Most auth bugs do not come from the login button.

They show up after login:

a user is created in Clerk but not in your app database

a session expires while your UI still thinks the user is active

a webhook arrives late or twice