### Install Soft Deletion Plugin Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md Installs the soft deletion plugin for Better Auth using either npm or bun package managers. ```bash npm install @forgehustle/better-auth-soft-deletion # or bun add @forgehustle/better-auth-soft-deletion ``` -------------------------------- ### Client Plugin Setup Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Provides typed methods for interacting with soft deletion endpoints from React or other frontend frameworks. ```APIDOC ## Client Plugin Setup ### Description The client-side plugin that provides typed methods for interacting with soft deletion endpoints from React or other frontend frameworks. ### Method N/A (Configuration) ### Endpoint N/A (Configuration) ### Parameters N/A ### Request Example ```typescript import { createAuthClient } from "better-auth/react"; import { softDeletionClient } from "@forgehustle/better-auth-soft-deletion/client"; export const authClient = createAuthClient({ baseURL: "http://localhost:5000/api/auth", plugins: [softDeletionClient()], }); // The client now has access to: // - authClient.deleteUser({ password }) // - authClient.restoreAccount({ email, password }) ``` ### Response N/A (Configuration) ``` -------------------------------- ### Server Plugin Setup Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Integrates the soft deletion plugin with Better Auth. Configure retention days and re-registration blocking behavior. ```APIDOC ## Server Plugin Setup ### Description The main server-side plugin function that integrates with Better Auth. Configure retention days and re-registration blocking behavior. ### Method N/A (Configuration) ### Endpoint N/A (Configuration) ### Parameters #### Plugin Options - **retentionDays** (number) - Optional - The number of days before permanent deletion (default: 30). - **blockReRegistration** (boolean) - Optional - Prevent email reuse during the retention window (default: true). - **restoreRateLimit** (function) - Optional - A function to implement custom rate limiting for the restore endpoint. ### Request Example ```typescript import { betterAuth } from "better-auth"; import { softDeletion } from "@forgehustle/better-auth-soft-deletion"; export const auth = betterAuth({ database: drizzleAdapter(db), // your database adapter plugins: [ softDeletion({ retentionDays: 30, blockReRegistration: true, }), ], user: { deleteUser: { enabled: true }, // required for soft deletion to work }, }); // With custom rate limiting for restore endpoint export const authWithRateLimit = betterAuth({ database: drizzleAdapter(db), plugins: [ softDeletion({ retentionDays: 30, blockReRegistration: true, restoreRateLimit: async ({ email, context }) => { // Custom rate limiting logic return { allowed: true }; }, }), ], user: { deleteUser: { enabled: true } }, }); ``` ### Response N/A (Configuration) ``` -------------------------------- ### Client Plugin Setup for Soft Deletion Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Sets up the client-side plugin for interacting with soft deletion endpoints. It provides typed methods for frontend frameworks like React. Dependencies include 'better-auth/react' and '@forgehustle/better-auth-soft-deletion/client'. ```typescript import { createAuthClient } from "better-auth/react"; import { softDeletionClient } from "@forgehustle/better-auth-soft-deletion/client"; export const authClient = createAuthClient({ baseURL: "http://localhost:5000/api/auth", plugins: [softDeletionClient()], }); // The client now has access to: // - authClient.deleteUser({ password }) - soft delete account // - authClient.restoreAccount({ email, password }) - restore deleted account ``` -------------------------------- ### Database Schema Extensions - Drizzle Migration Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Provides a Drizzle ORM migration example to extend the user table with 'status' and 'deletedAt' fields and create a new 'blockedIdentifier' table. This is necessary for the soft deletion functionality. Requires Drizzle ORM setup. ```sql import { sql } from "drizzle-orm"; export const addSoftDeletionFields = sql` ALTER TABLE user ADD COLUMN status TEXT DEFAULT 'active'; ALTER TABLE user ADD COLUMN deletedAt DATETIME; CREATE TABLE IF NOT EXISTS blockedIdentifier ( id TEXT PRIMARY KEY, identifierHash TEXT NOT NULL, type TEXT NOT NULL, expiresAt DATETIME, createdAt DATETIME NOT NULL ); CREATE INDEX idx_blocked_identifier ON blockedIdentifier(identifierHash, type); `; ``` -------------------------------- ### User