better-ts-stack 0.1.0

package/templates/frontend/nextjs/components/ui/input.tsx

@@ -0,0 +1,18 @@
+import * as React from "react";
+
+import { cn } from "@/lib/utils";
+
+function Input({ className, type, ...props }: React.ComponentProps<"input">) {
+  return (
+    <input
+      type={type}
+      className={cn(
+        "flex h-11 w-full rounded-2xl border border-slate-200 bg-white px-3 py-2 text-sm text-slate-950 shadow-sm transition-[color,box-shadow] outline-none placeholder:text-slate-400 focus-visible:border-sky-500 focus-visible:ring-[3px] focus-visible:ring-sky-500/20 disabled:cursor-not-allowed disabled:opacity-50",
+        className
+      )}
+      {...props}
+    />
+  );
+}
+
+export { Input };

package/templates/frontend/nextjs/components.json

@@ -0,0 +1,19 @@
+{
+  "$schema": "https://ui.shadcn.com/schema.json",
+  "style": "new-york",
+  "rsc": true,
+  "tsx": true,
+  "tailwind": {
+    "config": "",
+    "css": "app/globals.css",
+    "baseColor": "neutral",
+    "cssVariables": true
+  },
+  "iconLibrary": "lucide",
+  "aliases": {
+    "components": "@/components",
+    "lib": "@/lib",
+    "ui": "@/components/ui",
+    "utils": "@/lib/utils"
+  }
+}

package/templates/frontend/nextjs/config.json

@@ -0,0 +1,33 @@
+{
+  "id": "nextjs",
+  "name": "Next.js",
+  "description": "Next.js 16 App Router with TypeScript and Tailwind CSS",
+  "type": "base",
+  "scripts": {
+    "dev": "next dev",
+    "build": "next build",
+    "start": "next start",
+    "lint": "eslint"
+  },
+  "dependencies": {
+    "class-variance-authority": "^0.7.1",
+    "clsx": "^2.1.1",
+    "lucide-react": "^0.542.0",
+    "next": "^16.2.0",
+    "react": "19.2.3",
+    "react-dom": "19.2.3",
+    "tailwind-merge": "^3.3.1"
+  },
+  "devDependencies": {
+    "@tailwindcss/postcss": "^4",
+    "@types/node": "^20",
+    "@types/react": "^19",
+    "@types/react-dom": "^19",
+    "eslint": "^9",
+    "eslint-config-next": "16.1.6",
+    "tailwindcss": "^4",
+    "typescript": "^5"
+  },
+  "envVars": { "NODE_ENV": "development", "PORT": "3000" },
+  "templateFiles": ["app/page.tsx.hbs", "proxy.ts.hbs"]
+}

package/templates/frontend/nextjs/eslint.config.mjs

@@ -0,0 +1,11 @@
+import nextVitals from "eslint-config-next/core-web-vitals";
+import nextTs from "eslint-config-next/typescript";
+import { defineConfig, globalIgnores } from "eslint/config";
+
+const eslintConfig = defineConfig([
+  ...nextVitals,
+  ...nextTs,
+  globalIgnores([".next/**", "out/**", "build/**", "next-env.d.ts"]),
+]);
+
+export default eslintConfig;

package/templates/frontend/nextjs/gitignore

@@ -0,0 +1,41 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+/.pnp
+.pnp.*
+.yarn/*
+!.yarn/patches
+!.yarn/plugins
+!.yarn/releases
+!.yarn/versions
+
+# testing
+/coverage
+
+# next.js
+/.next/
+/out/
+
+# production
+/build
+
+# misc
+.DS_Store
+*.pem
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+.pnpm-debug.log*
+
+# env files (can opt-in for committing if needed)
+.env*
+
+# vercel
+.vercel
+
+# typescript
+*.tsbuildinfo
+next-env.d.ts

package/templates/frontend/nextjs/lib/utils.ts

@@ -0,0 +1,6 @@
+import { clsx, type ClassValue } from "clsx";
+import { twMerge } from "tailwind-merge";
+
+export function cn(...inputs: ClassValue[]) {
+  return twMerge(clsx(inputs));
+}

