npm - @benjavicente/router-core - Versions diffs - 1.168.9 - Mend

@benjavicente/router-core 1.168.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (380) hide show

package/LICENSE +21 -0
package/README.md +5 -0
package/bin/intent.js +25 -0
package/dist/cjs/Matches.cjs +17 -0
package/dist/cjs/Matches.cjs.map +1 -0
package/dist/cjs/Matches.d.cts +139 -0
package/dist/cjs/RouterProvider.d.cts +27 -0
package/dist/cjs/config.cjs +11 -0
package/dist/cjs/config.cjs.map +1 -0
package/dist/cjs/config.d.cts +17 -0
package/dist/cjs/defer.cjs +41 -0
package/dist/cjs/defer.cjs.map +1 -0
package/dist/cjs/defer.d.cts +37 -0
package/dist/cjs/fileRoute.d.cts +24 -0
package/dist/cjs/global.d.cts +7 -0
package/dist/cjs/hash-scroll.cjs +20 -0
package/dist/cjs/hash-scroll.cjs.map +1 -0
package/dist/cjs/hash-scroll.d.cts +7 -0
package/dist/cjs/history.d.cts +8 -0
package/dist/cjs/index.cjs +96 -0
package/dist/cjs/index.d.cts +53 -0
package/dist/cjs/invariant.cjs +8 -0
package/dist/cjs/invariant.cjs.map +1 -0
package/dist/cjs/invariant.d.cts +1 -0
package/dist/cjs/isServer/client.cjs +7 -0
package/dist/cjs/isServer/client.cjs.map +1 -0
package/dist/cjs/isServer/client.d.cts +1 -0
package/dist/cjs/isServer/development.cjs +7 -0
package/dist/cjs/isServer/development.cjs.map +1 -0
package/dist/cjs/isServer/development.d.cts +1 -0
package/dist/cjs/isServer/server.cjs +7 -0
package/dist/cjs/isServer/server.cjs.map +1 -0
package/dist/cjs/isServer/server.d.cts +1 -0
package/dist/cjs/link.cjs +6 -0
package/dist/cjs/link.cjs.map +1 -0
package/dist/cjs/link.d.cts +221 -0
package/dist/cjs/load-matches.cjs +659 -0
package/dist/cjs/load-matches.cjs.map +1 -0
package/dist/cjs/load-matches.d.cts +18 -0
package/dist/cjs/location.d.cts +50 -0
package/dist/cjs/lru-cache.cjs +70 -0
package/dist/cjs/lru-cache.cjs.map +1 -0
package/dist/cjs/lru-cache.d.cts +6 -0
package/dist/cjs/manifest.cjs +18 -0
package/dist/cjs/manifest.cjs.map +1 -0
package/dist/cjs/manifest.d.cts +35 -0
package/dist/cjs/new-process-route-tree.cjs +754 -0
package/dist/cjs/new-process-route-tree.cjs.map +1 -0
package/dist/cjs/new-process-route-tree.d.cts +236 -0
package/dist/cjs/not-found.cjs +26 -0
package/dist/cjs/not-found.cjs.map +1 -0
package/dist/cjs/not-found.d.cts +32 -0
package/dist/cjs/path.cjs +252 -0
package/dist/cjs/path.cjs.map +1 -0
package/dist/cjs/path.d.cts +56 -0
package/dist/cjs/qss.cjs +70 -0
package/dist/cjs/qss.cjs.map +1 -0
package/dist/cjs/qss.d.cts +33 -0
package/dist/cjs/redirect.cjs +56 -0
package/dist/cjs/redirect.cjs.map +1 -0
package/dist/cjs/redirect.d.cts +77 -0
package/dist/cjs/rewrite.cjs +68 -0
package/dist/cjs/rewrite.cjs.map +1 -0
package/dist/cjs/rewrite.d.cts +30 -0
package/dist/cjs/root.cjs +7 -0
package/dist/cjs/root.cjs.map +1 -0
package/dist/cjs/root.d.cts +3 -0
package/dist/cjs/route.cjs +100 -0
package/dist/cjs/route.cjs.map +1 -0
package/dist/cjs/route.d.cts +552 -0
package/dist/cjs/routeInfo.d.cts +54 -0
package/dist/cjs/router.cjs +1173 -0
package/dist/cjs/router.cjs.map +1 -0
package/dist/cjs/router.d.cts +734 -0
package/dist/cjs/scroll-restoration-inline.cjs +6 -0
package/dist/cjs/scroll-restoration-inline.cjs.map +1 -0
package/dist/cjs/scroll-restoration-inline.d.cts +6 -0
package/dist/cjs/scroll-restoration-script/client.cjs +9 -0
package/dist/cjs/scroll-restoration-script/client.cjs.map +1 -0
package/dist/cjs/scroll-restoration-script/client.d.cts +2 -0
package/dist/cjs/scroll-restoration-script/server.cjs +30 -0
package/dist/cjs/scroll-restoration-script/server.cjs.map +1 -0
package/dist/cjs/scroll-restoration-script/server.d.cts +2 -0
package/dist/cjs/scroll-restoration.cjs +191 -0
package/dist/cjs/scroll-restoration.cjs.map +1 -0
package/dist/cjs/scroll-restoration.d.cts +38 -0
package/dist/cjs/searchMiddleware.cjs +55 -0
package/dist/cjs/searchMiddleware.cjs.map +1 -0
package/dist/cjs/searchMiddleware.d.cts +25 -0
package/dist/cjs/searchParams.cjs +65 -0
package/dist/cjs/searchParams.cjs.map +1 -0
package/dist/cjs/searchParams.d.cts +31 -0
package/dist/cjs/ssr/client.cjs +7 -0
package/dist/cjs/ssr/client.d.cts +6 -0
package/dist/cjs/ssr/constants.cjs +8 -0
package/dist/cjs/ssr/constants.cjs.map +1 -0
package/dist/cjs/ssr/constants.d.cts +3 -0
package/dist/cjs/ssr/createRequestHandler.cjs +44 -0
package/dist/cjs/ssr/createRequestHandler.cjs.map +1 -0
package/dist/cjs/ssr/createRequestHandler.d.cts +9 -0
package/dist/cjs/ssr/handlerCallback.cjs +8 -0
package/dist/cjs/ssr/handlerCallback.cjs.map +1 -0
package/dist/cjs/ssr/handlerCallback.d.cts +9 -0
package/dist/cjs/ssr/headers.cjs +21 -0
package/dist/cjs/ssr/headers.cjs.map +1 -0
package/dist/cjs/ssr/headers.d.cts +3 -0
package/dist/cjs/ssr/json.cjs +11 -0
package/dist/cjs/ssr/json.cjs.map +1 -0
package/dist/cjs/ssr/json.d.cts +10 -0
package/dist/cjs/ssr/serializer/RawStream.cjs +287 -0
package/dist/cjs/ssr/serializer/RawStream.cjs.map +1 -0
package/dist/cjs/ssr/serializer/RawStream.d.cts +64 -0
package/dist/cjs/ssr/serializer/ShallowErrorPlugin.cjs +32 -0
package/dist/cjs/ssr/serializer/ShallowErrorPlugin.cjs.map +1 -0
package/dist/cjs/ssr/serializer/ShallowErrorPlugin.d.cts +9 -0
package/dist/cjs/ssr/serializer/seroval-plugins.cjs +13 -0
package/dist/cjs/ssr/serializer/seroval-plugins.cjs.map +1 -0
package/dist/cjs/ssr/serializer/seroval-plugins.d.cts +2 -0
package/dist/cjs/ssr/serializer/transformer.cjs +53 -0
package/dist/cjs/ssr/serializer/transformer.cjs.map +1 -0
package/dist/cjs/ssr/serializer/transformer.d.cts +91 -0
package/dist/cjs/ssr/server.cjs +13 -0
package/dist/cjs/ssr/server.d.cts +6 -0
package/dist/cjs/ssr/ssr-client.cjs +183 -0
package/dist/cjs/ssr/ssr-client.cjs.map +1 -0
package/dist/cjs/ssr/ssr-client.d.cts +10 -0
package/dist/cjs/ssr/ssr-match-id.cjs +12 -0
package/dist/cjs/ssr/ssr-match-id.cjs.map +1 -0
package/dist/cjs/ssr/ssr-match-id.d.cts +2 -0
package/dist/cjs/ssr/ssr-server.cjs +279 -0
package/dist/cjs/ssr/ssr-server.cjs.map +1 -0
package/dist/cjs/ssr/ssr-server.d.cts +42 -0
package/dist/cjs/ssr/transformStreamWithRouter.cjs +327 -0
package/dist/cjs/ssr/transformStreamWithRouter.cjs.map +1 -0
package/dist/cjs/ssr/transformStreamWithRouter.d.cts +11 -0
package/dist/cjs/ssr/tsrScript.cjs +6 -0
package/dist/cjs/ssr/tsrScript.cjs.map +1 -0
package/dist/cjs/ssr/tsrScript.d.cts +1 -0
package/dist/cjs/ssr/types.d.cts +30 -0
package/dist/cjs/stores.cjs +148 -0
package/dist/cjs/stores.cjs.map +1 -0
package/dist/cjs/stores.d.cts +70 -0
package/dist/cjs/structuralSharing.d.cts +4 -0
package/dist/cjs/typePrimitives.d.cts +65 -0
package/dist/cjs/useLoaderData.d.cts +5 -0
package/dist/cjs/useLoaderDeps.d.cts +5 -0
package/dist/cjs/useNavigate.d.cts +3 -0
package/dist/cjs/useParams.d.cts +5 -0
package/dist/cjs/useRouteContext.d.cts +9 -0
package/dist/cjs/useSearch.d.cts +5 -0
package/dist/cjs/utils.cjs +339 -0
package/dist/cjs/utils.cjs.map +1 -0
package/dist/cjs/utils.d.cts +178 -0
package/dist/cjs/validators.d.cts +51 -0
package/dist/esm/Matches.d.ts +139 -0
package/dist/esm/Matches.js +17 -0
package/dist/esm/Matches.js.map +1 -0
package/dist/esm/RouterProvider.d.ts +27 -0
package/dist/esm/config.d.ts +17 -0
package/dist/esm/config.js +11 -0
package/dist/esm/config.js.map +1 -0
package/dist/esm/defer.d.ts +37 -0
package/dist/esm/defer.js +40 -0
package/dist/esm/defer.js.map +1 -0
package/dist/esm/fileRoute.d.ts +24 -0
package/dist/esm/global.d.ts +7 -0
package/dist/esm/hash-scroll.d.ts +7 -0
package/dist/esm/hash-scroll.js +20 -0
package/dist/esm/hash-scroll.js.map +1 -0
package/dist/esm/history.d.ts +8 -0
package/dist/esm/index.d.ts +53 -0
package/dist/esm/index.js +24 -0
package/dist/esm/invariant.d.ts +1 -0
package/dist/esm/invariant.js +8 -0
package/dist/esm/invariant.js.map +1 -0
package/dist/esm/isServer/client.d.ts +1 -0
package/dist/esm/isServer/client.js +6 -0
package/dist/esm/isServer/client.js.map +1 -0
package/dist/esm/isServer/development.d.ts +1 -0
package/dist/esm/isServer/development.js +6 -0
package/dist/esm/isServer/development.js.map +1 -0
package/dist/esm/isServer/server.d.ts +1 -0
package/dist/esm/isServer/server.js +6 -0
package/dist/esm/isServer/server.js.map +1 -0
package/dist/esm/link.d.ts +221 -0
package/dist/esm/link.js +6 -0
package/dist/esm/link.js.map +1 -0
package/dist/esm/load-matches.d.ts +18 -0
package/dist/esm/load-matches.js +657 -0
package/dist/esm/load-matches.js.map +1 -0
package/dist/esm/location.d.ts +50 -0
package/dist/esm/lru-cache.d.ts +6 -0
package/dist/esm/lru-cache.js +70 -0
package/dist/esm/lru-cache.js.map +1 -0
package/dist/esm/manifest.d.ts +35 -0
package/dist/esm/manifest.js +17 -0
package/dist/esm/manifest.js.map +1 -0
package/dist/esm/new-process-route-tree.d.ts +236 -0
package/dist/esm/new-process-route-tree.js +749 -0
package/dist/esm/new-process-route-tree.js.map +1 -0
package/dist/esm/not-found.d.ts +32 -0
package/dist/esm/not-found.js +25 -0
package/dist/esm/not-found.js.map +1 -0
package/dist/esm/path.d.ts +56 -0
package/dist/esm/path.js +243 -0
package/dist/esm/path.js.map +1 -0
package/dist/esm/qss.d.ts +33 -0
package/dist/esm/qss.js +69 -0
package/dist/esm/qss.js.map +1 -0
package/dist/esm/redirect.d.ts +77 -0
package/dist/esm/redirect.js +53 -0
package/dist/esm/redirect.js.map +1 -0
package/dist/esm/rewrite.d.ts +30 -0
package/dist/esm/rewrite.js +65 -0
package/dist/esm/rewrite.js.map +1 -0
package/dist/esm/root.d.ts +3 -0
package/dist/esm/root.js +7 -0
package/dist/esm/root.js.map +1 -0
package/dist/esm/route.d.ts +552 -0
package/dist/esm/route.js +98 -0
package/dist/esm/route.js.map +1 -0
package/dist/esm/routeInfo.d.ts +54 -0
package/dist/esm/router.d.ts +734 -0
package/dist/esm/router.js +1165 -0
package/dist/esm/router.js.map +1 -0
package/dist/esm/scroll-restoration-inline.d.ts +6 -0
package/dist/esm/scroll-restoration-inline.js +6 -0
package/dist/esm/scroll-restoration-inline.js.map +1 -0
package/dist/esm/scroll-restoration-script/client.d.ts +2 -0
package/dist/esm/scroll-restoration-script/client.js +8 -0
package/dist/esm/scroll-restoration-script/client.js.map +1 -0
package/dist/esm/scroll-restoration-script/server.d.ts +2 -0
package/dist/esm/scroll-restoration-script/server.js +29 -0
