Expo web doesn't retrieve the token
Hello 
I'm trying to use better-auth with expo on the web part.
It is working great on the native part, but when trying to sign-in on the web part, it seems that the token is not retrieved.
First, I had to make a custom storage and not using SecureStore directly, because it is not available on the web (I have used localStorage at the moment for simplicity, but could use mmkv or something else)
Then I use those functions directly in my authClient
After sign-in and doing a first call, I tried to retrieve the cookie with
but the storage is empty.
I see that the seems not to be called on the web, and so is called but return a null value.
Do I need to store the token from sign-in method myself on the web, and retrieve it myself ?
Thank you for the help !
I'm trying to use better-auth with expo on the web part.
It is working great on the native part, but when trying to sign-in on the web part, it seems that the token is not retrieved.
First, I had to make a custom storage and not using SecureStore directly, because it is not available on the web (I have used localStorage at the moment for simplicity, but could use mmkv or something else)
Then I use those functions directly in my authClient
After sign-in and doing a first call, I tried to retrieve the cookie with
but the storage is empty.
I see that the seems not to be called on the web, and so is called but return a null value.
Do I need to store the token from sign-in method myself on the web, and retrieve it myself ?
Thank you for the help !
Solution
I have finally succeed to make it works.
To complete what I have found, I think on the web the set-cookie from the response header should be enough to store the cookie, this is why the "setItem" is skipped on the web.
But this should be documented IMO.
So to make it work :
- Verify that the sign-in response has correct "set-cookie" header, and that cookies are correctly stored (can not be the case for wrong domain, etc...)
- Cookies are httponly, so you can't access it from javascript
- On fetch, don't retrieve the cookie from authClient, but just set "credentials=include", that will retrieve all cookies and send it to your api
To complete what I have found, I think on the web the set-cookie from the response header should be enough to store the cookie, this is why the "setItem" is skipped on the web.
But this should be documented IMO.
So to make it work :
- Verify that the sign-in response has correct "set-cookie" header, and that cookies are correctly stored (can not be the case for wrong domain, etc...)
- Cookies are httponly, so you can't access it from javascript
- On fetch, don't retrieve the cookie from authClient, but just set "credentials=include", that will retrieve all cookies and send it to your api
Was this page helpful?
