Storx uses Clerk for all authentication and user session management. Clerk handles account creation, sign-in, password validation, and session tokens. Storx does not store passwords or manage sessions itself — every protected operation validates the Clerk session before proceeding.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/nayalsaurav/Storx/llms.txt
Use this file to discover all available pages before exploring further.
How It Works
Middleware Route Protection
Storx protects routes at the Edge using Clerk’sclerkMiddleware in middleware.ts. The middleware runs on every request that matches the configured matcher and enforces the following rules:
middleware.ts
| Scenario | Result |
|---|---|
| Unauthenticated user → any non-public route | auth.protect() redirects to sign-in |
Authenticated user → /signin or /signup | Redirected to /dashboard |
Authenticated user → / (landing page) | Allowed through (no redirect) |
Any user → public route (/, /signin(.*), /signup(.*)) | Allowed through |
Setting Up Clerk
Create a Clerk application
Go to clerk.com and sign up or log in. Click Create
application, give it a name (e.g.
Storx), and choose Email + Password
as the authentication strategy to match Storx’s sign-in and sign-up forms.Copy your API keys
In the Clerk dashboard, navigate to API Keys. Copy:
- Publishable key — starts with
pk_test_(development) orpk_live_(production) - Secret key — starts with
sk_test_orsk_live_
Configure redirect URLs in the Clerk dashboard
In the Clerk dashboard, go to Paths (under Configure) and set:
These must match the
| Setting | Value |
|---|---|
| Sign-in URL | /signin |
| Sign-up URL | /signup |
| After sign-in redirect | /dashboard |
| After sign-up redirect | /dashboard |
NEXT_PUBLIC_CLERK_SIGN_IN_URL and
NEXT_PUBLIC_CLERK_SIGN_UP_URL values in .env.local.User ID in API Routes
Every Storx API route that performs a database or storage operation first extracts and validates theuserId from the active Clerk session. An absent or invalid session returns 401 immediately:
auth() is imported from @clerk/nextjs/server and is available in any Next.js Route Handler or Server Action. It reads the session token from the incoming request without any additional configuration.
Sign In / Sign Up Pages
Storx renders its own styled sign-in and sign-up forms using Clerk’s React component hooks, mounted at the catch-all routes:/signin/[[...signin]]— renders<SignInForm />/signup/[[...signup]]— renders<SignUpForm />
[[...signin]] and [[...signup]] catch-all segments are required by Clerk so that its multi-step flows (e.g. email verification, OAuth callbacks) can append sub-paths like /signin/sso-callback without triggering a 404.
Both forms use Zod schemas for client-side validation before calling Clerk: