github-starred/better-auth
2
0
Fork 0
mirror of https://github.com/better-auth/better-auth.git synced 2026-05-24 16:11:53 -05:00
Code Issues 2.5k Packages Projects Releases 112 Wiki Activity

[GH-ISSUE #5989] Creating a plugin endpoint named resetPassword will give a type error. #27717

New Issue
Closed
opened 2026-04-17 18:53:23 -05:00 by GiteaMirror · 20 comments
GiteaMirror commented 2026-04-17 18:53:23 -05:00
Owner
Copy Link

Originally created by @douwepausma on GitHub (Nov 14, 2025).
Original GitHub issue: https://github.com/better-auth/better-auth/issues/5989

Is this suited for github?

  • Yes, this is suited for github

To Reproduce

  1. Setup a basic better-auth installation in Next.js
  2. Create a better-auth plugin
  3. Add a resetPassword endpoint (e.g. /my-plugin/reset-password)
  4. Try and use the resetPassword like so authClient.strapiAuth.resetPassword()

Current vs. Expected behavior

Getting an unexpected type error.

What version of Better Auth are you using?

1.4.0-beta.20

System info

Property 'resetPassword' does not exist on type '{ signIn: <FetchOptions extends { method?: string | undefined; headers?: (HeadersInit & (HeadersInit | CommonHeaders)) | undefined; cache?: RequestCache | undefined; ... 32 more ...; disableValidation?: boolean | undefined; }>(data_0: Prettify<...>, data_1?: FetchOptions | undefined) => Promise<...>; } & { ...; } & ...'.

Which area(s) are affected? (Select all that apply)

Types

Auth config (if applicable)

export const auth = betterAuth({
    plugins: [
        myPlugin(),
    ],
    session: {
        cookieCache: {
            enabled: true,
            maxAge: 7 * 24 * 60 * 60, // 7 days
            strategy: "jwe", // Encrypted tokens
            refreshCache: true, // Enable stateless refresh
        },
    },
    advanced: {
        oauthConfig: {
            storeStateStrategy: "cookie",
        },
    },
});

Additional context

After trying to figure it out myself I did extensive debugging with Claude, who concluded that something was wrong even though all was configured correctly. The issue seems to only happen with resetPassword and not with other endpoints.

Originally created by @douwepausma on GitHub (Nov 14, 2025). Original GitHub issue: https://github.com/better-auth/better-auth/issues/5989 ### Is this suited for github? - [x] Yes, this is suited for github ### To Reproduce 1. Setup a basic better-auth installation in Next.js 2. Create a better-auth plugin 3. Add a `resetPassword` endpoint (e.g. `/my-plugin/reset-password`) 4. Try and use the `resetPassword` like so `authClient.strapiAuth.resetPassword()` ### Current vs. Expected behavior Getting an unexpected type error. ### What version of Better Auth are you using? 1.4.0-beta.20 ### System info ```bash Property 'resetPassword' does not exist on type '{ signIn: <FetchOptions extends { method?: string | undefined; headers?: (HeadersInit & (HeadersInit | CommonHeaders)) | undefined; cache?: RequestCache | undefined; ... 32 more ...; disableValidation?: boolean | undefined; }>(data_0: Prettify<...>, data_1?: FetchOptions | undefined) => Promise<...>; } & { ...; } & ...'. ``` ### Which area(s) are affected? (Select all that apply) Types ### Auth config (if applicable) ```typescript export const auth = betterAuth({ plugins: [ myPlugin(), ], session: { cookieCache: { enabled: true, maxAge: 7 * 24 * 60 * 60, // 7 days strategy: "jwe", // Encrypted tokens refreshCache: true, // Enable stateless refresh }, }, advanced: { oauthConfig: { storeStateStrategy: "cookie", }, }, }); ``` ### Additional context After trying to figure it out myself I did extensive debugging with Claude, who concluded that something was wrong even though all was configured correctly. The issue seems to only happen with `resetPassword` and not with other endpoints.
GiteaMirror added the lockedbug labels 2026-04-17 18:53:23 -05:00
GiteaMirror commented 2026-04-17 18:53:25 -05:00
Author
Owner
Copy Link

@better-auth-agent[bot] commented on GitHub (Nov 14, 2025):

Thanks for raising this issue. It appears that naming your custom plugin endpoint "resetPassword" is conflicting with our built‐in type definitions, which currently don’t merge custom endpoints with the built‐in ones. One immediate workaround is to rename your endpoint (for example, to customResetPassword) to avoid conflicting with our reserved or pre‐declared endpoints. Additionally, please double-check that your plugin properly extends our authClient interface per our latest plugin extension guidelines [1].