Deletion (Client-side) Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md Example of how to initiate user account deletion from the client using the `deleteUser` action provided by the Better Auth client, which is extended by this plugin. ```APIDOC ## Delete Account (Client-side) ### Description Initiates the soft deletion of the currently authenticated user's account. This action requires password confirmation. ### Method POST (via `authClient.deleteUser`) ### Endpoint (Internal Better Auth endpoint, typically `/auth/delete-user`) ### Parameters #### Request Body (for `authClient.deleteUser`) - **password** (string) - Required - The current password of the user for confirmation. ### Request Example ```ts await authClient.deleteUser({ password: "CurrentPassword123!", }); ``` ### Response (Success is typically indicated by the absence of an error. The server handles the soft deletion process.) ### Error Handling Better Auth will reject the request if the password is missing or has an invalid shape. Specific errors related to deletion (e.g., if `deleteUser` is not enabled) will be thrown by Better Auth. ``` -------------------------------- ### Server Plugin Setup for Soft Deletion Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Configures the main server-side plugin for soft deletion. It allows customization of retention days and re-registration blocking behavior. Dependencies include 'better-auth' and '@forgehustle/better-auth-soft-deletion'. ```typescript import { betterAuth } from "better-auth"; import { softDeletion } from "@forgehustle/better-auth-soft-deletion"; export const auth = betterAuth({ database: drizzleAdapter(db), // your database adapter plugins: [ softDeletion({ retentionDays: 30, // days before permanent deletion (default: 30) blockReRegistration: true, // prevent email reuse during retention (default: true) }), ], user: { deleteUser: { enabled: true, // required for soft deletion to work }, }, }); // With custom rate limiting for restore endpoint export const authWithRateLimit = betterAuth({ database: drizzleAdapter(db), plugins: [ softDeletion({ retentionDays: 30, blockReRegistration: true, restoreRateLimit: async ({ email, context }) => { const attempts = await getRestoreAttempts(email); if (attempts > 5) { return { allowed: false, code: "RESTORE_RATE_LIMITED", message: "Too many restore attempts. Try again in 15 minutes.", status: 429, }; } return { allowed: true }; }, }), ], user: { deleteUser: { enabled: true } }, }); ``` -------------------------------- ### Bump Package Version using npm Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md To prepare for a release, navigate to your project directory and use `npm version` to update the package version. This command also creates a commit and a Git tag. ```bash cd /home/murali/projects/SoftDeletion npm version patch ``` -------------------------------- ### Configure Client with Soft Deletion Plugin Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md Sets up the Better Auth client to include the soft deletion plugin, enabling client-side actions like account restoration. Ensure the `baseURL` is correctly configured for your application. ```typescript import { createAuthClient, } from "better-auth/react"; import { softDeletionClient, } from "@forgehustle/better-auth-soft-deletion/client"; export const authClient = createAuthClient({ baseURL: "http://localhost:5000/auth", // adjust for your app plugins: [softDeletionClient()], }); ``` -------------------------------- ### Provide Required Fields for Restore Request Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md The `RESTORE_INPUT_REQUIRED` error signifies that the restore request is missing either `email` or `password`. Ensure the request body is valid JSON and contains these exact keys. ```javascript // Example of a correct restore request body: { "email": "user@example.com", "password": "user_password" } ``` -------------------------------- ### Configure Server with Soft Deletion Plugin Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md Integrates the soft deletion plugin into the Better Auth server configuration. Requires enabling `deleteUser` and optionally configuring `retentionDays` and `blockReRegistration`. ```typescript import { betterAuth, } from "better-auth"; import { softDeletion, } from "@forgehustle/better-auth-soft-deletion"; export const auth = betterAuth({ // your adapter // database: drizzleAdapter(...) plugins: [ softDeletion({ retentionDays: 30, // default: 30 blockReRegistration: true, // default: true }), ], user: { deleteUser: { enabled: true, }, }, }); ``` -------------------------------- ### Push Changes and Tags to GitHub Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md After bumping the version, push the new commit and the associated Git tag to the remote repository to trigger the release process. ```bash git push origin main --follow-tags ``` -------------------------------- ### POST /soft-deletion/restore Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md Restores a soft-deleted user account. Requires the user's email and password for verification. ```APIDOC ## POST /soft-deletion/restore ### Description Restores a soft-deleted user account. This endpoint is used to bring back an account that was previously deleted using the soft deletion mechanism. ### Method POST ### Endpoint /soft-deletion/restore ### Parameters #### Request Body - **email** (string) - Required - The email address of the user to restore. - **password** (string) - Required - The current password of the user for verification. ### Request Example ```json { "email": "user@example.com", "password": "CurrentPassword123!" } ``` ### Response #### Success Response (200) - **message** (string) - A confirmation message indicating the account was restored successfully. #### Response Example ```json { "message": "Account restored successfully." } ``` #### Error Codes - `ACCOUNT_DELETED` (403): The user account is already deleted and cannot be restored again. - `RESTORE_INPUT_REQUIRED` (400): Email or password is missing in the request body. - `ACCOUNT_NOT_DELETED` (400): The account specified is not in a deleted state. - `NO_PASSWORD_CREDENTIAL` (400): The user account does not have a password credential (e.g., OAuth-only account). - `AUTH_INVALID_CREDENTIALS` (401): The provided email and password combination is invalid. ``` -------------------------------- ### Restore Deleted Account - Direct API Call Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Demonstrates how to directly call the API endpoint for restoring a soft-deleted account using a POST request. It sends email and password in the JSON body and processes the response. Requires a running API server. ```javascript const response = await fetch("/api/auth/soft-deletion/restore", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ email: "user@example.com", password: "CurrentPassword123!", }), }); const result = await response.json(); // Success: { message: "Account restored successfully." } // Error: { code: "AUTH_INVALID_CREDENTIALS", message: "Invalid email or password." } ``` -------------------------------- ### Execute Account Deletion with Password Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md To delete a user account, ensure the `deleteUser` function is called with the correct payload. The `password` parameter must be provided as a string. ```javascript deleteUser({ password: "..." }); ``` -------------------------------- ### Restore Deleted Account Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md Restores a deleted user account by providing the user's email and password. This action is recommended for restoring accounts via the client. Error handling should be implemented to manage potential issues like invalid credentials or active accounts. ```typescript const { data, error, } = await authClient.restoreAccount({ email: "user@example.com", password: "CurrentPassword123!", }); if (error) { // handle by error.code console.error(error.code, error.message); } else { console.log(data.message); // "Account restored successfully." } ``` -------------------------------- ### Re-Registration Blocking - TypeScript Client Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Manages client-side sign-up attempts. If an email is blocked due to previous deletion, it catches the 'EMAIL_BLOCKED' error, logs an error message, and suggests account restoration. Requires 'authClient' and 'showRestoreAccountDialog'. ```typescript const handleSignUp = async (email: string, password: string, name: string) => { try { const result = await authClient.signUp.email({ email, password, name, }); return result; } catch (error) { if (error.code === "EMAIL_BLOCKED") { // Email was previously used and account was deleted console.error("This email cannot be used for registration"); // Suggest account restoration instead showRestoreAccountDialog(email); } throw error; } }; // The blocked identifier is automatically removed when: // 1. Account is restored via /soft-deletion/restore // 2. Retention period expires (expiresAt < current date) ``` -------------------------------- ### Database