Building a One-Time Code Field in Expo — SMS Autofill and Segmented Display Together
A six-digit verification screen looks trivial, but once you account for SMS autofill, pasting, and deleting one digit at a time, it needs real care. Here is how to nail the iOS and Android autofill first, then build a segmented look on top of a single TextInput that does not break.
Logins Without Stored Passwords: Adding Passkey Authentication to a Rork Max App
How to add passkey authentication to a Swift app generated by Rork Max: Associated Domains setup, WebAuthn server verification with working code, and the device-testing pitfalls that cost me half a day.
Where Should Your Rork App Store Auth Tokens? expo-secure-store and a Biometric Gate
How I moved a Rork-generated app's auth tokens out of AsyncStorage into expo-secure-store and put a biometric check in front of every read — including the size limit and sign-out gotchas I hit in production.
Hardening API Calls in Rork Apps: Token Refresh, Retry, and Idempotency
The fetch Rork generates is left fragile against expired tokens, flaky signal, and double sends. Here is a design that consolidates token refresh, retry with backoff, and idempotency keys into a single client layer, with implementation code and operational numbers.
Keeping Login Alive in a Rork-Built Expo App — Preventing Token-Refresh Races with Single-Flight
Add login to the Expo app Rork generates and it works at first, but in production the 'I got logged out on my own' reports creep in. Most are token-refresh races. This covers a reliability design that single-flights refresh, stores tokens safely, and handles expiry correctly.
5 Things to Check When Google Sign-In Throws redirect_uri_mismatch in Your Rork App
When your Rork app keeps throwing redirect_uri_mismatch on Google Sign-In, the gap is almost always between Google Cloud Console and your Expo config. Here are 5 checks that resolve it for good.
Production Auth with Rork × Better Auth: Web + Mobile Unified Authentication
A hands-on guide to unifying your Rork mobile app and web admin under a single Better Auth backend. Covers email links, social, passkeys, and organizations — including every cookie and deep-link gotcha I hit in production.
Sign in with Apple in Rork: Server-Side Verification, Account Linking, and the Mandatory Deletion Flow
Dropping a Sign in with Apple button into your Rork app and shipping it is the fastest path to a rejection. This guide walks through the full picture: nonce hashing, server-side ID token verification with Apple's JWKs, the mandatory account deletion flow, and the often-forgotten revoke_token call back to Apple.
Adding Sign in with Apple to Your Rork App — What Review Actually Requires and Where People Get Stuck
A practical walkthrough for adding Sign in with Apple to an existing Rork app. Covers the exact Guideline 4.8 requirements that reject Google/Facebook-only apps, the non-obvious parts of expo-apple-authentication, backend token verification with identityToken, and the account deletion requirement most tutorials skip.
Using Rork Max Auto-Backend at Production Level — Data Persistence, Auth, and External Service Integration
Complete production guide for Rork Max's auto-backend API. Covers database design for data persistence, JWT auth flows, external API integration including Stripe, and the migration strategy for when Rork's backend reaches its limits.
Rork × Supabase Auth & Realtime Guide — Building a Backend Without Code
Learn how to combine Rork with Supabase to implement authentication and real-time data sync. A practical step-by-step guide from user registration to real-time chat functionality.
Implementing User Authentication in Rork — Firebase & Supabase Integration Guide
Learn how to add user authentication to your Rork-built app using Firebase Authentication or Supabase Auth. A complete integration guide for React Native developers.