docs: add integration docs for supported frameworks#133
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
📝 WalkthroughWalkthroughConsolidated import paths to Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 10
🧹 Nitpick comments (4)
apps/nextjs/app-router/src/app/api/auth/[...aura]/route.ts (1)
1-3: Consider adding PATCH handler for consistency.The TanStack Start integration now exports a PATCH handler (
apps/tanstack-start/src/routes/api/auth.$.ts), but this Next.js route only exports GET and POST. If PATCH is needed for the auth flow, consider adding it here as well.Optional: Add PATCH handler
import { handlers } from "@/lib/auth" -export const { GET, POST } = handlers +export const { GET, POST, PATCH } = handlers🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@apps/nextjs/app-router/src/app/api/auth/`[...aura]/route.ts around lines 1 - 3, The route currently only re-exports GET and POST from the imported handlers but TanStack Start also exposes a PATCH handler; update the export to include PATCH by adding it to the destructuring export (e.g., export const { GET, POST, PATCH } = handlers) and ensure handlers.PATCH exists or add a safe fallback/noop if the integration sometimes omits PATCH so the Next.js route consistently supports the PATCH auth flow.apps/nextjs/app-router/src/contexts/auth.tsx (1)
56-68: Consider removing the unnecessary type assertion.The
as AuthContextValuecast on line 64 is redundant—the object literal already satisfies theAuthContextValueinterface. Removing it allows TypeScript to catch mismatches if the interface evolves.Suggested change
return ( <AuthContext - value={ - { - session, - isAuthenticated, - isLoading, - signIn, - signOut, - } as AuthContextValue - } + value={{ + session, + isAuthenticated, + isLoading, + signIn, + signOut, + }} > {children} </AuthContext> )🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@apps/nextjs/app-router/src/contexts/auth.tsx` around lines 56 - 68, Remove the unnecessary type assertion "as AuthContextValue" when providing the value to AuthContext: replace the casted object literal with the plain object { session, isAuthenticated, isLoading, signIn, signOut } so TypeScript will verify it against AuthContext's type; ensure AuthContext was created with the proper generic or inferred type so the assignment is type-checked (refer to AuthContext, AuthContextValue, and the value properties session/isAuthenticated/isLoading/signIn/signOut).docs/src/content/docs/integrations/cloudflare-workers.mdx (1)
113-125: Clarify import path andEnvtype setup.Two concerns with this code snippet:
- The
@/lib/authalias requires bundler configuration (e.g., inwrangler.jsoncor a build tool). Consider using a relative path or noting the alias setup requirement.- The
Envtype inExportedHandler<Env>is referenced but not shown. Users may need guidance on generating it viawrangler types.Suggested clarification
-import { handlers } from "@/lib/auth" +import { handlers } from "./lib/auth" export default { async fetch(request: Request): Promise<Response> { const pathname = new URL(request.url).pathname if (pathname.startsWith("/api/auth/")) { return await handlers.ALL(request) } return new Response("Not Found", { status: 404 }) }, -} satisfies ExportedHandler<Env> +} satisfies ExportedHandlerOr add a note about running
wrangler typesto generate theEnvinterface.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/src/content/docs/integrations/cloudflare-workers.mdx` around lines 113 - 125, The snippet uses the module alias "@/lib/auth" and references ExportedHandler<Env> without showing how those are resolved; update the example to use a relative import or add a short note that the "@/..." alias requires bundler/wrangler config (e.g., in wrangler.jsonc or your build tool) and that the Env type must be generated or declared (run `wrangler types` or declare an interface) so ExportedHandler<Env> is valid; mention the specific symbols to adjust: the import line (handlers from "@/lib/auth") and the type usage ExportedHandler<Env>/Env to make it clear how readers should configure aliases and create the Env interface.docs/src/content/docs/integrations/bun.mdx (1)
92-107: Consider using relative imports or noting alias setup.The
@/lib/authimport alias requirestsconfig.jsonpath configuration. For documentation clarity, consider either using relative paths (./lib/auth) or adding a note about configuring the@/alias intsconfig.json.Option 1: Use relative path
-import { handlers } from "@/lib/auth" +import { handlers } from "./lib/auth"Option 2: Add tsconfig note
Add a callout after the code block:
<Callout type="info"> The `@/` import alias requires path configuration in `tsconfig.json`. Add `"paths": { "@/*": ["./src/*"] }` under `compilerOptions`. </Callout>🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/src/content/docs/integrations/bun.mdx` around lines 92 - 107, Update the docs example so readers won't hit unresolved import errors: either replace the alias import "@/lib/auth" in the shown src/index.ts example with a relative import (e.g., ./lib/auth) or add a short note after the code block explaining that the `@/` alias requires a tsconfig paths entry (e.g., add `"paths": { "@/*": ["./src/*"] }` under `compilerOptions`) so the Bun example's import will resolve; reference the import symbol "@/lib/auth" and the example file name src/index.ts when making the change.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@apps/nextjs/app-router/src/lib/auth.ts`:
- Around line 7-11: The createAuth call currently hardcodes baseURL
("http://localhost:3000") which will break non-local deployments; update the
export (export const { handlers, jose, api } = createAuth({...})) to derive
baseURL from an environment variable (e.g., process.env.BASE_URL) or remove the
explicit baseURL so getBaseURL/trustedProxyHeaders logic can detect the runtime
URL, and if this is intentionally local-only add a clear comment next to baseURL
explaining it's for local demo only to avoid accidental copy-paste.
In `@docs/src/content/docs/integrations/cloudflare-workers.mdx`:
- Around line 90-99: The import in the auth module uses a Deno-style specifier
"npm:`@aura-stack/auth`" which is invalid for Cloudflare Workers; update the
import in the src/lib/auth.ts snippet to use the standard package specifier
"@aura-stack/auth" (leave the rest of the file — createAuth, auth, and the
exported handlers, jose, api — unchanged) so the module resolves correctly in
Workers.