package/dist/esm/scroll-restoration-script/server.js.map +1 -0
package/dist/esm/scroll-restoration.d.ts +38 -0
package/dist/esm/scroll-restoration.js +187 -0
package/dist/esm/scroll-restoration.js.map +1 -0
package/dist/esm/searchMiddleware.d.ts +25 -0
package/dist/esm/searchMiddleware.js +54 -0
package/dist/esm/searchMiddleware.js.map +1 -0
package/dist/esm/searchParams.d.ts +31 -0
package/dist/esm/searchParams.js +62 -0
package/dist/esm/searchParams.js.map +1 -0
package/dist/esm/ssr/client.d.ts +6 -0
package/dist/esm/ssr/client.js +4 -0
package/dist/esm/ssr/constants.d.ts +3 -0
package/dist/esm/ssr/constants.js +7 -0
package/dist/esm/ssr/constants.js.map +1 -0
package/dist/esm/ssr/createRequestHandler.d.ts +9 -0
package/dist/esm/ssr/createRequestHandler.js +44 -0
package/dist/esm/ssr/createRequestHandler.js.map +1 -0
package/dist/esm/ssr/handlerCallback.d.ts +9 -0
package/dist/esm/ssr/handlerCallback.js +8 -0
package/dist/esm/ssr/handlerCallback.js.map +1 -0
package/dist/esm/ssr/headers.d.ts +3 -0
package/dist/esm/ssr/headers.js +21 -0
package/dist/esm/ssr/headers.js.map +1 -0
package/dist/esm/ssr/json.d.ts +10 -0
package/dist/esm/ssr/json.js +11 -0
package/dist/esm/ssr/json.js.map +1 -0
package/dist/esm/ssr/serializer/RawStream.d.ts +64 -0
package/dist/esm/ssr/serializer/RawStream.js +282 -0
package/dist/esm/ssr/serializer/RawStream.js.map +1 -0
package/dist/esm/ssr/serializer/ShallowErrorPlugin.d.ts +9 -0
package/dist/esm/ssr/serializer/ShallowErrorPlugin.js +33 -0
package/dist/esm/ssr/serializer/ShallowErrorPlugin.js.map +1 -0
package/dist/esm/ssr/serializer/seroval-plugins.d.ts +2 -0
package/dist/esm/ssr/serializer/seroval-plugins.js +13 -0
package/dist/esm/ssr/serializer/seroval-plugins.js.map +1 -0
package/dist/esm/ssr/serializer/transformer.d.ts +91 -0
package/dist/esm/ssr/serializer/transformer.js +51 -0
package/dist/esm/ssr/serializer/transformer.js.map +1 -0
package/dist/esm/ssr/server.d.ts +6 -0
package/dist/esm/ssr/server.js +5 -0
package/dist/esm/ssr/ssr-client.d.ts +10 -0
package/dist/esm/ssr/ssr-client.js +183 -0
package/dist/esm/ssr/ssr-client.js.map +1 -0
package/dist/esm/ssr/ssr-match-id.d.ts +2 -0
package/dist/esm/ssr/ssr-match-id.js +11 -0
package/dist/esm/ssr/ssr-match-id.js.map +1 -0
package/dist/esm/ssr/ssr-server.d.ts +42 -0
package/dist/esm/ssr/ssr-server.js +277 -0
package/dist/esm/ssr/ssr-server.js.map +1 -0
package/dist/esm/ssr/transformStreamWithRouter.d.ts +11 -0
package/dist/esm/ssr/transformStreamWithRouter.js +325 -0
package/dist/esm/ssr/transformStreamWithRouter.js.map +1 -0
package/dist/esm/ssr/tsrScript.d.ts +0 -0
package/dist/esm/ssr/tsrScript.js +6 -0
package/dist/esm/ssr/tsrScript.js.map +1 -0
package/dist/esm/ssr/types.d.ts +30 -0
package/dist/esm/stores.d.ts +70 -0
package/dist/esm/stores.js +146 -0
package/dist/esm/stores.js.map +1 -0
package/dist/esm/structuralSharing.d.ts +4 -0
package/dist/esm/typePrimitives.d.ts +65 -0
package/dist/esm/useLoaderData.d.ts +5 -0
package/dist/esm/useLoaderDeps.d.ts +5 -0
package/dist/esm/useNavigate.d.ts +3 -0
package/dist/esm/useParams.d.ts +5 -0
package/dist/esm/useRouteContext.d.ts +9 -0
package/dist/esm/useSearch.d.ts +5 -0
package/dist/esm/utils.d.ts +178 -0
package/dist/esm/utils.js +322 -0
package/dist/esm/utils.js.map +1 -0
package/dist/esm/validators.d.ts +51 -0
package/package.json +200 -0
