# better-auth

Better Auth (TypeScript) conventions: one `betterAuth()` server instance, typed auth client, plugins, server-side `getSession`.

```bash
npx rulepack add better-auth
```

## What it covers

- A single server-only `auth` instance (`betterAuth({…})` in `lib/auth.ts`) as the source of truth
- Secrets from env (`BETTER_AUTH_SECRET`, `BETTER_AUTH_URL`) — never hardcoded
- Database adapter (`drizzleAdapter` / `prismaAdapter`) with CLI-generated schema (`@better-auth/cli generate`)
- Mounting the handler once (Next: `app/api/auth/[...all]/route.ts` → `toNextJsHandler(auth)`) and a typed client via `createAuthClient()`
- `nextCookies()` as the last plugin; server sessions via `auth.api.getSession({ headers })`
- Extending through official plugins (twoFactor, passkey, organization, magicLink, admin) instead of bespoke auth

## Source

Rules align with the official Better Auth documentation: https://www.better-auth.com/docs

## License

MIT