Can I implement social login with this skill?

Yes, it includes patterns for OAuth 2.0 strategies, specifically demonstrating how to integrate Google authentication using Passport.js.

Does this skill support session-based auth or just JWT?

It covers both, including JWT refresh token strategies and patterns for traditional secure cookie-based session management.

Does it include Role-Based Access Control?

Yes, it provides a comprehensive RBAC middleware pattern for defining hierarchical permissions and enforcing them across API routes.

Is the password hashing implementation secure?

Yes, the skill follows security best practices by using bcrypt with asynchronous hashing and recommended salt rounds.

How does it handle API security for third-party access?

It includes a dedicated service pattern for generating, hashing, and validating secure API keys via custom headers.

Authentication & Authorization Patterns

Name: Authentication & Authorization Patterns
Author: karchtho

bykarchtho

0•

API開発

Implements secure user authentication, token management, and role-based access control using industry-standard patterns.

This skill provides comprehensive implementation patterns for securing modern web applications and APIs. It covers the full lifecycle of identity management, from password hashing with bcrypt and JWT-based session handling to complex OAuth 2.0 flows and Multi-Factor Authentication (MFA). By providing standardized boilerplate and best practices for refresh tokens, password reset flows, and Role-Based Access Control (RBAC), it ensures that developers can build robust, secure backend architectures while avoiding common security pitfalls in Express and Node.js environments.

主な機能

01OAuth 2.0 integration (Google Strategy)

02API Key authentication and MFA implementation

03JWT and Refresh Token lifecycle management

04Secure password hashing and reset workflows

050 GitHub stars

06Role-Based Access Control (RBAC) middleware

ユースケース

01Securing REST APIs with token-based authorization

02Implementing multi-tenant or role-specific access permissions

03Building a secure user registration and login system

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add karchtho/my-claude-marketplace authentication-patterns

For use in Claude.ai and ChatGPT

Download Skill