package/skills/router-core/SKILL.md +139 -0
package/skills/router-core/auth-and-guards/SKILL.md +458 -0
package/skills/router-core/code-splitting/SKILL.md +322 -0
package/skills/router-core/data-loading/SKILL.md +485 -0
package/skills/router-core/navigation/SKILL.md +448 -0
package/skills/router-core/not-found-and-errors/SKILL.md +435 -0
package/skills/router-core/path-params/SKILL.md +382 -0
package/skills/router-core/search-params/SKILL.md +349 -0
package/skills/router-core/search-params/references/validation-patterns.md +379 -0
package/skills/router-core/ssr/SKILL.md +437 -0
package/skills/router-core/type-safety/SKILL.md +497 -0
package/src/Matches.ts +291 -0
package/src/RouterProvider.ts +47 -0
package/src/config.ts +42 -0
package/src/defer.ts +69 -0
package/src/fileRoute.ts +164 -0
package/src/global.ts +9 -0
package/src/hash-scroll.ts +21 -0
package/src/history.ts +9 -0
package/src/index.ts +471 -0
package/src/invariant.ts +3 -0
package/src/isServer/client.ts +1 -0
package/src/isServer/development.ts +2 -0
package/src/isServer/server.ts +1 -0
package/src/link.ts +704 -0
package/src/load-matches.ts +1281 -0
package/src/location.ts +51 -0
package/src/lru-cache.ts +74 -0
package/src/manifest.ts +68 -0
package/src/new-process-route-tree.ts +1387 -0
package/src/not-found.ts +41 -0
package/src/path.ts +436 -0
package/src/qss.ts +81 -0
package/src/redirect.ts +179 -0
package/src/rewrite.ts +93 -0
package/src/root.ts +3 -0
package/src/route.ts +2235 -0
package/src/routeInfo.ts +235 -0
package/src/router.ts +3207 -0
package/src/scroll-restoration-inline.ts +81 -0
package/src/scroll-restoration-script/client.ts +5 -0
package/src/scroll-restoration-script/server.ts +64 -0
package/src/scroll-restoration.ts +357 -0
package/src/searchMiddleware.ts +76 -0
package/src/searchParams.ts +90 -0
package/src/ssr/client.ts +6 -0
package/src/ssr/constants.ts +3 -0
package/src/ssr/createRequestHandler.ts +98 -0
package/src/ssr/handlerCallback.ts +15 -0
package/src/ssr/headers.ts +40 -0
package/src/ssr/json.ts +16 -0
package/src/ssr/serializer/RawStream.ts +464 -0
package/src/ssr/serializer/ShallowErrorPlugin.ts +43 -0
package/src/ssr/serializer/seroval-plugins.ts +12 -0
package/src/ssr/serializer/transformer.ts +312 -0
package/src/ssr/server.ts +14 -0
package/src/ssr/ssr-client.ts +313 -0
package/src/ssr/ssr-match-id.ts +7 -0
package/src/ssr/ssr-server.ts +425 -0
package/src/ssr/transformStreamWithRouter.ts +493 -0
package/src/ssr/tsrScript.ts +20 -0
package/src/ssr/types.ts +41 -0
package/src/stores.ts +342 -0
package/src/structuralSharing.ts +7 -0
package/src/typePrimitives.ts +181 -0
package/src/useLoaderData.ts +20 -0
package/src/useLoaderDeps.ts +13 -0
package/src/useNavigate.ts +13 -0
package/src/useParams.ts +20 -0
package/src/useRouteContext.ts +39 -0
package/src/useSearch.ts +20 -0
package/src/utils.ts +708 -0
package/src/validators.ts +121 -0
package/src/vite-env.d.ts +4 -0

package/skills/router-core/auth-and-guards/SKILL.md ADDED Viewed

@@ -0,0 +1,458 @@
+---
+name: router-core/auth-and-guards
+description: >-
+  Route protection with beforeLoad, redirect()/throw redirect(),
+  isRedirect helper, authenticated layout routes (_authenticated),
+  non-redirect auth (inline login), RBAC with roles and permissions,
+  auth provider integration (Auth0, Clerk, Supabase), router context
+  for auth state.
