cyber-security-one/nuxt-better-auth
.tessl/tiles/onmax/nuxt-skills/skills/nuxt-better-auth/SKILL.md
Use when implementing auth in Nuxt apps with @onmax/nuxt-better-auth - provides useUserSession composable, server auth helpers, route protection, and Better Auth plugins integration.
tools
Updated Apr 4, 2026
$ install --global
skillsauthnpx skillsauth add cyber-security-one/security-one-waf-website nuxt-better-authInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 4, 2026, 3:51 PM138.2s9 files scanned
SKILL.md
- name:
- nuxt-better-auth
- description:
- Use when implementing auth in Nuxt apps with @onmax/nuxt-better-auth - provides useUserSession composable, server auth helpers, route protection, and Better Auth plugins integration.
- license:
- MIT
Nuxt Better Auth
Authentication module for Nuxt 4+ built on Better Auth. Provides composables, server utilities, and route protection.
Alpha Status: This module is currently in alpha (v0.0.2-alpha.19) and not recommended for production use. APIs may change.
When to Use
- Installing/configuring
@onmax/nuxt-better-auth - Implementing login/signup/signout flows
- Protecting routes (client and server)
- Accessing user session in API routes
- Integrating Better Auth plugins (admin, passkey, 2FA)
- Setting up database with NuxtHub
- Using clientOnly mode for external auth backends
- Adding i18n support with
@nuxtjs/i18n
For Nuxt patterns: use nuxt skill
For NuxtHub database: use nuxthub skill
Available Guidance
| File | Topics | | -------------------------------------------------------------------- | ---------------------------------------------------------------------- | | references/installation.md | Module setup, env vars, config files | | references/client-auth.md | useUserSession, signIn/signUp/signOut, BetterAuthState, safe redirects | | references/server-auth.md | serverAuth, getUserSession, requireUserSession | | references/route-protection.md | routeRules, definePageMeta, middleware | | references/plugins.md | Better Auth plugins (admin, passkey, 2FA) | | references/database.md | NuxtHub integration, Drizzle schema, custom tables with FKs | | references/client-only.md | External auth backend, clientOnly mode, CORS | | references/types.md | AuthUser, AuthSession, type augmentation |
Loading Files
Consider loading these reference files based on your task:
- [ ] references/installation.md - if installing or configuring the module
- [ ] references/client-auth.md - if building login/signup/signout flows
- [ ] references/server-auth.md - if protecting API routes or accessing user session server-side
- [ ] references/route-protection.md - if using routeRules or definePageMeta for auth
- [ ] references/plugins.md - if integrating Better Auth plugins (admin, passkey, 2FA)
- [ ] references/database.md - if setting up database with NuxtHub or Drizzle
- [ ] references/client-only.md - if using external auth backend with clientOnly mode
- [ ] references/types.md - if working with AuthUser, AuthSession, or type augmentation
DO NOT load all files at once. Load only what's relevant to your current task.
Key Concepts
| Concept | Description |
| ---------------------- | --------------------------------------------------------------- |
| useUserSession() | Client composable - user, session, loggedIn, signIn/Out methods |
| requireUserSession() | Server helper - throws 401/403 if not authenticated |
| auth route mode | 'user', 'guest', { user: {...} }, or false |
| serverAuth() | Get Better Auth instance in server routes |
Quick Reference
// Client: useUserSession()
const { user, loggedIn, signIn, signOut } = useUserSession()
await signIn.email({ email, password }, { onSuccess: () => navigateTo('/') })
// Server: requireUserSession()
const { user } = await requireUserSession(event, { user: { role: 'admin' } })
// nuxt.config.ts: Route protection
routeRules: {
'/admin/**': { auth: { user: { role: 'admin' } } },
'/login': { auth: 'guest' },
'/app/**': { auth: 'user' }
}
Resources
- Module Docs
- Better Auth Docs
Token efficiency: Main skill ~300 tokens, each sub-file ~800-1200 tokens
Related Skills
cyber-security-one/vueuse
development
VerifiedTrustedCommunity
Use when working with VueUse composables - provides reactive utilities for state, browser APIs, sensors, network, animations. Check VueUse before writing custom composables - most patterns already implemented.
SKILL.mdUpdated Apr 4, 2026
cyber-security-one/vue
development
VerifiedTrustedCommunity
Use when editing .vue files, creating Vue 3 components, writing composables, or testing Vue code - provides Composition API patterns, props/emits best practices, VueUse integration, and reactive destructuring guidance
SKILL.mdUpdated Apr 4, 2026
cyber-security-one/vitest
development
VerifiedTrustedCommunity
Use when writing unit/integration tests for Vite projects - provides Vitest configuration, test APIs, mocking patterns, and coverage setup
SKILL.mdUpdated Apr 4, 2026
cyber-security-one/vite
tools
VerifiedTrustedCommunity
Vite build tool configuration, plugin API, SSR, and Vite 8 Rolldown migration. Use when working with Vite projects, vite.config.ts, Vite plugins, or building libraries/SSR apps with Vite.
SKILL.mdUpdated Apr 4, 2026