SKILL-003 Authentication and account lifecycle Locked skill

Account profile settings

A new email address is a claim, not a fact: never change the account's email until the user proves they own the new one.

Unlock download Unlock downloads

What this skill helps you build

Let users edit their own profile — name, email, avatar, timezone — with the new email re-verified before it ever takes effect.

The production takeaway

A new email address is a claim, not a fact: never change the account's email until the user proves they own the new one.

Inside this skill

The full skill expands these implementation areas with decisions, edge cases, prompts, tests, and framework-specific code.

Authentication and account lifecycle

What this helps you build

A self service profile settings page where a signed in user can update the basics about their account — display name, email address, avatar image, and timezone — safely. The one pa

🔒

Authentication and account lifecycle

When to use this

Reach for this pattern as soon as you have real users with real accounts — which is to say, almost immediately. Concretely, you need it when: Users sign in with an email/password o

🔒

Authentication and account lifecycle

The core idea

Most profile fields are trust on write : the user types a new name, you validate and save it. Done. Email is different. The email address is how the user signs in and how you reach

🔒

Unlock the full implementation

Paid access includes the complete skill body, implementation prompt, common mistakes, production checklist, and code examples where this skill includes them.

Unlock all skills — $199 Browse the library