fix: trusted origins list not being respsected

demo/nextjs/lib/auth.ts

@@ -41,7 +41,7 @@ export const auth = betterAuth({
 	appName: "Better Auth Demo",
 	database: {
 		dialect,
-		type: "mysql",
+		type: process.env.USE_MYSQL ? "mysql" : "sqlite",
 	},
 	session: {
 		cookieCache: {

packages/better-auth/src/api/routes/forget-password.ts

@@ -44,7 +44,7 @@ export const forgetPassword = createAuthEndpoint(
 			 * error=INVALID_TOKEN`. If the token is valid, it'll be redirected with a query parameter `?
 			 * token=VALID_TOKEN
 			 */
-			redirectTo: z.string(),
+			redirectTo: z.string().optional(),
 		}),
 	},
 	async (ctx) => {

packages/better-auth/src/api/routes/sign-up.ts

@@ -12,7 +12,6 @@ import type {
 } from "../../types";
 import type { toZod } from "../../types/to-zod";
 import { parseUserInput } from "../../db/schema";
-import { getDate } from "../../utils/date";
 
 export const signUpEmail = <O extends BetterAuthOptions>() =>
 	createAuthEndpoint(

packages/better-auth/src/auth.ts

@@ -25,13 +25,11 @@ export const betterAuth = <O extends BetterAuthOptions>(options: O) => {
 				ctx.options.baseURL = baseURL;
 				ctx.baseURL = baseURL;
 			}
-			ctx.trustedOrigins.push(url.origin);
+			ctx.trustedOrigins = [
-			if (!ctx.options.baseURL) {
+				...(options.trustedOrigins || []),
-				return new Response("Base URL not set", { status: 400 });
+				ctx.baseURL,
-			}
+				url.origin,
-			if (url.pathname === basePath || url.pathname === `${basePath}/`) {
+			];
-				return new Response("Welcome to BetterAuth", { status: 200 });
-			}
 			const { handler } = router(ctx, options);
 			return handler(request);
 		},