bc 🐧🪺
bc 🐧🪺
Explore posts from servers
BABetter Auth
Created by bc 🐧🪺 on 4/20/2025 in #help
Legal terms compliance
I added a terms of service and privacy policy acceptance checkbox to my sign up form. User accounts cannot be created without checking this box, however the acceptance is not stored in the database at all (e.g. no timestamp, hash/version of the accepted terms documents, etc.). Does anyone know if this is sufficient, legally compliant with e.g. GDPR or do I need to store acceptance information in the database? I did see some discussion about this in this discord server, but not much about legal compliance in the first place. If it's sufficient to not have to worry about storing this info i'd rather take the simpler path! Relevant GDPR section: https://gdpr-info.eu/art-7-gdpr/ I know this is outside the scope of better auth, but figured this is a great community to ask this question and potentially save on attorney fees 😉 Good shared public knowledge with this question!
6 replies
BABetter Auth
Created by bc 🐧🪺 on 4/18/2025 in #help
[OIDC] federated logout (`end_session_endpoint`)
Does BA implement the OIDC standard end_session_endpoint in the OIDC provider plugin for federated (RP-initiated) logout use cases? Section 2 "RP-Initiated Logout" in the spec here: https://openid.net/specs/openid-connect-rpinitiated-1_0.html
1 replies
DTDrizzle Team
Created by bc 🐧🪺 on 4/17/2025 in #help
Generated Column Unique Constraint
The Drizzle docs on generated columns (https://orm.drizzle.team/docs/generated-columns), for Postgres, say "Cannot directly use in primary keys, foreign keys, or unique constraints" Does this mean that generated columns cannot have unique constraints generated in the SQL? The postgres docs (https://www.postgresql.org/docs/current/ddl-generated-columns.html) are linked, but I don't see any mention about unique constraints being unsupported there. Is this then a limitation of Drizzle, or is it a Postgres limitation after all?
1 replies
BABetter Auth
Created by bc 🐧🪺 on 4/15/2025 in #help
[OIDC] `offline_access` invalid scope
Using BA OIDC plugin, from an OIDC RP (Auth.js on Next.js app) I am requesting the offline_access scope but get GET /api/auth/oauth2/authorize?error=invalid_scope&error_description=The%20following%20scopes%20are%20invalid:%20offline_access 302 in 26ms BA OIDC plugin docs say that offline_access is in the default scopes array (openid profile email offline_access). Am I missing a BA config option, or is it an issue on the RP side?
17 replies
BABetter Auth
Created by bc 🐧🪺 on 3/27/2025 in #help
Next Auth `iss` claim missing
No description
5 replies
BABetter Auth
Created by bc 🐧🪺 on 2/12/2025 in #help
Stateless, Databaseless Auth
Following up from https://discord.com/channels/1288403910284935179/1288403910284935182/1307115558009045003, is there a way to use Better Auth as an OIDC RP without setting up a database for Better Auth? I already have an OIDC OP (Keycloak) I'd like to use (it already stores user data), and want to strictly use Better Auth as a client library in a Next.js app with it. Auth.js supports this (https://authjs.dev/getting-started/database: "Auth.js integrations save sessions in a cookie by default. Therefore, setting up a database is optional.")
2 replies
BABetter Auth
Created by bc 🐧🪺 on 12/31/2024 in #help
OIDC Provider Plans
I understand better auth supports upstream OIDC providers via the OIDC Provider plugin. Are there plans for better auth itself to become a compliant OIDC provider (much like Keycloak, Zitadel, ORY Hydra, etc.), or is this out of scope of the project?
7 replies
RRefine
Created by afraid-scarlet on 5/17/2024 in #ask-any-question
Is there any reason to use Refine if it ends up being more code?
I trialed refine in an existing admin UI (Next.js, React Hook Form, React Query) powered by a GraphQL API. I noticed rather quickly that the code ended up being more (~2x) than I currently had for CRUD operations. I am curious if there are other reasons to use Refine aside from the CRUD components/hooks? I suppose auth but that I would rather proxy to another provider (currently using OIDC with next-auth)
5 replies