Better Auth Kit

Prompt the user to re-verify their identity by providing a form of authentication for revalidation.

This plugin is in Beta

This plugin only supports password verification which returns a valid boolean, and does not support extending the current session yet. This will be added in a future release.

If a user's session is not fresh, critical actions (e.g. deleting their account) will not be allowed. You would have to terminate their session, force them to sign-in again, and then be able to perform the action. Depending on your application, this may not be the best user experience. In some cases, routes can be protected and only accessible to active sessions. By terminating a session and making them sign-in, they're redirected to the login page and may not even know what happened.

Using Reverify, you can prompt the user to re-verify their identity without logging them out or terminating their current session.

1. Install the plugin

npm install @better-auth-kit/reverify

2. Initialize the plugin

auth.ts

import { reverify } from "@better-auth-kit/reverify";
 
export const auth = betterAuth({
  plugins: [reverify()],
});

auth-client.ts

import { reverifyClient } from "@better-auth-kit/reverify/client";
 
export const authClient = createAuthClient({
  plugins: [reverifyClient()],
});

3. Use the plugin

const { data } = await client.reverify.password({
  password: "some-password",
});
 
const isValid = data?.valid;

There are future plans to add more forms of authentication to reverify, such as:

Phone number verification
Magic link & Email OTP verification
2FA verification
Passkey verification

Reverify

This plugin is in Beta

1. Install the plugin

2. Initialize the plugin

3. Use the plugin

On this page