api.auth.getSession returns null
Better auth team.
Can you fix this issue?
This is really bugging my application.
https://github.com/better-auth/better-auth/issues/2055...
MCP Plugin not working with MCP Inspector
Hello
When running the official https://github.com/modelcontextprotocol/inspector for authentication, it is sending an
OPTIONS request to the oauth registration endpoint (http://localhost:5173/api/auth/mcp/register), which is not defined by the plugin and returns a 404.
On the inspector, this ends the signin flow and it's not possible to use the inspector
I also noticed that the plugin is not defining a .well-known/oauth-protected-resource route, which the MCP clients are querying...How to generate JWT for server-side requests (Twilio webhooks) in BetterAuth v1.3?
Hi all, I'm using BetterAuth with a Next.js app and I'm handling incoming Twilio SMS webhooks to interact with users based on their phone number.
Previously, I used:
import { getJwtToken } from "better-auth/plugins/jwt/sign";...
Typescript error in the better auth instance configuration when using organization()
The title explains most of it, here is the specific error message:
```txt
Type '{ id: "organization"; endpoints: { createOrganization: { <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: { body: { name: string; slug: string; userId?: string | undefined; logo?: string | undefined; metadata?: Record<...> | undefined; keepCurrentActiveOrganization?: boolean | ...' is not assignable to type 'BetterAuthPlugin'.
Types of property 'schema' are incompatible....
[TS Error] user.locale missing in Better Auth type after adding custom field
I added a custom locale field via additionalFields in Better Auth, but TypeScript still throws:
Property 'locale' does not exist on type '{ id: string; name: string; emailVerified: boolean; email: string; createdAt: Date; updatedAt: Date; image?: string | null | undefined; }'.ts(2339)
```
DB:
export const user = pgTable("user", {...
Organizations: inferAdditionalFields for separate client-server projects
In point two of Inferring Addional Fields on Client in the inferring additional fields docs
there is the following example:
```
import type { auth } from "./auth";...
BUG: Customers get free upgrades
I saw this message, I wanted to echo it as it gives customers free subscriptions. https://discord.com/channels/1288403910284935179/1396894399736057877/1396894399736057877
How to set cookies when signing in from server?
I'm using Hono+TRPC for backend (running on port:3000) and react router v7 framework for client (running on port:5173).
This is what the sign-in procedure looks like:
```
signIn: publicProcedure.input(signInSchema).mutation(async ({ input, ctx }) => {...
How i should handle the cookie change because of impersonation?
Hey devs! How i should handle the cookie (session) change because of impersonation?
Here is my current implementation:
```ts
const handleImpersonate = async () => {...
"State not found" error
I'm trying to sign in using apple, but I'm getting this error:
...
Error Code: state_not_found
Error Code: state_not_found
Is it possible to set a password for a user created with a phone number?
I'd like to create an account with a phone number but also set a password afterward.
I've seen that it's possible to sign in with phone & password, but I don't know how the password should be defined in the first place.
Any ideas?...
Solution:
resetPassword would trigger another SMS. Instead, I'll try to use:
https://www.better-auth.com/docs/concepts/users-accounts#change-password
https://www.better-auth.com/docs/concepts/users-accounts#set-password
Let me know if it's a dead end....
Any article or case study or similar on how to migrate an existing custom auth?
I wonder if we have anything from
Moving from a custom auth. Like the usual that happened years ago with passport.js and bcrypt and cookies and express etc.
Ideally from a standpoint of minimal disruption to existing userbase.
If not i might start this for a big case ( 7m users)...
Issue with Account Overwriting When Using EXPO
After creating three projects on my computer, I logged in using Naver OAuth on two mobile devices.
Each of these two projects is an individual EXPO app.
One of them also has a backend server built with Express.
Here’s the issue:...
sign in not redirecting. Expo
Hi! I am having the following problem:
when i call the function google-sign-in with
wait authClient.signIn.social, a google page opens, i click on my account and then I do not get logged in and res simply is:
Google sign-in result: {"data": {"redirect": true, "url": "https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=321366117154-o5tc3bljh29eejcqmmoumsedctnc67lg.apps.googleusercontent.com&state=-uu9PEM-8hQ20MF0mxKr5L6nyc9zeF90&scope=email+profile+openid&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fapi%2Fauth%2Fcallback%2Fgoogle&code_challenge_method=S256&code_challenge=p85JwI1Nn544eWaZrwj2lUWo3fK2nmb19ALHK5ubemk&include_granted_scopes=true"}, "error": null}
Could someone help?...Cancelling checkout session twice results in 'active' status
Hey! Just upgraded to v1.3.1 and ran into something weird during testing:
1. Cancel a session (after clicking upgrade) → subscription goes to "incomplete" status (makes sense)
2. Cancel session again → subscription suddenly becomes "active" ??
...
Endpoints being called 2000+ times on refresh
It's very inconsistent when it happens, but sometimes it will make ~2000 requests.
Relevant code:
```ts
// dashboard-sidebar.tsx...
PhoneNumber Plugin signUpOnVerification
the signup/login process only requires user's phone number, so i'm using the PhoneNumber plugin, and making use of signUpOnVerification to register users, it works the first time phone number is used, but in later logins the backend throws a unique validation restriction, so it obviously appears that the signUpOnVerification tries to insert new database record every time phone number is verified and doesn't check if a user already exists before.
So how to achieve the required scenario of allow user login/signup using the phone number plugin without trying to create new user if a user already exists with the same phone number and hence the same temp email in this case...
Session expires in 5 minutes. Regardless of 1 year settings. Two Set-Cookie headers
Hey, I have this setting for the session:
```
session: {
modelName: 'auth_session',
expiresIn: 60 * 60 * 24 * 365, // 1 year - very long session...
additionalFields type-safety
is it possible to make an additionalField type-safe?
```ts
user: {
additionalFields: {...
how can I sing in a user using google oauth from sever side?
socialProviders: {
google: {
clientId: process.env.GOOGLE_CLIENT_ID as string,
clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
// prompt: "select_account", // optional: always show account picker...