AI Agent Skill HUB

auth-flow

Generates authentication infrastructure with Sign in with Apple, biometrics, and Keychain storage. Use when user wants to add authentication, login, or Sign in with Apple.

149 stars
byrshankras
View on GitHubInstallation ↓

Best use case

auth-flow is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Generates authentication infrastructure with Sign in with Apple, biometrics, and Keychain storage. Use when user wants to add authentication, login, or Sign in with Apple.

Teams using auth-flow should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/auth-flow/SKILL.md --create-dirs "https://raw.githubusercontent.com/rshankras/claude-code-apple-skills/main/skills/generators/auth-flow/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/auth-flow/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How auth-flow Compares

Feature / Agentauth-flowStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Generates authentication infrastructure with Sign in with Apple, biometrics, and Keychain storage. Use when user wants to add authentication, login, or Sign in with Apple.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Auth Flow Generator

Generate a complete authentication flow with Sign in with Apple, biometric authentication (Face ID/Touch ID), and secure Keychain storage.

## When This Skill Activates

Use this skill when the user:
- Asks to "add authentication" or "add login"
- Mentions "Sign in with Apple" or "SIWA"
- Wants "Face ID login" or "biometric auth"
- Asks about "Keychain" or "secure storage"
- Mentions "user session" or "auth token"

## Pre-Generation Checks

### 1. Project Context Detection
- [ ] Check for existing auth implementations
- [ ] Check for AuthenticationServices framework usage
- [ ] Verify entitlements file exists
- [ ] Identify source file locations

### 2. Conflict Detection
Search for existing auth:
```
Glob: **/*Auth*.swift, **/*Keychain*.swift
Grep: "ASAuthorizationController" or "LAContext"
```

If found, ask user:
- Replace existing implementation?
- Extend with additional methods?

### 3. Required Capabilities

**Sign in with Apple requires:**
- Add "Sign in with Apple" capability in Xcode
- Configure in App Store Connect
- Add entitlement: `com.apple.developer.applesignin`

## Configuration Questions

Ask user via AskUserQuestion:

1. **Authentication methods?** (multi-select)
   - Sign in with Apple
   - Biometrics (Face ID/Touch ID)
   - Both

2. **Session storage?**
   - Keychain (secure, persists reinstall)
   - UserDefaults (simple, cleared on reinstall)

3. **Session management?**
   - Auto-refresh tokens
   - Manual refresh
   - No token refresh needed

## Generation Process

### Step 1: Create Core Files

Generate these files:
1. `AuthenticationManager.swift` - Core auth orchestration
2. `KeychainManager.swift` - Secure storage
3. `SignInWithAppleManager.swift` - SIWA handling
4. `BiometricAuthManager.swift` - Face ID/Touch ID

### Step 2: Create SwiftUI Components

Based on configuration:
- `SignInWithAppleButton.swift` - SwiftUI button wrapper
- `AuthenticationView.swift` - Complete auth UI

### Step 3: Determine File Location

Check project structure:
- If `Sources/` exists → `Sources/Auth/`
- If `App/` exists → `App/Auth/`
- Otherwise → `Auth/`

## Entitlements Required

### Sign in with Apple
```xml
<!-- YourApp.entitlements -->
<key>com.apple.developer.applesignin</key>
<array>
    <string>Default</string>
</array>
```

### Keychain Sharing (optional)
```xml
<key>keychain-access-groups</key>
<array>
    <string>$(AppIdentifierPrefix)com.yourcompany.shared</string>
</array>
```

## Info.plist Required

### Face ID Usage Description
```xml
<key>NSFaceIDUsageDescription</key>
<string>Use Face ID to securely sign in to your account</string>
```

## Output Format

After generation, provide:

### Files Created
```
Sources/Auth/
├── AuthenticationManager.swift      # Core orchestration
├── KeychainManager.swift            # Secure storage
├── SignInWithAppleManager.swift     # SIWA delegate
├── BiometricAuthManager.swift       # Face ID/Touch ID
├── AuthenticationState.swift        # Auth state model
└── Views/
    ├── SignInWithAppleButton.swift  # SwiftUI button
    └── AuthenticationView.swift     # Complete UI
```

