password" | "change-email"; }, ctx?: GenericEndpointContext | undefined) => Promise; /** * Length of the OTP * * @default 6 */ otpLength?: number | undefined; /** * Expiry time of the OTP in seconds * * @default 300 (5 minutes) */ expiresIn?: number | undefined; /** * Custom function to generate otp */ generateOTP?: (data: { email: string; type: "sign-in" | "email-verification" | "forget-password" | "change-email"; }, ctx?: GenericEndpointContext) => string | undefined; /** * Send email verification on sign-up * * @Default false */ sendVerificationOnSignUp?: boolean | undefined; /** * A boolean value that determines whether to prevent * automatic sign-up when the user is not registered. * * @Default false */ disableSignUp?: boolean | undefined; /** * Allowed attempts for the OTP code * @default 3 */ allowedAttempts?: number | undefined; /** * Store the OTP in your database in a secure way * Note: This will not affect the OTP sent to the user, it will only affect the OTP stored in your database * * @default "plain" */ storeOTP?: ("hashed" | "plain" | "encrypted" | { hash: (otp: string) => Promise; } | { encrypt: (otp: string) => Promise; decrypt: (otp: string) => Promise; }) | undefined; /** * Strategy for handling OTP when the user requests a new OTP * while an existing one is still valid. * * - `"rotate"`: Always generates a new OTP (default behavior). * - `"reuse"`: Resends the same OTP and extends its expiry. * Only works when the OTP is recoverable (plain, encrypted, or custom encrypt/decrypt). * Falls back to `"rotate"` when OTP is hashed. * * @default "rotate" */ resendStrategy?: "rotate" | "reuse" | undefined; /** * Change email configuration for the change email with OTP flow * * @default { * enabled: false, * verifyCurrentEmail: false, * } */ changeEmail?: { enabled?: boolean; verifyCurrentEmail?: boolean; }; /** * Override the default email verification to use email otp instead * * @default false */ overrideDefaultEmailVerification?: boolean | undefined; /** * Rate limit configuration * * @default { * window: 60, * max: 3, * } */ rateLimit?: { window: number; max: number; }; } //#endregion export { EmailOTPOptions };