better-auth
Better Auth Procedure Selection
Select authorization boundaries with Better Auth + TRPC patterns used in template-ts apps.
Procedure Selection Table
| Procedure | Access Level | Context Provided |
|---|---|---|
publicProcedure |
No auth | { db, session?, headers } |
protectedProcedure |
Authenticated | { db, session, userId, headers } |
adminProcedure |
Admin role | { db, session, headers } |
protectedOrganizationMemberProcedure |
Org member | { ..., member, organizationId } |
protectedOrganizationAdminProcedure |
Org admin/owner | { ..., member, organizationId } |
protectedProjectMemberProcedure |
Project access | { ..., project, projectRole, orgRole } |
protectedProjectAdminProcedure |
Project admin | { ..., project, projectRole, orgRole } |
protectedProjectEditorProcedure |
Project editor+ | { ..., project, projectRole, orgRole } |
Use this table as the primary selector before writing router logic.
Use This Skill When
- Select the correct protected procedure for organization/project/member/admin access.
- Implement Better Auth authorization checks inside TRPC procedures.
- Review auth boundaries in existing routers.
Follow This Workflow
- Identify required access level from the Procedure Selection Table.
- Start implementation from the matching base procedure.
- Chain stricter middleware only when the table does not fully satisfy the access rule.
- Load
references/better-auth-examples.mdfor detailed examples and copy-ready snippets. - Keep context shape stable; add only route-specific fields.
Key Rules
- Select the narrowest procedure that matches the required permission.
- Reuse inherited context (
userId,organizationId,project, roles) instead of recomputing it. - Grant organization admins automatic project-admin behavior; avoid duplicate checks.
- Pass
ctx.headerstoauth.api.*server calls. - Validate variable origins in every middleware (
opts.ctx,opts.input) before adding business logic.
References
references/better-auth-examples.md— auth configuration, context setup, middleware examples, client auth usage, and admin API patterns.
More from blogic-cz/blogic-marketplace
marketing-expert
This skill should be used when writing or rewriting marketing copy for software products, including positioning, messaging, homepage rewrite work, landing pages, product descriptions, conversion-focused updates, and sales-enablement content. Produces clear, truthful, high-performing SaaS copy.
97requirements
This skill should be used when clarifying a feature, writing a requirements spec, running a structured discovery session, or when users mention requirements-start, requirements-status, requirements-current, requirements-list, requirements-remind, or requirements-end.
78frontend-design
This skill should be used when a task requires designing or implementing frontend UI (components, pages, layouts, styling) and no more specialized frontend skill is a better fit. It guides production-grade, brand-consistent visual implementation with distinctive but controlled aesthetics.
77testing-patterns
This skill should be used when implementing or reviewing testing workflows in template-ts projects, especially for testing, Vitest, Playwright, integration test, and mocking scenarios.
76git-workflow
Automates the full PR lifecycle — create or update a pull request, then aggressively monitor CI checks and review feedback in a continuous loop, fixing failures and addressing comments until the PR is fully green. Also covers push, branch creation, and branch sync workflows.
76debugging-with-opensrc
Load this skill when debugging behavior in external libraries by reading local OpenSrc mirrors (Effect, TanStack, TRPC, Drizzle, Better Auth, Sentry, Pino), or when docs conflict with runtime behavior and source-level verification is required.
75