تشغيل أي مهارة في Manus بنقرة واحدة

better-auth-scaffold

النجوم١٦٣

التفرعات١٢

آخر تحديث٢٧ مايو ٢٠٢٦ في ١٢:١٩

Scaffolds a Better Auth setup in a Next.js (App Router) + Drizzle project — lib/auth.ts, lib/auth-client.ts, the /api/auth/[...all] route handler, middleware.ts, .env.example, and a permissions module. Produces convention-enforced templates for three plugin presets (minimal, social, advanced with twoFactor+magicLink). Trigger even when the user doesn't explicitly say "scaffold" — phrases like "set up Better Auth", "wire up auth", "initialize auth in this project", or "add auth to Next.js" should pull this in. Pairs with the `better-auth` skill, which covers the rules these templates encode.

التثبيت

التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.

تشغيل في Manus

المصدر

pproenca

pproenca/dot-skills

فتح مستودع GitHub عرض مستودعات المنشئ

تنزيل

تشغيل في Manus

المهن ذات الصلةSOC

استنادا إلى تصنيف SOC المهني

مطوّرو البرمجياتمهن الحاسوب والرياضيات·SOC 15-1252

مستكشف الملفات

15 ملفات

SKILL.md

readonly

name

better-auth-scaffold

description

Better Auth Scaffold (Next.js + Drizzle)

Parameterized templates for bootstrapping a Better Auth setup in a Next.js App Router project using the Drizzle adapter. Each template enforces the conventions documented in references/conventions.md — file layout, plugin ordering, env handling, runtime selection.

When to Apply

Reference these templates when:

Starting a new Next.js project that needs authentication
Adding Better Auth to an existing Next.js + Drizzle codebase
Refactoring a partial Better Auth setup that's missing the catch-all route, middleware, or nextCookies() ordering
Generating a per-feature variant (minimal, social, advanced) on top of an existing project

Setup

Required parameters

Parameter	Required	Default	Description
`preset`	no	`minimal`	`minimal` (email+password) \| `social` (adds Google + GitHub) \| `advanced` (social + twoFactor + magicLink)
`db_provider`	yes	—	`pg` \| `mysql` \| `sqlite` (Drizzle provider)
`app_name`	yes	—	Display name (becomes 2FA issuer in authenticator apps when preset=advanced)

Optional parameters

Parameter	Default	Description
`auth_path`	`lib/auth.ts`	Server auth module path
`client_path`	`lib/auth-client.ts`	Client module path
`api_route_path`	`app/api/auth/[...all]/route.ts`	Catch-all route handler path
`protected_paths`	`["/dashboard"]`	Routes the middleware guards

If config.json already exists with values, the skill uses those; otherwise it asks the user.

Available Templates

Template	Output File	When to emit
`auth.ts.template`	`lib/auth.ts`	Always
`auth-client.ts.template`	`lib/auth-client.ts`	Always
`route.ts.template`	`app/api/auth/[...all]/route.ts`	Always
`middleware.ts.template`	`middleware.ts`	When `protected_paths` is non-empty
`env.template`	`.env.example`	Always
`db-schema-better-auth.ts.template`	`db/schema/auth.ts`	Always (stub — replace with output of `better-auth generate`)
`db-index.ts.template`	`db/index.ts`	When the project has no Drizzle client yet
`email.ts.template`	`lib/email.ts`	When `preset=advanced` (and the file doesn't already exist)
`sign-in-page.tsx.template`	`app/sign-in/page.tsx`	When the project has no sign-in page (closes the middleware redirect loop)
`permissions.ts.template`	`lib/permissions.ts`	Optional starter for org/admin plugin work

