Better Auth

BA

Better Auth

Join the community to ask questions about Better Auth and get answers from other members.

Join

bug-reports

help

Matteo G
Matteo G
View on Discord
4/7/2025

How can I get a user from an api key ?

Hey all, I recently stumbled onto better-auth and really like it, especially once I saw it had a plugin for api keys šŸ˜ I managed to get it set up and can create api keys from nuxt (on client side), but I cannot seem to get a user out of them ? I can see the userId is set on the key (since it's created from an authenticated user), but if I try to get a user out of the session by doing this:...
Solution:
Ok, it just seems like I cannot copy/paste correctly into a curl command. Nothing to see here xD
Aymeric
Aymeric
View on Discord
4/7/2025

How to access user email or userId in social login hook (Google/Microsoft)?

Hi everyone! šŸ‘‹ Iā€™m trying to handle user logins using Google and Microsoft in BetterAuth. In the after hook of createAuthMiddleware, I want to check some conditions based on the userā€™s email or userId, like I already do for regular email sign-in (see screenshot). ...
Solution:
All good, I resolved my issue by using ctx.context.newSession and ctx.redirect šŸ‘
No description
Snilzo
Snilzo
View on Discord
4/7/2025

Can you change callbackURL with requireEmailVerification default option?

Hey! Im not calling sendVerificationEmail directly, is there anywhere where I can configure what the default requireEmailVerification option is doing to change the callbackURL ?
Dustin
Dustin
View on Discord
4/7/2025

How to run the client on a server route as admin

Hi, I am using Nuxt and have the admin plugin installed. I want to List all users, which is possible If the user doing the query is of role "admin". But if not, the query fails, which is correct. But, how would I do this in a server environment? I need to check in a server route if a user exists, how do i do this? If I dont pass headers, I get 401, If I do, I get 403....
anand248
anand248
View on Discord
4/7/2025

Even being owner, getting YOU_ARE_NOT_ALLOWED_TO_INVITE_USERS_TO_THIS_ORGANIZATION

I defined owner permission set as ``` export const ownerRole = accessControl.newRole({ customer: ["create", "read", "update", "delete"], product: ["create", "read", "update", "delete"],...
Solution:
got it sorted Ping, I guess, from now onwards, we have to explicitly specify invitation: ["create"] in permissions set, and it is not part of defaultStatements , I am happy to add this explicitly, I am good now.
PIat
PIat
View on Discord
4/7/2025

Team metadata

Hello! I am using the metadata field in Organizations to organize them using ids, since the app is intenationalized. The team schema, however, is missing a metadata field. How can I add metadata to it? Any help would be appreciated!...
Arairon
Arairon
View on Discord
4/7/2025

Express returns 404 on /then, but responds to /ok

Hi, i can't seem to figure out how to properly set up better auth with express. After following the guide i seem to get an {"ok":true} on the /ok endpoint. When i tried using the react client it called the /then endpoint, which returned a 404. Same thing happens when sending a basic get request. I'd appreciate some help figuring out what could be wrong...
craftzcode
craftzcode
View on Discord
4/7/2025

Issues with Skeleton Loading Not Displaying for Session-Based Components

I'm encountering an issue with rendering a skeleton loading state in my React components that depend on the user's session. I've created custom SignedIn and SignedOut components to conditionally display content based on whether the user is authenticated. The problem arises when I refresh the websiteā€”the skeleton loader for the UserAvatar component doesn't show as expected during the pending state; instead, the component seems to render as null and immediately displays the UserMenu. Here's a brief overview of my implementation: - SignedIn Component: Displays its children only when there is an active session. - SignedOut Component: Renders its children only when there's no active session and the session is not pending....
No description
Armand
Armand
View on Discord
4/7/2025

Sign out after revoking current session

After revoking the current session, getSessionCookie in the middleware still return a value so it's act like the user is signed in. How can I prevent this ?
Glen Kurio
Glen Kurio
View on Discord
4/7/2025

Ratelimit with Email Verification

Hi, everyone! Can someone tell me why I'm not able to set rate limit to sendVerificationEmail separatley? This rules are applied in such way that if i have different rate limit for sign-in with email and requireEmailVerification: true, emails will be sent as many times as sign-in rate limit allows to call it...
Acro
Acro
View on Discord
4/6/2025

