BA
Better Auth2mo ago
astro

cross domain cookie transport issue

i have my auth server (hono) with better-auth hosted on cloudflare, i want to be able to use that hosted server in my development too instead of running the auth server locally everytime i want to run my frontend, i set the cookies to same site none and secure but what happens after successful auth is that the cookie is set in my browser but when i navigate to a different page or refresh my page the cookies disapper, here's the config im using: 
export const createClient = (appName: string, baseUrl: string) =>
  betterAuth({
    emailAndPassword: {
      enabled: false,
    },
    plugins: [
      emailOTP({
        disableSignUp: false,
        sendVerificationOTP: async ({ email, otp }) => {
          console.log({ email, otp });
        },
      }),
    ],
    socialProviders: {
      notion: {
        clientId: env.NOTION_OAUTH_CLIENT_ID,
        clientSecret: env.NOTION_OAUTH_CLIENT_SECRET,
      },
      google: {
        clientId: env.GOOGLE_OAUTH_CLIENT_ID,
        clientSecret: env.GOOGLE_OAUTH_CLIENT_SECRET,
        accessType: "offline",
        prompt: "select_account+consent",
        scope: ["https://www.googleapis.com/auth/drive.readonly"],
      },
    },
    database: drizzleAdapter(db, { provider: "pg", schema }),
    baseUrl,
    appName,
    trustedOrigins: env.TRUSTED_AUTH_ORIGINS.split(","), // also changed this to ["*"], but still doesn't work
    advanced: {
      defaultCookieAttributes: {
        sameSite: "None",
        secure: true,
        partitioned: true,
      },
      database: {
        generateId: () => nanoid(),
      },
    },
  });
export const createClient = (appName: string, baseUrl: string) =>
  betterAuth({
    emailAndPassword: {
      enabled: false,
    },
    plugins: [
      emailOTP({
        disableSignUp: false,
        sendVerificationOTP: async ({ email, otp }) => {
          console.log({ email, otp });
        },
      }),
    ],
    socialProviders: {
      notion: {
        clientId: env.NOTION_OAUTH_CLIENT_ID,
        clientSecret: env.NOTION_OAUTH_CLIENT_SECRET,
      },
      google: {
        clientId: env.GOOGLE_OAUTH_CLIENT_ID,
        clientSecret: env.GOOGLE_OAUTH_CLIENT_SECRET,
        accessType: "offline",
        prompt: "select_account+consent",
        scope: ["https://www.googleapis.com/auth/drive.readonly"],
      },
    },
    database: drizzleAdapter(db, { provider: "pg", schema }),
    baseUrl,
    appName,
    trustedOrigins: env.TRUSTED_AUTH_ORIGINS.split(","), // also changed this to ["*"], but still doesn't work
    advanced: {
      defaultCookieAttributes: {
        sameSite: "None",
        secure: true,
        partitioned: true,
      },
      database: {
        generateId: () => nanoid(),
      },
    },
  });
note that the cookie here is being set for my api's domain not my localhost
0 Replies
No replies yetBe the first to reply to this messageJoin

Did you find this page helpful?