From gavel
Multi-tenant firm-scoped authentication for API and UI tests. Use when tests get 401 across tenants, need tenant-scoped tokens, or debug firm-scope mismatches. Framework-adaptive.
How this skill is triggered — by the user, by Claude, or both
Slash command
/gavel:gavel-authThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Multi-tenant authentication for tests.
Multi-tenant authentication for tests.
// Fixture: login as tenant-specific user
test.extend<{ tenantAUser: APIRequestContext }>({
tenantAUser: async ({}, use) => {
const response = await request.post('/api/auth/login', {
data: { email: UserFactory.create('tenantA').email, password: env.PASSWORD },
headers: { 'X-Tenant': 'tenant-a' },
});
await use(response);
},
});
// Navigate via tenant-specific subdomain
await page.goto(`http://tenant-a.localhost:${port}/login`);
| Issue | Cause | Fix |
|---|---|---|
| 401 on cross-tenant request | Token scoped to wrong tenant | Use correct tenant's credentials |
| 404 instead of 403 | App returns 404 for scope mismatch | Expected behavior for security |
| Session expired | Token TTL exceeded | Re-login in beforeEach |
npx claudepluginhub dsolisp/gavel --plugin gavelGuides completion of development work by verifying tests, detecting environment, and presenting structured options for merge, PR, or cleanup.
Enforces test-driven development: write failing test first, then minimal code to pass. Use when implementing features or bugfixes.
Guides creation and editing of skills using test-driven development with pressure scenarios and subagents to verify agent compliance.