Clerk Auth Skill
This skill outlines rules for integrating and using Clerk for authentication in Next.js.
Core Directives
- •Middleware: Always use Clerk's
clerkMiddlewareinmiddleware.ts. Explicitly define which routes are public usingcreateRouteMatcherand protect all others by default, or explicitly protect required routes. - •Server-Side Auth: In Server Components and Server Actions, use
auth()orcurrentUser()from@clerk/nextjs/serverto check authentication status. NEVER trust client-side claims for sensitive operations. - •Client-Side Auth: In Client Components, use hooks like
useAuth()anduseUser()from@clerk/nextjs. Use<SignedIn>,<SignedOut>, and<UserButton />components for auth-conditional UI. - •Data Association: Store the Clerk
userIdin your database (via Drizzle) to associate application data with the user. Treat theuserIdas the primary identifier across the system. - •Webhooks: For syncing user data to your local database, use Svix to securely verify incoming Clerk webhooks (e.g.,
user.created,user.deleted) in a Next.js Route Handler.