seesion not saving when running dev server with --host or when running build

Frontend spa in react
Backend is a express server
Hi, I am tryint to test my webapp from my phone so i am using the --host option with vite (i do bun run dev --host) but now my cookies are not being set and the session is not being stored. Here is my signin code:

 const { error } = await authClient.signIn.email({
      email,
      password: password,
      callbackURL: url,
    });
    if (error) { console.log(error) }

 const { error } = await authClient.signIn.email({
      email,
      password: password,
      callbackURL: url,
    });
    if (error) { console.log(error) }

 const { error } = await authClient.signIn.email({
      email,
      password: password,
      callbackURL: url,
    });
    if (error) { console.log(error) }

 const { error } = await authClient.signIn.email({
      email,
      password: password,
      callbackURL: url,
    });
    if (error) { console.log(error) }

which does not log the error and i can see my redirect working, the url is set to my app base path while hosting thats 10.0.0.134:5173, and it correctly redirects me but because the session isnt saved it puts me back to my login page (all other routes are protected) I also know its hitting the auth server because i put a test middleware infront of the auth like so:

const test = async (req: Request, res: Response, next: NextFunction) => {
  console.log("Hello")
  next()
}
app.all("/api/auth/*", test, toNodeHandler(auth));

const test = async (req: Request, res: Response, next: NextFunction) => {
  console.log("Hello")
  next()
}
app.all("/api/auth/*", test, toNodeHandler(auth));

const test = async (req: Request, res: Response, next: NextFunction) => {
  console.log("Hello")
  next()
}
app.all("/api/auth/*", test, toNodeHandler(auth));

const test = async (req: Request, res: Response, next: NextFunction) => {
  console.log("Hello")
  next()
}
app.all("/api/auth/*", test, toNodeHandler(auth));

which does print hello when i press sign in on the client (removing the test middleware does nothing to fix it)
I have these cors rules set up:

const allowedOrigins = ['http://localhost:5173', 'http://10.0.0.134:5173'];
app.use(cors({
  origin: (origin, callback) => {
    // Allow requests with no origin (like mobile apps or curl)
    if (!origin) return callback(null, true);
    if (allowedOrigins.indexOf(origin) !== -1) {
      callback(null, true);
    } else {
      callback(new Error('Not allowed by CORS'));
    }
  },
  credentials: true,
}));

const allowedOrigins = ['http://localhost:5173', 'http://10.0.0.134:5173'];
app.use(cors({
  origin: (origin, callback) => {
    // Allow requests with no origin (like mobile apps or curl)
    if (!origin) return callback(null, true);
    if (allowedOrigins.indexOf(origin) !== -1) {
      callback(null, true);
    } else {
      callback(new Error('Not allowed by CORS'));
    }
  },
  credentials: true,
}));

const allowedOrigins = ['http://localhost:5173', 'http://10.0.0.134:5173'];
app.use(cors({
  origin: (origin, callback) => {
    // Allow requests with no origin (like mobile apps or curl)
    if (!origin) return callback(null, true);
    if (allowedOrigins.indexOf(origin) !== -1) {
      callback(null, true);
    } else {
      callback(new Error('Not allowed by CORS'));
    }
  },
  credentials: true,
}));

const allowedOrigins = ['http://localhost:5173', 'http://10.0.0.134:5173'];
app.use(cors({
  origin: (origin, callback) => {
    // Allow requests with no origin (like mobile apps or curl)
    if (!origin) return callback(null, true);
    if (allowedOrigins.indexOf(origin) !== -1) {
      callback(null, true);
    } else {
      callback(new Error('Not allowed by CORS'));
    }
  },
  credentials: true,
}));

and my server auth setup is here:

export const auth = betterAuth({
    database: dialect,
    emailAndPassword: {
        enabled: true,
    },
    trustedOrigins: ["http://10.0.0.134:5173", "http://localhost:5173"],
    cookie: {
        // Cookie configuration example:
        maxAge: 7 * 24 * 60 * 60, 
        httpOnly: true, 
        sameSite: "lax", 
        secure: false, 
    },
});

export const auth = betterAuth({
    database: dialect,
    emailAndPassword: {
        enabled: true,
    },
    trustedOrigins: ["http://10.0.0.134:5173", "http://localhost:5173"],
    cookie: {
        // Cookie configuration example:
        maxAge: 7 * 24 * 60 * 60, 
        httpOnly: true, 
        sameSite: "lax", 
        secure: false, 
    },
});

export const auth = betterAuth({
    database: dialect,
    emailAndPassword: {
        enabled: true,
    },
    trustedOrigins: ["http://10.0.0.134:5173", "http://localhost:5173"],
    cookie: {
        // Cookie configuration example:
        maxAge: 7 * 24 * 60 * 60, 
        httpOnly: true, 
        sameSite: "lax", 
        secure: false, 
    },
});

export const auth = betterAuth({
    database: dialect,
    emailAndPassword: {
        enabled: true,
    },
    trustedOrigins: ["http://10.0.0.134:5173", "http://localhost:5173"],
    cookie: {
        // Cookie configuration example:
        maxAge: 7 * 24 * 60 * 60, 
        httpOnly: true, 
        sameSite: "lax", 
        secure: false, 
    },
});

note i have tried without setting the cookies object and with it.

Solution

Solution was using bearer plugin and making sure my auth server was actually hosted to the network. for future reference if anyone needs

Jump to solution

seesion not saving when running dev server with --host or when running build

Similar Threads

Similar Threads

Similar Threads