# Integrate Better Auth in Next.js

Authentication in App Router projects often spans server components, middleware, sessions, and client state. This skill gives Claude, Codex, and Claude Code a focused checklist for implementing Better Auth patterns.

## Install

```bash
npx skillstore add claude/abdul-haseeb360-next-js-better-auth-integration
```

## Metadata

- - Status: approved
- - Slug: abdul-haseeb360-next-js-better-auth-integration
- - Version: 1.0.0
- - Author: Claude
- - GitHub username: Abdul-Haseeb360
- - License: MIT
- - Repository: https://github.com/Abdul-Haseeb360/Hackathon-II-AI-Native-Systems/tree/main/.claude/skills/nextjs-better-auth
- - Ref: main
- - Supported tools: Claude, Codex, Claude Code
- - Risk level: safe
- - Quality score: 80
- - Quality tier: silver
- - Public page: https://skillstore.pages.dev/skills/abdul-haseeb360-next-js-better-auth-integration
- - Manifest: https://skillstore.pages.dev/api/skills/abdul-haseeb360-next-js-better-auth-integration/manifest

## Capabilities

- Outlines Better Auth initialization steps for Next.js App Router projects.
- Guides session access across server components and client components.
- Describes protected route patterns using middleware and redirects.
- Lists JWT, cookie, CSRF, rate limiting, and secret management considerations.
- Frames expected inputs and outputs for authentication implementation work.

## Use Cases

- Add Authentication to a New App: Plan Better Auth setup, session context, and protected pages before writing implementation code.
- Review Auth Architecture: Check whether session handling, redirects, token behavior, and cookie settings are covered.
- Prepare Implementation Tasks: Convert authentication requirements into focused work items for App Router, middleware, and UI states.

## Prompt Templates

### Plan Basic Setup

```
Use this skill to outline the Better Auth setup steps for my Next.js App Router project. Include required files, session flow, and environment variables.
```

### Design Protected Routes

```
Use this skill to design protected route behavior for these pages: dashboard, settings, and billing. Include unauthenticated redirects and session checks.
```

### Review Session Security

```
Use this skill to review my planned Better Auth session strategy. Focus on cookies, JWT expiration, CSRF protection, rate limiting, and secret handling.
```

### Create an Auth Migration Plan

```
Use this skill to create a phased migration plan from custom auth to Better Auth in a Next.js App Router app with social login and protected server components.
```

## Limitations

- Provides conceptual guidance, not a complete generated application.
- Does not include framework-specific code snippets for every Better Auth version.
- Assumes the project already uses the Next.js App Router.
- Requires human review for provider settings, secrets, and production security policy.

## Best Practices

- Start with session and provider requirements before changing routes.
- Keep authentication secrets in managed environment variables.
- Test expired sessions, invalid tokens, and unauthenticated access paths.

## Anti Patterns

- Do not store session tokens in insecure client-side storage.
- Do not protect pages only with client-side checks.
- Do not ship authentication flows without rate limiting and CSRF review.

## Security Audit

- - Safe to publish: true
- - Audited at: 2026-06-28T03:55:54.641\+00:00
- - Summary: Reviewed the three static findings in SKILL.md and found no confirmed malicious or unsafe behavior. The flagged lines are descriptive authentication guidance, not executable code, credential access, weak cryptography, or network reconnaissance. No prompt injection attempt or data exfiltration intent was found.

## Stats

- - Views: 186
- - Downloads: 5
- - Favorites: 0
- - Popularity score: 0
