auth-flow Skill | Bootspring Docs

Implement secure authentication patterns including OAuth, session management, and protected routes.

Overview#

The auth-flow skill generates production-ready authentication code following security best practices. It supports multiple authentication providers and patterns.

Usage#

Use the auth-flow skill to implement OAuth authentication with Google and GitHub.

Parameters#

Parameter	Type	Required	Description
`provider`	string	Yes	Auth provider: jwt, nextauth, custom
`strategies`	array	No	Login strategies: oauth, credentials, magic-link
`providers`	array	No	OAuth providers: google, github, apple
`sessionType`	string	No	Session strategy: jwt, database

Generated Output#

Server-Side Auth Check (JWT Sessions)#

Loading code block...

Protected Layout#

Loading code block...

Get Current User Details#

Loading code block...

NextAuth.js Setup#

Loading code block...

Custom JWT Session Management#

Loading code block...

Middleware Configuration#

Loading code block...

Client-Side Auth Hook#

Loading code block...

Features Included#

Server-side authentication checks
Protected route layouts
JWT session management
OAuth provider integration
Middleware protection
Current-user session helpers
Client-side hooks

Customization Options#

Use the auth-flow skill with:
- provider: "nextauth"
- strategies: ["oauth", "credentials"]
- providers: ["google", "github"]
- sessionType: "jwt"

Best Practices#

Security Considerations#

Always use httpOnly cookies for session tokens
Set secure: true in production
Use sameSite: 'lax' or 'strict' for CSRF protection
Never expose JWT secrets to client-side code
Implement session refresh for long-lived sessions

Authentication Flow#

User initiates login
Validate credentials or OAuth callback
Create session token
Store in secure cookie
Verify token on protected routes
Refresh token before expiry

Error Handling#

Loading code block...

api-endpoint - Protected API routes
validation - Input validation for login forms
error-handling - Auth error management