+type: sub-skill
+library: tanstack-router
+library_version: '1.166.2'
+requires:
+  - router-core
+  - router-core/data-loading
+sources:
+  - TanStack/router:docs/router/guide/authenticated-routes.md
+  - TanStack/router:docs/router/how-to/setup-authentication.md
+  - TanStack/router:docs/router/how-to/setup-auth-providers.md
+  - TanStack/router:docs/router/how-to/setup-rbac.md
+---
+# Auth and Guards
+## Setup
+Protect routes with `beforeLoad` + `redirect()` in a pathless layout route (`_authenticated`):
+```tsx
+// src/routes/_authenticated.tsx
+import { createFileRoute, redirect } from '@benjavicente/react-router'
+export const Route = createFileRoute('/_authenticated')({
+  beforeLoad: ({ context, location }) => {
+    if (!context.auth.isAuthenticated) {
+      throw redirect({
+        to: '/login',
+        search: {
+          redirect: location.href,
+        },
+      })
+    }
+  },
+  // component defaults to Outlet — no need to declare it
+})
+```
+Any route file placed under `src/routes/_authenticated/` is automatically protected:
+```tsx
+// src/routes/_authenticated/dashboard.tsx
+import { createFileRoute } from '@benjavicente/react-router'
+export const Route = createFileRoute('/_authenticated/dashboard')({
+  component: DashboardComponent,
+})
+function DashboardComponent() {
+  const { auth } = Route.useRouteContext()
+  return <div>Welcome, {auth.user?.username}</div>
+}
+```
+## Core Patterns
+### Router Context for Auth State
+Auth state flows into the router via `createRootRouteWithContext` and `RouterProvider`'s `context` prop:
+```tsx
+// src/routes/__root.tsx
+import { createRootRouteWithContext, Outlet } from '@benjavicente/react-router'
+interface AuthState {
+  isAuthenticated: boolean
+  user: { id: string; username: string; email: string } | null
+  login: (username: string, password: string) => Promise<void>
+  logout: () => void
+}
+interface MyRouterContext {
+  auth: AuthState
+}
+export const Route = createRootRouteWithContext<MyRouterContext>()({
+  component: () => <Outlet />,
+})
+```
+```tsx
+// src/router.tsx
+import { createRouter } from '@benjavicente/react-router'
+import { routeTree } from './routeTree.gen'
+export const router = createRouter({
+  routeTree,
+  context: {
+    auth: undefined!, // placeholder — filled by RouterProvider context prop
+  },
+})
+declare module '@benjavicente/react-router' {
+  interface Register {
+    router: typeof router
+  }
+}
+```
+```tsx
+// src/App.tsx
+import { RouterProvider } from '@benjavicente/react-router'
+import { AuthProvider, useAuth } from './auth'
+import { router } from './router'
+function InnerApp() {
+  const auth = useAuth()
+  // context prop injects live auth state WITHOUT recreating the router
+  return <RouterProvider router={router} context={{ auth }} />
+}
+function App() {
+  return (
+    <AuthProvider>
+      <InnerApp />
+    </AuthProvider>
+  )
+}
+```
+The router is created once with a placeholder. `RouterProvider`'s `context` prop injects the live auth state on each render — this avoids recreating the router on auth changes (which would reset caches and rebuild the route tree).
