github-starred/better-auth
2
0
Fork 0
mirror of https://github.com/better-auth/better-auth.git synced 2026-05-23 23:52:05 -05:00
Code Issues 2.5k Packages Projects Releases 112 Wiki Activity

better auth open api user and session component both have id as not required #2433

New Issue
Closed
opened 2026-03-13 09:53:47 -05:00 by GiteaMirror · 4 comments
GiteaMirror commented 2026-03-13 09:53:47 -05:00
Owner
Copy Link

Originally created by @GitonioDev on GitHub (Dec 1, 2025).

Is this suited for github?

  • Yes, this is suited for github

To Reproduce

  1. Create better auth setup
  2. Create open api document with auth.api.generateOpenAPISchema()

Current vs. Expected behavior

Current: Session and User components have id as possible undefined because required is not set for them

Expected: id should be required to not have id?: string | undefined when generating types from the schema

What version of Better Auth are you using?

1.4.3

System info

{
  "system": {
    "platform": "win32",
    "arch": "x64",
    "version": "Windows 10 IoT Enterprise LTSC 2021",
    "release": "10.0.19044",
    "cpuCount": 28,
    "cpuModel": "Intel(R) Core(TM) i7-14700K",
    "totalMemory": "31.77 GB",
    "freeMemory": "17.26 GB"
  },
  "node": {
    "version": "v22.14.0",
    "env": "development"
  },
  "packageManager": {
    "name": "npm",
    "version": "10.9.2"
  },
}

Which area(s) are affected? (Select all that apply)

Types

Auth config (if applicable)

import { betterAuth } from "better-auth"
export const auth = betterAuth({
  emailAndPassword: {  
    enabled: true
  },
});

Additional context

No response

Originally created by @GitonioDev on GitHub (Dec 1, 2025). ### Is this suited for github? - [x] Yes, this is suited for github ### To Reproduce 1. Create better auth setup 2. Create open api document with auth.api.generateOpenAPISchema() ### Current vs. Expected behavior Current: Session and User components have id as possible undefined because required is not set for them Expected: id should be required to not have id?: string | undefined when generating types from the schema ### What version of Better Auth are you using? 1.4.3 ### System info ```bash { "system": { "platform": "win32", "arch": "x64", "version": "Windows 10 IoT Enterprise LTSC 2021", "release": "10.0.19044", "cpuCount": 28, "cpuModel": "Intel(R) Core(TM) i7-14700K", "totalMemory": "31.77 GB", "freeMemory": "17.26 GB" }, "node": { "version": "v22.14.0", "env": "development" }, "packageManager": { "name": "npm", "version": "10.9.2" }, } ``` ### Which area(s) are affected? (Select all that apply) Types ### Auth config (if applicable) ```typescript import { betterAuth } from "better-auth" export const auth = betterAuth({ emailAndPassword: { enabled: true }, }); ``` ### Additional context _No response_
GiteaMirror added the enhancement label 2026-03-13 09:53:47 -05:00
GiteaMirror commented 2026-03-13 09:53:49 -05:00
Author
Owner
Copy Link

@better-auth-agent[bot] commented on GitHub (Dec 1, 2025):

Hi there! Thanks for filing the issue. Based on your description, it looks like the open API schema generation is inferring the id fields for both the user and session components as optional. This can happen if the core definitions or type annotations in your auth configuration don’t explicitly mark the id field as required. One troubleshooting step is to explicitly set the id field in your schema definitions or add a type annotation to force it as required. You might also want to double-check your underlying database schema to ensure that the id field is non-nullable, as the API generator tends to follow those definitions. If you continue encountering this behavior, please tag @bekacru or @ping__ for further insights from our team. Tag @better-auth-agent if you would like an answer from the Agent.

What additional details of your configuration can you share that might help narrow down the discrepancy?

If you need more help, tag @Skyvern in a comment so I can respond.

DiagramDiscordGitHub

Diagram Join Star

@better-auth-agent[bot] commented on GitHub (Dec 1, 2025): Hi there! Thanks for filing the issue. Based on your description, it looks like the open API schema generation is inferring the id fields for both the user and session components as optional. This can happen if the core definitions or type annotations in your auth configuration don’t explicitly mark the id field as required. One troubleshooting step is to explicitly set the id field in your schema definitions or add a type annotation to force it as required. You might also want to double-check your underlying database schema to ensure that the id field is non-nullable, as the API generator tends to follow those definitions. If you continue encountering this behavior, please tag @bekacru or @ping__ for further insights from our team. Tag @better-auth-agent if you would like an answer from the Agent. What additional details of your configuration can you share that might help narrow down the discrepancy? _If you need more help, tag @Skyvern in a comment so I can respond._ <!-- bot:webhook reply v1 --> [Diagram](https://repodiagrams.s3.eu-north-1.amazonaws.com/skyvern_ultra_detailed_interactive.html) • [Discord](https://discord.gg/fG2XXEuQX3) • [GitHub](https://github.com/Skyvern-AI/Skyvern) [![Diagram](https://img.shields.io/badge/Diagram-2b3137?style=flat-square)](https://repodiagrams.s3.eu-north-1.amazonaws.com/skyvern_ultra_detailed_interactive.html) [![Join](https://img.shields.io/badge/join-5865F2?logo=discord&logoColor=white&style=flat-square)](https://discord.gg/fG2XXEuQX3) [![Star](https://img.shields.io/badge/star-181717?logo=github&logoColor=white&style=flat-square)](https://github.com/Skyvern-AI/Skyvern)
GiteaMirror commented 2026-03-13 09:53:50 -05:00
Author
Owner
Copy Link

