Kabeer
Kabeer
PostsComments
BABetter Auth
Created by Kabeer on 4/16/2025 in #bug-reports
Session Not Updating & Expired session continues to be active
Issue 1 : Session Cookie, nor session expiration is being updated issue 2: Even After session is expired. Im getting valid session response (sending cookie manually) better-auth version 1.2.7 better-auth Config 
 session: {
    expiresIn: 60,
    updateAge: 0,
    freshAge: 0,
  },
 session: {
    expiresIn: 60,
    updateAge: 0,
    freshAge: 0,
  },
Expected behavior -- So technically session should be valid for 1 Min and on every /get-session within that 1 min , the session expiry should be updated and a cookie be returned Whats happening --- The same response as the first /get-session continues for 1 min and after also. No set-cookie is headers nor session expiry is updated in response Full Config 
export const auth = betterAuth({
  baseURL: env.BETTER_AUTH_URL,
  emailVerification: {
    sendOnSignUp: true,
    autoSignInAfterVerification: true,
    sendVerificationEmail: async ({ user, url }) => {
      await sendEmailVerification(user.email, url);
    },
  },

  emailAndPassword: {
    enabled: true,
    minPasswordLength: 8,
    maxPasswordLength: 40,
    autoSignIn: true,

    sendResetPassword: async ({ user, url }) => {
      await sendResetPassword(user.email, url);
    },
    password: {
      hash: async (password) => await Bun.password.hash(password),
      verify: async ({ hash, password }) =>
        await Bun.password.verify(password, hash),
    },
  },

  trustedOrigins: ["http://localhost:3000"],
  plugins: [
    captcha({
      provider: "cloudflare-turnstile",
      secretKey: env.TURNSTILE_SECRET_KEY,
    }),
    emailOTP({
      async sendVerificationOTP({ email, otp, type }) {
        if (type === "forget-password") await sendResetPasswordOTP(email, otp);
      },
    }),
    username({
      maxUsernameLength: 25,
      minUsernameLength: 3,
    }),
    admin(),
    openAPI(),
  ],
  database: drizzleAdapter(db, {
    provider: "pg",
    usePlural: true,
  }),
  session: {
    expiresIn: 60,
    updateAge: 0,
    freshAge: 0,
  },
  advanced: {
    cookiePrefix: "rcp",
  },
});
export const auth = betterAuth({
  baseURL: env.BETTER_AUTH_URL,
  emailVerification: {
    sendOnSignUp: true,
    autoSignInAfterVerification: true,
    sendVerificationEmail: async ({ user, url }) => {
      await sendEmailVerification(user.email, url);
    },
  },

  emailAndPassword: {
    enabled: true,
    minPasswordLength: 8,
    maxPasswordLength: 40,
    autoSignIn: true,

    sendResetPassword: async ({ user, url }) => {
      await sendResetPassword(user.email, url);
    },
    password: {
      hash: async (password) => await Bun.password.hash(password),
      verify: async ({ hash, password }) =>
        await Bun.password.verify(password, hash),
    },
  },

  trustedOrigins: ["http://localhost:3000"],
  plugins: [
    captcha({
      provider: "cloudflare-turnstile",
      secretKey: env.TURNSTILE_SECRET_KEY,
    }),
    emailOTP({
      async sendVerificationOTP({ email, otp, type }) {
        if (type === "forget-password") await sendResetPasswordOTP(email, otp);
      },
    }),
    username({
      maxUsernameLength: 25,
      minUsernameLength: 3,
    }),
    admin(),
    openAPI(),
  ],
  database: drizzleAdapter(db, {
    provider: "pg",
    usePlural: true,
  }),
  session: {
    expiresIn: 60,
    updateAge: 0,
    freshAge: 0,
  },
  advanced: {
    cookiePrefix: "rcp",
  },
});
6 replies
BABetter Auth
Created by Kabeer on 3/22/2025 in #help
Wierd behaviour, isPending from useSession not triggering
 const { data, isPending } = authClient.useSession();
console.log(isPending)
 
 const { data, isPending } = authClient.useSession();
console.log(isPending)
Im using nextJS 15.2 isPending is always true (sometimes) , it doesn't change to false even after network request is done
5 replies
BABetter Auth
Created by Kabeer on 1/25/2025 in #bug-reports
Failed to get session, when remember me is checked
No description
2 replies
BABetter Auth
Created by Kabeer on 1/11/2025 in #bug-reports
Anonymous user account getting deleted on calling /get-session
Basically Anonymous user accounts are getting deleted after calling /get-session 2 or 3 times (have to set disableDeleteAnonymousUser to true for it to not delete). Also onLinkAccount is getting triggered when no account linking have taken place (only api call is /get-session) My auth config 
anonymous({
      emailDomainName: "example.com",
      onLinkAccount: async ({ anonymousUser, newUser }) => {
        console.log("anonymousUser", anonymousUser);
        console.log("newUser", newUser);
        // perform actions like moving the cart items from anonymous user to the new user
      },
    }),

session: {
    expiresIn: 60 * 60 * 24 * 30,
    updateAge: 0,
    cookieCache: {
      enabled: false,
    },
  },
anonymous({
      emailDomainName: "example.com",
      onLinkAccount: async ({ anonymousUser, newUser }) => {
        console.log("anonymousUser", anonymousUser);
        console.log("newUser", newUser);
        // perform actions like moving the cart items from anonymous user to the new user
      },
    }),

session: {
    expiresIn: 60 * 60 * 24 * 30,
    updateAge: 0,
    cookieCache: {
      enabled: false,
    },
  },
5 replies
BABetter Auth
Created by Kabeer on 12/23/2024 in #help
TOTP URI Error After getting scanned by Google Authenticator
server config 
 plugins: [
    username(),
    admin(),
    twoFactor({
      issuer: "example.com",
    }),
]
 plugins: [
    username(),
    admin(),
    twoFactor({
      issuer: "example.com",
    }),
]
mfa setup func 
import QRCode from "react-qr-code";

  const setupMFA = async (data: IPasswordSchema) => {
    toast.loading("Generating MFA QR code, please wait...", {
      id: "mfa-setup",
    });
    const res = await authClient.twoFactor.enable({
      password: data.password,
    });
    if (res.error) {
      toast.error(res.error.message, {
        id: "mfa-setup",
      });
      setMfaData(null);
      return;
    }

    setMfaData(res.data);

    toast.success("QR code generated successfully", {
      id: "mfa-setup",
    });
  };


<QRCode value={totpURI} className="w-full" />
import QRCode from "react-qr-code";

  const setupMFA = async (data: IPasswordSchema) => {
    toast.loading("Generating MFA QR code, please wait...", {
      id: "mfa-setup",
    });
    const res = await authClient.twoFactor.enable({
      password: data.password,
    });
    if (res.error) {
      toast.error(res.error.message, {
        id: "mfa-setup",
      });
      setMfaData(null);
      return;
    }

    setMfaData(res.data);

    toast.success("QR code generated successfully", {
      id: "mfa-setup",
    });
  };


<QRCode value={totpURI} className="w-full" />
Generated TOTP URI otpauth://totp?secret=mYRiLalafW4Ya04foIhsXX_BGLV8Ccsn&issuer=example.com&account=test%40gmail.com&digits=6&period=30 Google Authenticator say Error : Cannot interpret OR code Also tried with Ente Auth, It gets scanned but in place of OTP, there is just Error. Not sure if im doing something wrong . Any help ? Thanks!
4 replies