In `@docs/src/content/docs/integrations/express.mdx`:
- Line 299: Update the internal Quick Start link in the Express integration doc
by changing the href target for the "[Aura Auth Documentation]" link from
"/quick-start" to the canonical "/docs/quick-start" so it matches other
integration guides; locate the link text "[Aura Auth
Documentation](/quick-start)" and replace the path only.
In `@docs/src/content/docs/integrations/hono.mdx`:
- Line 200: Update the Quick Start markdown link so it uses the consistent
internal path: replace the link target in the markdown instance "[Aura Auth
Documentation](/quick-start)" with "/docs/quick-start" so the link points to the
same guide referenced elsewhere.
In `@docs/src/content/docs/integrations/nuxt.mdx`:
- Line 132: Update the heading text "### Client Side Rendering (CSR)" to use the
hyphenated form "### Client-Side Rendering (CSR)" so it follows standard
technical writing convention; locate the header string "Client Side Rendering
(CSR)" and replace it with "Client-Side Rendering (CSR)".
- Around line 143-146: The code incorrectly treats authClient.getSession() as
returning an object with a .session property; getSession() returns Session |
null directly, so update the onMounted block to assign the returned value to
session.value (i.e., set session.value = await authClient.getSession() or
capture result and assign result directly), ensuring you use the getSession()
return value rather than result.session in the onMounted callback.
In `@docs/src/content/docs/integrations/oak.mdx`:
- Line 205: The docs line stating "The middleware returns `session: null` for
anonymous requests" is inaccurate; the actual middleware returns a 401
Unauthorized for anonymous requests. Update that sentence to state that
anonymous requests receive a 401 Unauthorized response (or are rejected) instead
of returning `session: null`, and mention that downstream handlers will only run
for authenticated requests; reference the middleware behavior and the `session`
value to locate the text to edit.
- Line 256: The Quick Start link uses an inconsistent internal path: change the
link target for "[Aura Auth Documentation]" which currently points to
"/quick-start" to the canonical path "/docs/quick-start" so it matches other
documentation links; locate the anchor text "[Aura Auth Documentation]" in the
oak.mdx content and update its href to "/docs/quick-start" to fix the
broken/internal routing.
- Around line 124-135: The toOakHandler adapter currently drops non-redirect
status codes, forces redirects to 302, and unconditionally calls
response.json(), and the docs incorrectly state anonymous requests return
session: null; update the handler to preserve upstream response.status for both
redirect and non-redirect paths (use response.status when setting
ctx.response.status instead of hardcoding 302), only treat a response as
redirect via isRedirect(response) but set ctx.response.status = response.status
and ctx.response.redirect(location) for redirects, and determine body parsing by
inspecting response.headers.get("content-type") before calling
response.json()—fallback to response.text() or response.arrayBuffer()/stream for
non-JSON types and set ctx.response.body accordingly; also update the docs text
that references session handling to state that anonymous requests return 401
(not session: null). Ensure changes touch toOakHandler, handler invocation,
isRedirect usage, toSetHeaders calls, and the documented sentence about
anonymous sessions.
In `@docs/src/content/docs/integrations/vercel-edge-functions.mdx`:
- Around line 95-109: The docs snippet exports a PATCH handler that doesn't
exist in the implementation; remove the PATCH export block from the example in
the api/auth/index.ts snippet so it only shows exporting GET and POST (i.e.,
delete the lines exporting PATCH that call handlers.PATCH) to match the actual
handlers implementation.
---
Nitpick comments:
In `@apps/nextjs/app-router/src/app/api/auth/`[...aura]/route.ts:
- Around line 1-3: The route currently only re-exports GET and POST from the
imported handlers but TanStack Start also exposes a PATCH handler; update the
export to include PATCH by adding it to the destructuring export (e.g., export
const { GET, POST, PATCH } = handlers) and ensure handlers.PATCH exists or add a
safe fallback/noop if the integration sometimes omits PATCH so the Next.js route
consistently supports the PATCH auth flow.
In `@apps/nextjs/app-router/src/contexts/auth.tsx`:
- Around line 56-68: Remove the unnecessary type assertion "as AuthContextValue"
when providing the value to AuthContext: replace the casted object literal with
the plain object { session, isAuthenticated, isLoading, signIn, signOut } so
TypeScript will verify it against AuthContext's type; ensure AuthContext was
created with the proper generic or inferred type so the assignment is
type-checked (refer to AuthContext, AuthContextValue, and the value properties
session/isAuthenticated/isLoading/signIn/signOut).
In `@docs/src/content/docs/integrations/bun.mdx`:
- Around line 92-107: Update the docs example so readers won't hit unresolved
import errors: either replace the alias import "@/lib/auth" in the shown
src/index.ts example with a relative import (e.g., ./lib/auth) or add a short
note after the code block explaining that the `@/` alias requires a tsconfig
paths entry (e.g., add `"paths": { "@/*": ["./src/*"] }` under
`compilerOptions`) so the Bun example's import will resolve; reference the
import symbol "@/lib/auth" and the example file name src/index.ts when making
the change.