package/templates/frontend/nextjs/next.config.ts

@@ -0,0 +1,8 @@
+import type { NextConfig } from "next";
+
+const nextConfig: NextConfig = {
+  // please remove this whern you are not using docker
+  output: "standalone",
+};
+
+export default nextConfig;

package/templates/frontend/nextjs/postcss.config.mjs

@@ -0,0 +1,7 @@
+const config = {
+  plugins: {
+    "@tailwindcss/postcss": {},
+  },
+};
+
+export default config;

package/templates/frontend/nextjs/proxy.ts.hbs

@@ -0,0 +1,23 @@
+import { NextResponse, type NextRequest } from "next/server";
+
+{{#if useAuth}}
+import { getSessionCookie } from "better-auth/cookies";
+
+export async function proxy(request: NextRequest) {
+  const sessionCookie = getSessionCookie(request);
+
+  if (!sessionCookie) {
+    return NextResponse.redirect(new URL("/sign-in", request.url));
+  }
+
+  return NextResponse.next();
+}
+
+export const config = {
+  matcher: ["/dashboard/:path*"],
+};
+{{else}}
+export function proxy(_request: NextRequest) {
+  return NextResponse.next();
+}
+{{/if}}

package/templates/frontend/nextjs/public/file.svg

@@ -0,0 +1 @@
+<svg fill="none" viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg"><path d="M14.5 13.5V5.41a1 1 0 0 0-.3-.7L9.8.29A1 1 0 0 0 9.08 0H1.5v13.5A2.5 2.5 0 0 0 4 16h8a2.5 2.5 0 0 0 2.5-2.5m-1.5 0v-7H8v-5H3v12a1 1 0 0 0 1 1h8a1 1 0 0 0 1-1M9.5 5V2.12L12.38 5zM5.13 5h-.62v1.25h2.12V5zm-.62 3h7.12v1.25H4.5zm.62 3h-.62v1.25h7.12V11z" clip-rule="evenodd" fill="#666" fill-rule="evenodd"/></svg>

package/templates/frontend/nextjs/public/globe.svg

@@ -0,0 +1 @@
+<svg fill="none" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16"><g clip-path="url(#a)"><path fill-rule="evenodd" clip-rule="evenodd" d="M10.27 14.1a6.5 6.5 0 0 0 3.67-3.45q-1.24.21-2.7.34-.31 1.83-.97 3.1M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16m.48-1.52a7 7 0 0 1-.96 0H7.5a4 4 0 0 1-.84-1.32q-.38-.89-.63-2.08a40 40 0 0 0 3.92 0q-.25 1.2-.63 2.08a4 4 0 0 1-.84 1.31zm2.94-4.76q1.66-.15 2.95-.43a7 7 0 0 0 0-2.58q-1.3-.27-2.95-.43a18 18 0 0 1 0 3.44m-1.27-3.54a17 17 0 0 1 0 3.64 39 39 0 0 1-4.3 0 17 17 0 0 1 0-3.64 39 39 0 0 1 4.3 0m1.1-1.17q1.45.13 2.69.34a6.5 6.5 0 0 0-3.67-3.44q.65 1.26.98 3.1M8.48 1.5l.01.02q.41.37.84 1.31.38.89.63 2.08a40 40 0 0 0-3.92 0q.25-1.2.63-2.08a4 4 0 0 1 .85-1.32 7 7 0 0 1 .96 0m-2.75.4a6.5 6.5 0 0 0-3.67 3.44 29 29 0 0 1 2.7-.34q.31-1.83.97-3.1M4.58 6.28q-1.66.16-2.95.43a7 7 0 0 0 0 2.58q1.3.27 2.95.43a18 18 0 0 1 0-3.44m.17 4.71q-1.45-.12-2.69-.34a6.5 6.5 0 0 0 3.67 3.44q-.65-1.27-.98-3.1" fill="#666"/></g><defs><clipPath id="a"><path fill="#fff" d="M0 0h16v16H0z"/></clipPath></defs></svg>

