github-starred/better-auth
2
0
Fork 0
mirror of https://github.com/better-auth/better-auth.git synced 2026-05-24 16:11:53 -05:00
Code Issues 2.5k Packages Projects Releases 112 Wiki Activity

Support for Configuration Using Callbacks #2175

New Issue
Closed
opened 2026-03-13 09:32:01 -05:00 by GiteaMirror · 2 comments
GiteaMirror commented 2026-03-13 09:32:01 -05:00
Owner
Copy Link

Originally created by @DustinMoriarty on GitHub (Oct 22, 2025).

Is this suited for github?

  • Yes, this is suited for github

Is your feature request related to a problem? Please describe.

I am loving BetterAuth. However, the mixing of structure with configuration concerns really bothers me.

In general in software, it is considered an anti-pattern to configure an application in global or module scope variables because such practices hinder testability, portability, flexibility and separation of concerns. We generally like to build applications with only a very thin configuration layer at the very top level close to the application entrypoint layer. It should be possible to import a module without any configuration values. Import time logic should be minimized in general. I should not have to provide things like secrets and urls at build time. I really like the BetterAuth architecture. However, the build time / import time configuration really bothers me. Instead of being able to put configuration on a thin layer on top, BetterAuth puts configuration at the very foundation of the application in module scope singletons, building everything off of it.

I am stuck with having to put in real or placeholder values during the build pipeline. This defeats the purpose of validating runtime configuration at runtime. At true runtime, the application should fail fast if certain values are not provided. Putting placeholder values in will hinder my runtime validations.

I think that BetterAuth is confusing the term configuraton for two very different use cases.

  1. True configuration is what you set in your infrastructure when you deploy an application. These are things like env variables you pass to a container and don't even build into an image. A configurable application is built once and deployed with many different environments.
  2. Application structure and typing. This is not actually configuration at all. It is simply implementation of the framework.

It should be possible to instantiate (2) at build / import time without (1). I should be able to tell BetterAuth that I want to use a Postgres database without providing a database string. I should be able to tell BetterAuth that I want to use an OAuth provider without giving a client ID. I don't think this is really that big of a tear-up. It just means allowing callbacks to be passed instead of instantiated values. Use the callback return types for inference. The whole point of using interfaces is to be able to define structure without defining details or implementation.

Typing is a low level decision about the structure of the application which changes slowly during development time. Configuration is a high level decision which changes frequently at deployment time without any change to the code. These two concerns are very different and should not be mixed.

I know that in the JS/TS world, people are used to bundling variables into SPAs with a lot of patterns that are not acceptable in other languages. However, BetterAuth is a full stack framework, so I think that a callback oriented configuration approach would suit it better without too much tear up.

Describe the solution you'd like

Two Options:

  1. Support callbacks for more values within the auth object. I think this is probably the easiest, though may not be comprehensive. Target major pain point use cases like database configuration and auth plugin configuration.
  2. Support a callback for the entire auth object instead of requiring a singleton. This is what I would really like to see but it may require a bigger change.

Describe alternatives you've considered

Placeholder values.