In `@docs/src/content/docs/integrations/cloudflare-workers.mdx`:
- Around line 113-125: The snippet uses the module alias "@/lib/auth" and
references ExportedHandler<Env> without showing how those are resolved; update
the example to use a relative import or add a short note that the "@/..." alias
requires bundler/wrangler config (e.g., in wrangler.jsonc or your build tool)
and that the Env type must be generated or declared (run `wrangler types` or
declare an interface) so ExportedHandler<Env> is valid; mention the specific
symbols to adjust: the import line (handlers from "@/lib/auth") and the type
usage ExportedHandler<Env>/Env to make it clear how readers should configure
aliases and create the Env interface.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 7c1626e7-7fda-4dc4-9883-88144ab535fe
📒 Files selected for processing (42)
apps/bun/src/index.tsapps/bun/src/lib/auth.tsapps/bun/tsconfig.jsonapps/elysia/src/plugins/with-auth.tsapps/nextjs/app-router/src/@types/types.tsapps/nextjs/app-router/src/app/api/auth/[...aura]/route.tsapps/nextjs/app-router/src/contexts/auth.tsxapps/nextjs/app-router/src/lib/auth-client.tsapps/nextjs/app-router/src/lib/auth.tsapps/nextjs/app-router/src/lib/server.tsapps/nuxt/shared/auth.tsapps/tanstack-start/src/routes/api/auth.$.tsapps/vercel/api/auth/index.tsdocs/src/app/global.cssdocs/src/content/docs/integrations/astro.mdxdocs/src/content/docs/integrations/bun.mdxdocs/src/content/docs/integrations/cloudflare-workers.mdxdocs/src/content/docs/integrations/deno.mdxdocs/src/content/docs/integrations/elysia.mdxdocs/src/content/docs/integrations/express.mdxdocs/src/content/docs/integrations/hono.mdxdocs/src/content/docs/integrations/meta.jsondocs/src/content/docs/integrations/next-app-router.mdxdocs/src/content/docs/integrations/next-pages-router.mdxdocs/src/content/docs/integrations/next.mdxdocs/src/content/docs/integrations/nuxt.mdxdocs/src/content/docs/integrations/oak.mdxdocs/src/content/docs/integrations/react-router.mdxdocs/src/content/docs/integrations/supabase-edge-functions.mdxdocs/src/content/docs/integrations/tanstack-start.mdxdocs/src/content/docs/integrations/vercel-edge-functions.mdxdocs/src/content/docs/meta.jsondocs/src/content/docs/oauth/atlassian.mdxdocs/src/content/docs/oauth/bitbucket.mdxdocs/src/content/docs/oauth/dropbox.mdxdocs/src/content/docs/oauth/github.mdxdocs/src/content/docs/oauth/gitlab.mdxdocs/src/content/docs/oauth/mailchimp.mdxdocs/src/content/docs/oauth/notion.mdxdocs/src/content/docs/oauth/pinterest.mdxdocs/src/content/docs/oauth/strava.mdxdocs/src/content/docs/oauth/twitch.mdx
💤 Files with no reviewable changes (1)
- docs/src/content/docs/integrations/next.mdx
There was a problem hiding this comment.
Actionable comments posted: 8
🧹 Nitpick comments (4)
docs/src/content/docs/integrations/cloudflare-workers.mdx (1)
105-129: LGTM! Handler routing is correctly implemented.The routing pattern cleanly delegates auth requests to
handlers.ALLwhile returning 404 for non-matching routes. The import statement correctly imports only what's needed from the auth module.Optional: Consider clarifying the
Envtype reference.Line 124 references
ExportedHandler<Env>, which readers might not immediately recognize. Although thewrangler typescommand is mentioned earlier (line 79), adding a brief inline comment could improve clarity for first-time readers.📝 Optional clarifying comment
return new Response("Not Found", { status: 404 }) }, -} satisfies ExportedHandler<Env> +} satisfies ExportedHandler<Env> // Env type generated by `wrangler types`🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/src/content/docs/integrations/cloudflare-workers.mdx` around lines 105 - 129, The doc example uses ExportedHandler<Env> without explaining Env; add a brief inline clarification near the example in src/index.ts (or in the surrounding text) that Env refers to the worker's environment bindings (the type produced by running `wrangler types`) so readers know what to replace; mention the ExportedHandler<Env> usage and that handlers.ALL is the auth entrypoint so they should supply their Env type with any bindings required by handlers.ALL.docs/src/content/docs/integrations/react-router.mdx (3)
207-207: Add hyphen to compound adjective."Client Side Rendering" should be hyphenated as "Client-Side Rendering" when used as a compound adjective before the noun. As per static analysis hints, compound modifiers should be hyphenated.
📝 Proposed grammar fix
-### Client Side Rendering (CSR) +### Client-Side Rendering (CSR)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/src/content/docs/integrations/react-router.mdx` at line 207, Update the heading text "Client Side Rendering (CSR)" to use a hyphenated compound adjective by changing it to "Client-Side Rendering (CSR)"; locate the heading line in docs/src/content/docs/integrations/react-router.mdx that contains the string "Client Side Rendering (CSR)" and replace it with "Client-Side Rendering (CSR)".
236-246: Inconsistent session check pattern.Line 246 checks
if (!session)which only handles the null case, but based on the SSR pattern (line 174), the session object has anauthenticatedproperty that should be checked. IfauthClient.getSession()returns an object like{ authenticated: false, user: null }when not authenticated, the current check will fail to detect unauthenticated sessions.♻️ Align with SSR session check pattern
- if (!session) return <p>Loading...</p> + if (!session?.authenticated) return <p>Loading...</p>🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/src/content/docs/integrations/react-router.mdx` around lines 236 - 246, The client-side session check uses only a null check (`session`) but should match the SSR pattern by verifying the session's authenticated flag; update the render guard after useEffect/fetchSession (which calls authClient.getSession and sets state via setSession in the useState hook) to check session && session.authenticated (or session?.authenticated) so unauthenticated responses like { authenticated: false, user: null } are handled correctly.
134-134: Add hyphen to compound adjective."Server Side Rendering" should be hyphenated as "Server-Side Rendering" when used as a compound adjective before the noun. As per static analysis hints, compound modifiers should be hyphenated.
📝 Proposed grammar fix
-### Server Side Rendering (SSR) +### Server-Side Rendering (SSR)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/src/content/docs/integrations/react-router.mdx` at line 134, Update the heading text "Server Side Rendering (SSR)" to use a hyphenated compound adjective: change it to "Server-Side Rendering (SSR)". Locate the heading string in the docs content (the line containing the heading "Server Side Rendering (SSR)") and replace it with the hyphenated version so the compound modifier is grammatically correct.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@docs/src/content/docs/integrations/astro.mdx`:
- Around line 49-52: The docs state the auth file lives in src/lib/ but the code
snippet title shows src/auth.ts—make these consistent by updating the snippet
title or the text so both reference the same path (e.g., change the snippet
title to "src/lib/auth.ts"); locate the snippet containing the import of
createAuth from "@aura-stack/auth" and ensure the path referenced around it
matches the guide text.
