المهارات configuring-better-auth
🔐

configuring-better-auth

آمن ⚙️ الأوامر الخارجية🌐 الوصول إلى الشبكة📁 الوصول إلى نظام الملفات🔑 متغيرات البيئة

Better Auth OAuth 2.1 und OIDC konfigurieren

Dieses Skill hilft Entwicklern bei der Implementierung sicherer OAuth 2.1- und OIDC-Authentifizierung mit dem Better Auth Framework. Es bietet schrittweise Anleitungen zur Einrichtung zentralisierter Authentifizierungsserver mit SSO, PKCE-Flows und JWKS-Token-Verifizierung.

يدعم: Claude Codex Code(CC)
🥉 76 برونزي
1

تنزيل ZIP المهارة

2

رفع في Claude

اذهب إلى Settings → Capabilities → Skills → Upload skill

3

فعّل وابدأ الاستخدام

اختبرها

استخدام "configuring-better-auth". Better Auth mit OIDC-Provider einrichten

النتيجة المتوقعة:

  • Abhängigkeiten installieren: better-auth, @better-auth/oidc-provider, drizzle-orm
  • Datenbank-Adapter und Session-Einstellungen konfigurieren
  • Vertrauenswürdige Clients mit PKCE-Unterstützung einrichten
  • E-Mail-Verifizierung mit Resend oder SMTP hinzufügen

استخدام "configuring-better-auth". PKCE-Login in Next.js implementieren

النتيجة المتوقعة:

  • Kryptografisch sicheren Code-Verifier mit crypto.getRandomValues generieren
  • SHA-256 Code-Challenge für Autorisierungsanfrage erstellen
  • Verifier vor Umleitung in sessionStorage speichern
  • Autorisierungscode serverseitig gegen Tokens austauschen

استخدام "configuring-better-auth". Tokens mit JWKS verifizieren

النتيجة المتوقعة:

  • Remote-JWKS-Endpunkt erstellen, der auf Auth-Server verweist
  • jose-Bibliothek für JWT-Verifizierung mit RS256 verwenden
  • Issuer- und Audience-Claims validieren
  • Token-Ablauf und Aktualisierung elegant handhaben

التدقيق الأمني

آمن
v5 • 1/16/2026

All static findings are FALSE POSITIVES. This is legitimate OAuth/OIDC authentication documentation for Better Auth framework. The scanner flagged standard OAuth patterns (network calls for token exchange, environment config, PKCE code verifiers in sessionStorage) as suspicious, but these are required for OAuth/OIDC flows. Uses industry-standard RS256 cryptography, proper httpOnly cookies, and PKCE security measures.

5
الملفات التي تم فحصها
1,735
الأسطر التي تم تحليلها
4
النتائج
5
إجمالي عمليات التدقيق

