authentication-logic
Guide to using Better Auth for client and server-side authentication.
Best use case
authentication-logic is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Guide to using Better Auth for client and server-side authentication.
Teams using authentication-logic should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/authentication-logic/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How authentication-logic Compares
| Feature / Agent | authentication-logic | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Guide to using Better Auth for client and server-side authentication.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Authentication Logic
## Overview
We use **Better Auth** (`better-auth`) for identifying users.
## Config
- **Client**: `lib/auth-client.ts` exports `authClient`.
- **Server**: `lib/auth.ts` exports `auth`.
## Client-Side Usage
Use `authClient` for signing in, signing out, and checking session state in Client Components.
```tsx
import { authClient } from "@/lib/auth-client";
// Sign In
await authClient.signIn.email({
email,
password,
});
// Social Sign In
await authClient.signIn.social({
provider: "google",
callbackURL: "/onboarding",
});
// Sign Out
await authClient.signOut();
```
## Server-Side Usage
Use `auth.api.getSession` for protecting API routes or Server Actions.
```ts
import { auth } from "@/lib/auth";
import { headers } from "next/headers";
const session = await auth.api.getSession({
headers: await headers()
});
if (!session) {
return new Response("Unauthorized", { status: 401 });
}
```
## AuthBar Component
- Located at `textbook/src/components/AuthBar/index.tsx`.
- Displays user avatar or login button.
- Fetches session from `/api/auth/session` (Next.js API route proxying Better Auth).Related Skills
retry-logic-helper
Retry Logic Helper - Auto-activating skill for API Integration. Triggers on: retry logic helper, retry logic helper Part of the API Integration skill category.
building-api-authentication
Build secure API authentication systems with OAuth2, JWT, API keys, and session management. Use when implementing secure authentication flows. Trigger with phrases like "build authentication", "add API auth", or "secure the API".
validating-authentication-implementations
This skill enables Claude to validate authentication implementations against security best practices and industry standards. It analyzes various authentication methods, including JWT, OAuth, session-based authentication, and API keys. Use this skill when you need to perform an authentication security check, assess password policies, evaluate MFA implementation, or analyze session security. Trigger this skill with phrases like "validate authentication," "authentication check," or "authcheck."
firebase-ai-logic
Integrate Firebase AI Logic (Gemini in Firebase) for intelligent app features. Use when adding AI capabilities to Firebase apps, implementing generative AI features, or setting up Firebase AI SDK. Handles Firebase AI SDK setup, prompt engineering, and AI-powered features.
authentication-setup
Design and implement authentication and authorization systems. Use when setting up user login, JWT tokens, OAuth, session management, or role-based access control. Handles password security, token management, SSO integration.
microsoft-azure-webjobs-extensions-authentication-events-dotnet
Microsoft Entra Authentication Events SDK for .NET. Azure Functions triggers for custom authentication extensions. Use for token enrichment, custom claims, attribute collection, and OTP customization in Entra ID. Triggers: "Authentication Events", "WebJobsAuthenticationEventsTrigger", "OnTokenIssuanceStart", "OnAttributeCollectionStart", "custom claims", "token enrichment", "Entra custom extension", "authentication extension".
reasoning-analogical
Transfer knowledge from source domains to novel target situations through structural mapping. Use when facing new markets, products, or situations where past experience provides relevant patterns. Produces adapted solutions with explicit mappings and context adjustments.
delon-auth-authentication-authorization
Implement authentication and authorization using @delon/auth. Use this skill when adding login/logout flows, JWT token management, role-based access control (RBAC), route guards, HTTP interceptors, and session management. Integrates with Firebase Auth and custom permission systems. Ensures secure token storage, automatic token refresh, and consistent authorization checks across components and services.
Lucia Auth — Simple Authentication
You are an expert in Lucia, the lightweight authentication library for TypeScript. You help developers implement session-based authentication with email/password, OAuth (Google, GitHub, Discord), magic links, and two-factor authentication — providing a simple, database-agnostic auth layer that you understand and control, without the complexity of full auth platforms.
Kotlin Multiplatform — Shared Business Logic for Mobile
## Overview
Clerk Authentication
Drop-in authentication for modern web apps. Handles login UI, social providers, session management, organizations, and RBAC.
Auth.js (NextAuth) — Authentication for the Web
You are an expert in Auth.js (formerly NextAuth.js), the authentication library for web frameworks. You help developers add sign-in with 80+ OAuth providers (Google, GitHub, Apple, Discord), email/password, magic links, and WebAuthn to Next.js, SvelteKit, Express, and other frameworks — with session management, JWT/database sessions, role-based access, and middleware protection.