From d14989c5bd88da5702bd04c75265a2ed3222632c Mon Sep 17 00:00:00 2001
From: Bereket Engida <bekacru@gmail.com>
Date: Wed, 20 Nov 2024 18:42:17 +0300
Subject: [PATCH] fix: trusted origins list not being respsected

---
 demo/nextjs/lib/auth.ts                              |  2 +-
 .../better-auth/src/api/routes/forget-password.ts    |  2 +-
 packages/better-auth/src/api/routes/sign-up.ts       |  1 -
 packages/better-auth/src/auth.ts                     | 12 +++++-------
 4 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/demo/nextjs/lib/auth.ts b/demo/nextjs/lib/auth.ts
index 50a5ab1b..2c645b73 100644
--- a/demo/nextjs/lib/auth.ts
+++ b/demo/nextjs/lib/auth.ts
@@ -41,7 +41,7 @@ export const auth = betterAuth({
 	appName: "Better Auth Demo",
 	database: {
 		dialect,
-		type: "mysql",
+		type: process.env.USE_MYSQL ? "mysql" : "sqlite",
 	},
 	session: {
 		cookieCache: {
diff --git a/packages/better-auth/src/api/routes/forget-password.ts b/packages/better-auth/src/api/routes/forget-password.ts
index 41c21a50..22a657e5 100644
--- a/packages/better-auth/src/api/routes/forget-password.ts
+++ b/packages/better-auth/src/api/routes/forget-password.ts
@@ -44,7 +44,7 @@ export const forgetPassword = createAuthEndpoint(
 			 * error=INVALID_TOKEN`. If the token is valid, it'll be redirected with a query parameter `?
 			 * token=VALID_TOKEN
 			 */
-			redirectTo: z.string(),
+			redirectTo: z.string().optional(),
 		}),
 	},
 	async (ctx) => {
diff --git a/packages/better-auth/src/api/routes/sign-up.ts b/packages/better-auth/src/api/routes/sign-up.ts
index 6f5ae3cd..3c9209fb 100644
--- a/packages/better-auth/src/api/routes/sign-up.ts
+++ b/packages/better-auth/src/api/routes/sign-up.ts
@@ -12,7 +12,6 @@ import type {
 } from "../../types";
 import type { toZod } from "../../types/to-zod";
 import { parseUserInput } from "../../db/schema";
-import { getDate } from "../../utils/date";
 
 export const signUpEmail = <O extends BetterAuthOptions>() =>
 	createAuthEndpoint(
diff --git a/packages/better-auth/src/auth.ts b/packages/better-auth/src/auth.ts
index 32c02b2e..37b8b973 100644
--- a/packages/better-auth/src/auth.ts
+++ b/packages/better-auth/src/auth.ts
@@ -25,13 +25,11 @@ export const betterAuth = <O extends BetterAuthOptions>(options: O) => {
 				ctx.options.baseURL = baseURL;
 				ctx.baseURL = baseURL;
 			}
-			ctx.trustedOrigins.push(url.origin);
-			if (!ctx.options.baseURL) {
-				return new Response("Base URL not set", { status: 400 });
-			}
-			if (url.pathname === basePath || url.pathname === `${basePath}/`) {
-				return new Response("Welcome to BetterAuth", { status: 200 });
-			}
+			ctx.trustedOrigins = [
+				...(options.trustedOrigins || []),
+				ctx.baseURL,
+				url.origin,
+			];
 			const { handler } = router(ctx, options);
 			return handler(request);
 		},