BA
Better Auth2mo ago
Rikki

cookie getting deleted automatically after refresh on signup with cloudfare workers

i have setup betterauth on cloudfare workers but my cookie is getting deleted after refresh on the client. i am using hono for the backend
20 Replies
bekacru
bekacru2mo ago
could you share your auth config?
darkpool
darkpool2mo ago
I am experiencing the same issue. Here is my auth.ts: 
import { betterAuth } from "better-auth";
import { drizzleAdapter } from "better-auth/adapters/drizzle";
import { drizzle } from "drizzle-orm/d1";
import { user, session, account, verification } from "@/drizzle/schema";

export const createAuth = (env: Env) => {
    const db = drizzle(env.DB);
    return betterAuth({
        database: drizzleAdapter(db, {
            provider: "sqlite",
            schema: { user, session, account, verification },
        }),
        baseUrl: env.BASE_URL,
        socialProviders: {
            google: {
                clientId: env.GOOGLE_CLIENT_ID,
                clientSecret: env.GOOGLE_CLIENT_SECRET,
            },
        },
        trustedOrigins: ["http://localhost:3000", "http://localhost:5173"],
    });
};
import { betterAuth } from "better-auth";
import { drizzleAdapter } from "better-auth/adapters/drizzle";
import { drizzle } from "drizzle-orm/d1";
import { user, session, account, verification } from "@/drizzle/schema";

export const createAuth = (env: Env) => {
    const db = drizzle(env.DB);
    return betterAuth({
        database: drizzleAdapter(db, {
            provider: "sqlite",
            schema: { user, session, account, verification },
        }),
        baseUrl: env.BASE_URL,
        socialProviders: {
            google: {
                clientId: env.GOOGLE_CLIENT_ID,
                clientSecret: env.GOOGLE_CLIENT_SECRET,
            },
        },
        trustedOrigins: ["http://localhost:3000", "http://localhost:5173"],
    });
};
Rikki
RikkiOP2mo ago
this is the auth config,also one question what should be the baseUrl in development i have put the development url that wrangler dev gives eg-http://127.0.0.1:8787 
import { betterAuth } from "better-auth";
import { prismaAdapter } from "better-auth/adapters/prisma";
import { getPrisma } from "./prisma";
import { Env } from "./types";

export function createAuth(env: Env) {

return betterAuth({
  trustedOrigins: ["http://localhost:3002"],
  database: prismaAdapter(getPrisma(env.DATABASE_URL), {
    provider: "postgresql",
  }) as any,
  socialProviders: {
    github: {
      clientId: env.GITHUB_CLIENT_ID as string,
      clientSecret: env.GITHUB_CLIENT_SECRET as string,
    },
    discord: {
      clientId: env.DISCORD_CLIENT_ID!,
      clientSecret: env.DISCORD_CLIENT_SECRET!,
    },
  },
  session: {
    expiresIn: 60 * 60 * 24 * 7,
    updateAge: 60 * 60 * 24,
  },
  emailAndPassword: {
    enabled: true,
    autoSignIn: true,
  },
  baseURL: env.BASE_URL,

});
}
export type Auth = ReturnType<typeof createAuth>;
import { betterAuth } from "better-auth";
import { prismaAdapter } from "better-auth/adapters/prisma";
import { getPrisma } from "./prisma";
import { Env } from "./types";

export function createAuth(env: Env) {

return betterAuth({
  trustedOrigins: ["http://localhost:3002"],
  database: prismaAdapter(getPrisma(env.DATABASE_URL), {
    provider: "postgresql",
  }) as any,
  socialProviders: {
    github: {
      clientId: env.GITHUB_CLIENT_ID as string,
      clientSecret: env.GITHUB_CLIENT_SECRET as string,
    },
    discord: {
      clientId: env.DISCORD_CLIENT_ID!,
      clientSecret: env.DISCORD_CLIENT_SECRET!,
    },
  },
  session: {
    expiresIn: 60 * 60 * 24 * 7,
    updateAge: 60 * 60 * 24,
  },
  emailAndPassword: {
    enabled: true,
    autoSignIn: true,
  },
  baseURL: env.BASE_URL,

