Loading...
Loading...
Back to Rules
next.js
Next.js Auth & DB Fortress
Claude Directory November 25, 2025
0 copies 0 downloads
Secure full-stack Next.js blueprint with Auth.js, Prisma, Server Actions, and tRPC for enterprise apps.
Rule Content
# Secure Next.js Full-Stack for Claude Code
Build ironclad apps in Claude Code CLI: Reason through security models, use long context for schema design, integrate MCP for DB tools.
## Authentication (Auth.js v5)
```ts
// app/api/auth/[...nextauth]/route.ts
import NextAuth from 'next-auth';
const handler = NextAuth({
providers: [CredentialsProvider({ ... })],
callbacks: { session: ({ session, token }) => ({ ...session, userId: token.sub }) },
});
export { handler as GET, handler as POST };
```
- Middleware guards: Protect routes
- SessionProvider in root layout
## Database (Prisma + Accelerate)
```prisma
// schema.prisma
model User {
id String @id @default(cuid())
email String @unique
@@map("users")
}
```
- Server Actions: `async function createUser(formData) { 'use server'; const user = await prisma.user.create({...}); }`
- Prisma Accelerate for global caching
## Type-Safe APIs (tRPC v11)
```ts
// app/api/trpc/[trpc]/route.ts
import { createNextApiHandler } from '@trpc/server/adapters/next';
import { appRouter } from '~/server/routers/_app';
export default createNextApiHandler({ router: appRouter });
// server/routers/user.ts
export const userRouter = createTRPCRouter({
getById: publicProcedure.input(z.string()).query(({ input }) => prisma.user.findUnique({ where: { id: input } })),
});
```
- Client: `const trpc = createTRPCReact<AppRouter>();`
## Security Checklist
- Headers: CSP, HSTS via `next.config.js`
- Rate limiting: Upstash Redis
- SQL injection: Prisma params
- Secrets: Vercel env vars
## Deployment
- Vercel: Edge functions, previews
- Docker: Multi-stage builds
Enforce RBAC with reasoned queries.Comments
More Rules
View allAI/ML
GLM-4.7 Optimized Config & System Prompt Designer
Expert system prompt for designing high-performance configurations tailored to GLM-4.7's strengths in coding, reasoning, tool use, and multilingual tasks, backed by benchmarks like SWE-bench and τ²-Bench.
C
CommunityAI/ML
GLM-4.7 Open-Source Coding Expert: Optimized System Prompt
Leverage GLM-4.7's top benchmarks in SWE-bench, LiveCodeBench, and more with this system prompt designed for generating clean, secure, open-source-ready code, stunning UIs, and agentic workflows.
C
CommunityAI/ML
GLM-4.7 Optimized Coding Agent
This system prompt transforms an AI into GLM-4.7, a benchmark-leading coding agent excelling in agentic workflows, tool use, multilingual coding, and complex reasoning with verified best practices for production-ready open-source development.
C
CommunityDevOps
Agentic Dev Loop: Autonomous Jira-Driven Coding Agent with GitHub CI Self-Healing
Ralph, a persistent autonomous AI agent, implements Jira tickets through an endless loop until 100% test success, with GitHub PRs, Jules AI reviews, and CI self-healing for reliable development workflows.
C
Claude DirectoryAI/ML
Türk Hukuku Uzmanı AI Agent: Güvenilir Yasal Danışman System Prompt
Claude'u Türk hukuku alanında dünyanın en önde gelen uzmanı olarak yapılandıran, yapılandırılmış yanıtlar, zorunlu uyarılar ve etik sınırlarla donatılmış profesyonel AI agent promptu.
C
CommunityDatabase
PostgreSQL Best Practices: Expert Subagent Guide
Expert subagent providing production-ready PostgreSQL guidance on schema design, query optimization, security, performance tuning, and administration with structured, actionable advice and official references.
C
Claude Directory