github-starred/better-auth
2
0
Fork 0
mirror of https://github.com/better-auth/better-auth.git synced 2026-05-22 14:21:55 -05:00
Code Issues 2.5k Packages Projects Releases 112 Wiki Activity

[GH-ISSUE #2985] Everytime i issue a magic link the get-session api is automatically called in the client #26749

New Issue
Closed
opened 2026-04-17 17:25:22 -05:00 by GiteaMirror · 7 comments
GiteaMirror commented 2026-04-17 17:25:22 -05:00
Owner
Copy Link

Originally created by @MD-AZMAL on GitHub (Jun 11, 2025).
Original GitHub issue: https://github.com/better-auth/better-auth/issues/2985

Is this suited for github?

  • Yes, this is suited for github

To Reproduce

  1. call sign in with magic link API
 const { data, error } = await authClient.signIn.magicLink({ email, name });
  1. Observe the network tab, get-session is automatically called
  2. The network tab showing the initiation point is same for both requests

Image
Image

Current vs. Expected behavior

I am validating the session in the root App.tsx file, in the login page I want to show a message something like successfully sent the magic link to your inbox after calling signing with magic link API.

However since, the get-session is invoked automatically, changing the isPending parameter in the useSession hook for react my page rerenders, I go back to the same login page (as the user has not clicked on the magic link) only to get a blank new form.

If there's a way to disable the get-session API call when the magic link is sent, then that would help my usecase

Also I think refreshing the session just after sending the magic link is not necessary as it is dependant on user when to use the magic link

What version of Better Auth are you using?

1.2.9

Provide environment information

- OS (Windows 11)
- Browser (Chrome)

Which area(s) are affected? (Select all that apply)

Client

Auth config (if applicable)

export const authClient = createAuthClient({
  fetchOptions: {
    credentials: "include",
  },
  baseURL: `${AUTH_PROTOCOL}://${AUTH_URL}`,
  plugins: [magicLinkClient()],
});

Additional context

No response

Originally created by @MD-AZMAL on GitHub (Jun 11, 2025). Original GitHub issue: https://github.com/better-auth/better-auth/issues/2985 ### Is this suited for github? - [x] Yes, this is suited for github ### To Reproduce 1. call sign in with magic link API ```typescript const { data, error } = await authClient.signIn.magicLink({ email, name }); ``` 2. Observe the network tab, get-session is automatically called 3. The network tab showing the initiation point is same for both requests ![Image](https://github.com/user-attachments/assets/97ac04bb-1b8b-4d84-8109-a98edc8ee231) ![Image](https://github.com/user-attachments/assets/3f5bfbb4-2544-4326-aeef-09c99f649c48) ### Current vs. Expected behavior I am validating the session in the root App.tsx file, in the login page I want to show a message something like successfully sent the magic link to your inbox after calling signing with magic link API. However since, the get-session is invoked automatically, changing the isPending parameter in the useSession hook for react my page rerenders, I go back to the same login page (as the user has not clicked on the magic link) only to get a blank new form. If there's a way to disable the get-session API call when the magic link is sent, then that would help my usecase Also I think refreshing the session just after sending the magic link is not necessary as it is dependant on user when to use the magic link ### What version of Better Auth are you using? 1.2.9 ### Provide environment information ```bash - OS (Windows 11) - Browser (Chrome) ``` ### Which area(s) are affected? (Select all that apply) Client ### Auth config (if applicable) ```typescript export const authClient = createAuthClient({ fetchOptions: { credentials: "include", }, baseURL: `${AUTH_PROTOCOL}://${AUTH_URL}`, plugins: [magicLinkClient()], }); ``` ### Additional context _No response_
GiteaMirror added the lockedbug labels 2026-04-17 17:25:23 -05:00
GiteaMirror commented 2026-04-17 17:25:25 -05:00
Author
Owner
Copy Link

@ping-maxwell commented on GitHub (Jun 11, 2025):

Hey just as a note of information, not necessarily solving your case, but anytime an endpoint is called that better-auth deems relevant, the session will be refetched to update in case there are any changes on the session data in the DB.

<!-- gh-comment-id:2964317880 --> @ping-maxwell commented on GitHub (Jun 11, 2025): Hey just as a note of *information*, not necessarily solving your case, but anytime an endpoint is called that better-auth deems relevant, the session will be refetched to update in case there are any changes on the session data in the DB.
GiteaMirror commented 2026-04-17 17:25:26 -05:00
Author
Owner
Copy Link

@MD-AZMAL commented on GitHub (Jun 12, 2025):

As a workaround, I am directly calling the API to send the magic link instead of using the auth client. It works, but its not an ideal solution imo

<!-- gh-comment-id:2965107012 --> @MD-AZMAL commented on GitHub (Jun 12, 2025): As a workaround, I am directly calling the API to send the magic link instead of using the auth client. It works, but its not an ideal solution imo
GiteaMirror commented 2026-04-17 17:25:28 -05:00
Author
Owner
Copy Link

@MD-AZMAL commented on GitHub (Jun 12, 2025):

i figured out the issue is happening while using the useSession hook

this is how I am exporting the hook

// lib/better-auth.ts
export const authClient = createAuthClient({
  fetchOptions: {
    credentials: "include",
  },
  baseURL: `${AUTH_PROTOCOL}://${AUTH_URL}`,
  plugins: [magicLinkClient()],
});

export const useSession = authClient.useSession;

in my other component I am using the hook

  const { data } = useSession();

If the hook is in place the get-session API is being called, but if I comment It out the refetch is not happening, is there a way to handle this? because the session is not truly changing, so whats triggering the hook to run again?

