create-better-t-stack 2.37.0 → 2.38.0

package/dist/{src-CGVrE3la.js → src-BR5HLmM2.js}

@@ -35,7 +35,7 @@ const DEFAULT_CONFIG_BASE = {
 	frontend: ["tanstack-router"],
 	database: "sqlite",
 	orm: "drizzle",
-	auth: true,
+	auth: "better-auth",
 	addons: ["turborepo"],
 	examples: [],
 	git: true,
@@ -61,6 +61,10 @@ const DEFAULT_CONFIG = getDefaultConfig();
 const dependencyVersionMap = {
 	"better-auth": "^1.3.7",
 	"@better-auth/expo": "^1.3.7",
+	"@clerk/nextjs": "^6.31.5",
+	"@clerk/clerk-react": "^5.45.0",
+	"@clerk/tanstack-react-start": "^0.23.1",
+	"@clerk/clerk-expo": "^2.14.25",
 	"drizzle-orm": "^0.44.2",
 	"drizzle-kit": "^0.31.2",
 	"@libsql/client": "^0.15.9",
@@ -239,6 +243,11 @@ const APISchema = z.enum([
 	"orpc",
 	"none"
 ]).describe("API type");
+const AuthSchema = z.enum([
+	"better-auth",
+	"clerk",
+	"none"
+]).describe("Authentication provider");
 const ProjectNameSchema = z.string().min(1, "Project name cannot be empty").max(255, "Project name must be less than 255 characters").refine((name) => name === "." || !name.startsWith("."), "Project name cannot start with a dot (except for '.')").refine((name) => name === "." || !name.startsWith("-"), "Project name cannot start with a dash").refine((name) => {
 	const invalidChars = [
 		"<",
@@ -495,7 +504,6 @@ function validateWorkersCompatibility(providedFlags, options, config) {
 }
 function coerceBackendPresets(config) {
 	if (config.backend === "convex") {
-		config.auth = false;
 		config.database = "none";
 		config.orm = "none";
 		config.api = "none";
@@ -504,7 +512,7 @@ function coerceBackendPresets(config) {
 		config.examples = ["todo"];
 	}
 	if (config.backend === "none") {
-		config.auth = false;
+		config.auth = "none";
 		config.database = "none";
 		config.orm = "none";
 		config.api = "none";
@@ -516,7 +524,7 @@ function coerceBackendPresets(config) {
 function incompatibleFlagsForBackend(backend, providedFlags, options) {
 	const list = [];
 	if (backend === "convex") {
-		if (providedFlags.has("auth") && options.auth === true) list.push("--auth");
+		if (providedFlags.has("auth") && options.auth && options.auth !== "none" && options.auth !== "clerk") list.push(`--auth ${options.auth}`);
 		if (providedFlags.has("database") && options.database !== "none") list.push(`--database ${options.database}`);
 		if (providedFlags.has("orm") && options.orm !== "none") list.push(`--orm ${options.orm}`);
 		if (providedFlags.has("api") && options.api !== "none") list.push(`--api ${options.api}`);
@@ -524,7 +532,7 @@ function incompatibleFlagsForBackend(backend, providedFlags, options) {
 		if (providedFlags.has("dbSetup") && options.dbSetup !== "none") list.push(`--db-setup ${options.dbSetup}`);
 	}
 	if (backend === "none") {
-		if (providedFlags.has("auth") && options.auth === true) list.push("--auth");
+		if (providedFlags.has("auth") && options.auth && options.auth !== "none") list.push(`--auth ${options.auth}`);
 		if (providedFlags.has("database") && options.database !== "none") list.push(`--database ${options.database}`);
 		if (providedFlags.has("orm") && options.orm !== "none") list.push(`--orm ${options.orm}`);
 		if (providedFlags.has("api") && options.api !== "none") list.push(`--api ${options.api}`);
@@ -543,8 +551,16 @@ function validateApiFrontendCompatibility(api, frontends = []) {
 	const includesSolid = frontends.includes("solid");
 	if ((includesNuxt || includesSvelte || includesSolid) && api === "trpc") exitWithError(`tRPC API is not supported with '${includesNuxt ? "nuxt" : includesSvelte ? "svelte" : "solid"}' frontend. Please use --api orpc or --api none or remove '${includesNuxt ? "nuxt" : includesSvelte ? "svelte" : "solid"}' from --frontend.`);
 }
-function isFrontendAllowedWithBackend(frontend, backend) {
+function isFrontendAllowedWithBackend(frontend, backend, auth) {
 	if (backend === "convex" && frontend === "solid") return false;
+	if (auth === "clerk" && backend === "convex") {
+		const incompatibleFrontends = [
+			"nuxt",
+			"svelte",
+			"solid"
+		];
+		if (incompatibleFrontends.includes(frontend)) return false;
+	}
 	return true;
 }
 function allowedApisForFrontends(frontends = []) {
@@ -630,12 +646,41 @@ async function getApiChoice(Api, frontend, backend) {
 
 //#endregion
 //#region src/prompts/auth.ts
-async function getAuthChoice(auth, hasDatabase, backend) {
-	if (backend === "convex") return false;
-	if (!hasDatabase) return false;
+async function getAuthChoice(auth, hasDatabase, backend, frontend) {
 	if (auth !== void 0) return auth;
-	const response = await confirm({
-		message: "Add authentication with Better-Auth?",
+	if (backend === "convex") {
+		const unsupportedFrontends = frontend?.filter((f) => [