عوامل الخطر

⚙️ الأوامر الخارجية (125)
references/auth-server-setup.md:37-78 references/auth-server-setup.md:78-82 references/auth-server-setup.md:82-114 references/auth-server-setup.md:114-119 references/auth-server-setup.md:119-131 references/auth-server-setup.md:131-135 references/auth-server-setup.md:135-140 references/auth-server-setup.md:140-141 references/auth-server-setup.md:141-157 references/auth-server-setup.md:157-161 references/auth-server-setup.md:161-163 references/auth-server-setup.md:163-219 references/auth-server-setup.md:219-222 references/auth-server-setup.md:222-231 references/auth-server-setup.md:231-238 references/auth-server-setup.md:238-259 references/auth-server-setup.md:259-262 references/auth-server-setup.md:262-295 references/auth-server-setup.md:295-297 references/auth-server-setup.md:297-300 references/auth-server-setup.md:300-313 references/auth-server-setup.md:313-319 references/auth-server-setup.md:319-388 references/auth-server-setup.md:388-402 references/auth-server-setup.md:402-407 references/auth-server-setup.md:407-410 references/auth-server-setup.md:410-421 references/auth-server-setup.md:421-429 references/auth-server-setup.md:429-451 references/auth-server-setup.md:451-460 references/auth-server-setup.md:460-468 references/auth-server-setup.md:468-474 references/auth-server-setup.md:474-480 references/auth-server-setup.md:480-493 references/auth-server-setup.md:493-509 references/auth-server-setup.md:509-511 references/auth-server-setup.md:511-518 references/auth-server-setup.md:518-524 references/auth-server-setup.md:524-532 references/auth-server-setup.md:532-538 references/auth-server-setup.md:538-548 references/auth-server-setup.md:548-549 references/auth-server-setup.md:549-550 references/auth-server-setup.md:550-551 references/auth-server-setup.md:551-552 references/auth-server-setup.md:552-553 references/auth-server-setup.md:553-557 references/auth-server-setup.md:557-572 references/auth-server-setup.md:572-575 references/auth-server-setup.md:575-577 references/auth-server-setup.md:577-579 references/sso-client-integration.md:20-31 references/sso-client-integration.md:31-35 references/sso-client-integration.md:35-42 references/sso-client-integration.md:42-48 references/sso-client-integration.md:48-91 references/sso-client-integration.md:91-99 references/sso-client-integration.md:99-113 references/sso-client-integration.md:113-117 references/sso-client-integration.md:117-132 references/sso-client-integration.md:132-151 references/sso-client-integration.md:151-157 references/sso-client-integration.md:157-213 references/sso-client-integration.md:213-217 references/sso-client-integration.md:217-224 references/sso-client-integration.md:224-254 references/sso-client-integration.md:254-258 references/sso-client-integration.md:258-319 references/sso-client-integration.md:319-326 references/sso-client-integration.md:326-384 references/sso-client-integration.md:384-388 references/sso-client-integration.md:388-401 references/sso-client-integration.md:401-423 references/sso-client-integration.md:423-427 references/sso-client-integration.md:427-433 references/sso-client-integration.md:433-450 references/sso-client-integration.md:450-486 references/sso-client-integration.md:486-490 references/sso-client-integration.md:490-508 references/sso-client-integration.md:508-567 references/sso-client-integration.md:567-592 references/sso-client-integration.md:592-596 references/sso-client-integration.md:596-603 references/sso-client-integration.md:603-607 references/sso-client-integration.md:607-626 references/sso-client-integration.md:626-636 references/sso-client-integration.md:636-637 SKILL.md:18-20 SKILL.md:20-22 SKILL.md:22-24 SKILL.md:24-33 SKILL.md:33-49 SKILL.md:49-60 SKILL.md:60-66 SKILL.md:66-68 SKILL.md:68-72 SKILL.md:72-94 SKILL.md:94-98 SKILL.md:98-105 SKILL.md:105-113 SKILL.md:113-115 SKILL.md:115-119 SKILL.md:119-122 SKILL.md:122-126 SKILL.md:126-135 SKILL.md:135-139 SKILL.md:139-146 SKILL.md:146-148 SKILL.md:148-152 SKILL.md:152-159 SKILL.md:159-166 SKILL.md:166-179 SKILL.md:179-187 SKILL.md:187-208 SKILL.md:208-219 SKILL.md:219-221 SKILL.md:221-231 SKILL.md:231-234 SKILL.md:234-238 SKILL.md:238-248 SKILL.md:248-251 SKILL.md:251-253 SKILL.md:253-256 SKILL.md:256-273 SKILL.md:273-275
🌐 الوصول إلى الشبكة (61)
references/auth-server-setup.md:119 references/auth-server-setup.md:140 references/auth-server-setup.md:64 references/auth-server-setup.md:107 references/auth-server-setup.md:125 references/auth-server-setup.md:223 references/auth-server-setup.md:228 references/auth-server-setup.md:248 references/auth-server-setup.md:279 references/auth-server-setup.md:423 references/auth-server-setup.md:520 references/auth-server-setup.md:523 references/auth-server-setup.md:534 references/auth-server-setup.md:534 references/auth-server-setup.md:537 references/auth-server-setup.md:322 references/auth-server-setup.md:322 references/auth-server-setup.md:327 references/auth-server-setup.md:329 references/auth-server-setup.md:329 references/auth-server-setup.md:330 references/auth-server-setup.md:331 references/auth-server-setup.md:332 references/auth-server-setup.md:333 references/auth-server-setup.md:336 references/auth-server-setup.md:336 references/auth-server-setup.md:337 references/auth-server-setup.md:338 references/auth-server-setup.md:339 references/auth-server-setup.md:340 references/auth-server-setup.md:342 references/auth-server-setup.md:343 references/auth-server-setup.md:353 references/auth-server-setup.md:355 references/auth-server-setup.md:366 references/auth-server-setup.md:367 references/auth-server-setup.md:368 references/auth-server-setup.md:368 references/auth-server-setup.md:415 references/auth-server-setup.md:416 references/auth-server-setup.md:416 references/auth-server-setup.md:417 references/auth-server-setup.md:418 references/auth-server-setup.md:419 references/sso-client-integration.md:151 references/sso-client-integration.md:294 references/sso-client-integration.md:336 references/sso-client-integration.md:508 references/sso-client-integration.md:567 references/sso-client-integration.md:40 references/sso-client-integration.md:598 references/sso-client-integration.md:602 references/sso-client-integration.md:639 skill-report.json:6 skill-report.json:129 SKILL.md:159 SKILL.md:221 SKILL.md:19 SKILL.md:29 SKILL.md:102 SKILL.md:120
📁 الوصول إلى نظام الملفات (4)
references/auth-server-setup.md:266 references/auth-server-setup.md:557 skill-report.json:6 SKILL.md:238
🔑 متغيرات البيئة (66)
references/auth-server-setup.md:54 references/auth-server-setup.md:271 references/auth-server-setup.md:325 references/auth-server-setup.md:326 references/auth-server-setup.md:327 references/auth-server-setup.md:331 references/auth-server-setup.md:332 references/auth-server-setup.md:333 references/auth-server-setup.md:338 references/auth-server-setup.md:339 references/auth-server-setup.md:340 references/auth-server-setup.md:342 references/auth-server-setup.md:343 references/auth-server-setup.md:349 references/auth-server-setup.md:350 references/auth-server-setup.md:54 references/auth-server-setup.md:271 references/auth-server-setup.md:325 references/auth-server-setup.md:326 references/auth-server-setup.md:327 references/auth-server-setup.md:331 references/auth-server-setup.md:332 references/auth-server-setup.md:333 references/auth-server-setup.md:338 references/auth-server-setup.md:339 references/auth-server-setup.md:340 references/auth-server-setup.md:342 references/auth-server-setup.md:343 references/auth-server-setup.md:349 references/auth-server-setup.md:350 references/auth-server-setup.md:271 references/auth-server-setup.md:349 references/auth-server-setup.md:350 references/auth-server-setup.md:412 references/sso-client-integration.md:50 references/sso-client-integration.md:51 references/sso-client-integration.md:122 references/sso-client-integration.md:123 references/sso-client-integration.md:180 references/sso-client-integration.md:223 references/sso-client-integration.md:393 references/sso-client-integration.md:432 references/sso-client-integration.md:495 references/sso-client-integration.md:496 references/sso-client-integration.md:527 references/sso-client-integration.md:50 references/sso-client-integration.md:51 references/sso-client-integration.md:122 references/sso-client-integration.md:123 references/sso-client-integration.md:180 references/sso-client-integration.md:223 references/sso-client-integration.md:393 references/sso-client-integration.md:432 references/sso-client-integration.md:495 references/sso-client-integration.md:496 references/sso-client-integration.md:527 SKILL.md:138 SKILL.md:164 SKILL.md:166 SKILL.md:225 SKILL.md:244 SKILL.md:138 SKILL.md:164 SKILL.md:166 SKILL.md:225 SKILL.md:244
تم تدقيقه بواسطة: claude عرض سجل التدقيق →

