simstudioai · waleedlatif1 · Feb 19, 2026
diff --git a/apps/sim/app/api/auth/forget-password/route.test.ts b/apps/sim/app/api/auth/forget-password/route.test.ts
@@ -21,7 +21,7 @@ vi.mock('@/lib/core/utils/urls', () => ({
 function setupAuthApiMocks(
   options: {
     operations?: {
-      forgetPassword?: { success?: boolean; error?: string }
+      requestPasswordReset?: { success?: boolean; error?: string }
       resetPassword?: { success?: boolean; error?: string }
     }
   } = {}
@@ -34,7 +34,11 @@ function setupAuthApiMocks(
 
   const { operations = {} } = options
   const defaultOperations = {
-    forgetPassword: { success: true, error: 'Forget password error', ...operations.forgetPassword },
+    requestPasswordReset: {
+      success: true,
+      error: 'Forget password error',
+      ...operations.requestPasswordReset,
+    },
     resetPassword: { success: true, error: 'Reset password error', ...operations.resetPassword },
   }
 
@@ -50,7 +54,7 @@ function setupAuthApiMocks(
   vi.doMock('@/lib/auth', () => ({
     auth: {
       api: {
-        forgetPassword: createAuthMethod(defaultOperations.forgetPassword),
+        requestPasswordReset: createAuthMethod(defaultOperations.requestPasswordReset),
         resetPassword: createAuthMethod(defaultOperations.resetPassword),
       },
     },
@@ -69,7 +73,7 @@ describe('Forget Password API Route', () => {
   it('should send password reset email successfully with same-origin redirectTo', async () => {
     setupAuthApiMocks({
       operations: {
-        forgetPassword: { success: true },
+        requestPasswordReset: { success: true },
       },
     })
 
@@ -87,7 +91,7 @@ describe('Forget Password API Route', () => {
     expect(data.success).toBe(true)
 
     const auth = await import('@/lib/auth')
-    expect(auth.auth.api.forgetPassword).toHaveBeenCalledWith({
+    expect(auth.auth.api.requestPasswordReset).toHaveBeenCalledWith({
       body: {
         email: 'test@example.com',
         redirectTo: 'https://app.example.com/reset',
@@ -99,7 +103,7 @@ describe('Forget Password API Route', () => {
   it('should reject external redirectTo URL', async () => {
     setupAuthApiMocks({
       operations: {
-        forgetPassword: { success: true },
+        requestPasswordReset: { success: true },
       },
     })
 
@@ -117,13 +121,13 @@ describe('Forget Password API Route', () => {
     expect(data.message).toBe('Redirect URL must be a valid same-origin URL')
 
     const auth = await import('@/lib/auth')
-    expect(auth.auth.api.forgetPassword).not.toHaveBeenCalled()
+    expect(auth.auth.api.requestPasswordReset).not.toHaveBeenCalled()
   })
 
   it('should send password reset email without redirectTo', async () => {
     setupAuthApiMocks({
       operations: {
-        forgetPassword: { success: true },
+        requestPasswordReset: { success: true },
       },
     })
 
@@ -140,7 +144,7 @@ describe('Forget Password API Route', () => {
     expect(data.success).toBe(true)
 
     const auth = await import('@/lib/auth')
-    expect(auth.auth.api.forgetPassword).toHaveBeenCalledWith({
+    expect(auth.auth.api.requestPasswordReset).toHaveBeenCalledWith({
       body: {
         email: 'test@example.com',
         redirectTo: undefined,
@@ -163,7 +167,7 @@ describe('Forget Password API Route', () => {
     expect(data.message).toBe('Email is required')
 
     const auth = await import('@/lib/auth')
-    expect(auth.auth.api.forgetPassword).not.toHaveBeenCalled()
+    expect(auth.auth.api.requestPasswordReset).not.toHaveBeenCalled()
   })
 
   it('should handle empty email', async () => {
@@ -182,15 +186,15 @@ describe('Forget Password API Route', () => {
     expect(data.message).toBe('Please provide a valid email address')
 
     const auth = await import('@/lib/auth')
-    expect(auth.auth.api.forgetPassword).not.toHaveBeenCalled()
+    expect(auth.auth.api.requestPasswordReset).not.toHaveBeenCalled()
   })
 
   it('should handle auth service error with message', async () => {
     const errorMessage = 'User not found'
 
     setupAuthApiMocks({
       operations: {
-        forgetPassword: {
+        requestPasswordReset: {
           success: false,
           error: errorMessage,
         },
@@ -222,7 +226,7 @@ describe('Forget Password API Route', () => {
     vi.doMock('@/lib/auth', () => ({
       auth: {
         api: {
-          forgetPassword: vi.fn().mockRejectedValue('Unknown error'),
+          requestPasswordReset: vi.fn().mockRejectedValue('Unknown error'),
         },
       },
     }))

