Better Auth•6d ago

Sign up control

Hey guys. Is there a way to disable sign up from the public (authClient) but still have it enabled for the server code (auth.api)? I don’t want anyone to be able to sign up. I want admins to create users. I’m imagining that a smart person who knows how the auth clients calls the API would be able to create users if it is enabled .

Solution:

you can use hooks then ```ts hooks: { before: async(c)=>{...

Jump to solution

7 Replies

bekacru•6d ago

emailAndPassword.disableSignUp

Ho-kageOP•6d ago

Turning that on also prevented me from creating a user using the sign up on auth.api

Solution

bekacru•6d ago

you can use hooks then

hooks: {
  before: async(c)=>{
    if(c.path === "/sign-up/email" && c.request){
      throw c.error("UNAUTHROIZED")
    }
  }
}

hooks: {
  before: async(c)=>{
    if(c.path === "/sign-up/email" && c.request){
      throw c.error("UNAUTHROIZED")
    }
  }
}

Ho-kageOP•6d ago

Alright. I’ll try this out. Thank you

Ho-kageOP•6d ago

I wonder if this would be a cleaner way to implement what I was describing. I just need to check if it still allows the auth.api sign up to work

Ho-kageOP•6d ago

This didn't work

Ho-kageOP•6d ago

Caveat is that there is no c.path... you would need to use c.request.url. There is allso no c.error

Gaming

Programming

Sign up control

Did you find this page helpful?