Schema Extensions Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt The soft deletion plugin extends the existing user database schema and introduces a new `blockedIdentifier` model. These changes require database migrations to be run after enabling the plugin. ```APIDOC ## Database Schema Extensions ### Description Details the database schema modifications introduced by the soft deletion plugin. ### User Table Additions - **status** (string): Default is 'active'. Set to 'deleted' upon soft deletion. - **deletedAt** (date | null): Stores the timestamp when the account was soft-deleted. ### Blocked Identifier Table A new table named `blockedIdentifier` is created with the following fields: - **id** (string): Primary key. - **identifierHash** (string): SHA-256 hash of the identifier (e.g., email). - **type** (string): Type of identifier (e.g., 'email'). - **expiresAt** (date | null): Timestamp when the block expires. - **createdAt** (date): Timestamp when the record was created. ### Index - `idx_blocked_identifier` on `blockedIdentifier(identifierHash, type)`. ### Migration Example (Drizzle ORM) ```typescript import { sql } from "drizzle-orm"; export const addSoftDeletionFields = sql` ALTER TABLE user ADD COLUMN status TEXT DEFAULT 'active'; ALTER TABLE user ADD COLUMN deletedAt DATETIME; CREATE TABLE IF NOT EXISTS blockedIdentifier ( id TEXT PRIMARY KEY, identifierHash TEXT NOT NULL, type TEXT NOT NULL, expiresAt DATETIME, createdAt DATETIME NOT NULL ); CREATE INDEX idx_blocked_identifier ON blockedIdentifier(identifierHash, type); `; ``` ``` -------------------------------- ### Sign-In Blocking for Deleted Users - TypeScript Client Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Handles client-side sign-in attempts for users. If the account is deleted, it catches the 'ACCOUNT_DELETED' error, logs deletion details, and prompts the user to restore their account. Depends on 'authClient' and a 'showRestoreAccountDialog' function. ```typescript const handleSignIn = async (email: string, password: string) => { try { const result = await authClient.signIn.email({ email, password, }); return result; } catch (error) { if (error.code === "ACCOUNT_DELETED") { // Show restoration option to user const { deletedAt, scheduledDeletionDate } = error.details; console.log(`Account deleted on ${deletedAt}`); console.log(`Permanent deletion scheduled for ${scheduledDeletionDate}`); // Prompt user to restore account showRestoreAccountDialog(email); } throw error; } }; ``` -------------------------------- ### Restore Deleted Account - TypeScript Client Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Handles the client-side restoration of a soft-deleted account using the authClient. It validates credentials and logs success or error messages based on predefined error codes. Dependencies include the 'authClient' instance. ```typescript const handleRestoreAccount = async (email: string, password: string) => { const { data, error } = await authClient.restoreAccount({ email: email, password: password, }); if (error) { switch (error.code) { case "RESTORE_INPUT_REQUIRED": console.error("Email and password are required"); break; case "AUTH_INVALID_CREDENTIALS": console.error("Invalid email or password"); break; case "ACCOUNT_NOT_DELETED": console.error("Account is not deleted, no restoration needed"); break; case "NO_PASSWORD_CREDENTIAL": console.error("Account uses OAuth only, cannot restore with password"); break; case "RESTORE_RATE_LIMITED": console.error("Too many attempts, try again later"); break; default: console.error("Restoration failed:", error.message); } return; } console.log(data.message); // "Account restored successfully." // User can now sign in normally }; ``` -------------------------------- ### POST /api/auth/soft-deletion/restore Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Restores a soft-deleted account. This endpoint validates credentials, reactivates the account, clears the deletion timestamp, and removes any associated blocked identifier entries. It is crucial to ensure the account is within the defined retention window for successful restoration. ```APIDOC ## POST /api/auth/soft-deletion/restore ### Description Restores a soft-deleted account within the retention window. Validates credentials, sets status back to active, clears deletedAt, and removes blocked identifier entry. ### Method POST ### Endpoint /api/auth/soft-deletion/restore ### Parameters #### Request Body - **email** (string) - Required - The email address of the account to