ZZuro Docs

Auth

Add user auth in one command

Auth

Add email/password auth with Better Auth, session support, and a protected me endpoint.

Installation

npx zuro-cli add auth
pnpm dlx zuro-cli add auth
bun x zuro-cli add auth

Smart Dependencies

Running add auth also installs missing required modules:

  • core
  • database (you pick PostgreSQL or MySQL if needed)
  • error-handler

What Gets Added

auth.ts
auth.routes.ts
user.routes.ts
user.controller.ts
auth.ts
app.ts
env.ts
.env

App Wiring

CLI auto-injects routes into app.ts:

app.use(authRoutes);
app.use("/api/users", userRoutes);

Environment Variables

Auth adds:

  • BETTER_AUTH_SECRET
  • BETTER_AUTH_URL

Behavior:

  • if BETTER_AUTH_SECRET is missing, Zuro generates a secure random secret
  • if it already exists, Zuro keeps your existing value
  • BETTER_AUTH_URL defaults to http://localhost:3000 (update for your real API origin)

Database Dialect Support

Auth schema generation follows your database module:

  • PostgreSQL project -> PostgreSQL auth schema
  • MySQL project -> MySQL auth schema

So you can use add auth safely on either dialect.

Endpoints You Get

PathMethodPurpose
/auth/sign-up/emailPOSTRegister
/auth/sign-in/emailPOSTLogin
/auth/sign-outPOSTLogout
/auth/sessionGETCurrent session
/api/users/meGETCurrent user profile

First-Time Setup

  1. Add auth: 
    npx zuro-cli add auth
  2. Run migrations: 
    npx drizzle-kit generate
npx drizzle-kit migrate
  3. Start server: 
    npm run dev

Basic Usage Example

curl -X POST http://localhost:3000/auth/sign-up/email \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Briyan",
    "email": "briyan@example.com",
    "password": "password123"
  }'
curl http://localhost:3000/api/users/me \
  -H "Cookie: <session_cookie_here>"

Controller Pattern

Generated UserController checks session through Better Auth:

import { auth } from "../lib/auth";
import { fromNodeHeaders } from "better-auth/node";
import { UnauthorizedError } from "../lib/errors";

export const UserController = {
  async getProfile(req, res) {
    const session = await auth.api.getSession({
      headers: fromNodeHeaders(req.headers),
    });

    if (!session) {
      throw new UnauthorizedError("Not authenticated");
    }

    return res.json({ user: session.user });
  },
};

Troubleshooting

  • Module 'auth' not found: run npx zuro-cli add auth inside a Zuro project.
  • BETTER_AUTH_URL issues: set it to your backend origin (for example http://localhost:3000).
  • migration errors: verify DATABASE_URL and database existence, then rerun migration commands.
  • 401 Not authenticated on /api/users/me: include session cookie from login.

Next Steps

→ Database

Review migrations, schemas, and DB setup

→ Error Handler

Understand API error format and handling

Error Handler

Centralized API errors with safe logging

On this page

AuthInstallationSmart DependenciesWhat Gets AddedApp WiringEnvironment VariablesDatabase Dialect SupportEndpoints You GetFirst-Time SetupBasic Usage ExampleController PatternTroubleshootingNext Steps