Race Condition with Email OTP
I've been stuck on this issue for a few weeks and I'm really not sure how to proceed, so I thought I'd reach out.
Some users on my platform are commenting that they get
At first I thought maybe the user was just inputting the wrong password, but as this issue keeps coming up, I'm realizing there must be some race condition.Here's some context on my tech stack. I have a Next.js frontend, NestJS backend, and TypeORM.
Attached is my TypeORM adapter and my BetterAuth service. I've included everything that might be even remotely suspicious. I'm sorry there's a lot of context included, but I'm just unsure where to even start.
The only thing I remember from a long time ago was I was getting invalid OTP because my entities were Date instead of timestamps, so BetterAuth was essentially picking a random OTP (no way to order same day) if they clicked resend.
However, I saw this issue once sitting next to someone who signed up for the first time, never resent their OTP and got this
I've personally tried creating 13 accounts this morning on my production site and it worked perfectly -
I'm wondering if there's some race condition when multiple people are signing up at the same time, or I don't even know what.Thanks for taking a look at this. Much appreciated.
Some users on my platform are commenting that they get
invalid otpAt first I thought maybe the user was just inputting the wrong password, but as this issue keeps coming up, I'm realizing there must be some race condition.Here's some context on my tech stack. I have a Next.js frontend, NestJS backend, and TypeORM.
Attached is my TypeORM adapter and my BetterAuth service. I've included everything that might be even remotely suspicious. I'm sorry there's a lot of context included, but I'm just unsure where to even start.
The only thing I remember from a long time ago was I was getting invalid OTP because my entities were Date instead of timestamps, so BetterAuth was essentially picking a random OTP (no way to order same day) if they clicked resend.
However, I saw this issue once sitting next to someone who signed up for the first time, never resent their OTP and got this
invalid otpI've personally tried creating 13 accounts this morning on my production site and it worked perfectly -
email verified successfullyI'm wondering if there's some race condition when multiple people are signing up at the same time, or I don't even know what.Thanks for taking a look at this. Much appreciated.
better-auth.service_small.ts14.46KB
Was this page helpful?