<!-- gh-comment-id:2965203005 --> @MD-AZMAL commented on GitHub (Jun 12, 2025): i figured out the issue is happening while using the useSession hook this is how I am exporting the hook ```typescript // lib/better-auth.ts export const authClient = createAuthClient({ fetchOptions: { credentials: "include", }, baseURL: `${AUTH_PROTOCOL}://${AUTH_URL}`, plugins: [magicLinkClient()], }); export const useSession = authClient.useSession; ``` in my other component I am using the hook ``` const { data } = useSession(); ``` If the hook is in place the get-session API is being called, but if I comment It out the refetch is not happening, is there a way to handle this? because the session is not truly changing, so whats triggering the hook to run again?
GiteaMirror commented 2026-04-17 17:25:28 -05:00
Author
Owner
Copy Link

@ping-maxwell commented on GitHub (Jun 12, 2025):

because the session is not truly changing, so whats triggering the hook to run again?

Any BA endpoint that can possibly change/update the session will cause useSession to refetch the session data.
For example, if you had useSession in a navbar to render a profile image, it would display nothing until the user signs in. The moment they sign in, useSession refetches that data thus allowing the navbar to rerender and have that image.

<!-- gh-comment-id:2965506643 --> @ping-maxwell commented on GitHub (Jun 12, 2025): > because the session is not truly changing, so whats triggering the hook to run again? Any BA endpoint that can possibly change/update the session will cause useSession to refetch the session data. For example, if you had useSession in a navbar to render a profile image, it would display nothing until the user signs in. The moment they sign in, useSession refetches that data thus allowing the navbar to rerender and have that image.
GiteaMirror commented 2026-04-17 17:25:30 -05:00
Author
Owner
Copy Link

@MD-AZMAL commented on GitHub (Jun 12, 2025):

because the session is not truly changing, so whats triggering the hook to run again?

Any BA endpoint that can possibly change/update the session will cause useSession to refetch the session data. For example, if you had useSession in a navbar to render a profile image, it would display nothing until the user signs in. The moment they sign in, useSession refetches that data thus allowing the navbar to rerender and have that image.

got it, so creating a magic link also changes the session?, also is there any better workaround that you can suggest to optionally skip this behaviour only for the magic link creation API?

<!-- gh-comment-id:2965560629 --> @MD-AZMAL commented on GitHub (Jun 12, 2025): > > because the session is not truly changing, so whats triggering the hook to run again? > > Any BA endpoint that can possibly change/update the session will cause useSession to refetch the session data. For example, if you had useSession in a navbar to render a profile image, it would display nothing until the user signs in. The moment they sign in, useSession refetches that data thus allowing the navbar to rerender and have that image. got it, so creating a magic link also changes the session?, also is there any better workaround that you can suggest to optionally skip this behaviour only for the magic link creation API?
GiteaMirror commented 2026-04-17 17:25:30 -05:00
Author
Owner
Copy Link

@MD-AZMAL commented on GitHub (Jun 12, 2025):

Also @ping-maxwell , not related to this issue, but is there a way for to verify the token using better auth API, there's a different server in which I want to verify the token first, but the get-session API works only with cookies and not the bearer token (based on whatever I could understand). Could you possible solutions to this?

<!-- gh-comment-id:2965604733 --> @MD-AZMAL commented on GitHub (Jun 12, 2025): Also @ping-maxwell , not related to this issue, but is there a way for to verify the token using better auth API, there's a different server in which I want to verify the token first, but the get-session API works only with cookies and not the bearer token (based on whatever I could understand). Could you possible solutions to this?
GiteaMirror commented 2026-04-17 17:25:31 -05:00
Author
Owner
Copy Link

@ping-maxwell commented on GitHub (Jul 1, 2025):

Also @ping-maxwell , not related to this issue, but is there a way for to verify the token using better auth API, there's a different server in which I want to verify the token first, but the get-session API works only with cookies and not the bearer token (based on whatever I could understand). Could you possible solutions to this?

Open a new issue please, I'll address it there to not clog this issue

<!-- gh-comment-id:3021811999 --> @ping-maxwell commented on GitHub (Jul 1, 2025): > Also [@ping-maxwell](https://github.com/ping-maxwell) , not related to this issue, but is there a way for to verify the token using better auth API, there's a different server in which I want to verify the token first, but the get-session API works only with cookies and not the bearer token (based on whatever I could understand). Could you possible solutions to this? Open a new issue please, I'll address it there to not clog this issue
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
adapter
astro
awaiting external contributor
blocked
breaking
breaking change
bug
c-devops
core
credentials
database
dependencies
devops
devtools
docs
documentation
duplicate
elysia
enhancement
enterprise
expo
express
fastify
good first issue
help wanted
hono
identity
infra
integration
invalid
javascript
locked
maintenance
need-more-information
needs: info
needs: repro
nextjs
nuxt
oauth
organization
P0
payments
perf
platform
plugin
pull-request
Mirrored from GitHub Pull Request
 question
ready
regression
remix
security
social-provider
solid
stale
svelte
tanstack-start
tracking
version-bump
vue
wontfix
No Label bug locked
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/better-auth#26749
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?