@beignet/provider-auth-better-auth 0.0.26 → 0.0.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/CHANGELOG.md +12 -0
  2. package/README.md +66 -9
  3. package/package.json +1 -1
package/CHANGELOG.md CHANGED
@@ -1,5 +1,17 @@
1
1
  # @beignet/provider-auth-better-auth
2
2
 
3
+ ## 0.0.28
4
+
5
+ ### Patch Changes
6
+
7
+ - c7f7f1d: Document optional Next.js 16 cookie-only Better Auth proxy redirects for app-specific protected UI routes.
8
+
9
+ ## 0.0.27
10
+
11
+ ### Patch Changes
12
+
13
+ - f2461a9: Add lazy Next route server loaders and update generated route files and package docs to avoid booting providers during production build imports.
14
+
3
15
  ## 0.0.26
4
16
 
5
17
  ### Patch Changes
package/README.md CHANGED
@@ -179,17 +179,20 @@ export const appContext = defineServerContext<AppContext, AppRuntimePorts>()({
179
179
 
180
180
  ```ts
181
181
  // server/index.ts
182
- import { createNextServer } from "@beignet/next";
182
+ import { createNextServer, createNextServerLoader } from "@beignet/next";
183
183
  import { appPorts } from "@/infra/app-ports";
184
184
  import { appContext } from "@/server/context";
185
185
  import { routes } from "@/server/routes";
186
- import { providers } from "./providers";
187
186
 
188
- export const server = await createNextServer({
189
- ports: appPorts,
190
- providers,
191
- context: appContext,
192
- routes,
187
+ export const getServer = createNextServerLoader(async () => {
188
+ const { providers } = await import("./providers");
189
+
190
+ return createNextServer({
191
+ ports: appPorts,
192
+ providers,
193
+ context: appContext,
194
+ routes,
195
+ });
193
196
  });
194
197
  ```
195
198
 
@@ -269,6 +272,32 @@ It does not expose a Better Auth escape hatch; route handlers that need
269
272
  provider-native auth flows should mount Better Auth's own routes separately,
270
273
  usually under `app/api/auth/[...all]/route.ts`.
271
274
 
275
+ ## Auth callbacks and app ports
276
+
277
+ Better Auth callbacks such as `sendResetPassword` and organization
278
+ invitation emails run outside the Beignet request pipeline. Reach the app's
279
+ mail and logger ports through the booted server instead of constructing a
280
+ parallel mail client:
281
+
282
+ ```typescript
283
+ async sendResetPassword({ user, url }) {
284
+ // Dynamic import breaks the module cycle (server -> providers -> auth);
285
+ // getServer() is memoized, so this resolves to a cached instance.
286
+ const { getServer } = await import("@/server");
287
+ const { ports } = await getServer();
288
+ await ports.mailer.send({
289
+ to: user.email,
290
+ subject: "Reset your password",
291
+ text: `Reset your password: ${url}`,
292
+ });
293
+ }
294
+ ```
295
+
296
+ This keeps auth email on the same instrumented, environment-swappable
297
+ provider as the rest of the app. See the
298
+ [Authentication docs](https://beignetjs.com/authentication) for the full
299
+ pattern.
300
+
272
301
  ## Devtools
273
302
 
274
303
  When `@beignet/devtools` is installed before this provider, auth checks
@@ -456,11 +485,12 @@ const user = await ctx.ports.auth.requireUser(req);
456
485
  Better Auth provides its own route handlers for login, signup, etc. You can mount these alongside your Beignet routes:
457
486
 
458
487
  ```ts
459
- // Next.js App Router example
488
+ // app/api/auth/[...all]/route.ts
489
+ import { toNextJsHandler } from "better-auth/next-js";
460
490
  import { auth } from "@/lib/better-auth";
461
491
 
462
492
  // Better Auth handles /api/auth/*
463
- export const { GET, POST } = auth.handler;
493
+ export const { GET, POST } = toNextJsHandler(auth);
464
494
 
465
495
  // Your Beignet routes handle /api/app/*
466
496
  // (mounted separately)
@@ -468,6 +498,33 @@ export const { GET, POST } = auth.handler;
468
498
 
469
499
  See the [Better Auth documentation](https://better-auth.com) for details on route configuration.
470
500
 
501
+ For Next.js 16 app shells, a root `proxy.ts` can improve redirects by checking
502
+ for the presence of the Better Auth session cookie before rendering protected
503
+ UI routes:
504
+
505
+ ```ts
506
+ import { getSessionCookie } from "better-auth/cookies";
507
+ import { NextResponse, type NextRequest } from "next/server";
508
+
509
+ export function proxy(request: NextRequest) {
510
+ const sessionCookie = getSessionCookie(request);
511
+
512
+ if (!sessionCookie) {
513
+ return NextResponse.redirect(new URL("/sign-in", request.url));
514
+ }
515
+
516
+ return NextResponse.next();
517
+ }
518
+
519
+ export const config = {
520
+ matcher: ["/dashboard/:path*", "/settings/:path*"],
521
+ };
522
+ ```
523
+
524
+ This is only an optimistic UX gate. Keep Beignet's server context, auth hooks,
525
+ policies, and use-case helpers as the real authorization boundary, because a
526
+ cookie-only check does not validate the session.
527
+
471
528
  ## Examples
472
529
 
473
530
  ### Basic setup
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@beignet/provider-auth-better-auth",
3
- "version": "0.0.26",
3
+ "version": "0.0.28",
4
4
  "type": "module",
5
5
  "description": "Better Auth provider for Beignet - adds auth port for authentication and session management",
6
6
  "main": "./dist/index.js",