nextjs-client-cookie-pattern_skill

This skill teaches a two-file Next.js pattern where a client action triggers a server cookie, ensuring secure, typed, and maintainable cookie handling.

69

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill wsimmonds/claude-nextjs-skills --skill nextjs-client-cookie-pattern

  • SKILL.md9.2 KB

Overview

This skill documents a concise pattern for Next.js App Router where client components trigger server actions to set or modify cookies. It explains the two-file approach: a 'use client' component for user interaction and a 'use server' action that performs secure cookie operations. Use it to implement authentication, preferences, session flags, and similar features safely and type-safely.

How this skill works

A client component contains the user-facing handler (onClick or form submission) and imports a server action. The server action runs on the server, calls cookies() from next/headers, and uses cookieStore.set(...) with appropriate options. Client code awaits the server action so the cookie is set before proceeding or redirecting as needed.

When to use it

  • When a browser-side event (click, select, form) must set a server-managed cookie
  • Implementing login/session creation where httpOnly cookies are required
  • Saving user preferences (theme, language) that should persist server-side
  • Setting consent or feature flags from client UI
  • Replacing an API route with a simpler, type-safe server action

Best practices

  • Keep client components minimal: only UI and handlers; delegate cookie logic to server actions
  • Use explicit TypeScript types (avoid any) for server action parameters
  • Set secure cookie options: httpOnly for sensitive cookies, secure in production, sameSite for CSRF protection
  • Await cookies() (Next.js App Router) before calling cookieStore.set
  • Prefer server actions over route handlers for tighter integration and less boilerplate
  • Read cookies in server components via cookies() and in client components via document.cookie when necessary

Example use cases

  • Theme toggle button: client toggles UI state and calls setTheme(theme) server action to persist cookie
  • Accept cookies banner: Accept button calls acceptCookies() server action to set consent cookie
  • Language selector: client calls setLanguage(lang) to set a non-httpOnly cookie readable by client code
  • Login flow: client submits credentials to a server action that sets an httpOnly session cookie and redirects
  • Preferences form: HTML form uses a server action as action handler to save preference cookies

FAQ

Browsers restrict setting httpOnly cookies from JavaScript. Server actions run on the server and can set secure, httpOnly cookies that clients cannot tamper with.

When should I use a route handler instead of a server action?

Route handlers are fine for detached APIs or when you need full control over response headers. Server actions are preferred for simpler, type-safe integration with the App Router and forms.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational