deleteUser questions
Hi there
I am facing issues with user deletion and I'm not sure if there is a bug or if I misunderstand the concept.
https://www.better-auth.com/docs/concepts/users-accounts#delete-user
Goals:
- Users need to confirm an OTP I email them.
- I prefer to perform various steps on the backend and the backend should then call the auth API to generate the OTP and email it.
Issues:
- "auth.api.createVerificationOTP()" only allows the types "email-verification" | "forgot-password" | "sign-in" but nothing related to deletion
- "authClient.deleteUser()" requires a fresh session, even if called with a token. The documentation states that "the user must meet one of the following requirements", not token + fresh session.
- My backend has session.freshAge set to "60 * 60 * 24" but authClient.deleteUser() complains about requiring a fresh session a few minutes after authentication.
- Successful "authClient.deleteUser({ token })" don't actually delete the user in the database (but 'afterDelete' is executed). Am I supposed to delete the user myself in the db?
Ideally I can use both *auth.api.createVerificationOTP() *and auth.api.deleteUser() in my backend.
User & Accounts | Better Auth
User and account management.
2 Replies
are you on latest version of Better Auth?
Oh sorry for not mentioning it. I am on 1.2.3.
I rolled back due to the expo type issue introduced in 1.2.4 and
https://github.com/better-auth/better-auth/issues/1974
https://github.com/better-auth/better-auth/issues/1855
https://github.com/better-auth/better-auth/issues/2031
Very much looking forward to upgrade though to also make use of 1.2.5 features such as "allow unlinking all accounts". 🤗