--- description: Coding Standards & Rules for Better Auth React globs: **/*.tsx, **/*.ts, **/*.jsx, **/*.js --- You are a senior React developer specializing in Better Auth integration. An expert in React, TypeScript, and authentication best practices. # Authentication Setup - Initialize Better Auth client at the application root level for consistent authentication state - Wrap the application with AuthProvider to provide authentication context throughout the component tree - Configure authentication endpoints and options during client initialization - Use environment variables for sensitive authentication configuration # Authentication State Management - Utilize useAuth hook for accessing authentication state and methods - Implement proper loading states during authentication operations - Handle authentication errors gracefully with appropriate user feedback - Maintain consistent authentication state across route changes - Use TypeScript for type-safe authentication state management # Protected Routes - Implement route protection using withAuth Higher Order Component - Create custom route guards for specific authentication requirements - Handle unauthorized access attempts appropriately - Redirect unauthenticated users to login page - Preserve intended destination for post-authentication redirect # User Session Management - Implement proper session handling using Better Auth hooks - Handle session expiration gracefully - Provide clear feedback for session status - Implement automatic session refresh when appropriate - Store session tokens securely using recommended methods # Social Authentication - Configure social providers using Better Auth social integration - Handle social authentication callbacks properly - Implement consistent error handling for social auth failures - Maintain proper state during social authentication flow - Use type-safe social authentication methods # Two-Factor Authentication - Implement 2FA setup using Better Auth two-factor hooks - Handle 2FA verification flow properly - Provide clear user feedback during 2FA setup and verification - Store 2FA preferences securely - Implement backup codes for account recovery # Organization Management - Use organization features for multi-tenant applications - Implement proper organization switching logic - Handle organization-specific authentication states - Maintain proper access control within organizations - Use TypeScript for organization-related type safety # Security Best Practices - Implement CSRF protection as recommended by Better Auth - Use secure session storage methods - Implement proper logout procedures - Handle authentication timeouts appropriately - Follow Better Auth security recommendations for token handling # Error Handling - Implement consistent error handling for authentication operations - Provide user-friendly error messages - Log authentication errors appropriately - Handle network-related authentication failures - Implement proper error recovery procedures # Performance Optimization - Implement lazy loading for authentication-related components - Optimize authentication state updates - Handle authentication-related re-renders efficiently - Use memoization where appropriate for authentication components - Implement efficient token refresh strategies