Can I use this for social login integration?

Absolutely. The skill provides implementation patterns for OAuth2 and OpenID Connect, including specific examples for Passport.js.

Is the code compatible with TypeScript and Express?

Yes, the implementation patterns are written in TypeScript and optimized for Express.js, though the logic can be adapted to other frameworks.

What is the difference between RBAC and PBAC in this skill?

It covers Role-Based Access Control for hierarchical group permissions and Permission-Based Access Control for granular, action-specific security logic.

Does this skill support stateless authentication?

Yes, it includes comprehensive patterns for JWT (JSON Web Tokens) including access and refresh token rotation logic for stateless scaling.

Secure Auth Implementation Patterns

Name: Secure Auth Implementation Patterns
Author: Microck

byMicrock

•

セキュリティとテスト

Implements industry-standard authentication and authorization patterns including JWT, OAuth2, and RBAC for secure web applications.

概要

This skill provides a comprehensive toolkit for developers building robust identity management and access control systems. It offers production-ready implementation patterns for stateless JWT authentication with token rotation, stateful session management using Redis, and social login via OAuth2/OpenID Connect. Beyond identity verification, it includes sophisticated authorization models such as Role-Based Access Control (RBAC) and granular permission-based logic, making it an essential resource for securing REST/GraphQL APIs and architecting scalable multi-tenant applications.

主な機能

Social login integration patterns for OAuth2 and Passport.js
Scalable Role-Based Access Control (RBAC) and permission hierarchies
89 GitHub stars
Stateful session management patterns using Express and Redis
JWT implementation with secure access/refresh token flows
Standardized middleware for route protection and identity injection

ユースケース

Securing stateless microservices architectures using JWT and token rotation
Architecting a secure multi-tenant SaaS with granular user permissions
Implementing 'Login with Google/GitHub' social authentication flows

概要

主な機能

Social login integration patterns for OAuth2 and Passport.js
Scalable Role-Based Access Control (RBAC) and permission hierarchies
89 GitHub stars
Stateful session management patterns using Express and Redis
JWT implementation with secure access/refresh token flows
Standardized middleware for route protection and identity injection

ユースケース

Securing stateless microservices architectures using JWT and token rotation
Architecting a secure multi-tenant SaaS with granular user permissions
Implementing 'Login with Google/GitHub' social authentication flows