Skip to content

Complete migration to Clerk from NextAuth.js#3

Closed
adamsardo wants to merge 1 commit into
mainfrom
cursor/complete-migration-to-clerk-from-nextauth-js-4c3a
Closed

Complete migration to Clerk from NextAuth.js#3
adamsardo wants to merge 1 commit into
mainfrom
cursor/complete-migration-to-clerk-from-nextauth-js-4c3a

Conversation

@adamsardo

@adamsardo adamsardo commented Jul 4, 2025

Copy link
Copy Markdown
Owner

Complete the full migration from NextAuth.js to Clerk for authentication.

This PR completes the comprehensive migration of the application's authentication system from NextAuth.js to Clerk. It involves removing all NextAuth.js code, updating API routes and UI components to use Clerk's session management and hooks, and thoroughly updating all relevant documentation and configuration files to reflect the new authentication provider.

Summary by CodeRabbit

  • New Features

    • Authentication is now powered by Clerk, supporting email/password, OAuth (GitHub, Google), magic links, SAML SSO, and two-factor authentication.
    • Enhanced security features including attack protection, advanced password policies, and built-in email verification.
    • Organization management with multi-tenancy, RBAC, team invitations, and domain allowlisting.
  • Bug Fixes

    • Session management and sign-out flows streamlined for consistency across authentication methods.
  • Documentation

    • Comprehensive updates to guides, README, and internal docs reflecting Clerk integration and setup.
    • Added new authentication documentation and removed obsolete migration guides.
  • Refactor

    • Replaced all NextAuth.js logic, hooks, and session handling with Clerk-based implementations.
    • Updated components and hooks to use Clerk for authentication and session data.
  • Chores

    • Cleaned up environment variables and deployment configurations to remove NextAuth references and add Clerk settings.
    • Removed unused dependencies and type declarations related to NextAuth.

Co-authored-by: adam <adam@medreport.ai>
@coderabbitai

coderabbitai Bot commented Jul 4, 2025

Copy link
Copy Markdown

Walkthrough

This change completes a comprehensive migration from NextAuth.js to Clerk for authentication, session, and security management across the application. All NextAuth.js code, configuration, and dependencies were removed. Clerk is now fully integrated, with updated authentication hooks, middleware, session handling, documentation, environment variables, and deployment templates.

Changes

Files / Groups Change Summary
lib/nextAuth.ts, pages/api/auth/[...nextauth].ts, pages/api/auth/custom-signout.ts, types/next-auth.d.ts, CLERK_MIGRATION_GUIDE.md Deleted all NextAuth.js authentication logic, API routes, and type augmentations; removed migration guide.
package.json, tsconfig.json, app.json, .github/workflows/main.yml, .do/deploy.template.yaml Removed NextAuth dependencies and config; added Clerk env vars and deployment setup; updated workflow/test env vars.
lib/env.ts, lib/auth.ts, lib/clerk.ts Removed NextAuth config and provider logic; added static Clerk provider config and password policies.
lib/session.ts, pages/api/sessions/index.ts, pages/api/password.ts, pages/api/auth/reset-password.ts Refactored session logic to use Clerk; removed session token/cookie logic; always delete all sessions after password changes.
hooks/auth.ts, hooks/useAuth.ts, hooks/useSession.ts Added new hooks for Clerk-based authentication, sign-in/out, session, and user/org context.
hooks/useCustomSignout.ts Refactored signout logic to use Clerk SDK directly.
components/auth/*, components/shared/*, components/account/*, components/team/Members.tsx, pages/auth/*, pages/invitations/[token].tsx, pages/settings/security.tsx, pages/teams/switch.ts Updated imports and logic to use new Clerk-based hooks and session data; removed all NextAuth references.
types/next.ts Updated type definitions for page props and authentication; added NextPageWithUser.
README.md, CLAUDE.md, docs/authentication.md, .cursor/rules/*, MIGRATION_COMPLETE.md Overhauled documentation to reflect Clerk integration, usage, migration steps, and updated best practices.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant UI
    participant ClerkSDK
    participant ClerkDashboard
    participant AppAPI

    User->>UI: Initiate login (email/password, OAuth, SSO, magic link)
    UI->>ClerkSDK: Call useSignIn / useAuth hook
    ClerkSDK->>ClerkDashboard: Authenticate user & manage session
    ClerkDashboard-->>ClerkSDK: Return user/org/session info
    ClerkSDK-->>UI: Provide session/user/org context
    UI->>AppAPI: Make authenticated API request with Clerk session
    AppAPI->>ClerkDashboard: Validate session via Clerk middleware
    ClerkDashboard-->>AppAPI: Return user/org context for authorization
    AppAPI-->>UI: Respond with protected resource/data
Loading

Possibly related PRs

  • adamsardo/saas-starter-kit#1: Introduced initial Clerk integration and migration support, enabling parallel operation and data sync with NextAuth.js. This PR is directly extended and completed by the current migration.

Poem

🐇✨

Goodbye to NextAuth, Clerk takes the stage,
With hooks and sessions, we turn the page.
Docs refreshed, the code is neat,
Teams and roles now can't be beat.
The bunny hops with glee and cheer—
Secure and simple, Clerk is here!

🥕

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

npm error Exit handler never called!
npm error This is an error with npm itself. Please report this error at:
npm error https://github.com/npm/cli/issues
npm error A complete log of this run can be found in: /.npm/_logs/2025-07-04T00_07_20_521Z-debug-0.log

✨ Finishing Touches
  • 📝 Generate Docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@openhands-ai

openhands-ai Bot commented Jul 4, 2025

Copy link
Copy Markdown

Looks like there are a few issues preventing this PR from being merged!

  • GitHub Actions are failing:
    • Build

If you'd like me to help, just leave a comment, like

@OpenHands please fix the failing actions on PR #3

Feel free to include any additional details that might help me get this PR into a better state.

You can manage your notification settings

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 19

🔭 Outside diff range comments (2)
components/shared/shell/Header.tsx (1)

3-30: Loading component imported but never displayed

CI flags the unused import. Either remove it or render it while the session is loading:

-  if (status === 'loading' || !data) {
-    return null;
-  }
+  if (status === 'loading' || !data) {
+    return <Loading />;
+  }

This keeps the UX responsive and satisfies ESLint.

components/auth/MagicLink.tsx (1)

15-17: Remove unused csrfToken parameter.

The csrfToken parameter is no longer needed with Clerk authentication and should be removed to clean up the interface.

-interface MagicLinkProps {
-  csrfToken: string | undefined;
-}
-
-const MagicLink = ({ csrfToken }: MagicLinkProps) => {
+const MagicLink = () => {
🧹 Nitpick comments (6)
pages/api/auth/reset-password.ts (1)

6-6: Remove unused import.

The env import is not used anywhere in the file and should be removed to clean up the code.

-import env from '@/lib/env';
components/team/Members.tsx (1)

3-3: Resolve global name shadowing issue.

The Error import shadows the global Error constructor, which can cause confusion. Consider renaming this import to avoid conflicts.

import {
- Error,
+ ErrorMessage,
  LetterAvatar,
  Loading,
} from '@/components/shared';

Then update the usage on line 43:

- return <Error message={isError.message} />;
+ return <ErrorMessage message={isError.message} />;
hooks/useSession.ts (1)

38-42: Consider providing a more helpful update function.

The current update function only logs a warning and returns null, which may confuse developers expecting NextAuth-style session updates. Consider either removing it entirely or providing a more helpful implementation.

-  // Update function for compatibility - Clerk automatically syncs user data
-  const update = async () => {
-    console.warn('Session update is not supported. User data is automatically synced.');
-    return null;
-  };
+  // Update function for compatibility - Clerk automatically syncs user data
+  const update = async () => {
+    if (process.env.NODE_ENV === 'development') {
+      console.warn('Session update is not needed with Clerk. User data syncs automatically.');
+    }
+    // Return current session data to maintain compatibility
+    return { data, status };
+  };
.do/deploy.template.yaml (1)

12-14: Minor: quote interpolation braces to avoid unintended templating

Lines referencing ${saas-starter-kit-db.DATABASE_URL} work for DO App-Spec, but quoting them makes the YAML safer when processed by other tooling.

-          value: ${saas-starter-kit-db.DATABASE_URL}
+          value: "${saas-starter-kit-db.DATABASE_URL}"

Also applies to: 34-39

.cursor/rules/auth-security.mdc (2)

50-64: Example still implies bespoke session helpers instead of Clerk SDK

The snippet uses getCurrentUserWithTeam and session checks reminiscent of the old NextAuth flow.
Since Clerk exposes auth()/currentUser helpers, consider updating the example to:

import { auth } from "@clerk/nextjs/server"

const { userId, orgId } = auth()
if (!userId) {
  return res.status(401).json({ error: "Unauthorized" })
}

await throwIfNoTeamAccess(orgId, teamId)
await throwIfNotAllowed(userId, "team_webhook", "create")

Keeps documentation consistent with the new runtime.


6-13: Broken inline link: mdc:middleware.ts

The custom mdc: scheme won’t render on GitHub/MD; switch to a relative path (../middleware.ts) or fully qualify the URL so readers can follow it outside Cursor.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6b2dd49 and c08050d.

