BA
Better Auth2w ago
momoneko

What's the difference between the session and the token?

Heyo, I've been trying to get better auth to work in a Nest environment. I noticed that a call to signInEmail returnes a token, but I can't use the token to authenticate subesequent; If I register better auth as a direct handler into express, the cookie has an additional suffix. The only way I found to get the actual cookie is to add asResponse and get the cookie from the returned headers. 
        const result = await this.auth.api.signInEmail({
          ...signInRequest,
        });
        const rslt = await this.auth.api.signInEmail({
          ...signInRequest,
          asResponse: true,
        });
        Logger.log(result, 'Sign in successful');
        Logger.log(rslt, 'Sign in successful');

--------- Log output ---------
[Nest] 71710  - 05/05/2025, 3:09:59 PM     LOG [Sign in successful] Object(4) {
  redirect: false,
  token: 'GYTdAiXcovZHov8n5WrAJSzUKJnN70Qg',
  url: undefined,
  user: {
    id: 'lu2UF4tHqspBXEt88eWJcI81jJeI50iG',
    name: '',
    image: '',
    emailVerified: false,
    createdAt: 2025-05-05T08:50:28.790Z,
    updatedAt: 2025-05-05T08:50:28.790Z
  }
}
[Nest] 71710  - 05/05/2025, 3:09:59 PM     LOG [Sign in successful] Response {
  status: 200,
  statusText: '',
  headers: Headers {
    'set-cookie': 'better-auth.session_token=9V35bVng9vcUOVVPrLRVdLNI1Kklkgxw.LgWuyLrRiDaoJ1oCneeKoXLj5fBHcygnL2HTlikKnQA%3D; Max-Age=604800; Path=/; HttpOnly; SameSite=Lax',
    'Content-Type': 'application/json'
  },
  body: ReadableStream {
    locked: false,
    state: 'readable',
    supportsBYOB: true
  },
  bodyUsed: false,
  ok: true,
  redirected: false,
  type: 'default',
  url: ''
}
        const result = await this.auth.api.signInEmail({
          ...signInRequest,
        });
        const rslt = await this.auth.api.signInEmail({
          ...signInRequest,
          asResponse: true,
        });
        Logger.log(result, 'Sign in successful');
        Logger.log(rslt, 'Sign in successful');

--------- Log output ---------
[Nest] 71710  - 05/05/2025, 3:09:59 PM     LOG [Sign in successful] Object(4) {
  redirect: false,
  token: 'GYTdAiXcovZHov8n5WrAJSzUKJnN70Qg',
  url: undefined,
  user: {
    id: 'lu2UF4tHqspBXEt88eWJcI81jJeI50iG',
    name: '',
    image: '',
    emailVerified: false,
    createdAt: 2025-05-05T08:50:28.790Z,
    updatedAt: 2025-05-05T08:50:28.790Z
  }
}
[Nest] 71710  - 05/05/2025, 3:09:59 PM     LOG [Sign in successful] Response {
  status: 200,
  statusText: '',
  headers: Headers {
    'set-cookie': 'better-auth.session_token=9V35bVng9vcUOVVPrLRVdLNI1Kklkgxw.LgWuyLrRiDaoJ1oCneeKoXLj5fBHcygnL2HTlikKnQA%3D; Max-Age=604800; Path=/; HttpOnly; SameSite=Lax',
    'Content-Type': 'application/json'
  },
  body: ReadableStream {
    locked: false,
    state: 'readable',
    supportsBYOB: true
  },
  bodyUsed: false,
  ok: true,
  redirected: false,
  type: 'default',
  url: ''
}
Is there a better way of getting the rest of the token? Also wondering about the difference, why give different responses.
1 Reply
Josh
Josh2w ago
I'm trying to figure out the same thing myself. I'm just now adopting better auth into my stack and im wondering how i should use it with my already existing nestjs setup. Do I just use the useSession hook and get the id, then call my backend anyway? not really sure to be honest and the whole as Response thing confuses me too

Did you find this page helpful?