BetterAuth: Modern Authentication Made Simple

authenticationtypescriptbackend

BetterAuth is a modern, type-safe authentication library designed specifically for full-stack TypeScript applications. Built with developer experience and security as top priorities, BetterAuth provides a comprehensive solution for handling user authentication without the complexity and vendor lock-in of traditional solutions.

Why BetterAuth?

Traditional authentication solutions often come with significant drawbacks:

  • Vendor Lock-in: Many solutions tie you to specific platforms or services
  • Complex Configuration: Setting up authentication can be overwhelming with too many options
  • Type Safety: Most solutions lack proper TypeScript support
  • Flexibility: Hard to customize or extend beyond basic use cases

BetterAuth addresses all these concerns by providing a framework-agnostic, type-safe, and highly customizable authentication solution.

Core Features

BetterAuth comes packed with essential authentication features:

Built-in Providers

  • Email/Password: Traditional email and password authentication with secure password hashing
  • OAuth Providers: Support for Google, GitHub, Discord, and many other OAuth providers
  • Magic Links: Passwordless authentication via email magic links
  • WebAuthn: Modern passwordless authentication using biometrics or security keys

Security First

BetterAuth prioritizes security with:

  • Secure Password Hashing: Uses industry-standard bcrypt with configurable rounds
  • CSRF Protection: Built-in protection against cross-site request forgery attacks
  • Session Management: Secure, configurable session handling with automatic expiration
  • Rate Limiting: Protection against brute force attacks and abuse

Developer Experience

The library is designed with developers in mind:

  • Full TypeScript Support: End-to-end type safety from database to API
  • Framework Agnostic: Works with Next.js, Express, Hono, and more
  • Zero Configuration: Sensible defaults that work out of the box
  • Extensible: Easy to add custom providers, hooks, and middleware

Getting Started

Installation is straightforward:

npm install better-auth

Basic Setup

A minimal BetterAuth setup looks like this:

import { betterAuth } from "better-auth"

export const auth = betterAuth({
  database: {
    provider: "postgres",
    url: process.env.DATABASE_URL,
  },
  emailAndPassword: {
    enabled: true,
  },
})

Database Schema

BetterAuth provides migration files for popular databases. For PostgreSQL:

CREATE TABLE users (
  id TEXT PRIMARY KEY,
  email TEXT UNIQUE NOT NULL,
  emailVerified BOOLEAN DEFAULT FALSE,
  name TEXT,
  image TEXT,
  createdAt TIMESTAMP DEFAULT NOW(),
  updatedAt TIMESTAMP DEFAULT NOW()
);

CREATE TABLE sessions (
  id TEXT PRIMARY KEY,
  userId TEXT NOT NULL REFERENCES users(id),
  expiresAt TIMESTAMP NOT NULL,
  token TEXT UNIQUE NOT NULL
);

Integration Examples

Next.js App Router

// app/api/auth/[...all]/route.ts
import { auth } from "@/lib/auth"

export const { GET, POST } = auth.handler

Client-Side Usage

import { authClient } from "@/lib/auth-client"

// Sign up
await authClient.signUp.email({
  email: "user@example.com",
  password: "secure-password",
  name: "John Doe",
})

// Sign in
await authClient.signIn.email({
  email: "user@example.com",
  password: "secure-password",
})

// Get current session
const session = await authClient.getSession()

Advanced Features

Custom Providers

Adding custom OAuth providers is simple:

export const auth = betterAuth({
  // ... other config
  socialProviders: {
    customProvider: {
      clientId: process.env.CUSTOM_CLIENT_ID,
      clientSecret: process.env.CUSTOM_CLIENT_SECRET,
    },
  },
})

Hooks and Middleware

BetterAuth supports hooks for customizing behavior:

export const auth = betterAuth({
  // ... other config
  hooks: {
    after: {
      signUp: async ({ user }) => {
        // Custom logic after signup
        console.log("New user:", user.email)
      },
    },
  },
})

Benefits Over Alternatives

Compared to solutions like NextAuth.js or Clerk:

  1. No Vendor Lock-in: Self-hosted solution with your own database
  2. Better Type Safety: Full TypeScript support throughout
  3. More Flexible: Easy to customize and extend
  4. Framework Agnostic: Not tied to a specific framework
  5. Modern API: Clean, intuitive API design

Use Cases

BetterAuth is perfect for:

  • SaaS Applications: Full-featured authentication for subscription services
  • Internal Tools: Secure authentication for company internal applications
  • E-commerce Platforms: Customer authentication with multiple providers
  • Developer Tools: Authentication for developer-focused applications

Conclusion

BetterAuth represents a modern approach to authentication that prioritizes developer experience, security, and flexibility. Its type-safe API, framework-agnostic design, and comprehensive feature set make it an excellent choice for any TypeScript application requiring robust authentication.

Whether you're building a new application or migrating from another solution, BetterAuth provides the tools and flexibility you need to implement secure, user-friendly authentication without compromise.