+### Redirect-Based Auth with Redirect-Back
+Save the current location in search params so you can redirect back after login:
+```tsx
+// src/routes/_authenticated.tsx
+import { createFileRoute, redirect } from '@benjavicente/react-router'
+export const Route = createFileRoute('/_authenticated')({
+  beforeLoad: ({ context, location }) => {
+    if (!context.auth.isAuthenticated) {
+      throw redirect({
+        to: '/login',
+        search: { redirect: location.href },
+      })
+    }
+  },
+})
+```
+```tsx
+// src/routes/login.tsx
+import { createFileRoute, redirect } from '@benjavicente/react-router'
+import { useState, type FormEvent } from 'react'
+// Validate redirect target to prevent open redirect attacks
+function sanitizeRedirect(url: unknown): string {
+  if (typeof url !== 'string' || !url.startsWith('/') || url.startsWith('//')) {
+    return '/'
+  }
+  return url
+}
+export const Route = createFileRoute('/login')({
+  validateSearch: (search) => ({
+    redirect: sanitizeRedirect(search.redirect),
+  }),
+  beforeLoad: ({ context, search }) => {
+    if (context.auth.isAuthenticated) {
+      throw redirect({ to: search.redirect })
+    }
+  },
+  component: LoginComponent,
+})
+function LoginComponent() {
+  const { auth } = Route.useRouteContext()
+  const search = Route.useSearch()
+  const navigate = Route.useNavigate()
+  const [username, setUsername] = useState('')
+  const [password, setPassword] = useState('')
+  const [error, setError] = useState('')
+  const handleSubmit = async (e: FormEvent) => {
+    e.preventDefault()
+    try {
+      await auth.login(username, password)
+      navigate({ to: search.redirect })
+    } catch {
+      setError('Invalid credentials')
+    }
+  }
+  return (
+    <form onSubmit={handleSubmit}>
+      {error && <div>{error}</div>}
+      <input value={username} onChange={(e) => setUsername(e.target.value)} />
+      <input
+        type="password"
+        value={password}
+        onChange={(e) => setPassword(e.target.value)}
+      />
+      <button type="submit">Sign In</button>
+    </form>
+  )
+}
+```
+### Non-Redirect Auth (Inline Login)
+Instead of redirecting, show a login form in place of the `Outlet`:
+```tsx
+// src/routes/_authenticated.tsx
+import { createFileRoute, Outlet } from '@benjavicente/react-router'
+export const Route = createFileRoute('/_authenticated')({
+  component: AuthenticatedLayout,
+})
+function AuthenticatedLayout() {
+  const { auth } = Route.useRouteContext()
+  if (!auth.isAuthenticated) {
+    return <LoginForm />
+  }
+  return <Outlet />
+}
+```
+This keeps the URL unchanged — the user stays on the same page and sees a login form instead of protected content. After authentication, `<Outlet />` renders and child routes appear.
+### RBAC with Roles and Permissions
+Extend auth state with role/permission helpers, then check in `beforeLoad`:
+```tsx
+// src/auth.tsx
+interface User {
+  id: string
+  username: string
+  email: string
+  roles: string[]
+  permissions: string[]
+}
+interface AuthState {
+  isAuthenticated: boolean
+  user: User | null
+  hasRole: (role: string) => boolean
+  hasAnyRole: (roles: string[]) => boolean
+  hasPermission: (permission: string) => boolean
+  hasAnyPermission: (permissions: string[]) => boolean
+  login: (username: string, password: string) => Promise<void>
+  logout: () => void
+}
+```
+Admin-only layout route:
+```tsx
+// src/routes/_authenticated/_admin.tsx
+import { createFileRoute, redirect } from '@benjavicente/react-router'
+export const Route = createFileRoute('/_authenticated/_admin')({
+  beforeLoad: ({ context, location }) => {
+    if (!context.auth.hasRole('admin')) {
+      throw redirect({
+        to: '/unauthorized',
+        search: { redirect: location.href },
+      })
+    }
+  },
+})
+```
+Multi-role access:
+```tsx
+// src/routes/_authenticated/_moderator.tsx
+import { createFileRoute, redirect } from '@benjavicente/react-router'
+export const Route = createFileRoute('/_authenticated/_moderator')({
+  beforeLoad: ({ context, location }) => {
+    if (!context.auth.hasAnyRole(['admin', 'moderator'])) {
+      throw redirect({
+        to: '/unauthorized',
+        search: { redirect: location.href },
+      })
+    }
+  },
+})
+```
+Permission-based:
+```tsx
+// src/routes/_authenticated/_users.tsx
+import { createFileRoute, redirect } from '@benjavicente/react-router'
