Does this skill support social logins?

Yes, it includes implementation patterns for OAuth2 and social logins using Passport.js for providers like Google and GitHub.

Are these patterns production-ready?

Yes, the patterns follow industry security standards including password hashing, token expiration, and secure cookie configurations.

How does it handle user permissions?

It includes logic for both Role-Based Access Control (RBAC) with hierarchies and granular Permission-Based Access Control (PBAC).

Can I use this for both stateful and stateless applications?

Absolutely. The skill provides distinct patterns for both stateless JWT-based authentication and stateful session management using Redis stores.

Authentication & Authorization Patterns

Name: Authentication & Authorization Patterns
Author: EngineerWithAI

byEngineerWithAI

セキュリティとテスト

Implements secure access control systems using JWT, OAuth2, session management, and role-based permissions.

概要

This Claude Code skill provides a comprehensive toolkit for building robust authentication and authorization systems in modern web applications. It offers expert guidance and ready-to-use implementation patterns for JWT stateless authentication, stateful session management with Redis, and third-party social logins via OAuth2. By integrating industry-standard security practices like Role-Based Access Control (RBAC) and secure refresh token rotation, this skill helps developers secure APIs and user data against common vulnerabilities while ensuring the system remains scalable and maintainable.

主な機能

Session-based authentication patterns using Redis storage
OAuth2 and social login integration templates
Role-Based (RBAC) and Permission-Based Access Control logic
Standardized security middleware for Express and TypeScript
JWT implementation with secure refresh token rotation
0 GitHub stars

ユースケース

Implementing multi-level user permissions and admin dashboards
Migrating legacy stateful sessions to stateless modern architectures
Securing REST and GraphQL APIs with token-based access

概要

主な機能

Session-based authentication patterns using Redis storage
OAuth2 and social login integration templates
Role-Based (RBAC) and Permission-Based Access Control logic
Standardized security middleware for Express and TypeScript
JWT implementation with secure refresh token rotation
0 GitHub stars

ユースケース

Implementing multi-level user permissions and admin dashboards
Migrating legacy stateful sessions to stateless modern architectures
Securing REST and GraphQL APIs with token-based access