auth-implementation-patterns

Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing APIs, or debugging security issues.

Install with Tessl CLI

npx tessl i github:Dicklesworthstone/pi_agent_rust --skill auth-implementation-patterns

What are skills?

Review — 82%

Does it follow best practices?

If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:

npx tessl skill review --optimize ./path/to/skill

Learn more

Validation — 10 / 11 Passed

Validation for skill structure

SKILL.md

Review

Evals

Evaluation results

100%

32%

JWT Authentication Service Module

JWT token management

Criteria

Without context

With context

jsonwebtoken package

100%

Access token expiry

100%

Refresh token expiry

100%

JWT payload fields

50%

100%

Separate JWT secrets

50%

100%

Bearer header extraction

100%

TokenExpiredError handling

60%

100%

Refresh token hashed

100%

Refresh returns access only

100%

All-devices logout

100%

401 on missing token

100%

Without context: $0.3600 · 2m 21s · 14 turns · 63 in / 6,204 out tokens

With context: $0.5754 · 2m 51s · 21 turns · 650 in / 6,841 out tokens

100%

Access Control Middleware for Multi-Tier SaaS Platform

RBAC and permission-based authorization

Criteria

Without context

With context

Role enum values

100%

Role hierarchy map

100%

hasRole uses hierarchy

100%

401 vs 403 distinction

100%

Admin bypasses ownership

100%

Permission enum format

100%

rolePermissions mapping

100%

requirePermission uses every()

100%

Admin has all permissions

100%

404 on missing resource

100%

403 on non-owner

100%

Without context: $0.2717 · 1m 51s · 12 turns · 12 in / 4,266 out tokens

With context: $0.5354 · 2m 9s · 22 turns · 21 in / 5,822 out tokens

100%

27%

Secure Session-Based Authentication for Healthcare Portal

Session auth, password security, and rate limiting

Criteria

Without context

With context

connect-redis store

100%

httpOnly cookie

100%

sameSite strict

100%

Conditional secure flag

100%

Cookie maxAge 24h

100%

resave and saveUninitialized

100%

Logout destroys session

100%

bcrypt saltRounds=12

100%

Zod password min length

100%

Zod character classes

100%

44%

100%

Rate limit headers config

100%

rate-limit-redis store

100%

Without context: $0.5395 · 3m 10s · 22 turns · 71 in / 8,268 out tokens

With context: $0.6408 · 3m 25s · 26 turns · 25 in / 6,854 out tokens

Evaluated: 4 days ago
Agent: Claude Code

Table of Contents

JWT Authentication Service Module Access Control Middleware for Multi-Tier SaaS Platform Secure Session-Based Authentication for Healthcare Portal

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.