Why Use This
This skill provides specialized capabilities for HoangNguyen0403's codebase.
Use Cases
- Developing new features in the HoangNguyen0403 repository
- Refactoring existing code to follow HoangNguyen0403 standards
- Understanding and working with HoangNguyen0403's codebase structure
Install Guide
2 steps - 1
- 2
Install inside Ananke
Click Install Skill, paste the link below, then press Install.
https://github.com/HoangNguyen0403/agent-skills-standard/tree/develop/skills/nextjs/authentication
Skill Snapshot
Auto scan of skill assets. Informational only.
Valid SKILL.md
Checks against SKILL.md specification
Source & Community
Updated At Jan 18, 2026, 04:24 AM
Skill Stats
SKILL.md 31 Lines
Total Files 1
Total Size 0 B
License NOASSERTION
---
name: Next.js Authentication
description: Secure token storage (HttpOnly Cookies) and Middleware patterns.
metadata:
labels: [nextjs, auth, security, cookies]
triggers:
files: ['middleware.ts', '**/auth.ts', '**/login/page.tsx']
keywords: [cookie, jwt, session, localstorage, auth]
---
# Authentication & Token Management
## **Priority: P0 (CRITICAL)**
Use **HttpOnly Cookies** for token storage. **Never** use LocalStorage.
## Key Rules
1. **Storage**: Use `cookies().set()` with `httpOnly: true`, `secure: true`, `sameSite: 'lax'`. (Reference: [Setting Tokens](references/auth-implementation.md))
2. **Access**: Read tokens in Server Components via `cookies().get()`. (Reference: [Reading Tokens](references/auth-implementation.md))
3. **Protection**: Guard routes in `middleware.ts` before rendering. (Reference: [Middleware Protection](references/auth-implementation.md))
## Anti-Pattern: LocalStorage
- **Security Risk**: Vulnerable to XSS.
- **Performance Hit**: Incompatible with Server Components (RSC). Forces client hydration and causes layout shift.
## Related Topics
common/security-standards | server-components | app-router
