[{"data":1,"prerenderedAt":376},["ShallowReactive",2],{"navigation_docs":3,"-getting-started-how-it-works":152,"-getting-started-how-it-works-surround":371},[4,42,68,110,131],{"title":5,"path":6,"stem":7,"children":8,"icon":11},"Getting Started","/getting-started","1.getting-started/0.index",[9,12,17,22,27,32,37],{"title":10,"path":6,"stem":7,"icon":11},"Introduction","i-lucide-sparkles",{"title":13,"path":14,"stem":15,"icon":16},"Installation","/getting-started/installation","1.getting-started/1.installation","i-lucide-download",{"title":18,"path":19,"stem":20,"icon":21},"Configuration","/getting-started/configuration","1.getting-started/2.configuration","i-lucide-settings",{"title":23,"path":24,"stem":25,"icon":26},"Client Setup","/getting-started/client-setup","1.getting-started/3.client-setup","i-lucide-monitor",{"title":28,"path":29,"stem":30,"icon":31},"Type Augmentation","/getting-started/type-augmentation","1.getting-started/4.type-augmentation","i-lucide-type",{"title":33,"path":34,"stem":35,"icon":36},"Schema Generation (NuxtHub)","/getting-started/schema-generation","1.getting-started/5.schema-generation","i-lucide-database",{"title":38,"path":39,"stem":40,"icon":41},"How It Works","/getting-started/how-it-works","1.getting-started/6.how-it-works","i-lucide-workflow",{"title":43,"path":44,"stem":45,"children":46,"page":67},"Core Concepts","/core-concepts","2.core-concepts",[47,51,55,59,63],{"title":48,"path":49,"stem":50},"serverAuth()","/core-concepts/server-auth","2.core-concepts/1.server-auth",{"title":52,"path":53,"stem":54},"Sessions","/core-concepts/sessions","2.core-concepts/2.sessions",{"title":56,"path":57,"stem":58},"Route Protection","/core-concepts/route-protection","2.core-concepts/3.route-protection",{"title":60,"path":61,"stem":62},"Auto‑Imports and Aliases","/core-concepts/auto-imports-aliases","2.core-concepts/4.auto-imports-aliases",{"title":64,"path":65,"stem":66},"Security & Caveats","/core-concepts/security-caveats","2.core-concepts/5.security-caveats",false,{"title":69,"path":70,"stem":71,"children":72,"page":67},"Guides","/guides","3.guides",[73,77,81,85,89,94,98,102,106],{"title":74,"path":75,"stem":76},"Role‑Based Access","/guides/role-based-access","3.guides/1.role-based-access",{"title":78,"path":79,"stem":80},"OAuth Providers","/guides/oauth-providers","3.guides/2.oauth-providers",{"title":82,"path":83,"stem":84},"Custom Database","/guides/custom-database","3.guides/3.custom-database",{"title":86,"path":87,"stem":88},"Database-less Mode","/guides/database-less-mode","3.guides/4.database-less-mode",{"title":90,"path":91,"stem":92,"icon":93},"External Auth Backend","/guides/external-auth-backend","3.guides/5.external-auth-backend","i-lucide-server",{"title":95,"path":96,"stem":97},"Migrating from nuxt-auth-utils","/guides/migrate-from-nuxt-auth-utils","3.guides/6.migrate-from-nuxt-auth-utils",{"title":99,"path":100,"stem":101},"Two-Factor Authentication (TOTP + Backup Codes)","/guides/two-factor-auth","3.guides/7.two-factor-auth",{"title":103,"path":104,"stem":105},"Testing","/guides/testing","3.guides/8.testing",{"title":107,"path":108,"stem":109},"Production Deployment","/guides/production-deployment","3.guides/9.production-deployment",{"title":111,"path":112,"stem":113,"children":114,"page":67},"Integrations","/integrations","4.integrations",[115,119,123,127],{"title":116,"path":117,"stem":118},"NuxtHub","/integrations/nuxthub","4.integrations/1.nuxthub",{"title":120,"path":121,"stem":122},"DevTools","/integrations/devtools","4.integrations/2.devtools",{"title":124,"path":125,"stem":126},"Convex","/integrations/convex","4.integrations/3.convex",{"title":128,"path":129,"stem":130},"i18n","/integrations/i18n","4.integrations/4.i18n",{"title":132,"path":133,"stem":134,"children":135,"page":67},"API Reference","/api","5.api",[136,140,144,148],{"title":137,"path":138,"stem":139},"Composables","/api/composables","5.api/1.composables",{"title":141,"path":142,"stem":143},"Server