BA
Better Auth3w ago
yasserconnect

Google Sign-In throws Error in Production

Google Sign-In is working as expected in development (localhost), but in production, it throws the following error right after the sign-in process: 
error = "please_restart_the_process"
error = "please_restart_the_process"
31 Replies
KiNFiSH
KiNFiSH3w ago
make sure the state exists with the verification table or may the inspect your prod db as well or even check the correct credential are set to the prod env like client id and client secret as well but make sure the prod db do have verification table in it
yasserconnect
yasserconnectOP3w ago
it exist both in local db and production db, but when sign-in with google not create anything in verification table.. how to fix it please?
bekacru
bekacru3w ago
make sure you have your production url and redirect url are added for the prod client id and secret
yasserconnect
yasserconnectOP3w ago
could you give me more details what you me about production url and redirect url please? i spend two days try to fix it 
export const auth = betterAuth({
  appName: 'qitaf',
  secret: betterauthConfig.betterAuthSecret,
  // baseURL: appUrl,
  trustedOrigins: [appUrl],
  database: prismaAdapter(db, {
    provider: 'postgresql',
  }),
  account: {
    accountLinking: {
      trustedProviders: ['google'],
    },
  },
  emailAndPassword: {
    enabled: true,
    requireEmailVerification: true,
    emailVerification: {
      sendOnSignUp: true,
    },
  },
  socialProviders: {
    google: {
      clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID as string,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
      redirectURI: `${appUrl}/api/auth/callback/google`,
    },
  },
  plugins: [
    organization({
      allowUserToCreateOrganization: async (user) => {
        const currentUser = await getCurrentUser();
        const { isADMIN, isCOMPANY } = userRole(currentUser);
        const allowedUsers = isADMIN || isCOMPANY;
        return allowedUsers;
      },
    }),
    bearer(),
    admin({
      adminRole: ['ADMIN'],
      defaultRole: 'COMPANY',
      adminUserIds: [adminUserId],
    }),
    // oneTap(),
    oAuthProxy(),
    nextCookies(),
    username(),
  ],
  onAPIError: {
    throw: false,
    onError: (error, ctx) => {
      console.error('Auth error:', error);
      const errorMessage = encodeURIComponent(JSON.stringify(error));
      window.location.href = `/auth/error#${errorMessage}`;
    },
    errorURL: `/auth/error`,
  },
});
export const auth = betterAuth({
  appName: 'qitaf',
  secret: betterauthConfig.betterAuthSecret,
  // baseURL: appUrl,
  trustedOrigins: [appUrl],
  database: prismaAdapter(db, {
    provider: 'postgresql',
  }),
  account: {
    accountLinking: {
      trustedProviders: ['google'],
    },
  },
  emailAndPassword: {
    enabled: true,
    requireEmailVerification: true,
    emailVerification: {
      sendOnSignUp: true,
    },
  },
  socialProviders: {
    google: {
      clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID as string,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
      redirectURI: `${appUrl}/api/auth/callback/google`,
    },
  },
  plugins: [
    organization({
      allowUserToCreateOrganization: async (user) => {
        const currentUser = await getCurrentUser();
        const { isADMIN, isCOMPANY } = userRole(currentUser);
        const allowedUsers = isADMIN || isCOMPANY;
        return allowedUsers;
      },
    }),
    bearer(),
    admin({
      adminRole: ['ADMIN'],
      defaultRole: 'COMPANY',
      adminUserIds: [adminUserId],
    }),
    // oneTap(),
    oAuthProxy(),
    nextCookies(),
    username(),
  ],
  onAPIError: {
    throw: false,
    onError: (error, ctx) => {
      console.error('Auth error:', error);
      const errorMessage = encodeURIComponent(JSON.stringify(error));
      window.location.href = `/auth/error#${errorMessage}`;
    },
    errorURL: `/auth/error`,
  },
});
should i add (BETTER_AUTH_URL)? and what the benefit to add (baseURL)?
bekacru
bekacru3w ago
redirect url you provided when you create oauth app in google console make sure you have added your production url
yasserconnect
yasserconnectOP3w ago
so in production i added BETTER_AUTH_URL env and what about baseURL? i added BETTER_AUTH_URL env and baseURL in betterAuth config but still the problem exist!! could you look at onAPIError config, maybe it cause the error 'please_restart_the_process' after sign-in via google.
bekacru
bekacru3w ago
im saying when you create a client id and secret in google dev console, make sure to add your production redirect uri (e.g, https://my-site.com/api/auth/google) as you did for local host
yasserconnect
yasserconnectOP3w ago
i did that in google dev console, both for local and production. but the wired error still exist
bekacru
bekacru3w ago
is there any server log?
yasserconnect
yasserconnectOP3w ago
this what i used in production Google dev console Authorized redirect URIs: https://my-site.com/api/auth/callback/google ..... BETTER_AUTH_URL= https://my-site.com baseURL= https://my-site.com is this correct? ❓ no logs just code error = "please_restart_the_process" Until we find the actual problem and fix it, I’ve customized the error page to redirect to the homepage as a temporary solution.
KiNFiSH
KiNFiSH3w ago
you still getiting restart_the_process ?
yasserconnect
yasserconnectOP3w ago
yes still on v1.2.6 too!
yasserconnect
yasserconnectOP3w ago
No description
yasserconnect
yasserconnectOP3w ago
No description
yasserconnect
yasserconnectOP3w ago
No description
yasserconnect
yasserconnectOP3w ago
@KiNFiSH @bekacru can you check this?
KiNFiSH
KiNFiSH3w ago
Can you see if there is a log regarding to this endpoint - api/auth/callback/google ?
yasserconnect
yasserconnectOP3w ago
[2m2025-04-13T16:40:22.249Z ERROR [Better Auth]: State Mismatch. Verification not found { state: 'JlasEIZm4cGvSqqeRulcFT9hnksNhNM-' }
[2m2025-04-13T16:40:22.249Z ERROR [Better Auth]: State Mismatch. Verification not found { state: 'JlasEIZm4cGvSqqeRulcFT9hnksNhNM-' }
KiNFiSH
KiNFiSH3w ago
Can you show me how are actually calling it
yasserconnect
yasserconnectOP3w ago
this through the error: 
if (!data) {
        c.context.logger.error("State Mismatch. Verification not found", {
            state,
        });
        throw c.redirect(
            `${c.context.baseURL}/error?error=please_restart_the_process`,
        );
    }
if (!data) {
        c.context.logger.error("State Mismatch. Verification not found", {
            state,
        });
        throw c.redirect(
            `${c.context.baseURL}/error?error=please_restart_the_process`,
        );
    }
you mean google sign-in?
KiNFiSH
KiNFiSH3w ago
This happened when we could not able to get your state with in the verification table Yes
yasserconnect
yasserconnectOP3w ago
<Button
                type="button"
                variant="outline"
                isLoading={gloading}
                icon={<Icons.google className="ml-1" />}
                onClick={async (e) => {
                  e.preventDefault();
                  setgLoading(true);
                  await signIn.social({
                    provider: 'google',
                    callbackURL: homeUrl,
                  });
                  setgLoading(false);
                }}>
               sign in with google
              </Button>
<Button
                type="button"
                variant="outline"
                isLoading={gloading}
                icon={<Icons.google className="ml-1" />}
                onClick={async (e) => {
                  e.preventDefault();
                  setgLoading(true);
                  await signIn.social({
                    provider: 'google',
                    callbackURL: homeUrl,
                  });
                  setgLoading(false);
                }}>
               sign in with google
              </Button>
and the auth config: 
socialProviders: {
    google: {
      clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID as string,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
      redirectURI: `${appUrl}/api/auth/callback/google`,
    },
  },
socialProviders: {
    google: {
      clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID as string,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
      redirectURI: `${appUrl}/api/auth/callback/google`,
    },
  },
KiNFiSH
KiNFiSH3w ago
May be can you pass the callback url as relative path like /dashboard Plus you using nextjs right ?
yasserconnect
yasserconnectOP3w ago
Yes I’m using NextJs Ok i will try relative path 
               await signIn.social({
                    provider: 'google',
                    callbackURL: '/home',
                  });
               await signIn.social({
                    provider: 'google',
                    callbackURL: '/home',
                  });
still the problem exist
KiNFiSH
KiNFiSH3w ago
can you show me authClient config
yasserconnect
yasserconnectOP3w ago
import {
  adminClient,
  organizationClient,
  passkeyClient,
  twoFactorClient,
  usernameClient,
} from 'better-auth/client/plugins';
import { createAuthClient } from 'better-auth/react';
import { toast } from 'sonner';
import { appUrl } from '../appConfig';