+export const Route = createFileRoute('/_authenticated/_users')({
+  beforeLoad: ({ context, location }) => {
+    if (!context.auth.hasAnyPermission(['users:read', 'users:write'])) {
+      throw redirect({
+        to: '/unauthorized',
+        search: { redirect: location.href },
+      })
+    }
+  },
+})
+```
+Page-level permission check (nested under an already-role-protected layout):
+```tsx
+// src/routes/_authenticated/_users/manage.tsx
+import { createFileRoute } from '@benjavicente/react-router'
+export const Route = createFileRoute('/_authenticated/_users/manage')({
+  beforeLoad: ({ context }) => {
+    if (!context.auth.hasPermission('users:write')) {
+      throw new Error('Write permission required')
+    }
+  },
+  component: UserManagement,
+})
+function UserManagement() {
+  const { auth } = Route.useRouteContext()
+  const canDelete = auth.hasPermission('users:delete')
+  return (
+    <div>
+      <h1>User Management</h1>
+      {canDelete && <button>Delete User</button>}
+    </div>
+  )
+}
+```
+### Handling Auth Check Failures (isRedirect)
+When `beforeLoad` has a try/catch, redirects (which work by throwing) can get swallowed. Use `isRedirect` to re-throw:
+```tsx
+import { createFileRoute, redirect, isRedirect } from '@benjavicente/react-router'
+export const Route = createFileRoute('/_authenticated')({
+  beforeLoad: async ({ context, location }) => {
+    try {
+      const user = await verifySession(context.auth)
+      if (!user) {
+        throw redirect({
+          to: '/login',
+          search: { redirect: location.href },
+        })
+      }
+      return { user }
+    } catch (error) {
+      if (isRedirect(error)) throw error // re-throw redirect, don't swallow it
+      // Actual error — redirect to login
+      throw redirect({
+        to: '/login',
+        search: { redirect: location.href },
+      })
+    }
+  },
+})
+```
+## Common Mistakes
+### HIGH: Auth check in component instead of beforeLoad
+Component-level auth checks cause a **flash of protected content** before the redirect:
+```tsx
+// WRONG — protected content renders briefly before redirect
+export const Route = createFileRoute('/_authenticated/dashboard')({
+  component: () => {
+    const auth = useAuth()
+    if (!auth.isAuthenticated) return <Navigate to="/login" />
+    return <Dashboard />
+  },
+})
+// CORRECT — beforeLoad runs before any rendering
+export const Route = createFileRoute('/_authenticated/dashboard')({
+  beforeLoad: ({ context }) => {
+    if (!context.auth.isAuthenticated) {
+      throw redirect({ to: '/login' })
+    }
+  },
+  component: Dashboard,
+})
+```
+`beforeLoad` runs before any component rendering and before the loader. It completely prevents the flash.
+### HIGH: Not re-throwing redirects in try/catch
+`redirect()` works by throwing. If `beforeLoad` has a try/catch, the redirect gets swallowed:
+```tsx
+// WRONG — redirect is caught and swallowed
+beforeLoad: async ({ context }) => {
+  try {
+    await validateSession(context.auth)
+  } catch (e) {
+    console.error(e) // swallows the redirect!
+  }
+}
+// CORRECT — use isRedirect to distinguish intentional redirects from errors
+import { isRedirect } from '@benjavicente/react-router'
+beforeLoad: async ({ context }) => {
+  try {
+    await validateSession(context.auth)
+  } catch (e) {
+    if (isRedirect(e)) throw e
+    console.error(e)
+  }
+}
+```
+### MEDIUM: Conditionally rendering root route component
+The root route always renders regardless of auth state. You cannot conditionally render its component:
+```tsx
+// WRONG — root route always renders, this doesn't protect anything
+export const Route = createRootRoute({
+  component: () => {
+    if (!isAuthenticated()) return <Login />
+    return <Outlet />
+  },
+})
+// CORRECT — use a pathless layout route for auth boundaries
+// src/routes/_authenticated.tsx
+export const Route = createFileRoute('/_authenticated')({
+  beforeLoad: ({ context }) => {
+    if (!context.auth.isAuthenticated) {
+      throw redirect({ to: '/login' })
+    }
+  },
+})
+```
+Place protected routes as children of the `_authenticated` layout route. Public routes (login, home, etc.) live outside it.
+---
+## Cross-References
+- See also: **router-core/data-loading/SKILL.md** — `beforeLoad` runs before `loader`; auth context flows into loader via route context