BetterAuth
28. March, 2025 • 3 min read • Develop
Introducing BetterAuth
Authentication is a cornerstone of web application security, yet implementing it correctly and efficiently remains a challenge. BetterAuth aims to address this by providing a robust, extensible, and developer-friendly authentication framework built with TypeScript.
BetterAuth offers a suite of features out-of-the-box, including:
- Multi-Factor Authentication (MFA): Enhance security by requiring additional verification steps.
- Passwordless Authentication: Allow users to authenticate without traditional passwords.
- Social Login Integrations: Support for providers like Google and GitHub.
- Role-Based Access Control (RBAC): Fine-grained permission management.
- Multi-Tenancy Support: Manage multiple tenants within a single application instance.
Its plugin architecture and framework-agnostic design make it adaptable to various project requirements.
Getting Started with BetterAuth
To integrate BetterAuth into your application:
Install the Package:
npm install better-authConfigure BetterAuth:
// auth.ts
import { betterAuth } from 'better-auth';
import { prismaAdapter } from 'better-auth/adapters/prisma';
import prisma from './db';
export const auth = betterAuth({
database: prismaAdapter(prisma, { provider: 'postgresql' }),
emailAndPassword: { enabled: true },
socialProviders: {
github: {
clientId: process.env.GITHUB_CLIENT_ID,
clientSecret: process.env.GITHUB_CLIENT_SECRET,
},
},
trustedOrigins: ['http://localhost:3000'],
});Set Environment Variables:
Create a .env file with the following:
BETTER_AUTH_SECRET=your-secret-key
BETTER_AUTH_URL=http://localhost:3000Initialize in Your Application:
// server.ts
import { auth } from './auth';
app.use('/auth', auth.router);This setup provides a ready-to-use authentication system with minimal configuration.
Testing Authentication Flows
BetterAuth supports comprehensive testing through its utilities:
Install Testing Utilities:
npm install @better-auth-kit/tests --save-devWrite Tests:
// auth.test.ts
import { testAuth } from '@better-auth-kit/tests';
import { auth } from './auth';
test('User can register and login', async () => {
const client = testAuth(auth);
await client.register({
email: 'user@example.com',
password: 'securePass123',
});
const session = await client.login({
email: 'user@example.com',
password: 'securePass123',
});
expect(session).toBeDefined();
});These tools ensure your authentication flows work as intended.
Integrating with AWS Cognito
To use AWS Cognito as an authentication provider:
Configure Cognito in AWS:
- Create a User Pool.
- Set up an App Client.
- Note the Pool ID and Client ID.
Integrate with BetterAuth:
// auth.ts
import { betterAuth } from 'better-auth';
import { cognitoAdapter } from 'better-auth/adapters/cognito';
export const auth = betterAuth({
database: cognitoAdapter({
userPoolId: process.env.COGNITO_USER_POOL_ID,
clientId: process.env.COGNITO_CLIENT_ID,
}),
// other configurations
});Set Environment Variables:
COGNITO_USER_POOL_ID=your-user-pool-id
COGNITO_CLIENT_ID=your-client-idThis integration allows you to leverage AWS Cognito’s scalable user management features within BetterAuth.
Conclusion
BetterAuth streamlines the implementation of secure authentication and authorization in web applications. Its TypeScript-first approach, extensibility, and support for modern authentication methods make it a valuable tool for developers aiming to build secure and scalable applications.
‘Till next time!