Implementing Authentication and Authorization in Vue Applications

{
  "title": "Implementing Authentication and Authorization in Vue Applications",
  "description": "Strategies for securing Vue applications by managing user authentication and authorization effectively.",
  "category": "Vue Cursor Rules",
  "rules": [
    {
      "id": "vue-auth-secure-token-storage",
      "description": "Store authentication tokens securely using HTTP-only cookies to prevent XSS attacks.",
      "severity": "error",
      "pattern": "localStorage\\.setItem\\(.*authToken.*\\)",
      "replacement": "document.cookie = `authToken=${token}; Secure; HttpOnly; SameSite=Strict`;"
    },
    {
      "id": "vue-auth-input-sanitization",
      "description": "Sanitize user input to prevent injection attacks.",
      "severity": "error",
      "pattern": "v-html=\".*\"",
      "replacement": "v-html=\"sanitizeHtml(userInput)\"",
      "dependencies": ["sanitize-html"]
    },
    {
      "id": "vue-auth-role-based-access-control",
      "description": "Implement Role-Based Access Control (RBAC) to manage user permissions effectively.",
      "severity": "warning",
      "pattern": ".*",
      "replacement": "// Implement RBAC logic here"
    },
    {
      "id": "vue-auth-csrf-protection",
      "description": "Enable CSRF protection by setting appropriate cookie attributes.",
      "severity": "error",
      "pattern": "Set-Cookie: session=.*",
      "replacement": "Set-Cookie: session=abcdef; Secure; HttpOnly; SameSite=Strict"
    },
    {
      "id": "vue-auth-error-handling",
      "description": "Handle authentication errors gracefully without exposing sensitive information.",
      "severity": "warning",
      "pattern": "console\\.error\\(.*\\)",
      "replacement": "console.error('An error has occurred.');"
    }
  ]
}