Does using an alternative endpoint name resolve the issue for you, or would you like further debugging assistance? Tag @better-auth-agent if you would like an answer from the Agent.

DiagramDiscordGitHub

Diagram Join Star

<!-- gh-comment-id:3533551836 --> @better-auth-agent[bot] commented on GitHub (Nov 14, 2025): Thanks for raising this issue. It appears that naming your custom plugin endpoint "resetPassword" is conflicting with our built‐in type definitions, which currently don’t merge custom endpoints with the built‐in ones. One immediate workaround is to rename your endpoint (for example, to customResetPassword) to avoid conflicting with our reserved or pre‐declared endpoints. Additionally, please double-check that your plugin properly extends our authClient interface per our latest plugin extension guidelines [[1]](https://github.com/better-auth/better-auth/issues/4125). Does using an alternative endpoint name resolve the issue for you, or would you like further debugging assistance? Tag @better-auth-agent if you would like an answer from the Agent. <!-- bot:webhook reply v1 --> [Diagram](https://repodiagrams.s3.eu-north-1.amazonaws.com/better-auth_ultra_detailed_interactive.html) • [Discord](https://discord.gg/better-auth) • [GitHub](https://github.com/better-auth/better-auth) [![Diagram](https://img.shields.io/badge/Diagram-2b3137?style=flat-square)](https://repodiagrams.s3.eu-north-1.amazonaws.com/better-auth_ultra_detailed_interactive.html) [![Join](https://img.shields.io/badge/join-5865F2?logo=discord&logoColor=white&style=flat-square)](https://discord.gg/better-auth) [![Star](https://img.shields.io/badge/star-181717?logo=github&logoColor=white&style=flat-square)](https://github.com/better-auth/better-auth)
GiteaMirror commented 2026-04-17 18:53:25 -05:00
Author
Owner
Copy Link

@dosubot[bot] commented on GitHub (Nov 14, 2025):

The type error happens because resetPassword is a core endpoint in Better Auth, and recent changes have removed or refactored it in favor of a new endpoint called requestPasswordReset (PR #5455). This means the type system no longer recognizes resetPassword as a valid property on plugin clients, so TypeScript throws an error when you try to use it. Other endpoint names work because they don't collide with reserved or deprecated core endpoints.

If you need a password reset endpoint in your plugin, use a different name or follow the new flow with requestPasswordReset. If you must use resetPassword, you can work around the type error with a type assertion (e.g., as any), but this sacrifices type safety. For best results, avoid naming plugin endpoints after core or deprecated endpoints to prevent type conflicts (example thread).

To reply, just mention @dosu.

How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other  Chat with Dosu Join Discord Share on X

<!-- gh-comment-id:3533572654 --> @dosubot[bot] commented on GitHub (Nov 14, 2025): <!-- Answer --> The type error happens because `resetPassword` is a core endpoint in Better Auth, and recent changes have removed or refactored it in favor of a new endpoint called `requestPasswordReset` ([PR #5455](https://github.com/better-auth/better-auth/pull/5455)). This means the type system no longer recognizes `resetPassword` as a valid property on plugin clients, so TypeScript throws an error when you try to use it. Other endpoint names work because they don't collide with reserved or deprecated core endpoints. If you need a password reset endpoint in your plugin, use a different name or follow the new flow with `requestPasswordReset`. If you must use `resetPassword`, you can work around the type error with a type assertion (e.g., `as any`), but this sacrifices type safety. For best results, avoid naming plugin endpoints after core or deprecated endpoints to prevent type conflicts ([example thread](https://github.com/better-auth/better-auth/issues/2956)). <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/0e727eee-8812-4889-8dd9-92192b9074e8?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/0e727eee-8812-4889-8dd9-92192b9074e8?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/0e727eee-8812-4889-8dd9-92192b9074e8?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/0e727eee-8812-4889-8dd9-92192b9074e8?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/0e727eee-8812-4889-8dd9-92192b9074e8?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/0e727eee-8812-4889-8dd9-92192b9074e8?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/0e727eee-8812-4889-8dd9-92192b9074e8?feedback_type=other)</sup>&nbsp;&nbsp;[![Chat with Dosu](https://dosu.dev/dosu-chat-badge.svg)](https://app.dosu.dev/cdda13d9-dd27-4d31-b09a-5d8bec92de21/ask?utm_source=github)&nbsp;[![Join Discord](https://img.shields.io/badge/join-5865F2?logo=discord&logoColor=white&label=)](https://go.dosu.dev/discord-bot)&nbsp;[![Share on X](https://img.shields.io/badge/X-share-black)](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/better-auth/better-auth/issues/5989)
GiteaMirror commented 2026-04-17 18:53:26 -05:00
Author
Owner
Copy Link

