docs(migrations): fixes middleware configuration for better-auth (#667)

ph1losof · haydenbleasel · vercel[bot] · web-flow · commit 2ab6b6bb0e2c · 2025-12-06T09:26:38.000-08:00
* docs(migrations): fixes middleware configuration for better-auth migration * docs(migrations): adds proper fetch event passing to better-auth middleware * Apply suggestion from @vercel[bot] Co-authored-by: vercel[bot] <35613825+vercel[bot]@users.noreply.github.com> --------- Co-authored-by: Hayden Bleasel <hello@haydenbleasel.com> Co-authored-by: vercel[bot] <35613825+vercel[bot]@users.noreply.github.com>
diff --git a/docs/content/docs/migrations/authentication/better-auth.mdx b/docs/content/docs/migrations/authentication/better-auth.mdx
@@ -202,31 +202,41 @@ export const AuthProvider = ({ children }: AuthProviderProps) => children;
 
 ## 7. Change Middleware
 
-Change the middleware in the `auth` package to the following:
+Change the middleware in the `auth` package to the following. The middleware checks for a session cookie and redirects unauthenticated users to the sign-in page. The optional `middlewareFn` parameter allows you to add custom logic before the authentication check:
 
 ```tsx title="packages/auth/middleware.ts"
-import type { NextRequest } from "next/server";
-import { NextResponse } from 'next/server';
-
-const isProtectedRoute = (request: NextRequest) => {
-  return request.url.startsWith("/dashboard"); // change this to your protected route
-}
-
-export const authMiddleware = async (request: NextRequest) => {
-  const url = new URL('/api/auth/get-session', request.nextUrl.origin);
-  const response = await fetch(url, {
-    headers: {
-      cookie: request.headers.get('cookie') || '',
-    },
-  });
-
-  const session = await response.json();
-  
-  if (isProtectedRoute(request) && !session) {
-    return NextResponse.redirect(new URL("/sign-in", request.url));
-  }
-  
-  return NextResponse.next();
+import { getSessionCookie } from "better-auth/cookies";
+import type { NextFetchEvent, NextRequest } from "next/server";
+import { NextResponse } from "next/server";
+
+export function authMiddleware(
+  middlewareFn?: (
+    _auth: { req: NextRequest; authorized: boolean },
+    request: NextRequest,
+    event: NextFetchEvent,
+  ) => Promise<Response> | Response,
+) {
+  return async function middleware(request: NextRequest, event: NextFetchEvent) {
+    const sessionCookie = getSessionCookie(request);
+    const authorized = Boolean(sessionCookie);
+
+    if (middlewareFn) {
+      const response = await middlewareFn(
+        { req: request, authorized },
+        request,
+        event
+      );
+      if (response && response.headers.get("Location")) {
+        return response;
+      }
+    }
+
+    if (!sessionCookie) {
+      return NextResponse.redirect(new URL("/sign-in", request.url));
+    }
+
+    return NextResponse.next();
+  };
 }
 ```
 