export const authClient = createAuthClient({
  baseURL: appUrl,
  plugins: [
    organizationClient(),
    twoFactorClient({
      onTwoFactorRedirect() {
        window.location.href = '/two-factor';
      },
    }),
    passkeyClient(),
    adminClient(),
    usernameClient(),
  ],
  fetchOptions: {
    onError(e) {
      if (e.error.status === 429) {
        toast.error('wait a moment before trying again');
      }
    },
  },
});

export const {
  signUp,
  signIn,
  signOut,
  useSession,
  organization,
  useListOrganizations,
  useActiveOrganization,
} = authClient;
import {
  adminClient,
  organizationClient,
  passkeyClient,
  twoFactorClient,
  usernameClient,
} from 'better-auth/client/plugins';
import { createAuthClient } from 'better-auth/react';
import { toast } from 'sonner';
import { appUrl } from '../appConfig';

export const authClient = createAuthClient({
  baseURL: appUrl,
  plugins: [
    organizationClient(),
    twoFactorClient({
      onTwoFactorRedirect() {
        window.location.href = '/two-factor';
      },
    }),
    passkeyClient(),
    adminClient(),
    usernameClient(),
  ],
  fetchOptions: {
    onError(e) {
      if (e.error.status === 429) {
        toast.error('wait a moment before trying again');
      }
    },
  },
});

export const {
  signUp,
  signIn,
  signOut,
  useSession,
  organization,
  useListOrganizations,
  useActiveOrganization,
} = authClient;
ayersss
ayersss5d ago
hi, did u manage to solve this?
Rittam
Rittam5d ago
having the similar issue, everything works fine in local, however, dev not so much.
daveycodez
daveycodez2d ago
I'm having this exact issue on Chrome only On production. Safari login with Google works, Chrome login with Google constantly gives me "restart_the_process"
daveycodez
daveycodez2d ago
It is calling callback twice in a row
No description
daveycodez
daveycodez2d ago
The sign in works when I return to the website, I have the cookie. But it shows a big error message on every Google sign in The bug is the double request. It verifies successfully then errors out @yasserconnect Do you have a service worker?

Did you find this page helpful?