+			"nuxt",
+			"svelte",
+			"solid"
+		].includes(f));
+		if (unsupportedFrontends && unsupportedFrontends.length > 0) return "none";
+		const response$1 = await select({
+			message: "Select authentication provider",
+			options: [{
+				value: "clerk",
+				label: "Clerk",
+				hint: "More than auth, Complete User Management"
+			}, {
+				value: "none",
+				label: "None"
+			}],
+			initialValue: "clerk"
+		});
+		if (isCancel(response$1)) return exitCancelled("Operation cancelled");
+		return response$1;
+	}
+	if (!hasDatabase) return "none";
+	const response = await select({
+		message: "Select authentication provider",
+		options: [{
+			value: "better-auth",
+			label: "Better-Auth",
+			hint: "comprehensive auth framework for TypeScript"
+		}, {
+			value: "none",
+			label: "None"
+		}],
 		initialValue: DEFAULT_CONFIG.auth
 	});
 	if (isCancel(response)) return exitCancelled("Operation cancelled");
@@ -857,7 +902,7 @@ async function getExamplesChoice(examples, database, frontends, backend, api) {
 
 //#endregion
 //#region src/prompts/frontend.ts
-async function getFrontendChoice(frontendOptions, backend) {
+async function getFrontendChoice(frontendOptions, backend, auth) {
 	if (frontendOptions !== void 0) return frontendOptions;
 	const frontendTypes = await multiselect({
 		message: "Select project type",
@@ -913,7 +958,7 @@ async function getFrontendChoice(frontendOptions, backend) {
 				hint: "SSR, Server Functions, API Routes and more with TanStack Router"
 			}
 		];
-		const webOptions = allWebOptions.filter((option) => isFrontendAllowedWithBackend(option.value, backend));
+		const webOptions = allWebOptions.filter((option) => isFrontendAllowedWithBackend(option.value, backend, auth));
 		const webFramework = await select({
 			message: "Choose web",
 			options: webOptions,
@@ -1214,13 +1259,13 @@ async function getDeploymentToAdd(frontend, existingDeployment) {
 //#region src/prompts/config-prompts.ts
 async function gatherConfig(flags, projectName, projectDir, relativePath) {
 	const result = await group({
-		frontend: () => getFrontendChoice(flags.frontend, flags.backend),
+		frontend: () => getFrontendChoice(flags.frontend, flags.backend, flags.auth),
 		backend: ({ results }) => getBackendFrameworkChoice(flags.backend, results.frontend),
 		runtime: ({ results }) => getRuntimeChoice(flags.runtime, results.backend),
 		database: ({ results }) => getDatabaseChoice(flags.database, results.backend, results.runtime),
 		orm: ({ results }) => getORMChoice(flags.orm, results.database !== "none", results.database, results.backend, results.runtime),
 		api: ({ results }) => getApiChoice(flags.api, results.frontend, results.backend),
-		auth: ({ results }) => getAuthChoice(flags.auth, results.database !== "none", results.backend),
+		auth: ({ results }) => getAuthChoice(flags.auth, results.database !== "none", results.backend, results.frontend),
 		addons: ({ results }) => getAddonsChoice(flags.addons, results.frontend),
 		examples: ({ results }) => getExamplesChoice(flags.examples, results.database, results.frontend, results.backend, results.api),
 		dbSetup: ({ results }) => getDBSetupChoice(results.database ?? "none", flags.dbSetup, results.orm, results.backend, results.runtime),
@@ -1235,7 +1280,6 @@ async function gatherConfig(flags, projectName, projectDir, relativePath) {
 		result.database = "none";
 		result.orm = "none";
 		result.api = "none";
-		result.auth = false;
 		result.dbSetup = "none";
 		result.examples = ["todo"];
 	}
@@ -1244,7 +1288,7 @@ async function gatherConfig(flags, projectName, projectDir, relativePath) {
 		result.database = "none";
 		result.orm = "none";
 		result.api = "none";
-		result.auth = false;
+		result.auth = "none";
 		result.dbSetup = "none";
 		result.examples = [];
 	}
@@ -1400,10 +1444,7 @@ function displayConfig(config) {
 	if (config.api !== void 0) configDisplay.push(`${pc.blue("API:")} ${String(config.api)}`);
 	if (config.database !== void 0) configDisplay.push(`${pc.blue("Database:")} ${String(config.database)}`);
 	if (config.orm !== void 0) configDisplay.push(`${pc.blue("ORM:")} ${String(config.orm)}`);
-	if (config.auth !== void 0) {
-		const authText = typeof config.auth === "boolean" ? config.auth ? "Yes" : "No" : String(config.auth);
-		configDisplay.push(`${pc.blue("Authentication:")} ${authText}`);
-	}
+	if (config.auth !== void 0) configDisplay.push(`${pc.blue("Auth:")} ${String(config.auth)}`);
 	if (config.addons !== void 0) {
 		const addons = Array.isArray(config.addons) ? config.addons : [config.addons];
 		const addonsText = addons.length > 0 && addons[0] !== void 0 ? addons.join(", ") : "none";
@@ -1441,7 +1482,7 @@ function generateReproducibleCommand(config) {
