import { BackupCodeOptions, backupCode2fa, encodeBackupCodes, generateBackupCodes, getBackupCodes, verifyBackupCode } from "./backup-codes/index.mjs"; import { OTPOptions, otp2fa } from "./otp/index.mjs"; import { TOTPOptions, totp2fa } from "./totp/index.mjs"; import { TwoFactorOptions, TwoFactorProvider, TwoFactorTable, UserWithTwoFactor } from "./types.mjs"; import { TWO_FACTOR_ERROR_CODES } from "./error-code.mjs"; import { twoFactorClient } from "./client.mjs"; import * as _better_auth_core0 from "@better-auth/core"; import * as _better_auth_core_utils_error_codes0 from "@better-auth/core/utils/error-codes"; import * as better_call0 from "better-call"; import * as z from "zod"; //#region src/plugins/two-factor/index.d.ts declare module "@better-auth/core" { interface BetterAuthPluginRegistry { "two-factor": { creator: typeof twoFactor; }; } } declare const twoFactor: (options?: O) => { id: "two-factor"; version: string; endpoints: { /** * ### Endpoint * * POST `/two-factor/enable` * * ### API Methods * * **server:** * `auth.api.enableTwoFactor` * * **client:** * `authClient.twoFactor.enable` * * @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/2fa#api-method-two-factor-enable) */ enableTwoFactor: better_call0.StrictEndpoint<"/two-factor/enable", { method: "POST"; body: z.ZodObject<{ password: z.ZodOptional; issuer: z.ZodOptional; }, z.core.$strip> | z.ZodObject<{ password: z.ZodString; issuer: z.ZodOptional; }, z.core.$strip>; use: ((inputContext: better_call0.MiddlewareInputContext) => Promise<{ session: { session: Record & { id: string; createdAt: Date; updatedAt: Date; userId: string; expiresAt: Date; token: string; ipAddress?: string | null | undefined; userAgent?: string | null | undefined; }; user: Record & { id: string; createdAt: Date; updatedAt: Date; email: string; emailVerified: boolean; name: string; image?: string | null | undefined; }; }; }>)[]; metadata: { openapi: { summary: string; description: string; responses: { 200: { description: string; content: { "application/json": { schema: { type: "object"; properties: { totpURI: { type: string; description: string; }; backupCodes: { type: string; items: { type: string; }; description: string; }; }; }; }; }; }; }; }; }; }, { totpURI: string; backupCodes: string[]; }>; /** * ### Endpoint * * POST `/two-factor/disable` * * ### API Methods * * **server:** * `auth.api.disableTwoFactor` * * **client:** * `authClient.twoFactor.disable` * * @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/2fa#api-method-two-factor-disable) */ disableTwoFactor: better_call0.StrictEndpoint<"/two-factor/disable", { method: "POST"; body: z.ZodObject<{ password: z.ZodOptional; }, z.core.$strip> | z.ZodObject<{ password: z.ZodString; }, z.core.$strip>; use: ((inputContext: better_call0.MiddlewareInputContext) => Promise<{ session: { session: Record & { id: string; createdAt: Date; updatedAt: Date; userId: string; expiresAt: Date; token: string; ipAddress?: string | null | undefined; userAgent?: string | null | undefined; }; user: Record & { id: string; createdAt: Date; updatedAt: Date; email: string; emailVerified: boolean; name: string; image?: string | null | undefined; }; }; }>)[]; metadata: { openapi: { summary: string; description: string; responses: { 200: { description: string; content: { "application/json": { schema: { type: "object"; properties: { status: { type: string; }; }; }; }; }; }; }; }; }; }, { status: boolean; }>; verifyBackupCode: better_call0.StrictEndpoint<"/two-factor/verify-backup-code", { method: "POST"; body: z.ZodObject<{ code: z.ZodString; disableSession: z.ZodOptional; trustDevice: z.ZodOptional; }, z.core.