feat: Support validating users based off their user roles

[kingston]

Summary by CodeRabbit

• New Features

  • Added role-based user validation and support for user roles in authentication across admin and web applications.
  • Introduced enhanced error handling for unauthorized access, including a custom error component and improved error messages.
  • Session data and APIs now include user roles, enabling more granular access control.
  • Improved admin route generation to enforce required roles for access.

• Improvements

  • Enhanced empty state alerts and user interface feedback in form components.
  • Refined session management to use server-backed data and GraphQL queries for more reliable authentication state.
  • Updated configuration options for import providers and generator templates to support new role-based features.

• Refactor

  • Simplified and consolidated authentication and session-related code, removing deprecated or redundant hooks and components.
  • Standardized naming and structure across authentication modules for clarity and maintainability.
  • Removed unused dependencies, such as @headlessui/react.

• Bug Fixes

  • Fixed inconsistencies in session and user ID handling to ensure accurate authentication state.

• Chores

  • Updated dependencies and build configurations to support new utilities and shared packages.

• Documentation

  • Improved inline documentation for configuration schemas and generator templates.

[changeset-bot]

🦋 Changeset detected

Latest commit: f2bacb4

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 17 packages

Name	Type
@baseplate-dev/react-generators	Patch
@baseplate-dev/plugin-auth	Patch
@baseplate-dev/project-builder-server	Patch
@baseplate-dev/plugin-storage	Patch
@baseplate-dev/project-builder-common	Patch
@baseplate-dev/project-builder-cli	Patch
@baseplate-dev/project-builder-test	Patch
@baseplate-dev/project-builder-web	Patch
@baseplate-dev/code-morph	Patch
@baseplate-dev/core-generators	Patch
@baseplate-dev/create-project	Patch
@baseplate-dev/fastify-generators	Patch
@baseplate-dev/project-builder-lib	Patch
@baseplate-dev/sync	Patch
@baseplate-dev/tools	Patch
@baseplate-dev/ui-components	Patch
@baseplate-dev/utils	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

Walkthrough

This change set implements a comprehensive overhaul of authentication and authorization handling across the codebase. It introduces role-based user validation, propagates user roles throughout session types and GraphQL schemas, and updates generator configurations to reflect these enhancements. Numerous generator names and import paths are refactored for clarity and specificity, particularly in the local-auth domain. Several obsolete files and dependencies, such as @headlessui/react, are removed. The React and Fastify generators, as well as the plugin-auth package, are updated to support and enforce role-based access control in both backend and frontend code.

