Authentication
Learn about the authentication flow in TurboStarter AI.
TurboStarter AI implements a streamlined authentication approach powered by Better Auth. Since the primary focus is showcasing AI capabilities, we've kept the initial authentication simple, allowing you to quickly integrate and experiment with AI features.
Anonymous sessions
When someone first visits the AI application, an anonymous session is automatically created. This establishes a unique user identity without requiring login credentials.
These anonymous sessions serve two critical purposes:
- Persistence: links data like chat history or generated content to specific users in your database
- Usage control: enables tracking for rate limiting and the credits system, ensuring fair AI resource usage even for anonymous visitors
Extending authentication
While the default anonymous setup provides a frictionless initial experience, TurboStarter is built for growth. The authentication logic uses Better Auth in the shared packages/auth
package, ensuring consistency between web and mobile applications.
When your project needs more sophisticated authentication features like:
- Email/Password login
- Magic links
- Social logins (OAuth)
- Multi-factor authentication
You can easily integrate these by leveraging the comprehensive authentication system in the TurboStarter Core kit. The underlying structure is already in place, making this transition straightforward.
For detailed implementation guides, check out the core documentation:
Web authentication
Explore the full authentication capabilities for the web application.
Mobile authentication
Learn how authentication works within the mobile application.
By starting with anonymous sessions, the AI kit lets you focus on building compelling AI features first, while providing a clear path to implement advanced user management and security as your application evolves.
How is this guide?
Last updated on