LogoNEXTDEVKIT Docs

Overview

Learn how to set up and use authentication with Better Auth in NEXTDEVKIT

NEXTDEVKIT uses Better Auth for authentication, providing a flexible and secure system with multiple authentication methods, session management, and role-based access control.

🚀 Setup

To set up authentication in NEXTDEVKIT, configure the necessary environment variables:

1. Generate Better Auth Secret Key

The BETTER_AUTH_SECRET is a random string used for encryption and generating hashes:

# Generate a secure secret
openssl rand -base64 32

Add it to your .env file:

BETTER_AUTH_SECRET="your_generated_secret_key"

2. Configure Google OAuth

To enable Google authentication:

  1. Go to Google Cloud Console
  2. Create a new project or select an existing one
  3. Navigate to "Credentials""Create Credentials""OAuth client ID"
  4. Configure OAuth consent screen if needed
  5. Set up OAuth client ID:
    • Application type: Web application
    • Authorized JavaScript origins: https://your-domain.com
    • Authorized redirect URIs: https://your-domain.com/api/auth/callback/google

Add to your .env file:

GOOGLE_CLIENT_ID="your_google_client_id"
GOOGLE_CLIENT_SECRET="your_google_client_secret"

3. Configure GitHub OAuth

To enable GitHub authentication:

  1. Go to GitHub Developer Settings
  2. Click "OAuth Apps""New OAuth App"
  3. Fill in the registration form:
    • Application name: NEXTDEVKIT
    • Homepage URL: https://your-domain.com (or http://localhost:3000 for development)
    • Authorization callback URL: https://your-domain.com/api/auth/callback/github
  4. Copy the Client ID and Client Secret

Add to your .env file:

GITHUB_CLIENT_ID="your_github_client_id"
GITHUB_CLIENT_SECRET="your_github_client_secret"

💡 Tip: Create separate OAuth applications for production and development environments with different callback URLs.

🏗️ Authentication Architecture

NEXTDEVKIT's authentication system consists of:

src/
├── lib/
│   ├── auth.ts           # Main Better Auth configuration
│   └── auth/
│       ├── server.ts     # Server-side auth utilities
│       ├── client.ts     # Client-side auth utilities
│       ├── api.ts        # API utilities
│       ├── edge.ts       # Edge runtime utilities
│       └── errors.ts     # Auth error handling
├── components/
│   └── auth/
│       ├── login-form.tsx
│       ├── signup-form.tsx
│       ├── social-signin.tsx
│       └── forgot-password-form.tsx

⚙️ Core Configuration

The main authentication configuration is in src/lib/auth.ts:

🔧 Core Features

📧 Email & Password Authentication

  • Email verification required for new accounts
  • Password reset functionality
  • Email change with verification
  • Secure password hashing

🔗 Social Authentication

  • Google OAuth integration
  • GitHub OAuth integration
  • Account linking between providers
  • Trusted providers configuration

🍪 Session Management

  • Cookie-based sessions
  • Session caching for performance
  • Configurable expiration times
  • Fresh session tracking

👤 User Management

  • User deletion capabilities
  • Additional fields (locale, customerId)
  • Role-based access control

🔗 Related Resources

🎯 Next Steps

Now that you understand the database architecture, dive into the specific setup for your chosen platform:

Payment

Integrate Stripe for handling payments and subscriptions with flexible pricing plans.

Email

Set up email for your application.