 	flags.push(`--database ${config.database}`);
 	flags.push(`--orm ${config.orm}`);
 	flags.push(`--api ${config.api}`);
-	flags.push(config.auth ? "--auth" : "--no-auth");
+	flags.push(`--auth ${config.auth}`);
 	if (config.addons && config.addons.length > 0) flags.push(`--addons ${config.addons.join(" ")}`);
 	else flags.push("--addons none");
 	if (config.examples && config.examples.length > 0) flags.push(`--examples ${config.examples.join(" ")}`);
@@ -1649,8 +1690,8 @@ function validateDatabaseOrmAuth(cfg, flags) {
 	if (has("database") && has("orm") && db === "mongodb" && orm && orm !== "mongoose" && orm !== "prisma" && orm !== "none") exitWithError("MongoDB database requires Mongoose or Prisma ORM. Please use '--orm mongoose' or '--orm prisma' or choose a different database.");
 	if (has("database") && has("orm") && db && db !== "none" && orm === "none") exitWithError("Database selection requires an ORM. Please choose '--orm drizzle', '--orm prisma', or '--orm mongoose'.");
 	if (has("orm") && has("database") && orm && orm !== "none" && db === "none") exitWithError("ORM selection requires a database. Please choose a database or set '--orm none'.");
-	if (has("auth") && has("database") && cfg.auth && db === "none") exitWithError("Authentication requires a database. Please choose a database or set '--no-auth'.");
-	if (cfg.auth && db === "none") exitWithError("Authentication requires a database. Please choose a database or set '--no-auth'.");
+	if (has("auth") && has("database") && cfg.auth !== "none" && db === "none" && cfg.backend !== "convex") exitWithError("Authentication requires a database. Please choose a database or set '--auth none'.");
+	if (cfg.auth !== "none" && db === "none" && cfg.backend !== "convex") exitWithError("Authentication requires a database. Please choose a database or set '--auth none'.");
 	if (orm && orm !== "none" && db === "none") exitWithError("ORM selection requires a database. Please choose a database or set '--orm none'.");
 }
 function validateDatabaseSetup(config, providedFlags) {
@@ -1697,6 +1738,16 @@ function validateDatabaseSetup(config, providedFlags) {
 }
 function validateBackendConstraints(config, providedFlags, options) {
 	const { backend } = config;
+	if (config.auth === "clerk" && backend !== "convex") exitWithError("Clerk authentication is only supported with the Convex backend. Please use '--backend convex' or choose a different auth provider.");
+	if (backend === "convex" && config.auth === "clerk" && config.frontend) {
+		const incompatibleFrontends = config.frontend.filter((f) => [
+			"nuxt",
+			"svelte",
+			"solid"
+		].includes(f));
+		if (incompatibleFrontends.length > 0) exitWithError(`Clerk authentication is not compatible with the following frontends: ${incompatibleFrontends.join(", ")}. Please choose a different frontend or auth provider.`);
+	}
+	if (backend === "convex" && config.auth === "better-auth" && providedFlags.has("auth")) exitWithError("Better-Auth is not compatible with the Convex backend. Please use '--auth clerk' or '--auth none'.");
 	if (providedFlags.has("backend") && backend && backend !== "convex" && backend !== "none") {
 		if (providedFlags.has("runtime") && options.runtime === "none") exitWithError("'--runtime none' is only supported with '--backend convex' or '--backend none'. Please choose 'bun', 'node', or remove the --runtime flag.");
 	}
@@ -2151,7 +2202,7 @@ async function setupDbOrmTemplates(projectDir, context) {
 	if (await fs.pathExists(dbOrmSrcDir)) await processAndCopyFiles("**/*", dbOrmSrcDir, serverAppDir, context);
 }
 async function setupAuthTemplate(projectDir, context) {
-	if (context.backend === "convex" || !context.auth) return;
+	if (!context.auth || context.auth === "none") return;
 	const serverAppDir = path.join(projectDir, "apps/server");
 	const webAppDir = path.join(projectDir, "apps/web");
 	const nativeAppDir = path.join(projectDir, "apps/native");
@@ -2170,27 +2221,61 @@ async function setupAuthTemplate(projectDir, context) {
 	const hasNativeWind = context.frontend.includes("native-nativewind");
 	const hasUnistyles = context.frontend.includes("native-unistyles");
 	const hasNative = hasNativeWind || hasUnistyles;
-	if (serverAppDirExists) {
-		const authServerBaseSrc = path.join(PKG_ROOT, "templates/auth/server/base");
+	const authProvider = context.auth;
+	if (context.backend === "convex" && authProvider === "clerk") {
+		const convexBackendDestDir = path.join(projectDir, "packages/backend");
+		const convexClerkBackendSrc = path.join(PKG_ROOT, "templates/auth/clerk/convex/backend");
+		if (await fs.pathExists(convexClerkBackendSrc)) {
+			await fs.ensureDir(convexBackendDestDir);
