This server side code worked on `^1.1.18`, but not anymore on `^1.2.0`.

This is how my Hono routes,

.post("signIn", zValidator("json", loginSchema), async (c) => {
    const data = c.req.valid("json");
    const { email, password } = data;

    try {
      const res = await auth.api.signInEmail({
        header: c.req.raw.headers,
        body: { email, password },
        asResponse: true
      });

      const cookies = res.headers.get("set-cookie");
      if (cookies) {
        c.header("set-cookie", cookies);
      }

      return c.json({ success: true, message: `Success` }, 200);
    } catch (error) {
      const message = handleAuthError(error);
      return c.json({ success: false, message }, 500);
    }
  })

.post("signIn", zValidator("json", loginSchema), async (c) => {
    const data = c.req.valid("json");
    const { email, password } = data;

    try {
      const res = await auth.api.signInEmail({
        header: c.req.raw.headers,
        body: { email, password },
        asResponse: true
      });

      const cookies = res.headers.get("set-cookie");
      if (cookies) {
        c.header("set-cookie", cookies);
      }

      return c.json({ success: true, message: `Success` }, 200);
    } catch (error) {
      const message = handleAuthError(error);
      return c.json({ success: false, message }, 500);
    }
  })

I filled fake email and password. Although I got this error log in terminal console:

2025-03-02T03:07:30.067Z ERROR [Better Auth]: Invalid password

2025-03-02T03:07:30.067Z ERROR [Better Auth]: Invalid password

I am getting

({ success: true, message: `Success` }, 200)

({ success: true, message: `Success` }, 200)

in my browser. I think there is a problem with try catch .

26 Replies

Sithu KhantOP•2mo ago

This is in the network tab

Sithu KhantOP•2mo ago

I think I should get 500 ...any suggestion?

lonelyplanet•2mo ago

your using asResponse I believe thats the issue since when asResponse is set you can simple return the res object since it will be a Response object And when asResponse it would not want to reject the promise instead it returns a error Response

Sithu KhantOP•2mo ago

If I do that, it doesn't work If I do that, I don't be able to get res.headers from it

lonelyplanet•2mo ago

Just get the session token manually delete as Response use session.token from the result of the call and set that as your cookie

Sithu KhantOP•2mo ago

How can I get?

lonelyplanet•2mo ago

Sithu KhantOP•2mo ago

I still don't get it could you please give an example?

lonelyplanet•2mo ago

      const res = await auth.api.signInEmail({
        header: c.req.raw.headers,
        body: { email, password },
      });

const token = res?.session?.token;

      const res = await auth.api.signInEmail({
        header: c.req.raw.headers,
        body: { email, password },
      });

const token = res?.session?.token;

Sithu KhantOP•2mo ago

@lonelyplanet, hey sorry for late reply. In the end, I just did like this:

.post("signIn", zValidator("json", loginSchema), async (c) => {
    const data = c.req.valid("json");
    const { email, password } = data;

    try {
      const res = await auth.api.signInEmail({
        header: c.req.raw.headers,
        body: { email, password },
        asResponse: true
      });

      if (!res.ok) {
        const data: any = await res.json();
        return c.json({ success: false, message: data?.message }, 500);
      }

      const cookies = res.headers.get("set-cookie");
      if (cookies) {
        c.header("set-cookie", cookies);
      }

      return c.json({ success: true, message: `Success` }, 200);
    } catch (error) {
      const message = handleAuthError(error);
      return c.json({ success: false, message }, 500);
    }
  })

.post("signIn", zValidator("json", loginSchema), async (c) => {
    const data = c.req.valid("json");
    const { email, password } = data;

    try {
      const res = await auth.api.signInEmail({
        header: c.req.raw.headers,
        body: { email, password },
        asResponse: true
      });

      if (!res.ok) {
        const data: any = await res.json();
        return c.json({ success: false, message: data?.message }, 500);
      }

      const cookies = res.headers.get("set-cookie");
      if (cookies) {
        c.header("set-cookie", cookies);
      }

      return c.json({ success: true, message: `Success` }, 200);
    } catch (error) {
      const message = handleAuthError(error);
      return c.json({ success: false, message }, 500);
    }
  })

It worked, I just don't know what is the data type of res json. So, I first console.log and there is code and message if response is not ok. That message is what we need. So, just replied like that.

Milan||Милан•2mo ago

Why are you passsing the headers into the signInEmail?

Sithu KhantOP•2mo ago

It contains the cookie info you can check in the better-auth docs

Milan||Милан•2mo ago

        const cookiez = res.headers.get('set-cookie');

TypeError: Cannot read properties of undefined (reading 'get') oh nvm fixed it

Milan||Милан•2mo ago

The cookie name "better-auth.session_token=xLGnAfcMNb4tbx61F53Tid5kFVLoCRhl.X%2Bgfyz2%2BmFCb3u25oyolHqoaA9XmH5SdkvvhhYYlYgI%3D; Max-Age=604800; Path=/; HttpOnly; SameSite=Lax" will be invalid in SvelteKit 3.0 as it contains =. See RFC 2616 for more details https://datatracker.ietf.org/doc/html/rfc2616#section-2.2 Error: You must specify a path when setting, deleting or serializing cookies

IETF Datatracker

RFC 2616: Hypertext Transfer Protocol -- HTTP/1.1

HTTP has been in use by the World-Wide Web global information initiative since 1990. This specification defines the protocol referred to as "HTTP/1.1", and is an update to RFC 2068. [STANDARDS-TRACK]

Sithu KhantOP•2mo ago

are you also using Hono?

Milan||Милан•2mo ago

No :(

Sithu KhantOP•2mo ago

which one?

Milan||Милан•2mo ago

Sveltekit

Sithu KhantOP•2mo ago

I am also using Hono integrated to SvelteKit

Milan||Милан•2mo ago

Whats that

Sithu KhantOP•2mo ago

btw, can you please provide me your post method codes?

Milan||Милан•2mo ago

export const actions = {
    default: async ({ request, cookies }: { request: Request; cookies: never }) => {
        console.log(request);
        const formData = await request.formData();
        const password = formData.get('password') as string;
        const email = formData.get('email') as string;
        const response = await auth.api.signInEmail({
            header: request.headers,
            body: {
                email,
                password
            },
            asResponse: true
        });

        const cookiez = response.headers.get('set-cookie');
        if (response.ok) {
            cookies.set(cookiez);
        }
    }
};

export const actions = {
    default: async ({ request, cookies }: { request: Request; cookies: never }) => {
        console.log(request);
        const formData = await request.formData();
        const password = formData.get('password') as string;
        const email = formData.get('email') as string;
        const response = await auth.api.signInEmail({
            header: request.headers,
            body: {
                email,
                password
            },
            asResponse: true
        });

        const cookiez = response.headers.get('set-cookie');
        if (response.ok) {
            cookies.set(cookiez);
        }
    }
};

Error: You must specify a path when setting, deleting or serializing cookies

Sithu KhantOP•2mo ago

maybe you could get chatgpt.

Milan||Милан•2mo ago

yeah i think i almost have it now the name of the cookie is auth when it should be better-auth.session_token if i fix that i suppose it works

Sithu KhantOP•2mo ago

glad it worked

Milan||Милан•2mo ago

No it didnt yet unfortunately im slowly going insane

Gaming

Programming

This server side code worked on `^1.1.18`, but not anymore on `^1.2.0`.

Did you find this page helpful?