Better Auth•3mo ago

Different server for auth and frontend

When sending a password reset email using the sendResetPassword function, how can I properly construct the reset link to redirect the user to my frontend application for password reset, while ensuring that the underlying authentication process (e.g., token validation) is handled securely by my backend, given that my frontend and backend (auth) applications are on different URLs? Why might this specific function behave differently from my other email-sending functions concerning callback URLs?

2 Replies

sebastian•3mo ago

You have to pass the token param into the url Then in your front end you can just call the reset confirm function and it will automatically check for the token param to see if it's valid

sendResetPassword: async ({ user, token }) => {
            const callbackURL = `${BETTER_AUTH_URL}/api/auth/reset-password/${token}?callbackURL=${SITE_URL}/auth/forget/password`
            await sendEmailService({
                to: user.email,
                subject: "Reset your password",
                text: callbackURL,
                emailType: "forget"
            })
        }

sendResetPassword: async ({ user, token }) => {
            const callbackURL = `${BETTER_AUTH_URL}/api/auth/reset-password/${token}?callbackURL=${SITE_URL}/auth/forget/password`
            await sendEmailService({
                to: user.email,
                subject: "Reset your password",
                text: callbackURL,
                emailType: "forget"
            })
        }

Better auth url is the api url and site url is the frontend url

kWAYOP•3mo ago

Will test this out asap and let you know, thanks @sebastian worked!

Gaming

Programming

Different server for auth and frontend

Did you find this page helpful?