Confused about Better Auth + Backend Middleware + Auth
Hey, folks
Im using Better Auth for authentication on my server (using Effect-TS). There is a middleware (not in
Im using Better Auth for authentication on my server (using Effect-TS). There is a middleware (not in
better-auth config), that needs to check 2 scenarios basically:- IF there is a session cookie, which needs to be validated (not idea how), THEN user is authenticated.
- IF there isn't a session cookie, then we check
Authorization: Bearer ${token}header and validate the JWT with JOSE lib.
- Do I need both
bearer()andjwt()plugins enabled inbetter-authconfig? - After user logged in / signed up on the server, will
better-authset a session cookie in headers automatically or do i have to extract it from somewhere and then set it myself? Where do i get this token from? Do I set the session token I received after logging in to the cookie? - What is generally considered a good practice for a middleware that checks the
JTW with Bearer(for mobile and curl requests) and cookie token for web requests?
