LukeParke/better-auth
1
0
Fork 0
mirror of https://github.com/LukeHagar/better-auth.git synced 2025-12-10 20:37:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: cookies

Browse Source
This commit is contained in:
Bereket Engida
2024-09-29 22:47:07 +03:00
parent cfa347f896
commit a60c911fcd
4 changed files with 81 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
docs/components/sidebar-content.tsx
View File

@@ -133,6 +133,23 @@ export const contents: Content[] = [
</svg> </svg>
), ),
}, },
{
title: "Cookies",
href: "/docs/concepts/cookies",
icon: () => (
<svg
xmlns="http://www.w3.org/2000/svg"
width="1.2em"
height=".21em"
viewBox="0 0 16 16"
>
<path
fill="currentColor"
d="M8 1a7 7 0 1 0 6.926 5.978a.5.5 0 0 0-.781-.338a2 2 0 0 1-3.111-1.273a.5.5 0 0 0-.401-.4A2 2 0 0 1 9.36 1.854a.5.5 0 0 0-.338-.78A7 7 0 0 0 8 1m0 7.75a.75.75 0 1 1 0-1.5a.75.75 0 0 1 0 1.5m-2 2a.75.75 0 1 1-1.5 0a.75.75 0 0 1 1.5 0M4.75 7a.75.75 0 1 1 0-1.5a.75.75 0 0 1 0 1.5m5.75 4.25a.75.75 0 1 1-1.5 0a.75.75 0 0 1 1.5 0"
></path>
</svg>
),
},
{ {
title: "Database", title: "Database",
icon: (props?: SVGProps<any>) => ( icon: (props?: SVGProps<any>) => (

55
docs/content/docs/concepts/cookies.mdx Normal file
View File

@@ -0,0 +1,55 @@
---
title: Cookies
description: Learn how cookies are used in BetterAuth
---
Cookies are used to store data such as session tokens, CSRF tokens, and more. All cookies are signed using the `secret` key provided in the auth options.
Core better auth cookies like `session` and `csrf` will follow `betterauth.${cookie_name}` format.
All cookies are `httpOnly` and `secure` if the server is running in production mode.
### Cross Subdomain Cookies
By default, cookies aren't shared across subdomains. You can enable cross subdomain cookies by setting `crossSubDomainCookies.enabled` to `true` in the `advanced` object in the auth options.
```ts title="auth.ts"
import { betterAuth } from "better-auth"
export const auth = await betterAuth({
adavaned: {
crossSubDomainCookies: {
enabled: true,
domain: "example.com" // Optional. Defaults to the base url domain
}
}
})
```
### Disable CSRF Cookie (Not Recommended)
If you want to disable the CSRF cookie, you can set `disableCsrfCheck` to `true` in the `advanced` object in the auth options.
```ts title="auth.ts"
import { betterAuth } from "better-auth"
export const auth = await betterAuth({
adavaned: {
disableCsrfCheck: true
}
})
```
### Secure Cookies
By default, cookies are secure if the server is running in production mode. You can force cookies to be secure by setting `useSecureCookies` to `true` in the `advanced` object in the auth options.
```ts title="auth.ts"
import { betterAuth } from "better-auth"
export const auth = await betterAuth({
adavaned: {
useSecureCookies: true
}
})
```

4
docs/content/docs/concepts/database.mdx
View File

@@ -99,12 +99,12 @@ Better auth requires the following tables to be present in the database. The typ
description: "User's email address for communication and login" description: "User's email address for communication and login"
}, },
{ {
name: "created_at", name: "createdAt",
type: "Date", type: "Date",
description: "Timestamp of when the user account was created" description: "Timestamp of when the user account was created"
}, },
{ {
name: "updated_at", name: "updatedAt",
type: "Date", type: "Date",
description: "Timestamp of the last update to the user's information" description: "Timestamp of the last update to the user's information"
}, },

7
packages/better-auth/src/types/options.ts
View File

@@ -268,6 +268,13 @@ export interface BetterAuthOptions {
* cookies will be shared across subdomains * cookies will be shared across subdomains
*/ */
eligibleCookies?: string[]; eligibleCookies?: string[];
/**
* The domain to use for the cookies
*
* By default, the domain will be the root
* domain from the base URL.
*/
domain?: string;
}; };
}; };
logger?: { logger?: {