@beignet/provider-auth-better-auth 0.0.27 → 0.0.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/README.md +56 -2
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
package/README.md
CHANGED
|
@@ -272,6 +272,32 @@ It does not expose a Better Auth escape hatch; route handlers that need
|
|
|
272
272
|
provider-native auth flows should mount Better Auth's own routes separately,
|
|
273
273
|
usually under `app/api/auth/[...all]/route.ts`.
|
|
274
274
|
|
|
275
|
+
## Auth callbacks and app ports
|
|
276
|
+
|
|
277
|
+
Better Auth callbacks such as `sendResetPassword` and organization
|
|
278
|
+
invitation emails run outside the Beignet request pipeline. Reach the app's
|
|
279
|
+
mail and logger ports through the booted server instead of constructing a
|
|
280
|
+
parallel mail client:
|
|
281
|
+
|
|
282
|
+
```typescript
|
|
283
|
+
async sendResetPassword({ user, url }) {
|
|
284
|
+
// Dynamic import breaks the module cycle (server -> providers -> auth);
|
|
285
|
+
// getServer() is memoized, so this resolves to a cached instance.
|
|
286
|
+
const { getServer } = await import("@/server");
|
|
287
|
+
const { ports } = await getServer();
|
|
288
|
+
await ports.mailer.send({
|
|
289
|
+
to: user.email,
|
|
290
|
+
subject: "Reset your password",
|
|
291
|
+
text: `Reset your password: ${url}`,
|
|
292
|
+
});
|
|
293
|
+
}
|
|
294
|
+
```
|
|
295
|
+
|
|
296
|
+
This keeps auth email on the same instrumented, environment-swappable
|
|
297
|
+
provider as the rest of the app. See the
|
|
298
|
+
[Authentication docs](https://beignetjs.com/authentication) for the full
|
|
299
|
+
pattern.
|
|
300
|
+
|
|
275
301
|
## Devtools
|
|
276
302
|
|
|
277
303
|
When `@beignet/devtools` is installed before this provider, auth checks
|
|
@@ -459,11 +485,12 @@ const user = await ctx.ports.auth.requireUser(req);
|
|
|
459
485
|
Better Auth provides its own route handlers for login, signup, etc. You can mount these alongside your Beignet routes:
|
|
460
486
|
|
|
461
487
|
```ts
|
|
462
|
-
//
|
|
488
|
+
// app/api/auth/[...all]/route.ts
|
|
489
|
+
import { toNextJsHandler } from "better-auth/next-js";
|
|
463
490
|
import { auth } from "@/lib/better-auth";
|
|
464
491
|
|
|
465
492
|
// Better Auth handles /api/auth/*
|
|
466
|
-
export const { GET, POST } = auth
|
|
493
|
+
export const { GET, POST } = toNextJsHandler(auth);
|
|
467
494
|
|
|
468
495
|
// Your Beignet routes handle /api/app/*
|
|
469
496
|
// (mounted separately)
|
|
@@ -471,6 +498,33 @@ export const { GET, POST } = auth.handler;
|
|
|
471
498
|
|
|
472
499
|
See the [Better Auth documentation](https://better-auth.com) for details on route configuration.
|
|
473
500
|
|
|
501
|
+
For Next.js 16 app shells, a root `proxy.ts` can improve redirects by checking
|
|
502
|
+
for the presence of the Better Auth session cookie before rendering protected
|
|
503
|
+
UI routes:
|
|
504
|
+
|
|
505
|
+
```ts
|
|
506
|
+
import { getSessionCookie } from "better-auth/cookies";
|
|
507
|
+
import { NextResponse, type NextRequest } from "next/server";
|
|
508
|
+
|
|
509
|
+
export function proxy(request: NextRequest) {
|
|
510
|
+
const sessionCookie = getSessionCookie(request);
|
|
511
|
+
|
|
512
|
+
if (!sessionCookie) {
|
|
513
|
+
return NextResponse.redirect(new URL("/sign-in", request.url));
|
|
514
|
+
}
|
|
515
|
+
|
|
516
|
+
return NextResponse.next();
|
|
517
|
+
}
|
|
518
|
+
|
|
519
|
+
export const config = {
|
|
520
|
+
matcher: ["/dashboard/:path*", "/settings/:path*"],
|
|
521
|
+
};
|
|
522
|
+
```
|
|
523
|
+
|
|
524
|
+
This is only an optimistic UX gate. Keep Beignet's server context, auth hooks,
|
|
525
|
+
policies, and use-case helpers as the real authorization boundary, because a
|
|
526
|
+
cookie-only check does not validate the session.
|
|
527
|
+
|
|
474
528
|
## Examples
|
|
475
529
|
|
|
476
530
|
### Basic setup
|
package/package.json
CHANGED