Changes

Cohort / File(s)	Change Summary
Removal of @headlessui/react Dependency .changeset/fluffy-toys-ring.md, packages/react-generators/src/constants/react-packages.ts, packages/react-generators/src/generators/core/react-components/react-components.generator.ts	Removes @headlessui/react as a dependency from React generators and related constants.
Role-based Auth Enhancements (Session, Schema, GraphQL) packages/fastify-generators/src/generators/auth/user-session-types/templates/module/types/user-session.types.ts, plugins/plugin-auth/src/local-auth/core/generators/auth-module/templates/module/schema/user-session-payload.object-type.ts, plugins/plugin-auth/src/local-auth/core/generators/auth-module/templates/module/schema/auth-role.enum.ts, plugins/plugin-auth/src/local-auth/core/generators/auth-module/templates/module/schema/user-session.queries.ts, plugins/plugin-auth/src/local-auth/core/generators/auth-module/templates/module/services/user-session.service.ts, plugins/plugin-auth/src/local-auth/core/generators/auth-module/extractor.json, plugins/plugin-auth/src/local-auth/core/generators/auth-module/auth-module.generator.ts	Adds and propagates roles property to session payloads, GraphQL schemas, and service logic; introduces AuthRole enum and updates relevant generator configs.
React Generator Auth & Error Handling Overhaul packages/react-generators/src/generators/auth/auth-errors/auth-errors.generator.ts, packages/react-generators/src/generators/auth/auth-errors/templates/src/utils/auth-errors.ts, packages/react-generators/src/generators/auth/auth-errors/extractor.json, packages/react-generators/src/generators/auth/auth-errors/index.ts, packages/react-generators/src/generators/auth/_providers/auth-hooks.ts, packages/react-generators/src/generators/auth/_providers/providers.json, packages/react-generators/src/generators/auth/index.ts, packages/react-generators/src/generators/auth/auth-identify/auth-identify.generator.ts, packages/react-generators/src/generators/admin/admin-layout/admin-layout.generator.ts, packages/react-generators/src/generators/admin/admin-layout/extractor.json, packages/react-generators/src/generators/admin/admin-layout/templates/routes/route.tsx, packages/react-generators/src/generators/core/react-router/react-router.generator.ts, packages/react-generators/src/generators/core/react-router/templates/src/app/router.tsx, packages/react-generators/src/generators/core/react-router/extractor.json	Introduces role-based route protection, new error handling generator, error component template variables, and updates admin layout generator to require and use roles.
Removal/Refactor of Obsolete Auth Context/Session Files packages/react-generators/src/generators/auth/_tasks/auth-context.ts, packages/react-generators/src/generators/auth/_tasks/index.ts, plugins/plugin-auth/src/local-auth/core/generators/react-session/templates/src/app/user-session-check.tsx, plugins/plugin-auth/src/local-auth/core/generators/react-session/templates/src/hooks/use-user-session-client.ts	Deletes obsolete context/session files and re-exports, reflecting the new session and context management approach.
React Session Client Refactor plugins/plugin-auth/src/local-auth/core/generators/react-session/templates/src/services/user-session-client.ts, plugins/plugin-auth/src/local-auth/core/generators/react-session/react-session.generator.ts, plugins/plugin-auth/src/local-auth/core/generators/react-session/extractor.json, plugins/plugin-auth/src/local-auth/core/generators/react-session/templates/src/app/user-session-provider.tsx, plugins/plugin-auth/src/local-auth/core/generators/react-session/templates/src/app/user-session-provider.gql	Refactors session client to focus on userId, removes session object, updates provider to use GraphQL query, and cleans up related generator configs and templates.
Auth Hooks and Session Context Refactor plugins/plugin-auth/src/local-auth/core/generators/auth-hooks/auth-hooks.generator.ts, plugins/plugin-auth/src/local-auth/core/generators/auth-hooks/extractor.json, plugins/plugin-auth/src/local-auth/core/generators/auth-hooks/index.ts, plugins/plugin-auth/src/local-auth/core/generators/auth-hooks/templates/src/hooks/use-session.ts, plugins/plugin-auth/src/local-auth/core/generators/auth-hooks/templates/src/hooks/use-log-out.ts	Updates hooks to use context-based session, adds roles to session data, re-exports new types, and streamlines logout logic.
Auth0 Hook and Generator Updates plugins/plugin-auth/src/auth0/generators/react/auth0-hooks/auth0-hooks.generator.ts, plugins/plugin-auth/src/auth0/generators/react/auth0-hooks/extractor.json, plugins/plugin-auth/src/auth0/generators/react/auth0-hooks/templates/src/hooks/use-session.ts, plugins/plugin-auth/src/auth0/core/node.ts	Adds role awareness to Auth0 hooks, updates generator configs, and ensures role data is injected and exported.
Local Auth Generator and Config Refactor plugins/plugin-auth/src/local-auth/core/generators/auth-apollo/auth-apollo.generator.ts, plugins/plugin-auth/src/local-auth/core/generators/auth-email-password/auth-email-password.generator.ts, plugins/plugin-auth/src/local-auth/core/generators/auth-email-password/extractor.json, plugins/plugin-auth/src/local-auth/core/generators/react-auth/react-auth.generator.ts, plugins/plugin-auth/src/local-auth/core/generators/react-auth/extractor.json, plugins/plugin-auth/src/local-auth/core/generators/auth-routes/extractor.json, plugins/plugin-auth/src/local-auth/core/generators/auth-routes/templates/routes/auth_/login.tsx, plugins/plugin-auth/src/local-auth/core/generators/auth-routes/templates/routes/auth_/register.tsx, plugins/plugin-auth/src/local-auth/core/generators/auth-routes/templates/routes/auth_/queries.gql	Renames generators and configs from auth/core to local-auth/core, updates import paths, and ensures role data is requested and handled in login/register flows.
Project Builder and Web App Schema Refactor packages/project-builder-lib/src/schema/apps/index.ts, packages/project-builder-lib/src/schema/apps/web/index.ts, packages/project-builder-lib/src/schema/apps/web/web-app.ts, packages/project-builder-server/src/compiler/web/index.ts, packages/project-builder-web/src/routes/apps/edit.$key/web/index.tsx, packages/project-builder-web/src/routes/apps/edit.$key/web/admin/index.tsx, packages/project-builder-web/src/routes/apps/-components/new-app-dialog.tsx, packages/project-builder-web/src/components/embedded-list-input/embedded-list-input.tsx	Removes admin app backward compatibility, refactors allowed roles, updates UI for app creation/editing, and improves empty state messaging.
Fastify Generators Auth Role and Session Updates packages/fastify-generators/src/generators/auth/user-session-types/user-session-types.generator.ts, packages/fastify-generators/src/generators/auth/user-session-types/extractor.json, packages/fastify-generators/src/generators/auth/auth-roles/extractor.json	Updates session types to include roles, adds new import providers, and extends project exports for auth roles.
TypeScript Extractor Config Enhancements packages/core-generators/src/renderers/typescript/extractor/build-ts-project-export-map.ts, packages/core-generators/src/renderers/typescript/extractor/default-import-providers.ts, packages/core-generators/src/renderers/typescript/extractor/render-ts-import-providers.ts, packages/core-generators/src/renderers/typescript/extractor/ts-extractor-config.schema.ts	Adds support for custom default import provider names, updates function signatures, and extends extractor config schema.
Plugin Auth Package and Build Config Updates plugins/plugin-auth/package.json, plugins/plugin-auth/tsconfig.build.json, plugins/plugin-auth/vite.config.ts, plugins/plugin-auth/src/auth/core/node.ts, .changeset/rare-pandas-burn.md	Adds new utils dependency, updates build references, and documents new role-based validation in changeset.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Frontend (React)
    participant GraphQL API
    participant DB