@douwepausma commented on GitHub (Nov 14, 2025):

Aha, I couldn't figure that out. I changed it to updatePassword instead as changePassword was also taken.

<!-- gh-comment-id:3533814361 --> @douwepausma commented on GitHub (Nov 14, 2025): Aha, I couldn't figure that out. I changed it to `updatePassword` instead as `changePassword` was also taken.
GiteaMirror commented 2026-04-17 18:53:26 -05:00
Author
Owner
Copy Link

@ping-maxwell commented on GitHub (Nov 14, 2025):

Try and use the resetPassword like so authClient.strapiAuth.resetPassword()

usually the capitalization for P (in Password) would be created if your endpoint path has a - (dash).
It would look something like: /strapi-auth/reset-password

<!-- gh-comment-id:3534972154 --> @ping-maxwell commented on GitHub (Nov 14, 2025): > Try and use the resetPassword like so authClient.strapiAuth.resetPassword() usually the capitalization for `P` (in Password) would be created if your endpoint path has a `-` (dash). It would look something like: `/strapi-auth/reset-password`
GiteaMirror commented 2026-04-17 18:53:27 -05:00
Author
Owner
Copy Link

@douwepausma commented on GitHub (Nov 15, 2025):

Whoops, I made typo in the issue. I did indeed have it written with a dash, so sadly that did not fix it.

<!-- gh-comment-id:3536249456 --> @douwepausma commented on GitHub (Nov 15, 2025): Whoops, I made typo in the issue. I did indeed have it written with a dash, so sadly that did not fix it.
GiteaMirror commented 2026-04-17 18:53:27 -05:00
Author
Owner
Copy Link

@ping-maxwell commented on GitHub (Nov 15, 2025):

Can you show me the plugin code?

<!-- gh-comment-id:3536406529 --> @ping-maxwell commented on GitHub (Nov 15, 2025): Can you show me the plugin code?
GiteaMirror commented 2026-04-17 18:53:28 -05:00
Author
Owner
Copy Link

@douwepausma commented on GitHub (Nov 17, 2025):

This is the repository for the plugin: https://github.com/douwepausma/better-auth-strapi

<!-- gh-comment-id:3540645674 --> @douwepausma commented on GitHub (Nov 17, 2025): This is the repository for the plugin: https://github.com/douwepausma/better-auth-strapi
GiteaMirror commented 2026-04-17 18:53:28 -05:00
Author
Owner
Copy Link

@ping-maxwell commented on GitHub (Nov 20, 2025):

You're code looks right.
I wonder if it relates to tsconfig. Could you try removing declaration & declarationMap just for testing purposes?

<!-- gh-comment-id:3558449896 --> @ping-maxwell commented on GitHub (Nov 20, 2025): You're code looks right. I wonder if it relates to tsconfig. Could you try removing `declaration` & `declarationMap` just for testing purposes?
GiteaMirror commented 2026-04-17 18:53:29 -05:00
Author
Owner
Copy Link

@douwepausma commented on GitHub (Dec 18, 2025):

My apologies for the late response. I tried turning off declaration & declarationMap and renaming the endpoint back to 'resetPassword', but this did not resolve the issue.

<!-- gh-comment-id:3669434021 --> @douwepausma commented on GitHub (Dec 18, 2025): My apologies for the late response. I tried turning off `declaration` & `declarationMap` and renaming the endpoint back to 'resetPassword', but this did not resolve the issue.
GiteaMirror commented 2026-04-17 18:53:29 -05:00
Author
Owner
Copy Link

@ping-maxwell commented on GitHub (Jan 6, 2026):

Hey I just cloned your repo and renamed your forgot-password endpoint path to reset-password (because I couldn't find your reset-password endpoint code) and all seems to be fine, can you point me in the right direction to reproduce?

