Laktos
Laktos
PostsComments
BABetter Auth
Created by Laktos on 12/26/2024 in #help
Multiple roles for users in organizations
It’s coming out in 1.2 so should be around the corner! It’s in beta now. But as of right now, it’s not supported.
10 replies
BABetter Auth
Created by Laktos on 12/26/2024 in #help
Can't list organizations on Vue client
No description
2 replies
BABetter Auth
Created by Laktos on 12/26/2024 in #help
Multiple roles for users in organizations
Oh but I see what you mean though with the session. If I just write a lil function for getting the permissions from the roles, and get the roles from the database, I can get the permissions directly in the getSession-response, which is greeat for checking for my endpoint decorators
10 replies
BABetter Auth
Created by Laktos on 12/26/2024 in #help
Multiple roles for users in organizations
Hm yeah that’s kind of a bummer. Like in RBAC it’s commonplace to have multiple roles per user (/member). Going to feature request that then. Not using an endpoint for validating the JWT. That’s the neat thing, I’ve got a public key to verify it with, which I had hoped I could do with the session cookie too. But perhaps it’ll be alright since I will most likely do this in an auth module that’ll be included in all my services. Then they’ll all have access to the database and hence, the getSession. Ok the custom session could come in handy, but I don’t think it can be used to solve the thing with the permissions.
10 replies
BABetter Auth
Created by Laktos on 12/26/2024 in #help
Multiple roles for users in organizations
Hey Bekacru! Thanks for the answers. I'm aware about the first thing, that it's on the member level, but the thing is that it's in "singular", i.e. you can only have one role per organization. What I was getting at in my message was kind of a workaround where I would manually extend the user data, which would not be on the member level, since the member can't be extended, to my knowledge. Yep, I used that the definePayload one but I guess the real issue is how to get those permissions/roles for attaching. Yeah I hope that's true! I just need to find a good way to integrate it with my current auth setup, which uses JWT. Like, the thing is that it looks like from this: 
import {  createAuthMiddleware, sessionMiddleware } from "better-auth/plugins";
 
const myPlugin = ()=>{
    return {
        id: "my-plugin",
        endpoints: {
            getHelloWorld: createAuthEndpoint("/my-plugin/hello-world", {
                method: "GET",
                use: [sessionMiddleware], //[!code highlight]
            }, async(ctx) => {
                const session = ctx.context.session;
                return ctx.json({
                    message: "Hello World"
                })
            })
        }
    } satisfies BetterAuthPlugin
}
import {  createAuthMiddleware, sessionMiddleware } from "better-auth/plugins";
 
const myPlugin = ()=>{
    return {
        id: "my-plugin",
        endpoints: {
            getHelloWorld: createAuthEndpoint("/my-plugin/hello-world", {
                method: "GET",
                use: [sessionMiddleware], //[!code highlight]
            }, async(ctx) => {
                const session = ctx.context.session;
                return ctx.json({
                    message: "Hello World"
                })
            })
        }
    } satisfies BetterAuthPlugin
}
That one would have to do this for all endpoints, but perhaps I'm missing something about how to properly use plugins. I gotta validate the session somehow when I get a request on an endpoint which isn't the Better Auth endpoints. Like right now I've got a setup that verifies the JWT against a public key on every endpoint, through a decorator. Wouldn't be hard to forge one if there's no actual check against either the session cookie cache on the server or the one in the DB.
10 replies
BABetter Auth
Created by Imam on 12/26/2024 in #help
Cors Error on Elysia with Node Adapter
Check that your NEXT PUBLIC WEB BASE URL is in fact http://localhost:3000
22 replies