### Integration Steps

**App Entry Point:**
```swift
@main
struct MyApp: App {
    @State private var authManager = AuthenticationManager()  // AuthenticationManager is @Observable

    var body: some Scene {
        WindowGroup {
            if authManager.isAuthenticated {
                ContentView()
            } else {
                AuthenticationView()
            }
        }
        .environment(authManager)
    }
}
```

**Sign in with Apple Button:**
```swift
SignInWithAppleButtonView { result in
    switch result {
    case .success(let user):
        print("Signed in: \(user.id)")
    case .failure(let error):
        print("Failed: \(error)")
    }
}
```

**Biometric Auth:**
```swift
Button("Unlock with Face ID") {
    Task {
        if await BiometricAuthManager.shared.authenticate() {
            // Authenticated
        }
    }
}
```

### Required Setup

1. **Xcode Capabilities:**
   - Add "Sign in with Apple" capability
   - Enable Keychain Sharing (if needed)

2. **App Store Connect:**
   - Configure Sign in with Apple for your App ID

3. **Info.plist:**
   - Add `NSFaceIDUsageDescription`

### Testing Instructions

**Sign in with Apple:**
- Use Simulator for basic testing
- Test on device for full flow
- Use sandbox Apple ID for testing

**Biometrics:**
- Simulator: Features > Face ID > Enrolled
- Test enrolled/not enrolled states
- Test failed authentication

## References

- **auth-patterns.md** - Security best practices
- **templates/** - All template files
- Apple Docs: Authentication Services, LocalAuthentication

Related Skills

consent-flow

149
from rshankras/claude-code-apple-skills

Generates GDPR/CCPA/DPDP privacy consent flows with granular category preferences, consent state persistence, audit logging, and ATT (App Tracking Transparency) integration. Use when user needs privacy consent UI, cookie/tracking consent, or compliance management.

watchOS

149
from rshankras/claude-code-apple-skills

watchOS development guidance including SwiftUI for Watch, Watch Connectivity, complications, and watch-specific UI patterns. Use for watchOS code review, best practices, or Watch app development.

visionos-widgets

149
from rshankras/claude-code-apple-skills

visionOS widget patterns including mounting styles, glass/paper textures, proximity-aware layouts, and spatial widget families. Use when creating or adapting widgets for visionOS.

test-data-factory

149
from rshankras/claude-code-apple-skills

Generate test fixture factories for your models. Builder pattern and static factories for zero-boilerplate test data. Use when tests need sample data setup.

test-contract

149
from rshankras/claude-code-apple-skills

Generate protocol/interface test suites that any implementation must pass. Define the contract once, test every implementation. Use when designing protocols or swapping implementations.

tdd-refactor-guard

149
from rshankras/claude-code-apple-skills

Pre-refactor safety checklist. Verifies test coverage exists before AI modifies existing code. Use before asking AI to refactor anything.

tdd-feature

149
from rshankras/claude-code-apple-skills

Red-green-refactor scaffold for building new features with TDD. Write failing tests first, then implement to pass. Use when building new features test-first.

tdd-bug-fix

149
from rshankras/claude-code-apple-skills

Fix bugs using red-green-refactor — reproduce the bug as a failing test first, then fix it. Use when fixing bugs to ensure they never regress.

snapshot-test-setup

149
from rshankras/claude-code-apple-skills

Set up SwiftUI visual regression testing with swift-snapshot-testing. Generates snapshot test boilerplate and CI configuration. Use for UI regression prevention.

integration-test-scaffold

149
from rshankras/claude-code-apple-skills

Generate cross-module test harness with mock servers, in-memory stores, and test configuration. Use when testing networking + persistence + business logic together.

characterization-test-generator

149
from rshankras/claude-code-apple-skills

Generates tests that capture current behavior of existing code before refactoring. Use when you need a safety net before AI-assisted refactoring or modifying legacy code.

testing

149
from rshankras/claude-code-apple-skills

TDD and testing skills for iOS/macOS apps. Covers characterization tests, TDD workflows, test contracts, snapshot tests, and test infrastructure. Use for test-driven development, adding tests to existing code, or building test infrastructure.