{
  "id": "ai-rules-for-auth-and-security",
  "type": "rules",
  "category": "rules",
  "locale": "zh",
  "url": "/zh/rules/ai-rules-for-auth-and-security",
  "title": "身份验证与安全的人工智能编码规则",
  "description": "AGENTS.md 中关于身份验证和安全的规则，可防止智能体使用自定义加密、泄露秘密或绕过授权检查。",
  "tools": [
    "Cursor",
    "Claude Code",
    "Codex",
    "Windsurf"
  ],
  "stack": [
    "Next.js",
    "TypeScript",
    "PostgreSQL"
  ],
  "tags": [
    "agents-md",
    "auth",
    "security",
    "typescript",
    "conventions"
  ],
  "difficulty": null,
  "updated": "2026-06-08",
  "markdown": "将此文件放入项目根目录，命名为 `AGENTS.md`。安全规则必须设置为 `strict`——智能体虽然能编写功能正确的代码，但也很容易引入关键的身份验证或授权漏洞。\n\n## AGENTS.md\n\n```md title=\"AGENTS.md\"\n# Project Rules — Auth and Security\n\n## Authentication — hard rules\n- NEVER implement custom password hashing. Use `bcrypt`, `argon2`, or the auth\n  library's built-in hashing (Better Auth, Auth.js, Clerk, Supabase Auth). Custom\n  hashing is almost always wrong and may be cryptographically broken.\n- NEVER store plaintext passwords, plaintext tokens, or plaintext secrets in the\n  database. Hash passwords; hash or encrypt tokens before persistence.\n- NEVER roll custom JWT signing or verification. Use a well-audited library\n  (`jose`, `jsonwebtoken`). Never use `alg: \"none\"` — reject tokens with no algorithm.\n- Session tokens must be at least 128 bits of cryptographic randomness. Use\n  `crypto.getRandomValues()` (Web) or `crypto.randomBytes(32)` (Node.js).\n  Do NOT use `Math.random()` for any security-relevant value.\n- NEVER store session tokens or JWTs in `localStorage`. Use `HttpOnly`, `Secure`,\n  `SameSite=Lax` cookies. `localStorage` is readable by any XSS payload on the page.\n\n## Authorization — hard rules\n- Every API route and server action MUST check the current user's session before\n  accessing data. Do not assume that reaching a route implies authorization.\n- Authorization checks must verify ownership or role, not just authentication.\n  \"Is logged in\" is authentication. \"Is allowed to read this resource\" is authorization.\n  Both are required.\n- Never pass a user-controlled ID directly into a database query without first\n  verifying that the authenticated user has permission to access that record.\n  This is an IDOR (Insecure Direct Object Reference) vulnerability.\n- In Next.js App Router: run auth checks in middleware OR at the top of every\n  Server Component and Server Action that touches user data. Do not rely on\n  client-side redirects for access control.\n\n## Secrets management\n- All secrets (API keys, database URLs, OAuth client secrets) live in environment\n  variables. Validate them with Zod at startup via `src/lib/env.ts`.\n- NEVER commit secrets to the repository. If a secret is accidentally committed,\n  treat it as compromised immediately — rotate it before doing anything else.\n- NEVER log secrets, tokens, or full request bodies that may contain credentials.\n  Scrub sensitive fields before logging.\n- Client-side code must never contain secrets. In Next.js, only variables prefixed\n  with `NEXT_PUBLIC_` are exposed to the client — and only non-sensitive values\n  should use that prefix.\n\n## Input validation and output encoding\n- Validate all user input at the server boundary with Zod before use. Never trust\n  client-provided data, including data in headers, cookies, or URL parameters.\n- Sanitize any HTML rendered from user input. Use a library (`DOMPurify`, `sanitize-html`)\n  — do NOT write a custom HTML sanitizer.\n- When constructing URLs from user input, use the `URL` constructor to parse and\n  validate. Never concatenate user input into a URL string that will be fetched\n  server-side — this is an SSRF vector.\n\n## CSRF and clickjacking\n- All state-mutating endpoints (POST, PUT, PATCH, DELETE) must be protected against\n  CSRF. In Next.js App Router, Server Actions are CSRF-protected by default; do not\n  disable this. For custom API routes, verify the `Origin` header or use a CSRF token.\n- Add `X-Frame-Options: DENY` or `Content-Security-Policy: frame-ancestors 'none'`\n  to pages that should not be embedded in iframes.\n\n## Definition of done\n- No `Math.random()` calls in authentication or token generation paths.\n- No `localStorage` for session/token storage (grep the codebase).\n- Every API route handler has an auth check at the top.\n- `NEXT_PUBLIC_` env vars contain no secrets (audit the list before shipping).\n- Zod validation runs on all form inputs before they touch the database.\n```\n\n## 为什么需要这些规则\n\n- **不要在 `localStorage` 中存储令牌** 消除了 React/Next.js 应用中最常见的安全错误。那些从旧版教程（2020 年之前）复制身份验证模式的智能体，常常会将 JWT 存储在 `localStorage` 中，而页面上的任何第三方脚本都可以轻易读取它。`HttpOnly` cookie 根本无法通过 JavaScript 访问——这才是正确的存储机制。\n- **授权检查要验证所有权，而不仅仅是身份验证** 能堵住智能体最容易忽略的 IDOR 漏洞。当要求智能体“添加一个获取用户订单的端点”时，它通常会检查 `if (!session)`，但不会检查 `if (order.userId !== session.user.id)`——因为第二个检查需要理解数据模型的所有权语义，而这与具体项目相关，并非任务描述所暗示。\n\n## 适用场景\n\n- 任何包含用户账户、受保护资源或支付数据的应用——实际上就是任何生产级 Web 应用。\n\n## 不适用场景\n\n- 位于企业 VPN 或网络级访问控制之后的内网工具，其威胁模型不同，部分控制措施可能由基础设施层处理。"
}