Unable to check permisions

When I do this

export async function updateUser(id: string, payload: Partial<User>) {
  const canCreateProject = await authClient.admin.hasPermission(
    {
      permissions: {
        product: ["create"],
      },
    },
    {
      headers: await headers(),
    },
  );

  console.log("canCreateProject", canCreateProject);
}

export async function updateUser(id: string, payload: Partial<User>) {
  const canCreateProject = await authClient.admin.hasPermission(
    {
      permissions: {
        product: ["create"],
      },
    },
    {
      headers: await headers(),
    },
  );

  console.log("canCreateProject", canCreateProject);
}

with an admin person its keeping console me this :

canCreateProject { data: null, error: { status: 0, statusText: '' } }

canCreateProject { data: null, error: { status: 0, statusText: '' } }

there is my permissions.ts

import { createAccessControl } from "better-auth/plugins/access";
import { adminAc, defaultStatements } from "better-auth/plugins/admin/access";

// Define your statements with all permissions
export const statements = {
  ...defaultStatements,
  product: ["create", "update", "delete", "list"],
  users: ["create", "update", "delete"],
} as const;

// Create access control with these statements
export const ac = createAccessControl(statements);

// Admin has all permissions
export const admin = ac.newRole({
  ...adminAc.statements,
  product: ["create", "update", "delete"],
  users: ["create", "update", "delete"],
});

import { createAccessControl } from "better-auth/plugins/access";
import { adminAc, defaultStatements } from "better-auth/plugins/admin/access";

// Define your statements with all permissions
export const statements = {
  ...defaultStatements,
  product: ["create", "update", "delete", "list"],
  users: ["create", "update", "delete"],
} as const;

// Create access control with these statements
export const ac = createAccessControl(statements);

// Admin has all permissions
export const admin = ac.newRole({
  ...adminAc.statements,
  product: ["create", "update", "delete"],
  users: ["create", "update", "delete"],
});

auth.ts

export const auth = betterAuth({
  database: drizzleAdapter(db, {
    provider: "pg",
  }),

  emailAndPassword: {
    enabled: true,
    sendResetPassword: async ({ user, url }) => {
     
    },
  },
  user: {
    changeEmail: {
      enabled: true,
      sendChangeEmailVerification: async ({ newEmail, url }) => {
        // Il faudrait ajouter ceci:
       
      },
    },
    additionalFields: {
      truc_de_con: {
        type: "string",
        nullable: true,
      },
    },
  },
  plugins: [
    nextCookies(),
    adminPlugin({
      ac,
      roles: {
        admin: adminRole,
      },
    }),
  ],
});

export type Session = typeof auth.$Infer.Session;
export type User = (typeof auth.$Infer.Session)["user"];

export const auth = betterAuth({
  database: drizzleAdapter(db, {
    provider: "pg",
  }),

  emailAndPassword: {
    enabled: true,
    sendResetPassword: async ({ user, url }) => {
     
    },
  },
  user: {
    changeEmail: {
      enabled: true,
      sendChangeEmailVerification: async ({ newEmail, url }) => {
        // Il faudrait ajouter ceci:
       
      },
    },
    additionalFields: {
      truc_de_con: {
        type: "string",
        nullable: true,
      },
    },
  },
  plugins: [
    nextCookies(),
    adminPlugin({
      ac,
      roles: {
        admin: adminRole,
      },
    }),
  ],
});

export type Session = typeof auth.$Infer.Session;
export type User = (typeof auth.$Infer.Session)["user"];

6 Replies

JïnsOP•5mo ago

there is my auth-client.ts

import { createAuthClient } from "better-auth/react";
import { adminClient } from "better-auth/client/plugins";
import { ac, admin as adminRole } from "@/lib/permissions";
import { nextCookies } from "better-auth/next-js";
export const authClient = createAuthClient({
  baseURL: "http://localhost:3000",
  plugins: [
    adminClient({
      ac,
      roles: {
        admin: adminRole,
      },
    }),
    nextCookies(),
  ],
});

import { createAuthClient } from "better-auth/react";
import { adminClient } from "better-auth/client/plugins";
import { ac, admin as adminRole } from "@/lib/permissions";
import { nextCookies } from "better-auth/next-js";
export const authClient = createAuthClient({
  baseURL: "http://localhost:3000",
  plugins: [
    adminClient({
      ac,
      roles: {
        admin: adminRole,
      },
    }),
    nextCookies(),
  ],
});

Someone has an idea ? ?

Soheel•5mo ago

@Jïns You cannot use the authClient on the Server, the AuthClient basically calls your backend fromt he client side. If you are on the Server you need to get the Session and use the api.userHasPermission function:

import { auth } from '@/auth';
import { headers } from 'next/headers';

const session = await auth.api.getSession({headers: await headers(),});

const { success: isAuthorized } = await auth.api.userHasPermission({
   body: {
     userId: session.user.id,
       permission: {
       product: ['create'],
     },
   },
});

import { auth } from '@/auth';
import { headers } from 'next/headers';

const session = await auth.api.getSession({headers: await headers(),});

const { success: isAuthorized } = await auth.api.userHasPermission({
   body: {
     userId: session.user.id,
       permission: {
       product: ['create'],
     },
   },
});

Soheel•5mo ago

https://www.better-auth.com/docs/concepts/api

API | Better Auth

Better Auth API.

Soheel•5mo ago

https://www.better-auth.com/docs/concepts/client

Client | Better Auth

Better Auth client library for authentication.

Soheel•5mo ago

Worth going through the Concepts pages

JïnsOP•5mo ago

thanks a lot for that @Soheel

Gaming

Programming

Unable to check permisions

Did you find this page helpful?