- Around line 151-163: The sign-out example defines signOutAction but never
invokes it and the <form method="post"> has no server-side handler; update the
page to check Astro.request.method (e.g., if Astro.request.method === "POST")
and call signOutAction to perform the sign-out on POST, or alternatively replace
the form with the client-side sign-out flow mentioned on line 165; locate the
signOutAction function and add the POST handling around it so the form
submission triggers signOutAction (or swap to the client-side API call
approach).
- Around line 242-243: Update the second bullet to clearly distinguish server vs
client auth modules: state that src/lib/auth.ts is the shared server-side auth
used by API routes (only) and that client-side helpers/components should import
src/lib/auth-client.ts; keep the advice about checking the server-side
authenticated flag to protect private UI but ensure the import guidance refers
to src/lib/auth-client.ts for client code.
In `@docs/src/content/docs/integrations/next-app-router.mdx`:
- Around line 192-206: The Server Action in DashboardPage uses api.signOut() but
ignores returned Set-Cookie headers, contradicting the docs that require using
the cookies() API; update the signOutAction to either (A) read Set-Cookie
headers from the response of api.signOut() and apply them via the cookies()
server helper before calling redirect, or (B) replace the api.signOut() call
with the authClient.signOut() pattern (which handles cookie updates
automatically) as shown near authClient.signOut; ensure the example demonstrates
cookie handling so it aligns with the documented requirement.
In `@docs/src/content/docs/integrations/next-pages-router.mdx`:
- Line 193: Update the heading text instances that read "Server Side Rendering
(SSR)" and "Client Side ..." to use hyphenated compound modifiers: change
"Server Side Rendering (SSR)" to "Server-Side Rendering (SSR)" and the
corresponding "Client Side" heading to "Client-Side" so both headings use
consistent “Server-Side” / “Client-Side” hyphenation.
- Around line 273-289: The snippet is missing the Session type and lacks
explicit typing for useState; add an import like import type { Session } from
"@aura-stack/auth" and change the state declaration to explicitly type session
as Session | null (e.g., useState<Session | null>(null)) so that
setSession(session) from authClient.getSession() matches TypeScript strict mode
types; update the top of the file to include the Session type import and the
useState call where session is declared (referencing Session, useState,
setSession, and authClient.getSession).
In `@docs/src/content/docs/integrations/tanstack-start.mdx`:
- Around line 172-181: The try-block throws redirect({ to: "/", headers:
response.headers }) which is immediately caught by the catch, so the
response.headers are lost; fix by not throwing the redirect inside the
try—capture response.headers (from api.signOut) into a local variable and, after
the try block completes successfully, throw redirect({ to: "/", headers:
capturedHeaders, reloadDocument: true }); keep the catch to handle errors from
createServerFn().handler/ api.signOut and throw a fallback redirect there;
update signOutFn, createServerFn handler, and usages of response.headers and
getRequestHeaders accordingly.
- Around line 191-204: The successful sign-in redirect is inside the try block
and gets caught by the catch (so redirect() never reaches the router); move the
successful redirect call out of the try-catch so the router can handle it.
Concretely: in the .handler function around api.signIn and redirect, call
api.signIn inside try to capture response, return or perform any non-exception
work there, then after the try-catch invoke redirect({ href: response.signInURL
}) (or rethrow redirect) only when sign-in succeeds; keep the catch solely for
logging and redirecting to "/login". Ensure you reference the .handler async ({
data }) =>, api.signIn, and redirect symbols when editing.
---
Nitpick comments:
In `@docs/src/content/docs/integrations/cloudflare-workers.mdx`:
- Around line 105-129: The doc example uses ExportedHandler<Env> without
explaining Env; add a brief inline clarification near the example in
src/index.ts (or in the surrounding text) that Env refers to the worker's
environment bindings (the type produced by running `wrangler types`) so readers
know what to replace; mention the ExportedHandler<Env> usage and that
handlers.ALL is the auth entrypoint so they should supply their Env type with
any bindings required by handlers.ALL.
In `@docs/src/content/docs/integrations/react-router.mdx`:
- Line 207: Update the heading text "Client Side Rendering (CSR)" to use a
hyphenated compound adjective by changing it to "Client-Side Rendering (CSR)";
locate the heading line in docs/src/content/docs/integrations/react-router.mdx
that contains the string "Client Side Rendering (CSR)" and replace it with
"Client-Side Rendering (CSR)".
- Around line 236-246: The client-side session check uses only a null check
(`session`) but should match the SSR pattern by verifying the session's
authenticated flag; update the render guard after useEffect/fetchSession (which
calls authClient.getSession and sets state via setSession in the useState hook)
to check session && session.authenticated (or session?.authenticated) so
unauthenticated responses like { authenticated: false, user: null } are handled
correctly.
- Line 134: Update the heading text "Server Side Rendering (SSR)" to use a
hyphenated compound adjective: change it to "Server-Side Rendering (SSR)".
