Sina
Sina
PostsComments
BABetter Auth
Created by Sina on 4/23/2025 in #help
Social login for native apps
For anyone in the future I ended up adding an endpoint where the cookie could be set and passing the cookie via headers. So essentially the flow is like Sign in as normal Point callback to the native app ie deeplink When hitting the native callback use the above code to add set cookie header to the search params Read the search params on the client Here there are two options Set cookie via document.cookie (would not work for capacitor as its not a secure context and we want to have secure cookies) Or Post the cookie via headers to your backend and let the backend set the cookie on the response A bit hacky but it works -- would probably not improve it until better auth adds more native support right now its a bit lacking tbh
14 replies
BABetter Auth
Created by Sina on 4/23/2025 in #help
Social login for native apps
but what do you do with the cookie I guess you have to set it in search then set it via the client, or make a xhr call from the client with some id that sets the cookie
14 replies
BABetter Auth
Created by Sina on 4/23/2025 in #help
Social login for native apps
do you have any code to share? Its easier to follow along then, but from what I'm reading I imagine its something along these lines 
after: createAuthMiddleware(async (ctx) => {
  if (ctx.path.startsWith("/callback")) {
    const { responseHeaders } = ctx.context;
    const location = responseHeaders?.get("location");
    const cookie = responseHeaders?.get("set-cookie");
    if (!cookie || !location) return;

    if (location?.startsWith("myapp://")) {
      const locationUrl = new URL(location);
      locationUrl.searchParams.set("cookie", cookie);
    }
  }
})
after: createAuthMiddleware(async (ctx) => {
  if (ctx.path.startsWith("/callback")) {
    const { responseHeaders } = ctx.context;
    const location = responseHeaders?.get("location");
    const cookie = responseHeaders?.get("set-cookie");
    if (!cookie || !location) return;

    if (location?.startsWith("myapp://")) {
      const locationUrl = new URL(location);
      locationUrl.searchParams.set("cookie", cookie);
    }
  }
})
14 replies
BABetter Auth
Created by Sina on 4/23/2025 in #help
Social login for native apps
but from what I briefley read about tauri it looks similar to capacitor how did you solve social? given the redirect url from better auth what do you do after?
14 replies
BABetter Auth
Created by Sina on 4/23/2025 in #help
Social login for native apps
auth webview I mean another browser spawned by the capacitor app by running await Browser.open({ redirectUrl }); framework if you mean our backend its elysia? Our frontend is react and capacitor
14 replies
BABetter Auth
Created by Sina on 4/23/2025 in #help
Social login for native apps
One idea is to do the oidc flow for the provider in the frontend and then use the id token to do the signin against better auth would result in a lot of code, but since I dont have a browser where I can intercept the callback as in the above code I think my options are limited -- not sure if there is a easy way to pass assets such as a cookie in search params or whatever on callbackURL pointing to the app
14 replies
BABetter Auth
Created by Sina on 4/23/2025 in #help
Social login for native apps
The problem is that the cookie is set in the webview (used for auth). So subsequent calls to get session does not have cookies set since they where set in the auth webview, confusingly capacitor is essentially a webview running a react app not to be confused with the auth webview. Read a bit in the source for the expo plugin and found this block where they intercept the webview once it gets to the callback, and its quite neat but unfortunately the webview capcitor has does not support this feature 
const callbackURL = JSON.parse(context.request.body)?.callbackURL;
const to = callbackURL;
const signInURL = context.data?.url;
const result = await Browser.openAuthSessionAsync(signInURL, to);
if (result.type !== "success") return;
const url = new URL(result.url);
const cookie = String(url.searchParams.get("cookie"));
if (!cookie) return;
storage.setItem(cookieName, getSetCookie(cookie));
const callbackURL = JSON.parse(context.request.body)?.callbackURL;
const to = callbackURL;
const signInURL = context.data?.url;
const result = await Browser.openAuthSessionAsync(signInURL, to);
if (result.type !== "success") return;
const url = new URL(result.url);
const cookie = String(url.searchParams.get("cookie"));
if (!cookie) return;
storage.setItem(cookieName, getSetCookie(cookie));
14 replies