How does it handle authorization?

It provides implementation patterns for both Role-Based Access Control (RBAC) and more granular Permission-Based Access Control.

What authentication strategies does this skill support?

It covers stateful session-based authentication, stateless JWT tokens with refresh flows, and OAuth2/OpenID Connect for social logins.

Can I use this for both REST and GraphQL APIs?

Yes, the patterns are designed to be protocol-agnostic and can be applied to secure any API architecture.

Does it include social login examples?

Yes, it features implementation patterns for OAuth2 integration using Passport.js for providers like Google and GitHub.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: Microck

byMicrock

•

128

•

セキュリティとテスト

Implements secure, industry-standard authentication and authorization systems including JWT, OAuth2, and role-based access control.

This skill provides comprehensive guidance and boilerplate patterns for building robust security layers in modern applications. It covers essential authentication strategies like stateless JWTs with refresh token rotations and stateful session management using Redis, alongside sophisticated authorization models like Role-Based Access Control (RBAC) and Permission-Based Access Control. Whether you are securing REST/GraphQL APIs, integrating social logins via Passport.js, or debugging complex session issues, this skill offers the production-ready patterns and best practices needed to ensure scalable and secure user access management.

主な機能

01Granular authorization models including RBAC and permission-based logic

02Best practices for securing REST and GraphQL API endpoints

03128 GitHub stars

04OAuth2 and social login integration via industry-standard libraries

05Stateful session management patterns using Express and Redis

06JWT implementation with secure refresh token rotation flows

ユースケース

01Adding role-based permissions and access control to existing API routes

02Migrating from stateful sessions to stateless JWT-based authentication

03Architecting a new authentication system for a scalable web application

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add microck/ordinary-claude-skills auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill