shadow
shadow
Explore posts from servers
UEUnreal EngineBABetter Auth
PostsComments
BABetter Auth
Created by shadow on 4/16/2025 in #bug-reports
Email Verification required and Captcha return the same error code
Hey! 👋 I think this might be a bug — or at least a DX issue — because the current implementation doesn’t let us differentiate between different failure cases. Here’s the relevant code: 
signIn.email({
      email: values.email,
      password: values.password,
      callbackURL: "/dashboard",
      fetchOptions: {
        headers: {
          "x-captcha-response": turnstileToken
        },
        onResponse: () => {
          setLoading(false);
        },
        onRequest: () => {
          setLoading(true);
        },
        onError: (ctx) => {
          if (ctx.error.status === 403) {
            toast.error(`You need a verified email address to login, an email has been sent to you.`);
            
          } else {
            toast.error(ctx.error.message);
          }
        },
        onSuccess: () => {
          toast.success("Login successful, redirecting...");
        },
      },
    });
signIn.email({
      email: values.email,
      password: values.password,
      callbackURL: "/dashboard",
      fetchOptions: {
        headers: {
          "x-captcha-response": turnstileToken
        },
        onResponse: () => {
          setLoading(false);
        },
        onRequest: () => {
          setLoading(true);
        },
        onError: (ctx) => {
          if (ctx.error.status === 403) {
            toast.error(`You need a verified email address to login, an email has been sent to you.`);
            
          } else {
            toast.error(ctx.error.message);
          }
        },
        onSuccess: () => {
          toast.success("Login successful, redirecting...");
        },
      },
    });
The issue is that both of the following failure cases return the same 403 status: - When the user hasn’t verified their email. - When the captcha check fails. The frontend can’t tell them apart, so users get the same error message either way — which is confusing and bad UX.
3 replies
BABetter Auth
Created by shadow on 3/28/2025 in #help
Middleware in a Better Auth Project
how the middleware of a project using better-auth should look? because i was using this middleware: 
import { betterFetch } from "@better-fetch/fetch";
import type { auth } from "@/lib/auth";
import { NextRequest, NextResponse } from "next/server";

type Session = typeof auth.$Infer.Session;
 
export async function middleware(request: NextRequest) {
    const { data: session } = await betterFetch<Session>("/api/auth/get-session", {
        baseURL: request.nextUrl.origin,
        headers: {
            cookie: request.headers.get("cookie") || "", // Forward the cookies from the request
        },
    });
 
    if (!session) {
        return NextResponse.redirect(new URL("/auth/signin", request.url));
    }
 
    return NextResponse.next();
}
 
export const config = {
    matcher: "/private/:path*", // The middleware will apply to all routes that start with '/private'
};
import { betterFetch } from "@better-fetch/fetch";
import type { auth } from "@/lib/auth";
import { NextRequest, NextResponse } from "next/server";

type Session = typeof auth.$Infer.Session;
 
export async function middleware(request: NextRequest) {
    const { data: session } = await betterFetch<Session>("/api/auth/get-session", {
        baseURL: request.nextUrl.origin,
        headers: {
            cookie: request.headers.get("cookie") || "", // Forward the cookies from the request
        },
    });
 
    if (!session) {
        return NextResponse.redirect(new URL("/auth/signin", request.url));
    }
 
    return NextResponse.next();
}
 
export const config = {
    matcher: "/private/:path*", // The middleware will apply to all routes that start with '/private'
};
and verified that my app is vunerable to the latest nextjs vunerability, how should i modify the middleware even after upgrading to the already patched version? because i heard that its not a good practice to do authentication in the middleware, so even after upgrading to the latest version of nextjs i wanna make things right
5 replies
BABetter Auth
Created by shadow on 3/15/2025 in #help
user.findFirst and session.findFirst being run too many times
No description
3 replies
BABetter Auth
Created by shadow on 3/7/2025 in #help
Trigger annualDiscountPriceId on Stripe
Hey devs, i defined a annualDiscountPriceId but i dont know how can trigger it with the subscription.upgrade 
plans: [
                    {
                        name: "Starter",
                        priceId: STARTER_PRICE_ID.default,
                        annualDiscountPriceId: STARTER_PRICE_ID.annual,
                        freeTrial: {
                            days: 7,
                        },
                    },
                    {
                        name: "Pro",
                        priceId: PRO_PRICE_ID.default,
                        annualDiscountPriceId: PRO_PRICE_ID.annual,
                    },
                    {
                        name: "Enterprise",
                    },
                ],
plans: [
                    {
                        name: "Starter",
                        priceId: STARTER_PRICE_ID.default,
                        annualDiscountPriceId: STARTER_PRICE_ID.annual,
                        freeTrial: {
                            days: 7,
                        },
                    },
                    {
                        name: "Pro",
                        priceId: PRO_PRICE_ID.default,
                        annualDiscountPriceId: PRO_PRICE_ID.annual,
                    },
                    {
                        name: "Enterprise",
                    },
                ],
5 replies
BABetter Auth
Created by shadow on 3/1/2025 in #help
Help with Middleware Session Cookie (Development vs Production)
Hey everyone! I’m running into an issue with my middleware, and I can’t quite figure out what’s causing it. The problem occurs when switching from the development environment to production. Here’s the scenario: In Development: The getSessionCookie function returns the session cookie as expected. In Production: After logging in, the session cookie is always null. Here’s the code I’m working with: 
import { NextRequest, NextResponse } from "next/server";
import { getSessionCookie } from "better-auth";