How to Use

Resolve parameters. Read config.json first; for any missing required parameter (db_provider, app_name), ask the user via AskUserQuestion.
Render each template. For each template file:
- Read the template.
- Substitute {{placeholder}} values ({{app_name}}, {{db_provider}}, etc.) with the resolved parameter values.
- Apply PRESET[...] conditional blocks using these rules:
  1. Find every pair of marker lines matching // PRESET[<tags>] and // /PRESET[<tags>] (or /* PRESET[...] */ / # PRESET[...] for non-JS files — same syntax, different comment style).
  2. Parse <tags> as a comma-separated list (e.g. social,advanced).
  3. If the chosen preset value is in <tags> → remove ONLY the two marker lines; keep the lines between them.
  4. If the chosen preset value is NOT in <tags> → remove the ENTIRE block including both marker lines.
  5. Markers may be nested (e.g. PRESET[advanced] inside PRESET[minimal,social,advanced]); process from inside out.
- For Mustache-style iteration in middleware.ts.template (// {{#protected_paths}} ... // {{/protected_paths}}), repeat the lines between the markers once per item in the list, substituting {{path}} with each value.
Write output files. Before writing, check if the target file already exists:
- If it doesn't exist → write it.
- If it exists and is identical → no-op.
- If it exists and differs → show a diff and ask the user (overwrite / merge / skip).
Run the CLI sequence. After all files are written:
```
npx @better-auth/cli@latest generate
npx drizzle-kit generate
npx drizzle-kit migrate
```
These commands replace the placeholder db/schema/auth.ts with the real schema and apply migrations.
Print next steps. Tell the user to:
- Fill in .env.local (copy from .env.example)
- Generate a secret: openssl rand -base64 32
- Register OAuth redirect URIs with each provider console (for social/advanced presets)
- Implement lib/email.ts to wire transactional email (for advanced preset)

Conventions

Read references/conventions.md for the rationale behind every convention these templates encode. Highlights:

lib/auth.ts is server-only (import "server-only")
nextCookies() is ALWAYS the last plugin in the array
Middleware does a cookie-presence check only; real validation in pages
All secrets via process.env.*, never inline
Sliding-window sessions with cookieCache enabled

Related Skills

better-auth — Library/API Reference with 42 rules covering setup, sessions, security, plugins, and migration. The templates here are one canonical realization of those rules; read the rule for the underlying reasoning when you need to deviate.

Gotchas

See gotchas.md — initialized empty, populated as we discover them.

المزيد من هذا المستودع

نفس المستودع

write-design-docs

pproenca/dot-skills

Write, revise, or review software design documents using Malte Ubl's "Design Docs at Google" guidance. Use when Codex needs to draft a design doc, technical design, RFC, engineering review doc, architecture proposal, mini design doc, or design-doc review focused on context, goals, non-goals, trade-offs, alternatives, cross-cutting concerns, review lifecycle, and deciding whether a design doc is warranted.

2026-06-12163

go-process-cli

pproenca/dot-skills

Write Go CLIs that manage processes and workloads — daemons, supervisors, job runners, deploy tools, anything that spawns or controls other processes. Use when writing, reviewing, or refactoring Go that handles OS signals, runs children via os/exec, fans out concurrent work, threads context for cancellation, returns exit codes, or builds a flag/cobra command surface. Covers the footguns the standard library makes easy to hit — SIGTERM vs Ctrl-C, SIGKILL-by-default children, orphaned process groups, pipe deadlocks, goroutine leaks, zombie reaping, and os.FindProcess lying about liveness. Triggers whenever the task touches process lifecycle, graceful shutdown, subprocess control, or concurrent workload supervision in Go — even if not named.

2026-05-31163

design-review

pproenca/dot-skills

Structured UI design review — existing code (React/JSX, CSS, Tailwind) and, when behaviour matters, the running app in a real browser — reported as a prioritised Before / After / Why table. Covers visual hierarchy, spacing, typography, colour & contrast, component states, motion, responsiveness, accessibility, multi-page flow & navigation, and interaction continuity — grounded in Refactoring UI and Emil Kowalski's principles. For animation/jank/FPS, focus order, and cross-page UX it can drive Chrome via chrome-devtools-mcp to capture what a screenshot can't. Trigger when the user asks to "review this UI", "design review", "critique this component/screen/page or multi-page flow", asks why something "looks off", "looks AI-generated", or "looks like a wireframe", or wants to raise visual polish. For building UI from scratch use web-taste; for the full animation set see emilkowal-animations.

2026-05-27163

deterministic-metric-design

pproenca/dot-skills

Inventing deterministic metrics — turning a fuzzy property like 'maintainability', 'risk', or 'how reducible this code is' into a deterministic, computable number an agent can trust and optimize. Covers the path from construct to adoption — operationalizing the construct, confronting computability limits (Kolmogorov, Rice) with sound proxies, picking the right measurement scale, proving properties (monotonicity, invariance, the Weyuker/Briand axioms), guaranteeing determinism, establishing construct validity (not just LOC in disguise), and hardening against Goodhart-style gaming when an agent optimizes the metric. Trigger when designing, reviewing, or validating a quantitative metric, score, measure, or index — and even when the user doesn't say 'metric' but wants to quantify, score, rank, or measure code/behavior, build a deterministic optimization target, or invent a measure for something previously unquantified (e.g., behavior-preserving codebase-size reduction).

2026-05-27163

implementation-design-patterns

pproenca/dot-skills

Implementation guide for the 22 Gang of Four design patterns in TypeScript, distilled from refactoring.guru. Use this skill when writing, refactoring, or reviewing TypeScript that exhibits a pattern-shaped problem — class-explosion from inheritance, conditionals switching on type, tight coupling to concrete classes, tree-shaped models, runtime algorithm selection, undo/redo, snapshot-and-restore, state-dependent behavior, subscriber notification, or hiding subsystem complexity. Each pattern entry includes intent, problem, solution, applicability (when to use AND when NOT to use), a runnable TypeScript example, implementation steps, pros/cons, and relations to sibling patterns. Trigger even when no pattern is named — cues like "class getting unwieldy," "giant switch," "swap implementations at runtime," "combinatorial subclasses," "need undo," or "traverse a tree" are pattern-shaped. Covers all 5 Creational, 7 Structural, and 10 Behavioral GoF patterns.

2026-05-27163

implementation-functional-patterns

pproenca/dot-skills

TypeScript's functional answers to the 22 Gang of Four classes — factory functions (Factory Method, Abstract Factory, Prototype, Memento), module-scope singletons, fluent immutable builders, wrapper functions (Adapter, Facade), native Proxy, WeakMap caches (Flyweight), discriminated unions with exhaustive match (State, Visitor, Composite), event emitters and signals (Mediator, Observer), pipelines and composition (CoR, Decorator), stream methods (Iterator), closures-as-commands, higher-order strategies, lambda placement. Use when reviewing TypeScript that has a class-shaped problem the GoF catalog solves with a hierarchy but where idiomatic TS reaches for a function, a tagged union, or a data structure. Each rule names the GoF pattern(s) it replaces and when the class form still wins. Trigger on "factory class", "singleton getInstance", "state machine class", "observer pattern", "AST visitor", "where do I put this lambda". Sibling to implementation-design-patterns.

2026-05-27163

name

better-auth-scaffold

description

Better Auth Scaffold (Next.js + Drizzle)

When to Apply

Reference these templates when:

Starting a new Next.js project that needs authentication
Adding Better Auth to an existing Next.js + Drizzle codebase
Refactoring a partial Better Auth setup that's missing the catch-all route, middleware, or nextCookies() ordering
Generating a per-feature variant (minimal, social, advanced) on top of an existing project

Setup

Required parameters

Parameter	Required	Default	Description
`preset`	no	`minimal`	`minimal` (email+password) \| `social` (adds Google + GitHub) \| `advanced` (social + twoFactor + magicLink)
`db_provider`	yes	—	`pg` \| `mysql` \| `sqlite` (Drizzle provider)
`app_name`	yes	—	Display name (becomes 2FA issuer in authenticator apps when preset=advanced)

Optional parameters

Parameter	Default	Description
`auth_path`	`lib/auth.ts`	Server auth module path
`client_path`	`lib/auth-client.ts`	Client module path
`api_route_path`	`app/api/auth/[...all]/route.ts`	Catch-all route handler path
`protected_paths`	`["/dashboard"]`	Routes the middleware guards

If config.json already exists with values, the skill uses those; otherwise it asks the user.

