Is this skill restricted to a specific backend framework?

While the examples utilize TypeScript and Express, the underlying patterns and logic are applicable to any modern backend environment or language.

Can I use this skill to implement social login?

Yes, it includes specific patterns for integrating third-party providers like Google and GitHub using Passport.js.

What authentication strategies are supported by this skill?

This skill supports session-based authentication, token-based (JWT) authentication, and delegated authentication via OAuth2 and OpenID Connect.

Does it include authorization patterns like RBAC?

Yes, it provides detailed implementation patterns for both Role-Based Access Control (RBAC) and Permission-Based Access Control.

How does it handle token security and refresh flows?

It implements secure refresh token rotation, token hashing for database persistence, and proper cookie configurations like HttpOnly and SameSite.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: Microck

byMicrock

•

110

セキュリティとテスト

Implements secure authentication and authorization systems including JWT, OAuth2, and session-based access control.

概要

This skill provides comprehensive guidance and implementation patterns for building secure, scalable access control systems. It covers the full spectrum of modern security needs, from basic session-based authentication to stateless JWT architectures and OAuth2 social login integrations. Developers can use this skill to quickly scaffold robust role-based access control (RBAC), manage secure token lifecycles with refresh flows, and ensure their APIs follow industry security best practices. Whether you are migrating legacy auth systems or building a new multi-tenant application, it offers production-ready patterns for Express, TypeScript, and Redis.

主な機能

JWT and stateless token management patterns
Secure refresh token rotation and logout flows
OAuth2 and OpenID Connect social login integration
110 GitHub stars
Session-based authentication with Redis storage
Hierarchical Role-Based Access Control (RBAC)

ユースケース

Designing complex permission systems for enterprise multi-tenant applications
Securing REST and GraphQL APIs with industry-standard token validation
Implementing multi-provider social login using Passport.js

概要

主な機能

JWT and stateless token management patterns
Secure refresh token rotation and logout flows
OAuth2 and OpenID Connect social login integration
110 GitHub stars
Session-based authentication with Redis storage
Hierarchical Role-Based Access Control (RBAC)

ユースケース

Designing complex permission systems for enterprise multi-tenant applications
Securing REST and GraphQL APIs with industry-standard token validation
Implementing multi-provider social login using Passport.js