+			await processAndCopyFiles("**/*", convexClerkBackendSrc, convexBackendDestDir, context);
+		}
+		if (webAppDirExists) {
+			const reactFramework = context.frontend.find((f) => [
+				"tanstack-router",
+				"react-router",
+				"tanstack-start",
+				"next"
+			].includes(f));
+			if (reactFramework) {
+				const convexClerkWebSrc = path.join(PKG_ROOT, `templates/auth/clerk/convex/web/react/${reactFramework}`);
+				if (await fs.pathExists(convexClerkWebSrc)) await processAndCopyFiles("**/*", convexClerkWebSrc, webAppDir, context);
+			}
+		}
+		if (nativeAppDirExists) {
+			const convexClerkNativeBaseSrc = path.join(PKG_ROOT, "templates/auth/clerk/convex/native/base");
+			if (await fs.pathExists(convexClerkNativeBaseSrc)) await processAndCopyFiles("**/*", convexClerkNativeBaseSrc, nativeAppDir, context);
+			const hasNativeWind$1 = context.frontend.includes("native-nativewind");
+			const hasUnistyles$1 = context.frontend.includes("native-unistyles");
+			let nativeFrameworkPath = "";
+			if (hasNativeWind$1) nativeFrameworkPath = "nativewind";
+			else if (hasUnistyles$1) nativeFrameworkPath = "unistyles";
+			if (nativeFrameworkPath) {
+				const convexClerkNativeFrameworkSrc = path.join(PKG_ROOT, `templates/auth/clerk/convex/native/${nativeFrameworkPath}`);
+				if (await fs.pathExists(convexClerkNativeFrameworkSrc)) await processAndCopyFiles("**/*", convexClerkNativeFrameworkSrc, nativeAppDir, context);
+			}
+		}
+		return;
+	}
+	if (serverAppDirExists && context.backend !== "convex") {
+		const authServerBaseSrc = path.join(PKG_ROOT, `templates/auth/${authProvider}/server/base`);
 		if (await fs.pathExists(authServerBaseSrc)) await processAndCopyFiles("**/*", authServerBaseSrc, serverAppDir, context);
 		if (context.backend === "next") {
-			const authServerNextSrc = path.join(PKG_ROOT, "templates/auth/server/next");
+			const authServerNextSrc = path.join(PKG_ROOT, `templates/auth/${authProvider}/server/next`);
 			if (await fs.pathExists(authServerNextSrc)) await processAndCopyFiles("**/*", authServerNextSrc, serverAppDir, context);
 		}
 		if (context.orm !== "none" && context.database !== "none") {
 			const orm = context.orm;
 			const db = context.database;
 			let authDbSrc = "";
-			if (orm === "drizzle") authDbSrc = path.join(PKG_ROOT, `templates/auth/server/db/drizzle/${db}`);
-			else if (orm === "prisma") authDbSrc = path.join(PKG_ROOT, `templates/auth/server/db/prisma/${db}`);
-			else if (orm === "mongoose") authDbSrc = path.join(PKG_ROOT, `templates/auth/server/db/mongoose/${db}`);
+			if (orm === "drizzle") authDbSrc = path.join(PKG_ROOT, `templates/auth/${authProvider}/server/db/drizzle/${db}`);
+			else if (orm === "prisma") authDbSrc = path.join(PKG_ROOT, `templates/auth/${authProvider}/server/db/prisma/${db}`);
+			else if (orm === "mongoose") authDbSrc = path.join(PKG_ROOT, `templates/auth/${authProvider}/server/db/mongoose/${db}`);
 			if (authDbSrc && await fs.pathExists(authDbSrc)) await processAndCopyFiles("**/*", authDbSrc, serverAppDir, context);
-			else if (authDbSrc) {}
 		}
 	}
 	if ((hasReactWeb || hasNuxtWeb || hasSvelteWeb || hasSolidWeb) && webAppDirExists) {
 		if (hasReactWeb) {
-			const authWebBaseSrc = path.join(PKG_ROOT, "templates/auth/web/react/base");
+			const authWebBaseSrc = path.join(PKG_ROOT, `templates/auth/${authProvider}/web/react/base`);
 			if (await fs.pathExists(authWebBaseSrc)) await processAndCopyFiles("**/*", authWebBaseSrc, webAppDir, context);
 			const reactFramework = context.frontend.find((f) => [
 				"tanstack-router",
@@ -2199,28 +2284,28 @@ async function setupAuthTemplate(projectDir, context) {
 				"next"
 			].includes(f));
 			if (reactFramework) {
-				const authWebFrameworkSrc = path.join(PKG_ROOT, `templates/auth/web/react/${reactFramework}`);
+				const authWebFrameworkSrc = path.join(PKG_ROOT, `templates/auth/${authProvider}/web/react/${reactFramework}`);
 				if (await fs.pathExists(authWebFrameworkSrc)) await processAndCopyFiles("**/*", authWebFrameworkSrc, webAppDir, context);
 			}
 		} else if (hasNuxtWeb) {
-			const authWebNuxtSrc = path.join(PKG_ROOT, "templates/auth/web/nuxt");
+			const authWebNuxtSrc = path.join(PKG_ROOT, `templates/auth/${authProvider}/web/nuxt`);
 			if (await fs.pathExists(authWebNuxtSrc)) await processAndCopyFiles("**/*", authWebNuxtSrc, webAppDir, context);
 		} else if (hasSvelteWeb) {
-			const authWebSvelteSrc = path.join(PKG_ROOT, "templates/auth/web/svelte");
+			const authWebSvelteSrc = path.join(PKG_ROOT, `templates/auth/${authProvider}/web/svelte`);
 			if (await fs.pathExists(authWebSvelteSrc)) await processAndCopyFiles("**/*", authWebSvelteSrc, webAppDir, context);
 		} else if (hasSolidWeb) {