    User->>Frontend (React): Login/Register
    Frontend (React)->>GraphQL API: Mutation (Login/Register)
    GraphQL API->>DB: Validate credentials, fetch roles
    DB-->>GraphQL API: User data + roles
    GraphQL API-->>Frontend (React): Session { userId, roles }
    Frontend (React)->>Frontend (React): Store session (roles included)
    User->>Frontend (React): Navigate to protected route
    Frontend (React)->>Frontend (React): Check session.userId and session.roles
    alt Not authenticated
        Frontend (React)-->>User: Redirect to login
    else Lacks required role
        Frontend (React)-->>User: Show InvalidRoleError
    else Authorized
        Frontend (React)-->>User: Render route
    end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• halfdomelabs/baseplate#580: Updates UI components in React generators to use ShadCN components, directly related to the removal of @headlessui/react and refactoring of React component generation.
• halfdomelabs/baseplate#515: Refactors and removes multiple authentication-related generators and providers, overlapping with the current PR’s removal and consolidation of old auth generator implementations.

Note

⚡️ Unit Test Generation is now available in beta!

Learn more here, or try it out under "Finishing Touches" below.

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch kingston/eng-815-support-passing-back-roles-into-session-and-validating

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
baseplate-project-builder-web	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jul 30, 2025 1:13pm

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (6)

.changeset/fluffy-toys-ring.md (1)

1-6: Polish the summary for cleaner release notes

The free-form line is what ends up in the changelog. Turning it into a full-sentence description makes the entry easier to scan and keeps the tense consistent with other notes.

-Remove @headlessui/react package
+Remove unused @headlessui/react dependency from react-generators

packages/react-generators/src/generators/auth/auth-errors/templates/src/utils/auth-errors.ts (1)

3-8: LGTM! Consider enhancing error context for better debugging.

The InvalidRoleError class correctly extends Error and follows standard patterns. Consider adding additional context properties for better error handling:

 export class InvalidRoleError extends Error {
-  constructor(message: string) {
+  constructor(message: string, public requiredRoles?: string[], public userRoles?: string[]) {
     super(message);
     this.name = 'InvalidRoleError';
   }
 }

This would provide more context for debugging role validation failures.

plugins/plugin-auth/src/local-auth/core/generators/auth-hooks/templates/src/hooks/use-log-out.ts (1)

5-6: Fix import order to follow alphabetical sorting.

The imports are not properly sorted - %reactSessionImports should come after @apollo/client alphabetically.

Apply this diff to fix the import order:

-import { userSessionClient } from '%reactSessionImports';
 import { useApolloClient, useMutation } from '@apollo/client';
+import { userSessionClient } from '%reactSessionImports';

plugins/plugin-auth/src/local-auth/core/generators/auth-hooks/templates/src/hooks/use-session.ts (1)

1-1: Consider removing @ts-nocheck directive

The @ts-nocheck directive disables all TypeScript checking for this file. If this is a template file that gets processed, consider if TypeScript checking can be enabled to catch potential type errors early.

plugins/plugin-auth/src/local-auth/core/generators/react-session/templates/src/app/user-session-provider.tsx (1)

65-67: Consider handling loading state explicitly.