Clarification on Email OTP Auth Flows

I am not clear on the flows of the Email OTP auth flows. 1. SignIn with OTP - I have regular credentials setup. Seems like it replaces the password in credentials? And I would have only an email field with a button Sign In with Passcode? Or does this happen in addition to password kinda like two-factor auth without the twoFactor plugin. 2. Verify Email - self explanatory. Sent on Sign Up, user auto Signed In. Authenticated Form to input OTP and resend verification email button. 3. Reset Password - Is this for currently logged out user it seems? Reset password form with just email field. This email gets sent with the OTP and a link to your public password change password form: otp, email, new password, confirm new password? I'm generally familiar with reset links. But I think somewhere in OWASP, OTP are recommended....
stevem
stevem
View on Discord
4/6/2025

Redirect for first time user with social sign in

How would I change the redirect for a first time user signing in with a social provider, since they are all sign ins?
Solution:
const data = await authClient.signIn.social({
    provider: "google", // or any other provider
    callbackURL: "/dashboard", // URL for existing users
    newUserCallbackURL: "/onboarding", // URL for first-time users
  });
const data = await authClient.signIn.social({
    provider: "google", // or any other provider
    callbackURL: "/dashboard", // URL for existing users
    newUserCallbackURL: "/onboarding", // URL for first-time users
  });
...
Duccem
Duccem
View on Discord
4/6/2025

Drizzle and better auth problem

Hello, any one knows the reason why im viewing this error? my schema is this
No description
mattbuttondev
mattbuttondev
View on Discord
4/6/2025

How can I complete some actions on OAuth authorization before signing the user in?

I'm developing a web application where I need to create certain resources and store them in my database as part of the signup process. If this resource creation fails, I want to return an error and prevent the signup from completing. How can I achieve this when registering via. OAuth?
craftzcode
craftzcode
View on Discord
4/6/2025

What is the best approach when handling the protected and unprotected routes

I designed a layout for the sign in and sign up pages with the goal of redirecting any authenticated user straight to the home page (/). However, when I navigate to either the sign in or sign up page while already having an active session, the page content briefly renders before the redirect occurs. Additionally, I encounter the following error: 
Cannot update a component (`Router`) while rendering a different component (`AuthLayout`). To locate the bad setState() call inside `AuthLayout`, follow the stack trace as described in https://react.dev/link/setstate-in-render
Cannot update a component (`Router`) while rendering a different component (`AuthLayout`). To locate the bad setState() call inside `AuthLayout`, follow the stack trace as described in https://react.dev/link/setstate-in-render
...
Solution:
``` import { headers } from 'next/headers'; import { redirect } from 'next/navigation'; import { auth } from '@/lib/auth';...
Grmayt
Grmayt
View on Discord
4/6/2025

Expo and hono.js

In my hono.js ```app.get('/api/auth/callback/google', async c => { try { return c.json({ status: 'ok',...
craftzcode
craftzcode
View on Discord
4/6/2025

Better Auth Error Session data is too large to store in the cookie

I'm always getting this error whenever I tried to sign up. ```shell SERVER_ERROR: [Error [BetterAuthError]: Session data is too large to store in the cookie. Please disable session cookie caching or reduce the size of the session data] { cause: undefined }...
Solution:
This occurs because the base64 of the profile picture is too large. You should upload the profile picture to a S3 bucket or cloudflare R2 and save only the id to the database / cookie
Harsh
Harsh
View on Discord
4/6/2025

How can i setup with express and mongoose?

I was trying to setup the auth with express but when i was importing client it is having the issue! ```bash import mongoose from "mongoose"; export class Database {...
HuGo
HuGo
View on Discord
4/6/2025

Next.js Hydration Error Linked to useActiveOrganization Hook

Hi, is it normal if I have a hydration problem when I use isPending from useActiveOrganization? Since I added ā€˜isPendingā€™ I get hydration errors when I refresh. It's possible to refresh the first time without getting the error, but on the second refresh it does. I wrote this, which reproduces the bug perfectly....
Perchun_Pak
Perchun_Pak
View on Discord
4/6/2025

how to return more data from `/get-session`

hello, I would want to store user's balance inside session object, instead of fetching it manually I tried to create a plugin for better auth, but it doesn't work (it worked a few days before, I didn't change code nor updated dependencies...) ```ts import type { BetterAuthClientPlugin } from "better-auth/client";...
PreviousNext