OpenSkillIndex← back to search
claude-codesecurity

Marketplace auth-handler

Manage authentication, authorization, and user sessions. Use when dealing with login, sign-up, API protection, middleware, or user data fetching.

install
source · Clone the upstream repo
git clone https://github.com/aiskillstore/marketplace
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/aiskillstore/marketplace "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/aayushbaniya2006/auth-handler" ~/.claude/skills/aiskillstore-marketplace-auth-handler && rm -rf "$T"
manifest: skills/aayushbaniya2006/auth-handler/SKILL.md
tags
#authentication#authorization#api-security#user-management#session-handling#middleware
source content

Auth Handler

Instructions

1. API Route Protection

  • Standard Routes: Use 
    withAuthRequired
    . 
    export default withAuthRequired(async (req, { session, getUser }) => { ... })
  • Super Admin Routes: Use 
    withSuperAdminAuthRequired
    .
  • Cron Jobs: Use 
    cronAuthRequired
    .
  • Defense in Depth: Do NOT rely solely on middleware. Always implement individual route protection.

2. Frontend Data Access

  • Client Components: Use 
    useUser()
    hook (SWR).
  • Restriction: NEVER use 
    useSession
    from 
    next-auth/react
    .

3. Server-Side Data Access

  • Check Auth: Import 
    auth
    from 
    @/auth
    .
  • Get Plan: Use 
    getUserPlan(session.user.id)
    . 
    session.user
    is minimal.

Reference

For architecture details, key files, and debugging tips, see reference.md.