Locate the heading string in the docs content (the line containing the heading
"Server Side Rendering (SSR)") and replace it with the hyphenated version so the
compound modifier is grammatically correct.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: e464db31-6efd-4b69-a52e-d11fb3a7a27f
📒 Files selected for processing (18)
apps/nextjs/app-router/src/app/api/auth/[...aura]/route.tsapps/nextjs/app-router/src/contexts/auth.tsxapps/vercel/api/auth/index.tsdocs/src/content/docs/integrations/astro.mdxdocs/src/content/docs/integrations/bun.mdxdocs/src/content/docs/integrations/cloudflare-workers.mdxdocs/src/content/docs/integrations/deno.mdxdocs/src/content/docs/integrations/elysia.mdxdocs/src/content/docs/integrations/express.mdxdocs/src/content/docs/integrations/hono.mdxdocs/src/content/docs/integrations/next-app-router.mdxdocs/src/content/docs/integrations/next-pages-router.mdxdocs/src/content/docs/integrations/nuxt.mdxdocs/src/content/docs/integrations/oak.mdxdocs/src/content/docs/integrations/react-router.mdxdocs/src/content/docs/integrations/supabase-edge-functions.mdxdocs/src/content/docs/integrations/tanstack-start.mdxdocs/src/content/docs/integrations/vercel-edge-functions.mdx
✅ Files skipped from review due to trivial changes (10)
- apps/nextjs/app-router/src/contexts/auth.tsx
- docs/src/content/docs/integrations/bun.mdx
- docs/src/content/docs/integrations/vercel-edge-functions.mdx
- docs/src/content/docs/integrations/nuxt.mdx
- docs/src/content/docs/integrations/deno.mdx
- docs/src/content/docs/integrations/elysia.mdx
- docs/src/content/docs/integrations/express.mdx
- docs/src/content/docs/integrations/supabase-edge-functions.mdx
- docs/src/content/docs/integrations/oak.mdx
- docs/src/content/docs/integrations/hono.mdx
🚧 Files skipped from review as they are similar to previous changes (2)
- apps/nextjs/app-router/src/app/api/auth/[...aura]/route.ts
- apps/vercel/api/auth/index.ts
| Set up your core configuration file in `src/lib/` so both server routes and client helpers can reuse it. | ||
|
|
||
| ```ts title="src/auth.ts" | ||
| import { createAuth } from "@aura-stack/auth" |
There was a problem hiding this comment.
Auth file path is inconsistent in setup instructions.
Line 49 says the file is in src/lib/, but the snippet title at Line 51 is src/auth.ts. Please make both paths match to avoid setup mistakes.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs/src/content/docs/integrations/astro.mdx` around lines 49 - 52, The docs
state the auth file lives in src/lib/ but the code snippet title shows
src/auth.ts—make these consistent by updating the snippet title or the text so
both reference the same path (e.g., change the snippet title to
"src/lib/auth.ts"); locate the snippet containing the import of createAuth from
"@aura-stack/auth" and ensure the path referenced around it matches the guide
text.
| const signOutAction = async () => { | ||
| const response = await api.signOut({ | ||
| headers: Astro.request.headers, | ||
| }) | ||
|
|
||
| return response | ||
| } | ||
| --- | ||
|
|
||
| <form method="post"> | ||
| <button type="submit">Sign Out</button> | ||
| </form> | ||
| ``` |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
cat -n docs/src/content/docs/integrations/astro.mdx | sed -n '130,180p'Repository: aura-stack-ts/auth
Length of output: 1490
🏁 Script executed:
rg -n "method=\"post\"" docs/src/content/docs/integrations/astro.mdx -A 5 -B 5Repository: aura-stack-ts/auth
Length of output: 311
Sign-out server example is non-functional as written.
signOutAction (line 151) is declared but never invoked; the <form method="post"> has no handler to process the request or call the function. Either add Astro.request.method handling to invoke signOutAction, or replace with the client-side alternative mentioned in line 165.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs/src/content/docs/integrations/astro.mdx` around lines 151 - 163, The
sign-out example defines signOutAction but never invokes it and the <form
method="post"> has no server-side handler; update the page to check
Astro.request.method (e.g., if Astro.request.method === "POST") and call
signOutAction to perform the sign-out on POST, or alternatively replace the form
with the client-side sign-out flow mentioned on line 165; locate the
signOutAction function and add the POST handling around it so the form
submission triggers signOutAction (or swap to the client-side API call
approach).
| - **Keep the shared auth module in one place**. Import `src/lib/auth.ts` from both the API route and the client helper. | ||
| - **Check authentication before rendering private UI**. Use the server-side `authenticated` flag to protect pages. |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
# First, let's check if the file exists and get an overview
wc -l docs/src/content/docs/integrations/astro.mdxRepository: aura-stack-ts/auth
Length of output: 110
🏁 Script executed:
# Read the specific lines around 242-243 with context
sed -n '230,260p' docs/src/content/docs/integrations/astro.mdxRepository: aura-stack-ts/auth
Length of output: 1076
🏁 Script executed:
# Also search for references to auth modules in the documentation
rg 'src/lib/auth' docs/src/content/docs/integrations/astro.mdx -nRepository: aura-stack-ts/auth
Length of output: 337
🏁 Script executed:
# Search for the pattern of how client and server auth are discussed
rg 'auth-client|client helper|shared auth' docs/src/content/docs/integrations/astro.mdx -n -B 2 -A 2Repository: aura-stack-ts/auth
Length of output: 2056
Correct line 242 to distinguish between shared server config and client helper imports.
Line 242 misleadingly suggests importing src/lib/auth.ts from the client helper, but the documented pattern uses src/lib/auth-client.ts for client code. The wording should clarify that src/lib/auth.ts is for the API route only, while client components import from src/lib/auth-client.ts (as shown in lines 172, 191, 220).
