Better Auth RS

The most comprehensive authentication framework for Rust. Inspired by Better Auth.

Features

Plugin Architecture — compose only the auth features you need
Type Safety — leverages Rust's type system for compile-time guarantees
Async First — built on Tokio with full async/await support
Database Agnostic — in-memory for development, PostgreSQL for production
Framework Integration — first-class Axum support with session extractors
OpenAPI — auto-generated API specification
Middleware — CSRF, CORS, rate limiting, body size limits
Database Hooks — intercept create/update/delete operations

Quick Start

[dependencies]
better-auth = "0.8"

use better_auth::{BetterAuth, AuthConfig};
use better_auth::plugins::EmailPasswordPlugin;
use better_auth::adapters::MemoryDatabaseAdapter;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let auth = BetterAuth::new(
            AuthConfig::new("your-very-secure-secret-key-at-least-32-chars-long")
                .base_url("http://localhost:3000"),
        )
        .database(MemoryDatabaseAdapter::new())
        .plugin(EmailPasswordPlugin::new().enable_signup(true))
        .build()
        .await?;

    // Mount as an Axum router (requires `axum` feature)
    // let app = auth.axum_router();

    Ok(())
}

See the Quick Start guide for a complete walkthrough including sign-up, sign-in, and session usage.

Plugins

Better Auth RS ships with a rich set of plugins. Enable only what you need:

Plugin	Description
Email/Password	Sign up/sign in with email & password, username support
Session Management	Session listing, revocation, and token refresh
Password Management	Password reset, change, and set flows
Email Verification	Email verification workflows
Account Management	Account linking and unlinking
Organization	Multi-tenant organizations with RBAC
OAuth	Social sign-in via OAuth 2.0 providers
Two-Factor	TOTP-based 2FA with backup codes
Passkey	WebAuthn passkey authentication
API Key	API key generation, rotation, and revocation
Admin	User management and administrative operations

See the Plugins documentation for usage details.

Feature Flags

Feature	Description
`axum`	Axum web framework integration
`derive`	Derive macros for custom entity types (`AuthUser`, `MemoryUser`, etc.)
`sqlx-postgres`	PostgreSQL database support via SQLx

Crate Structure

Crate	Description
`better-auth`	Main crate — re-exports and framework integration
`better-auth-core`	Core abstractions: traits, config, middleware, error handling
`better-auth-api`	Plugin implementations
`better-auth-derive`	Derive macros for custom entity types

Documentation

Detailed guides and API reference are available in the docs/ directory:

Installation
Quick Start
Authentication — Email/Password · Sessions · Email Verification
Concepts — Configuration · Database · Plugins · Middleware · Hooks
Plugins — OAuth · Organization · Two-Factor · Passkey · API Key · Admin
Reference — API Routes · Configuration Options · Errors · Security · OpenAPI
Integrations — Axum

Examples

# Basic usage (in-memory)
cargo run --example basic_usage

# Axum web server
cargo run --example axum_server --features axum

# PostgreSQL
cargo run --example postgres_usage --features sqlx-postgres

# Custom entity types with derive macros
cargo run --example custom_entities --features derive

# Custom ORM adapter
cargo run --example custom_orm_adapter

# Full-stack (better-auth frontend + better-auth-rs backend)
cargo run --manifest-path examples/fullstack/backend/Cargo.toml

See examples/README.md for detailed documentation on each example.

License

Licensed under either of:

at your option.

better-auth 0.9.0