Does this skill support TypeScript?

Yes, all implementation patterns are provided with full TypeScript support, including interface definitions for payloads and session objects.

Can it help with session management?

Yes, it includes patterns for stateful session management using Redis to ensure horizontal scalability.

Can I use this for social logins like Google or GitHub?

Absolutely. The skill includes specific patterns for integrating OAuth2 and social providers using Passport.js.

How does it handle authorization?

It provides logic for both Role-Based Access Control (RBAC) with hierarchical roles and more granular Permission-Based Access Control systems.

Are these patterns secure for production?

The patterns follow industry standards such as short-lived access tokens, hashed refresh tokens, and secure HTTP-only cookie configurations.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: Microck

byMicrock

•

セキュリティとテスト

Implements secure authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

概要

This skill equips Claude with the expertise to design and implement robust security architectures for modern web applications and APIs. It provides detailed implementation patterns for token-based authentication (JWT) with refresh token flows, stateful session management using Redis, and social logins via OAuth2/Passport.js. Beyond simple login logic, it guides the creation of sophisticated authorization models, including Role-Based Access Control (RBAC) and permission-based systems, ensuring that your application's security is both scalable and compliant with modern best practices.

主な機能

Scalable Role-Based Access Control (RBAC) and permission-based authorization middleware.
Social login integration patterns for Google and GitHub using Passport.js.
Secure session-based authentication patterns using Express and Redis storage.
81 GitHub stars
Comprehensive JWT implementation with access and refresh token rotation logic.
Best practices for secure cookie management, password hashing, and token revocation.

ユースケース

Migrating legacy session-based systems to modern OAuth2/OIDC flows.
Implementing enterprise-grade multi-tenant authorization and user roles.
Securing REST or GraphQL APIs with stateless JWT authentication.

概要

主な機能

Scalable Role-Based Access Control (RBAC) and permission-based authorization middleware.
Social login integration patterns for Google and GitHub using Passport.js.
Secure session-based authentication patterns using Express and Redis storage.
81 GitHub stars
Comprehensive JWT implementation with access and refresh token rotation logic.
Best practices for secure cookie management, password hashing, and token revocation.

ユースケース

Migrating legacy session-based systems to modern OAuth2/OIDC flows.
Implementing enterprise-grade multi-tenant authorization and user roles.
Securing REST or GraphQL APIs with stateless JWT authentication.