-			const authWebSolidSrc = path.join(PKG_ROOT, "templates/auth/web/solid");
+			const authWebSolidSrc = path.join(PKG_ROOT, `templates/auth/${authProvider}/web/solid`);
 			if (await fs.pathExists(authWebSolidSrc)) await processAndCopyFiles("**/*", authWebSolidSrc, webAppDir, context);
 		}
 	}
 	if (hasNative && nativeAppDirExists) {
-		const authNativeBaseSrc = path.join(PKG_ROOT, "templates/auth/native/native-base");
+		const authNativeBaseSrc = path.join(PKG_ROOT, `templates/auth/${authProvider}/native/native-base`);
 		if (await fs.pathExists(authNativeBaseSrc)) await processAndCopyFiles("**/*", authNativeBaseSrc, nativeAppDir, context);
 		let nativeFrameworkAuthPath = "";
 		if (hasNativeWind) nativeFrameworkAuthPath = "nativewind";
 		else if (hasUnistyles) nativeFrameworkAuthPath = "unistyles";
 		if (nativeFrameworkAuthPath) {
-			const authNativeFrameworkSrc = path.join(PKG_ROOT, `templates/auth/native/${nativeFrameworkAuthPath}`);
+			const authNativeFrameworkSrc = path.join(PKG_ROOT, `templates/auth/${authProvider}/native/${nativeFrameworkAuthPath}`);
 			if (await fs.pathExists(authNativeFrameworkSrc)) await processAndCopyFiles("**/*", authNativeFrameworkSrc, nativeAppDir, context);
 		}
 	}
@@ -2901,7 +2986,7 @@ async function addAddonsToProject(input) {
 			frontend: detectedConfig.frontend || [],
 			addons: input.addons,
 			examples: detectedConfig.examples || [],
-			auth: detectedConfig.auth || false,
+			auth: detectedConfig.auth || "none",
 			git: false,
 			packageManager: input.packageManager || detectedConfig.packageManager || "npm",
 			install: input.install || false,
@@ -3673,7 +3758,7 @@ async function addDeploymentToProject(input) {
 			frontend: detectedConfig.frontend || [],
 			addons: detectedConfig.addons || [],
 			examples: detectedConfig.examples || [],
-			auth: detectedConfig.auth || false,
+			auth: detectedConfig.auth || "none",
 			git: false,
 			packageManager: input.packageManager || detectedConfig.packageManager || "npm",
 			install: input.install || false,
@@ -3749,58 +3834,6 @@ async function formatProjectWithBiome(projectDir) {
 	} catch {}
 }
 
-//#endregion
-//#region src/helpers/addons/auth-setup.ts
-async function setupAuth(config) {
-	const { auth, frontend, backend, projectDir } = config;
-	if (backend === "convex" || !auth) return;
-	const serverDir = path.join(projectDir, "apps/server");
-	const clientDir = path.join(projectDir, "apps/web");
-	const nativeDir = path.join(projectDir, "apps/native");
-	const clientDirExists = await fs.pathExists(clientDir);
-	const nativeDirExists = await fs.pathExists(nativeDir);
-	const serverDirExists = await fs.pathExists(serverDir);
-	try {
-		if (serverDirExists) await addPackageDependency({
-			dependencies: ["better-auth"],
-			projectDir: serverDir
-		});
-		const hasWebFrontend$1 = frontend.some((f) => [
-			"react-router",
-			"tanstack-router",
-			"tanstack-start",
-			"next",
-			"nuxt",
-			"svelte",
-			"solid"
-		].includes(f));
-		if (hasWebFrontend$1 && clientDirExists) await addPackageDependency({
-			dependencies: ["better-auth"],
-			projectDir: clientDir
-		});
-		if ((frontend.includes("native-nativewind") || frontend.includes("native-unistyles")) && nativeDirExists) {
-			await addPackageDependency({
-				dependencies: ["better-auth", "@better-auth/expo"],
-				projectDir: nativeDir
-			});
-			if (serverDirExists) await addPackageDependency({
-				dependencies: ["@better-auth/expo"],
-				projectDir: serverDir
-			});
-		}
-	} catch (error) {
-		consola.error(pc.red("Failed to configure authentication dependencies"));
-		if (error instanceof Error) consola.error(pc.red(error.message));
-	}
-}
-function generateAuthSecret(length = 32) {
-	const characters = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
-	let result = "";
-	const charactersLength = 62;
-	for (let i = 0; i < length; i++) result += characters.charAt(Math.floor(Math.random() * charactersLength));
-	return result;
-}
-
 //#endregion
 //#region src/helpers/addons/examples-setup.ts
 async function setupExamples(config) {
@@ -4050,6 +4083,88 @@ async function setupBackendDependencies(config) {
 	});
 }
 
+//#endregion
+//#region src/helpers/core/auth-setup.ts
+async function setupAuth(config) {
+	const { auth, frontend, backend, projectDir } = config;
+	if (!auth || auth === "none") return;
+	const serverDir = path.join(projectDir, "apps/server");
+	const clientDir = path.join(projectDir, "apps/web");
+	const nativeDir = path.join(projectDir, "apps/native");
+	const clientDirExists = await fs.pathExists(clientDir);
+	const nativeDirExists = await fs.pathExists(nativeDir);
+	const serverDirExists = await fs.pathExists(serverDir);
+	try {
+		if (backend === "convex") {
