LogoShipSaaS

Authentication

Learn how to set up and use authentication using Better Auth in ShipSaaS

ShipSaaS uses Better Auth for authentication, which is a TypeScript-native authentication library.

Setup

Environment Variables

Generate a random secret and add it to your environment variable file:

openssl rand -base64 32

.env

BETTER_AUTH_SECRET=your_generated_secret

Website Configuration

In general, you can keep the default configurations. If you need to make changes, you can modify the auth config in src/config/website.ts:

export const websiteConfig: WebsiteConfig = {
  // ...
  auth: {
    enable: true,
    enableGoogleLogin: true,     // Whether to enable Google login
    enableCredentialLogin: true, // Whether to enable email/password login
    enableDeleteAccount: true,   // Whether to support deleting accounts
  },
  // ...
};
OptionTypeDefaultDescription
enablebooleantrueEnable/disable authentication
enableGoogleLoginbooleantrueEnable Google OAuth login
enableCredentialLoginbooleanfalseEnable email/password login
enableDeleteAccountbooleantrueAllow users to delete accounts

Google OAuth (Optional)

If Google login is enabled, you need to configure Google OAuth:

  1. Go to the Google Cloud Console
  2. Create a new project
  3. Navigate to APIs & Services > Credentials
  4. Click Create Credentials > OAuth client ID
  5. Configure the OAuth consent screen if required
  6. Select Web application as the application type
  7. Add http://localhost:3000 and https://your-domain.com to Authorized JavaScript origins
  8. Add http://localhost:3000/api/auth/callback/google and https://your-domain.com/api/auth/callback/google to Authorized redirect URIs
  9. Add the Client ID and Client Secret to your environment variable file:

.env

GOOGLE_CLIENT_ID=your_google_client_id
GOOGLE_CLIENT_SECRET=your_google_client_secret

If you are setting up your environment, you can now return to the Environment Configuration document and continue. The remainder of this document can be read later.

Environment configuration set environment variables

Authentication System Architecture

The authentication system in ShipSaaS consists of the following components:

src

  • auth/
    • auth.ts
    • client.ts
    • types.ts
  • components/
  • routes/
  • middlewares/

Authentication Routes

ShipSaaS provides the following authentication routes:

RouteDescription
/auth/loginLogin page
/auth/registerRegistration page
/auth/forgot-passwordPassword reset request
/auth/reset-passwordPassword reset form
/auth/errorError page

References

Next Steps

Now that you understand how authentication works in ShipSaaS, you may want to explore these related features:

Storage

Learn how to set up and use Cloudflare R2 for file uploading and media handling

Email

Learn how to configure and use emails with Resend or Cloudflare Email Service and React Email templates

On this page

SetupEnvironment VariablesWebsite ConfigurationGoogle OAuth (Optional)Authentication System ArchitectureAuthentication RoutesReferencesNext Steps