Better AuthBA
Better Auth10mo ago
ragnar

Session duplication bug when two-factor plugin enabled

I have a project that shows otp-modal if two-factor validation is active. The normal is that it creates a session after entering the correct otp code. But as soon as i enter the password the session is created and after i enter the otp code correctly another session is created. What is the solution for this?

actions/sign-in.ts -->
"use server";

import { auth } from "@/lib/auth";
import { signInSchema } from "@/schemas";
import { APIError } from "better-auth/api";
import { z } from "zod";

export const signIn = async (values: z.infer<typeof signInSchema>) => {
  const validatedData = signInSchema.parse(values);

  try {
    const response = await auth.api.signInEmail({
      body: {
        email: validatedData.email,
        password: validatedData.password,
        callbackURL: "/verify-email?success=true",
      },
      asResponse: true,
    });

    if (!response.ok) {
      throw new Error("Failed to sign in");
    }

    const data = await response.json();
    console.log("Sign-in Response:", data);

    if (data.twoFactorRedirect) return { twoFactorRedirect: true };

    return null;
  } catch (error) {
    if (error instanceof APIError) {
      if (error.status === "UNAUTHORIZED") {
        throw new Error("Invalid email or password");
      }
      if (error.status === "FORBIDDEN") {
        throw new Error("Email not verified");
      }
    }

    throw new Error("Something went wrong.");
  }
};


sign-in-form -->
import { twoFactor } from "@/lib/auth-client";

  const onSubmit = (values: z.infer<typeof signInSchema>) => {
    startTransition(() => {
      signIn(values)
        .then(async (data) => {
          if (data?.twoFactorRedirect) {
            await twoFactor.sendOtp();
            otpModal.onOpen();
          }
          router.push("/dashboard");
        })
        .catch((error) => toast.error(error.message));
    });
  };
Was this page helpful?