Demo - Better Auth with Cloudflare Workers + D1 + Kysely

Demo

A demo page with the same code on Cloudflare Workers environment demonstrates basic sign-in/sign-out functionality with the Anonymous plugin using SvelteKit's remote functions feature.

https://demo-better-auth-cloudflare-d1-kysely-quickfixes-sveltekit.missofis.workers.dev/

Before Starting

The fixes presented in this repository should be considered quickfixes/patches, not as solutions. They're not maintainable, require a lot of side work and make package updates painful. I discourage you to rely on this level of patching on production environments.

Setting Up Development Environment

1. Clone the repository. https://github.com/xkema/demo-better-auth-cloudflare-d1-kysely-quickfixes-sveltekit
2. Run npm install.
3. Add an .env file and add BETTER_AUTH_SECRET and BETTER_AUTH_URL environmental variables. (SvelteKit's default preview address is http://localhost:5173.) You may use the .env.example as a template.
4. Add a wrangler.jsonc file and add a database_name and database_id. (No need for an actual DB at development environment, just fill up with some name and identifier, e.g. name-of-your-database and id-of-your-database.) You may use the wrangler.jsonc.example as a template.
5. You're now at the "Create Database Tables" step of the Better Auth's official installation guide.
6. If you try to run the npx @better-auth/cli generate CLI command, you'll get an error since we're using a custom Better Auth configuration instance. Instead, use the custom Node.js script ./bin/generate.js.
7. Run the custom generate script npm run better-auth:generate:hacked.
8. Check the ./better-auth_migrations directory. You should see the generated script if everything went well. (This directory is .gitignored.)
9. Create a D1 migration with the npx wrangler d1 migrations create name-of-your-database better_auth_initialization command.
10. Copy the content of ./better-auth_migrations/*.sql file into the ./migrations/0001_better_auth_initialization.sql file.
11. You may also copy the generated script, instead of creating a new migration. I use this flow.
12. List the migrations with the npx wrangler d1 migrations list name-of-your-database command.
13. Apply the migrations with npx wrangler d1 migrations apply name-of-your-database command.
14. You may now open your database manager application and see the changes. I use https://dbeaver.io/.
15. Now Better Auth database is setup. Start development server with npm run dev to see sign-in/sign-out actions are working correctly. (SvelteKit's default preview address is http://localhost:5173.)
16. If everything is intact, check the code how it setup and quickfixed.
17. Ping me on GitHub if you find anything broken.
18. 👋

After Setup

At this stage, you should be able to:

1. Preview the demo with the framework's development server using npm run dev.
2. Build the project using npm run build.
3. Preview the demo with wrangler's development server by running npm run preview.
4. Add a new Better Auth plugin to the common config and generate an updated migration script with the custom npm run better-auth:generate:hacked migration script, for example, add the organization() plugin and run the script after you've applied the previous migration to the local database. The newly generated script should include the new tables (create) and table updates (alter) for existing ones.

Problems & Quickfixes

The Better Auth version used in this repository is 1.3.34.

There are two main challenges when trying to set up Better Auth in a Cloudflare environment with D1 and Kysely:

1. Accessing the D1 database instance outside the Cloudflare's workerd runtime.
2. Not able to use the npx @better-auth/cli@latest generate CLI command.

The first one (1) is an expected and acceptable problem because Cloudflare Workers do not allow I/O from outside a request context. Cloudflare Docs | How to access env

The quickfix added here is moving the betterAuth({...}) instantiation step into the request context, which causes the instance to be created again and again on every Better Auth request passing through the worker. That's all I could find as a quickfix.

The second one (2) is more challenging, because you need to overcome three additional problems:

• D1-related table access error SQLITE_AUTH raised by Kysely database introspection method.
• Unable to run the actual database queries in the context of the npx @better-auth/cli@latest generate command, which is a Node.js runtime, not workerd.
• Unable to import related Cloudflare modules (cloudflare:workers and wrangler) into the Better Auth configuration module.

The quickfixes added to overcome these three are a bit more complicated.

• For the SQLITE_AUTH access error, I intercepted database requests and added an exclusion for the _cf_METADATA table which causes the error.
• For the CLI generate command errors, I had to rewrite a copycat generate command by using the getPlatformProxy() helper provided by Cloudflare to overcome such problems. (Only on development/test environments.)
• Lastly, for the module import problem, I have no quickfixes, but the first two quickfixes kind of avoided it. The error about the cloudflare:workers import is understandable; however, the error we're getting when importing from the wrangler module must be a Better Auth-related problem.

And that's the wrap. Thank you if you've read everything. 😄

Issues

• Setup the project.
• Do another demo with Next.js.