Step 1 of 9
Set the auth architecture and choose the real persistence layer
Force the AI builder to define and implement a real authentication approach before generating UI.
If your app already uses a stack like Supabase, Firebase Auth, Auth0, Clerk, NextAuth, or a custom backend, tell the builder to use that existing stack instead of inventing a fake one.
First time here? Paste the Context Pack first so the AI understands your project - open it from the header above.
Inspect this codebase and implement a real authentication foundation using the existing stack where possible. I need email/password signup, login, logout, session persistence across refresh, protected dashboard routes, duplicate email handling, password reset, loading states, error states, and mobile responsive UI. Do not build placeholder forms. Use a real auth provider or real backend persistence, define where user state lives, define how session restoration works on app load, and wire the routing strategy for protected pages.
Quick is short. Full Build is recommended for most steps. Strict forces real logic when the AI keeps faking output.
Actual change check
Expected after this step
The app has a real auth strategy selected and wired into the project, with a clear user/session state source and route protection plan.
Should NOT happen
- An existing feature broke
- A button only logs to console
- Data disappears after refresh
- Errors fail silently with no visible state
This is what should exist before you continue. If reality does not match, do not move on.
Track what changed, failed, or needs follow-up. Notes export with the flow.