restore. - **password** (string) - Required - The current password for the account. ### Request Example ```json { "email": "user@example.com", "password": "CurrentPassword123!" } ``` ### Response #### Success Response (200) - **message** (string) - Indicates successful restoration. Example: "Account restored successfully." #### Error Responses - **RESTORE_INPUT_REQUIRED** (400) - Email and password are required. - **AUTH_INVALID_CREDENTIALS** (401) - Invalid email or password provided. - **ACCOUNT_NOT_DELETED** (404) - The specified account is not in a deleted state. - **NO_PASSWORD_CREDENTIAL** (400) - The account is configured for OAuth only and cannot be restored using a password. - **RESTORE_RATE_LIMITED** (429) - Too many restoration attempts have been made; please try again later. #### Response Example (Error) ```json { "code": "AUTH_INVALID_CREDENTIALS", "message": "Invalid email or password." } ``` ``` -------------------------------- ### Sign-In Blocking for Deleted Users Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt When a user attempts to sign in with an account that has been soft-deleted, the system automatically blocks the attempt. This results in an HTTP 403 Forbidden response containing specific deletion metadata, including the deletion timestamp and the scheduled permanent deletion date. ```APIDOC ## Sign-In Blocking for Deleted Users ### Description Blocks sign-in attempts for soft-deleted users. Returns an HTTP 403 Forbidden error with deletion metadata. ### Method POST (typically part of a sign-in flow) ### Endpoint (Not a direct endpoint, but a behavior triggered by sign-in attempts) ### Response #### Error Response (403 Forbidden) - **code** (string) - "ACCOUNT_DELETED" - **message** (string) - "Your account has been deleted." - **details** (object) - **deletedAt** (string) - ISO 8601 timestamp of when the account was deleted. - **scheduledDeletionDate** (string) - ISO 8601 timestamp for permanent deletion. ### Response Example ```json { "code": "ACCOUNT_DELETED", "message": "Your account has been deleted.", "details": { "deletedAt": "2024-01-15T10:30:00.000Z", "scheduledDeletionDate": "2024-02-14T10:30:00.000Z" } } ``` ``` -------------------------------- ### Handle Password Validation Error Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md A `VALIDATION_ERROR` with `[body.password] expected string, received object` indicates an incorrect payload format. The `password` should be a plain string, not an object. ```javascript // Incorrect payload example: // deleteUser({ password: { value: "..." } }); // Correct payload example: deleteUser({ password: "your_password_here" }); ``` -------------------------------- ### Re-Registration Blocking Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt If enabled, this feature prevents users from re-registering with an email address that belongs to a soft-deleted account during the retention period. Attempts to do so will result in an HTTP 403 Forbidden response with an 'EMAIL_BLOCKED' code. ```APIDOC ## Re-Registration Blocking ### Description Prevents re-registration using email addresses of soft-deleted accounts during the retention period. ### Method POST (typically part of a sign-up flow) ### Endpoint (Not a direct endpoint, but a behavior triggered during sign-up) ### Response #### Error Response (403 Forbidden) - **code** (string) - "EMAIL_BLOCKED" - **message** (string) - "This email is not allowed to register." ### Response Example ```json { "code": "EMAIL_BLOCKED", "message": "This email is not allowed to register." } ``` ### Notes The blocked identifier is automatically removed upon account restoration or when the retention period expires. ``` -------------------------------- ### Delete User Account Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md Deletes the current user's account by sending a request to the `deleteUser` action. This requires the user's current password for confirmation. The `deleteUser` option must be enabled in the server configuration. ```typescript await authClient.deleteUser({ password: "CurrentPassword123!", }); ``` -------------------------------- ### Delete User Account with Password Confirmation Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Handles soft deletion of a user account by requiring password confirmation. It sets the user status to 'deleted', records the deletion timestamp, revokes sessions, and optionally blocks re-registration. This can be done via the client plugin or direct API calls. ```typescript // Client-side deletion with password