Agent Skills
› NeverSight/learn-skills.dev
› account-identity
account-identity
GitHub管理src/app/account的身份认证与账户模式,集成AngularFire Auth,采用信号优先的认证状态管理、路由守卫及安全边界,确保用户会话状态正确且隔离。
Trigger Scenarios
涉及身份验证或用户会话状态处理
需要实现账户相关的UI流程
配置路由守卫以保护受保护的路由
Install
npx skills add NeverSight/learn-skills.dev --skill account-identity -g -y
SKILL.md
Frontmatter
{
"name": "account-identity",
"description": "Identity and account patterns for src\/app\/account, including AngularFire Auth integration, signal-first auth state, route guards, and security boundaries; use when touching auth, user\/session state, or account UI flows."
}
Account / Identity
Intent
Keep authentication and identity state correct, observable, and isolated from other bounded contexts.
Boundaries
- Treat identity as a separate context: other modules depend on identity signals/tokens, not on Firebase Auth types.
- Do not leak platform objects (Firebase User, JWT claims) into Domain models.
Signal-First Auth State
- Represent the current session as signals (user, isAuthenticated, userId, claims).
- Convert Observable streams to signals at the store/facade boundary.
- Ensure cleanup is automatic (use Angular signal interop helpers and lifecycle-aware patterns).
Authorization
- Prefer explicit permissions signals (e.g., canReadWorkspace, canManageMembers) derived from claims/membership.
- Keep permission rules centralized (one store/service), not duplicated across components.
Routing
- Use functional guards and
inject(). - Guard by signals (not by async subscribe-in-guard side effects).
Error Handling
- Map provider errors (Firebase/HTTP) to app-level error types before exposing to UI.
- UI should render stable error states; avoid throwing raw platform errors.
Security Checklist
- Never rely on the client for authorization.
- Treat security rules / server checks as the enforcement mechanism.
- Avoid persisting secrets in source code; use environment configuration.
Version History
- e0220ca Current 2026-07-05 21:24


