Struct AuthConfig 

pub struct AuthConfig {
    pub secret: String,
    pub app_name: String,
    pub base_url: String,
    pub base_path: String,
    pub trusted_origins: Vec<String>,
    pub disabled_paths: Vec<String>,
    pub session: SessionConfig,
    pub jwt: JwtConfig,
    pub password: PasswordConfig,
    pub account: AccountConfig,
    pub email_provider: Option<Arc<dyn EmailProvider>>,
    pub advanced: AdvancedConfig,
}

Main configuration for BetterAuth

Fields

secret: String

Secret key for signing tokens and sessions

app_name: String

Application name, used for cookie prefixes, email templates, etc.

Defaults to "Better Auth".

base_url: String

Base URL for the authentication service (e.g. "http://localhost:3000").

base_path: String

Base path where the auth routes are mounted.

All routes handled by BetterAuth will be prefixed with this path. For example, with the default "/api/auth", the sign-in route becomes "/api/auth/sign-in/email".

Defaults to "/api/auth".

trusted_origins: Vec<String>

Origins that are trusted for CSRF and other cross-origin checks.

Supports glob patterns (e.g. "https://*.example.com"). These are shared across all middleware that needs origin validation (CSRF, CORS, etc.).

disabled_paths: Vec<String>

Paths that should be disabled (skipped) by the router.

Any request whose path matches an entry in this list will receive a 404 response, even if a handler is registered for it.

session: SessionConfig

Session configuration

jwt: JwtConfig

JWT configuration

password: PasswordConfig

Password configuration

account: AccountConfig

Account configuration (linking, token encryption, etc.)

email_provider: Option<Arc<dyn EmailProvider>>

Email provider for sending emails (verification, password reset, etc.)

advanced: AdvancedConfig

Advanced configuration options

Implementations

impl AuthConfig

pub fn new(secret: impl Into<String>) -> Self

pub fn app_name(self, name: impl Into<String>) -> Self

Set the application name.

pub fn base_url(self, url: impl Into<String>) -> Self

Set the base URL (e.g. "https://myapp.com").

pub fn account(self, account: AccountConfig) -> Self

pub fn base_path(self, path: impl Into<String>) -> Self

Set the base path where auth routes are mounted.

pub fn trusted_origin(self, origin: impl Into<String>) -> Self

Add a trusted origin. Supports glob patterns (e.g. "https://*.example.com").

pub fn trusted_origins(self, origins: Vec<String>) -> Self

Set all trusted origins at once.

pub fn disabled_path(self, path: impl Into<String>) -> Self

Add a path to the disabled paths list.

pub fn disabled_paths(self, paths: Vec<String>) -> Self

Set all disabled paths at once.

pub fn session_expires_in(self, duration: Duration) -> Self

Set the session expiration duration.

pub fn session_update_age(self, duration: Duration) -> Self

pub fn disable_session_refresh(self, disabled: bool) -> Self

pub fn session_fresh_age(self, duration: Duration) -> Self

pub fn session_cookie_cache(self, config: CookieCacheConfig) -> Self

Set the cookie cache configuration for sessions.

pub fn jwt_expires_in(self, duration: Duration) -> Self

Set the JWT expiration duration.

pub fn password_min_length(self, length: usize) -> Self

Set the minimum password length.

pub fn advanced(self, advanced: AdvancedConfig) -> Self

pub fn cookie_prefix(self, prefix: impl Into<String>) -> Self

pub fn disable_csrf_check(self, disabled: bool) -> Self

pub fn cross_sub_domain_cookies(self, domain: impl Into<String>) -> Self

pub fn is_origin_trusted(&self, origin: &str) -> bool

Check whether a given origin is trusted.

An origin is trusted if it matches:

1. The origin extracted from base_url, or
2. Any pattern in trusted_origins (after extracting the origin portion from the pattern).

Glob patterns are supported — * matches any characters except /, ** matches any characters including /.

pub fn is_path_disabled(&self, path: &str) -> bool

Check whether a given path is disabled.

pub fn validate(&self) -> Result<(), AuthError>

Trait Implementations

impl Clone for AuthConfig

fn clone(&self) -> AuthConfig

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Default for AuthConfig

fn default() -> Self

Returns the “default value” for a type.