package/templates/frontend/nextjs/public/next.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 394 80"><path fill="#000" d="M262 0h68.5v12.7h-27.2v66.6h-13.6V12.7H262V0ZM149 0v12.7H94v20.4h44.3v12.6H94v21h55v12.6H80.5V0h68.7zm34.3 0h-17.8l63.8 79.4h17.9l-32-39.7 32-39.6h-17.9l-23 28.6-23-28.6zm18.3 56.7-9-11-27.1 33.7h17.8l18.3-22.7z"/><path fill="#000" d="M81 79.3 17 0H0v79.3h13.6V17l50.2 62.3H81Zm252.6-.4c-1 0-1.8-.4-2.5-1s-1.1-1.6-1.1-2.6.3-1.8 1-2.5 1.6-1 2.6-1 1.8.3 2.5 1a3.4 3.4 0 0 1 .6 4.3 3.7 3.7 0 0 1-3 1.8zm23.2-33.5h6v23.3c0 2.1-.4 4-1.3 5.5a9.1 9.1 0 0 1-3.8 3.5c-1.6.8-3.5 1.3-5.7 1.3-2 0-3.7-.4-5.3-1s-2.8-1.8-3.7-3.2c-.9-1.3-1.4-3-1.4-5h6c.1.8.3 1.6.7 2.2s1 1.2 1.6 1.5c.7.4 1.5.5 2.4.5 1 0 1.8-.2 2.4-.6a4 4 0 0 0 1.6-1.8c.3-.8.5-1.8.5-3V45.5zm30.9 9.1a4.4 4.4 0 0 0-2-3.3 7.5 7.5 0 0 0-4.3-1.1c-1.3 0-2.4.2-3.3.5-.9.4-1.6 1-2 1.6a3.5 3.5 0 0 0-.3 4c.3.5.7.9 1.3 1.2l1.8 1 2 .5 3.2.8c1.3.3 2.5.7 3.7 1.2a13 13 0 0 1 3.2 1.8 8.1 8.1 0 0 1 3 6.5c0 2-.5 3.7-1.5 5.1a10 10 0 0 1-4.4 3.5c-1.8.8-4.1 1.2-6.8 1.2-2.6 0-4.9-.4-6.8-1.2-2-.8-3.4-2-4.5-3.5a10 10 0 0 1-1.7-5.6h6a5 5 0 0 0 3.5 4.6c1 .4 2.2.6 3.4.6 1.3 0 2.5-.2 3.5-.6 1-.4 1.8-1 2.4-1.7a4 4 0 0 0 .8-2.4c0-.9-.2-1.6-.7-2.2a11 11 0 0 0-2.1-1.4l-3.2-1-3.8-1c-2.8-.7-5-1.7-6.6-3.2a7.2 7.2 0 0 1-2.4-5.7 8 8 0 0 1 1.7-5 10 10 0 0 1 4.3-3.5c2-.8 4-1.2 6.4-1.2 2.3 0 4.4.4 6.2 1.2 1.8.8 3.2 2 4.3 3.4 1 1.4 1.5 3 1.5 5h-5.8z"/></svg>

package/templates/frontend/nextjs/public/vercel.svg

@@ -0,0 +1 @@
+<svg fill="none" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1155 1000"><path d="m577.3 0 577.4 1000H0z" fill="#fff"/></svg>

package/templates/frontend/nextjs/public/window.svg

@@ -0,0 +1 @@
+<svg fill="none" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16"><path fill-rule="evenodd" clip-rule="evenodd" d="M1.5 2.5h13v10a1 1 0 0 1-1 1h-11a1 1 0 0 1-1-1zM0 1h16v11.5a2.5 2.5 0 0 1-2.5 2.5h-11A2.5 2.5 0 0 1 0 12.5zm3.75 4.5a.75.75 0 1 0 0-1.5.75.75 0 0 0 0 1.5M7 4.75a.75.75 0 1 1-1.5 0 .75.75 0 0 1 1.5 0m1.75.75a.75.75 0 1 0 0-1.5.75.75 0 0 0 0 1.5" fill="#666"/></svg>

