BA
Better Auth2mo ago
sanser

401 doing listActiveSubscriptions on server side

Hey all im using svelte5 and better auth im trying to preload the subscription data in the +page.server.ts but im getting unauthorized when attempting to do so- when using the auth client it works fine? 
export const load = async ({ request }) => {
    const session = await auth.api.getSession({
        headers: request.headers
    });

    if (!session) {
        console.log('no session');
        throw redirect(302, '/authenticate');
    }

    const data = await auth.api.listActiveSubscriptions();

    const activeSubscription = data?.find(
        (sub) => sub.status === 'active' || sub.status === 'trialing'
    );

    return { activeSubscription };
};
export const load = async ({ request }) => {
    const session = await auth.api.getSession({
        headers: request.headers
    });

    if (!session) {
        console.log('no session');
        throw redirect(302, '/authenticate');
    }

    const data = await auth.api.listActiveSubscriptions();

    const activeSubscription = data?.find(
        (sub) => sub.status === 'active' || sub.status === 'trialing'
    );

    return { activeSubscription };
};
17 Replies
rtmorgan
rtmorgan2mo ago
Hi @sanser - what version of better-auth are you currently using? Also, can you confirm that your request.headers above contains a valid better-auth session token?
sanser
sanserOP2mo ago
hey @rtmorgan yes it does contain a better auth session cookie BUT i have used the option to rename it: using -> 
  advanced: {
        cookiePrefix: 'dailydebrief'
    },
  advanced: {
        cookiePrefix: 'dailydebrief'
    },
cookie: 'dailydebrief.session_token=JDvM7r8lKh8WjJj5XD50x46eTaoczBua.redacted...' Versions: 
"better-auth": "^1.2.3"
"@better-auth/stripe": "^1.2.3",
"better-auth": "^1.2.3"
"@better-auth/stripe": "^1.2.3",
rtmorgan
rtmorgan2mo ago
Can you test it with a new session / new session cookie as 1.2 changed the session token validation check on the HMAC signature. If you are using a older, but still valid pre 1.2 cookie, it is not going to pass checks in v1.2 and higher getSession from what I can tell. This might be a long shot but worth testing if you recently upgraded.
sanser
sanserOP2mo ago
i did recently upgrade but i recently changed laptops and db has been wiped + ofc new browser cookies il give it a go though does this seem like a bug?
rtmorgan
rtmorgan2mo ago
Which authentication (email and password, social, etc) are you using prior to the route that uses that +page.server.ts? Also, how are you navigating to that route - from a redirect or from a direct navigation link? thanks
sanser
sanserOP2mo ago
so this login is from a magic link login, i am just accessing this route by a direct navigation currently (im ofc using the magic link plugin?)
rtmorgan
rtmorgan2mo ago
What does your hooks.server.ts look like? Are you using the svelteKitHandler?
sanser
sanserOP2mo ago
hooks.server.ts 
import { auth } from '$lib/server/auth';
import { svelteKitHandler } from 'better-auth/svelte-kit';
import { building } from '$app/environment';
import { emailWorker } from '$lib/server/background/queue.email';

if (!building) {
    emailWorker();
}

export async function handle({ event, resolve }) {
    return svelteKitHandler({ event, resolve, auth });
}
import { auth } from '$lib/server/auth';
import { svelteKitHandler } from 'better-auth/svelte-kit';
import { building } from '$app/environment';
import { emailWorker } from '$lib/server/background/queue.email';

if (!building) {
    emailWorker();
}

export async function handle({ event, resolve }) {
    return svelteKitHandler({ event, resolve, auth });
}
rtmorgan
rtmorgan2mo ago
Can you share your route structure?
sanser
sanserOP2mo ago
its pretty big :D
sanser
sanserOP2mo ago
No description
sanser
sanserOP2mo ago
subscription is the route with the +page.server.ts where im attempting to get this information
rtmorgan
rtmorgan2mo ago
Can you try it with headers set (similar to the getSession call): const data = await auth.api.listActiveSubscriptions({ headers: request.headers });
sanser
sanserOP2mo ago
ha- this works :FacePalm: thank you- i checked the typing for the params of the function and i swear it didnt expect the headers lol
sanser
sanserOP2mo ago
No description
sanser
sanserOP2mo ago
but im so wrong- my bad it was late at night and my brain was frazzed... thanks again @rtmorgan
RTMorgan
RTMorgan2mo ago
I am glad it's working now - I didn't see that at first either.

Did you find this page helpful?