diff --git a/apps/sim/app/api/auth/forget-password/route.ts b/apps/sim/app/api/auth/forget-password/route.ts
@@ -43,7 +43,7 @@ export async function POST(request: NextRequest) {
 
     const { email, redirectTo } = validationResult.data
 
-    await auth.api.forgetPassword({
+    await auth.api.requestPasswordReset({
       body: {
         email,
         redirectTo,

diff --git a/apps/sim/app/api/auth/reset-password/route.test.ts b/apps/sim/app/api/auth/reset-password/route.test.ts
@@ -17,7 +17,7 @@ import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'
 function setupAuthApiMocks(
   options: {
     operations?: {
-      forgetPassword?: { success?: boolean; error?: string }
+      requestPasswordReset?: { success?: boolean; error?: string }
       resetPassword?: { success?: boolean; error?: string }
     }
   } = {}
@@ -30,7 +30,11 @@ function setupAuthApiMocks(
 
   const { operations = {} } = options
   const defaultOperations = {
-    forgetPassword: { success: true, error: 'Forget password error', ...operations.forgetPassword },
+    requestPasswordReset: {
+      success: true,
+      error: 'Forget password error',
+      ...operations.requestPasswordReset,
+    },
     resetPassword: { success: true, error: 'Reset password error', ...operations.resetPassword },
   }
 
@@ -46,7 +50,7 @@ function setupAuthApiMocks(
   vi.doMock('@/lib/auth', () => ({
     auth: {
       api: {
-        forgetPassword: createAuthMethod(defaultOperations.forgetPassword),
+        requestPasswordReset: createAuthMethod(defaultOperations.requestPasswordReset),
         resetPassword: createAuthMethod(defaultOperations.resetPassword),
       },
     },

diff --git a/apps/sim/lib/auth/auth.ts b/apps/sim/lib/auth/auth.ts
@@ -466,7 +466,7 @@ export const auth = betterAuth({
     sendVerificationOnSignUp: isEmailVerificationEnabled, // Auto-send verification OTP on signup when verification is required
     throwOnMissingCredentials: true,
     throwOnInvalidCredentials: true,
-    sendResetPassword: async ({ user, url, token }, request) => {
+    sendResetPassword: async ({ user, url, token }, ctx) => {
       const username = user.name || ''
 
       const html = await renderPasswordResetEmail(username, url)
@@ -542,7 +542,7 @@ export const auth = betterAuth({
   plugins: [
     nextCookies(),
     oneTimeToken({
-      expiresIn: 24 * 60 * 60, // 24 hours - Socket.IO handles connection persistence with heartbeats
+      expiresIn: 24 * 60, // 24 hours in minutes - Socket.IO handles connection persistence with heartbeats
     }),
     customSession(async ({ user, session }) => ({
       user,
@@ -2876,9 +2876,9 @@ export const auth = betterAuth({
 
               return hasTeamPlan
             },
-            organizationCreation: {
-              afterCreate: async ({ organization, user }) => {
-                logger.info('[organizationCreation.afterCreate] Organization created', {
+            organizationHooks: {
+              afterCreateOrganization: async ({ organization, member, user }) => {
+                logger.info('[organizationHooks.afterCreateOrganization] Organization created', {
                   organizationId: organization.id,
                   creatorId: user.id,
                 })

diff --git a/apps/sim/package.json b/apps/sim/package.json
@@ -35,8 +35,8 @@
     "@aws-sdk/s3-request-presigner": "^3.779.0",
     "@azure/communication-email": "1.0.0",
     "@azure/storage-blob": "12.27.0",
-    "@better-auth/sso": "1.3.12",
-    "@better-auth/stripe": "1.3.12",
+    "@better-auth/sso": "1.4.18",
+    "@better-auth/stripe": "1.4.18",
     "@browserbasehq/stagehand": "^3.0.5",
     "@cerebras/cerebras_cloud_sdk": "^1.23.0",
     "@e2b/code-interpreter": "^2.0.0",
@@ -82,7 +82,7 @@
     "@trigger.dev/sdk": "4.1.2",
     "@types/react-window": "2.0.0",
     "@types/three": "0.177.0",
-    "better-auth": "1.3.12",
+    "better-auth": "1.4.18",
     "binary-extensions": "^2.0.0",
     "browser-image-compression": "^2.0.2",
     "chalk": "5.6.2",