auth-patterns
SKILL.md
Auth Patterns
Quick Pattern
// Login form
export const login = form(schema, async ({ email, password }) => {
const event = getRequestEvent();
await auth.api.signInEmail({
body: { email, password },
headers: event.request.headers,
});
redirect(303, '/dashboard'); // Outside try/catch
});
// Protected query
export const get_data = guarded_query(() => {
return { message: 'Protected data' };
});
Core Principles
- Use
getRequestEvent()for headers (cookie access) - Redirect MUST be outside try/catch (throws error)
- Use
guarded_query/form/commandfor protected endpoints - Email verification required before login
- Commands cannot redirect - use client-side
goto()
Reference Files
- auth-setup.md - Complete better-auth configuration
- auth-usage.md - All auth patterns and examples
- email-verification.md - Email verification flow
Weekly Installs
4
Repository
spences10/devhub-crmGitHub Stars
6
First Seen
4 days ago
Security Audits
Installed on
opencode4
gemini-cli4
claude-code4
github-copilot4
codex4
amp4