Authentication
Authentication is handled by Better Auth, providing a secure and complete authentication system.
Features
- Google SSO Only: Users authenticate exclusively with Google.
- Session Management: Secure session handling.
- Protected Routes: Middleware to protect authenticated routes.
Configuration
The authentication configuration is located in your environment variables:
BETTER_AUTH_SECRET="your-secret-key"
BETTER_AUTH_URL="http://localhost:5173"
Google OAuth Setup
To configure Google Sign-In:
- Get your Client ID and Secret from the provider's developer console.
- Add them to your
.envfile:
GOOGLE_CLIENT_ID="your-client-id"
GOOGLE_CLIENT_SECRET="your-client-secret"
- Make sure
src/lib/auth.tsincludes the Google provider undersocialProviders.
Protecting Routes
To protect a route, you can check for the session in your route loader or component:
import { redirect } from '@tanstack/react-router'
// Import your auth client/session helper
export const Route = createFileRoute('/dashboard')({
beforeLoad: async ({ context }) => {
const session = await getSession();
if (!session) {
throw redirect({
to: '/login',
})
}
},
})
API Routes
Authentication endpoints are automatically handled by Better Auth.
This app mounts Better Auth at /api/auth/$ and uses Google social sign-in from /login.