@dosubot[bot] commented on GitHub (Dec 1, 2025):

This is a known limitation in Better Auth's OpenAPI schema generation. The id field is always present in the User and Session component schemas, but it's not marked as required because the schema generator injects id separately and doesn't add it to the required array by default. This causes generated types to allow id?: string | undefined instead of id: string reference.

A practical workaround is to patch the generated OpenAPI schema after calling auth.api.generateOpenAPISchema(). You can add id to the required array for the User and Session schemas like this:

const schema = await auth.api.generateOpenAPISchema();

for (const key of ["User", "Session"]) {
  const comp = schema.components?.schemas?.[key];
  if (comp && Array.isArray(comp.required) && !comp.required.includes("id")) {
    comp.required.push("id");
  }
}

export default schema;

This ensures that tools generating types from your OpenAPI schema will treat id as required.

A permanent fix would involve updating the schema generator to always include id in the required array for these models. Until then, manual patching is the recommended approach. Let me know if you need help with anything else!

To reply, just mention @dosu.

How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other

Chat with Dosu Open in Cursor Join Discord Share on X

@dosubot[bot] commented on GitHub (Dec 1, 2025): <!-- Answer --> This is a known limitation in Better Auth's OpenAPI schema generation. The `id` field is always present in the User and Session component schemas, but it's not marked as required because the schema generator injects `id` separately and doesn't add it to the `required` array by default. This causes generated types to allow `id?: string | undefined` instead of `id: string` [reference](https://github.com/better-auth/better-auth/blob/33eeb8b21474a00a535c3b4c91057d7f0205028a/packages/better-auth/src/plugins/open-api/generator.ts#L345-L572). A practical workaround is to patch the generated OpenAPI schema after calling `auth.api.generateOpenAPISchema()`. You can add `id` to the `required` array for the User and Session schemas like this: ```js const schema = await auth.api.generateOpenAPISchema(); for (const key of ["User", "Session"]) { const comp = schema.components?.schemas?.[key]; if (comp && Array.isArray(comp.required) && !comp.required.includes("id")) { comp.required.push("id"); } } export default schema; ``` This ensures that tools generating types from your OpenAPI schema will treat `id` as required. A permanent fix would involve updating the schema generator to always include `id` in the `required` array for these models. Until then, manual patching is the recommended approach. Let me know if you need help with anything else! <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/2b020cf8-d39e-4cca-a938-5b5efdc8dbac?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/2b020cf8-d39e-4cca-a938-5b5efdc8dbac?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/2b020cf8-d39e-4cca-a938-5b5efdc8dbac?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/2b020cf8-d39e-4cca-a938-5b5efdc8dbac?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/2b020cf8-d39e-4cca-a938-5b5efdc8dbac?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/2b020cf8-d39e-4cca-a938-5b5efdc8dbac?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/2b020cf8-d39e-4cca-a938-5b5efdc8dbac?feedback_type=other)</sup> [![Chat with Dosu](https://dosu.dev/dosu-chat-badge.svg)](https://app.dosu.dev/cdda13d9-dd27-4d31-b09a-5d8bec92de21/ask?utm_source=github)&nbsp;[![Open in Cursor](https://dosu.dev/dosu-in-cursor.svg)](https://cursor.com/link/prompt?text=This%20is%20a%20known%20limitation%20in%20Better%20Auth%27s%20OpenAPI%20schema%20generation.%20The%20%60id%60%20field%20is%20always%20present%20in%20the%20User%20and%20Session%20component%20schemas%2C%20but%20it%27s%20not%20marked%20as%20required%20because%20the%20schema%20generator%20injects%20%60id%60%20separately%20and%20doesn%27t%20add%20it%20to%20the%20%60required%60%20array%20by%20default.%20This%20causes%20generated%20types%20to%20allow%20%60id%3F%3A%20string%20%7C%20undefined%60%20instead%20of%20%60id%3A%20string%60%C2%A0%5Breference%5D%28https%3A//github.com/better-auth/better-auth/blob/33eeb8b21474a00a535c3b4c91057d7f0205028a/packages/better-auth/src/plugins/open-api/generator.ts%23L345-L572%29.%0A%0AA%20practical%20workaround%20is%20to%20patch%20the%20generated%20OpenAPI%20schema%20after%20calling%20%60auth.api.generateOpenAPISchema%28%29%60.%20You%20can%20add%20%60id%60%20to%20the%20%60required%60%20array%20for%20the%20User%20and%20Session%20schemas%20like%20this%3A%0A%0A%60%60%60js%0Aconst%20schema%20%3D%20await%20auth.api.generateOpenAPISchema%28%29%3B%0A%0Afor%20%28const%20key%20of%20%5B%22User%22%2C%20%22Session%22%5D%29%20%7B%0A%20%20const%20comp%20%3D%20schema.components%3F.schemas%3F.%5Bkey%5D%3B%0A%20%20if%20%28comp%20%26%26%20Array.isArray%28comp.required%29%20%26%26%20%21comp.required.includes%28%22id%22%29%29%20%7B%0A%20%20%20%20comp.required.push%28%22id%22%29%3B%0A%20%20%7D%0A%7D%0A%0Aexport%20default%20schema%3B%0A%60%60%60%0A%0AThis%20ensures%20that%20tools%20generating%20types%20from%20your%20OpenAPI%20schema%20will%20treat%20%60id%60%20as%20required.%0A%0AA%20permanent%20fix%20would%20involve%20updating%20the%20schema%20generator%20to%20always%20include%20%60id%60%20in%20the%20%60required%60%20array%20for%20these%20models.%20Until%20then%2C%20manual%20patching%20is%20the%20recommended%20approach.%20Let%20me%20know%20if%20you%20need%20help%20with%20anything%20else%21)&nbsp;[![Join Discord](https://img.shields.io/badge/join-5865F2?logo=discord&logoColor=white&label=)](https://go.dosu.dev/discord-bot)&nbsp;[![Share on X](https://img.shields.io/badge/X-share-black)](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/better-auth/better-auth/issues/6446)
GiteaMirror commented 2026-03-13 09:53:51 -05:00
Author
Owner
Copy Link

