Problem

When implementing custom auth verification (wallet signatures, hardware tokens, external identity providers), you need to create a better-auth session after verifying the user yourself. Currently requires accessing the internal adapter:

const auth = serverAuth(event)
const ctx = await auth.$context
const session = await ctx.internalAdapter.createSession(userId, false)

internalAdapter is undocumented and the $context promise pattern is error-prone.

Proposed Solution

Auto-imported server utility:

// server/api/my-custom-auth.post.ts
await verifyMyCustomAuth(event) // your verification logic
const session = await createSession(event, userId)
await setSessionCookie(event, session.token) // from #296

This pairs with #296 (setSessionCookie) to provide a complete escape hatch for custom auth flows while staying within the module's public API.

Use Cases

• Wallet-based sign-in (Nimiq, Ethereum SIWE, Solana)
• QR code cross-device login
• Passwordless hardware key auth
• Migration from another auth system
• Admin bootstrap/seeding