Skip to content

Authentication system

The authentication system is handled by the Better Auth library, which provides most features you will ever need, plus some more.

Better-auth is heavily plugin-based, we propose a few guides on how to add some specific features like organizations, admin, etc.

Better-auth is using your database to store all of its data. Depending on the ORM you use, you might need to create some entities to store the data.

We use MikroORM in this boilerplate, and you can find the entities in the auth module.

The boilerplate ships a custom MikroORM adapter for Better Auth (see auth-db.adapter.ts), replacing the community better-auth-mikro-orm package. It includes a CLI integration to auto-generate entity code via pnpm auth:generate:

Terminal window
pnpm auth:generate # auth generate --config src/modules/auth/auth.cli.mts --yes

When adding a Better Auth plugin:

  1. Add the plugin in auth.config.ts
  2. Run pnpm auth:generate to scaffold missing entities/fields
  3. Move the generated code into the entity files and register them in db.config.ts
  4. Run pnpm db:migrate:create to create the MikroORM migration
  5. Run auth tests to verify alignment

Better-auth provides server and client methods, see the Better Auth documentation for more details.

Better-auth provides a OpenAPI schema and a live documentation of your API endpoints. You can find it at http://localhost:3000/api/auth/reference by default.

  1. Delete the auth module from apps/api/src/modules/auth
  2. Remove the AuthModule from apps/api/src/app.module.ts
  3. Remove the following dependencies from apps/api/package.json:
"better-auth",
"auth"
  1. Remove the following dependencies from the frontend apps
"better-auth",
  1. Remove the following env variables from apps/api/.env:
BETTER_AUTH_SECRET=