$strip>; metadata: { openapi: { description: string; responses: { "200": { description: string; content: { "application/json": { schema: { type: "object"; properties: { user: { type: string; properties: { id: { type: string; description: string; }; email: { type: string; format: string; nullable: boolean; description: string; }; emailVerified: { type: string; nullable: boolean; description: string; }; name: { type: string; nullable: boolean; description: string; }; image: { type: string; format: string; nullable: boolean; description: string; }; twoFactorEnabled: { type: string; description: string; }; createdAt: { type: string; format: string; description: string; }; updatedAt: { type: string; format: string; description: string; }; }; required: string[]; description: string; }; session: { type: string; properties: { token: { type: string; description: string; }; userId: { type: string; description: string; }; createdAt: { type: string; format: string; description: string; }; expiresAt: { type: string; format: string; description: string; }; }; required: string[]; description: string; }; }; required: string[]; }; }; }; }; }; }; }; }, { token: string | undefined; user: (Record & { id: string; createdAt: Date; updatedAt: Date; email: string; emailVerified: boolean; name: string; image?: string | null | undefined; }) | UserWithTwoFactor; }>; generateBackupCodes: better_call0.StrictEndpoint<"/two-factor/generate-backup-codes", { method: "POST"; body: z.ZodObject<{ password: z.ZodOptional; }, z.core.$strip> | z.ZodObject<{ password: z.ZodString; }, z.core.$strip>; use: ((inputContext: better_call0.MiddlewareInputContext) => Promise<{ session: { session: Record & { id: string; createdAt: Date; updatedAt: Date; userId: string; expiresAt: Date; token: string; ipAddress?: string | null | undefined; userAgent?: string | null | undefined; }; user: Record & { id: string; createdAt: Date; updatedAt: Date; email: string; emailVerified: boolean; name: string; image?: string | null | undefined; }; }; }>)[]; metadata: { openapi: { description: string; responses: { "200": { description: string; content: { "application/json": { schema: { type: "object"; properties: { status: { type: string; description: string; enum: boolean[]; }; backupCodes: { type: string; items: { type: string; }; description: string; }; }; required: string[]; }; }; }; }; }; }; }; }, { status: boolean; backupCodes: string[]; }>; viewBackupCodes: better_call0.StrictEndpoint; }, z.core.$strip>; }, { status: boolean; backupCodes: string[]; }>; sendTwoFactorOTP: better_call0.StrictEndpoint<"/two-factor/send-otp", { method: "POST"; body: z.ZodOptional; }, z.core.$strip>>; metadata: { openapi: { summary: string; description: string; responses: { 200: { description: string; content: { "application/json": { schema: { type: "object"; properties: { status: { type: string; }; }; }; }; }; }; }; }; }; }, { status: boolean; }>; verifyTwoFactorOTP: better_call0.StrictEndpoint<"/two-factor/verify-otp", { method: "POST"; body: z.ZodObject<{ code: z.ZodString; trustDevice: z.ZodOptional; }, z.core.$strip>; metadata: { openapi: { summary: string; description: string; responses: { "200": { description: string; content: { "application/json": { schema: { type: "object"; properties: { token: { type: string; description: string; }; user: { type: string; properties: { id: { type: string; description: string; }; email: { type: string; format: string; nullable: boolean; description: string; }; emailVerified: { type: string; nullable: boolean; description: string; }; name: { type: string; nullable: boolean; description: string; }; image: { type: string; format: string; nullable: boolean; description: string; }; createdAt: { type: string; format: string; description: string; }; updatedAt: { type: string; format: string; description: string; }; }; required: string[]; description: string; }; }; required: string[]; }; }; }; }; }; }; }; }, { token: string; user: UserWithTwoFactor; } | { token: string; user: Record & { id: string; createdAt: Date; updatedAt: Date; email: string; emailVerified: boolean; name: string; image?: string | null | undefined; }; }>; generateTOTP: better_call0.StrictEndpoint; metadata: { openapi: { summary: string; description: string; responses: { 200: { description: string; content: { "application/json": { schema: { type: "object"; properties: { code: { type: string; }; }; }; }; }; }; }; }; }; }, { code: string; }>; getTOTPURI: better_call0.StrictEndpoint<"/two-factor/get-totp-uri", { method: "POST"; use: ((inputContext: better_call0.MiddlewareInputContext) => Promise<{ session: { session: Record & { id: string; createdAt: Date; updatedAt: Date; userId: string; expiresAt: Date; token: string; ipAddress?: string | null | undefined; userAgent?: string | null | undefined; }; user: Record & { id: string; createdAt: Date; updatedAt: Date; email: string; emailVerified: boolean; name: string; image?: string | null | undefined; }; }; }>)[]; body: z.ZodObject<{ password: z.ZodOptional; }, z.core.$strip> | z.ZodObject<{ password: z.ZodString; }, z.core.$strip>; metadata: { openapi: { summary: string; description: string; responses: { 200: { description: string; content: { "application/json": { schema: { type: "object"; properties: { totpURI: { type: string; }; }; }; }; }; }; }; }; }; }, { totpURI: string; }>; verifyTOTP: better_call0.StrictEndpoint<"/two-factor/verify-totp", { method: "POST"; body: z.ZodObject<{ code: z.ZodString; trustDevice: z.ZodOptional; }, z.core.$strip>; metadata: { openapi: { summary: string; description: string; responses: { 200: { description: string; content: { "application/json": { schema: { type: "object"; properties: { status: { type: string; }; }; }; }; }; }; }; }; }; }, { token: string; user: UserWithTwoFactor; } | { token: string; user: Record & { id: string; createdAt: Date; updatedAt: Date; email: string; emailVerified: boolean; name: string; image?: string | null | undefined; }; }>; }; options: NoInfer; hooks: { after: { matcher(context: _better_auth_core0.HookEndpointContext): boolean; handler: (inputContext: better_call0.MiddlewareInputContext) => Promise<{ twoFactorRedirect: boolean; twoFactorMethods: string[]; } | undefined>; }[]; }; schema: { user: { fields: { twoFactorEnabled: { type: "boolean"; required: false; defaultValue: false; input: false; }; }; }; twoFactor: { fields: { secret: { type: "string"; required: true; returned: false; index: true; }; backupCodes: { type: "string"; required: true; returned: false; }; userId: { type: "string"; required: true; returned: false; references: { model: string; field: string; }; index: true; }; verified: { type: "boolean"; required: false; defaultValue: true; input: false; }; failedVerificationCount: { type: "number"; required: false; defaultValue: number; input: false; returned: false; }; lockedUntil: { type: "date"; required: false; input: false; returned: false; }; }; }; }; rateLimit: { pathMatcher(path: string): boolean; window: number; max: number; }[]; $ERROR_CODES: { OTP_NOT_ENABLED: _better_auth_core_utils_error_codes0.RawError<"OTP_NOT_ENABLED">; OTP_HAS_EXPIRED: _better_auth_core_utils_error_codes0.RawError<"OTP_HAS_EXPIRED">; TOTP_NOT_ENABLED: _better_auth_core_utils_error_codes0.RawError<"TOTP_NOT_ENABLED">; TWO_FACTOR_NOT_ENABLED: _better_auth_core_utils_error_codes0.RawError<"TWO_FACTOR_NOT_ENABLED">; BACKUP_CODES_NOT_ENABLED: _better_auth_core_utils_error_codes0.RawError<"BACKUP_CODES_NOT_ENABLED">; INVALID_BACKUP_CODE: _better_auth_core_utils_error_codes0.RawError<"INVALID_BACKUP_CODE">; INVALID_CODE: _better_auth_core_utils_error_codes0.RawError<"INVALID_CODE">; TOO_MANY_ATTEMPTS_REQUEST_NEW_CODE: _better_auth_core_utils_error_codes0.RawError<"TOO_MANY_ATTEMPTS_REQUEST_NEW_CODE">; ACCOUNT_TEMPORARILY_LOCKED: _better_auth_core_utils_error_codes0.RawError<"ACCOUNT_TEMPORARILY_LOCKED">; INVALID_TWO_FACTOR_COOKIE: _better_auth_core_utils_error_codes0.RawError<"INVALID_TWO_FACTOR_COOKIE">; }; }; //#endregion export { BackupCodeOptions, OTPOptions, TOTPOptions, TWO_FACTOR_ERROR_CODES, TwoFactorOptions, TwoFactorProvider, TwoFactorTable, UserWithTwoFactor, backupCode2fa, encodeBackupCodes, generateBackupCodes, getBackupCodes, otp2fa, totp2fa, twoFactor, twoFactorClient, verifyBackupCode };