Fix Fake Auth
Your login 'works' but nothing is real: convert visual-only auth into persisted users, sessions, and guards.
The Route
0/6 verifiedDiagnose what is fake
Map exactly which parts of auth are theater before rebuilding.
Implement real user persistence
Signup must create actual users with hashed passwords.
Implement real credential verification
Login must check the password, not just navigate.
Implement session persistence and logout
Auth state must live somewhere durable, restored on load.
Enforce guards on routes and APIs
Protection must exist in two layers: router and backend.
Full auth verification
Run the complete honest test suite on the rebuilt auth.
Context Pack
Paste this first. It briefs the AI on requirements, constraints, and the Definition of Done before your first build prompt.
Paste this into your AI builder first. It teaches the AI what you want before you give it the build prompt.
Related routes
More Debugging flows that share ground with this one.
Add Database Persistence
Your app forgets everything on refresh: move state into a real database with working CRUD.
+2 more steps to Done
Best foryour first pass at this - no prior setup assumed
Add Loading/Error States
Eliminate silent failures and frozen screens: add loading, empty, and error states across the whole app.
+2 more steps to Done
Best foryour first pass at this - no prior setup assumed
Fix App That Looks Good But Does Not Work
The systematic recovery flow for beautiful-but-broken AI builds: audit honestly, then fix by functional priority.
+3 more steps to Done
Best forbuilders who have shipped a basic app before