π Production-Ready Better Auth Plugin for the Polkadot ecosystem
A comprehensive Better Auth plugin for Polkadot wallet authentication, providing secure SIWE-style authentication with multi-chain support and enterprise-grade security features.
- π Polkadot.js Integration: Secure wallet-based authentication
- βοΈ Multi-Chain Support: Polkadot, Kusama, Westend, Asset Hub
- π‘οΈ Better Auth Integration: Seamless plugin architecture
- π± React/Next.js Ready: Full TypeScript support with hooks
- π§ͺ Comprehensive Testing: 80%+ test coverage
- π Enterprise Security: Cryptographic signature verification
- π Production Ready: Stateless, scalable, and secure
npm install @polkadot-sso/better-auth-polkadotimport { betterAuth } from "better-auth"
import { polkadotPlugin } from "@polkadot-sso/better-auth-polkadot"
const auth = betterAuth({
database: {
provider: "sqlite",
url: "file:./data/auth.db"
},
secret: process.env.SESSION_SECRET,
plugins: [
polkadotPlugin({
providers: [
{
id: "polkadot",
name: "Polkadot",
chain: "polkadot",
rpcUrl: "wss://rpc.polkadot.io",
ss58Format: 0,
decimals: 10,
tokenSymbol: "DOT"
},
{
id: "kusama",
name: "Kusama",
chain: "kusama",
rpcUrl: "wss://kusama-rpc.polkadot.io",
ss58Format: 2,
decimals: 12,
tokenSymbol: "KSM"
}
]
})
]
})import { usePolkadotAuth } from "@polkadot-sso/better-auth-polkadot"
function LoginComponent() {
const {
accounts,
user,
loading,
error,
connectWallet,
signIn,
signOut
} = usePolkadotAuth({
appName: "My App",
ssoUrl: "http://localhost:3000"
})
if (user) {
return (
<div>
<p>Welcome, {user.address}!</p>
<button onClick={signOut}>Sign Out</button>
</div>
)
}
return (
<div>
{accounts.length === 0 ? (
<button onClick={connectWallet}>
Connect Polkadot Wallet
</button>
) : (
<div>
{accounts.map(account => (
<button
key={account.address}
onClick={() => signIn(account.address, account.chain)}
>
Sign in with {account.name || account.address}
</button>
))}
</div>
)}
{error && <p>Error: {error}</p>}
</div>
)
}The plugin follows the Better Auth architecture with:
- Stateless Authentication: JWT-based sessions
- Plugin Architecture: Modular and extensible
- Type Safety: Full TypeScript support
- Security First: Cryptographic verification
- Wallet Connection: User connects their Polkadot wallet
- Account Selection: User selects an account and chain
- Challenge Generation: Server generates a cryptographic challenge
- Message Signing: User signs the challenge with their wallet
- Signature Verification: Server verifies the signature
- Session Creation: Server creates a JWT session
- Authentication Complete: User is authenticated
# Required
SESSION_SECRET=your-32-character-session-secret
# Optional - Chain RPC URLs
POLKADOT_RPC_URL=wss://rpc.polkadot.io
KUSAMA_RPC_URL=wss://kusama-rpc.polkadot.io
WESTEND_RPC_URL=wss://westend-rpc.polkadot.io
# Optional - Database
DATABASE_URL=file:./data/auth.dbinterface PolkadotPluginOptions {
providers: PolkadotProvider[]
chains?: {
polkadot?: string
kusama?: string
westend?: string
}
rpcUrls?: {
polkadot?: string
kusama?: string
westend?: string
}
}- Cryptographic Verification: All signatures are cryptographically verified
- Challenge-Response: Prevents replay attacks
- JWT Tokens: Secure session management
- Address Validation: SS58 format validation
- Rate Limiting: Built-in protection against abuse
- Location:
packages/better-auth-polkadot/ - Package:
@polkadot-sso/better-auth-polkadot - Status: β Production Ready
- Location:
apps/example/ - Framework: Nuxt.js
- Status: β Updated for Better Auth
# Run tests
npm test
# Run tests with coverage
npm run test:coverage
# Watch mode
npm run test:watchThe plugin includes comprehensive unit tests with 80%+ coverage.
# Install dependencies
npm install
# Start development server
npm run dev
# Build for production
npm run buildinterface UsePolkadotAuthReturn {
accounts: PolkadotAccount[]
user: PolkadotUser | null
session: PolkadotSession | null
loading: boolean
error: string | null
connectWallet: () => Promise<void>
signIn: (address: string, chain: string) => Promise<void>
signOut: () => Promise<void>
refreshSession: () => Promise<void>
}interface PolkadotWalletSelectorProps {
appName: string
ssoUrl: string
onSuccess?: (user: any) => void
onError?: (error: string) => void
}- Polkadot: Main network (ss58: 0)
- Kusama: Canary network (ss58: 2)
- Westend: Test network (ss58: 42)
- Asset Hub: Asset parachain
- Fork the repository
- Create a feature branch
- Add tests for new functionality
- Ensure all tests pass
- Submit a pull request
MIT License - see LICENSE file for details.
- GitHub Issues: Report bugs and request features
- Documentation: Full API documentation
- Discord: Join our community
Built with β€οΈ for the Polkadot ecosystem