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs/src/content/docs/integrations/astro.mdx` around lines 242 - 243, Update
the second bullet to clearly distinguish server vs client auth modules: state
that src/lib/auth.ts is the shared server-side auth used by API routes (only)
and that client-side helpers/components should import src/lib/auth-client.ts;
keep the advice about checking the server-side authenticated flag to protect
private UI but ensure the import guidance refers to src/lib/auth-client.ts for
client code.
| ```tsx title="app/dashboard/page.tsx" lineNumbers | ||
| import { api } from "@/lib/auth" | ||
| import { headers } from "next/headers" | ||
| import { redirect } from "next/navigation" | ||
|
|
||
| export default async function DashboardPage() { | ||
| const signOutAction = async () => { | ||
| "use server" | ||
| const headerStore = await headers() | ||
| const response = await api.signOut({ | ||
| headers: headerStore, | ||
| }) | ||
| if (response.ok) { | ||
| redirect("/home") | ||
| } |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
# First, locate and read the specific file
find . -path "*next-app-router.mdx" -type fRepository: aura-stack-ts/auth
Length of output: 118
🏁 Script executed:
# Read the file to see the complete context around lines 192-206 and 299-300
wc -l docs/src/content/docs/integrations/next-app-router.mdxRepository: aura-stack-ts/auth
Length of output: 120
🏁 Script executed:
# Get the sections mentioned in the review
sed -n '180,220p' docs/src/content/docs/integrations/next-app-router.mdxRepository: aura-stack-ts/auth
Length of output: 1050
🏁 Script executed:
# Also check the guidance at lines 299-300
sed -n '290,310p' docs/src/content/docs/integrations/next-app-router.mdxRepository: aura-stack-ts/auth
Length of output: 1173
🏁 Script executed:
# Check if there are other signOut examples in the file
rg -n "signOut" docs/src/content/docs/integrations/next-app-router.mdx -A 3 -B 3Repository: aura-stack-ts/auth
Length of output: 1637
SSR sign-out example contradicts documented requirements for Set-Cookie handling.
The Server Action example at lines 192–206 calls api.signOut() but never applies the returned Set-Cookie headers. Line 299 explicitly documents that "it's required to set the cookies using cookies function," yet this example contradicts that guidance by ignoring the response headers and redirecting directly.
Either (a) update the example to demonstrate proper cookie handling via the cookies() function, or (b) switch to the authClient.signOut() pattern shown at line 278, which handles cookies automatically.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs/src/content/docs/integrations/next-app-router.mdx` around lines 192 -
206, The Server Action in DashboardPage uses api.signOut() but ignores returned
Set-Cookie headers, contradicting the docs that require using the cookies() API;
update the signOutAction to either (A) read Set-Cookie headers from the response
of api.signOut() and apply them via the cookies() server helper before calling
redirect, or (B) replace the api.signOut() call with the authClient.signOut()
pattern (which handles cookie updates automatically) as shown near
authClient.signOut; ensure the example demonstrates cookie handling so it aligns
with the documented requirement.
|
|
||
| ## Usage | ||
|
|
||
| ### Server Side Rendering (SSR) |
There was a problem hiding this comment.
Use “Server-Side” / “Client-Side” hyphenation in headings for consistency.
Small docs polish: update both headings to hyphenated compound modifiers.
Also applies to: 235-235
🧰 Tools
🪛 LanguageTool
[grammar] ~193-~193: Use a hyphen to join words.
Context: .... ## Usage ### Server Side Rendering (SSR) Use server-side re...
(QB_NEW_EN_HYPHEN)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs/src/content/docs/integrations/next-pages-router.mdx` at line 193, Update
the heading text instances that read "Server Side Rendering (SSR)" and "Client
Side ..." to use hyphenated compound modifiers: change "Server Side Rendering
(SSR)" to "Server-Side Rendering (SSR)" and the corresponding "Client Side"
heading to "Client-Side" so both headings use consistent “Server-Side” /
“Client-Side” hyphenation.
| const [session, setSession] = useState(null) | ||
|
|
||
| useEffect(() => { | ||
| const fetchSession = async () => { | ||
| const { session } = await authClient.getSession() | ||
| setSession(session) | ||
| } | ||
| fetchSession() | ||
| }, []) | ||
|
|
||
| if (!session) return <p>Loading...</p> | ||
|
|
||
| return ( | ||
| <div> | ||
| <h1>Welcome back, {session.user?.name}</h1> | ||
| <p>Email: {session.user?.email}</p> | ||
| </div> |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
# First, locate the documentation file
find . -name "next-pages-router.mdx" -o -name "*next-pages-router*"Repository: aura-stack-ts/auth
Length of output: 120
🏁 Script executed:
# Check the file structure
git ls-files | grep -i "next-pages-router\|integrations" | head -20Repository: aura-stack-ts/auth
Length of output: 904
🏁 Script executed:
# Look for the specific file
git ls-files docs/src/content/docs/integrations/Repository: aura-stack-ts/auth
Length of output: 862
🏁 Script executed:
# Check the file size and read specific lines
wc -l docs/src/content/docs/integrations/next-pages-router.mdxRepository: aura-stack-ts/auth
Length of output: 122
🏁 Script executed:
# Read lines around 273-289 to verify the code snippet
sed -n '270,295p' docs/src/content/docs/integrations/next-pages-router.mdxRepository: aura-stack-ts/auth
Length of output: 668
🏁 Script executed:
# Read more context to see the imports
sed -n '260,295p' docs/src/content/docs/integrations/next-pages-router.mdxRepository: aura-stack-ts/auth
Length of output: 899
🏁 Script executed:
# Search for the Session type in the codebase
rg "export.*type.*Session" --type ts --type tsx -A 3Repository: aura-stack-ts/auth
Length of output: 89
🏁 Script executed:
# Check if there's a `@aura-stack/auth` package or similar in the repo
find . -name "package.json" -o -name "tsconfig.json" | head -10Repository: aura-stack-ts/auth
Length of output: 338
🏁 Script executed:
# Search for Session type definition
rg "export.*type.*Session|type Session.*=" --type ts -A 3Repository: aura-stack-ts/auth
Length of output: 1020
🏁 Script executed:
# Check the authClient to see what getSession returns
find . -name "*auth*" -type f | grep -E "\.(ts|tsx|js|jsx)$" | head -20Repository: aura-stack-ts/auth
Length of output: 835
🏁 Script executed:
# Look for the main auth package or index file
fd "index\." | grep -E "auth|src" | head -10Repository: aura-stack-ts/auth
Length of output: 347