+			if (auth === "clerk" && clientDirExists) {
+				const hasNextJs = frontend.includes("next");
+				const hasTanStackStart = frontend.includes("tanstack-start");
+				const hasViteReactOther = frontend.some((f) => ["tanstack-router", "react-router"].includes(f));
+				if (hasNextJs) await addPackageDependency({
+					dependencies: ["@clerk/nextjs"],
+					projectDir: clientDir
+				});
+				else if (hasTanStackStart) await addPackageDependency({
+					dependencies: ["@clerk/tanstack-react-start"],
+					projectDir: clientDir
+				});
+				else if (hasViteReactOther) await addPackageDependency({
+					dependencies: ["@clerk/clerk-react"],
+					projectDir: clientDir
+				});
+			}
+			const hasNativeWind = frontend.includes("native-nativewind");
+			const hasUnistyles = frontend.includes("native-unistyles");
+			if (auth === "clerk" && nativeDirExists && (hasNativeWind || hasUnistyles)) await addPackageDependency({
+				dependencies: ["@clerk/clerk-expo"],
+				projectDir: nativeDir
+			});
+			return;
+		}
+		if (serverDirExists && auth === "better-auth") await addPackageDependency({
+			dependencies: ["better-auth"],
+			projectDir: serverDir
+		});
+		const hasWebFrontend$1 = frontend.some((f) => [
+			"react-router",
+			"tanstack-router",
+			"tanstack-start",
+			"next",
+			"nuxt",
+			"svelte",
+			"solid"
+		].includes(f));
+		if (hasWebFrontend$1 && clientDirExists) {
+			if (auth === "better-auth") await addPackageDependency({
+				dependencies: ["better-auth"],
+				projectDir: clientDir
+			});
+		}
+		if ((frontend.includes("native-nativewind") || frontend.includes("native-unistyles")) && nativeDirExists) {
+			if (auth === "better-auth") {
+				await addPackageDependency({
+					dependencies: ["better-auth", "@better-auth/expo"],
+					projectDir: nativeDir
+				});
+				if (serverDirExists) await addPackageDependency({
+					dependencies: ["@better-auth/expo"],
+					projectDir: serverDir
+				});
+			}
+		}
+	} catch (error) {
+		consola.error(pc.red("Failed to configure authentication dependencies"));
+		if (error instanceof Error) consola.error(pc.red(error.message));
+	}
+}
+function generateAuthSecret(length = 32) {
+	const characters = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+	let result = "";
+	const charactersLength = 62;
+	for (let i = 0; i < length; i++) result += characters.charAt(Math.floor(Math.random() * charactersLength));
+	return result;
+}
+
 //#endregion
 //#region src/helpers/core/env-setup.ts
 async function addEnvVariablesToFile(filePath, variables) {
@@ -4128,6 +4243,33 @@ async function setupEnvironmentVariables(config) {
 				value: serverUrl,
 				condition: true
 			}];
+			if (backend === "convex" && auth === "clerk") {
+				if (hasNextJs) clientVars.push({
+					key: "NEXT_PUBLIC_CLERK_FRONTEND_API_URL",
+					value: "",
+					condition: true
+				}, {
+					key: "NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY",
+					value: "",
+					condition: true
+				}, {
+					key: "CLERK_SECRET_KEY",
+					value: "",
+					condition: true
+				});
+				else if (hasReactRouter || hasTanStackRouter || hasTanStackStart) {
+					clientVars.push({
+						key: "VITE_CLERK_PUBLISHABLE_KEY",
+						value: "",
+						condition: true
+					});
+					if (hasTanStackStart) clientVars.push({
+						key: "CLERK_SECRET_KEY",
+						value: "",
+						condition: true
+					});
+				}
+			}
 			await addEnvVariablesToFile(path.join(clientDir, ".env"), clientVars);
 		}
 	}
@@ -4145,6 +4287,11 @@ async function setupEnvironmentVariables(config) {
 				value: serverUrl,
 				condition: true
 			}];
+			if (backend === "convex" && auth === "clerk") nativeVars.push({
+				key: "EXPO_PUBLIC_CLERK_PUBLISHABLE_KEY",
+				value: "",
+				condition: true
+			});
 			await addEnvVariablesToFile(path.join(nativeDir, ".env"), nativeVars);
 		}
 	}
@@ -5226,7 +5373,7 @@ This project uses Convex as a backend. You'll need to set up Convex before runni
 ${packageManagerRunCmd} dev:setup
 \`\`\`
 
-Follow the prompts to create a new Convex project and connect it to your application.` : generateDatabaseSetup(database, auth, packageManagerRunCmd, orm, options.dbSetup, options.serverDeploy)}
+Follow the prompts to create a new Convex project and connect it to your application.${auth === "clerk" ? " See [Convex + Clerk guide](https://docs.convex.dev/auth/clerk) for auth setup." : ""}` : generateDatabaseSetup(database, auth, packageManagerRunCmd, orm, options.dbSetup, options.serverDeploy)}
 
 Then, run the development server:
 
@@ -5243,7 +5390,7 @@ ${generateDeploymentCommands(packageManagerRunCmd, webDeploy, serverDeploy)}
 ## Project Structure
 
 \`\`\`
-${generateProjectStructure(projectName, frontend, backend, addons, isConvex, api)}
