A modern authentication starter built with TanStack Start and Better Auth. Features email/password authentication with email verification and Google OAuth integration.
- 🔐 Multiple Authentication Methods
- Email/password with email verification
- Google OAuth integration
- 📧 Email Verification via Mailjet
- 🗃️ Database Ready with Docker Compose
- 🛡️ Protected Routes
- Node.js (v18 or higher)
- pnpm
- Docker & Docker Compose
git clone git@github.com:janwolfram/start-better-auth.git start-better-auth
cd start-better-auth
pnpm installCreate a .env file in the root directory:
# Database
DATABASE_URL="postgresql://postgres:example@localhost:5432/postgres"
# Better Auth
BETTER_AUTH_SECRET="your-super-secret-key-here"
BETTER_AUTH_URL="http://localhost:3000"
# Email Verification (Mailjet)
MAILJET_API_KEY="your-mailjet-api-key"
MAILJET_SECRET_KEY="your-mailjet-secret-key"
MAILJET_FROM_EMAIL="noreply@yourdomain.com"
# Google OAuth
GOOGLE_CLIENT_ID="your-google-client-id"
GOOGLE_CLIENT_SECRET="your-google-client-secret"pnpm db:startThis will start the PostgreSQL database container in the background.
pnpm db:pushThis command pushes the database schema to your running database.
pnpm devYour application will be available at http://localhost:3000
| Route | Description | Access |
|---|---|---|
/ |
Index page | Public |
/sign-in |
Sign in form | Public |
/sign-up |
Sign up form | Public |
/protected |
Protected content | Authenticated only |
- Create a Mailjet account
- Get your API key and secret from the Mailjet dashboard
- Add the credentials to your
.envfile - Configure your sender email address
- Go to the Google Cloud Console
- Create a new project or select an existing one
- Create OAuth 2.0 credentials
- Add your client ID and secret to
.env - Configure authorized redirect URIs:
http://localhost:3000/api/auth/callback/google(development)https://yourdomain.com/api/auth/callback/google(production)
├── src/
│ ├── routes/ # TanStack Start routes
| | ├── __dashboard/
| | | ├── index.tsx # Index page
| | | └── protected.tsx # Protected route
| | ├── __auth/
| | | ├── sign-in.tsx # Sign in page
| | | └── sign-up.tsx # Sign up page
│ ├── lib/
| | ├── better-auth/
| | | ├── auth.ts # Better Auth configuration
| | └── ...
├── docker-compose.yml # Database container setup
├── package.json
└── README.md
Make sure to update these environment variables for production:
BETTER_AUTH_URL="https://yourdomain.com"
DATABASE_URL="your-production-database-url"For production deployments, ensure your database schema is up to date:
pnpm db:pushor run the migration scripts.
- Email Verification: Prevents registration with invalid email addresses
- Secure Sessions: Better Auth handles secure session management
- Protected Routes: Automatic redirection for unauthenticated users
- OAuth Integration: Secure Google authentication flow
# Install dependencies
pnpm install
# Start development server
pnpm dev
# Start database
pnpm db:start
# Stop database
pnpm db:stop
# Push database schema
pnpm db:push
# Build for production
pnpm build
# Start production server
pnpm start
# Generate migration
pnpm db:generate
# Migrate migration
pnpm db:migrate
# Delete database
pnpm db:clear
# Reset database
pnpm db:reset
# Open drizzle studio
pnpm db:studio- Fork the repository
- Create your feature branch (
git checkout -b new-feature) - Commit your changes (
git commit -m 'Add some stuff') - Push to the branch (
git push origin new-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- TanStack Start - Modern full-stack React framework
- Better Auth - Comprehensive authentication library
- Mailjet - Email delivery service