The ErrorableLoader component is rendered when session is undefined (loading state), but it's only passed the error prop. This might not show a proper loading indicator.

Consider passing a loading prop or using a dedicated loading component:

-  if (!session) {
-    return <ErrorableLoader error={sessionError} />;
-  }
+  if (!session) {
+    return <ErrorableLoader error={sessionError} loading={!sessionQueryData && !!cachedUserId} />;
+  }

plugins/plugin-auth/src/local-auth/core/generators/react-session/templates/src/services/user-session-client.ts (1)

66-70: Consider consistency in null vs undefined handling.

The method returns string | undefined but the internal logic mixes null and undefined. The nullish coalescing with ?? undefined converts null to undefined, which is good for API consistency, but the private setUserId method still uses null internally.

Consider updating the private method to use undefined consistently:

-  private setUserId(userId: string | null): void {
+  private setUserId(userId: string | undefined): void {
    const currentUserId = this.getUserId();
    const userIdChanged = userId !== currentUserId;

    if (!userIdChanged) {
      return;
    }

    if (userId) {
      this.storage.setItem(UserSessionClient.USER_ID_STORAGE_KEY, userId);
    } else {
      this.storage.removeItem(UserSessionClient.USER_ID_STORAGE_KEY);
    }
  }

And update the signOut method:

-    this.setUserId(null);
+    this.setUserId(undefined);

[coderabbitai]

⚠️ Potential issue

Fix import ordering to comply with ESLint rules.

External imports should come before internal/local imports according to the coding guidelines.

Apply this diff to fix the import ordering:

-import { userSessionClient } from '$userSessionClient';
-import { GetCurrentUserSessionDocument } from '%generatedGraphqlImports';
-import { AuthSessionContext } from '%localAuthHooksImports';
-import { ErrorableLoader } from '%reactComponentsImports';
-import { logAndFormatError } from '%reactErrorImports';
-import { useQuery } from '@apollo/client';
+import { useQuery } from '@apollo/client';
 import { useEffect, useMemo, useState } from 'react';
+
+import { GetCurrentUserSessionDocument } from '%generatedGraphqlImports';
+import { AuthSessionContext } from '%localAuthHooksImports';
+import { ErrorableLoader } from '%reactComponentsImports';
+import { logAndFormatError } from '%reactErrorImports';
+import { userSessionClient } from '$userSessionClient';

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	import { userSessionClient } from '$userSessionClient';
	import { GetCurrentUserSessionDocument } from '%generatedGraphqlImports';
	import { AuthSessionContext } from '%localAuthHooksImports';
	import { ErrorableLoader } from '%reactComponentsImports';
	import { logAndFormatError } from '%reactErrorImports';
	import { useQuery } from '@apollo/client';
	import { useEffect, useMemo, useState } from 'react';
	import { useQuery } from '@apollo/client';
	import { useEffect, useMemo, useState } from 'react';
	import { GetCurrentUserSessionDocument } from '%generatedGraphqlImports';
	import { AuthSessionContext } from '%localAuthHooksImports';
	import { ErrorableLoader } from '%reactComponentsImports';
	import { logAndFormatError } from '%reactErrorImports';
	import { userSessionClient } from '$userSessionClient';

🧰 Tools

🪛 ESLint

[error] 7-7: Expected "%generatedGraphqlImports" to come before "$userSessionClient".

(perfectionist/sort-imports)

---

[error] 11-11: Expected "@apollo/client" to come before "%reactErrorImports".

(perfectionist/sort-imports)

🤖 Prompt for AI Agents

In
plugins/plugin-auth/src/local-auth/core/generators/react-session/templates/src/app/user-session-provider.tsx
around lines 6 to 12, the import statements are not ordered correctly according
to ESLint rules. Fix this by placing all external imports (like '@apollo/client'
and 'react' hooks) before any internal or local imports (those starting with '$'
or '%'). Reorder the imports so that external libraries come first, followed by
local project imports.

[kingston]

Please ignore these rules for template folders

[coderabbitai]

@kingston, understood! I'll ignore ESLint import ordering rules for files in template folders since they're used for code generation rather than direct execution.

