auth-integration
Implement Secure Authentication with Better Auth
Applications need secure authentication with login forms, session handling, and access control. This skill provides expert guidance for Better Auth/NextAuth v5 implementation including provider setup, validated forms, protected routes, and role-based permissions.
Baixar o ZIP da skill
Upload no Claude
Vá em Configurações → Capacidades → Skills → Upload skill
Ative e comece a usar
Testar
A utilizar "auth-integration". Create a login form with email and password validation
Resultado esperado:
- LoginForm component with React Hook Form integration
- Zod schema validation for email format and password length
- Error messages displayed below each field
- Loading state during form submission
- Accessible labels and proper input types
A utilizar "auth-integration". Set up protected routes for admin dashboard
Resultado esperado:
- Next.js middleware configuration for /dashboard path
- Auth guard that redirects unauthenticated users to /auth/login
- Role-based redirect logic for admin-only pages
- Loading skeleton component during auth check
A utilizar "auth-integration". Configure role-based permissions for different user types
Resultado esperado:
- ROLES enum with admin, teacher, student, parent values
- PERMISSIONS object mapping roles to specific capabilities
- hasPermission function for checking access rights
- PermissionGuard component for component-level protection
Auditoria de Segurança
SeguroThis is a documentation-only skill providing authentication implementation guidance. All 76 static findings are FALSE POSITIVES. The scanner misidentifies secure code examples as vulnerabilities. For example, the CRITICAL heuristic flagging 'Code execution + Network + Credential access' is actually the skill demonstrating best practice: using process.env for credentials rather than hardcoding them. Environment variable references show proper secure credential handling, not credential exposure. The external command detections are markdown code fences containing TypeScript examples, not actual shell commands. All URLs are legitimate documentation links. No executable code, scripts, or file operations exist.
Fatores de risco
📁 Acesso ao sistema de arquivos
🌐 Acesso à rede
⚙️ Comandos externos
🔑 Variáveis de ambiente
Pontuação de qualidade
O Que Você Pode Construir
Add auth to Next.js app
Implement complete authentication flow with login, signup, sessions, and protected routes in Next.js App Router.
Quick auth integration
Rapidly set up Google OAuth and email/password auth with secure session handling and validation.
Role-based access system
Build multi-role access control for ERP systems with admin, teacher, student, and parent permissions.
Tente Estes Prompts
Set up Better Auth v5 in my Next.js app with Google OAuth and email/password login.
Create a login form with React Hook Form, Zod validation, error handling, and loading states.
Add middleware protection to /dashboard routes that redirects unauthenticated users to login.
Implement role-based access control with admin, teacher, and student roles with permission checks.
Melhores Práticas
- Store all secrets in environment variables, never hardcode credentials
- Use Zod for validation to prevent malformed input attacks
- Configure secure cookie settings (httpOnly, secure, sameSite)
Evitar
- Hardcoding API keys or secrets in source files
- Skipping input validation on authentication endpoints
- Storing sessions in localStorage instead of httpOnly cookies
Perguntas Frequentes
Which frameworks does this skill support?
What authentication providers are covered?
How long does implementation take?
Is this skill secure for production?
What databases work with this skill?
How does this compare to implementing auth manually?
Detalhes do Desenvolvedor
Autor
Awais68Licença
MIT
Repositório
https://github.com/Awais68/hackathon-2-phase-ii-full-stack-web-app/tree/main/.claude/skills/auth-integrationReferência
main
Estrutura de arquivos
📄 SKILL.md