Authentication
Skit uses Better Auth for authentication — a modern, type-safe auth library for Next.js.
Modules
auth-core
Included in every project. Provides:
- Email/password authentication
- Session management with database sessions
- Middleware-based route protection
- Sign in / sign up pages
- Auth utilities (
auth-client.ts,auth-session.ts)
auth-github
Optional. Added when --auth email-password+github or --auth email-password+github+google is selected.
- GitHub OAuth provider configuration
- Social login button on sign-in page
Requires GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET env vars.
auth-google
Optional. Added when --auth email-password+google or --auth email-password+github+google is selected.
- Google OAuth provider configuration
- Social login button on sign-in page
Requires GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET env vars.
Auth options
--auth value | Modules included |
|---|---|
email-password | auth-core |
email-password+github | auth-core, auth-github |
email-password+google | auth-core, auth-google |
email-password+github+google | auth-core, auth-github, auth-google |
Key files
| File | Purpose |
|---|---|
src/lib/auth.ts | Better Auth server configuration |
src/lib/auth-client.ts | Client-side auth utilities |
src/lib/auth-session.ts | Server-side session helper |
src/app/api/auth/[...all]/route.ts | Auth API catch-all route |
src/middleware.ts | Route protection middleware |
src/app/sign-in/page.tsx | Sign in page |
src/app/sign-up/page.tsx | Sign up page |
Route protection
Routes under /dashboard, /settings, /billing are protected by middleware. Unauthenticated users are redirected to /sign-in.
// src/middleware.ts
const protectedRoutes = ['/dashboard', '/settings', '/billing'];Session access
Server components:
import { getSession } from '@/lib/auth-session';
const session = await getSession();
if (!session) redirect('/sign-in');Client components:
import { useSession } from '@/lib/auth-client';
const { data: session } = useSession();