Shipflash logoDocs

Auth Routes

The auth route group handles login, signup, and Supabase callback exchange while keeping auth state and guards in shared auth infrastructure.

On this page

Route structure

PathPurposeOwner
src/app/(auth)/layout.tsxAuth-only layout and authenticated redirect handling.src/app/(auth)/_components
src/app/(auth)/login/page.tsxSign-in page.src/app/(auth)/_components/auth-form.tsx
src/app/(auth)/signup/page.tsxSign-up page.src/app/(auth)/_components/auth-form.tsx
src/app/(auth)/auth/callback/route.tsSupabase callback exchange and redirect.src/lib/auth/callback-flow.ts
src/app/(auth)/_componentsAuth form and split-layout presentation.Auth route-private UI

Session flow

Supabase manages sessions with cookies. The callback route exchanges the provider code, then redirects through the auth callback flow.

Learn more

Split layout

Auth pages use route-private presentation and branding values without mixing dashboard code into public auth pages.

Learn more

Redirect logic

Authenticated users are redirected away from auth pages and protected dashboard routes use server-side guards.

Learn more

Auth modification rules

  • Keep auth route handlers thin and delegate callback behavior to lib/auth.
  • Do not expose service-role credentials to browser auth code.
  • Test login, OAuth callback, logout, and protected-route redirects after auth changes.
  • Verify Supabase redirect URLs whenever the deployment domain changes.