forgot password with Email OTP
Hi everyone! I'm working on a forgot password feature using Next.js, Prisma, and PostgreSQL.
When I submit the email on the forgot password page, and the email doesn't exist in the database, it doesn't show an error like "User email doesn't exist." It just silently fails.
Here's the code snippet I'm using:...
how to protect route based on role
@bekacru I used to protect routes using getSessionCookie, but now I want to protect them based on user roles. I tried using getSession() but it seems not provided. How can I check a user's role to protect specific routes or actions? it's enough if i know how to get session
Solution:
You can't use getSession in middleware.
Take a look at our middleware docs: https://www.better-auth.com/docs/integrations/next#middleware
You can directly fetch your auth API for session data.
...
converting bigint
When getting the session, I am encountering a problem that the json that contains the user and the session cannot convert because both are bigint. Is there a solution for this?
```ts
SERVER_ERROR: 187 | headers.set("Content-Type", "application/x-www-form-urlencoded");
188 | } else if (data instanceof ReadableStream) {...
Solution:
I just added this to the main backend file and it works (1.2.5)
```ts
declare global {
interface BigInt {
toJSON(): string...
SIWE Auth plugin
hey!
I'm trying to get a siwe-plugin working, but i'm pretty sure I'm doing something wrong here.
Once my plugin is initialized, I still can't access it via
signIn.siwe...better auth as authentication service
It’s possible to use better auth as an authentication service for a Golang Rest api?
I want to use organizations and roles with permission...
what's the signature format for session cookies?
When examining a working session cookie created by Better Auth (__Secure-better-auth.session_token), I see it has a format like token.signature. What algorithm/process is used to create this signature? Is there a way to generate a valid cookie manually or is this only possible through Better Auth's internal APIs?
Magic Link Expiry
Hi there.
When it comes to the expiry of a magic link we noticed that it is set 2h behind. Now we have our DB hosted in the UK (MongoDB) and work in. South Africa.
Are the expiry dates of these tokens based on the DB time or server time? Essentially when working locally we have a our server obviously booted on a SA timezone. So just trying to understand where this behavior comes in?...
how to integrate non-oauth providers?
I'm implementing Telegram login which doesn't follow OAuth flow. After verifying the user's Telegram credentials and creating/finding the user in my database, what's the correct way to create a proper Better Auth session? I want to avoid false negatives when checking sessions in my middleware.
How to use stripe resume subscription
I need to use like this:
// Handle subscription resumption
const handleResumeSubscription = async (subscriptionId: string) => {
if (!subscriptionId) return
try {...
Unable to get access to authClient.stripe.subscription
```JS
import { emailOTPClient } from "better-auth/client/plugins";
import { createAuthClient } from "better-auth/react";
import { stripeClient } from "@better-auth/stripe/client"
...
hono | trpc | api key auth with betterauth issue
is there a hono trpc api key auth with betterauth example somewhere or someone mind sharing their approach for handling the auth part of api keys?
Record<string, any> union in returned data object from authClient hook
```ts
const { data } = authClient.useActiveOrganization();
if(!data) {
return <>No data.</>;...
New to SaaS Application Building
Hey all, I'm curious what people do surrounding authentication/authorization for SaaS apps. I'm new to the arena and wondering what the different solutions are. So if I intend to deploy an application across multiple tenants who have their own IdP (e.g. Azure, AWS, GCP, Logto, etc.) that I want my app to interface with, what Better Auth plugin should I be using? Organization? OIDC? SSO? A hybrid mix?
If I hook up to their IdP, then I need a way to map their IdP defined roles to the app roles that my application will define. How do people typically manage that IdP configuration for the app and IdP role to app role mapping? At deploy time? Runtime check with some administrative UI pages built into the application?
Sorry if these are dumb questions, but curious to get insight as I'm trying to build a scalable SaaS app....
better-auth Session Not Recognized After Manual Creation in Telegram Callback
Telegram successfully authenticates, and my callback verifies the data. However, I'm manually creating the session record in the DB and setting the session cookie afterwards.
Below how I'm doing it in my /api/auth/callback/telegram.ts. After this manual setup and redirecting to a protected route, my middleware check await auth.api.getSession(...) fails to recognize the session, causing a redirect back to /signin.
My Question: Is manually inserting into the session table and setting the better-auth.session_token cookie like this the correct approach for integrating a custom callback (like Telegram's data-auth-url) with better-auth?...
how to customize/translate BASE_ERROR_CODES
and how to replace or customize the error page of better auth?
Solution:
and how to replace or customize the error page of better auth?You can pass this to your better-auth config to change the error page: ```ts onAPIError: { errorURL: "/my-err-url"...
Stripe plugin status properties full list?
Is there a comprehensive list of the status schema properties in the subscription table? It looks like better-auth manages this column so I can't customize them. I see (active, canceled, etc.) in the docs, and 'trialing' comes up in my db. Are there any others? 'inactive'? 'reset'?
Solution:
@Ham
Email Verification
Guys, need help.
Token for email verification should be stored in database automatically? In my case Verification table is empty.
http://localhost:3000/api/auth/verify-email?token=eyJhbGciOiJIUzI1NiJ9.eyJlbWFpbCI6Iml2bEBhcnl6ZS5pbyIsImlhdCI6MTc0NDA0MDI3NywiZXhwIjoxNzQ0MDQzODc3fQ.bMcHk2rUSoCAVZaD2ChR4ypTQpkZg7YS4pW_2gEgGMY&callbackURL=%2Fverification%3Fflow%3Dkyc...
How to fix Stripe error
[Better Auth]: Error fetching subscription from Stripe RangeError: Invalid time value
at Date1.toISOString (<anonymous>)
at Array.map (<anonymous>)
at Array.map (<anonymous>)
at Array.map (<anonymous>)...
Solution:
I downgraded Stripe to version 17.7.0, and it works!
How can I get a user from an api key ?
Hey all,
I recently stumbled onto better-auth and really like it, especially once I saw it had a plugin for api keys 😍
I managed to get it set up and can create api keys from nuxt (on client side), but I cannot seem to get a user out of them ? I can see the userId is set on the key (since it's created from an authenticated user), but if I try to get a user out of the session by doing this:...
Solution:
Ok, it just seems like I cannot copy/paste correctly into a curl command. Nothing to see here xD