درجة الجودة

64
الهندسة المعمارية
100
قابلية الصيانة
85
المحتوى
22
المجتمع
100
الأمان
91
الامتثال للمواصفات

ماذا يمكنك بناءه

SSO-Plattform aufbauen

Einen zentralisierten Auth-Server für mehrere Anwendungen mit ordnungsgemäßer OAuth 2.1-Konformität erstellen.

SSO-Login hinzufügen

Better Auth SSO in Next.js-Apps mit sicherem PKCE-Flow und Token-Management integrieren.

Auth-Infrastruktur konfigurieren

Produktionsreife Authentifizierung mit JWKS, E-Mail-Verifizierung und Admin-Steuerung einrichten.

جرّب هذه الموجهات

Basis-Auth-Einrichtung 
Richten Sie einen Better Auth OAuth 2.1-Authentifizierungsserver mit OIDC-Provider-Plugin ein, einschließlich Datenbankkonfiguration und Registrierung vertrauenswürdiger Clients.
SSO-Integration 
Implementieren Sie SSO-Client-Integration in einer Next.js-Anwendung mit PKCE-Flow, Token-Austausch und httpOnly-Cookie-Speicherung.
Token-Sicherheit 
Konfigurieren Sie JWKS-Endpunkt und clientseitige Token-Verifizierung für Better Auth, einschließlich RS256-Signierung und Token-Validierung.
Produktions-Setup 
Richten Sie Better Auth für die Produktion mit E-Mail-Verifizierung über Resend oder SMTP, Admin-Dashboard und globaler Logout-Funktionalität ein.

أفضل الممارسات

  • Verwenden Sie immer PKCE für öffentliche Clients (SPAs, mobile Apps) anstelle von Client-Secrets
  • Speichern Sie Tokens in httpOnly-Cookies mit SameSite=Lax, niemals in localStorage
  • Validieren Sie Redirect-URIs exakt und konfigurieren Sie vertrauenswürdige Origins für CORS
  • Verwenden Sie RS256 für JWT-Signierung mit automatischer JWKS-Schlüsselrotation

تجنب

  • Speichern von Access-Tokens in localStorage macht sie anfällig für XSS-Angriffe
  • Das Überspringen von PKCE für öffentliche Clients ermöglicht das Abfangen von Autorisierungscodes
  • Verwendung schwacher Hashing-Algorithmen wie MD5 oder SHA1 für Passwort- oder Token-Operationen
  • Hardcodierung von Secrets oder Credentials im Quellcode anstatt in Umgebungsvariablen

الأسئلة المتكررة

Was ist Better Auth?
Better Auth ist eine TypeScript-Authentifizierungsbibliothek, die OAuth 2.1- und OIDC-Konformität mit Plugins für verschiedene Provider bietet.
Wann sollte ich PKCE verwenden?
Verwenden Sie PKCE für alle öffentlichen Clients einschließlich SPAs und mobiler Apps. Es ersetzt Client-Secrets und verhindert den Diebstahl von Autorisierungscodes.
Was ist JWKS?
JSON Web Key Set (JWKS) ist ein Satz öffentlicher Schlüssel zur Verifizierung von JWT-Tokens. Better Auth stellt diese am JWKS-Endpunkt bereit.
Wie speichere ich Tokens sicher?
Speichern Sie Tokens in httpOnly-, Secure-, SameSite=Lax-Cookies. Verwenden Sie niemals localStorage, da es anfällig für XSS-Angriffe ist.
Was ist der Unterschied zwischen OAuth und OIDC?
OAuth behandelt Autorisierung (Berechtigung zum Zugriff auf Ressourcen). OIDC fügt Authentifizierung (Überprüfung der Benutzeridentität) zu OAuth hinzu.
Wie funktioniert globales Logout?
Globales Logout leitet Benutzer zum endsession-Endpunkt des Auth-Servers um, der die SSO-Session über alle verbundenen Anwendungen hinweg löscht.

تفاصيل المطور

المؤلف

Asmayaseen

الترخيص

MIT

المستودع

https://github.com/Asmayaseen/hackathon-2/tree/main/.claude/skills/configuring-better-auth

مرجع

main

بنية الملفات

📁 references/

📄 auth-server-setup.md

📄 sso-client-integration.md

📁 scripts/

📄 verify.py

📄 SKILL.md