Loading...
Loading...
Create a structured session handoff document for continuity across sessions. Use when ending a work session, switching contexts, or before a break. Captures decisions, progress, code changes, and next steps so a future session can pick up where you left off without losing context.
npx skill4agent add robertguss/claude-skills handoff"I'll create a handoff document. Is there anything specific you want to make sure I capture? (Key decisions, code snippets, context about the problem, things you'll forget, etc.)"
# Session Handoff: [Brief Description]
**Date:** [YYYY-MM-DD] **Project:** [project name/path] **Session Duration:**
[approximate]
## Current State
**Task:** [What we're working on] **Phase:**
[exploration/planning/implementation/debugging/review] **Progress:** [where we
are - percentage or milestone]
## What We Did
[2-3 sentence summary of the session's work]
## Decisions Made
- **[Decision]** — [Rationale]
- **[Decision]** — [Rationale]
## Code Changes
**Files modified:**
- `path/to/file.ts` — [what and why]
- `path/to/other.ts` — [what and why]
**Key code context:** [Critical snippets or patterns to remember]
## Open Questions
- [ ] [Question needing resolution]
- [ ] [Question needing resolution]
## Blockers / Issues
- [Issue] — [current status]
## Context to Remember
[Important background, constraints, user preferences, domain knowledge - things
that would take time to re-establish]
## Next Steps
1. [ ] [First thing to do next session]
2. [ ] [Second thing]
3. [ ] [Third thing]
## Files to Review on Resume
- `path/to/key/file.ts` — [why it matters].claude/handoffs/[YYYY-MM-DD]-[brief-description].md"I'll save this to. Want a different location?".claude/handoffs/[filename].md
src/foo.ts:42- [ ]# Session Handoff: Auth System Implementation
**Date:** 2025-01-15 **Project:** /Users/robert/projects/my-api **Session
Duration:** ~2 hours
## Current State
**Task:** Implementing user authentication for the API **Phase:** Implementation
**Progress:** ~60% - basic flow works, need refresh tokens
## What We Did
Built the core JWT authentication flow including token generation, validation
middleware, and login/logout endpoints. Hit an issue with key rotation that we
resolved by moving to config-based key paths.
## Decisions Made
- **JWT with RS256** — Stateless auth, works with distributed setup
- **Redis for refresh tokens** — Need revocation capability
- **15-min access token expiry** — Balance security/UX for mobile app
## Code Changes
**Files modified:**
- `src/auth/jwt.ts` — Token generation and validation logic
- `src/middleware/auth.ts` — Request authentication middleware
- `src/routes/auth.ts` — Login/logout endpoints
- `config/keys/` — RSA key pair storage
**Key code context:** Token validation uses RS256. Keys loaded from
`config/keys/` based on NODE_ENV.
## Open Questions
- [ ] Automatic vs opt-in refresh token rotation?
- [ ] Rate limit for login attempts? (User mentioned 10k DAU)
## Context to Remember
- Client is a mobile app - tokens need offline capability
- User has 10k daily active users - scale matters
- Using PostgreSQL for user storage
- User prefers explicit error messages over generic ones
## Next Steps
1. [ ] Implement `/auth/refresh` endpoint
2. [ ] Add rate limiting to `/auth/login`
3. [ ] Write tests for token expiry edge cases
4. [ ] Update API docs with auth flow
## Files to Review on Resume
- `src/auth/jwt.ts` — Core token logic
- `src/routes/auth.ts` — Current endpoint implementation