v1.4 + Postgres: id: "user_id" mapping ignored in Email OTP
1. What's the issue:
The
emailOTP plugin ignores the global user.fields.id mapping (e.g., id: "user_id") when using the Postgres adapter in v1.4.1 (and 1.4.0-beta.20). It attempts to query the id column directly, causing a crash if the database uses a custom primary key name.
Unlike other plugins (e.g., twoFactor), the emailOTP plugin does not expose a schema configuration option, so it is impossible to manually correct the mapping as a workaround (as suggested in issue 4066 ).
1.1 What I've Tried:...[1.4.1] ctx.internalAdapter.updatePassword doesn't work since i upgrade to last version
I don't undestand why ctx.internalAdapter.updatePassword doesn't work now.
Here is my code:
```ts
"use server";
...
[1.4.1] Uppercase letter in email address causes 400 on email OTP login
If I register with an email address that has uppercase letters in it, logging in with email OTP fails with status 400
{"code":"INVALID_OTP","message":"Invalid OTP"}. This worked before version 1.4.[1.4.0] Wrong default value for additional fields
Just updated to 1.4.0 and changed the default flow of the additional field.
defaultValue: () => nanoid()
But in the DB I see just a body of the function instead of a value: () => nanoid()...
[1.4.0] New jwks private key generated on each request?
I'm not exactly sure if that's a but or a feature, but after upgrading to 1.4.0 my JWT-based service is not able to verify tokens sent by client. After digging deeper I see the table
jwks on local env has already >400 rows, each with different private key and 100 of them is returned on /api/auth/jwks which I guess is default list limit. Feels like each request create a new priv key entry (not sure which request)
```
select count(*) from jwks;
...[1.4.0] MagicLink not working after upgrade
After upgrading to version 1.4, we I request a magic link I receive this error
ERROR [Better Auth]: null value in column "id" of relation "verification" violates not-null constraint
# SERVER_ERROR: error: null value in column "id" of relation "verification" violates not-null constraint
This is my config:...[OneTap] Cannot show the OneTap UI
Your client application uses one of the Google One Tap prompt UI status methods that may stop functioning when FedCM becomes mandatory. Refer to the migration guide to update your code accordingly and opt-in to FedCM to test your changes.
[1.4.0-beta.21] importing `better-auth/react-start` crashes `vite dev` on a cold build
hi! first of all, thanks for all the amazing work on this library :)
i was having issues doing a fresh build of my barebones tanstack start app. commenting out the
reactStartCookies plugin seemed to fix it.
interestingly, the issue seems to be in the actual better-auth/react-start module and not the plugin. any import of the module (that doesn't get removed by vite) causes a bunch of the following errors in the console:...You can't put an empty array as a defaultValue for an additionalField in the user schema
My observation is simple, I can create an additional field of type
string[], I can use the property defaultValue to [], and it will generate a .default() in my drizzle schema once generated by the Better-Auth CLI.
But better-auth forgets to add the [] as a parameter of the .default() so I get a drizzle schema that says "this field should have a default value !" but doesn't provide that value.
Also, according to Drizzle's documentation (https://orm.drizzle.team/docs/guides/empty-array-default-value#postgresql) the correct way to put an empty array as a default value of an array field is to use sql templates....Bug Report / Security Concern — auth.api.changeEmail applies the change before confirming the link
Problem Description: When updating the email address and the email is sent, it updates correctly. However, upon clicking the new link, the email address can be updated again without double confirmation. This is because the implementation itself updates the database values before sending and confirming the new email. Consequently, if someone gains access to the link (or if the email address is incorrect), they can reuse it and continue modifying the email address without a second, valid verification. This compromises the integrity of the email change flow, especially in applications where the email address is a critical identifier.
Expected Behavior: The email address should not be changed until the user:
1. Clicks the link sent to the new email address, and
2. The token is successfully validated and is not expired or revoked....
OICD Provider - Client type is always hardcoded to "web"
cThe client registration method hard codes the client type as "web" always:
https://github.com/better-auth/better-auth/blob/canary/packages/better-auth/src/plugins/oidc-provider/index.ts#L1387-L1403...
activeOrganizationId isn’t inferred in session
Hey team,
Does anyone know why this happens ?
https://github.com/better-auth/better-auth/issues/5909...
OAuth Proxy plugin incompatible with stateless sessions
The OAuth Proxy plugin seems to require that a database adapter exists: https://github.com/better-auth/better-auth/blob/eb45cfd7f6179be48f1d7198dcaf9db9ea823fae/packages/better-auth/src/plugins/oauth-proxy/index.ts#L271-L275
This means that when using stateless sessions in 1.4 beta, the plugin doesn't do anything. Is this expected?...
SERVER_ONLY_PROPERTY on apiKey plugin even though the call is using the server instance
This is my code
```tsx
const createApiKey = createServerFnAuthed({ method: "POST" })
.inputValidator((props: CreateApiKeyValues) => props)
.handler(async ({ data }) => {...
Local Install version of Stripe BetterAuth + Convex issues.
Hello,
For some reason stripe has been giving me some issues when trying to use it on Local Instal Better Auth + Convex on NextJS.
When having a user create an account w/ github oauth for the first time, I get this
...
There is a new version of the pre-bundle node_modules/.vite/deps_ssr/better-auth_adapters_drizzle.js
https://github.com/TanStack/router/issues/5795
There appears to be bundling issues from better auth using tanstack start
On beta 1.4 v18...
Race Condition with Email OTP
I've been stuck on this issue for a few weeks and I'm really not sure how to proceed, so I thought I'd reach out.
Some users on my platform are commenting that they get
invalid otp when attempting to sign up for the first time. For most users the OTP works successfully, but for a subset of users it doesn't work.
At first I thought maybe the user was just inputting the wrong password, but as this issue keeps coming up, I'm realizing there must be some race condition.Here's some context on my tech stack. I have a Next.js frontend, NestJS backend, and TypeORM....Auth client is not updating the Prisma user model.
my prisma user model
model User {
id String @id
name String?
surname String?...
Prisma 6.18.0: couldn't read your auth config
Hello! I've been trying to set up a new project with Better Auth 1.3.34 and Prisma 6.18.0 (and new
prisma-client provider). But I've been getting this issue over and over when running npx @better-auth/cli generate: https://pastes.dev/8mAaIdbClF (couldn't upload log because of the limit). My schema.prisma looks like this:
```
generator client {
provider = "prisma-client"
output = "../generated/prisma"...