+${generateProjectStructure(projectName, frontend, backend, addons, isConvex, api, auth)}
 \`\`\`
 
 ## Available Scripts
@@ -5293,7 +5440,7 @@ function generateRunningInstructions(frontend, backend, webPort, hasNative, isCo
 	else if (!isBackendNone) instructions.push("The API is running at [http://localhost:3000](http://localhost:3000).");
 	return instructions.join("\n");
 }
-function generateProjectStructure(projectName, frontend, backend, addons, isConvex, api) {
+function generateProjectStructure(projectName, frontend, backend, addons, isConvex, api, auth) {
 	const structure = [`${projectName}/`, "├── apps/"];
 	const hasFrontendNone = frontend.length === 0 || frontend.includes("none");
 	const isBackendNone = backend === "none";
@@ -5323,6 +5470,7 @@ function generateProjectStructure(projectName, frontend, backend, addons, isConv
 	if (isConvex) {
 		structure.push("├── packages/");
 		structure.push("│   └── backend/     # Convex backend functions and schema");
+		if (auth === "clerk") structure.push("│       ├── convex/    # Convex functions and schema", "│       └── .env.local # Convex environment variables");
 	} else if (!isBackendNone) {
 		const backendName = backend[0].toUpperCase() + backend.slice(1);
 		const apiName = api !== "none" ? api.toUpperCase() : "";
@@ -5374,7 +5522,10 @@ function generateFeaturesList(database, auth, addons, orm, runtime, frontend, ba
 		const dbName = database === "sqlite" ? "SQLite/Turso" : database === "postgres" ? "PostgreSQL" : database === "mysql" ? "MySQL" : database === "mongodb" ? "MongoDB" : "Database";
 		addonsList.push(`- **${ormName}** - TypeScript-first ORM`, `- **${dbName}** - Database engine`);
 	}
-	if (auth && !isConvex) addonsList.push("- **Authentication** - Email & password authentication with Better Auth");
+	if (auth !== "none") {
+		const authLabel = auth === "clerk" ? "Clerk" : "Better-Auth";
+		addonsList.push(`- **Authentication** - ${authLabel}`);
+	}
 	for (const addon of addons) if (addon === "pwa") addonsList.push("- **PWA** - Progressive Web App support");
 	else if (addon === "tauri") addonsList.push("- **Tauri** - Build native desktop applications");
 	else if (addon === "biome") addonsList.push("- **Biome** - Linting and formatting");
@@ -5565,6 +5716,7 @@ async function displayPostInstallInstructions(config) {
 	const nativeInstructions = frontend?.includes("native-nativewind") || frontend?.includes("native-unistyles") ? getNativeInstructions(isConvex) : "";
 	const pwaInstructions = addons?.includes("pwa") && frontend?.includes("react-router") ? getPwaInstructions() : "";
 	const starlightInstructions = addons?.includes("starlight") ? getStarlightInstructions(runCmd) : "";
+	const clerkInstructions = isConvex && config.auth === "clerk" ? getClerkInstructions() : "";
 	const wranglerDeployInstructions = getWranglerDeployInstructions(runCmd, webDeploy, serverDeploy);
 	const alchemyDeployInstructions = getAlchemyDeployInstructions(runCmd, webDeploy, serverDeploy);
 	const hasWeb = frontend?.some((f) => [
@@ -5588,6 +5740,12 @@ async function displayPostInstallInstructions(config) {
 	if (!depsInstalled) output += `${pc.cyan(`${stepCounter++}.`)} ${packageManager} install\n`;
 	if (isConvex) {
 		output += `${pc.cyan(`${stepCounter++}.`)} ${runCmd} dev:setup\n${pc.dim("   (this will guide you through Convex project setup)")}\n`;
+		if (config.auth === "clerk") {
+			output += `${pc.cyan(`${stepCounter++}.`)} ${pc.bold("Clerk Setup:")}\n${pc.dim("   Follow the Convex + Clerk guide to configure authentication:")}\n${pc.cyan("   ")}${pc.underline("https://docs.convex.dev/auth/clerk")}\n\n`;
+			output += `${pc.cyan(`${stepCounter++}.`)} ${pc.bold("Required Environment Variables:")}\n`;
+			output += `${pc.dim("   •")} Set CLERK_JWT_ISSUER_DOMAIN in Convex Dashboard\n`;
+			output += `${pc.dim("   •")} Set CLERK_PUBLISHABLE_KEY in apps/*/.env\n`;
+		}
 		output += `${pc.cyan(`${stepCounter++}.`)} Copy environment variables from\n${pc.white("   packages/backend/.env.local")} to ${pc.white("apps/*/.env")}\n`;
 		output += `${pc.cyan(`${stepCounter++}.`)} ${runCmd} dev\n\n`;
 	} else {
@@ -5612,6 +5770,7 @@ async function displayPostInstallInstructions(config) {
 	if (wranglerDeployInstructions) output += `\n${wranglerDeployInstructions.trim()}\n`;
 	if (alchemyDeployInstructions) output += `\n${alchemyDeployInstructions.trim()}\n`;
 	if (starlightInstructions) output += `\n${starlightInstructions.trim()}\n`;
+	if (clerkInstructions) output += `\n${clerkInstructions.trim()}\n`;
 	if (noOrmWarning) output += `\n${noOrmWarning.trim()}\n`;
 	if (bunWebNativeWarning) output += `\n${bunWebNativeWarning.trim()}\n`;
