Skills

router-core/auth-and-guards

Installation
SKILL.md

Auth and Guards

This skill covers the routing side of auth. For the server-side primitives — session cookies (HttpOnly/Secure/SameSite), useSession-style helpers, OAuth state + PKCE, password-reset enumeration defense, CSRF, rate limiting — see start-core/auth-server-primitives. The two skills are designed to be used together.

CRITICAL: A route guard (beforeLoad) does NOT protect a createServerFn declared on that route. Server functions are RPC endpoints reachable by direct POST regardless of which route renders them. See "Route guards do not protect server functions" below.

Setup

Protect routes with beforeLoad + redirect() in a pathless layout route (_authenticated):

// src/routes/_authenticated.tsx
import { createFileRoute, redirect } from '@tanstack/react-router'
Installs
Repository
lightfastai/lightfast
GitHub Stars
16
First Seen
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
router-core/auth-and-guards — lightfastai/lightfast