Docs

Magic link

Magic link or email link is a way to authenticate users without a password. When a user enters their email, a link is sent to their email. When the user clicks on the link, they are authenticated.

Installation

Add the server Plugin

Add the magic link plugin to your server:

server.ts
import { betterAuth } from "better-auth";
import { magicLink } from "better-auth/plugins";
 
export const auth = betterAuth({
    plugins: [
        magicLink({
            sendMagicLink: async ({
                email: string,
                token: string,
                url: string
            }, request) => {
                // send email to user
            }
        })
    ]
})

Add the client Plugin

Add the magic link plugin to your client:

client.ts
import { createAuthClient } from "better-auth/client";
import { magicLinkClient } from "better-auth/client/plugins";
const client = createAuthClient({
    plugins: [
        magicLinkClient()
    ]
});

Usage

To sign in with a magic link, you need to call signIn.magicLink with the user's email address. The sendMagicLink function is called to send the magic link to the user's email.

magic-link.ts
const { data, error } = await client.signIn.magicLink({
    email: "[email protected]",
    callbackURL: "/dashboard" //redirect after successful login (optional)
});

If the user has not signed up, unless disableSignUp is set to true, the user will be signed up automatically.

When you send the URL generated by the sendMagicLink function to a user, clicking the link will authenticate them and redirect them to the callbackURL specified in the signIn.magicLink function. If an error occurs, the user will be redirected to the callbackURL with an error query parameter.

If no callbackURL is provided, the user will be redirected to the root URL.

If you want to handle the verification manually, (e.g, if you send the user a different url), you can use the verify function.

magic-link.ts
const { data, error } = await client.magicLink.verify({
    query: {
        token
    }
});

Configuration Options

sendMagicLink: The sendMagicLink function is called when a user requests a magic link. It takes an object with the following properties:

  • email: The email address of the user.
  • url: The url to be sent to the user. This url contains the token.
  • token: The token if you want to send the token with custom url.

and a request object as the second parameter.

expiresIn: specifies the time in seconds after which the magic link will expire. The default value is 300 seconds (5 minutes).

disableSignUp: If set to true, the user will not be able to sign up using the magic link. The default value is false.

Edit on GitHub

On this page