⛔ Files ignored due to path filters (1)
  • package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (44)
  • .cursor/rules/auth-security.mdc (1 hunks)
  • .cursor/rules/project-overview.mdc (1 hunks)
  • .cursor/rules/testing-patterns.mdc (1 hunks)
  • .do/deploy.template.yaml (1 hunks)
  • .github/workflows/main.yml (2 hunks)
  • CLAUDE.md (3 hunks)
  • CLERK_MIGRATION_GUIDE.md (0 hunks)
  • MIGRATION_COMPLETE.md (1 hunks)
  • README.md (4 hunks)
  • app.json (1 hunks)
  • components/account/ManageSessions.tsx (4 hunks)
  • components/account/UpdateName.tsx (3 hunks)
  • components/auth/GithubButton.tsx (1 hunks)
  • components/auth/GoogleButton.tsx (1 hunks)
  • components/auth/MagicLink.tsx (4 hunks)
  • components/shared/TeamDropdown.tsx (1 hunks)
  • components/shared/shell/AppShell.tsx (2 hunks)
  • components/shared/shell/Header.tsx (2 hunks)
  • components/team/Members.tsx (2 hunks)
  • docs/authentication.md (1 hunks)
  • hooks/auth.ts (1 hunks)
  • hooks/useAuth.ts (1 hunks)
  • hooks/useCustomSignout.ts (1 hunks)
  • hooks/useSession.ts (1 hunks)
  • lib/auth.ts (2 hunks)
  • lib/clerk.ts (0 hunks)
  • lib/env.ts (1 hunks)
  • lib/nextAuth.ts (0 hunks)
  • lib/session.ts (1 hunks)
  • package.json (0 hunks)
  • pages/_app.tsx (2 hunks)
  • pages/api/auth/[...nextauth].ts (0 hunks)
  • pages/api/auth/custom-signout.ts (0 hunks)
  • pages/api/auth/reset-password.ts (1 hunks)
  • pages/api/password.ts (1 hunks)
  • pages/api/sessions/index.ts (1 hunks)
  • pages/auth/idp-login.tsx (2 hunks)
  • pages/auth/sso/index.tsx (3 hunks)
  • pages/invitations/[token].tsx (1 hunks)
  • pages/settings/security.tsx (1 hunks)
  • pages/teams/switch.tsx (1 hunks)
  • tsconfig.json (1 hunks)
  • types/next-auth.d.ts (0 hunks)
  • types/next.ts (1 hunks)
💤 Files with no reviewable changes (7)
  • lib/clerk.ts
  • package.json
  • pages/api/auth/[...nextauth].ts
  • types/next-auth.d.ts
  • CLERK_MIGRATION_GUIDE.md
  • pages/api/auth/custom-signout.ts
  • lib/nextAuth.ts
🧰 Additional context used
📓 Path-based instructions (24)
`components/**/*`: React UI components are organized by feature in `/components`...

components/**/*: React UI components are organized by feature in /components and shared components in /components/shared
Tailwind CSS with DaisyUI is used for styling UI components

📄 Source: CodeRabbit Inference Engine (CLAUDE.md)

List of files the instruction was applied to:

  • components/shared/TeamDropdown.tsx
  • components/shared/shell/Header.tsx
  • components/auth/GithubButton.tsx
  • components/auth/GoogleButton.tsx
  • components/team/Members.tsx
  • components/shared/shell/AppShell.tsx
  • components/auth/MagicLink.tsx
  • components/account/ManageSessions.tsx
  • components/account/UpdateName.tsx
`components/**/*.{js,jsx,ts,tsx}`: Use `useTranslation` hook from react-i18next for translations Images are optimized using Next.js Image component

components/**/*.{js,jsx,ts,tsx}: Use useTranslation hook from react-i18next for translations
Images are optimized using Next.js Image component

📄 Source: CodeRabbit Inference Engine (CLAUDE.md)

List of files the instruction was applied to:

  • components/shared/TeamDropdown.tsx
  • components/shared/shell/Header.tsx
  • components/auth/GithubButton.tsx
  • components/auth/GoogleButton.tsx
  • components/team/Members.tsx
  • components/shared/shell/AppShell.tsx
  • components/auth/MagicLink.tsx
  • components/account/ManageSessions.tsx
  • components/account/UpdateName.tsx
`**/*.{ts,tsx}`: TypeScript is used throughout the codebase with strict mode ena...

**/*.{ts,tsx}: TypeScript is used throughout the codebase with strict mode enabled
Path aliases are configured for @/lib/* and @/components/*
Zod is used for runtime validation
Yup is used for form validation with Formik

📄 Source: CodeRabbit Inference Engine (CLAUDE.md)

List of files the instruction was applied to:

  • components/shared/TeamDropdown.tsx
  • pages/invitations/[token].tsx
  • components/shared/shell/Header.tsx
  • pages/teams/switch.tsx
  • pages/api/auth/reset-password.ts
  • pages/api/password.ts
  • pages/_app.tsx
  • pages/auth/idp-login.tsx
  • components/auth/GithubButton.tsx
  • hooks/auth.ts
  • pages/api/sessions/index.ts
  • components/auth/GoogleButton.tsx
  • hooks/useSession.ts
  • components/team/Members.tsx
  • pages/auth/sso/index.tsx
  • components/shared/shell/AppShell.tsx
  • hooks/useCustomSignout.ts
  • lib/auth.ts
  • pages/settings/security.tsx
  • lib/env.ts
  • hooks/useAuth.ts
  • lib/session.ts
  • types/next.ts
  • components/auth/MagicLink.tsx
  • components/account/ManageSessions.tsx
  • components/account/UpdateName.tsx
`components/**/*.{ts,tsx}`: UI components that enforce RBAC should use the AccessControl wrapper.

components/**/*.{ts,tsx}: UI components that enforce RBAC should use the AccessControl wrapper.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/auth-security.mdc)

List of files the instruction was applied to:

  • components/shared/TeamDropdown.tsx
  • components/shared/shell/Header.tsx
  • components/auth/GithubButton.tsx
  • components/auth/GoogleButton.tsx
  • components/team/Members.tsx
  • components/shared/shell/AppShell.tsx
  • components/auth/MagicLink.tsx
  • components/account/ManageSessions.tsx
  • components/account/UpdateName.tsx
`{components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts}`: Use TypeScript for all components and hooks Use SWR for data fetching in components and hooks

{components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts}: Use TypeScript for all components and hooks
Use SWR for data fetching in components and hooks

📄 Source: CodeRabbit Inference Engine (.cursor/rules/frontend-patterns.mdc)

List of files the instruction was applied to:

  • components/shared/TeamDropdown.tsx
  • pages/invitations/[token].tsx
  • components/shared/shell/Header.tsx
  • pages/teams/switch.tsx
  • pages/_app.tsx
  • pages/auth/idp-login.tsx
  • components/auth/GithubButton.tsx
  • hooks/auth.ts
  • components/auth/GoogleButton.tsx
  • hooks/useSession.ts
  • components/team/Members.tsx
  • pages/auth/sso/index.tsx
  • components/shared/shell/AppShell.tsx
  • hooks/useCustomSignout.ts
  • pages/settings/security.tsx
  • hooks/useAuth.ts
  • components/auth/MagicLink.tsx
  • components/account/ManageSessions.tsx
  • components/account/UpdateName.tsx
`components/**`: Colocate related components in feature folders within the components/ directory

components/**: Colocate related components in feature folders within the components/ directory

📄 Source: CodeRabbit Inference Engine (.cursor/rules/frontend-patterns.mdc)

List of files the instruction was applied to:

  • components/shared/TeamDropdown.tsx
  • components/shared/shell/Header.tsx
  • components/auth/GithubButton.tsx
  • components/auth/GoogleButton.tsx
  • components/team/Members.tsx
  • components/shared/shell/AppShell.tsx
  • components/auth/MagicLink.tsx
  • components/account/ManageSessions.tsx
  • components/account/UpdateName.tsx
`{components/**/*.tsx,pages/**/*.tsx}`: Handle loading and error states consiste...

{components/**/*.tsx,pages/**/*.tsx}: Handle loading and error states consistently using the WithLoadingAndError wrapper
Use semantic HTML elements
Add aria-labels for accessibility
Memoize expensive computations with useMemo
Avoid inline styles - use Tailwind CSS utility classes
Use Tailwind CSS utility classes for styling
Use DaisyUI components for UI elements
Support dark mode using Tailwind's dark: classes
Implement responsive design using Tailwind's responsive utility classes
Use Formik for form handling and Yup for validation in forms
Use the useTranslation hook from next-i18next for internationalization
Use the AccessControl component for permission-based rendering
Use react-hot-toast for toast notifications

📄 Source: CodeRabbit Inference Engine (.cursor/rules/frontend-patterns.mdc)

List of files the instruction was applied to:

  • components/shared/TeamDropdown.tsx
  • pages/invitations/[token].tsx
  • components/shared/shell/Header.tsx
  • pages/teams/switch.tsx
  • pages/_app.tsx
  • pages/auth/idp-login.tsx
  • components/auth/GithubButton.tsx
  • components/auth/GoogleButton.tsx
  • components/team/Members.tsx
  • pages/auth/sso/index.tsx
  • components/shared/shell/AppShell.tsx
  • pages/settings/security.tsx
  • components/auth/MagicLink.tsx
  • components/account/ManageSessions.tsx
  • components/account/UpdateName.tsx
`{pages,components,lib,models,hooks,types}/**/*.{ts,tsx}`: Use TypeScript for all source code files

{pages,components,lib,models,hooks,types}/**/*.{ts,tsx}: Use TypeScript for all source code files

📄 Source: CodeRabbit Inference Engine (.cursor/rules/project-overview.mdc)

List of files the instruction was applied to:

  • components/shared/TeamDropdown.tsx
  • pages/invitations/[token].tsx
  • components/shared/shell/Header.tsx
  • pages/teams/switch.tsx
  • pages/api/auth/reset-password.ts
  • pages/api/password.ts
  • pages/_app.tsx
  • pages/auth/idp-login.tsx
  • components/auth/GithubButton.tsx
  • hooks/auth.ts
  • pages/api/sessions/index.ts
  • components/auth/GoogleButton.tsx
  • hooks/useSession.ts
  • components/team/Members.tsx
  • pages/auth/sso/index.tsx
  • components/shared/shell/AppShell.tsx
  • hooks/useCustomSignout.ts
  • lib/auth.ts
  • pages/settings/security.tsx
  • lib/env.ts
  • hooks/useAuth.ts
  • lib/session.ts
  • types/next.ts
  • components/auth/MagicLink.tsx
  • components/account/ManageSessions.tsx
  • components/account/UpdateName.tsx
`components/**/*`: React components should be organized by feature within the `components/` directory

components/**/*: React components should be organized by feature within the components/ directory

📄 Source: CodeRabbit Inference Engine (.cursor/rules/project-overview.mdc)

List of files the instruction was applied to:

  • components/shared/TeamDropdown.tsx
  • components/shared/shell/Header.tsx
  • components/auth/GithubButton.tsx
  • components/auth/GoogleButton.tsx
  • components/team/Members.tsx
  • components/shared/shell/AppShell.tsx
  • components/auth/MagicLink.tsx
  • components/account/ManageSessions.tsx
  • components/account/UpdateName.tsx
`{components,pages}/**/*.tsx`: The `frontend-patterns.mdc` rule establishes Reac...