package/templates/frontend/nextjs/tsconfig.json

@@ -0,0 +1,21 @@
+{
+  "compilerOptions": {
+    "target": "ES2017",
+    "lib": ["dom", "dom.iterable", "esnext"],
+    "allowJs": true,
+    "skipLibCheck": true,
+    "strict": true,
+    "noEmit": true,
+    "esModuleInterop": true,
+    "module": "esnext",
+    "moduleResolution": "bundler",
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "jsx": "react-jsx",
+    "incremental": true,
+    "plugins": [{ "name": "next" }],
+    "paths": { "@/*": ["./*"] }
+  },
+  "include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", ".next/types/**/*.ts", ".next/dev/types/**/*.ts", "**/*.mts"],
+  "exclude": ["node_modules"]
+}

package/templates/modules/auth/express/config.json

@@ -0,0 +1 @@
+{"id":"auth","name":"JWT Auth","description":"JWT authentication with bcrypt password hashing","type":"feature","dependencies":{"bcrypt":"^5.1.1","jsonwebtoken":"^9.0.2"},"devDependencies":{"@types/bcrypt":"^5.0.0","@types/jsonwebtoken":"^9.0.5"},"scripts":{},"envVars":{"JWT_SECRET":"please-change-me","JWT_EXPIRES_IN":"1h"},"templateFiles":["src/lib/jwt.ts.hbs","src/middleware/requireAuth.ts.hbs","src/services/userStore.ts.hbs","src/routes/auth.ts.hbs","src/controllers/authController.ts.hbs"]}

package/templates/modules/auth/express/src/controllers/authController.ts.hbs

@@ -0,0 +1,81 @@
+import { Request, Response } from "express";
+import bcrypt from "bcrypt";
+import { signToken } from "../lib/jwt";
+import { AuthenticatedRequest } from "../middleware/requireAuth";
+import { createUser, findUserByEmail, toPublicUser } from "../services/userStore";
+
+const SALT_ROUNDS = 10;
+
+interface RegisterBody {
+  email?: string;
+  password?: string;
+  name?: string | null;
+}
+
+interface LoginBody {
+  email?: string;
+  password?: string;
+}
+
+export async function register(
+  req: Request<object, unknown, RegisterBody>,
+  res: Response,
+): Promise<void> {
+  const { email, password, name } = req.body;
+
+  if (!email || !password) {
+    res.status(400).json({ error: "Email and password are required" });
+    return;
+  }
+
+  const existingUser = await findUserByEmail(email);
+  if (existingUser) {
+    res.status(409).json({ error: "User already exists" });
+    return;
+  }
+
+  const hashedPassword = await bcrypt.hash(password, SALT_ROUNDS);
+  const user = await createUser({ email, name, password: hashedPassword });
+  const token = signToken({ sub: user.id, email: user.email, name: user.name });
+
+  res.status(201).json({ user: toPublicUser(user), token });
+}
+
+export async function login(
+  req: Request<object, unknown, LoginBody>,
+  res: Response,
+): Promise<void> {
+  const { email, password } = req.body;
+
+  if (!email || !password) {
+    res.status(400).json({ error: "Email and password are required" });
+    return;
+  }
+
+  const user = await findUserByEmail(email);
+
+  if (!user) {
+    res.status(401).json({ error: "Invalid credentials" });
+    return;
+  }
+
+  const isValidPassword = await bcrypt.compare(password, user.password);
+
+  if (!isValidPassword) {
+    res.status(401).json({ error: "Invalid credentials" });
+    return;
+  }
+
+  const token = signToken({ sub: user.id, email: user.email, name: user.name });
+
+  res.json({ user: toPublicUser(user), token });
+}
+
+export function me(req: AuthenticatedRequest, res: Response): void {
+  if (!req.user) {
+    res.status(401).json({ error: "Unauthorized" });
+    return;
+  }
+
+  res.json({ user: req.user });
+}