🏁 Script executed:
# Search for Session type more broadly
rg "interface Session|type Session" --type tsRepository: aura-stack-ts/auth
Length of output: 448
🏁 Script executed:
# Read the full Session interface definition
cat -n packages/core/src/@types/session.tsRepository: aura-stack-ts/auth
Length of output: 10282
🏁 Script executed:
# Check what the `@aura-stack/auth` package exports
find . -name "index.ts" -path "*/packages/*" | xargs grep -l "Session" 2>/dev/nullRepository: aura-stack-ts/auth
Length of output: 197
🏁 Script executed:
# Look at the main package exports
cat -n packages/core/src/index.ts | head -50Repository: aura-stack-ts/auth
Length of output: 1662
🏁 Script executed:
# Check what the actual package name is for imports
grep -r "@aura-stack" docs/src/content/docs/integrations/next-pages-router.mdxRepository: aura-stack-ts/auth
Length of output: 214
🏁 Script executed:
# Look at other documentation files to see how Session is imported
grep -r "import.*Session" docs/src/content/docs/integrations/ | head -10Repository: aura-stack-ts/auth
Length of output: 658
🏁 Script executed:
# Check if there are any existing TypeScript examples that show proper typing
grep -r "useState.*Session\|useState<" docs/src/content/docs/integrations/ | head -10Repository: aura-stack-ts/auth
Length of output: 44
🏁 Script executed:
# Look at the pages-router app example to see how it handles this
cat -n apps/nextjs/pages-router/src/components/auth-client.tsxRepository: aura-stack-ts/auth
Length of output: 4727
🏁 Script executed:
# Read the full section from the documentation to see all imports
sed -n '260,295p' docs/src/content/docs/integrations/next-pages-router.mdxRepository: aura-stack-ts/auth
Length of output: 899
🏁 Script executed:
# Check if Session is imported in the documented code snippet section
sed -n '265,295p' docs/src/content/docs/integrations/next-pages-router.mdx | grep -i "import"Repository: aura-stack-ts/auth
Length of output: 152
🏁 Script executed:
# Look at similar patterns in other integration docs to confirm best practices
sed -n '1,100p' docs/src/content/docs/integrations/express.mdx | grep -A 20 "Get Session"Repository: aura-stack-ts/auth
Length of output: 44
Add missing Session type import and explicit typing to useState to support strict TypeScript mode.
The code snippet is missing import type { Session } from "@aura-stack/auth" and useState(null) lacks explicit typing. In strict mode, TypeScript will flag type mismatches when setSession() receives a Session object from authClient.getSession(). Users copying this snippet will encounter type errors.
Proposed fix
import { useEffect, useState } from "react"
import { authClient } from "@/lib/auth-client"
+import type { Session } from "@aura-stack/auth"
export const UserProfile = () => {
- const [session, setSession] = useState(null)
+ const [session, setSession] = useState<Session | null>(null)
useEffect(() => {
const fetchSession = async () => {
const { session } = await authClient.getSession()
setSession(session)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs/src/content/docs/integrations/next-pages-router.mdx` around lines 273 -
289, The snippet is missing the Session type and lacks explicit typing for
useState; add an import like import type { Session } from "@aura-stack/auth" and
change the state declaration to explicitly type session as Session | null (e.g.,
useState<Session | null>(null)) so that setSession(session) from
authClient.getSession() matches TypeScript strict mode types; update the top of
the file to include the Session type import and the useState call where session
is declared (referencing Session, useState, setSession, and
authClient.getSession).
| export const signOutFn = createServerFn({ method: "POST" }).handler(async () => { | ||
| try { | ||
| const response = await api.signOut({ | ||
| headers: getRequestHeaders(), | ||
| }) | ||
| throw redirect({ to: "/", headers: response.headers, reloadDocument: true }) | ||
| } catch (error) { | ||
| console.error("[error:server] signOut", error) | ||
| throw redirect({ to: "/", reloadDocument: true }) | ||
| } |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
cat -n docs/src/content/docs/integrations/tanstack-start.mdx | sed -n '160,190p'Repository: aura-stack-ts/auth
Length of output: 1204
signOutFn discards response headers needed for logout cookies.
The redirect with headers: response.headers is thrown inside the try block at line 177, making it caught by the same catch block that throws a redirect without headers.
Proposed fix
export const signOutFn = createServerFn({ method: "POST" }).handler(async () => {
+ let response
try {
- const response = await api.signOut({
+ response = await api.signOut({
headers: getRequestHeaders(),
})
- throw redirect({ to: "/", headers: response.headers, reloadDocument: true })
} catch (error) {
console.error("[error:server] signOut", error)
throw redirect({ to: "/", reloadDocument: true })
}
+ throw redirect({ to: "/", headers: response.headers, reloadDocument: true })
})📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| export const signOutFn = createServerFn({ method: "POST" }).handler(async () => { | |
| try { | |
| const response = await api.signOut({ | |
| headers: getRequestHeaders(), | |
| }) | |
| throw redirect({ to: "/", headers: response.headers, reloadDocument: true }) | |
| } catch (error) { | |
| console.error("[error:server] signOut", error) | |
| throw redirect({ to: "/", reloadDocument: true }) | |
| } | |
| export const signOutFn = createServerFn({ method: "POST" }).handler(async () => { | |
| let response | |
| try { | |
| response = await api.signOut({ | |
| headers: getRequestHeaders(), | |
| }) | |
| } catch (error) { | |
| console.error("[error:server] signOut", error) | |
| throw redirect({ to: "/", reloadDocument: true }) | |
| } | |
| throw redirect({ to: "/", headers: response.headers, reloadDocument: true }) | |
| }) |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs/src/content/docs/integrations/tanstack-start.mdx` around lines 172 -
181, The try-block throws redirect({ to: "/", headers: response.headers }) which
is immediately caught by the catch, so the response.headers are lost; fix by not
throwing the redirect inside the try—capture response.headers (from api.signOut)
into a local variable and, after the try block completes successfully, throw
redirect({ to: "/", headers: capturedHeaders, reloadDocument: true }); keep the
catch to handle errors from createServerFn().handler/ api.signOut and throw a
fallback redirect there; update signOutFn, createServerFn handler, and usages of
response.headers and getRequestHeaders accordingly.
