Discord auth scopes
Hii can i configure the scopes i want while authorizing the user using better auth?
Solution:
To give you an example:
Different frontend and backend URL with social logins
Hi, my backend is hosted on api.mydomain.com while my frontend is hosted on mydomain.com. Everytime I try to login through google social sign-in I get redirected to api.mydomain.com instead.
How can I make better-auth work in this scenario?...
Solution:
I just had to provide a callbackURL during signIn.social
Apple authentificaiton
Hey i'm kinda new to better auth and i did create pretty easily auth with credentials and google, i have a apple developper license and i'm looking to create an authentication but i'm stuck :
i'm using nextjs on this app :
i created the app id xx.xx.appname with Sign In with Apple but no setup...
Solution:
you will need to generate the apple client secret yourself, you can set up a script to do just that eg ```typescript
const jwt = require("jsonwebtoken");
// Create JWT...
Next.js + elysia.js cookie session issue
"This cookie was blocked because it had the "SameSite=Lax" attribute and the request was made from a different site and was not initiated by a top-level navigation."
the cookies getting blocked by saying this error above.
my frontend is next js in local enviornment and the backend is in elysia js in deployed version ...
Error sign up Invalid `db[getModelName(model)].create()` invocation in
I use prisma with MongoDB as its database and when signing up there is an error like in the picture. How do I fix it?
2FA email login with `auth.api`: Ensure verification is completed?
Hey! When using
auth.api.signInEmail to sign in to a user with 2FA (TOTP) enabled, how do I ensure that the 2FA verification has been completed for that session? I can always say that after signing in, the user is redirected to the 2FA verification flow, but I don't see any immediate Better-Auth-native way of blocking the user from simply changing the URL and go to a different page again and thus avoid 2FA.
Should the result of the auth.api.verifyTOTP perhaps be stored in the Session table for easy look-up to ensure that the user has indeed successfully completed the verification? Or am I completely missing something here, for instance that the user shouldn't actually be logged (i.e., no Session is created) in unless they complete 2FA?
Possible quirk: I don't use the client-side authClient, I have all interactions on server-side using auth.api.{method} and I've done all necessary migrations and TOTP enabling/disabling from user profile works as expected. I use fullstack SvelteKit with interactions via form actions....Better Auth + Hono + Nextjs ( JStack ) Cookies
I've configured Everything for better auth to work with jstack but the Cookies dosen't set on login.
As the images showing the cookies are empty. I've logged in using Magic Link.How can I fix the issues with the cookies
```import { createAuthClient } from "better-auth/react";
import { magicLinkClient, adminClient } from "better-auth/client/plugins";...
Auth service for a microservice
How would build auth service in a microservice using better-auth as the auth service for a the api getaway.
I intend to use honojs.
How would you go about this?
...
Solution:
Yeah as I said , by the end of the day it is an backend services built with wb frameworks like honojs to handle server side stuff which better auth is part of it so you should treat it as a backend with auth but make sure to include all the necessary info for you from your auth backend to your api gateway to ensure the communication and also make sure to include the origin you trust with a better auth config
cloudflare error
Hello - I have a sveltekit application which is hosted on cloudflare pages.
I am using google social login, and it works fine in development.
but in prod, it gives me 500 error right after I click on google account...
Dynamically create Role and Permission.
Can anyone tell how to create role and permissions programatically? Such as from admin dashboard. In the doc, it shows how to create access controller and pass it to auth configuration
```import { betterAuth } from "better-auth"
import { admin as adminPlugin } from "better-auth/plugins"
import { ac, admin, user } from "@/auth/permissions"...
Hono + Better-auth + Lambda Cookies
I am wondering if anybody has set up an API on AWS Lambda using hono secured with Better-auth. I have used Better-auth in the past for a Next.js project, I am now exploring how to use it with Hono and I would like to deploy it in a serverless environment to start (AWS Lambda). Does anyone have experience with Cookies management in this context? Next.js used to just take care of it for me, but now I am having to return the cookies to the frontend, React app, which get stored and sent with subsequent requests. However, when I try to do an auth.api.getSession() api call and pass the headers into it, I am getting null.
I will provide any code I have for this discussion. Going to be at work for the next few hours so I appreciate anyone who joins ins patience! πͺ πͺ πͺ...
Is there any way to create organization after user create hook?
Im getting UNAUTHORIZED error because im trying to create an organization for user with using user : { create : { after { } }} hook.
Is there any way to avoid it?...
Solution:
since you have the user id, remove
headers and pass userId in the body insteadAuthClient not respecting baseURL
Hey, I'm currently trying to seperate my backend from my nextjs app but now for some reason the authClient won't respect the baseURL I set and instead still tries to fetch from the nextjs api route, which obviously doesnt exist anymore. Is this a bug or am I just doing ot wrong?
Retrieving the linked google `email` for credentials registered user
I registered with
emailAndPassword where a single account is created. Is it possible to gain information about another account with the same user when linking a google account? I see that in the account table, there is no way to retrieve the email.
My use-case is displaying the email where its possible that the user registered with a different google email as the one that he registered with (mismatch between google account and user email)...Forget Password Security/Rate limits
Is there an option to rate-limit the verification entries generated by
forgetPassword?
For example, can we prevent generating a new reset password entry for a given value id if there are already X non-expired entries for it?
Additionally, whatβs the purpose of creating a new entry for the same value instead of updating the existing one or deleting the old one?
...Invalid token on resetPassword
I'm creating a flow for when a signed out user forgets their password, they can reset it.
```
export const auth = betterAuth({
database: {...
Best way to protect routes in TanStack Start?
What's the best way to protect all private routes like
/dashboard*, so they redirect to /login if no session exists? I don't see this aspect in the example: https://github.com/better-auth/better-auth/tree/main/examples/tanstack-example
Below is my attempt, but session is always null, even if the user is authenticated.
```ts...elysia with better auth not working
Hi, it seems that the integration is not working correctly, i set up everything (i hope correctly) but one i start running elysia server i get
script "dev" was terminated by signal SIGABRT
Could be a problem related to bun?
the server runs if i remove betterAuthView...
Google auth redirecting to the main site instead of the webpage
I have an issue which I am not experiencing on other projects using better-auth
I have http://localhost:8000 set as BASE_URL under
process.env.BETTER_AUTH_URL, which is my Express API
where http://localhost:3000 is my Next.js website
...Solution:
@chunkbanned I tried using this env:
BETTER_AUTH_URL=http://localhost:YOUR_PORT, and it worked for me, google redirects to the url in the env