<!-- gh-comment-id:3713435381 --> @ping-maxwell commented on GitHub (Jan 6, 2026): Hey I just cloned your repo and renamed your `forgot-password` endpoint path to `reset-password` (because I couldn't find your reset-password endpoint code) and all seems to be fine, can you point me in the right direction to reproduce?
GiteaMirror commented 2026-04-17 18:53:29 -05:00
Author
Owner
Copy Link

@douwepausma commented on GitHub (Jan 6, 2026):

I've renamed reset-password to update-password to avoid the type error. Can you try discarding your changes for forgot-password & rename update-password to reset-password instead? That's the configuration I am aiming for.

<!-- gh-comment-id:3714823934 --> @douwepausma commented on GitHub (Jan 6, 2026): I've renamed `reset-password` to `update-password` to avoid the type error. Can you try discarding your changes for `forgot-password` & rename `update-password` to `reset-password` instead? That's the configuration I am aiming for.
GiteaMirror commented 2026-04-17 18:53:30 -05:00
Author
Owner
Copy Link

@ping-maxwell commented on GitHub (Jan 7, 2026):

Does this look correct?

Image Image
<!-- gh-comment-id:3718093989 --> @ping-maxwell commented on GitHub (Jan 7, 2026): Does this look correct? <img width="1268" height="278" alt="Image" src="https://github.com/user-attachments/assets/e2493d8b-680e-4405-86ac-68ed3c244e81" /> <img width="1000" height="652" alt="Image" src="https://github.com/user-attachments/assets/4b09f565-a24c-495f-ac3b-05fcdeab2cca" />
GiteaMirror commented 2026-04-17 18:53:31 -05:00
Author
Owner
Copy Link

@douwepausma commented on GitHub (Jan 7, 2026):

It does, however this is not where the type error occurs. See step 4 under the "To Reproduce" section. "Try and use the resetPassword like so authClient.strapiAuth.resetPassword()" <- this is where I get the error, only when you use the method in the application.

Image
<!-- gh-comment-id:3718988709 --> @douwepausma commented on GitHub (Jan 7, 2026): It does, however this is not where the type error occurs. See step 4 under the "To Reproduce" section. "Try and use the `resetPassword` like so `authClient.strapiAuth.resetPassword()`" <- this is where I get the error, only when you use the method in the application. <img width="1872" height="265" alt="Image" src="https://github.com/user-attachments/assets/fcd41045-ab62-44dd-9373-8d4ce54be3d4" />
GiteaMirror commented 2026-04-17 18:53:31 -05:00
Author
Owner
Copy Link

@ping-maxwell commented on GitHub (Jan 7, 2026):

Works fine when using your client plugin directly in the repo 🤔

Image

it could be an issue with how you're importing your code into your application for the auth client, or could be related to an out-dated publish which you need to upgrade, or something along those lines?

<!-- gh-comment-id:3719121949 --> @ping-maxwell commented on GitHub (Jan 7, 2026): Works fine when using your client plugin directly in the repo 🤔 <img width="1044" height="250" alt="Image" src="https://github.com/user-attachments/assets/2eb1aba4-5888-498c-ba77-20fa2f77988d" /> it could be an issue with how you're importing your code into your application for the auth client, or could be related to an out-dated publish which you need to upgrade, or something along those lines?
GiteaMirror commented 2026-04-17 18:53:31 -05:00
Author
Owner
Copy Link

@douwepausma commented on GitHub (Jan 8, 2026):

Hmmm strange this doesn't seem to be the case for me. I tried this directly in the client.ts file and I still get the type error. The other methods (signIn,forgotPassword, etc.) are shown in the autocomplete except resetPassword.

I created a branch for you to see how I currently have configured it:
https://github.com/douwepausma/better-auth-strapi/tree/reset-password

Image
<!-- gh-comment-id:3722852235 --> @douwepausma commented on GitHub (Jan 8, 2026): Hmmm strange this doesn't seem to be the case for me. I tried this directly in the `client.ts` file and I still get the type error. The other methods (`signIn`,`forgotPassword`, etc.) are shown in the autocomplete except resetPassword. I created a branch for you to see how I currently have configured it: https://github.com/douwepausma/better-auth-strapi/tree/reset-password <img width="605" height="380" alt="Image" src="https://github.com/user-attachments/assets/31972b99-99c9-4f21-9c10-0f6937617271" />
GiteaMirror commented 2026-04-17 18:53:32 -05:00
Author
Owner
Copy Link

@ping-maxwell commented on GitHub (Jan 8, 2026):

The issue seems to be related to the api name defined here:

Image

Defining it as resetPassword2 will work because it's not an api taken by better-auth, but resetPassword is already taken by BA which is why the types are not showing up on the client (since it's being overwritten)

Simply renaming it to something like strapiAuthResetPassword or something along those lines should fix your issue.

