Which authentication strategies are included?

The skill includes patterns for JWT (JSON Web Tokens), Session-based auth with Redis, and OAuth2/OpenID Connect for social logins.

Does this skill handle authorization as well as authentication?

Yes, it provides implementation patterns for both Role-Based Access Control (RBAC) and more granular Permission-Based Access Control.

What technologies are these patterns designed for?

While the logic is universal, the provided implementation examples primarily target Node.js environments using TypeScript, Express, and Passport.js.

Can I use these patterns for production applications?

Absolutely. The patterns are designed with security best practices in mind, such as hashing refresh tokens, using secure cookies, and implementing token rotation.

Authentication Implementation Patterns

Name: Authentication Implementation Patterns
Author: Activer007

byActiver007

•

セキュリティとテスト

Implements secure, industry-standard authentication and authorization patterns including JWT, OAuth2, and Role-Based Access Control.

概要

This skill provides comprehensive guidance and production-grade patterns for building robust access control systems. It covers the full spectrum of modern security requirements—from stateless JWT implementations with refresh token rotation to stateful session management using Redis. Developers can leverage these patterns to integrate OAuth2 social logins, design scalable Role-Based Access Control (RBAC) hierarchies, and implement granular permission-based systems, ensuring that applications are secure, scalable, and compliant with best practices.

主な機能

Pre-configured security middleware for protecting API endpoints
Role-Based Access Control (RBAC) and permission-based models
1 GitHub stars
JWT implementation with secure refresh token rotation flows
Stateful session management patterns using Express and Redis
OAuth2 and social login integration for Google and GitHub

ユースケース

Securing REST or GraphQL APIs with stateless token-based authentication
Implementing complex user hierarchy and permission systems for SaaS platforms
Migrating legacy session-based auth to modern JWT or OAuth2 architectures

概要

主な機能

Pre-configured security middleware for protecting API endpoints
Role-Based Access Control (RBAC) and permission-based models
1 GitHub stars
JWT implementation with secure refresh token rotation flows
Stateful session management patterns using Express and Redis
OAuth2 and social login integration for Google and GitHub

ユースケース

Securing REST or GraphQL APIs with stateless token-based authentication
Implementing complex user hierarchy and permission systems for SaaS platforms
Migrating legacy session-based auth to modern JWT or OAuth2 architectures