{components,pages}/**/*.tsx: The frontend-patterns.mdc rule establishes React and frontend development patterns, including component patterns, styling conventions, form handling, data fetching, custom hooks, and UI best practices, and is automatically applied when working on React components (components/**/*.tsx, pages/**/*.tsx) and hooks.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/README.md)

List of files the instruction was applied to:

  • components/shared/TeamDropdown.tsx
  • pages/invitations/[token].tsx
  • components/shared/shell/Header.tsx
  • pages/teams/switch.tsx
  • pages/_app.tsx
  • pages/auth/idp-login.tsx
  • components/auth/GithubButton.tsx
  • components/auth/GoogleButton.tsx
  • components/team/Members.tsx
  • pages/auth/sso/index.tsx
  • components/shared/shell/AppShell.tsx
  • pages/settings/security.tsx
  • components/auth/MagicLink.tsx
  • components/account/ManageSessions.tsx
  • components/account/UpdateName.tsx
`pages/**/*.{ts,tsx}`: Protected pages must require authentication and validate team membership for team-specific routes.

pages/**/*.{ts,tsx}: Protected pages must require authentication and validate team membership for team-specific routes.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/auth-security.mdc)

List of files the instruction was applied to:

  • pages/invitations/[token].tsx
  • pages/teams/switch.tsx
  • pages/api/auth/reset-password.ts
  • pages/api/password.ts
  • pages/_app.tsx
  • pages/auth/idp-login.tsx
  • pages/api/sessions/index.ts
  • pages/auth/sso/index.tsx
  • pages/settings/security.tsx
`pages/api/**/*`: Next.js API routes are located in `pages/api/` directory Protected API routes use authentication guards

pages/api/**/*: Next.js API routes are located in pages/api/ directory
Protected API routes use authentication guards

📄 Source: CodeRabbit Inference Engine (CLAUDE.md)

List of files the instruction was applied to:

  • pages/api/auth/reset-password.ts
  • pages/api/password.ts
  • pages/api/sessions/index.ts
`pages/api/**/*.ts`: All API routes must follow Next.js conventions in the pages...

pages/api/**/*.ts: All API routes must follow Next.js conventions in the pages/api/ directory, organizing endpoints by resource (e.g., auth/, teams/[slug]/, users.ts, sessions/, webhooks/).
API responses must use the standard format: success responses as { data: ... }, error responses as { error: { message: ... } }, empty success as {}, and delete success with status 204 and no body.
API route handlers must use the provided request handler pattern: async default export, try/catch for error handling, method switch, and consistent error responses.
Always validate request data using Zod schemas in API routes.
Perform session checks, team access checks, and permission checks in API routes as appropriate, using getSession, throwIfNoTeamAccess, and throwIfNotAllowed.
Use the custom ApiError class for consistent error responses in API routes.
Use Prisma only through model abstractions in the models/ directory; do not use direct Prisma client calls in API routes.
Never expose sensitive data in API responses; always use select to exclude sensitive fields.
Check feature flags before exposing endpoints in API routes.
Implement rate limiting in API routes as needed.
Perform audit logging for sensitive operations in API routes.
Record metrics for important operations in API routes using recordMetric.
Use common utilities such as extractAuthToken, generateToken, validateEmail, slugify, and forceConsume in API routes as appropriate.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/api-patterns.mdc)

List of files the instruction was applied to:

  • pages/api/auth/reset-password.ts
  • pages/api/password.ts
  • pages/api/sessions/index.ts
`pages/{api/auth,auth}/**/*.{ts,tsx}`: Protect login, signup, and password reset forms with reCAPTCHA, configured via RECAPTCHA_SITE_KEY and RECAPTCHA_SECRET_KEY.

pages/{api/auth,auth}/**/*.{ts,tsx}: Protect login, signup, and password reset forms with reCAPTCHA, configured via RECAPTCHA_SITE_KEY and RECAPTCHA_SECRET_KEY.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/auth-security.mdc)

List of files the instruction was applied to:

  • pages/api/auth/reset-password.ts
  • pages/auth/idp-login.tsx
  • pages/auth/sso/index.tsx
`pages/api/**/*.{ts,tsx}`: API routes must check for authenticated sessions and ...

pages/api/**/*.{ts,tsx}: API routes must check for authenticated sessions and appropriate permissions before allowing access.
Never return sensitive data (passwords, API keys) in API responses.
Use validateWithSchema for input validation with Zod.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/auth-security.mdc)

List of files the instruction was applied to:

  • pages/api/auth/reset-password.ts
  • pages/api/password.ts
  • pages/api/sessions/index.ts
`pages/api/**/*.{js,ts}`: RESTful endpoints should be implemented in the `pages/api/` directory following Next.js conventions

pages/api/**/*.{js,ts}: RESTful endpoints should be implemented in the pages/api/ directory following Next.js conventions

📄 Source: CodeRabbit Inference Engine (.cursor/rules/project-overview.mdc)

List of files the instruction was applied to:

  • pages/api/auth/reset-password.ts
  • pages/api/password.ts
  • pages/api/sessions/index.ts
`pages/api/**/*.ts`: The `api-patterns.mdc` rule defines API development pattern...

pages/api/**/*.ts: The api-patterns.mdc rule defines API development patterns and conventions, including API route structure, response formats, request handlers, validation patterns, error handling, and security practices, and is automatically applied when working on files in pages/api/**/*.ts.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/README.md)

List of files the instruction was applied to:

  • pages/api/auth/reset-password.ts
  • pages/api/password.ts
  • pages/api/sessions/index.ts
`hooks/**/*`: Custom hooks for data operations are placed in `/hooks` directory

hooks/**/*: Custom hooks for data operations are placed in /hooks directory

📄 Source: CodeRabbit Inference Engine (CLAUDE.md)

List of files the instruction was applied to:

  • hooks/auth.ts
  • hooks/useSession.ts
  • hooks/useCustomSignout.ts
  • hooks/useAuth.ts
`hooks/**/*.ts`: Extract reusable logic into custom hooks

hooks/**/*.ts: Extract reusable logic into custom hooks

📄 Source: CodeRabbit Inference Engine (.cursor/rules/frontend-patterns.mdc)

List of files the instruction was applied to:

  • hooks/auth.ts
  • hooks/useSession.ts
  • hooks/useCustomSignout.ts
  • hooks/useAuth.ts
`hooks/**/*`: Custom React hooks should be placed in the `hooks/` directory

hooks/**/*: Custom React hooks should be placed in the hooks/ directory

📄 Source: CodeRabbit Inference Engine (.cursor/rules/project-overview.mdc)

List of files the instruction was applied to:

  • hooks/auth.ts
  • hooks/useSession.ts
  • hooks/useCustomSignout.ts
  • hooks/useAuth.ts
`lib/auth.ts`: Enforce password policies in lib/auth.ts: minimum 8 characters (c...

lib/auth.ts: Enforce password policies in lib/auth.ts: minimum 8 characters (configurable), maximum 70 characters, validated on signup and password reset.
Hash passwords with bcrypt using 12 rounds.
Generate secure tokens with crypto.randomBytes.
Clear all sessions on password reset.
Validate email domains for business emails only (optional).
Optional email verification must block login until email is verified and provide resend verification email functionality.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/auth-security.mdc)

List of files the instruction was applied to:

  • lib/auth.ts
`{lib,prisma}/**/*.ts`: Use prepared statements via Prisma to prevent SQL injection.

{lib,prisma}/**/*.ts: Use prepared statements via Prisma to prevent SQL injection.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/auth-security.mdc)

List of files the instruction was applied to:

  • lib/auth.ts
  • lib/env.ts
  • lib/session.ts
`lib/env.ts`: Define environment variables and configuration in `lib/env.ts`

lib/env.ts: Define environment variables and configuration in lib/env.ts

📄 Source: CodeRabbit Inference Engine (.cursor/rules/project-overview.mdc)

List of files the instruction was applied to:

  • lib/env.ts
`types/**/*`: TypeScript type definitions should be placed in the `types/` directory

types/**/*: TypeScript type definitions should be placed in the types/ directory

📄 Source: CodeRabbit Inference Engine (.cursor/rules/project-overview.mdc)

List of files the instruction was applied to:

  • types/next.ts
🧠 Learnings (38)
📓 Common learnings
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: The `auth-security.mdc` rule details authentication and security patterns, including NextAuth configuration, session management, security features, authorization patterns, and best practices, and is applied when working on authentication, authorization, or security features.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Apply the rules from `auth-security.mdc` when working on authentication, authorization, or security features, including NextAuth configuration, session management, security features, authorization patterns, and best practices.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Default session duration should be 14 days.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Session tokens must be stored in secure HTTP-only cookies.
components/shared/TeamDropdown.tsx (14)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Default session duration should be 14 days.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use SWR for data fetching in components and hooks
pages/invitations/[token].tsx (12)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
components/shared/shell/Header.tsx (19)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use the WithLoadingAndError wrapper for loading and error states
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use the WithLoadingAndError wrapper for loading and error states
pages/teams/switch.tsx (12)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/**/*.{ts,tsx} : Protected pages must require authentication and validate team membership for team-specific routes.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use SWR for data fetching in components and hooks
pages/api/auth/reset-password.ts (11)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Clear all sessions on password reset.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Enforce password policies in lib/auth.ts: minimum 8 characters (configurable), maximum 70 characters, validated on signup and password reset.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : API routes must check for authenticated sessions and appropriate permissions before allowing access.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/accountLock.ts : Implement account lockout logic in lib/accountLock.ts, including configurable max login attempts (default 5), unlock email with verification token, and clearing attempts on successful login.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:09.328Z
Learning: Applies to models/**/*.ts : Use generateToken(), slugify(), hashPassword(), verifyPassword() utilities for their respective purposes
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:59.981Z
Learning: Applies to models/**/*.ts : Use generateToken(), slugify(), hashPassword(), and verifyPassword() utilities for their respective purposes
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : Use common utilities such as extractAuthToken, generateToken, validateEmail, slugify, and forceConsume in API routes as appropriate.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : Perform session checks, team access checks, and permission checks in API routes as appropriate, using getSession, throwIfNoTeamAccess, and throwIfNotAllowed.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Optional email verification must block login until email is verified and provide resend verification email functionality.
.cursor/rules/project-overview.mdc (13)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: The `project-overview.mdc` rule provides a high-level overview of the entire project, including tech stack, key features, project structure, environment configuration, and development workflow, and is always applied to every AI interaction.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Apply the rules from `auth-security.mdc` when working on authentication, authorization, or security features, including NextAuth configuration, session management, security features, authorization patterns, and best practices.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: The `auth-security.mdc` rule details authentication and security patterns, including NextAuth configuration, session management, security features, authorization patterns, and best practices, and is applied when working on authentication, authorization, or security features.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Always apply the rules from `project-overview.mdc` to every AI interaction, as it provides a high-level overview of the entire project including tech stack, key features, project structure, environment configuration, and development workflow.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:09.328Z
Learning: The app uses PostgreSQL with Prisma ORM; key models include User, Team, TeamMember, Invitation, ApiKey, Subscription/Price/Service
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : All API routes must follow Next.js conventions in the pages/api/ directory, organizing endpoints by resource (e.g., auth/, teams/[slug]/, users.ts, sessions/, webhooks/).
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to pages/api/**/*.{js,ts} : RESTful endpoints should be implemented in the `pages/api/` directory following Next.js conventions
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to **/*.{ts,tsx} : TypeScript is used throughout the codebase with strict mode enabled
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:45.076Z
Learning: Applies to pages/api/**/*.{js,ts,jsx,tsx} : RESTful endpoints in `pages/api/` must follow Next.js conventions
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
pages/api/password.ts (18)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Clear all sessions on password reset.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:59.981Z
Learning: Applies to models/**/*.ts : Use generateToken(), slugify(), hashPassword(), and verifyPassword() utilities for their respective purposes
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:09.328Z
Learning: Applies to models/**/*.ts : Use generateToken(), slugify(), hashPassword(), verifyPassword() utilities for their respective purposes
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Enforce password policies in lib/auth.ts: minimum 8 characters (configurable), maximum 70 characters, validated on signup and password reset.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : Never return sensitive data (passwords, API keys) in API responses.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : Use common utilities such as extractAuthToken, generateToken, validateEmail, slugify, and forceConsume in API routes as appropriate.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : API routes must check for authenticated sessions and appropriate permissions before allowing access.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/accountLock.ts : Implement account lockout logic in lib/accountLock.ts, including configurable max login attempts (default 5), unlock email with verification token, and clearing attempts on successful login.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : All API routes must follow Next.js conventions in the pages/api/ directory, organizing endpoints by resource (e.g., auth/, teams/[slug]/, users.ts, sessions/, webhooks/).
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Session tokens must be stored in secure HTTP-only cookies.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to pages/api/**/* : Next.js API routes are located in `pages/api/` directory
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:45.076Z
Learning: Applies to pages/api/**/*.{js,ts,jsx,tsx} : RESTful endpoints in `pages/api/` must follow Next.js conventions
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : API route handlers must use the provided request handler pattern: async default export, try/catch for error handling, method switch, and consistent error responses.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Hash passwords with bcrypt using 12 rounds.
tsconfig.json (14)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to **/*.{ts,tsx} : Path aliases are configured for `@/lib/*` and `@/components/*`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:59.981Z
Learning: Applies to models/**/*.ts : Use include in Prisma queries only when necessary
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to **/*.{ts,tsx} : TypeScript is used throughout the codebase with strict mode enabled
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to **/{__tests__,tests}/**/*.{spec,test}.ts : Mock modules (e.g., Prisma, NextAuth) in unit test files using jest.mock
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:45.076Z
Learning: Applies to {pages,components,lib,models,hooks,types}/**/*.{ts,tsx} : Use TypeScript for all source code files
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to {pages,components,lib,models,hooks,types}/**/*.{ts,tsx} : Use TypeScript for all source code files
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:59.981Z
Learning: Applies to models/**/*.ts : Always use model files in models/ instead of direct Prisma client usage
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:09.328Z
Learning: Applies to models/**/*.ts : Always use model files in models/ instead of direct Prisma client usage
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:45.076Z
Learning: Applies to types/**/* : TypeScript type definitions must be placed in the `types/` directory
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to types/**/* : TypeScript type definitions should be placed in the `types/` directory
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Applies to **/*.{spec,test}.ts : Automatically apply the rules from `testing-patterns.mdc` when working on test files (`*.spec.ts`, `*.test.ts`), covering unit testing with Jest, E2E testing with Playwright, page object patterns, test fixtures, and debugging tips.
pages/_app.tsx (24)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : API routes must check for authenticated sessions and appropriate permissions before allowing access.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use react-hot-toast for toast notifications
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use the AccessControl component for permission-based rendering
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Avoid inline styles; use Tailwind CSS utility classes for styling
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to next.config.js : Security headers are configured in `next.config.js`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the AccessControl component for permission-based rendering
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use Tailwind CSS utility classes for styling
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Support dark mode in component styling
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use Formik for form handling and Yup for validation in forms
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use react-hot-toast for toast notifications
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use react-hot-toast for toast notifications
pages/auth/idp-login.tsx (14)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use SWR for data fetching in components and hooks
components/auth/GithubButton.tsx (14)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use react-hot-toast for toast notifications
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use react-hot-toast for toast notifications
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
hooks/auth.ts (13)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to hooks/**/* : Custom React hooks should be placed in the `hooks/` directory
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : Use common utilities such as extractAuthToken, generateToken, validateEmail, slugify, and forceConsume in API routes as appropriate.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
pages/api/sessions/index.ts (13)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Session tokens must be stored in secure HTTP-only cookies.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Clear all sessions on password reset.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Default session duration should be 14 days.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : Perform session checks, team access checks, and permission checks in API routes as appropriate, using getSession, throwIfNoTeamAccess, and throwIfNotAllowed.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : API routes must check for authenticated sessions and appropriate permissions before allowing access.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : Use common utilities such as extractAuthToken, generateToken, validateEmail, slugify, and forceConsume in API routes as appropriate.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : API route handlers must use the provided request handler pattern: async default export, try/catch for error handling, method switch, and consistent error responses.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : All API routes must follow Next.js conventions in the pages/api/ directory, organizing endpoints by resource (e.g., auth/, teams/[slug]/, users.ts, sessions/, webhooks/).
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to pages/api/**/* : Next.js API routes are located in `pages/api/` directory
components/auth/GoogleButton.tsx (12)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use react-hot-toast for toast notifications
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
MIGRATION_COMPLETE.md (5)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: The `auth-security.mdc` rule details authentication and security patterns, including NextAuth configuration, session management, security features, authorization patterns, and best practices, and is applied when working on authentication, authorization, or security features.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Apply the rules from `auth-security.mdc` when working on authentication, authorization, or security features, including NextAuth configuration, session management, security features, authorization patterns, and best practices.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
hooks/useSession.ts (12)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Default session duration should be 14 days.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
components/team/Members.tsx (20)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/**/*.{ts,tsx} : Protected pages must require authentication and validate team membership for team-specific routes.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to components/**/*.{ts,tsx} : UI components that enforce RBAC should use the AccessControl wrapper.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use the AccessControl component for permission-based rendering
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/* : React UI components are organized by feature in `/components` and shared components in `/components/shared`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the AccessControl component for permission-based rendering
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use the WithLoadingAndError wrapper for loading and error states
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use react-hot-toast for toast notifications
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use react-hot-toast for toast notifications
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use the AccessControl component for permission-based rendering
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/permissions.ts : Define permissions and roles (OWNER, ADMIN, MEMBER) in lib/permissions.ts for the RBAC system.
.cursor/rules/testing-patterns.mdc (16)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to **/{__tests__,tests}/**/*.{spec,test}.ts : Mock modules (e.g., Prisma, NextAuth) in unit test files using jest.mock
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to tests/e2e/**/*.ts : Mock external services (e.g., Stripe, email) in E2E tests
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: Applies to **/*.{spec,test}.ts : The `testing-patterns.mdc` rule outlines testing conventions and patterns, including unit testing with Jest, E2E testing with Playwright, page object patterns, test fixtures, and debugging tips, and is automatically applied when working on test files (`*.spec.ts`, `*.test.ts`).
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Applies to **/*.{spec,test}.ts : Automatically apply the rules from `testing-patterns.mdc` when working on test files (`*.spec.ts`, `*.test.ts`), covering unit testing with Jest, E2E testing with Playwright, page object patterns, test fixtures, and debugging tips.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: The `auth-security.mdc` rule details authentication and security patterns, including NextAuth configuration, session management, security features, authorization patterns, and best practices, and is applied when working on authentication, authorization, or security features.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Apply the rules from `auth-security.mdc` when working on authentication, authorization, or security features, including NextAuth configuration, session management, security features, authorization patterns, and best practices.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to **/{__tests__,tests}/**/*.{spec,test}.ts : Unit tests must use Jest and Testing Library as the testing stack
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to **/{__tests__,tests}/**/*.{spec,test}.ts : Use Jest assertions in unit test files
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Test user interactions with Playwright
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Test user interactions with Playwright
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:45.076Z
Learning: Applies to tests/**/*.e2e.{ts,tsx} : End-to-end (E2E) tests must be written using Playwright
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to tests/e2e/**/*.ts : E2E tests must use Playwright as the testing stack
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to tests/e2e/**/*.ts : Use Playwright assertions in E2E test files
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to tests/**/*.e2e.{ts,tsx} : End-to-end (E2E) tests should be written using Playwright and placed in the `tests/` directory
pages/auth/sso/index.tsx (15)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to lib/jackson/**/* : SAML SSO integration logic is placed in `/lib/jackson`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use Formik for form handling and Yup for validation in forms
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Optional email verification must block login until email is verified and provide resend verification email functionality.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/**/*.{ts,tsx} : Protected pages must require authentication and validate team membership for team-specific routes.
.github/workflows/main.yml (14)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:09.328Z
Learning: The app uses PostgreSQL with Prisma ORM; key models include User, Team, TeamMember, Invitation, ApiKey, Subscription/Price/Service
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to tests/**/*.e2e.{ts,tsx} : End-to-end (E2E) tests should be written using Playwright and placed in the `tests/` directory
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Run unit tests with `npm run test` and E2E tests with `npm run test:e2e`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:45.076Z
Learning: Applies to tests/**/*.e2e.{ts,tsx} : End-to-end (E2E) tests must be written using Playwright
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to tests/e2e/**/*.ts : E2E tests must use Playwright as the testing stack
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Test user interactions with Playwright
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Test user interactions with Playwright
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to tests/e2e/**/*.ts : Use Playwright assertions in E2E test files
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to tests/e2e/**/* : E2E tests are placed in `/tests/e2e` directory
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Tests run automatically on pull requests via CI