<!-- gh-comment-id:3723846143 --> @ping-maxwell commented on GitHub (Jan 8, 2026): The issue seems to be related to the api name defined here: <img width="1160" height="408" alt="Image" src="https://github.com/user-attachments/assets/68bf25b4-7ffa-4056-81b3-0ce0c153ae51" /> Defining it as `resetPassword2` will work because it's not an api taken by better-auth, but `resetPassword` is already taken by BA which is why the types are not showing up on the client (since it's being overwritten) Simply renaming it to something like strapiAuthResetPassword or something along those lines should fix your issue.
GiteaMirror commented 2026-04-17 18:53:32 -05:00
Author
Owner
Copy Link

@ping-maxwell commented on GitHub (Jan 8, 2026):

I'm marking this as completed for now, but if you have any more issues we can always re-open it!

<!-- gh-comment-id:3723848510 --> @ping-maxwell commented on GitHub (Jan 8, 2026): I'm marking this as completed for now, but if you have any more issues we can always re-open it!
GiteaMirror commented 2026-04-17 18:53:32 -05:00
Author
Owner
Copy Link

@douwepausma commented on GitHub (Jan 8, 2026):

Simply renaming it to something like strapiAuthResetPassword or something along those lines should fix your issue.

Yeah I figured that out as well, hence the renaming to updatePassword.

My question is then, why would it be overwritten? Is it not a new endpoint, one that is in the scope of the plugin?

<!-- gh-comment-id:3724036767 --> @douwepausma commented on GitHub (Jan 8, 2026): > Simply renaming it to something like strapiAuthResetPassword or something along those lines should fix your issue. Yeah I figured that out as well, hence the renaming to `updatePassword`. My question is then, why would it be overwritten? Is it not a new endpoint, one that is in the scope of the plugin?
GiteaMirror commented 2026-04-17 18:53:33 -05:00
Author
Owner
Copy Link

@ping-maxwell commented on GitHub (Jan 8, 2026):

Better Auth doesn't really support overwriting of endpoints

<!-- gh-comment-id:3724649132 --> @ping-maxwell commented on GitHub (Jan 8, 2026): Better Auth doesn't really support overwriting of endpoints
GiteaMirror commented 2026-04-17 18:53:33 -05:00
Author
Owner
Copy Link

@douwepausma commented on GitHub (Jan 8, 2026):

I would argue I am not overwriting any endpoint, but creating a different one.

  • Existing BA resetPassword endpoint: POST /api/auth/reset-password or client.resetPassword()
  • New Strapi Auth resetPassword endpoint: POST /api/auth/strapi-auth/reset-password or client.strapiAuth.resetPassword()

It's in a different property all together.

<!-- gh-comment-id:3726089825 --> @douwepausma commented on GitHub (Jan 8, 2026): I would argue I am not overwriting any endpoint, but creating a different one. - Existing BA `resetPassword` endpoint: POST `/api/auth/reset-password` or `client.resetPassword()` - New Strapi Auth `resetPassword` endpoint: POST `/api/auth/strapi-auth/reset-password` or `client.strapiAuth.resetPassword()` It's in a different property all together.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
adapter
astro
awaiting external contributor
blocked
breaking
breaking change
bug
c-devops
core
credentials
database
dependencies
devops
devtools
docs
documentation
duplicate
elysia
enhancement
enterprise
expo
express
fastify
good first issue
help wanted
hono
identity
infra
integration
invalid
javascript
locked
maintenance
need-more-information
needs: info
needs: repro
nextjs
nuxt
oauth
organization
P0
payments
perf
platform
plugin
pull-request
Mirrored from GitHub Pull Request
 question
ready
regression
remix
security
social-provider
solid
stale
svelte
tanstack-start
tracking
version-bump
vue
wontfix
No Label bug locked
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/better-auth#27717
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?