BA
Better Auth7d ago
saze

getSession returning null in dev mode

I am suddenly unable to login to my app when running it in dev mode as getSession returns null. This issue does not occur in production. And it is a new behavior, although I can't pinpoint what is leading to it. Below is my network calls. //network calls //headers Request URL: http://localhost:3000/api/auth/sign-in/email-otp Request Method: POST Status Code: 200 OK Remote Address: [::1]:3000 Referrer Policy: strict-origin-when-cross-origin access-control-allow-credentials: true access-control-allow-headers: Content-Type, Authorization, X-CSRF-Token, Cookie access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin: http://localhost:3000 access-control-max-age: 86400 connection: keep-alive content-type: application/json date: Tue, 25 Feb 2025 16:33:07 GMT keep-alive: timeout=5 transfer-encoding: chunked vary: content-type: application/json dnt: 1 referer: http://localhost:3000/login?callbackUrl=%2Fdashboard sec-ch-ua-platform: "macOS" user-agent: Mozilla/5.0 //payload {email: "", otp: "895795"} email : "" otp : "895795" //response { "token": "kIaU2uQUwu2fxDNxoRD0LQqzHWB3wXYg", "user": { "id": "cm7jhbf150004jx6xaqag930u", "email": "**", "emailVerified": true, "name": "**", "image": null, "createdAt": "2025-02-24T19:57:09.978Z", "updatedAt": "2025-02-24T19:57:37.868Z" } } //headers Request URL: http://localhost:3000/api/auth/get-session Request Method: GET Status Code: 200 OK Remote Address: [::1]:3000 Referrer Policy: strict-origin-when-cross-origin connection: keep-alive content-type: application/json date: Tue, 25 Feb 2025 16:33:07 GMT keep-alive: timeout=5 transfer-encoding: chunked vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch dnt: 1 referer: http://localhost:3000/login?callbackUrl=%2Fdashboard sec-ch-ua-platform: "macOS" user-agent: Mozilla/5.0 //response null
Solution:
This wasn't a bug but rather my use of secure cookies and cross-domain cookies in both development & production environments. I have disabled these in dev mode and now able to sign-in.
Jump to solution
3 Replies
glowy
glowy6d ago
what's your baseURL set to in createAuthClient? try removing it or setting it to a blank string and see what happens.
Solution
saze
saze4d ago
This wasn't a bug but rather my use of secure cookies and cross-domain cookies in both development & production environments. I have disabled these in dev mode and now able to sign-in.
Amit Sharma
Amit Sharma2d ago
I am facing issue in making the session object available right after signin for nextjs project. I am signing in user using email and password, throught server action with "auth.api.signInEmail", the cookies are set immediately but the session object stays null, I did try both useSession on client component and getSession with headers on server component but no luck. The session object do loads up but only when I do a full refresh. What I am missing here ? 
import { createAuthClient } from "better-auth/react";
import { inferAdditionalFields } from "better-auth/client/plugins";
import type { auth } from "./auth";

export const authClient = createAuthClient({
  baseURL: process.env.NEXT_PUBLIC_BETTER_AUTH_BASE_URL!,
  plugins: [inferAdditionalFields<typeof auth>()],
});

export const { signUp, signIn, signOut, useSession } = authClient;
import { createAuthClient } from "better-auth/react";
import { inferAdditionalFields } from "better-auth/client/plugins";
import type { auth } from "./auth";

export const authClient = createAuthClient({
  baseURL: process.env.NEXT_PUBLIC_BETTER_AUTH_BASE_URL!,
  plugins: [inferAdditionalFields<typeof auth>()],
});

export const { signUp, signIn, signOut, useSession } = authClient;

Did you find this page helpful?