| .handler(async ({ data }) => { | ||
| try { | ||
| const response = await api.signIn(data.provider, { | ||
| request: getRequest(), | ||
| redirect: false, | ||
| }) | ||
|
|
||
| throw redirect({ | ||
| href: response.signInURL, | ||
| }) | ||
| } catch (error) { | ||
| console.error("[error:server] signIn", error) | ||
| throw redirect({ to: "/login" }) | ||
| } |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
cat -n docs/src/content/docs/integrations/tanstack-start.mdx | sed -n '185,210p'Repository: aura-stack-ts/auth
Length of output: 952
🏁 Script executed:
rg "throw redirect" docs/src/content/docs/integrations/ -A 2 -B 2Repository: aura-stack-ts/auth
Length of output: 1888
🏁 Script executed:
rg "redirect\(" docs/src/content/docs/integrations/tanstack-start.mdx -B 3 -A 1Repository: aura-stack-ts/auth
Length of output: 709
🏁 Script executed:
rg "import.*redirect" docs/src/content/docs/integrations/tanstack-start.mdx -B 5 -A 1Repository: aura-stack-ts/auth
Length of output: 466
🏁 Script executed:
rg "from.*redirect" docs/src/content/docs/integrations/tanstack-start.mdxRepository: aura-stack-ts/auth
Length of output: 44
🏁 Script executed:
web_search
TanStack Router redirect() function behavior in try-catch blocksRepository: aura-stack-ts/auth
Length of output: 262
🌐 Web query:
TanStack React Router redirect exception handling in try-catch
💡 Result:
In TanStack React Router, redirects are intentionally implemented by throwing the redirect function from route functions like beforeLoad, loader, or validateSearch. This throw is handled specially by the router—it performs the navigation without propagating as a regular error to error boundaries or try-catch blocks. Regular JavaScript try-catch blocks will catch the thrown redirect, preventing the router from handling it. This breaks the redirect flow. Key patterns from documentation and examples: 1. Throw redirect directly (preferred for route functions): import { createFileRoute, redirect } from '@tanstack/react-router' export const Route = createFileRoute('/old-path')({ beforeLoad: => { throw redirect({ to: '/new-path' }) }, }) 2. In errorComponents, handle specific errors and redirect: errorComponent: ({ error }) => { if (error instanceof UnauthorizedError) { return } // or throw redirect({ to: '/error' }) }, Note: Throwing redirect from errorComponent works as the router catches it specially. 3. Never wrap redirect logic in try-catch in route functions: beforeLoad: => { try { // auth check throw redirect({ to: '/login' }) // Caught here, redirect fails! } catch (e) { // This prevents router handling } } Redirects are not "exceptions" to handle with try-catch; they are deliberate throws for router control flow. Use errorComponents for actual error recovery with conditional redirects via Navigate or throw redirect.
Citations:
- 1: https://oboe.com/learn/tanstack-router-for-react-applications-w557j0/error-handling-and-redirects-tanstack-router-for-react-applications-6
- 2: https://mintlify.com/tanstack/router/router/guides/error-handling
- 3: https://www.technetexperts.com/tanstack-router-catch-beforeload-error/
- 4: https://tanstack.com/router/v1/docs/framework/react/guide/creating-a-router
- 5: https://tanstack.com/router/v1/docs/framework/react/api/router/errorComponentComponent
- 6: Redirect errors are uncaught TanStack/router#2554
Move the successful sign-in redirect outside the try-catch block.
In TanStack Router, redirect() is a special control-flow exception that the router handles directly. When wrapped in a try-catch block, the catch handler intercepts it and prevents the router from processing the redirect. This causes the successful sign-in path to be unreachable—all code paths redirect to /login, even on success.
Proposed fix
.handler(async ({ data }) => {
- try {
- const response = await api.signIn(data.provider, {
- request: getRequest(),
- redirect: false,
- })
-
- throw redirect({
- href: response.signInURL,
- })
- } catch (error) {
+ let response
+ try {
+ response = await api.signIn(data.provider, {
+ request: getRequest(),
+ redirect: false,
+ })
+ } catch (error) {
console.error("[error:server] signIn", error)
throw redirect({ to: "/login" })
}
+ throw redirect({
+ href: response.signInURL,
+ })
})📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| .handler(async ({ data }) => { | |
| try { | |
| const response = await api.signIn(data.provider, { | |
| request: getRequest(), | |
| redirect: false, | |
| }) | |
| throw redirect({ | |
| href: response.signInURL, | |
| }) | |
| } catch (error) { | |
| console.error("[error:server] signIn", error) | |
| throw redirect({ to: "/login" }) | |
| } | |
| .handler(async ({ data }) => { | |
| let response | |
| try { | |
| response = await api.signIn(data.provider, { | |
| request: getRequest(), | |
| redirect: false, | |
| }) | |
| } catch (error) { | |
| console.error("[error:server] signIn", error) | |
| throw redirect({ to: "/login" }) | |
| } | |
| throw redirect({ | |
| href: response.signInURL, | |
| }) | |
| }) |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs/src/content/docs/integrations/tanstack-start.mdx` around lines 191 -
204, The successful sign-in redirect is inside the try block and gets caught by
the catch (so redirect() never reaches the router); move the successful redirect
call out of the try-catch so the router can handle it. Concretely: in the
.handler function around api.signIn and redirect, call api.signIn inside try to
capture response, return or perform any non-exception work there, then after the
try-catch invoke redirect({ href: response.signInURL }) (or rethrow redirect)
only when sign-in succeeds; keep the catch solely for logging and redirecting to
"/login". Ensure you reference the .handler async ({ data }) =>, api.signIn, and
redirect symbols when editing.
1 participant
Description
Summary by CodeRabbit
New Features
Bug Fixes
Chores
Documentation