});
}
export type Auth = ReturnType<typeof createAuth>;
this is the auth config,also one question what should be the baseUrl in development i have put the development url that wrangler dev gives eg-http://127.0.0.1:8787/ @bekacru
techysiddhant
techysiddhant2mo ago
@Rikki I'm facing redirect issue when i signup using github it redirect to the hono server from frontend i don't know how to fix this if you know can you help me out with this
Rikki
RikkiOP2mo ago
i guess either you set the wrong callbackurl in github or either in setting up the authclient @techysiddhant
Rikki
RikkiOP2mo ago
u sure your redirecturl looks like what mentioned in better auth docs ?
No description
NeoPrint3D
NeoPrint3D2mo ago
Cookie issue is probably related to subdomain issues if your client is different from your sever your cookie will not be passed
Oracle
Oracle2mo ago
im not sure if the same issue, but I have my frontend hosted on vercel and my backend is hosted elsewhere. when signing in and looking at the cookies in the developer console. I see the session auth cookie appear and then immediately dissapear, backend sees the request and no errors but frontend is removing it for some reason?
NeoPrint3D
NeoPrint3D2mo ago
Yeah it's definitely domain issue They need to be either on the same domain or subdomain I encountered this even with my infra being in the same platform
Oracle
Oracle2mo ago
Is there documentation on this? Or the proper setup?
NeoPrint3D
NeoPrint3D2mo ago
Yeah there is Btw what domains are you using for your frontend and backend
NeoPrint3D
NeoPrint3D2mo ago
Oracle
Oracle2mo ago
Front end I am using vercel and backend is encore cloud for the moment
NeoPrint3D
NeoPrint3D2mo ago
What's ur domains where you are hosting them If it is a.com for frontned and b.com for backend your cookies will not transfer
Oracle
Oracle2mo ago
yeah they have seperate domains how can I setup to allow seperate domains I thought the whole point was CORS to allow this
NeoPrint3D
NeoPrint3D2mo ago
You might want to put them on the same domain Or look up cross domain sharing It looks like it would be 100x more difficult if you did that
NeoPrint3D
NeoPrint3D2mo ago
https://stackoverflow.com/questions/12370495/share-a-cookie-between-two-websites
Stack Overflow
Share a cookie between two websites
I have built a website (A) which logs in to and retrieves customer data from a separate web service. The organisation that owns (A) also has a website (B) which has a web form. They want a logged in
Oracle
Oracle2mo ago
So after a bit of playing around I got this solved by setting up a proxy between my frontend and backend, the proxy was setup on NextJS backend and it looks something like this, it solves the cross domain sharing problem, and in the future if I setup under one domain its pretty easy to remove and work in place 
┌─────────────┐      ┌─────────────┐      ┌─────────────┐
│  Frontend   │      │    Proxy    │      │   Backend   │
│  Domain B   │ ──── │  Domain B   │ ──── │  Domain A   │
└─────────────┘      └─────────────┘      └─────────────┘
      ▲                     │                    │
      │                     │  forwards request  │
      │                     │ ───────────────────▶
      │                     │                    │
      │                     │   returns cookie   │
      │                     │ ◀─────────────────-│
      │   sets cookie for   │                    │
      │      Domain B       │                    │
      │◀────────────────────│                    │
┌─────────────┐      ┌─────────────┐      ┌─────────────┐
│  Frontend   │      │    Proxy    │      │   Backend   │
│  Domain B   │ ──── │  Domain B   │ ──── │  Domain A   │
└─────────────┘      └─────────────┘      └─────────────┘
      ▲                     │                    │
      │                     │  forwards request  │
      │                     │ ───────────────────▶
      │                     │                    │
      │                     │   returns cookie   │
      │                     │ ◀─────────────────-│
      │   sets cookie for   │                    │
      │      Domain B       │                    │
      │◀────────────────────│                    │
Rikki
RikkiOP2mo ago
according to me i think better auth does not supports the edge runtime yep im was also witnessing the same problem both parts are being locally hosted but backend was deployed on cloudflare worker
NeoPrint3D
NeoPrint3D2mo ago
It supports edge runtime Just have it on the same domain It's cross subdomain cookies U need your own custom domain So it would be auth.domain.com and www.domain.com this configuration works I tested it

Did you find this page helpful?