Skip to content

rccpr/auth-gate

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

66 Commits
.agents/skills/vitest
.agents/skills/vitest
 
 
.claude/skills
.claude/skills
 
 
.github/workflows
.github/workflows
 
 
.husky
.husky
 
 
.vscode
.vscode
 
 
docs/plans
docs/plans
 
 
e2e
e2e
 
 
public
public
 
 
src
src
 
 
.gitignore
.gitignore
 
 
.npmignore
.npmignore
 
 
.release-please-manifest.json
.release-please-manifest.json
 
 
AGENTS.md
AGENTS.md
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
biome.json
biome.json
 
 
bun.lock
bun.lock
 
 
commitlint.config.ts
commitlint.config.ts
 
 
jsr.json
jsr.json
 
 
package.json
package.json
 
 
playwright-ct.config.ts
playwright-ct.config.ts
 
 
release-please-config.json
release-please-config.json
 
 
skills-lock.json
skills-lock.json
 
 
tsconfig.json
tsconfig.json
 
 
tsdown.config.ts
tsdown.config.ts
 
 
vitest.config.ts
vitest.config.ts
 
 
vitest.setup.ts
vitest.setup.ts
 
 

Repository files navigation

@rccpr/auth-gate

Provider-agnostic React UI authorization gates.

@rccpr/auth-gate is a client-side rendering utility. It decides what to render in the UI based on auth state and permission decisions.

Security note

This library does not enforce backend authorization. Keep server-side authorization checks in place for all protected operations.

Installation

bun add @rccpr/auth-gate

Core API

The API is factory-first and Show-first:

  • createAuthGate(adapter)
  • Show (canonical)
  • Protect (alias of Show)
  • SignedIn
  • SignedOut
  • useAuthGate

Quick start

import { createAuthGate } from "@rccpr/auth-gate";

type User = { id: string; email: string };

const gate = createAuthGate<User, string>({
	mode: "sync",
	useAuthState: () => ({
		user: { id: "u_1", email: "[email protected]" },
		isAuthenticated: true,
		isLoading: false,
	}),
	useAuthorizationDecision: (check) => {
		if (check && "permission" in check && check.permission === "org:admin") {
			return { status: "allowed" };
		}

		return { status: "denied" };
	},
});

export const {
	AuthGateProvider,
	Show,
	Protect,
	SignedIn,
	SignedOut,
	useAuthGate,
} = gate;

Adapter modes

  • sync: decisions come from hook-native adapter methods (use*)
  • async: decisions come from promise-native adapter methods (get*) and a resolver hook

The normalized async load state is:

  • allowed
  • denied
  • pending
  • error

Has checks

Show authz checks follow Clerk-style has() input objects:

  • { permission: "org:billing:manage" }
  • { role: "org:admin" }
  • { feature: "teams" }
  • { plan: "pro" }

Show examples

<Show when="signed-in" fallback={<SignInPrompt />}>
	<Dashboard />
</Show>

<Show when="signed-out" fallback={<Dashboard />}>
	<MarketingPage />
</Show>

<Show
	when={{ permission: "org:admin" }}
	fallback={<NoAccess />}
	loadingFallback={<LoadingAccess />}
>
	<AdminPanel />
</Show>

<Protect when={{ permission: "org:billing" }}>
	<BillingSettings />
</Protect>

Async adapter example

import { createAuthGate } from "@rccpr/auth-gate";

const gate = createAuthGate({
	mode: "async",
	useAuthState: useMyAuthState,
	getAuthorizationDecision: async (check) => {
		const allowed = await api.can(check);
		return allowed ? { status: "allowed" } : { status: "denied" };
	},
	asyncResolver: {
		useDecision: useAuthorizationDecisionFromQuery,
	},
});

useAuthGate

useAuthGate returns normalized auth data and an evaluate(check) helper:

const snapshot = useAuthGate();
const state = snapshot.evaluate({ permission: "org:read" });

For async adapters, evaluate(check) returns pending and Show should be preferred for rendered gating.

Development

bun install
bun run test
bun run typecheck
bun run lint
bun run build

About

A library for conditional rendering components based on authentication/authorization

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 2

auth-gate: v0.3.2 Latest
Nov 16, 2025
+ 1 release

Packages

 
 
 

Contributors

Languages