braveheartwilliam
BABetter Auth
•Created by braveheartwilliam on 2/26/2025 in #help
GetSession not returning user and/or session objects, here’s details
UPDATE: signInEmail is successfully making database calls, but the getSession is not. It’s a svelte5/sveltekit project implementing authentication with better-auth. Route protection implemented in routes/+hooks.server.ts, routes/login/+page.server.ts is successfully logging in and creating a valid (I believe) cookie. Here’s code and logged results. My apologies for all the logs, I’m a novice at everything so just trying to work my way through this. Wish it worked like the better-auth documentation for svelte.
See attached PDF for code and logs. I tried numerous approaches suggested by AI tools and people to extract data from the "body" of the response object but not successful. The <pending> in the response from getSession using response.json() makes me wonder if the database isn't responding but shouldn't the console.log not process given the "await" on the getSession. And, the signInEmail updates the database perfectly.
auth.ts file
export const auth = betterAuth({
database: drizzleAdapter(dbAUTH, {
provider: 'sqlite',
schema: { user, session, account, verification }
}),
session: {
strategy: 'database',
// storeSessionInDatabase: true,
// preserveSessionInDatabase: true,
secret: process.env.AUTH_SECRET,
expiresIn: 30 * 24 * 60 * 60,
freshAge: 60 * 5,
cookieCache: {
maxAge: 60 * 60 * 24 * 30,
enabled: true
},
cookie: {
name: 'better-auth.session_token',
// path: '/',
// maxAge: 60 * 60 * 24 * 30, // 30 days
secure: process.env.NODE_ENV === 'production',
httpOnly: true,
sameSite: 'lax'
}
},
emailAndPassword: {
enabled: true,
async onSignIn({ user, session }: { user: User; session: Session }) {
console.log('auth - onSignIn - user', user, 'session', session);
return { session, user };
}
},
3 replies
BABetter Auth
•Created by braveheartwilliam on 2/25/2025 in #help
getSession returns/is null in hooks.server.ts (svelte5/sveltekit)
Here's relevant parts:
hooks.server.ts: ...try {
// Validate the token using getSession
const sessionData = await auth.api.getSession({
headers: event.request.headers // Includes Cookie: session=token
}); ...
i've confirmed through console.log that the "event.request.headers" contains a token (I'm using "auth.api.signInEmail" in routes/login/page.server.ts")
[previous code processed email and password input from a form - both email and password are present and valid]
try {
const loginResponse = await auth.api.signInEmail({
body: {
email: email,
password: password
},
// asResponse: true,
headers: request.headers
});
console.log('login - headers', request.headers);
console.log('login - session', JSON.stringify(loginResponse, null, 2));
if (!loginResponse.token) {
throw new Error('No token returned');
}
// Set session cookie
cookies.set('version1_session', loginResponse.token, {
path: '/',
maxAge: 30 * 24 * 60 * 60
// httpOnly: true,
// sameSite: 'lax'
// secure: process.env.NODE_ENV === 'production'
});
... The database is being updated with session id, create/update dates, token, etc. i've confirmed that the token. in the database is the same one found in the header in "hooks". I've tried the "auth.api.getSession" in "routes/+layout.server.ts" and "routes/login/+page.server.ts" with same null result. In looking at the better-auth code for the sessions.ts that exposes getSession, it appears (to my very novice eyes) that it should use that token to query the database and on finding the token, return a session object and a user object. Any help would be GREATLY appreciated.
... The database is being updated with session id, create/update dates, token, etc. i've confirmed that the token. in the database is the same one found in the header in "hooks". I've tried the "auth.api.getSession" in "routes/+layout.server.ts" and "routes/login/+page.server.ts" with same null result. In looking at the better-auth code for the sessions.ts that exposes getSession, it appears (to my very novice eyes) that it should use that token to query the database and on finding the token, return a session object and a user object. Any help would be GREATLY appreciated.
4 replies