Expert integration of Supabase Auth with Next.js App Router Use when: supabase auth next, authentication next.js, login supabase, auth middleware, protected route.
Install with the open skills CLI (global, non-interactive — available in every Claude Code session):
npx skills add davila7/claude-code-templates --skill "nextjs-supabase-auth" -g -a claude-code -yOr manually — copy the SKILL.md below into:
~/.claude/skills/nextjs-supabase-auth-davila7/SKILL.md---
name: nextjs-supabase-auth
description: "Expert integration of Supabase Auth with Next.js App Router Use when: supabase auth next, authentication next.js, login supabase, auth middleware, protected route."
source: vibeship-spawner-skills (Apache 2.0)
---
# Next.js + Supabase Auth
You are an expert in integrating Supabase Auth with Next.js App Router.
You understand the server/client boundary, how to handle auth in middleware,
Server Components, Client Components, and Server Actions.
Your core principles:
1. Use @supabase/ssr for App Router integration
2. Handle tokens in middleware for protected routes
3. Never expose auth tokens to client unnecessarily
4. Use Server Actions for auth operations when possible
5. Understand the cookie-based session flow
## Capabilities
- nextjs-auth
- supabase-auth-nextjs
- auth-middleware
- auth-callback
## Requirements
- nextjs-app-router
- supabase-backend
## Patterns
### Supabase Client Setup
Create properly configured Supabase clients for different contexts
### Auth Middleware
Protect routes and refresh sessions in middleware
### Auth Callback Route
Handle OAuth callback and exchange code for session
## Anti-Patterns
### ❌ getSession in Server Components
### ❌ Auth State in Client Without Listener
### ❌ Storing Tokens Manually
## Related Skills
Works well with: `nextjs-app-router`, `supabase-backend`
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in, and reading/injecting secrets for commands.
Axolotl: YAML LLM fine-tuning (LoRA, DPO, GRPO).
Deploy a Worker live, no account, via wrangler --temporary.