Available Templates

Template	Output File	When to emit
`auth.ts.template`	`lib/auth.ts`	Always
`auth-client.ts.template`	`lib/auth-client.ts`	Always
`route.ts.template`	`app/api/auth/[...all]/route.ts`	Always
`middleware.ts.template`	`middleware.ts`	When `protected_paths` is non-empty
`env.template`	`.env.example`	Always
`db-schema-better-auth.ts.template`	`db/schema/auth.ts`	Always (stub — replace with output of `better-auth generate`)
`db-index.ts.template`	`db/index.ts`	When the project has no Drizzle client yet
`email.ts.template`	`lib/email.ts`	When `preset=advanced` (and the file doesn't already exist)
`sign-in-page.tsx.template`	`app/sign-in/page.tsx`	When the project has no sign-in page (closes the middleware redirect loop)
`permissions.ts.template`	`lib/permissions.ts`	Optional starter for org/admin plugin work

How to Use

Resolve parameters. Read config.json first; for any missing required parameter (db_provider, app_name), ask the user via AskUserQuestion.
Render each template. For each template file:
- Read the template.
- Substitute {{placeholder}} values ({{app_name}}, {{db_provider}}, etc.) with the resolved parameter values.
- Apply PRESET[...] conditional blocks using these rules:
  1. Find every pair of marker lines matching // PRESET[<tags>] and // /PRESET[<tags>] (or /* PRESET[...] */ / # PRESET[...] for non-JS files — same syntax, different comment style).
  2. Parse <tags> as a comma-separated list (e.g. social,advanced).
  3. If the chosen preset value is in <tags> → remove ONLY the two marker lines; keep the lines between them.
  4. If the chosen preset value is NOT in <tags> → remove the ENTIRE block including both marker lines.
  5. Markers may be nested (e.g. PRESET[advanced] inside PRESET[minimal,social,advanced]); process from inside out.
- For Mustache-style iteration in middleware.ts.template (// {{#protected_paths}} ... // {{/protected_paths}}), repeat the lines between the markers once per item in the list, substituting {{path}} with each value.
Write output files. Before writing, check if the target file already exists:
- If it doesn't exist → write it.
- If it exists and is identical → no-op.
- If it exists and differs → show a diff and ask the user (overwrite / merge / skip).
Run the CLI sequence. After all files are written:
```
npx @better-auth/cli@latest generate
npx drizzle-kit generate
npx drizzle-kit migrate
```
These commands replace the placeholder db/schema/auth.ts with the real schema and apply migrations.
Print next steps. Tell the user to:
- Fill in .env.local (copy from .env.example)
- Generate a secret: openssl rand -base64 32
- Register OAuth redirect URIs with each provider console (for social/advanced presets)
- Implement lib/email.ts to wire transactional email (for advanced preset)

Conventions

Read references/conventions.md for the rationale behind every convention these templates encode. Highlights:

lib/auth.ts is server-only (import "server-only")
nextCookies() is ALWAYS the last plugin in the array
Middleware does a cookie-presence check only; real validation in pages
All secrets via process.env.*, never inline
Sliding-window sessions with cookieCache enabled

Related Skills

better-auth — Library/API Reference with 42 rules covering setup, sessions, security, plugins, and migration. The templates here are one canonical realization of those rules; read the rule for the underlying reasoning when you need to deviate.

Gotchas

See gotchas.md — initialized empty, populated as we discover them.