package/templates/modules/auth/express/src/lib/jwt.ts.hbs

@@ -0,0 +1,27 @@
+import jwt, { type SignOptions } from "jsonwebtoken";
+
+export interface AuthTokenPayload {
+  sub: string;
+  email: string;
+  name?: string | null;
+}
+
+const { JWT_SECRET, JWT_EXPIRES_IN } = process.env;
+
+function ensureSecret(): string {
+  if (!JWT_SECRET) {
+    throw new Error("JWT_SECRET is not set");
+  }
+  return JWT_SECRET;
+}
+
+export function signToken(payload: AuthTokenPayload): string {
+  const secret = ensureSecret();
+  const expiresIn = JWT_EXPIRES_IN || "1h";
+  return jwt.sign(payload, secret, { expiresIn } as SignOptions);
+}
+
+export function verifyToken(token: string): AuthTokenPayload {
+  const secret = ensureSecret();
+  return jwt.verify(token, secret) as AuthTokenPayload;
+}

package/templates/modules/auth/express/src/middleware/requireAuth.ts.hbs

@@ -0,0 +1,26 @@
+import { NextFunction, Request, Response } from 'express';
+import { AuthTokenPayload, verifyToken } from '../lib/jwt';
+
+export interface AuthenticatedRequest extends Request {
+  user?: AuthTokenPayload;
+}
+
+export function requireAuth(req: AuthenticatedRequest, res: Response, next: NextFunction): void {
+  const authHeader = req.headers.authorization;
+
+  if (!authHeader || !authHeader.startsWith('Bearer')) {
+    res.status(401).json({ error: 'Authorization header missing or invalid' });
+    return;
+  }
+
+  const token = authHeader.substring('Bearer '.length);
+
+  try {
+    const payload = verifyToken(token);
+    req.user = payload;
+    next();
+  } catch (error) {
+    console.error('JWT verification failed:', error);
+    res.status(401).json({ error: 'Invalid or expired token' });
+  }
+}

package/templates/modules/auth/express/src/routes/auth.ts.hbs

@@ -0,0 +1,19 @@
+import { Request, Response, NextFunction, Router } from 'express';
+import { login, me, register } from '../controllers/authController';
+import { requireAuth } from '../middleware/requireAuth';
+
+const router = Router();
+
+function asyncHandler(
+  fn: (req: Request, res: Response, next: NextFunction) => Promise<void>
+): (req: Request, res: Response, next: NextFunction) => void {
+  return (req, res, next) => {
+    void fn(req, res, next).catch(next);
+  };
+}
+
+router.post('/register', asyncHandler(register));
+router.post('/login', asyncHandler(login));
+router.get('/me', requireAuth, me);
+
+export default router;

package/templates/modules/auth/express/src/services/userStore.ts.hbs

@@ -0,0 +1,107 @@
+{{#if (eq database 'none')}}
+import crypto from 'crypto';
+{{/if}}
+{{#if (eq database 'prisma')}}
+import type { User } from '../../app/generated/prisma';
+import { prisma } from '../lib/prisma';
+{{/if}}
+{{#if (eq database 'mongoose')}}
+import UserModel from '../models/User';
+{{/if}}
+
+export interface AuthUser {
+  id: string;
+  email: string;
+  name?: string | null;
+  password: string;
+}
+
+export interface CreateUserInput {
+  email: string;
+  name?: string | null;
+  password: string;
+}
+
+{{#if (eq database 'none')}}
+const users: AuthUser[] = [];
+{{/if}}
+
+export async function findUserByEmail(email: string): Promise<AuthUser | null> {
+  {{#if (eq database 'prisma')}}
+  const user: User | null = await prisma.user.findUnique({ where: { email } });
+  if (!user) return null;
+  return {
+    id: user.id,
+    email: user.email,
+    name: user.name,
+    password: user.password,
+  };
+  {{/if}}
+
+  {{#if (eq database 'mongoose')}}
+  const user = await UserModel.findOne({ email }).exec();
+  if (!user) return null;
+  return {
+    id: user.id,
+    email: user.email,
+    name: user.name,
+    password: user.password,
+  };
+  {{/if}}
+
+  {{#if (eq database 'none')}}
+  const user = users.find((candidate) => candidate.email === email);
+  return user ?? null;
+  {{/if}}
+}
+
+export async function createUser(data: CreateUserInput): Promise<AuthUser> {
+  {{#if (eq database 'prisma')}}
+  const user: User = await prisma.user.create({
+    data: {
+      email: data.email,
+      name: data.name,
+      password: data.password,
+    },
+  });
+
+  return {
+    id: user.id,
+    email: user.email,
+    name: user.name,
+    password: user.password,
+  };
+  {{/if}}
+
+  {{#if (eq database 'mongoose')}}
+  const user = await UserModel.create({
+    email: data.email,
+    name: data.name,
+    password: data.password,
+  });
+
+  return {
+    id: user.id,
+    email: user.email,
+    name: user.name,
+    password: user.password,
+  };
+  {{/if}}
+
+  {{#if (eq database 'none')}}
+  const newUser: AuthUser = {
+    id: crypto.randomUUID(),
+    email: data.email,
+    name: data.name,
+    password: data.password,
+  };
+
+  users.push(newUser);
+  return newUser;
+  {{/if}}
+}
+
+export function toPublicUser(user: AuthUser): Omit<AuthUser, 'password'> {
+  const { id, email, name } = user;
+  return { id, email, name };
+}