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to **/{__tests__,tests}/**/*.{spec,test}.ts : Unit tests must use Jest and Testing Library as the testing stack
components/shared/shell/AppShell.tsx (21)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use the WithLoadingAndError wrapper for loading and error states
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use the WithLoadingAndError wrapper for loading and error states
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : API routes must check for authenticated sessions and appropriate permissions before allowing access.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use the AccessControl component for permission-based rendering
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the AccessControl component for permission-based rendering
hooks/useCustomSignout.ts (2)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
lib/auth.ts (13)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Enforce password policies in lib/auth.ts: minimum 8 characters (configurable), maximum 70 characters, validated on signup and password reset.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Hash passwords with bcrypt using 12 rounds.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Generate secure tokens with crypto.randomBytes.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:59.981Z
Learning: Applies to models/**/*.ts : Use generateToken(), slugify(), hashPassword(), and verifyPassword() utilities for their respective purposes
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:09.328Z
Learning: Applies to models/**/*.ts : Use generateToken(), slugify(), hashPassword(), verifyPassword() utilities for their respective purposes
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/env.ts : Define environment variables and configuration in `lib/env.ts`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:45.076Z
Learning: Applies to lib/env.ts : Define environment variables in `lib/env.ts`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Optional email verification must block login until email is verified and provide resend verification email functionality.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/accountLock.ts : Implement account lockout logic in lib/accountLock.ts, including configurable max login attempts (default 5), unlock email with verification token, and clearing attempts on successful login.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : Use common utilities such as extractAuthToken, generateToken, validateEmail, slugify, and forceConsume in API routes as appropriate.
pages/settings/security.tsx (12)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to next.config.js : Security headers are configured in `next.config.js`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : API routes must check for authenticated sessions and appropriate permissions before allowing access.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Apply the rules from `auth-security.mdc` when working on authentication, authorization, or security features, including NextAuth configuration, session management, security features, authorization patterns, and best practices.
lib/env.ts (12)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/env.ts : Define environment variables and configuration in `lib/env.ts`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:45.076Z
Learning: Applies to lib/env.ts : Define environment variables in `lib/env.ts`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Default session duration should be 14 days.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Session tokens must be stored in secure HTTP-only cookies.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to **/*.{ts,tsx} : Path aliases are configured for `@/lib/*` and `@/components/*`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Apply the rules from `auth-security.mdc` when working on authentication, authorization, or security features, including NextAuth configuration, session management, security features, authorization patterns, and best practices.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: The `auth-security.mdc` rule details authentication and security patterns, including NextAuth configuration, session management, security features, authorization patterns, and best practices, and is applied when working on authentication, authorization, or security features.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to next.config.js : Security headers are configured in `next.config.js`
hooks/useAuth.ts (11)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
lib/session.ts (8)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : Perform session checks, team access checks, and permission checks in API routes as appropriate, using getSession, throwIfNoTeamAccess, and throwIfNotAllowed.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Default session duration should be 14 days.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Clear all sessions on password reset.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Session tokens must be stored in secure HTTP-only cookies.
types/next.ts (14)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : All API routes must follow Next.js conventions in the pages/api/ directory, organizing endpoints by resource (e.g., auth/, teams/[slug]/, users.ts, sessions/, webhooks/).
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:45.076Z
Learning: Applies to pages/api/**/*.{js,ts,jsx,tsx} : RESTful endpoints in `pages/api/` must follow Next.js conventions
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/**/*.{ts,tsx} : Protected pages must require authentication and validate team membership for team-specific routes.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use Formik for form handling and Yup for validation in forms
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use the AccessControl component for permission-based rendering
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : API routes must check for authenticated sessions and appropriate permissions before allowing access.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the AccessControl component for permission-based rendering
components/auth/MagicLink.tsx (19)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use next-i18next's useTranslation hook for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to components/**/*.{js,jsx,ts,tsx} : Use `useTranslation` hook from react-i18next for translations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Extract reusable logic into custom hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use TypeScript for all components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Applies to {components,pages}/**/*.tsx : Automatically apply the rules from `frontend-patterns.mdc` when working on React components (`components/**/*.tsx`, `pages/**/*.tsx`) and hooks, including component patterns, styling conventions, form handling, data fetching, custom hooks, and UI best practices.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use Formik for form handling and Yup for validation in forms
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use Formik for form handling and Yup for validation in forms
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Optional email verification must block login until email is verified and provide resend verification email functionality.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use Formik for form handling and Yup for validation in forms
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/accountLock.ts : Implement account lockout logic in lib/accountLock.ts, including configurable max login attempts (default 5), unlock email with verification token, and clearing attempts on successful login.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to **/*.{ts,tsx} : Yup is used for form validation with Formik
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/{api/auth,auth}/**/*.{ts,tsx} : Protect login, signup, and password reset forms with reCAPTCHA, configured via RECAPTCHA_SITE_KEY and RECAPTCHA_SECRET_KEY.
docs/authentication.md (7)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Apply the rules from `auth-security.mdc` when working on authentication, authorization, or security features, including NextAuth configuration, session management, security features, authorization patterns, and best practices.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: The `auth-security.mdc` rule details authentication and security patterns, including NextAuth configuration, session management, security features, authorization patterns, and best practices, and is applied when working on authentication, authorization, or security features.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/{api/auth,auth}/**/*.{ts,tsx} : Protect login, signup, and password reset forms with reCAPTCHA, configured via RECAPTCHA_SITE_KEY and RECAPTCHA_SECRET_KEY.
app.json (4)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/env.ts : Define environment variables and configuration in `lib/env.ts`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:45.076Z
Learning: Applies to lib/env.ts : Define environment variables in `lib/env.ts`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:09.328Z
Learning: The app uses PostgreSQL with Prisma ORM; key models include User, Team, TeamMember, Invitation, ApiKey, Subscription/Price/Service
components/account/ManageSessions.tsx (15)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Default session duration should be 14 days.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/auth.ts : Clear all sessions on password reset.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : API routes must check for authenticated sessions and appropriate permissions before allowing access.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Session tokens must be stored in secure HTTP-only cookies.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to hooks/**/*.ts : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use react-hot-toast for toast notifications
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use react-hot-toast for toast notifications
CLAUDE.md (14)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Apply the rules from `auth-security.mdc` when working on authentication, authorization, or security features, including NextAuth configuration, session management, security features, authorization patterns, and best practices.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: The `auth-security.mdc` rule details authentication and security patterns, including NextAuth configuration, session management, security features, authorization patterns, and best practices, and is applied when working on authentication, authorization, or security features.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Run unit tests with `npm run test` and E2E tests with `npm run test:e2e`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:09.328Z
Learning: The app uses PostgreSQL with Prisma ORM; key models include User, Team, TeamMember, Invitation, ApiKey, Subscription/Price/Service
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/**/*.{ts,tsx} : Protected pages must require authentication and validate team membership for team-specific routes.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to pages/api/**/* : Next.js API routes are located in `pages/api/` directory
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/api-patterns.mdc:0-0
Timestamp: 2025-07-03T07:38:24.757Z
Learning: Applies to pages/api/**/*.ts : All API routes must follow Next.js conventions in the pages/api/ directory, organizing endpoints by resource (e.g., auth/, teams/[slug]/, users.ts, sessions/, webhooks/).
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : API routes must check for authenticated sessions and appropriate permissions before allowing access.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to pages/api/{teams,users,invitations}/**/* : RESTful endpoints for teams, users, invitations are implemented in `pages/api/`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/{api/auth,auth}/**/*.{ts,tsx} : Protect login, signup, and password reset forms with reCAPTCHA, configured via RECAPTCHA_SITE_KEY and RECAPTCHA_SECRET_KEY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to pages/api/**/*.{js,ts} : RESTful endpoints should be implemented in the `pages/api/` directory following Next.js conventions
.cursor/rules/auth-security.mdc (13)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Apply the rules from `auth-security.mdc` when working on authentication, authorization, or security features, including NextAuth configuration, session management, security features, authorization patterns, and best practices.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: The `auth-security.mdc` rule details authentication and security patterns, including NextAuth configuration, session management, security features, authorization patterns, and best practices, and is applied when working on authentication, authorization, or security features.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: Applies to prisma/schema.prisma : The `database-patterns.mdc` rule documents database and Prisma usage patterns, including schema overview, Prisma best practices, query optimization, security patterns, migrations, and performance tips, and is automatically applied when working on Prisma schema or model files.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/{api/auth,auth}/**/*.{ts,tsx} : Protect login, signup, and password reset forms with reCAPTCHA, configured via RECAPTCHA_SITE_KEY and RECAPTCHA_SECRET_KEY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/accountLock.ts : Implement account lockout logic in lib/accountLock.ts, including configurable max login attempts (default 5), unlock email with verification token, and clearing attempts on successful login.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: Applies to pages/api/**/*.ts : The `api-patterns.mdc` rule defines API development patterns and conventions, including API route structure, response formats, request handlers, validation patterns, error handling, and security practices, and is automatically applied when working on files in `pages/api/**/*.ts`.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/**/*.{ts,tsx} : Protected pages must require authentication and validate team membership for team-specific routes.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Session tokens must be stored in secure HTTP-only cookies.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : Never return sensitive data (passwords, API keys) in API responses.
components/account/UpdateName.tsx (12)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use Formik for form handling and Yup for validation in forms
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to **/*.{ts,tsx} : Yup is used for form validation with Formik
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use Formik for form handling and Yup for validation in forms
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use Formik for form handling and Yup for validation in forms
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : Use validateWithSchema for input validation with Zod.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:09.328Z
Learning: Applies to models/**/*.ts : Use the upsert pattern for create-or-update operations
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to components/**/*.{ts,tsx} : UI components that enforce RBAC should use the AccessControl wrapper.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to **/*.{ts,tsx} : Zod is used for runtime validation
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the useTranslation hook from next-i18next for internationalization
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Add aria-labels for accessibility in components
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Add aria-labels for accessibility
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Add aria-labels for accessibility in components
README.md (18)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Configure NextAuth.js in lib/nextAuth.ts to support multiple authentication providers: Credentials (with bcrypt), Magic Links, OAuth (GitHub, Google), SAML SSO (BoxyHQ), and IdP-initiated SAML flows.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:50.933Z
Learning: Apply the rules from `auth-security.mdc` when working on authentication, authorization, or security features, including NextAuth configuration, session management, security features, authorization patterns, and best practices.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/README.md:0-0
Timestamp: 2025-07-03T07:37:56.463Z
Learning: The `auth-security.mdc` rule details authentication and security patterns, including NextAuth configuration, session management, security features, authorization patterns, and best practices, and is applied when working on authentication, authorization, or security features.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to tests/**/*.e2e.{ts,tsx} : End-to-end (E2E) tests should be written using Playwright and placed in the `tests/` directory
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to tests/e2e/**/*.ts : E2E tests must use Playwright as the testing stack
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:45.076Z
Learning: Applies to tests/**/*.e2e.{ts,tsx} : End-to-end (E2E) tests must be written using Playwright
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Test user interactions with Playwright
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Test user interactions with Playwright
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to tests/e2e/**/*.ts : Use Playwright assertions in E2E test files
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to **/{__tests__,tests}/**/*.{spec,test}.ts : Mock modules (e.g., Prisma, NextAuth) in unit test files using jest.mock
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/testing-patterns.mdc:0-0
Timestamp: 2025-07-03T07:40:17.152Z
Learning: Applies to **/{__tests__,tests}/**/*.{spec,test}.ts : Unit tests must use Jest and Testing Library as the testing stack
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Database sessions should enable features like session management UI and revocation.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to lib/nextAuth.ts : Support both JWT and database session strategies, configurable via NEXTAUTH_SESSION_STRATEGY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to next.config.js : Security headers are configured in `next.config.js`
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/{api/auth,auth}/**/*.{ts,tsx} : Protect login, signup, and password reset forms with reCAPTCHA, configured via RECAPTCHA_SITE_KEY and RECAPTCHA_SECRET_KEY.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:09.328Z
Learning: The app uses PostgreSQL with Prisma ORM; key models include User, Team, TeamMember, Invitation, ApiKey, Subscription/Price/Service
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-03T07:37:37.818Z
Learning: Applies to pages/api/{teams,users,invitations}/**/* : RESTful endpoints for teams, users, invitations are implemented in `pages/api/`
.do/deploy.template.yaml (1)
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/database-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:09.328Z
Learning: The app uses PostgreSQL with Prisma ORM; key models include User, Team, TeamMember, Invitation, ApiKey, Subscription/Price/Service
🧬 Code Graph Analysis (9)
pages/api/auth/reset-password.ts (1)
models/session.ts (1)
  • deleteManySessions (3-7)
pages/api/password.ts (1)
models/session.ts (1)
  • deleteManySessions (3-7)
pages/auth/idp-login.tsx (1)
hooks/useAuth.ts (1)
  • useSignIn (6-65)
components/auth/GithubButton.tsx (1)
hooks/useAuth.ts (1)
  • useSignIn (6-65)
components/auth/GoogleButton.tsx (1)
hooks/useAuth.ts (1)
  • useSignIn (6-65)
lib/auth.ts (2)
types/base.ts (1)
  • AUTH_PROVIDER (60-66)
lib/common.ts (1)
  • passwordPolicies (16-18)
lib/session.ts (1)
lib/clerk.ts (1)
  • getCurrentUserWithTeam (16-47)
components/account/ManageSessions.tsx (1)
types/base.ts (1)
  • ApiResponse (9-17)
components/account/UpdateName.tsx (4)
hooks/auth.ts (2)
  • useSession (4-4)
  • useUser (9-9)
hooks/useSession.ts (1)
  • useSession (7-45)
lib/common.ts (1)
  • maxLengthPolicies (28-48)
types/base.ts (1)
  • ApiResponse (9-17)
🪛 GitHub Actions: Build
components/shared/shell/Header.tsx