confirmation const handleDeleteAccount = async (password: string) => { try { await authClient.deleteUser({ password: password, // required for confirmation }); // User is now soft-deleted: // - status = "deleted" // - deletedAt = current timestamp // - all sessions revoked // - email blocked from re-registration (if enabled) console.log("Account deleted successfully"); } catch (error) { if (error.code === "INVALID_PASSWORD") { console.error("Password confirmation failed"); } // Handle other errors } }; // Direct API call (if not using client plugin) const response = await fetch("/api/auth/delete-user", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ password: "CurrentPassword123!" }), credentials: "include", }); if (!response.ok) { const error = await response.json(); // error.code might be "VALIDATION_ERROR" if password missing } ``` -------------------------------- ### POST /api/auth/delete-user Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Soft delete a user account with password confirmation. Sets status to "deleted", records deletion timestamp, revokes all sessions, and optionally blocks re-registration. ```APIDOC ## POST /api/auth/delete-user ### Description Soft delete a user account with password confirmation. Sets status to "deleted", records deletion timestamp, revokes all sessions, and optionally blocks re-registration. ### Method POST ### Endpoint /api/auth/delete-user ### Parameters #### Request Body - **password** (string) - Required - The user's current password for confirmation. ### Request Example ```json { "password": "CurrentPassword123!" } ``` ### Response #### Success Response (200) - **message** (string) - Indicates successful deletion. #### Error Response - **code** (string) - Error code (e.g., "INVALID_PASSWORD", "VALIDATION_ERROR"). - **message** (string) - Description of the error. #### Response Example (Success) ```json { "message": "Account deleted successfully" } ``` #### Response Example (Error) ```json { "code": "INVALID_PASSWORD", "message": "Password confirmation failed" } ``` ``` -------------------------------- ### Soft Deletion Options Type Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md Defines the TypeScript type for configuring the soft deletion plugin. Options include `retentionDays`, `blockReRegistration`, and a custom `restoreRateLimit` function. ```typescript type SoftDeletionOptions = { retentionDays?: number; blockReRegistration?: boolean; restoreRateLimit?: ( params: { email: string; context: unknown } ) => boolean | { allowed: boolean; code?: string; message?: string; status?: number }; }; ``` -------------------------------- ### TypeScript Error Codes for Soft Deletion Plugin Source: https://context7.com/forgehustle/better-auth-soft-deletion/llms.txt Defines a constant object containing error codes, their corresponding HTTP status codes, user-facing messages, and suggested client-side actions for the soft deletion plugin. This is used for handling various scenarios like account deletion, email blocking, and invalid credentials. ```typescript const ERROR_CODES = { ACCOUNT_DELETED: { status: 403, message: "Your account has been deleted.", action: "Show restore account option", }, EMAIL_BLOCKED: { status: 403, message: "This email is not allowed to register.", action: "Suggest account restoration", }, RESTORE_INPUT_REQUIRED: { status: 400, message: "Email and password are required to restore account.", action: "Prompt user for credentials", }, ACCOUNT_NOT_DELETED: { status: 400, message: "Account is not deleted.", action: "Redirect to normal sign-in", }, NO_PASSWORD_CREDENTIAL: { status: 400, message: "Password confirmation is not available for this account.", action: "Contact support for OAuth account restoration", }, AUTH_INVALID_CREDENTIALS: { status: 401, message: "Invalid email or password.", action: "Prompt user to retry", }, RESTORE_RATE_LIMITED: { status: 429, message: "Too many restore attempts. Please try again later.", action: "Show retry timer", }, }; ``` -------------------------------- ### Manage Session Cookie Cache for Immediate Invalidation Source: https://github.com/forgehustle/better-auth-soft-deletion/blob/main/README.md If a deleted user can still access protected routes in another browser, it's likely due to session cookie caching. Disable Better Auth's session cookie cache for strict, immediate invalidation. ```javascript // Example configuration to disable session cookie cache: // betterAuth.configure({ // sessionCookieCache: false // }); ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.