2026-05-18backend
Better Auth introduced (Google + GitHub OAuth)
- Change:
better-authadded as the authentication library. Server instance lives inapp/lib/auth.ts(guarded byimport "server-only"). Client helpers (signIn,signOut,useSession) exported fromapp/lib/auth-client.ts. A catch-all route handler atapp/api/auth/[...all]/route.tshandles all auth API traffic. - Why: Needed user identity to protect admin-only features; social OAuth avoids building a credential system from scratch.
- Affected Modules:
app/lib/auth.ts,app/lib/auth-client.ts,app/api/auth/[...all]/,app/auth/page.tsx,package.json - Trade-offs:
- Pro: Handles session management, CSRF, token refresh, and social provider OAuth out of the box.
- Con: Requires several environment variables (
BETTER_AUTH_SECRET,BETTER_AUTH_URL, OAuth client IDs/secrets); initial setup used a non-Prisma in-memory adapter that was later replaced.