[error] 15-15: ESLint: 'Loading' is defined but never used. (@typescript-eslint/no-unused-vars)

pages/teams/switch.tsx

[error] 16-17: ESLint: 'useTeams' and 'Link' are defined but never used. (@typescript-eslint/no-unused-vars)

pages/api/auth/reset-password.ts

[error] 6-6: ESLint: 'env' is defined but never used. (@typescript-eslint/no-unused-vars)

components/team/Members.tsx

[error] 2-20: ESLint: 'EmptyState' and 'AccessControl' are defined but never used. (@typescript-eslint/no-unused-vars)

pages/auth/sso/index.tsx

[error] 24-24: ESLint: 'signIn' is assigned a value but never used. (@typescript-eslint/no-unused-vars)

components/shared/shell/AppShell.tsx

[error] 14-18: ESLint: 'isSignedIn', 'isLoading', 'isAuthenticated' are assigned values but never used. (@typescript-eslint/no-unused-vars)

lib/auth.ts

[error] 3-3: ESLint: 'env' is defined but never used. (@typescript-eslint/no-unused-vars)

pages/settings/security.tsx

[error] 3-3: ESLint: 'InferGetServerSidePropsType' is defined but never used. (@typescript-eslint/no-unused-vars)


[error] 10-10: ESLint: 'getSession' is defined but never used. (@typescript-eslint/no-unused-vars)


[error] 13-13: ESLint: 't' is assigned a value but never used. (@typescript-eslint/no-unused-vars)

components/auth/MagicLink.tsx

[error] 19-19: ESLint: 'csrfToken' is defined but never used. (@typescript-eslint/no-unused-vars)

components/account/ManageSessions.tsx

[error] 6-19: ESLint: Multiple unused variables: 'defaultHeaders', 'env', 'loading', 'setLoading'. (@typescript-eslint/no-unused-vars)

components/account/UpdateName.tsx

[error] 15-15: ESLint: 'update' is assigned a value but never used. (@typescript-eslint/no-unused-vars)

🪛 Biome (1.9.4)
components/team/Members.tsx

[error] 3-3: Do not shadow the global "Error" property.

Consider renaming this variable. It's easy to confuse the origin of variables when they're named after a known global.

(lint/suspicious/noShadowRestrictedNames)

🪛 LanguageTool
docs/authentication.md

[uncategorized] ~116-~116: Possible missing article found.
Context: ...ement, and user data are now handled by Clerk. ### Key Changes: - Sessions managed b...

(AI_HYDRA_LEO_MISSING_THE)

🪛 YAMLlint (1.37.1)
.do/deploy.template.yaml

[error] 31-31: duplication of key "name" in mapping

(key-duplicates)

🔇 Additional comments (53)
components/shared/TeamDropdown.tsx (1)

9-21: Confirm useSession compatibility with previous consumer code

The component keeps using data.user and the status strings ('authenticated', 'unauthenticated') that were provided by NextAuth.
Please double-check that the new Clerk-backed useSession hook exposes:

  1. data.user with identical shape (at least id, name, email).
  2. status values matching the old literal strings (or that every consumer has been updated).

A silent mismatch here will break all dropdown/user-menu logic at runtime.
If the API differs, add an adapter layer in @/hooks/auth or update the callers.

pages/invitations/[token].tsx (1)

4-21: status value assumptions need verification

Same concern as in TeamDropdown: the code relies on status === 'authenticated' | 'unauthenticated'.
Ensure @/hooks/auth returns those exact strings or refactor the checks (e.g. isSignedIn) to avoid a logic regression in the invitation flow.

tsconfig.json (1)

28-30: Removal of next-auth.d.ts looks correct

Excluding the obsolete declaration cleans up the compile scope. No further action required.

pages/api/auth/reset-password.ts (1)

76-78: LGTM! Session deletion aligns with Clerk migration.

The unconditional session deletion correctly reflects the migration from NextAuth.js to Clerk, where session management is handled by Clerk's infrastructure rather than conditional database strategies.

.cursor/rules/project-overview.mdc (1)

11-11: LGTM! Documentation correctly updated for Clerk migration.

The authentication reference has been properly updated to reflect the migration from NextAuth.js to Clerk, pointing to the new middleware configuration.

pages/auth/idp-login.tsx (4)

1-1: LGTM! Import correctly updated for Clerk migration.

The import has been properly changed from NextAuth.js to the custom authentication hook that wraps Clerk functionality.


7-7: LGTM! Hook usage aligns with new authentication architecture.

Using the useSignIn hook correctly implements the Clerk-based authentication pattern established in the migration.


18-18: LGTM! Type casting ensures type safety.

The explicit string casting for the code parameter ensures type safety and aligns with the hook's expected interface.


20-20: LGTM! Dependency array correctly updated.

Adding signIn to the dependency array is necessary since it's now obtained from a hook and ensures the effect re-runs if the function reference changes.

pages/_app.tsx (2)

19-19: LGTM! PageProps handling simplified for Clerk migration.

Removing session extraction from pageProps is correct since authentication state is now managed by Clerk's context provider.


52-70: LGTM! App structure correctly updated for Clerk.

The removal of SessionProvider wrapper and direct nesting of components within ClerkProvider correctly implements the new authentication architecture using Clerk.

components/auth/GoogleButton.tsx (2)

1-1: LGTM! Import correctly updated for Clerk migration.

The import has been properly changed to use the custom authentication hook that wraps Clerk's Google OAuth functionality.


9-9: LGTM! Hook usage implements Clerk authentication pattern.

Using the useSignIn hook correctly implements the new authentication architecture. The hook handles Google OAuth through Clerk's authenticateWithRedirect method as shown in the relevant code snippets.

components/auth/GithubButton.tsx (1)

1-1: Migration to Clerk authentication looks correct.

The changes successfully replace NextAuth.js signIn with the custom useSignIn hook that wraps Clerk's authentication functionality. The component maintains the same interface and behavior while integrating with the new authentication system.

Also applies to: 9-9

pages/api/password.ts (1)

56-61: Session deletion logic correctly simplified for Clerk migration.

The removal of conditional session strategy checks and unconditional deletion of all user sessions aligns with Clerk's centralized session management. Since Clerk handles session tokens separately, this simplification is appropriate and maintains the security requirement of invalidating sessions after password changes.

hooks/useCustomSignout.ts (1)

1-1: Successful migration to Clerk's sign-out functionality.

The refactoring correctly replaces the custom API endpoint with Clerk's built-in signOut method. This eliminates the need for the custom /api/auth/custom-signout route and leverages Clerk's optimized sign-out process while maintaining the same error handling and navigation behavior.

Also applies to: 6-6, 10-10

components/team/Members.tsx (1)

11-11: Migration to Clerk authentication hook is correct.

The import change from next-auth/react to @/hooks/auth for the useSession hook correctly integrates with the new Clerk-based authentication system.

hooks/auth.ts (1)

1-13: Well-structured barrel export for authentication hooks.

This centralized export file provides a clean API for authentication hooks, supporting the migration to Clerk while maintaining consistent import patterns across the codebase. The separation of custom hooks and direct Clerk re-exports is well-organized and follows good practices for barrel exports.

.github/workflows/main.yml (3)

40-42: LGTM! Proper Clerk environment variables configuration.

The migration from NextAuth environment variables to Clerk-specific ones is correctly implemented. The fake test values follow proper Clerk key naming conventions.


80-87: Good practice: Explicit environment variables for unit tests.

Adding explicit environment variable configuration for the unit test step ensures tests run with the correct Clerk authentication context, preventing potential test failures due to missing environment variables.


93-103: Improved test execution and comprehensive environment setup.

The changes improve the CI pipeline by:

  • Removing the -x flag allows all Playwright tests to run instead of stopping on first failure
  • Comprehensive environment variable setup ensures E2E tests have all necessary configuration
.cursor/rules/testing-patterns.mdc (2)

45-71: Excellent Clerk testing mock implementation.

The mock correctly replaces NextAuth with Clerk hooks, providing realistic data structures that match Clerk's API. The mock covers the essential hooks (useAuth, useUser, useOrganization) with appropriate user and organization data.


