How does it help with role-based access control?

It includes decorators and implementation logic to restrict specific API endpoints or UI views based on user roles.

Does it support refresh token rotation?

Yes, it provides modern patterns for rotating refresh tokens on use to prevent replay attacks and enhance session security.

What password hashing algorithms does this skill recommend?

The skill prioritizes Argon2id as the gold standard for password hashing, with support for Argon2 and bcrypt as alternatives.

Can it prevent brute-force attacks?

Yes, the skill includes patterns for implementing rate limiting on authentication endpoints to mitigate automated login attempts.

Auth Patterns

Name: Auth Patterns
Author: yonatangross

byyonatangross

•

セキュリティとテスト

Implements secure authentication and authorization patterns using modern industry standards.

The Auth Patterns skill provides a comprehensive framework for building secure login systems, managing JWT tokens, and enforcing role-based access control. It follows 2026 best practices, including Argon2id password hashing, refresh token rotation, and hardened session management. This skill ensures Claude can generate production-grade security code that mitigates common vulnerabilities such as brute-force attacks, session hijacking, and unauthorized privilege escalation.

主な機能

01Hardened session and cookie security

02Role-Based Access Control (RBAC) implementation

03Secure password hashing with Argon2id and bcrypt

04JWT management with refresh token rotation

058 GitHub stars

06Rate limiting and MFA integration

ユースケース

01Enforcing granular user permissions and roles

02Building secure signup and login flows

03Implementing token-based API authentication

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add yonatangross/skillforge-claude-plugin auth-patterns

For use in Claude.ai and ChatGPT

Download Skill