 	output += `\n${pc.bold("Update all dependencies:\n")}${pc.cyan(tazeCommand)}\n\n`;
@@ -5687,6 +5846,9 @@ function getWranglerDeployInstructions(runCmd, webDeploy, serverDeploy) {
 	if (serverDeploy === "wrangler") instructions.push(`${pc.bold("Deploy server to Cloudflare Workers:")}\n${pc.cyan("•")} Deploy: ${`cd apps/server && ${runCmd} run deploy`}`);
 	return instructions.length ? `\n${instructions.join("\n")}` : "";
 }
+function getClerkInstructions() {
+	return `${pc.bold("Clerk Authentication Setup:")}\n${pc.cyan("1.")} Sign up for Clerk at ${pc.underline("https://clerk.com/sign-up")}\n${pc.cyan("2.")} Create a new application in Clerk Dashboard\n${pc.cyan("3.")} Create a JWT template named ${pc.bold("'convex'")} (exact name required)\n${pc.cyan("4.")} Copy your Clerk Frontend API URL (Issuer URL)\n${pc.cyan("5.")} Set environment variables:\n${pc.dim("   •")} CLERK_JWT_ISSUER_DOMAIN in Convex Dashboard\n${pc.dim("   •")} CLERK_PUBLISHABLE_KEY in apps/*/.env\n${pc.cyan("6.")} Follow the complete guide: ${pc.underline("https://docs.convex.dev/auth/clerk")}\n${pc.yellow("NOTE:")} Use Convex's <Authenticated> components instead of Clerk's <SignedIn>`;
+}
 function getAlchemyDeployInstructions(runCmd, webDeploy, serverDeploy) {
 	const instructions = [];
 	if (webDeploy === "alchemy" && serverDeploy !== "alchemy") instructions.push(`${pc.bold("Deploy web with Alchemy:")}\n${pc.cyan("•")} Dev: ${`cd apps/web && ${runCmd} dev`}\n${pc.cyan("•")} Deploy: ${`cd apps/web && ${runCmd} deploy`}\n${pc.cyan("•")} Destroy: ${`cd apps/web && ${runCmd} destroy`}`);
@@ -5889,8 +6051,8 @@ async function createProject(options) {
 		if (!isConvex) {
 			await setupDbOrmTemplates(projectDir, options);
 			await setupDockerComposeTemplates(projectDir, options);
-			await setupAuthTemplate(projectDir, options);
 		}
+		await setupAuthTemplate(projectDir, options);
 		if (options.examples.length > 0 && options.examples[0] !== "none") await setupExamplesTemplate(projectDir, options);
 		await setupAddonsTemplate(projectDir, options);
 		await setupDeploymentTemplates(projectDir, options);
@@ -5902,7 +6064,7 @@ async function createProject(options) {
 			if (options.examples.length > 0 && options.examples[0] !== "none") await setupExamples(options);
 		}
 		if (options.addons.length > 0 && options.addons[0] !== "none") await setupAddons(options);
-		if (!isConvex && options.auth) await setupAuth(options);
+		if (options.auth && options.auth !== "none") await setupAuth(options);
 		await handleExtras(projectDir, options);
 		await setupEnvironmentVariables(options);
 		await updatePackageConfigurations(projectDir, options);
@@ -5981,7 +6143,7 @@ async function createProjectHandler(input) {
 				frontend: [],
 				addons: [],
 				examples: [],
-				auth: false,
+				auth: "none",
 				git: false,
 				packageManager: "npm",
 				install: false,
@@ -6016,8 +6178,8 @@ async function createProjectHandler(input) {
 		};
 		coerceBackendPresets(config);
 		validateConfigCompatibility(config, providedFlags, cliInput);
-		if (config.backend === "convex") log.info("Due to '--backend convex' flag, the following options have been automatically set: auth=false, database=none, orm=none, api=none, runtime=none, dbSetup=none, examples=todo");
-		else if (config.backend === "none") log.info("Due to '--backend none', the following options have been automatically set: --auth=false, --database=none, --orm=none, --api=none, --runtime=none, --db-setup=none, --examples=none");
+		if (config.backend === "convex") log.info(`Due to '--backend convex' flag, the following options have been automatically set: database=none, orm=none, api=none, runtime=none, dbSetup=none, examples=todo`);
+		else if (config.backend === "none") log.info("Due to '--backend none', the following options have been automatically set: --auth none, --database=none, --orm=none, --api=none, --runtime=none, --db-setup=none, --examples=none");
 		log.info(pc.yellow("Using default/flag options (config prompts skipped):"));
 		log.message(displayConfig(config));
 		log.message("");
@@ -6223,7 +6385,7 @@ const router = t.router({
 		verbose: z.boolean().optional().default(false).describe("Show detailed result information"),
 		database: DatabaseSchema.optional(),
 		orm: ORMSchema.optional(),
-		auth: z.boolean().optional(),
+		auth: AuthSchema.optional(),
 		frontend: z.array(FrontendSchema).optional(),
 		addons: z.array(AddonsSchema).optional(),
 		examples: z.array(ExamplesSchema).optional(),
@@ -6314,7 +6476,7 @@ function createBtsCli() {
 *   backend: "hono",
 *   database: "sqlite",
 *   orm: "drizzle",
-*   auth: true,
+*   auth: "better-auth",
 *   addons: ["biome", "turborepo"],
 *   packageManager: "bun",
 *   install: false,