CORS Issue with better-auth in NestJS and Next Setup
Hey everyone,
I'm setting up authentication in my NestJS app using better-auth with a PostgreSQL database via Prisma. Everything seems to be correctly configured, but I'm running into a CORS issue when trying to sign up a user from my next front end.
Error Message
typescript
async function bootstrap() {
const app = await NestFactory.create(AppModule);
app.use('/api/auth', toNodeHandler(auth)); // Using better-auth middleware
app.use(json());
// Configure CORS middleware
app.use(
cors({
origin: 'http://localhost:3000',
methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
allowedHeaders: ['Content-Type', 'Authorization'],
credentials: true,
}),
);
// Global validation pipe
app.useGlobalPipes(new ValidationPipe());
await app.listen(process.env.PORT ?? 3050);
}
bootstrap();
Better-Auth Config (
const prisma = new PrismaClient();
export const auth = betterAuth({
database: prismaAdapter(prisma, {
provider: "postgresql",
}),
basePath: "/api/auth",
baseURL: "http://localhost:3050/api/auth",
emailAndPassword: {
enabled: true,
},
trustedOrigins: [
'http://localhost:3000',
],
advanced: {
defaultCookieAttributes: {
secure: true,
httpOnly: true,
sameSite: "none",
},
},
});
Next frontend auth config
Question
Is there anything I need to add to my better-auth configuration to properly handle CORS? Is there an additional middleware required in NestJS for better-auth to work with CORS?
I'm setting up authentication in my NestJS app using better-auth with a PostgreSQL database via Prisma. Everything seems to be correctly configured, but I'm running into a CORS issue when trying to sign up a user from my next front end.
Error Message
typescript
async function bootstrap() {
const app = await NestFactory.create(AppModule);
app.use('/api/auth', toNodeHandler(auth)); // Using better-auth middleware
app.use(json());
// Configure CORS middleware
app.use(
cors({
origin: 'http://localhost:3000',
methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
allowedHeaders: ['Content-Type', 'Authorization'],
credentials: true,
}),
);
// Global validation pipe
app.useGlobalPipes(new ValidationPipe());
await app.listen(process.env.PORT ?? 3050);
}
bootstrap();
Better-Auth Config (
/lib/auth.tsconst prisma = new PrismaClient();
export const auth = betterAuth({
database: prismaAdapter(prisma, {
provider: "postgresql",
}),
basePath: "/api/auth",
baseURL: "http://localhost:3050/api/auth",
emailAndPassword: {
enabled: true,
},
trustedOrigins: [
'http://localhost:3000',
],
advanced: {
defaultCookieAttributes: {
secure: true,
httpOnly: true,
sameSite: "none",
},
},
});
Next frontend auth config
import { createAuthClient } from "better-auth/react"
export const authClient = createAuthClient({
baseURL: "http://localhost:3050",
credentials: true,
})Question
Is there anything I need to add to my better-auth configuration to properly handle CORS? Is there an additional middleware required in NestJS for better-auth to work with CORS?