export async function middleware(request: NextRequest) {
    const sessionCookie = getSessionCookie(request); 
    console.log(sessionCookie);
    // If the user is not logged in, redirect to the login page or '/'
    if (!sessionCookie) {
        return NextResponse.redirect(new URL("/auth/signin", request.url));
    }
    return NextResponse.next();
}
 
export const config = {
    matcher: ["/private/:path*"], // The middleware will apply to all routes that start with '/private'
};
import { NextRequest, NextResponse } from "next/server";
import { getSessionCookie } from "better-auth";

export async function middleware(request: NextRequest) {
    const sessionCookie = getSessionCookie(request); 
    console.log(sessionCookie);
    // If the user is not logged in, redirect to the login page or '/'
    if (!sessionCookie) {
        return NextResponse.redirect(new URL("/auth/signin", request.url));
    }
    return NextResponse.next();
}
 
export const config = {
    matcher: ["/private/:path*"], // The middleware will apply to all routes that start with '/private'
};
What I’ve tried so far: 1. Verified that cookies are being set correctly in production. 2. Checked that the environment variables and configurations match between dev and production. 3. Tried logging the sessionCookie to see if there's any difference, but it still comes up as null in production. Has anyone encountered this before or have any idea what might be causing this behavior?
2 replies
BABetter Auth
Created by shadow on 2/27/2025 in #help
Error generating schemas.
Why i cant generate the schemas? 
Diogo@shadow-pc D:\....\link-shortener  master  npx @better-auth/cli generate
2025-02-27T01:31:33.675Z ERROR [Better Auth]: [#better-auth]: Couldn't read your auth config. Error: @prisma/client did not initialize yet. Please run "prisma generate" and try to import it again.
    at new PrismaClient (D:\Projetos\link-shortener\node_modules\.prisma\client\default.js:43:11)
    at D:/Projetos/link-shortener/lib/auth.ts:5:16
    at async Function.import (C:\Users\Diogo\AppData\Local\npm-cache\_npx\167ca1f116d365e6\node_modules\jiti\dist\jiti.cjs:1:199772)
    at async resolveConfig (file:///C:/Users/Diogo/AppData/Local/npm-cache/_npx/167ca1f116d365e6/node_modules/c12/dist/shared/c12.PQMoYrit.mjs:346:18)
    at async loadConfig (file:///C:/Users/Diogo/AppData/Local/npm-cache/_npx/167ca1f116d365e6/node_modules/c12/dist/shared/c12.PQMoYrit.mjs:146:23)
    at async N (file:///C:/Users/Diogo/AppData/Local/npm-cache/_npx/167ca1f116d365e6/node_modules/@better-auth/cli/dist/index.mjs:9:2140)
    at async Command.Me (file:///C:/Users/Diogo/AppData/Local/npm-cache/_npx/167ca1f116d365e6/node_modules/@better-auth/cli/dist/index.mjs:23:636)
Diogo@shadow-pc D:\....\link-shortener  master  npx @better-auth/cli generate
2025-02-27T01:31:33.675Z ERROR [Better Auth]: [#better-auth]: Couldn't read your auth config. Error: @prisma/client did not initialize yet. Please run "prisma generate" and try to import it again.
    at new PrismaClient (D:\Projetos\link-shortener\node_modules\.prisma\client\default.js:43:11)
    at D:/Projetos/link-shortener/lib/auth.ts:5:16
    at async Function.import (C:\Users\Diogo\AppData\Local\npm-cache\_npx\167ca1f116d365e6\node_modules\jiti\dist\jiti.cjs:1:199772)
    at async resolveConfig (file:///C:/Users/Diogo/AppData/Local/npm-cache/_npx/167ca1f116d365e6/node_modules/c12/dist/shared/c12.PQMoYrit.mjs:346:18)
    at async loadConfig (file:///C:/Users/Diogo/AppData/Local/npm-cache/_npx/167ca1f116d365e6/node_modules/c12/dist/shared/c12.PQMoYrit.mjs:146:23)
    at async N (file:///C:/Users/Diogo/AppData/Local/npm-cache/_npx/167ca1f116d365e6/node_modules/@better-auth/cli/dist/index.mjs:9:2140)
    at async Command.Me (file:///C:/Users/Diogo/AppData/Local/npm-cache/_npx/167ca1f116d365e6/node_modules/@better-auth/cli/dist/index.mjs:23:636)
 Diogo@shadow-pc D:\....\link-shortener  master  npx prisma generate
Environment variables loaded from .env
Error: Could not find Prisma Schema that is required for this command.
You can either provide it with `--schema` argument, set it as `prisma.schema` in your package.json or put it into the default location.
Checked following paths:

schema.prisma: file not found
prisma\schema.prisma: file not found
prisma\schema: directory not found

See also https://pris.ly/d/prisma-schema-location
 Diogo@shadow-pc D:\....\link-shortener  master  npx prisma generate
Environment variables loaded from .env
Error: Could not find Prisma Schema that is required for this command.
You can either provide it with `--schema` argument, set it as `prisma.schema` in your package.json or put it into the default location.
Checked following paths:

schema.prisma: file not found
prisma\schema.prisma: file not found
prisma\schema: directory not found

See also https://pris.ly/d/prisma-schema-location
5 replies
BABetter Auth
Created by shadow on 1/15/2025 in #help
Added additional field, but authClient.signUp.email doesnt accept it
No description
4 replies