Additional context

No response

Originally created by @DustinMoriarty on GitHub (Oct 22, 2025). ### Is this suited for github? - [ ] Yes, this is suited for github ### Is your feature request related to a problem? Please describe. I am loving BetterAuth. However, the mixing of structure with configuration concerns really bothers me. In general in software, it is considered an anti-pattern to configure an application in global or module scope variables because such practices hinder testability, portability, flexibility and separation of concerns. We generally like to build applications with only a very thin configuration layer at the very top level close to the application entrypoint layer. It should be possible to import a module without any configuration values. Import time logic should be minimized in general. I should not have to provide things like secrets and urls at build time. I really like the BetterAuth architecture. However, the build time / import time configuration really bothers me. Instead of being able to put configuration on a thin layer on top, BetterAuth puts configuration at the very foundation of the application in module scope singletons, building everything off of it. I am stuck with having to put in real or placeholder values during the build pipeline. This defeats the purpose of validating runtime configuration at runtime. At true runtime, the application should fail fast if certain values are not provided. Putting placeholder values in will hinder my runtime validations. I think that BetterAuth is confusing the term configuraton for two very different use cases. 1. True configuration is what you set in your infrastructure when you deploy an application. These are things like env variables you pass to a container and don't even build into an image. A configurable application is built once and deployed with many different environments. 2. Application structure and typing. This is not actually configuration at all. It is simply implementation of the framework. It should be possible to instantiate (2) at build / import time without (1). I should be able to tell BetterAuth that I want to use a Postgres database without providing a database string. I should be able to tell BetterAuth that I want to use an OAuth provider without giving a client ID. I don't think this is really that big of a tear-up. It just means allowing callbacks to be passed instead of instantiated values. Use the callback return types for inference. The whole point of using interfaces is to be able to define structure without defining details or implementation. Typing is a low level decision about the structure of the application which changes slowly during development time. Configuration is a high level decision which changes frequently at deployment time without any change to the code. These two concerns are very different and should not be mixed. I know that in the JS/TS world, people are used to bundling variables into SPAs with a lot of patterns that are not acceptable in other languages. However, BetterAuth is a full stack framework, so I think that a callback oriented configuration approach would suit it better without too much tear up. ### Describe the solution you'd like Two Options: 1. Support callbacks for more values within the auth object. I think this is probably the easiest, though may not be comprehensive. Target major pain point use cases like database configuration and auth plugin configuration. 2. Support a callback for the entire auth object instead of requiring a singleton. This is what I would really like to see but it may require a bigger change. ### Describe alternatives you've considered Placeholder values. ### Additional context _No response_
GiteaMirror added the enhancement label 2026-03-13 09:32:01 -05:00
GiteaMirror commented 2026-03-13 09:32:02 -05:00
Author
Owner
Copy Link

@LaDorade commented on GitHub (Oct 26, 2025):

Yeah +1 on that, defining a callback to get the secret would be very cool in the context of a self-hosted app

@LaDorade commented on GitHub (Oct 26, 2025): Yeah +1 on that, defining a callback to get the secret would be very cool in the context of a self-hosted app
GiteaMirror commented 2026-03-13 09:32:03 -05:00
Author
Owner
Copy Link

@dosubot[bot] commented on GitHub (Jan 25, 2026):

Hi, @DustinMoriarty. I'm Dosu, and I'm helping the better-auth team manage their backlog and am marking this issue as stale.

Issue Summary:

  • You requested support for configuration via callbacks instead of module-scope singletons to separate application structure from runtime configuration.
  • This approach aims to improve testability and flexibility by allowing runtime validation of secrets and URLs while defining app structure at build time.
  • Another user, LaDorade, agreed and emphasized the benefits of callback-based secret retrieval for self-hosted applications.
  • The issue remains unresolved with no recent updates or progress.

Next Steps:

  • Please let me know if this feature is still relevant to the latest version of better-auth by commenting on this issue.
  • If I do not hear back within 7 days, the issue will be automatically closed.

Thank you for your understanding and contribution!

@dosubot[bot] commented on GitHub (Jan 25, 2026): Hi, @DustinMoriarty. I'm [Dosu](https://dosu.dev), and I'm helping the better-auth team manage their backlog and am marking this issue as stale. **Issue Summary:** - You requested support for configuration via callbacks instead of module-scope singletons to separate application structure from runtime configuration. - This approach aims to improve testability and flexibility by allowing runtime validation of secrets and URLs while defining app structure at build time. - Another user, LaDorade, agreed and emphasized the benefits of callback-based secret retrieval for self-hosted applications. - The issue remains unresolved with no recent updates or progress. **Next Steps:** - Please let me know if this feature is still relevant to the latest version of better-auth by commenting on this issue. - If I do not hear back within 7 days, the issue will be automatically closed. Thank you for your understanding and contribution!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
adapter
astro
awaiting external contributor
blocked
breaking
breaking change
bug
c-devops
core
credentials
database
dependencies
devops
devtools
docs
documentation
duplicate
elysia
enhancement
enterprise
expo
express
fastify
good first issue
help wanted
hono
identity
infra
integration
invalid
javascript
locked
maintenance
need-more-information
needs: info
needs: repro
nextjs
nuxt
oauth
organization
P0
payments
perf
platform
plugin
pull-request
Mirrored from GitHub Pull Request
 question
ready
regression
remix
security
social-provider
solid
stale
svelte
tanstack-start
tracking
version-bump
vue
wontfix
No Label enhancement
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/better-auth#2175
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?