Dynamically create Role and Permission.
Can anyone tell how to create role and permissions programatically? Such as from admin dashboard. In the doc, it shows how to create access controller and pass it to auth configuration
```import { betterAuth } from "better-auth"
import { admin as adminPlugin } from "better-auth/plugins"
import { ac, admin, user } from "@/auth/permissions"...
Hono + Better-auth + Lambda Cookies
I am wondering if anybody has set up an API on AWS Lambda using hono secured with Better-auth. I have used Better-auth in the past for a Next.js project, I am now exploring how to use it with Hono and I would like to deploy it in a serverless environment to start (AWS Lambda). Does anyone have experience with Cookies management in this context? Next.js used to just take care of it for me, but now I am having to return the cookies to the frontend, React app, which get stored and sent with subsequent requests. However, when I try to do an auth.api.getSession() api call and pass the headers into it, I am getting null.
I will provide any code I have for this discussion. Going to be at work for the next few hours so I appreciate anyone who joins ins patience! 🍪 🍪 🍪...
Is there any way to create organization after user create hook?
Im getting UNAUTHORIZED error because im trying to create an organization for user with using user : { create : { after { } }} hook.
Is there any way to avoid it?...
Solution:
since you have the user id, remove
headers and pass userId in the body insteadAuthClient not respecting baseURL
Hey, I'm currently trying to seperate my backend from my nextjs app but now for some reason the authClient won't respect the baseURL I set and instead still tries to fetch from the nextjs api route, which obviously doesnt exist anymore. Is this a bug or am I just doing ot wrong?
Retrieving the linked google `email` for credentials registered user
I registered with
emailAndPassword where a single account is created. Is it possible to gain information about another account with the same user when linking a google account? I see that in the account table, there is no way to retrieve the email.
My use-case is displaying the email where its possible that the user registered with a different google email as the one that he registered with (mismatch between google account and user email)...Forget Password Security/Rate limits
Is there an option to rate-limit the verification entries generated by
forgetPassword?
For example, can we prevent generating a new reset password entry for a given value id if there are already X non-expired entries for it?
Additionally, what’s the purpose of creating a new entry for the same value instead of updating the existing one or deleting the old one?
...Invalid token on resetPassword
I'm creating a flow for when a signed out user forgets their password, they can reset it.
```
export const auth = betterAuth({
database: {...
Best way to protect routes in TanStack Start?
What's the best way to protect all private routes like
/dashboard*, so they redirect to /login if no session exists? I don't see this aspect in the example: https://github.com/better-auth/better-auth/tree/main/examples/tanstack-example
Below is my attempt, but session is always null, even if the user is authenticated.
```ts...elysia with better auth not working
Hi, it seems that the integration is not working correctly, i set up everything (i hope correctly) but one i start running elysia server i get
script "dev" was terminated by signal SIGABRT
Could be a problem related to bun?
the server runs if i remove betterAuthView...
Google auth redirecting to the main site instead of the webpage
I have an issue which I am not experiencing on other projects using better-auth
I have http://localhost:8000 set as BASE_URL under
process.env.BETTER_AUTH_URL, which is my Express API
where http://localhost:3000 is my Next.js website
...Solution:
@chunkbanned I tried using this env:
BETTER_AUTH_URL=http://localhost:YOUR_PORT, and it worked for me, google redirects to the url in the envHelp with Email + Phone before 2FA Flow
Hello,
At work we require to implement auth for login and I would like to use BetterAuth for it if possible
The requirements are that we signup with email password, then we enter phone number and verify it with OTP, then we enable 2FA....
Refresh Spotify access token
I'm basically getting the access token from the db on the server to make calls to the spotify api but the token doesn't automatically gets refreshed only when I sign in and out on my frontend
Is there a way to refresh the token automatically or do I need to figure out how to do it manually?...
Social login Account creation with additional field
How to pass additional state during a social provider sign-in (e.g., Google). When a new user signs up with say for example Google, I want to store an extra field in the database, like { "a": "123" }, alongside the default user data. How can I pass this custom data from the client and handle it on the server to save it in the DB?
``` const signIn = async () => {
await auth.signIn.social({
provider: "google",
loginHint: "EXPERT",...
Social login with separate backend domain
If my frontend is at a different domain than my backend, the cookie from the 302 redirect doesn't get set. If using bearer tokens there's no opportunity to get the token from the request before the redirect occurs. Email/password works.
Solution:
Okay just had to play with cookies, config that fixed for this:
```
advanced: {
defaultCookieAttributes: {...
Problem with OAuth (Google) using BetterAuth with Express for backend and Next.js Frontend
Hi! Does anyone know how to resolve this? It's Express on the backend and Next.js on the frontend. The error appears in Express after continuing the authentication with Google
```
SERVER_ERROR: SyntaxError: Expected ',' or '}' after property value in JSON at position 191
at JSON.parse (<anonymous>)...
How to debug addPasskey not working in Production (Vercel)?
Having configured the
passkey plugin, I can add a passkey locally/development but not in production (Vercel).
I'm using a simple button in NextJS to trigger adding a passkey:
```
const { data, error } = await authClient.passkey.addPasskey();...Solution:
I managed to resolve this. I had the value for
rpID wrongly configured. 🤦
It was set to api.mysite.com rather than mysite.com.
A [Fido2Client] Error in the Chrome console alerted me to the issue....FAILED_TO_CREATE_USER
How can I debug, whats going on? I dont see anything in console
Solution:
Usually we need
name when signing up as well.
perform action after successful email verification
using ionic/vue client with express.js backend
i want to perform an action after successful email verification. a possible place would be databaseHooks.user.update.before but unfortunately the object passed to this method only contains the updated property, e.g. { emailVerified: true }, nothing else.
...
Manually create a session
Hi, for testing purposes I want to create a session in my own controller, and set the right cookies. Although, it seems like the sesison token has to be in a certain structure. Has anyone got a better idea on how I can implement this?
The cookie names do match, I am using NextJS so I would need a backend approach to create the sessions.
```ts
// Create or get the test user...
Solution:
hmm...you can fill it with those details -
```ts
import { createRandomStringGenerator } from "@better-auth/utils/random";
import { createHMAC } from "@better-auth/utils/hmac";...