Snazzie
Snazzie
PostsComments
BABetter Auth
Created by Luis on 5/6/2025 in #help
Existing Userbase from Clerk -> Better Auth
makes sense!
15 replies
BABetter Auth
Created by Luis on 5/6/2025 in #help
Existing Userbase from Clerk -> Better Auth
@Luis curious to reason behind leaving clerk. cost, feature? im actually contemplating using clerk for live and betterauth for self host 😆
15 replies
BABetter Auth
Created by Snazzie on 5/4/2025 in #help
how to auth.api.createOIDCProvider without user session
guess u want us to do this 
  await db
    .insert(ssoProvider)
    .values({
      id: 'github',
      issuer: 'https://github.com',
      providerId: 'github',
      domain: 'https://github.com',
      oidcConfig: JSON.stringify({
        issuer: 'https://github.com',
        authorizationEndpoint: 'https://github.com/login/oauth/authorize',
        tokenEndpoint: 'https://github.com/login/oauth/access_token',
        userInfoEndpoint: 'https://api.github.com/user',
        scopes: [
          'user:email',
          'read:user',
          'read:org',
          'openid',
          'offline_access',
        ],
        clientId: '',
        clientSecret: '',
      }),
    })
    .onConflictDoNothing({ target: ssoProvider.id });
  await db
    .insert(ssoProvider)
    .values({
      id: 'github',
      issuer: 'https://github.com',
      providerId: 'github',
      domain: 'https://github.com',
      oidcConfig: JSON.stringify({
        issuer: 'https://github.com',
        authorizationEndpoint: 'https://github.com/login/oauth/authorize',
        tokenEndpoint: 'https://github.com/login/oauth/access_token',
        userInfoEndpoint: 'https://api.github.com/user',
        scopes: [
          'user:email',
          'read:user',
          'read:org',
          'openid',
          'offline_access',
        ],
        clientId: '',
        clientSecret: '',
      }),
    })
    .onConflictDoNothing({ target: ssoProvider.id });
3 replies
BABetter Auth
Created by iedan on 4/28/2025 in #help
Is it possible to get the user id from the cookie without having to verify to user and hit the DB?
true, but u can remedy with revoked key lookup cache layer
6 replies
BABetter Auth
Created by Cross on 4/26/2025 in #help
Privilege elevation?
im not well versed with node based api. maybe you could swap out the middleware for a custom one that fetches from temp roles when fetching main role
9 replies
BABetter Auth
Created by Cross on 4/26/2025 in #help
Privilege elevation?
you could cache it also
9 replies
BABetter Auth
Created by Cross on 4/26/2025 in #help
Privilege elevation?
could you not have a dedicated table for granting priviledge until x datetime, it will require extra hit into the db.
9 replies
BABetter Auth
Created by iedan on 4/28/2025 in #help
Is it possible to get the user id from the cookie without having to verify to user and hit the DB?
and since you can verifiy it is signed, you can basicly trust it
6 replies
BABetter Auth
Created by iedan on 4/28/2025 in #help
Is it possible to get the user id from the cookie without having to verify to user and hit the DB?
i think the most straight forward way is using bearer token with your api. have claims on the token
6 replies