LogoShipTanStarter Docs

Authentication

Learn how to set up and use authentication with Better Auth in ShipTanStarter

ShipTanStarter uses Better Auth for authentication, a TypeScript-native authentication library.

Setup

Environment Variables

Generate a random secret and add it to your environment variables file:

openssl rand -base64 32
.env
BETTER_AUTH_SECRET=your_generated_secret

Website Configuration

In most cases, the default configuration works fine. If you need to change it, modify the auth config in src/config/website.ts:

src/config/website.ts
export const websiteConfig: WebsiteConfig = {
  // ...
  auth: {
    enable: true,
    enableGoogleLogin: true,      // Enable Google login
    enableCredentialLogin: true,   // Enable email/password login
    enableDeleteAccount: true,     // Allow users to delete their account
  },
  // ...
};
OptionTypeDefaultDescription
enablebooleantrueEnable/disable authentication
enableGoogleLoginbooleantrueEnable Google OAuth login
enableCredentialLoginbooleanfalseEnable email/password login
enableDeleteAccountbooleantrueAllow users to delete their account

Google OAuth (Optional)

If Google login is enabled, you need to configure Google OAuth:

  1. Go to Google Cloud Console
  2. Create a new project
  3. Go to APIs & Services > Credentials
  4. Click Create Credentials > OAuth client ID
  5. Configure the consent screen if prompted
  6. Select Web application as the application type
  7. Add http://localhost:3000 and https://your-domain.com to Authorized JavaScript origins
  8. Add http://localhost:3000/api/auth/callback/google and https://your-domain.com/api/auth/callback/google to Authorized redirect URIs
  9. Copy the Client ID and Client Secret to your environment variables file:
.env
GOOGLE_CLIENT_ID=your_google_client_id
GOOGLE_CLIENT_SECRET=your_google_client_secret

If you are setting up your environment, you can now go back to the Environment Configuration and continue. The rest of this document can be read later.

Environment Configuration

Set up environment variables

Authentication Architecture

The authentication system in ShipTanStarter consists of the following components:

auth.ts
client.ts
types.ts

Auth Routes

ShipTanStarter provides the following authentication routes:

RouteDescription
/auth/loginLogin page
/auth/registerRegistration page
/auth/forgot-passwordPassword reset request
/auth/reset-passwordPassword reset form
/auth/errorError page

References

Next Steps

Now that you understand how authentication works in ShipTanStarter, you might want to explore these related features:

Email

Configure email services

Payment

Configure Stripe payments

Database

Configure database

Deployment

Deploy to Cloudflare Workers

Storage

Learn how to set up and use Cloudflare R2 for file uploads and media processing

Email

Learn how to set up and use email with Resend or Cloudflare Email Service and React Email templates

On this page

SetupEnvironment VariablesWebsite ConfigurationGoogle OAuth (Optional)Authentication ArchitectureAuth RoutesReferencesNext Steps