better-auth-best-practices
๐ฏSkillfrom better-auth/skills
|A Claude Code skill that provides a comprehensive reference for integrating Better Auth, a TypeScript-first, framework-agnostic authentication framework supporting email/password, OAuth, magic links, passkeys, and extensible plugins.
Overview
better-auth-best-practices is a Claude Code skill from the official Better Auth team that serves as a comprehensive integration reference for Better Auth, a TypeScript-first, framework-agnostic authentication framework. The skill covers everything from initial configuration and database setup to session management, security hardening, and plugin integration. It guides Claude Code through environment variables, core config options, ORM adapter usage, endpoint/database hooks, and client-side SDK patterns, ensuring authentication is implemented correctly from the start.
Key Features
- Complete configuration reference covering core options (appName, baseURL, database, socialProviders, plugins, trustedOrigins), session management strategies (secondaryStorage, cookie caching with compact/JWT/JWE modes), and advanced security settings (secure cookies, CSRF protection, rate limiting, cross-subdomain cookies).
- Database and ORM adapter guidance for PostgreSQL, MySQL, SQLite, and MongoDB, with critical notes on model-name-vs-table-name pitfalls when using Prisma, Drizzle, or direct driver connections.
- Plugin ecosystem reference listing popular plugins (twoFactor, organization, passkey, magicLink, emailOtp, admin, apiKey, bearer, SSO, and more) with proper tree-shaking import paths and client plugin configuration.
- Hook system documentation for endpoint hooks (before/after with matchers) and database hooks (user/session/account create lifecycle), providing access to the full auth context including session, secret, adapter, and ID generation.
- Client SDK patterns for React, Vue, Svelte, Solid, and vanilla JS, covering signUp, signIn, signOut, useSession, and type safety via
auth.$Infer.Session.
Who is this for?
This skill is designed for developers adding authentication to TypeScript/JavaScript applications using Better Auth. It is especially useful for teams working with Next.js, SvelteKit, Nuxt, Express, Hono, or SolidStart who need a production-ready auth layer with support for multiple sign-in methods, plugin-based extensibility, and proper session/security configuration. Whether you are setting up a new project or migrating from another auth library, this skill ensures Claude Code follows current best practices and avoids common configuration mistakes.
Same repository
better-auth/skills(10 items)
Installation
npx vibeindex add better-auth/skills --skill better-auth-best-practicesnpx skills add better-auth/skills --skill better-auth-best-practices~/.claude/skills/better-auth-best-practices/SKILL.mdSKILL.md
More from this repository9
A Claude Code skill from the Better Auth team that provides a structured, interactive workflow for adding authentication to TypeScript/JavaScript applications using Better Auth, from planning through implementation.
Skill
Skill
Provides guidance and enforcement rules for implementing secure two-factor authentication (2FA) using Better Auth's twoFactor plugin, covering TOTP setup, QR code generation, backup codes, and verification flows.
Provides guidance for implementing cross-cutting security features in Better Auth, including rate limiting, CSRF protection, session security, trusted origins, secret management, OAuth security, and IP tracking.
Skill
Skill
Streamline authentication workflows with pre-built, secure, and customizable auth strategies for modern web and mobile applications.
Plugin