Joshuadeleon
BABetter Auth
•Created by Joshuadeleon on 4/11/2025 in #help
getSession always returns null
i have the following auth-middleware that i can confirm is receiving a proper header. I manually search for the session and was able to get a matching record from the db. I did this both inside a db client and within the middleware using the db adapter to retrieve the record. I see that have bee others with similiar issues. I was wondering if this is a known issue (i don't see a open issue on github) or if there is a work around. I'm setting up the server so i don't have a client setup. I'm using a rest client to make calls into the server. I'm on the latest version of better-auth
auth-middleware
auth.ts
index.ts - app and routing setup
import { Session, User } from "better-auth/types";
import { auth } from "../libs/auth/auth";
import Elysia, { Context, error } from "elysia";
export const userMiddleware = new Elysia()
.derive(async (c: Context) => {
const session = await auth.api.getSession({ headers: c.request.headers });
console.log("session", session);
if (!session) {
return error(401, {
message: 'Unauthorized Access: Token is missing'
});
}
return {
user: session.user,
session: session.session
}
})
.as("plugin");
import { Session, User } from "better-auth/types";
import { auth } from "../libs/auth/auth";
import Elysia, { Context, error } from "elysia";
export const userMiddleware = new Elysia()
.derive(async (c: Context) => {
const session = await auth.api.getSession({ headers: c.request.headers });
console.log("session", session);
if (!session) {
return error(401, {
message: 'Unauthorized Access: Token is missing'
});
}
return {
user: session.user,
session: session.session
}
})
.as("plugin");
import { betterAuth } from "better-auth";
import { drizzleAdapter } from "better-auth/adapters/drizzle";
import { db } from "../db";
import { account, session, user, verification } from "../db/schema";
export const auth = betterAuth({
database: drizzleAdapter(db, { // We're using Drizzle as our database
provider: "pg",
/*
* Map your schema into a better-auth schema
*/
schema: {
user,
session,
verification,
account,
},
}),
emailAndPassword: {
enabled: true // If you want to use email and password auth
},
});
import { betterAuth } from "better-auth";
import { drizzleAdapter } from "better-auth/adapters/drizzle";
import { db } from "../db";
import { account, session, user, verification } from "../db/schema";
export const auth = betterAuth({
database: drizzleAdapter(db, { // We're using Drizzle as our database
provider: "pg",
/*
* Map your schema into a better-auth schema
*/
schema: {
user,
session,
verification,
account,
},
}),
emailAndPassword: {
enabled: true // If you want to use email and password auth
},
});
import { Elysia, t } from "elysia";
import { cors } from "@elysiajs/cors";
import betterAuthView from "./libs/auth/auth-view";
import { swagger } from "@elysiajs/swagger";
import { userMiddleware } from "./middlewares/auth-middleware";
import { auth } from "./libs/auth/auth";
import { error } from "elysia";
const app = new Elysia()
.use(cors({
origin: ['http://localhost:3000'],
allowedHeaders: ['Content-Type', 'Authorization'],
methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
credentials: true,
}))
.use(swagger())
.all("/api/auth/*", betterAuthView)
.group("/api", (app) => app
.use(userMiddleware)
.get("/test", () => "Hello Elysia")
)
.get("/auth/register", async ({ body }) => {
// TODO: Implement registration logic with Better Auth
const response = await auth.api.signUpEmail({
body: {
email: body.email,
password: body.password,
name: body.name,
}
})
return response;
}, {
body: t.Object({
email: t.String(),
password: t.String(),
name: t.String(),
})
})
.post("/auth/login", async ({ body }) => {
const response = await auth.api.signInEmail({
body: {
email: body.email,
password: body.password,
}
});
return {
...response,
};
}, {
body: t.Object({
email: t.String(),
password: t.String(),
}),
// response: t.Object({
// token: t.String(),
// })
})
.listen(3000);
console.log(
`🦊 Elysia is running at ${app.server?.hostname}:${app.server?.port}`
);
import { Elysia, t } from "elysia";
import { cors } from "@elysiajs/cors";
import betterAuthView from "./libs/auth/auth-view";
import { swagger } from "@elysiajs/swagger";
import { userMiddleware } from "./middlewares/auth-middleware";
import { auth } from "./libs/auth/auth";
import { error } from "elysia";
const app = new Elysia()
.use(cors({
origin: ['http://localhost:3000'],
allowedHeaders: ['Content-Type', 'Authorization'],
methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
credentials: true,
}))
.use(swagger())
.all("/api/auth/*", betterAuthView)
.group("/api", (app) => app
.use(userMiddleware)
.get("/test", () => "Hello Elysia")
)
.get("/auth/register", async ({ body }) => {
// TODO: Implement registration logic with Better Auth
const response = await auth.api.signUpEmail({
body: {
email: body.email,
password: body.password,
name: body.name,
}
})
return response;
}, {
body: t.Object({
email: t.String(),
password: t.String(),
name: t.String(),
})
})
.post("/auth/login", async ({ body }) => {
const response = await auth.api.signInEmail({
body: {
email: body.email,
password: body.password,
}
});
return {
...response,
};
}, {
body: t.Object({
email: t.String(),
password: t.String(),
}),
// response: t.Object({
// token: t.String(),
// })
})
.listen(3000);
console.log(
`🦊 Elysia is running at ${app.server?.hostname}:${app.server?.port}`
);
2 replies