CtrlK
BlogDocsLog inGet started
Tessl Logo

authentication-flow

Implements authentication using Rails 8 built-in generator. Use when setting up user authentication, login/logout, session management, password reset flows, or securing controllers.

87

1.21x
Quality

86%

Does it follow best practices?

Impact

84%

1.21x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Evaluation results

94%

3%

Greenfield SaaS Authentication Setup

Rails 8 auth model and controller setup

Criteria
Without context
With context

No external auth gems

100%

100%

has_secure_password

100%

100%

User has_many sessions

100%

100%

Email normalization

100%

100%

Email regexp validation

100%

100%

Session token generation

100%

100%

Session unique index

100%

100%

Current extends CurrentAttributes

100%

100%

Current delegates user

0%

100%

Auth concern included

100%

100%

allow_unauthenticated_access method

100%

100%

httponly cookie

100%

100%

SessionsController unauthenticated access

100%

100%

terminate_session resets session

50%

0%

98%

35%

Authentication Test Coverage for a Rails App

RSpec authentication test helpers and request specs

Criteria
Without context
With context

sign_in creates session

0%

100%

sign_in sets cookie

0%

83%

sign_out deletes cookie

0%

100%

Helper included in request specs

100%

100%

Current stub helper

50%

100%

Unauthenticated redirects to login

100%

100%

Authenticated access succeeds

100%

100%

Valid login test

90%

100%

Invalid login test

100%

100%

Logout test

100%

100%

62%

9%

Hardening a Rails Authentication System for Production

Session security: expiry, rate limiting, cleanup job

Criteria
Without context
With context

Session expiry scopes

100%

70%

resume_session checks expired

70%

100%

IP and user_agent tracking

62%

62%

Current metadata attributes

0%

0%

Rate limiting added

70%

100%

Rate limit redirects to login

0%

100%

Cleanup job uses Session.expired

100%

100%

Cleanup job queued low

0%

0%

Recurring schedule daily

100%

100%

terminate_session reset_session

0%

0%

Job does not use Current

30%

30%

Secure cookie options

50%

50%

Repository
ThibautBaissac/rails_ai_agents
Commit

15fdeaf

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

Greenfield SaaS Authentication SetupAuthentication Test Coverage for a Rails AppHardening a Rails Authentication System for Production

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill