Does this skill support social login?

Yes, it provides detailed patterns for implementing OAuth2 and social login providers like Google and GitHub using the Passport.js ecosystem.

Can these patterns be used with GraphQL?

Absolutely. While the examples use Express, the core logic for JWT verification, session management, and RBAC is protocol-agnostic and applies to REST, GraphQL, and gRPC.

How does it handle token security?

The skill emphasizes best practices like using short-lived access tokens, secure refresh token rotation, and hashing tokens before storing them in a database.

Is Role-Based Access Control (RBAC) included?

Yes, it includes patterns for defining role hierarchies and middleware to enforce both role-level and granular permission-level access control.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: Microck

byMicrock

•

110

セキュリティとテスト

Implements secure authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

概要

This skill empowers Claude to architect and implement robust security layers for modern applications by providing structured guidance on identity and access management. It covers the full spectrum of security needs, from stateless JWT authentication with refresh token rotation to stateful session management using Redis. It also provides implementation patterns for third-party social logins via OAuth2 and flexible authorization models, including Role-Based Access Control (RBAC) and granular permission systems. Whether you are securing a REST API or migrating an existing authentication flow, this skill ensures best practices are followed for scalability and defense-in-depth.

主な機能

OAuth2 and social login integration using Passport.js
110 GitHub stars
Standardized security middleware for identity and permission verification
JWT implementation with secure refresh token rotation logic
Stateful session management patterns using Express and Redis
Comprehensive Role-Based Access Control (RBAC) hierarchies

ユースケース

Integrating Google or GitHub social login into a web application
Designing granular permission-based access control for enterprise dashboards
Building a secure backend API with stateless JWT authentication

概要

主な機能

OAuth2 and social login integration using Passport.js
110 GitHub stars
Standardized security middleware for identity and permission verification
JWT implementation with secure refresh token rotation logic
Stateful session management patterns using Express and Redis
Comprehensive Role-Based Access Control (RBAC) hierarchies

ユースケース

Integrating Google or GitHub social login into a web application
Designing granular permission-based access control for enterprise dashboards
Building a secure backend API with stateless JWT authentication