Nuxt Better Auth

Name: Nuxt Better Auth
Author: onmax

onmax/nuxt-skills·MIT

Add Better Auth–based login, session, and route protection to a Nuxt 4+ app using @onmax/nuxt-better-auth composables and server helpers.

Overview

nuxt-better-auth is an agent skill for the Build phase that implements Better Auth in Nuxt 4+ via @onmax/nuxt-better-auth composables, server helpers, and route protection.

Install

npx skills add https://github.com/onmax/nuxt-skills --skill nuxt-better-auth

What is this skill?

Built on Better Auth with `useUserSession` and server-side auth utilities for Nuxt 4+
Covers login, signup, signout, client and server route protection
Reference docs for installation, client auth, NuxtHub database, clientOnly mode, and i18n
Better Auth plugin integration paths (admin, passkey, 2FA)
Explicit alpha warning (v0.0.2-alpha.19)—APIs may change; not production-recommended per skill
Module documented as alpha v0.0.2-alpha.19 in the skill README
Reference table links installation, client auth, and related guidance files

Compatible agents: Claude Code, Cursor, Codex, Windsurf

Adoption & trust: 1.4k installs on skills.sh; 674 GitHub stars; 3/3 security scanners passed (skills.sh audits).

What problem does it solve?

You are shipping a Nuxt app but lack a coherent plan for sessions, protected routes, and server API auth aligned with Better Auth.

Who is it for?

Solo builders on Nuxt 4+ prototyping SaaS auth who accept alpha-module risk and want structured install and protection steps.

Skip if: Production-hardened auth on stable stacks without Nuxt, or teams that cannot use an alpha auth module (v0.0.2-alpha.19) per the skill’s own guidance.

When should I use this skill?

Installing or configuring @onmax/nuxt-better-auth; implementing login/signup/signout; protecting routes; accessing session in API routes; integrating Better Auth plugins, NuxtHub, clientOnly mode, or i18n.

What do I get? / Deliverables

You configure the module, wire login/signup/signout, protect routes on client and server, and optionally enable plugins or NuxtHub-backed storage following the reference guides.

Configured @onmax/nuxt-better-auth module and env layout
Working auth flows and protected route layout
Server API handlers that read the authenticated session

Recommended Skills

Entra App Registrationmicrosoft/azure-skills

Walkthrough for Microsoft Entra ID app registration, OAuth configuration, and MSAL-based authentication setup.374k installs·1.2k stars

Azure Aigatewaymicrosoft/azure-skills

Quick reference for building and operating Azure API Management as an AI gateway using ARM .NET SDK and policy best prac…373k installs·1.2k stars

Lark Openapi Explorerlarksuite/cli

Escalation path for uncovered Lark/Feishu APIs: browse official OpenAPI docs and execute via lark-cli.208k installs·13.7k stars

Supabasesupabase/agent-skills

Authoritative Supabase agent skill for database, auth, edge functions, and client SSR with emphasis on up-to-date docs, …111k installs·2.2k stars

Firebase Auth Basicsfirebase/agent-skills

firebase-auth-basics is a guided agent skill for solo builders implementing Firebase Authentication in web or mobile-bac…75.7k installs·345 stars

Firebase Data Connectfirebase/agent-skills

Firebase Data Connect is an agent skill that equips solo builders to design relational data layers on Firebase using Gra…73.2k installs·345 stars

Journey fit

Primary fit

BuildBackend, data & payments

Authentication and session plumbing are core backend build work before you can ship a secured SaaS or API-backed Nuxt product. The module covers server auth helpers, API session access, and plugins (admin, passkey, 2FA)—backend integration on the Nuxt server layer.

Also useful

ShipSecurity

How it compares

Nuxt-specific Better Auth module guidance—not a generic OAuth MCP server or hosted auth SaaS wizard.

Common Questions / FAQ

Who is nuxt-better-auth for?

Indie developers building Nuxt 4+ products who want Better Auth integrated through @onmax/nuxt-better-auth with agent-assisted setup and route protection.

When should I use nuxt-better-auth?

During Build backend work when you install the module, implement auth flows, protect routes, access sessions in API handlers, or integrate passkey/2FA/admin plugins—before Ship security review.

Is nuxt-better-auth safe to install?

The skill describes an alpha module that touches secrets and user data; review the Security Audits panel on this Prism page and treat production deployment as high risk until the module stabilizes.

SKILL.md

READMESKILL.md - Nuxt Better Auth

# Nuxt Better Auth

Authentication module for Nuxt 4+ built on [Better Auth](https://www.better-auth.com/). Provides composables, server utilities, and route protection.

> **Alpha Status**: This module is currently in alpha (v0.0.2-alpha.19) and not recommended for production use. APIs may change.

## When to Use

- Installing/configuring `@onmax/nuxt-better-auth`
- Implementing login/signup/signout flows
- Protecting routes (client and server)
- Accessing user session in API routes
- Integrating Better Auth plugins (admin, passkey, 2FA)
- Setting up database with NuxtHub
- Using clientOnly mode for external auth backends
- Adding i18n support with `@nuxtjs/i18n`

**For Nuxt patterns:** use `nuxt` skill
**For NuxtHub database:** use `nuxthub` skill

## Available Guidance

| File                                                                 | Topics                                                                 |
| -------------------------------------------------------------------- | ---------------------------------------------------------------------- |
| **[references/installation.md](references/installation.md)**         | Module setup, env vars, config files                                   |
| **[references/client-auth.md](references/client-auth.md)**           | useUserSession, signIn/signUp/signOut, BetterAuthState, safe redirects |
| **[references/server-auth.md](references/server-auth.md)**           | serverAuth, getUserSession, requireUserSession                         |
| **[references/route-protection.md](references/route-protection.md)** | routeRules, definePageMeta, middleware                                 |
| **[references/plugins.md](references/plugins.md)**                   | Better Auth plugins (admin, passkey, 2FA)                              |
| **[references/database.md](references/database.md)**                 | NuxtHub integration, Drizzle schema, custom tables with FKs            |
| **[references/client-only.md](references/client-only.md)**           | External auth backend, clientOnly mode, CORS                           |
| **[references/types.md](references/types.md)**                       | AuthUser, AuthSession, type augmentation                               |

## Loading Files

**Consider loading these reference files based on your task:**

- [ ] [references/installation.md](references/installation.md) - if installing or configuring the module
- [ ] [references/client-auth.md](references/client-auth.md) - if building login/signup/signout flows
- [ ] [references/server-auth.md](references/server-auth.md) - if protecting API routes or accessing user session server-side
- [ ] [references/route-protection.md](references/route-protection.md) - if using routeRules or definePageMeta for auth
- [ ] [references/plugins.md](references/plugins.md) - if integrating Better Auth plugins (admin, passkey, 2FA)
- [ ] [references/database.md](references/database.md) - if setting up database with NuxtHub or Drizzle
- [ ] [references/client-only.md](references/client-only.md) - if using external auth backend with clientOnly mode
- [ ] [references/types.md](references/types.md) - if working with AuthUser, AuthSession, or type augmentation

**DO NOT load all files at once.** Load only what's relevant to your current task.

## Key Concepts

| Concept                | Description                                                     |
| ---------------------- | --------------------------------------------------------------- |
| `useUserSession()`     | Client composable - user, session, loggedIn, signIn/Out methods |
| `requireUserSession()` | Server helper - throws 401/403 if not authenticated             |
| `auth` route mode      | `'user'`, `'guest'`, `{ user: {...}

What is this skill?

Built on Better Auth with `useUserSession` and server-side auth utilities for Nuxt 4+

Covers login, signup, signout, client and server route protection

Reference docs for installation, client auth, NuxtHub database, clientOnly mode, and i18n

Better Auth plugin integration paths (admin, passkey, 2FA)

Explicit alpha warning (v0.0.2-alpha.19)—APIs may change; not production-recommended per skill

Module documented as alpha v0.0.2-alpha.19 in the skill README

Reference table links installation, client auth, and related guidance files

Compatible agents: Claude Code, Cursor, Codex, Windsurf

Adoption & trust: 1.4k installs on skills.sh; 674 GitHub stars; 3/3 security scanners passed (skills.sh audits).

