Does it handle role-based permissions?

Yes, it includes implementation patterns for both Role-Based Access Control (RBAC) with hierarchies and fine-grained Permission-Based Access Control.

Is it compatible with TypeScript?

All provided patterns and code examples are written in TypeScript, ensuring type safety and modern development best practices.

Can I use this for stateless API security?

Absolutely. The skill provides detailed patterns for JWT (JSON Web Tokens) including secure refresh token flows and revocation strategies for stateless architectures.

Does this skill support social login?

Yes, it includes patterns for implementing OAuth2 and social logins for providers like Google and GitHub using industry-standard libraries like Passport.js.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: HermeticOrmus

byHermeticOrmus

セキュリティとテスト

Implements secure authentication and authorization systems including JWT, OAuth2, and role-based access control patterns.

概要

This skill equips Claude with standardized, production-ready patterns for building robust security layers in modern applications. It covers essential authentication strategies like stateless JWT with secure refresh token flows and stateful session management via Redis, alongside granular authorization models such as Role-Based Access Control (RBAC). Whether you are integrating social login with Passport.js or securing REST and GraphQL APIs, this skill ensures the application of security best practices to reduce vulnerabilities and implementation errors in access control logic.

主な機能

Hierarchical Role-Based Access Control (RBAC) middleware
OAuth2 and social login integration workflows via Passport.js
0 GitHub stars
Stateless JWT implementation with secure refresh token rotation
Granular Permission-Based Access Control for fine-grained security
Stateful session management patterns using Express and Redis

ユースケース

Securing REST and GraphQL APIs with stateless token-based authentication
Integrating third-party social authentication like Google or GitHub
Implementing complex multi-level permission systems and user roles

概要

主な機能

Hierarchical Role-Based Access Control (RBAC) middleware
OAuth2 and social login integration workflows via Passport.js
0 GitHub stars
Stateless JWT implementation with secure refresh token rotation
Granular Permission-Based Access Control for fine-grained security
Stateful session management patterns using Express and Redis

ユースケース

Securing REST and GraphQL APIs with stateless token-based authentication
Integrating third-party social authentication like Google or GitHub
Implementing complex multi-level permission systems and user roles