菜单
Use when implementing authentication, route guards, or user session management
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
| name | frontend-supabase-auth |
| description | Use when implementing authentication, route guards, or user session management |
Authentication is handled entirely through TanStack Router's beforeLoad guards with Supabase session management. Never implement auth checks in components or create custom auth stores.
beforeLoadsupabase.auth.getSession() (async)Always check authentication in route files using beforeLoad:
export const Route = createFileRoute("/_protected")({
beforeLoad: async ({ location }) => {
// 1. Check for valid session
const {
data: { session },
} = await supabase.auth.getSession();
if (!session) {
// 2. Preserve path + search params for post-login redirect
const redirectPath = `${location.pathname}${location.search ? `?${new URLSearchParams(location.search).toString()}` : ""}`;
throw redirect({
to: "/login",
search: { redirect: redirectPath },
});
}
// 3. Additional checks (whitelist, membership, etc.)
},
});
Use Supabase's signOut() method with proper error handling:
const handleSignOut = async () => {
try {
const { error } = await supabase.auth.signOut();
if (error) throw error;
message.success("Signed out successfully");
navigate({ to: "/login" });
} catch (error) {
console.error("Error signing out:", error);
message.error("Failed to sign out. Please try again.");
}
};
supabase.from() for whitelist/membership verificationgetSession() must be awaitedWhitelist Check:
const { data: profile } = await supabase
.from("profiles")
.select("whitelisted")
.eq("id", session.user.id)
.single();
if (!profile?.whitelisted) {
throw redirect({ to: "/not-whitelisted" });
}
Membership Guard:
const { data: membership } = await supabase
.from("organization_members")
.select("*")
.eq("user_id", session.user.id)
.eq("organization_id", organizationId)
.maybeSingle();
if (!membership) {
throw redirect({ to: "/access-denied" });
}
For implementation examples: .claude/skills/frontend-supabase-auth/examples.md
For anti-patterns: .claude/skills/frontend-supabase-auth/reference.md
Use when deploying Cloudflare Workers, managing R2 storage, or working with Cloudflare infrastructure
Use when working with ANTD components, theme tokens, icons, forms, or feedback components (message/notification/modal)
Use when adding, referencing, or serving static assets (images, fonts, videos, 3D models) through the R2 CDN pipeline with type-safe imports
Use when writing or reviewing JavaScript/TypeScript code for style patterns like concise arrows, inline handlers, expression formatting, or when tempted to use eslint-disable
Use when working with environment variables in frontend code
Use when creating or modifying keyboard shortcuts/hotkeys in frontend code