Utilities","/api/server-utils","5.api/2.server-utils",{"title":145,"path":146,"stem":147},"Components","/api/components","5.api/3.components",{"title":149,"path":150,"stem":151},"Types","/api/types","5.api/4.types",{"id":153,"title":38,"body":154,"description":364,"extension":365,"links":366,"meta":367,"navigation":368,"path":39,"seo":369,"stem":40,"__hash__":370},"docs/1.getting-started/6.how-it-works.md",{"type":155,"value":156,"toc":352},"minimark",[157,162,204,208,310,314],[158,159,161],"h2",{"id":160},"architecture","Architecture",[163,164,165,170,179,183,193,197],"steps",{},[166,167,169],"h3",{"id":168},"initialization","Initialization",[171,172,173,174,178],"p",{},"During build, the module reads ",[175,176,177],"code",{},"server/auth.config.ts"," and generates the auth handler. If using NuxtHub, it also generates the database schema automatically.",[166,180,182],{"id":181},"server-runtime","Server Runtime",[171,184,185,186,189,190,192],{},"The module injects a catch-all API handler at ",[175,187,188],{},"/api/auth/**",". This handler processes all authentication requests (login, logout, session fetching) using the configuration provided in ",[175,191,177],{},".",[166,194,196],{"id":195},"client-runtime","Client Runtime",[171,198,199,200,203],{},"On the client side, ",[175,201,202],{},"useUserSession"," initializes the Better Auth client. It establishes a reactive connection to the session state, ensuring that your UI updates immediately when a user logs in or out.",[158,205,207],{"id":206},"key-responsibilities","Key Responsibilities",[209,210,211,227],"table",{},[212,213,214],"thead",{},[215,216,217,221,224],"tr",{},[218,219,220],"th",{},"Feature",[218,222,223],{},"What it provides",[218,225,226],{},"Side",[228,229,230,245,258,275,292],"tbody",{},[215,231,232,236,242],{},[233,234,235],"td",{},"Server handler",[233,237,238,239],{},"Mounts Better Auth at ",[175,240,241],{},"/api/auth/*",[233,243,244],{},"Server",[215,246,247,249,255],{},[233,248,137],{},[233,250,251,254],{},[175,252,253],{},"useUserSession()"," for reactive state",[233,256,257],{},"Client",[215,259,260,263,273],{},[233,261,262],{},"Server utils",[233,264,265,268,269,272],{},[175,266,267],{},"serverAuth(event?)",", ",[175,270,271],{},"getUserSession(event)",", etc.",[233,274,244],{},[215,276,277,280,289],{},[233,278,279],{},"Route protection",[233,281,282,285,286],{},[175,283,284],{},"routeRules.auth"," and ",[175,287,288],{},"definePageMeta({ auth })",[233,290,291],{},"Both",[215,293,294,297,307],{},[233,295,296],{},"Type augmentation",[233,298,299,300,285,303,306],{},"Inferred ",[175,301,302],{},"AuthUser",[175,304,305],{},"AuthSession"," types",[233,308,309],{},"Build",[158,311,313],{"id":312},"request-flow","Request Flow",[315,316,317,321,332,335,341,344,347],"ol",{},[318,319,320],"li",{},"User visits a protected page",[318,322,323,324,327,328,331],{},"Route middleware checks ",[175,325,326],{},"auth"," rule in ",[175,329,330],{},"routeRules"," or page meta",[318,333,334],{},"If not authenticated, redirects to login page",[318,336,337,338],{},"User submits credentials to ",[175,339,340],{},"/api/auth/sign-in/email",[318,342,343],{},"Better Auth validates credentials and creates session",[318,345,346],{},"Session cookie is set, user redirected to original page",[318,348,349,351],{},[175,350,253],{}," reads session from cookie, updates reactive state",{"title":353,"searchDepth":354,"depth":354,"links":355},"",2,[356,362,363],{"id":160,"depth":354,"text":161,"children":357},[358,360,361],{"id":168,"depth":359,"text":169},3,{"id":181,"depth":359,"text":182},{"id":195,"depth":359,"text":196},{"id":206,"depth":354,"text":207},{"id":312,"depth":354,"text":313},"Understand the architecture after completing setup.","md",null,{},{"icon":41},{"title":38,"description":364},"7E0h9JE8TXQe7u8PFSO57MOj4XJ9zV7zpRv3zFhDTlA",[372,374],{"title":33,"path":34,"stem":35,"description":373,"icon":36,"children":-1},"Auto-generate Drizzle ORM schemas for Better Auth tables when using NuxtHub.",{"title":48,"path":49,"stem":50,"description":375,"children":-1},"When to reach for the full Better Auth server instance.",1774609703822]