This library is in early development. Expect breaking changes.
Guides

Database-less Mode

Run Better Auth without a database for edge and serverless deployments.

Better Auth supports running without a database using encrypted cookie sessions (JWE).

See the official Better Auth documentation for database-less setup.

Database-less mode uses JWE (JSON Web Encryption) sessions. Instead of storing sessions in a database, the session data is encrypted and stored entirely in the cookie.

How it works:

  • Session data is encrypted with your BETTER_AUTH_SECRET
  • The encrypted token is stored in a cookie
  • On each request, the server decrypts the cookie to get session data
  • No database queries needed for session validation

Limitations

No Server-Side Session Revocation

You cannot invalidate a session before it expires. The user must wait for the cookie to expire.

Workaround: Use short session lifetimes (e.g., 1 hour) and implement token refresh.

No Email/Password Without External Storage

Email/password requires storing user credentials somewhere.

Workaround:

  • Use OAuth providers only (GitHub, Google store the credentials)
  • Or use an external user database while keeping sessions database-less

No Multi-Device Session Management

Cannot list or revoke sessions across devices.

Workaround: Implement device tracking in your application layer if needed.

Nuxt Configuration

Simply don't configure a database adapter:

nuxt.config.ts
export default defineNuxtConfig({
  modules: ['@onmax/nuxt-better-auth'],
})

Auth Configuration

Enable JWE sessions and cookie-based OAuth state:

server/auth.config.ts
import { defineServerAuth } from '@onmax/nuxt-better-auth/config'

export default defineServerAuth({
  socialProviders: {
    github: { clientId: '...', clientSecret: '...' },
  },
  session: {
    cookieCache: {
      enabled: true,
      maxAge: 7 * 24 * 60 * 60, // 7 days
      strategy: 'jwe',
    },
  },
  account: {
    storeStateStrategy: 'cookie',
    storeAccountCookie: true,
  },
})

This stores sessions and OAuth state in encrypted cookies instead of a database.

When to Use Database-less Mode

Good fit:

  • OAuth-only authentication (GitHub, Google, etc.)
  • Serverless deployments with cold start concerns
  • Simple applications without session management needs

Not recommended:

  • Applications requiring session revocation
  • Multi-device session management
  • Email/password authentication
Edit on GitHub
Previous

Custom Database

Next

External Auth Backend