What do I get? / Deliverables

You configure the module, wire login/signup/signout, protect routes on client and server, and optionally enable plugins or NuxtHub-backed storage following the reference guides.

Configured @onmax/nuxt-better-auth module and env layout

Working auth flows and protected route layout

Server API handlers that read the authenticated session

Journey fit

Primary fit

BuildBackend, data & payments

Also useful

ShipSecurity

SKILL.md

READMESKILL.md - Nuxt Better Auth

# Nuxt Better Auth

Authentication module for Nuxt 4+ built on [Better Auth](https://www.better-auth.com/). Provides composables, server utilities, and route protection.

> **Alpha Status**: This module is currently in alpha (v0.0.2-alpha.19) and not recommended for production use. APIs may change.

## When to Use

- Installing/configuring `@onmax/nuxt-better-auth`
- Implementing login/signup/signout flows
- Protecting routes (client and server)
- Accessing user session in API routes
- Integrating Better Auth plugins (admin, passkey, 2FA)
- Setting up database with NuxtHub
- Using clientOnly mode for external auth backends
- Adding i18n support with `@nuxtjs/i18n`

**For Nuxt patterns:** use `nuxt` skill
**For NuxtHub database:** use `nuxthub` skill

## Available Guidance

| File                                                                 | Topics                                                                 |
| -------------------------------------------------------------------- | ---------------------------------------------------------------------- |
| **[references/installation.md](references/installation.md)**         | Module setup, env vars, config files                                   |
| **[references/client-auth.md](references/client-auth.md)**           | useUserSession, signIn/signUp/signOut, BetterAuthState, safe redirects |
| **[references/server-auth.md](references/server-auth.md)**           | serverAuth, getUserSession, requireUserSession                         |
| **[references/route-protection.md](references/route-protection.md)** | routeRules, definePageMeta, middleware                                 |
| **[references/plugins.md](references/plugins.md)**                   | Better Auth plugins (admin, passkey, 2FA)                              |
| **[references/database.md](references/database.md)**                 | NuxtHub integration, Drizzle schema, custom tables with FKs            |
| **[references/client-only.md](references/client-only.md)**           | External auth backend, clientOnly mode, CORS                           |
| **[references/types.md](references/types.md)**                       | AuthUser, AuthSession, type augmentation                               |

## Loading Files

**Consider loading these reference files based on your task:**

- [ ] [references/installation.md](references/installation.md) - if installing or configuring the module
- [ ] [references/client-auth.md](references/client-auth.md) - if building login/signup/signout flows
- [ ] [references/server-auth.md](references/server-auth.md) - if protecting API routes or accessing user session server-side
- [ ] [references/route-protection.md](references/route-protection.md) - if using routeRules or definePageMeta for auth
- [ ] [references/plugins.md](references/plugins.md) - if integrating Better Auth plugins (admin, passkey, 2FA)
- [ ] [references/database.md](references/database.md) - if setting up database with NuxtHub or Drizzle
- [ ] [references/client-only.md](references/client-only.md) - if using external auth backend with clientOnly mode
- [ ] [references/types.md](references/types.md) - if working with AuthUser, AuthSession, or type augmentation

**DO NOT load all files at once.** Load only what's relevant to your current task.

## Key Concepts

| Concept                | Description                                                     |
| ---------------------- | --------------------------------------------------------------- |
| `useUserSession()`     | Client composable - user, session, loggedIn, signIn/Out methods |
| `requireUserSession()` | Server helper - throws 401/403 if not authenticated             |
| `auth` route mode      | `'user'`, `'guest'`, `{ user: {...}

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is nuxt-better-auth for?

When should I use nuxt-better-auth?

Is nuxt-better-auth safe to install?

SKILL.md

This week for builders

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is nuxt-better-auth for?

When should I use nuxt-better-auth?

Is nuxt-better-auth safe to install?

SKILL.md