poc: T003 API Key Injection (Next.js)

[mattheworiordan]

Context

This is a mini POC (Proof of Concept) created as part of the Web Platform Technical Strategy work led by Matthew O'Riordan.

DO NOT REVIEW - This branch is for internal validation only and is not meant to be merged as-is.

RFC Reference: WEBRFC-005: Web Platform Technical Strategy

Purpose

Validates RFC hypothesis: "The API key injection pattern can be replicated in Next.js with no hydration mismatches."

Results

• Verdict: VALIDATED
• Session cookie readable from Rails: ✅
• API key appears in Sandpack code: ✅
• No hydration mismatch warnings: ✅
• Works with browser dev tools open: ✅
• Key changes when user switches apps: ✅

Implementation

Hydration-safe pattern uses client-side data fetching:

• Server renders loading state
• Client fetches user data via route handler
• Route handler forwards cookies to Rails API

See poc-nextjs/ for implementation and POC_RESULTS.md for findings.

---

🤖 Generated as part of autonomous POC execution

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}