Name: pantheon-ai/software-design-principles
Author: pantheon-ai

pantheon-ai/software-design-principles

Apply software design principles across architecture and implementation using deterministic decision workflows, SOLID checks, structural patterns, and anti-pattern detection; use when reviewing designs, refactoring modules, or resolving maintainability and coupling risks.

Review — 93%

Does it follow best practices?

Evaluation — 99%

↑ 1.01x

Agent success when using this tile

Validation — 11 / 11 Passed

Validation for skill structure

title:: Web Framework Concerns Stay in Interface Layer
impact:: MEDIUM
impactDescription:: enables delivery mechanism substitution
tags:: frame, web, http, interface

Web Framework Concerns Stay in Interface Layer

HTTP-specific code (requests, responses, headers, cookies, sessions) belongs in the interface adapters layer. Use cases should be callable from any delivery mechanism.

Incorrect (use case coupled to HTTP):

// application/usecases/LoginUseCase.ts
import { Request, Response } from 'express'
import { sign } from 'jsonwebtoken'

export class LoginUseCase {
  async execute(req: Request, res: Response) {
    const { email, password } = req.body

    const user = await this.users.findByEmail(email)
    if (!user || !user.verifyPassword(password)) {
      return res.status(401).json({ error: 'Invalid credentials' })
    }

    // Set HTTP-only cookie
    const token = sign({ userId: user.id }, process.env.JWT_SECRET)
    res.cookie('auth_token', token, {
      httpOnly: true,
      secure: process.env.NODE_ENV === 'production',
      sameSite: 'strict'
    })

    return res.json({ user: { id: user.id, email: user.email } })
  }
}

// Cannot call from CLI, message queue, or test without Express

Correct (use case independent of delivery):

// application/usecases/LoginUseCase.ts
export interface LoginCommand {
  email: string
  password: string
}

export interface LoginResult {
  userId: string
  email: string
  authToken: string
}

export class LoginUseCase {
  constructor(
    private users: UserRepository,
    private tokenService: TokenService
  ) {}

  async execute(command: LoginCommand): Promise<LoginResult> {
    const user = await this.users.findByEmail(command.email)

    if (!user) {
      throw new InvalidCredentialsError()
    }

    if (!user.verifyPassword(command.password)) {
      throw new InvalidCredentialsError()
    }

    const token = this.tokenService.generate({ userId: user.id.value })

    return {
      userId: user.id.value,
      email: user.email.value,
      authToken: token
    }
  }
}

// interface/http/AuthController.ts
import { Request, Response } from 'express'

export class AuthController {
  constructor(private loginUseCase: LoginUseCase) {}

  async login(req: Request, res: Response) {
    try {
      const result = await this.loginUseCase.execute({
        email: req.body.email,
        password: req.body.password
      })

      // HTTP concerns in controller
      res.cookie('auth_token', result.authToken, {
        httpOnly: true,
        secure: process.env.NODE_ENV === 'production',
        sameSite: 'strict'
      })

      return res.json({
        user: { id: result.userId, email: result.email }
      })
    } catch (error) {
      if (error instanceof InvalidCredentialsError) {
        return res.status(401).json({ error: 'Invalid credentials' })
      }
      throw error
    }
  }
}

// interface/cli/AuthCli.ts - Same use case, different delivery
export class AuthCli {
  async login(email: string, password: string) {
    const result = await this.loginUseCase.execute({ email, password })
    console.log(`Logged in as ${result.email}`)
    fs.writeFileSync('.auth_token', result.authToken)
  }
}

Benefits:

Same use case for HTTP, CLI, WebSocket, queue consumers
Easy to test without HTTP mocking
Web framework upgrades isolated to interface layer

Reference: Clean Architecture - The Web is a Detail

Install with Tessl CLI

npx tessl i pantheon-ai/software-design-principles

evals

references

adapt-anti-corruption-layer.md

adapt-controller-thin.md

adapt-gateway-abstraction.md

adapt-mapper-translation.md

adapt-presenter-formats.md

anti-patterns-and-frameworks.md

bound-boundary-cost-awareness.md

bound-defer-decisions.md

bound-humble-object.md

bound-main-component.md

bound-partial-boundaries.md

bound-service-internal-architecture.md

comp-common-closure.md

comp-common-reuse.md

comp-reuse-release-equivalence.md

comp-screaming-architecture.md

comp-stable-dependencies.md

dep-acyclic-dependencies.md

dep-data-crossing-boundaries.md

dep-interface-ownership.md

dep-inward-only.md

dep-no-framework-imports.md

dep-stable-abstractions.md

detailed-examples.md

entity-encapsulate-invariants.md

entity-no-persistence-awareness.md

entity-pure-business-rules.md

entity-rich-not-anemic.md

entity-value-objects.md

frame-di-container-edge.md

frame-domain-purity.md

frame-logging-abstraction.md

frame-orm-in-infrastructure.md

frame-web-in-infrastructure.md

test-boundary-verification.md

test-layer-isolation.md

test-testable-design.md

test-tests-are-architecture.md

usecase-explicit-dependencies.md

usecase-input-output-ports.md

usecase-no-presentation-logic.md

usecase-orchestrates-not-implements.md

usecase-single-responsibility.md

usecase-transaction-boundary.md

SKILL-FULL.md

SKILL.md

tile.json

pantheon-ai/software-design-principles

frame-web-in-infrastructure.md.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}references/

Web Framework Concerns Stay in Interface Layer

frame-web-in-infrastructure.mdreferences/