Menü
Use when implementing authentication, route guards, or user session management
Mit Codex oder Claude installieren Kopieren Sie diesen Prompt, fügen Sie ihn in Codex, Claude oder einen anderen Assistant ein und lassen Sie die Skill-Seite prüfen und installieren.
Basierend auf der SOC-Berufsklassifikation
Use when deploying Cloudflare Workers, managing R2 storage, or working with Cloudflare infrastructure
Use when working with ANTD components, theme tokens, icons, forms, or feedback components (message/notification/modal)
Use when adding, referencing, or serving static assets (images, fonts, videos, 3D models) through the R2 CDN pipeline with type-safe imports
Use when writing or reviewing JavaScript/TypeScript code for style patterns like concise arrows, inline handlers, expression formatting, or when tempted to use eslint-disable
Use when working with environment variables in frontend code
Use when creating or modifying keyboard shortcuts/hotkeys in frontend code
| name | frontend-supabase-auth |
| description | Use when implementing authentication, route guards, or user session management |
Authentication is handled entirely through TanStack Router's beforeLoad guards with Supabase session management. Never implement auth checks in components or create custom auth stores.
beforeLoadsupabase.auth.getSession() (async)Always check authentication in route files using beforeLoad:
export const Route = createFileRoute("/_protected")({
beforeLoad: async ({ location }) => {
// 1. Check for valid session
const {
data: { session },
} = await supabase.auth.getSession();
if (!session) {
// 2. Preserve path + search params for post-login redirect
const redirectPath = `${location.pathname}${location.search ? `?${new URLSearchParams(location.search).toString()}` : ""}`;
throw redirect({
to: "/login",
search: { redirect: redirectPath },
});
}
// 3. Additional checks (whitelist, membership, etc.)
},
});
Use Supabase's signOut() method with proper error handling:
const handleSignOut = async () => {
try {
const { error } = await supabase.auth.signOut();
if (error) throw error;
message.success("Signed out successfully");
navigate({ to: "/login" });
} catch (error) {
console.error("Error signing out:", error);
message.error("Failed to sign out. Please try again.");
}
};
supabase.from() for whitelist/membership verificationgetSession() must be awaitedWhitelist Check:
const { data: profile } = await supabase
.from("profiles")
.select("whitelisted")
.eq("id", session.user.id)
.single();
if (!profile?.whitelisted) {
throw redirect({ to: "/not-whitelisted" });
}
Membership Guard:
const { data: membership } = await supabase
.from("organization_members")
.select("*")
.eq("user_id", session.user.id)
.eq("organization_id", organizationId)
.maybeSingle();
if (!membership) {
throw redirect({ to: "/access-denied" });
}
For implementation examples: .claude/skills/frontend-supabase-auth/examples.md
For anti-patterns: .claude/skills/frontend-supabase-auth/reference.md