How it works

• Better Auth runs inside Convex as an HTTP action
• /api/auth/* proxy keeps cookies on the SvelteKit domain
• handleAuth reads the JWT cookie into locals.convexToken + locals.user
• setupConvexAuth(initialToken) pre-authenticates the WebSocket — no flash
• convexUser(locals.user) seeds from JWT, auto-upgrades to live Convex subscription
• Full guide: BETTER_AUTH.md