@shays-og commented on GitHub (Dec 4, 2025):

working on it.

@shays-og commented on GitHub (Dec 4, 2025): working on it.
GiteaMirror commented 2026-03-13 09:53:51 -05:00
Author
Owner
Copy Link

@dosubot[bot] commented on GitHub (Mar 5, 2026):

Hi, @GitonioDev. I'm Dosu, and I'm helping the better-auth team manage their backlog and am marking this issue as stale.

Issue Summary:

  • You reported that in Better Auth v1.4.3, the OpenAPI schema incorrectly marks the "id" field as optional in User and Session components.
  • This causes issues with type generation tools expecting "id" to be required.
  • The schema generator currently injects "id" but does not mark it as required, which is a known limitation.
  • A manual patch to add "id" to the required array was suggested as a temporary workaround.
  • The maintainer, shays-og, acknowledged the issue and is actively working on a fix.

Next Steps:

  • Please let me know if this issue is still relevant with the latest version of better-auth by commenting here.
  • If I do not hear back within 7 days, I will automatically close this issue.

Thank you for your understanding and contribution!

@dosubot[bot] commented on GitHub (Mar 5, 2026): Hi, @GitonioDev. I'm [Dosu](https://dosu.dev), and I'm helping the better-auth team manage their backlog and am marking this issue as stale. **Issue Summary:** - You reported that in Better Auth v1.4.3, the OpenAPI schema incorrectly marks the "id" field as optional in User and Session components. - This causes issues with type generation tools expecting "id" to be required. - The schema generator currently injects "id" but does not mark it as required, which is a known limitation. - A manual patch to add "id" to the required array was suggested as a temporary workaround. - The maintainer, shays-og, acknowledged the issue and is actively working on a fix. **Next Steps:** - Please let me know if this issue is still relevant with the latest version of better-auth by commenting here. - If I do not hear back within 7 days, I will automatically close this issue. Thank you for your understanding and contribution!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
adapter
astro
awaiting external contributor
blocked
breaking
breaking change
bug
c-devops
core
credentials
database
dependencies
devops
devtools
docs
documentation
duplicate
elysia
enhancement
enterprise
expo
express
fastify
good first issue
help wanted
hono
identity
infra
integration
invalid
javascript
locked
maintenance
need-more-information
needs: info
needs: repro
nextjs
nuxt
oauth
organization
P0
payments
perf
platform
plugin
pull-request
Mirrored from GitHub Pull Request
 question
ready
regression
remix
security
social-provider
solid
stale
svelte
tanstack-start
tracking
version-bump
vue
wontfix
No Label enhancement
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/better-auth#2433
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?