Authentication

NextGenKit's auth system is built on Clerk v7 with full organization support.

Auth Guards

Use these helpers in server actions and route handlers:

import { requireUser, requireOrg, requireRole } from "@/lib/auth"

// Require any authenticated user
const user = await requireUser()

// Require user to be in an organization
const org = await requireOrg()

// Require specific role within the org
await requireRole("admin")

Protected Routes

The middleware in proxy.ts handles route protection. Public routes are explicitly listed — everything else requires authentication.

Organization Switching

Users can belong to multiple organizations. The active org is managed by Clerk and accessible via:

import { auth } from "@clerk/nextjs/server"

const { orgId, orgSlug } = await auth()

Webhooks

Clerk webhooks sync user/org data to your database. The handler at app/api/webhooks/clerk/route.ts processes:

• user.created — Creates user record in DB
• user.updated — Syncs profile changes
• organization.created — Creates org record
• organizationMembership.created — Links user to org