auth.api.getSession().user doesn't return BetterAuth component generated type Doc<"user">

[brianwk]

I have the following helper function:

export const getCurrentUser = async (
  ctx: GenericQueryCtx<DataModel> | GenericMutationCtx<DataModel>,
  auth: ReturnType<typeof createAuth>
): Promise<AuthDoc<"user">> => {
  const session = await auth.api.getSession({
    //baseURL: process.env.NEXT_PUBLIC_BASE_URL,
    headers: await authComponent.getHeaders(ctx),
  });
  console.log("Session response:", session);
  if (!session) {
    throw new ConvexError("Not authenticated");
  }
  return session.user;
};

On the last line where session.user is returned I get an error: Type '{ id: string; createdAt: Date; updatedAt: Date; email: string; emailVerified: boolean; name: string; image?: string | null | undefined; username: string; onboardingStep?: number | null | undefined; ... 8 more ...; banExpires?: Date | ... 1 more ... | undefined; }' is missing the following properties from type '{ _id: Id<"user">; _creationTime: number; image?: string | null | undefined; userId?: string | null | undefined; role?: string | null | undefined; banned?: boolean | null | undefined; ... 12 more ...; username: string; }': _id, _creationTime ts(2739)

BetterAuth User type seems to lack _id and _creationTime fields.

By the way, I am using a local install of the BetterAuth Convex component. If I change the return type to:

Promise<
  Omit<
    AuthDoc<"user">,
    "_id" | "_creationTime" | "createdAt" | "updatedAt" | "banExpires"
  >
>

it gets rid of the type error. However, it does seem to defeat the purpose of the generated types in Convex.

[erquhart]

Can you share what the AuthDoc type is? That isn't a part of this repo, guessing it's something you defined in your project?

[brianwk]

From issue: BetterAuth component generated type Doc<"user">

Imported from generated code in models/users.ts for example:

import {
  Doc as AuthDoc,
  Id as AuthId,
} from "../betterAuth/_generated/dataModel"

[erquhart]

Better Auth doesn't return pure records from your Convex db, it adheres to it's own internal schema, which can be customized. If you don't set an explicit return type for getCurrentUser, the correct return type will be inferred.

If you want to just get your own data, since you're using Local Install, you can create a query in the convex/betterAuth directory and pass the sessionId from the identity object, use that to get the db session.

// convex/betterAuth/auth.ts
export const getSession = query({
  args: {
    sessionId: v.id('session'),
  },
  handler: async (ctx, args) => {
    return ctx.db.get(args.sessionId)
  },
})

// convex/auth.ts
import { QueryCtx } from './_generated/api.d.ts'

export const getCurrentUser =
  // QueryCtx is a subset of MutationCtx, and equivalent to GenericQueryCtx<DataModel>
  async (ctx: QueryCtx): Promise<AuthDoc<"user">> => {
    const identity = await ctx.auth.getUserIdentity()
    if (!identity) {
      throw new ConvexError("Not authenticated")
    }
    return ctx.runQuery(components.betterAuth.auth.getSession, {
      sessionId: identity.sessionId,
    })
  };

However, since you're just looking for the user record, you can skip all of that and just do:

// convex/auth.ts
export const getCurrentUser =
  async (ctx: QueryCtx): Promise<AuthDoc<"user">> => {
    return authComponent.getAuthUser(ctx)
  }

Ultimately you don't need this helper, you can just do authComponent.getAuthUser(ctx) as a one-liner anywhere you need the user.

[brianwk]

I tried to use getAuthUser, but it was missing the additional fields I created in the BetterAuth user table. This is what led me down this path. Also we are getting the user from the session in both solutions. What is the difference between calling runQuery to get the session and calling auth.api.getSession? I have to ask because there are so many ways to do this within this Convex Better Auth adapter that it feels like it's quite easy to do things "the wrong way"

[erquhart]

I tried to use getAuthUser, but it was missing the additional fields I created in the BetterAuth user table.

This is why the Local Install guide includes passing the second generic arg typeof authSchema to createClient: https://convex-better-auth.netlify.app/features/local-install#update-component-config. Do this and your schema customizations will be included in type inference.

What is the difference between calling runQuery to get the session and calling auth.api.getSession?

Using Better Auth's api methods gives you specific outcomes based on their documentation. For example, reads may work or be blocked based on the current session or your auth configuration, or be mapped for various reasons. Alternatively, when you write code in your component directory that does ctx.db to touch data, Better Auth is not in any way involved in the transaction. You're just touching data. In many cases you want to defer to Better Auth, especially with writes, to make sure everything is happening as expected by your auth library.

But if you know that you just want a piece of data and want to grab it directly, perhaps in a way that isn't straightforward to do with Better Auth api's, you can. Better Auth is actually written with the expectation that you "own your auth" and have direct data access when needed.

I have to ask because there are so many ways to do this within this Convex Better Auth adapter that it feels like it's quite easy to do things "the wrong way"

There are roughly three ways to interact with auth data in this component.

1. authClient.* methods
   authClient methods make an http request to the endpoints exposed in your convex/http.ts via the component's registerRoutes(). With Convex you generally want to avoid this approach and interact with your data the Convex way via Convex functions, and using auth.api.* methods or your own custom component methods to interact with auth data. The exception is requests that need to work with cookies. You'll want to use authClient for things like sign in and sign out where cookies are involved. Otherwise, do things server side.
2. auth.api.* methods
   auth.api methods can run in your Convex functions to access auth data. This is generally the approach you want to take for any auth data interactions beyond sign-in/sign-out.
3. custom component functions w/ Local Install
   When you just want to touch data and you don't need Better Auth's permission or handling, eg., you want to change data for a user that is not the current user, but you don't want to add the admin plugin. Custom functions let you do whatever you want with your data. Typically for cases not explicitly covered by the auth.api interface.

[brianwk]

Yes I have it setup correctly. Apparently this was a bug in a previous release that has since been fixed. It is now returning everything as expected from getAuthUser.

How stable would you say this getAuthUser API will be? Because I've already had to change the code everywhere in my Convex functions once before, and it was kind of a nightmare. That's why I'm using a helper function now.

[erquhart]

I believe getAuthUser has always been typed, and the api hasn't changed - did you see otherwise?