72-79: Good practice: Test environment isolation.

Explicitly setting test environment variables ensures consistent test execution and proper isolation from development/production environments.

lib/env.ts (2)

7-7: Clean migration: NextAuth configuration successfully removed.

The environment configuration has been properly updated to remove NextAuth dependencies while maintaining the comprehensive configuration structure for other services.


16-25: Well-structured Clerk configuration.

The Clerk configuration includes all necessary environment variables with appropriate defaults for sign-in/sign-up URLs and webhook handling, supporting a complete authentication flow.

pages/auth/sso/index.tsx (1)

65-72: Correct SAML SSO flow implementation.

The migration properly replaces NextAuth's signIn('boxyhq-saml', ...) with a manual redirect to the SAML authorization endpoint. This approach gives more control over the SAML flow while maintaining compatibility with the existing Jackson SAML infrastructure.

pages/api/sessions/index.ts (1)

38-43: Reasonable compromise for Clerk session management.

The comment clearly explains why the current session detection is disabled. Since Clerk manages sessions differently than NextAuth and doesn't expose the current session token, marking all sessions as isCurrent: false is an acceptable limitation that preserves the core session listing functionality.

hooks/useSession.ts (2)

1-5: LGTM! Clean imports and dependencies.

The imports are well-organized and all necessary dependencies are included for the Clerk-based session hook implementation.


11-15: Status calculation logic is correct.

The status determination properly handles the loading states from both user and organization contexts, ensuring consistent state management.

components/shared/shell/AppShell.tsx (2)

3-3: LGTM! Import updated for Clerk migration.

The import correctly switches from NextAuth's useSession to the custom hook, aligning with the authentication migration.


20-27: Simplify conditional rendering using only useSession status.

Since the custom useSession hook provides comprehensive authentication state, the component can rely solely on its status for conditional rendering.

The current implementation is correct and the authentication flow works properly. The status checks are appropriately handling loading and unauthenticated states.

⛔ Skipped due to learnings
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use the AccessControl component for permission-based rendering
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use the AccessControl component for permission-based rendering
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Use the AccessControl component for permission-based rendering
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/project-overview.mdc:0-0
Timestamp: 2025-07-03T07:39:51.623Z
Learning: Applies to lib/nextAuth.ts : Authentication logic should be implemented in `lib/nextAuth.ts` using NextAuth.js
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to pages/api/**/*.{ts,tsx} : API routes must check for authenticated sessions and appropriate permissions before allowing access.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to components/**/*.tsx : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/auth-security.mdc:0-0
Timestamp: 2025-07-03T07:38:40.730Z
Learning: Applies to components/**/*.{ts,tsx} : UI components that enforce RBAC should use the AccessControl wrapper.
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx,hooks/**/*.ts} : Use SWR for data fetching in components and hooks
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:35.571Z
Learning: Applies to {components/**/*.tsx,pages/**/*.tsx} : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Handle loading and error states consistently using the WithLoadingAndError wrapper
Learnt from: CR
PR: adamsardo/saas-starter-kit#0
File: .cursor/rules/frontend-patterns.mdc:0-0
Timestamp: 2025-07-03T07:39:29.909Z
Learning: Applies to pages/**/*.tsx : Use the WithLoadingAndError wrapper for loading and error states
CLAUDE.md (3)

16-17: Good markdown formatting improvement.

The code block formatting for the Development section is now properly structured.


140-147: Excellent authentication documentation update.

The documentation correctly reflects the migration to Clerk, accurately describing Clerk's features including session management, attack protection, 2FA, and organization-based access control.


424-449: Valuable implementation patterns section.

The new "Key Implementation Patterns" section provides clear guidance on the authentication flow and essential environment variables for Clerk integration.

app.json (1)

8-22: Environment variables correctly updated for Clerk migration.

The replacement of NextAuth environment variables with Clerk equivalents is accurate and complete. The reorganization with DATABASE_URL and APP_URL at the top provides better structure.

lib/session.ts (1)

6-6: Ignore incorrect import path suggestion

The getCurrentUserWithTeam used in lib/session.ts is correctly imported from @/lib/clerk-session, as that implementation expects (req, res) parameters. No changes are needed here.

Likely an incorrect or invalid review comment.

hooks/useAuth.ts (1)

68-86: LGTM: Clean signOut implementation

The signOut wrapper properly handles the redirect flow and includes appropriate error handling.

lib/auth.ts (1)

14-14: Static auth provider list verified
I searched for any dynamic provider-detection calls (e.g. getAuthProviders, isAuthProviderEnabled, etc.) and found none. Using the static authProviders: AUTH_PROVIDER[] = ['github', 'google'] aligns with Clerk’s configuration model and won’t break existing functionality.

MIGRATION_COMPLETE.md (1)

1-111: Excellent migration documentation

This comprehensive documentation provides clear guidance for the completed migration from NextAuth.js to Clerk. It includes:

  • Complete checklist of removed NextAuth.js components
  • Detailed list of Clerk implementations
  • Benefits and next steps
  • Support resources

The documentation is well-structured and will be valuable for future reference and onboarding.

types/next.ts (3)

7-7: LGTM: Generalized pageProps type

The change from specific session typing to Record<string, any> appropriately removes NextAuth-specific assumptions and provides flexibility for Clerk's different prop structure.


10-15: LGTM: Enhanced NextPageWithLayout generics

The addition of proper generic parameters P and IP aligns with the underlying NextPage type signature and provides better type safety.


17-22: LGTM: New NextPageWithUser type for authorization

The new type with requireAuth property provides a clean way to indicate pages that require authentication, supporting the new Clerk-based authorization patterns.

README.md (3)

55-56: LGTM! Clerk properly added to tech stack.

The description accurately reflects Clerk's role as the authentication and user management solution.


275-285: Great addition! Tech stack section provides clear overview.

The new tech stack section effectively communicates the core technologies used in the project.


168-188: Clerk Environment Variables Documentation Confirmed

All environment variables listed in README.md are declared in app.json and actively used in the codebase (e.g., lib/env.ts, pages/api/webhooks/clerk.ts, scripts/migrate-users-to-clerk.ts). No additional variables are required—this section is complete.

components/auth/MagicLink.tsx (2)

6-6: LGTM! Proper migration to custom authentication hooks.

The import correctly uses the centralized authentication hooks that wrap Clerk's functionality.


39-51: LGTM! Form submission properly updated for Clerk.

The try-catch pattern with the signIn hook is correctly implemented for Clerk's authentication flow.

docs/authentication.md (2)

116-116: Fix minor grammatical issue.

Add the missing article "by" for better readability.

-and user data are now handled by Clerk.
+and user data are now handled by Clerk.

Actually, this is a false positive from the static analysis tool. The sentence is grammatically correct as written.


1-147: Excellent comprehensive documentation!

This documentation thoroughly covers all aspects of Clerk authentication including setup, configuration, usage patterns, and troubleshooting. It provides clear guidance for developers working with the new authentication system.

components/account/ManageSessions.tsx (1)

15-15: LGTM! Improved type safety and state management.

The type alias rename from NextAuthSession to UserSession and the dialog state variable improvements enhance code clarity and maintainability.

Also applies to: 22-22, 54-54, 92-92, 104-104, 107-107

components/account/UpdateName.tsx (2)

49-59: LGTM! Proper Clerk user profile integration.

The direct integration with Clerk's user update API is correctly implemented with proper error handling and name parsing logic.


23-27: LGTM! Proper form validation with Yup.

The migration from Zod to Yup validation follows the coding guidelines and uses the correct max length policies.

.do/deploy.template.yaml (1)

15-21: Environment entries are missing value/value_from; DigitalOcean spec will reject them

NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY, CLERK_SECRET_KEY, and CLERK_WEBHOOK_SECRET only declare key and scope.
In the DO App-Spec either value or value_from is mandatory for each env item.

Example fix:

-        - key: NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY
-          scope: RUN_AND_BUILD_TIME
+        - key: NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY
+          scope: RUN_AND_BUILD_TIME
+          value: ${NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY}   # or value_from: ...

Double-check all three Clerk variables before shipping.

Comment thread pages/teams/switch.tsx
Comment on lines +9 to 18
import { useSession } from '@/hooks/auth';
import { useTranslation } from 'next-i18next';
import { serverSideTranslations } from 'next-i18next/serverSideTranslations';
import { useRouter } from 'next/router';
import { type ReactElement, useEffect } from 'react';
import toast from 'react-hot-toast';
import type { NextPageWithLayout } from 'types';
import useTeams from 'hooks/useTeams';
import Link from 'next/link';

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Failing build: remove or use the unused imports

useTeams and Link are imported but never used, causing the ESLint error reported by CI.

-import { useSession } from '@/hooks/auth';
-import { useTranslation } from 'next-i18next';
-import { serverSideTranslations } from 'next-i18next/serverSideTranslations';
-import { useRouter } from 'next/router';
-import { type ReactElement, useEffect } from 'react';
-import toast from 'react-hot-toast';
-import type { NextPageWithLayout } from 'types';
-import useTeams from 'hooks/useTeams';
-import Link from 'next/link';
+import { useSession } from '@/hooks/auth';
+import { useTranslation } from 'next-i18next';
+import { serverSideTranslations } from 'next-i18next/serverSideTranslations';
+import { useRouter } from 'next/router';
+import { type ReactElement, useEffect } from 'react';
+import toast from 'react-hot-toast';
+import type { NextPageWithLayout } from 'types';

If you actually intend to list the teams in the client, keep the imports and use them; otherwise drop them to unblock the pipeline.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
import { useSession } from '@/hooks/auth';
import { useTranslation } from 'next-i18next';
import { serverSideTranslations } from 'next-i18next/serverSideTranslations';
import { useRouter } from 'next/router';
import { type ReactElement, useEffect } from 'react';
import toast from 'react-hot-toast';
import type { NextPageWithLayout } from 'types';
import useTeams from 'hooks/useTeams';
import Link from 'next/link';
import { useSession } from '@/hooks/auth';
import { useTranslation } from 'next-i18next';
import { serverSideTranslations } from 'next-i18next/serverSideTranslations';
import { useRouter } from 'next/router';
import { type ReactElement, useEffect } from 'react';
import toast from 'react-hot-toast';
import type { NextPageWithLayout } from 'types';
🧰 Tools
🪛 GitHub Actions: Build

[error] 16-17: ESLint: 'useTeams' and 'Link' are defined but never used. (@typescript-eslint/no-unused-vars)

🤖 Prompt for AI Agents
In pages/teams/switch.tsx around lines 9 to 18, the imports for useTeams and
Link are unused, causing ESLint errors and build failure. To fix this, either
remove these two imports if they are not needed or implement their usage in the
component if you plan to list teams or use links. This will resolve the unused
import errors and unblock the build pipeline.