package/templates/modules/auth/nextjs/app/api/auth/[...all]/route.ts

@@ -0,0 +1,4 @@
+import { auth } from "@/lib/auth";
+import { toNextJsHandler } from "better-auth/next-js";
+
+export const { GET, POST } = toNextJsHandler(auth);

package/templates/modules/auth/nextjs/app/dashboard/page.tsx

@@ -0,0 +1,96 @@
+import Link from "next/link";
+import { headers } from "next/headers";
+import { redirect } from "next/navigation";
+import { ArrowRight, ShieldCheck } from "lucide-react";
+
+import { SignOutButton } from "@/components/auth/sign-out-button";
+import { buttonVariants } from "@/components/ui/button";
+import {
+  Card,
+  CardContent,
+  CardDescription,
+  CardHeader,
+  CardTitle,
+} from "@/components/ui/card";
+import { auth } from "@/lib/auth";
+import { cn } from "@/lib/utils";
+
+export default async function DashboardPage() {
+  const session = await auth.api.getSession({
+    headers: await headers(),
+  });
+
+  if (!session) {
+    redirect("/sign-in");
+  }
+
+  return (
+    <main className="min-h-screen bg-[linear-gradient(180deg,_#f8fafc_0%,_#eef2ff_100%)] px-6 py-16 sm:px-10">
+      <div className="mx-auto max-w-5xl space-y-8">
+        <header className="flex flex-col gap-6 rounded-[2rem] border border-white/70 bg-white/85 p-8 shadow-xl shadow-slate-200/60 backdrop-blur md:flex-row md:items-end md:justify-between">
+          <div className="space-y-3">
+            <span className="inline-flex items-center gap-2 rounded-full bg-emerald-50 px-3 py-1 text-xs font-medium uppercase tracking-[0.24em] text-emerald-700">
+              <ShieldCheck className="size-4" />
+              Authenticated session
+            </span>
+            <div className="space-y-1">
+              <h1 className="text-3xl font-semibold tracking-tight text-slate-950">
+                Welcome {session.user.name}
+              </h1>
+              <p className="text-sm text-slate-600">{session.user.email}</p>
+            </div>
+          </div>
+          <SignOutButton />
+        </header>
+
+        <section className="grid gap-5 md:grid-cols-2">
+          <Card>
+            <CardHeader>
+              <CardTitle>Protected route example</CardTitle>
+              <CardDescription>
+                This page verifies the session on the server before rendering any
+                content.
+              </CardDescription>
+            </CardHeader>
+            <CardContent className="space-y-4 text-sm text-slate-600">
+              <p>
+                The generated proxy only performs an optimistic cookie check. The
+                authoritative guard happens here with{" "}
+                <code className="font-mono text-slate-900">
+                  auth.api.getSession({"{"} headers: await headers() {"}"})
+                </code>
+                .
+              </p>
+              <p>
+                That keeps route protection aligned with Better Auth&apos;s
+                Next.js guidance while staying easy to extend.
+              </p>
+            </CardContent>
+          </Card>
+
+          <Card>
+            <CardHeader>
+              <CardTitle>Suggested next steps</CardTitle>
+              <CardDescription>
+                Keep the generated auth flow, then customize the app around your
+                product.
+              </CardDescription>
+            </CardHeader>
+            <CardContent className="space-y-3 text-sm text-slate-600">
+              <p>Replace the demo dashboard with your first authenticated page.</p>
+              <p>Extend the schema with profile or onboarding fields.</p>
+              <p>Add provider-based auth or email verification later if needed.</p>
+              <Link
+                href="/"
+                className={cn(buttonVariants({ variant: "outline" }), "w-fit gap-2")}
+              >
+                Back to home
+                <ArrowRight className="size-4" />
+              </Link>
+            </CardContent>
+          </Card>
+        </section>
+      </div>
+    </main>
+  );
+}

package/templates/modules/auth/nextjs/app/sign-in/page.tsx

@@ -0,0 +1,35 @@
+import { headers } from "next/headers";
+import { redirect } from "next/navigation";
+
+import { SignInForm } from "@/components/auth/sign-in-form";
+import { auth } from "@/lib/auth";
+
+export default async function SignInPage() {
+  const session = await auth.api.getSession({
+    headers: await headers(),
+  });
+
+  if (session) {
+    redirect("/dashboard");
+  }
+
+  return (
+    <main className="min-h-screen bg-[radial-gradient(circle_at_top,_rgba(14,165,233,0.16),_transparent_30%),linear-gradient(180deg,_#f8fafc_0%,_#eef2ff_100%)] px-6 py-16 sm:px-10">
+      <div className="mx-auto flex min-h-[calc(100vh-8rem)] max-w-5xl items-center gap-12 lg:grid lg:grid-cols-[0.9fr_1.1fr]">
+        <section className="hidden space-y-5 lg:block">
+          <span className="inline-flex rounded-full border border-sky-200 bg-white/80 px-3 py-1 text-xs font-medium uppercase tracking-[0.24em] text-sky-700">
+            Better Auth
+          </span>
+          <h1 className="text-4xl font-semibold tracking-tight text-slate-950">
+            Welcome back.
+          </h1>
+          <p className="max-w-md text-base leading-7 text-slate-600">
+            This generated starter includes protected routes, session-aware page
+            guards, and reusable auth form primitives you can extend from here.
+          </p>
+        </section>
+        <SignInForm />
+      </div>
+    </main>
+  );
+}

package/templates/modules/auth/nextjs/app/sign-up/page.tsx

@@ -0,0 +1,35 @@
+import { headers } from "next/headers";
+import { redirect } from "next/navigation";
+
+import { SignUpForm } from "@/components/auth/sign-up-form";
+import { auth } from "@/lib/auth";
+
+export default async function SignUpPage() {
+  const session = await auth.api.getSession({
+    headers: await headers(),
+  });
+
+  if (session) {
+    redirect("/dashboard");
+  }
+
+  return (
+    <main className="min-h-screen bg-[radial-gradient(circle_at_top,_rgba(56,189,248,0.18),_transparent_28%),linear-gradient(180deg,_#f8fafc_0%,_#ecfeff_100%)] px-6 py-16 sm:px-10">
+      <div className="mx-auto flex min-h-[calc(100vh-8rem)] max-w-5xl items-center gap-12 lg:grid lg:grid-cols-[0.9fr_1.1fr]">
+        <section className="hidden space-y-5 lg:block">
+          <span className="inline-flex rounded-full border border-sky-200 bg-white/80 px-3 py-1 text-xs font-medium uppercase tracking-[0.24em] text-sky-700">
+            Better Auth
+          </span>
+          <h1 className="text-4xl font-semibold tracking-tight text-slate-950">
+            Create your account.
+          </h1>
+          <p className="max-w-md text-base leading-7 text-slate-600">
+            Start with email and password today, then layer in profile data,
+            onboarding, and provider-based auth when your product needs it.
+          </p>
+        </section>
+        <SignUpForm />
+      </div>
+    </main>
+  );
+}