Skip to content

docs(start): fix broken routing-side guide link in authentication primitives (#7701) #7705

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
EduardF1 wants to merge 1 commit into
base: main
Choose a base branch
from
+2 −2
Open

docs(start): fix broken routing-side guide link in authentication primitives (#7701) #7705

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions docs/start/framework/react/guide/authentication-server-primitives.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ id: authentication-server-primitives
title: Authentication Server Primitives
---

This guide covers the **server-side primitives** for building authentication in TanStack Start: session cookies, session lookup, OAuth, password-reset hardening, CSRF, and rate limiting. It pairs with the [routing-side guide](../../../../router/guide/authenticated-routes.md) (`_authenticated` layout, `beforeLoad`, redirects, RBAC).
This guide covers the **server-side primitives** for building authentication in TanStack Start: session cookies, session lookup, OAuth, password-reset hardening, CSRF, and rate limiting. It pairs with the [routing-side guide](/router/latest/docs/framework/react/guide/authenticated-routes) (`_authenticated` layout, `beforeLoad`, redirects, RBAC).

@coderabbitai coderabbitai Bot Jun 26, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📐 Maintainability & Code Quality | 🟠 Major | ⚡ Quick win

Revert to relative links per coding guidelines.

Both updated links use an absolute /router/latest/... path, but the project coding guidelines require relative links to the docs/ folder format for all internal documentation. As per coding guidelines, docs/**/*.md files must use relative links to docs/ folder format (e.g., ./guide/data-loading) in internal documentation.

The destination file appears to live at docs/router/guide/authenticated-routes.md (per the supplied context snippet from docs/router/guide/authenticated-routes.md:1-8). The correct relative link from this file's location (docs/start/framework/react/guide/) should traverse to docs/router/guide/authenticated-routes.md.

🔗 Proposed relative link fix 
-This guide covers the **server-side primitives** for building authentication in TanStack Start: session cookies, session lookup, OAuth, password-reset hardening, CSRF, and rate limiting. It pairs with the [routing-side guide](/router/latest/docs/framework/react/guide/authenticated-routes) (`_authenticated` layout, `beforeLoad`, redirects, RBAC).
+This guide covers the **server-side primitives** for building authentication in TanStack Start: session cookies, session lookup, OAuth, password-reset hardening, CSRF, and rate limiting. It pairs with the [routing-side guide](../../../router/guide/authenticated-routes.md) (`_authenticated` layout, `beforeLoad`, redirects, RBAC).
-- [Authenticated Routes (Router)](/router/latest/docs/framework/react/guide/authenticated-routes) — the routing-side guide.
+- [Authenticated Routes (Router)](../../../router/guide/authenticated-routes.md) — the routing-side guide.

Also applies to: 352-352

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/start/framework/react/guide/authentication-server-primitives.md` at line
6, The documentation link in the authentication server primitives guide is using
an absolute router URL instead of the required relative docs path. Update the
internal link in this markdown file to use a relative path from
docs/start/framework/react/guide/ to the authenticated routes doc under
docs/router/guide/, keeping the same link target but converting it to the
project’s relative-link format. Also make the same adjustment for the duplicated
reference noted in the comment.

Source: Coding guidelines


If you can use a managed solution like [Clerk](https://go.clerk.com/wOwHtuJ) or [WorkOS](https://workos.com/), prefer that — they handle most of what this guide describes. Read on if you're rolling your own.

Expand Down Expand Up @@ -349,7 +349,7 @@ See [Execution Model: Module-Level `process.env` Reads](./execution-model.md#mod
## See Also

- [Authentication Overview](./authentication-overview.md) — choosing between partner solutions, OSS libraries, and DIY.
- [Authenticated Routes (Router)](../../../../router/guide/authenticated-routes.md) — the routing-side guide.
- [Authenticated Routes (Router)](/router/latest/docs/framework/react/guide/authenticated-routes) — the routing-side guide.
- [Server Functions](./server-functions.md) — the RPC primitive that auth lives inside.
- [Middleware](./middleware.md) — composing `authMiddleware`.
- [OWASP Cheat Sheets — Authentication](https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html), [Session Management](https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html), [CSRF](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html).
Expand Down