بنقرة واحدة
authentication
Sessions, sign-in/sign-up flows, OAuth, magic links, or organization context on the session.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Sessions, sign-in/sign-up flows, OAuth, magic links, or organization context on the session.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Adding or changing routes in `apps/api`. One source of truth (`defineApiEndpoint` + a Zod schema) becomes an HTTP endpoint, an OpenAPI operation, an MCP tool, and a TS SDK method — descriptions and contracts must be written with all four readers in mind.
Layering and boundaries, web vs public API, app layout (clients, routes, logging), ports/adapters, runtime-portable domain/shared/utils code, multi-tenancy, DDD layout, or anti-patterns.
Preparing a production release, pushing a vX.Y.Z release tag, running scripts/release.sh, or updating CHANGELOG.md with the changes that are about to be deployed to production.
Enables or disables Latitude production maintenance mode by redirecting all publicly exposed production services to the Better Stack status page. Use when asked to start, stop, toggle, verify, or prepare a maintenance window.
Adding or reading env vars, updating .env.example, or validating config at startup with parseEnv / parseEnvOptional.
ClickHouse queries, Goose migrations, chdb test schema, or telemetry storage paths.
| name | authentication |
| description | Sessions, sign-in/sign-up flows, OAuth, magic links, or organization context on the session. |
When to use: Sessions, sign-in/sign-up flows, OAuth, magic links, or organization context on the session.
@platform/db-postgres exposes createBetterAuth() in packages/platform/db-postgres/src/create-better-auth.ts, wiring better-auth with the Drizzle adapter against the shared Postgres client.auth.api.getSession({ headers }) → { user, session } with typed fields.User includes id, email, name — use those fields directly (no assertions).apps/web/src/domains/sessions/session.functions.ts (getSession, ensureSession, etc.).customSession plugin (multi-tenant product behavior).@domain/auth composed with Postgres repositories — keep policy in domain, wiring in apps.For HTTP boundary rules (who may call what), see architecture-boundaries.