Ahmed
Ahmed
PostsComments
BABetter Auth
Created by Ahmed on 3/6/2025 in #bug-reports
getSessionCookie() return null is some cases
its confusing for some of us that getSessionCookie() is not behaving like we expect for the next reasons: - the function is not respecting the auth options specified in auth.ts 
advanced: {
  cookies: {
    session_token: {
      name: "custom_session_token",
    },
  },
  cookiePrefix: custom_cookie_prefix,
   useSecureCookies: true
}
advanced: {
  cookies: {
    session_token: {
      name: "custom_session_token",
    },
  },
  cookiePrefix: custom_cookie_prefix,
   useSecureCookies: true
}
because if you import the config option it will not be compatible with edge runtime. therefore you should specify the config as the second argument if cookie name or prefix is customized. 
    const sessionCookie = getSessionCookie(request, {
        cookiePrefix: custom_cookie_prefix,
                cookieName: custom_cookie_name
    });
    const sessionCookie = getSessionCookie(request, {
        cookiePrefix: custom_cookie_prefix,
                cookieName: custom_cookie_name
    });
- in dev mode if you are running your server in https:// cookies will be secured by default if you don't specify the useSecureCookies option. 
const secure =
    options.advanced?.useSecureCookies !== undefined
        ? options.advanced?.useSecureCookies
        : options.baseURL !== undefined
            ? options.baseURL.startsWith("https://")
                ? true
                : false
            : isProduction;
const secure =
    options.advanced?.useSecureCookies !== undefined
        ? options.advanced?.useSecureCookies
        : options.baseURL !== undefined
            ? options.baseURL.startsWith("https://")
                ? true
                : false
            : isProduction;
and the function is only prefixing the cookie __secure- in production ignoring the code above 
const name = isProduction
        ? `__Secure-${cookiePrefix}.${cookieName}`
        : `${cookiePrefix}.${cookieName}`;
const name = isProduction
        ? `__Secure-${cookiePrefix}.${cookieName}`
        : `${cookiePrefix}.${cookieName}`;
IMHO: It could more clear to explain this in the docs and the function should also check for request.nextUrl.origin.startsWith("https://" to add the secure prefix.
22 replies
BABetter Auth
Created by Ahmed on 11/17/2024 in #bug-reports
authClient.organization.create() error, in latest beta
No description
9 replies
BABetter Auth
Created by Ahmed on 10/21/2024 in #bug-reports
authClient.signOut error when multiSession() enabled with prisma adaptor
No description
3 replies