Which frameworks are these patterns designed for?

The patterns are primarily demonstrated using TypeScript and Express.js, but the logic and security principles are applicable to most backend frameworks.

What authentication strategies are supported by this skill?

This skill supports session-based authentication, token-based (JWT) authentication, and OAuth2/OpenID Connect for social logins.

Does it help with security best practices like CSRF?

Yes, it covers secure cookie configurations, HTTP-only flags, and same-site attributes to mitigate common web vulnerabilities.

Does it include refresh token management?

Yes, it provides logic for generating, rotating, and revoking refresh tokens to maintain secure user sessions.

Can I implement Role-Based Access Control (RBAC) with this?

Yes, it includes specific patterns for role hierarchies and middleware-based permission checking for granular access control.

Authentication Implementation Patterns

Name: Authentication Implementation Patterns
Author: amurata

byamurata

•

セキュリティとテスト

Implements secure, industry-standard authentication and authorization patterns including JWT, OAuth2, and RBAC.

This skill provides developers with a comprehensive toolkit for building production-grade access control systems within Claude Code. It offers structured guidance and implementation patterns for session management, stateless token-based authentication (JWT), and complex authorization logic like Role-Based Access Control (RBAC). Whether you are securing a REST API, adding social login, or managing user permissions, this skill ensures your security architecture follows modern best practices for scalability and safety.

主な機能

013 GitHub stars

02JWT and Refresh Token lifecycle management

03Granular permission-based middleware for APIs

04Session-based authentication with Redis storage

05OAuth2 and Social Login integration patterns

06Hierarchical Role-Based Access Control (RBAC)

ユースケース

01Adding Google or GitHub social login capabilities to a web application

02Implementing complex multi-level user permissions for enterprise dashboards

03Securing REST or GraphQL APIs with stateless JWT authentication

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add amurata/cc-tools auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill