Andy
Andy
PostsComments
BABetter Auth
Created by Andy on 4/27/2025 in #help
Setting cookies with custom plugin auth
Hi, I'm having a few issues with setting this up the way that I want it to but I may be approaching it from the wrong way. I am using another application that I want users to be able to single click sign on into but it is not an Idp or oauth provider. Instead it providers a token in the URL that I can decrypt. The current imagined workflow is as follows: 1. User clicks button 2. Gets sent to /api/auth/test/sso 3. Create a new plugin that creates a new auth endpoint to decrypt it, create a new user if doesnt exists. 4. Redirect the user to the authenticated /dashboard page. I have created a very simple poc which assumes that all the verification is complete. 
import { BetterAuthPlugin, createAuthEndpoint } from "better-auth/plugins";

export const tutorcruncherPlugin = () => {
  return {
    id: "test",
    endpoints: {
      sso: createAuthEndpoint(
        "/test/sso",
        {
          method: "GET",
        },
        async (ctx) => {
          // Verify stuff - assume that it passes
          
          // this is a sample user that I added for testing.
          const user = await ctx.context.internalAdapter.findUserById(
            "Bvptc4rkZplmGgzFmx4DylRqVgJbjjIv",
          );

          const session = await ctx.context.internalAdapter.createSession(
            "Bvptc4rkZplmGgzFmx4DylRqVgJbjjIv",
            ctx.request,
          );

          ctx.context.setNewSession({
            session: session,
            user: user!,
          });

          return ctx.redirect("/dashboard");
        },
      ),
    },
  } satisfies BetterAuthPlugin;
};
import { BetterAuthPlugin, createAuthEndpoint } from "better-auth/plugins";

export const tutorcruncherPlugin = () => {
  return {
    id: "test",
    endpoints: {
      sso: createAuthEndpoint(
        "/test/sso",
        {
          method: "GET",
        },
        async (ctx) => {
          // Verify stuff - assume that it passes
          
          // this is a sample user that I added for testing.
          const user = await ctx.context.internalAdapter.findUserById(
            "Bvptc4rkZplmGgzFmx4DylRqVgJbjjIv",
          );

          const session = await ctx.context.internalAdapter.createSession(
            "Bvptc4rkZplmGgzFmx4DylRqVgJbjjIv",
            ctx.request,
          );

          ctx.context.setNewSession({
            session: session,
            user: user!,
          });

          return ctx.redirect("/dashboard");
        },
      ),
    },
  } satisfies BetterAuthPlugin;
};
The above code does not add the cookies into the browser and does not set them either. I have added the nextCookies plugin as well as the methods ctx.setCookie from https://www.better-auth.com/docs/concepts/hooks#cookies. Any help would be greatly appreciated - losing my mind over this.
12 replies
BABetter Auth
Created by Andy on 1/23/2025 in #help
LDAP Integration
Just throwing it out here - has anyone managed to put LDAP authentication? I imagine doing it would be straightforward, similar to this example https://next-auth.js.org/tutorials/ldap-auth-example, but the only issue is the password being saved inside the database as well. Ideally I want to completely remove the password field and only check if a user exists in LDAP with certain groups before providing a session / jwt token back.
1 replies
BABetter Auth
Created by Andy on 1/12/2025 in #help
Magic Link with TOTP
Hi, for my app, I want to do the following workflow / what it's currently doing. This application will be deployed several times so here's what I've done. 1. The database is intially seeded with an Admin user and I have also disabled email / password authentication. 2. The first user is able to login with a magic link sent to their email (this works). 3. I want to enable TOTP as 2fa after logging in but I require the user's password to make the call (which doesn't exist) to enable it. 
const { data } = await authClient.twoFactor.enable({
    password: "password" // user password required
})
const { data } = await authClient.twoFactor.enable({
    password: "password" // user password required
})
Is there any way to get this working? I had an idea to reset the users password when they make the request to enable 2fa so that the call works but don't think that would be the best way to about it.
2 replies