6 replies

Do I need crossSubDomainCookies?

Hello, everyone, so I'm building my application as following:
- frontend: app.mydomain.com
- backend: api.mydomain.com
should I use crossSubDomainCookies? or should I just keep it as is? And also, How can I set this up in development?
Here is my current setup:

import { betterAuth } from "better-auth";
import { prismaAdapter } from "better-auth/adapters/prisma";
import prisma from "../../prisma";

export const auth = betterAuth({
  database: prismaAdapter(prisma, {
    provider: "postgresql",
  }),
  trustedOrigins: [process.env.CORS_ORIGIN || ""],
  socialProviders: {
    google: {
      clientId: process.env.GOOGLE_CLIENT_ID as string,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
    },
  },
  advanced: {
    useSecureCookies: true,
    crossSubDomainCookies: {
      enabled: true,
      domain: "http://localhost:3000", // change them to env variables
    },
    trustedOrigins: ["http://localhost:3000", "http://localhost:3001"], // change them to env variables
  },
});

import { betterAuth } from "better-auth";
import { prismaAdapter } from "better-auth/adapters/prisma";
import prisma from "../../prisma";

export const auth = betterAuth({
  database: prismaAdapter(prisma, {
    provider: "postgresql",
  }),
  trustedOrigins: [process.env.CORS_ORIGIN || ""],
  socialProviders: {
    google: {
      clientId: process.env.GOOGLE_CLIENT_ID as string,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
    },
  },
  advanced: {
    useSecureCookies: true,
    crossSubDomainCookies: {
      enabled: true,
      domain: "http://localhost:3000", // change them to env variables
    },
    trustedOrigins: ["http://localhost:3000", "http://localhost:3001"], // change them to env variables
  },
});

Better Auth•6mo ago•

6 replies

Maqed

Do I need crossSubDomainCookies?

import { betterAuth } from "better-auth";
import { prismaAdapter } from "better-auth/adapters/prisma";
import prisma from "../../prisma";

export const auth = betterAuth({
  database: prismaAdapter(prisma, {
    provider: "postgresql",
  }),
  trustedOrigins: [process.env.CORS_ORIGIN || ""],
  socialProviders: {
    google: {
      clientId: process.env.GOOGLE_CLIENT_ID as string,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
    },
  },
  advanced: {
    useSecureCookies: true,
    crossSubDomainCookies: {
      enabled: true,
      domain: "http://localhost:3000", // change them to env variables
    },
    trustedOrigins: ["http://localhost:3000", "http://localhost:3001"], // change them to env variables
  },
});

import { betterAuth } from "better-auth";
import { prismaAdapter } from "better-auth/adapters/prisma";
import prisma from "../../prisma";

export const auth = betterAuth({
  database: prismaAdapter(prisma, {
    provider: "postgresql",
  }),
  trustedOrigins: [process.env.CORS_ORIGIN || ""],
  socialProviders: {
    google: {
      clientId: process.env.GOOGLE_CLIENT_ID as string,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
    },
  },
  advanced: {
    useSecureCookies: true,
    crossSubDomainCookies: {
      enabled: true,
      domain: "http://localhost:3000", // change them to env variables
    },
    trustedOrigins: ["http://localhost:3000", "http://localhost:3001"], // change them to env variables
  },
});

Do I need crossSubDomainCookies?

Similar Threads

Do I need crossSubDomainCookies?

Similar Threads

Similar Threads

Similar Threads