Comment on lines +1 to +6
import {
EmptyState,
Error,
LetterAvatar,
Loading,
} from '@/components/shared';

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Remove unused imports flagged by pipeline.

The pipeline indicates that EmptyState and AccessControl are imported but never used in this component. Please remove these unused imports to clean up the code.

import {
- EmptyState,
  Error,
  LetterAvatar,
  Loading,
} from '@/components/shared';
-import { AccessControl } from '@/components/shared/AccessControl';

Also applies to: 20-20

🧰 Tools
🪛 Biome (1.9.4)

[error] 3-3: Do not shadow the global "Error" property.

Consider renaming this variable. It's easy to confuse the origin of variables when they're named after a known global.

(lint/suspicious/noShadowRestrictedNames)

🤖 Prompt for AI Agents
In components/team/Members.tsx at lines 1 to 6 and line 20, remove the unused
imports EmptyState and AccessControl since they are imported but never used in
the component. This will clean up the code and resolve the pipeline warnings.

Comment thread pages/auth/sso/index.tsx
> = ({ jacksonProductId }) => {
const { t } = useTranslation('common');
const { status } = useSession();
const signIn = useSignIn();

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Remove unused variable to fix ESLint error.

The signIn hook is imported and assigned but never used in the updated logic, causing a pipeline failure.

-  const signIn = useSignIn();
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
const signIn = useSignIn();
🧰 Tools
🪛 GitHub Actions: Build

[error] 24-24: ESLint: 'signIn' is assigned a value but never used. (@typescript-eslint/no-unused-vars)

🤖 Prompt for AI Agents
In pages/auth/sso/index.tsx at line 24, the variable signIn is assigned using
the useSignIn hook but never used, causing an ESLint error. Remove the
declaration of the signIn variable to fix the unused variable issue and prevent
the pipeline failure.

Comment thread hooks/useSession.ts
Comment on lines +20 to +21
const role = membership?.role as keyof typeof CLERK_ROLES;
const mappedRole = CLERK_ROLES[role] || Role.MEMBER;

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add null safety for membership role mapping.

The role mapping assumes membership exists when determining the user's role, but membership could be null if the user isn't part of the current organization.

-  const role = membership?.role as keyof typeof CLERK_ROLES;
-  const mappedRole = CLERK_ROLES[role] || Role.MEMBER;
+  const role = membership?.role as keyof typeof CLERK_ROLES;
+  const mappedRole = role ? (CLERK_ROLES[role] || Role.MEMBER) : Role.MEMBER;
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
const role = membership?.role as keyof typeof CLERK_ROLES;
const mappedRole = CLERK_ROLES[role] || Role.MEMBER;
const role = membership?.role as keyof typeof CLERK_ROLES;
const mappedRole = role ? (CLERK_ROLES[role] || Role.MEMBER) : Role.MEMBER;
🤖 Prompt for AI Agents
In hooks/useSession.ts around lines 20 to 21, the code assumes membership is
always defined when mapping the role, but membership can be null if the user is
not part of the organization. To fix this, add a null check for membership
before accessing membership.role, and safely handle the case when membership is
null by defaulting the role to a safe fallback like Role.MEMBER.

Comment on lines +14 to 18
const { isLoaded: clerkLoaded, isSignedIn, user } = useUser();

// Use Clerk auth status if available, otherwise fall back to NextAuth
// Check authentication status
const isLoading = clerkLoaded === false || (clerkLoaded && !user && status === 'loading');
const isAuthenticated = user || status === 'authenticated';

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Remove unused variables and simplify authentication logic.

The pipeline indicates that isSignedIn, isLoading, and isAuthenticated are unused. The logic is also redundant since the custom useSession hook already handles all authentication state.

-  const { isLoaded: clerkLoaded, isSignedIn, user } = useUser();
-
-  // Check authentication status
-  const isLoading = clerkLoaded === false || (clerkLoaded && !user && status === 'loading');
-  const isAuthenticated = user || status === 'authenticated';
+  const { isLoaded: clerkLoaded, user } = useUser();
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
const { isLoaded: clerkLoaded, isSignedIn, user } = useUser();
// Use Clerk auth status if available, otherwise fall back to NextAuth
// Check authentication status
const isLoading = clerkLoaded === false || (clerkLoaded && !user && status === 'loading');
const isAuthenticated = user || status === 'authenticated';
const { isLoaded: clerkLoaded, user } = useUser();
🧰 Tools
🪛 GitHub Actions: Build

[error] 14-18: ESLint: 'isSignedIn', 'isLoading', 'isAuthenticated' are assigned values but never used. (@typescript-eslint/no-unused-vars)

🤖 Prompt for AI Agents
In components/shared/shell/AppShell.tsx around lines 14 to 18, remove the unused
variables isSignedIn, isLoading, and isAuthenticated from the useUser hook
destructuring and subsequent logic. Simplify the code by relying solely on the
custom useSession hook for authentication state, eliminating redundant checks
and variables related to authentication status.

Comment on lines +6 to +12
import { defaultHeaders } from '@/lib/common';
import toast from 'react-hot-toast';
import { WithLoadingAndError } from '@/components/shared';
import ConfirmationDialog from '@/components/shared/ConfirmationDialog';
import { Table } from '@/components/shared/table/Table';
import env from '@/lib/env';
import { ApiResponse } from 'types';

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Remove unused imports and variables.

Multiple imports and variables are not used and should be removed to clean up the code.

-import { defaultHeaders } from '@/lib/common';
-import env from '@/lib/env';
-  const [loading, setLoading] = useState(false);

Also applies to: 19-19

🧰 Tools
🪛 GitHub Actions: Build

[error] 6-19: ESLint: Multiple unused variables: 'defaultHeaders', 'env', 'loading', 'setLoading'. (@typescript-eslint/no-unused-vars)

🤖 Prompt for AI Agents
In components/account/ManageSessions.tsx around lines 6 to 12 and line 19, there
are multiple imports and variables that are not used anywhere in the file.
Identify all unused imports and variables in these lines and remove them to
clean up the code and improve maintainability.

Comment on lines +23 to 25
data: UserSession[];
}>>('/api/sessions', fetcher);

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix incorrect SWR typing.

The SWR hook has incorrect double-nested typing. Based on the relevant code snippet from types/base.ts, the ApiResponse should directly wrap the array.

-  const { data, error, mutate, isLoading } = useSWR<ApiResponse<{
-    data: UserSession[];
-  }>>('/api/sessions', fetcher);
+  const { data, error, mutate, isLoading } = useSWR<ApiResponse<UserSession[]>>('/api/sessions', fetcher);

And update the data access:

-  const sessions = data?.data ?? [];
+  const sessions = data?.data ?? [];
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
const { data, error, mutate, isLoading } = useSWR<ApiResponse<{
data: UserSession[];
}>>('/api/sessions', fetcher);
const { data, error, mutate, isLoading } = useSWR<ApiResponse<UserSession[]>>(
'/api/sessions',
fetcher
);
const sessions = data?.data ?? [];
🤖 Prompt for AI Agents
In components/account/ManageSessions.tsx around lines 23 to 25, the SWR hook
typing incorrectly nests ApiResponse inside another data object. Update the
generic type to ApiResponse<UserSession[]> to match the correct structure. Then
adjust any data access in the component to directly use data.data instead of
data.data.data.

const UpdateName = ({ user }: { user: Partial<User> }) => {
const UpdateName = ({ user }: { user: any }) => {
const { t } = useTranslation('common');
const { update } = useSession();

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Remove unused update variable.

The update variable from useSession() is no longer used since the component directly updates the Clerk user profile.

-  const { update } = useSession();
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
const { update } = useSession();
🧰 Tools
🪛 GitHub Actions: Build

[error] 15-15: ESLint: 'update' is assigned a value but never used. (@typescript-eslint/no-unused-vars)

🤖 Prompt for AI Agents
In components/account/UpdateName.tsx at line 15, the variable `update` is
destructured from `useSession()` but is not used anywhere in the component.
Remove the `update` variable from the destructuring assignment to clean up
unused code.

import { updateAccountSchema } from '@/lib/zod';

const UpdateName = ({ user }: { user: Partial<User> }) => {
const UpdateName = ({ user }: { user: any }) => {

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Improve type safety for user prop.

Using any type reduces type safety. Define a proper interface or use a more specific type.

-const UpdateName = ({ user }: { user: any }) => {
+interface UserProps {
+  name?: string;
+}
+
+const UpdateName = ({ user }: { user: UserProps }) => {
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
const UpdateName = ({ user }: { user: any }) => {
// Define a specific type for the user prop
interface UserProps {
name?: string;
}
const UpdateName = ({ user }: { user: UserProps }) => {
// …rest of implementation…
}
🤖 Prompt for AI Agents
In components/account/UpdateName.tsx at line 13, the user prop is typed as any,
which reduces type safety. Define a proper TypeScript interface or type that
describes the expected shape of the user object, including relevant properties
used in the component, and replace any with this specific type to improve type
safety.

Comment thread .do/deploy.template.yaml
Comment on lines +28 to +33
http_port: 4002
instance_count: 1
instance_size_slug: basic-xxs
name: saas-starter-kit
run_command: npm start
source_dir: /

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Duplicate name key inside the same service block breaks YAML parsing

- name: web (line 4) already defines the service’s identifier.
Re-declaring name: at line 31 produces the YAMLlint key-duplicates error and will prevent the template from being applied.

@@
-      instance_size_slug: basic-xxs
-      name: saas-starter-kit        # ← remove or rename
+      instance_size_slug: basic-xxs

Remove the second key or convert it to a different attribute (e.g., app_name) if you really need it.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
http_port: 4002
instance_count: 1
instance_size_slug: basic-xxs
name: saas-starter-kit
run_command: npm start
source_dir: /
http_port: 4002
instance_count: 1
instance_size_slug: basic-xxs
run_command: npm start
source_dir: /
🧰 Tools
🪛 YAMLlint (1.37.1)

[error] 31-31: duplication of key "name" in mapping

(key-duplicates)

🤖 Prompt for AI Agents
In .do/deploy.template.yaml around lines 28 to 33, there is a duplicate `name`
key within the same service block, which causes YAML parsing errors. Remove the
second `name: saas-starter-kit` key or rename it to a different attribute like
`app_name` if you need to keep that value, ensuring no duplicate keys exist in
the same block.

@adamsardo adamsardo closed this Jul 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants