What authentication strategies are covered?

This skill covers stateless JWT (JSON Web Tokens), stateful session-based authentication using Redis, and delegated authentication via OAuth2 and OpenID Connect.

Is this specific to a certain framework?

While the examples focus on Node.js and Express, the underlying security patterns and logic are applicable across most modern backend frameworks.

Does it support secure token refresh flows?

Absolutely. It includes patterns for short-lived access tokens and long-lived refresh tokens, including database-backed revocation and token hashing.

Authentication Implementation Patterns

Name: Authentication Implementation Patterns
Author: wshobson

bywshobson

•

23,194

•

Seguridad y Pruebas

Implements secure authentication and authorization systems using JWT, OAuth2, session management, and role-based access control.

This skill equips Claude with specialized patterns for building production-grade access control systems. It provides comprehensive guidance on implementing stateless JWT authentication with refresh token rotation, stateful session management via Redis, and third-party social login through OAuth2. Beyond identity verification, the skill covers granular authorization models including Role-Based Access Control (RBAC) and Permission-Based Access Control (PBAC), ensuring developers can secure REST and GraphQL APIs using industry-standard security best practices and middleware patterns.

Características Principales

01JWT implementation with secure refresh token rotation flows

02Stateful session management patterns using Redis storage

0323,194 GitHub stars

04Social login integration using OAuth2 and Passport.js

05Secure password hashing and token verification strategies

06Granular RBAC and PBAC middleware for resource protection

Casos de Uso

01Securing a RESTful API with stateless JWT tokens and middleware

02Implementing a multi-tenant RBAC system for enterprise applications

03Adding Google or GitHub social authentication to a Node.js backend

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add wshobson/agents auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill