Invalid token on resetPassword

I'm creating a flow for when a signed out user forgets their password, they can reset it.

export const auth = betterAuth({
  database: {
    dialect,
    type: "postgres",
  },
  emailAndPassword: {
    enabled: true,
    sendResetPassword: async (
      { user, token, url }: { user: User; token: string; url: string },
      _
    ) => {
      await sendResetPasswordEmail({
        email: user.email,
        url,
      });
    },
    resetPasswordTokenExpiresIn: 3600, // 1 hour
  },
  trustedOrigins: ["http://localhost:4321"],
});

export const auth = betterAuth({
  database: {
    dialect,
    type: "postgres",
  },
  emailAndPassword: {
    enabled: true,
    sendResetPassword: async (
      { user, token, url }: { user: User; token: string; url: string },
      _
    ) => {
      await sendResetPasswordEmail({
        email: user.email,
        url,
      });
    },
    resetPasswordTokenExpiresIn: 3600, // 1 hour
  },
  trustedOrigins: ["http://localhost:4321"],
});

export const auth = betterAuth({
  database: {
    dialect,
    type: "postgres",
  },
  emailAndPassword: {
    enabled: true,
    sendResetPassword: async (
      { user, token, url }: { user: User; token: string; url: string },
      _
    ) => {
      await sendResetPasswordEmail({
        email: user.email,
        url,
      });
    },
    resetPasswordTokenExpiresIn: 3600, // 1 hour
  },
  trustedOrigins: ["http://localhost:4321"],
});

export const auth = betterAuth({
  database: {
    dialect,
    type: "postgres",
  },
  emailAndPassword: {
    enabled: true,
    sendResetPassword: async (
      { user, token, url }: { user: User; token: string; url: string },
      _
    ) => {
      await sendResetPasswordEmail({
        email: user.email,
        url,
      });
    },
    resetPasswordTokenExpiresIn: 3600, // 1 hour
  },
  trustedOrigins: ["http://localhost:4321"],
});

It's sending me an email with a URL like

http://localhost:4321/reset-password/<TOKEN>

http://localhost:4321/reset-password/<TOKEN>

http://localhost:4321/reset-password/<TOKEN>

http://localhost:4321/reset-password/<TOKEN>. Great!

But when I try and use the token to reset the password, I always get a

BAD_REQUEST

BAD_REQUEST

BAD_REQUEST

BAD_REQUEST with error

INVALID_TOKEN

INVALID_TOKEN

INVALID_TOKEN

INVALID_TOKEN.

I'm trying to resetPassword server-side, and the code looks like this:

    const result = await auth.api.resetPassword({
      body: {
        newPassword: password,
        token,
      },
    });

    const result = await auth.api.resetPassword({
      body: {
        newPassword: password,
        token,
      },
    });

    const result = await auth.api.resetPassword({
      body: {
        newPassword: password,
        token,
      },
    });

    const result = await auth.api.resetPassword({
      body: {
        newPassword: password,
        token,
      },
    });

Invalid token on resetPassword

Similar Threads

Similar Threads

Similar Threads