(\   /)

( .. )
o(")(") thoughtful rabbit

---

✏️ Learnings added

Learnt from: kingston
PR: halfdomelabs/baseplate#623
File: plugins/plugin-auth/src/local-auth/core/generators/react-session/templates/src/app/user-session-provider.tsx:6-12
Timestamp: 2025-07-30T13:27:19.975Z
Learning: Ignore ESLint import ordering rules for files in templates/** directories as these are code generation templates, not direct source code.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.

---

🧠 Learnings used

Learnt from: CR
PR: halfdomelabs/baseplate#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-22T09:09:23.016Z
Learning: Applies to **/*.{ts,tsx} : Use both standalone and React Hook Form controller variants for form components from `@baseplate-dev/ui-components` as appropriate.

---

Learnt from: CR
PR: halfdomelabs/baseplate#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-22T09:09:23.016Z
Learning: Applies to **/*.tsx : When using form components, integrate them with React Hook Form by passing the `control` prop from `useForm()`.

---

Learnt from: CR
PR: halfdomelabs/baseplate#0
File: .cursor/rules/code-style.mdc:0-0
Timestamp: 2025-07-22T09:10:31.413Z
Learning: Applies to **/*.{ts,tsx,js} : Sort imports by group: external libs first, then local imports

---

Learnt from: CR
PR: halfdomelabs/baseplate#0
File: .cursor/rules/code-style.mdc:0-0
Timestamp: 2025-07-22T09:10:31.413Z
Learning: Applies to **/*.{ts,tsx,js} : Order functions such that functions are placed below the variables/functions they use

---

Learnt from: CR
PR: halfdomelabs/baseplate#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-22T09:09:23.016Z
Learning: Applies to **/*.{ts,tsx} : If a particular interface or type is not exported, change the file so it is exported.

---

Learnt from: kingston
PR: halfdomelabs/baseplate#613
File: packages/react-generators/src/generators/core/react-components/templates/components/ui/circular-progress/circular-progress.tsx:0-0
Timestamp: 2025-07-16T17:15:56.714Z
Learning: For imports starting with `$` (template aliases), do not require `.js` extensions as these are resolved differently during the generation process, unlike regular file imports which require explicit `.js` extensions under Node 16 module resolution.

---

Learnt from: kingston
PR: halfdomelabs/baseplate#428
File: packages/project-builder-server/src/sync/index.ts:5-5
Timestamp: 2025-01-23T09:12:46.178Z
Learning: Avoid importing directly from 'dist' directories. Instead, expose functionality through the package's public API and import from the main package entry point.

---

Learnt from: CR
PR: halfdomelabs/baseplate#0
File: .cursor/rules/code-style.mdc:0-0
Timestamp: 2025-07-22T09:10:31.413Z
Learning: Applies to **/*.{ts,tsx} : If a particular interface or type is not exported, change the file so it is exported

---

Learnt from: CR
PR: halfdomelabs/baseplate#0
File: .cursor/rules/code-style.mdc:0-0
Timestamp: 2025-07-22T09:10:31.413Z
Learning: Applies to **/index.{ts,tsx,js} : Prefer barrel exports e.g. export * from './foo.js' instead of individual named exports

---

Learnt from: CR
PR: halfdomelabs/baseplate#0
File: .cursor/rules/code-style.mdc:0-0
Timestamp: 2025-07-22T09:10:31.413Z
Learning: Applies to **/*.{ts,tsx} : Always include return types on top-level functions including React components (`React.ReactElement`)

---

Learnt from: CR
PR: halfdomelabs/baseplate#0
File: .cursor/rules/code-style.mdc:0-0
Timestamp: 2025-07-22T09:10:31.413Z
Learning: Applies to **/*.{js,ts,tsx} : Node 16 module resolution - include file extensions in imports (`.js`)

---

Learnt from: CR
PR: halfdomelabs/baseplate#0
File: .cursor/rules/code-style.mdc:0-0
Timestamp: 2025-07-22T09:10:31.413Z
Learning: Applies to **/*.{ts,tsx} : TypeScript with strict type checking

---

Learnt from: kingston
PR: halfdomelabs/baseplate#592
File: plugins/plugin-auth/src/auth0/generators/react/auth0-hooks/templates/src/hooks/use-required-user-id.ts:1-2
Timestamp: 2025-07-07T18:24:17.522Z
Learning: Files under templates/** directories can use `// @ts-nocheck` because they are templates meant for code generation, not direct type checking.