Is this skill restricted to a specific backend framework?

While the examples are provided in TypeScript and Express, the architectural patterns and security principles are applicable to any modern backend environment.

What authentication methods does this skill support?

It provides patterns for JWT (JSON Web Tokens), stateful session-based authentication using Redis, and OAuth2/OpenID Connect for social logins like Google and GitHub.

Can I implement complex permission systems with this skill?

Yes, the skill includes detailed patterns for both Role-Based Access Control (RBAC) and more granular Permission-Based Access Control.

Does it include security best practices for token management?

Absolutely. It covers secure token storage, refresh token rotation logic, token revocation (logout all devices), and secure cookie configurations.

Secure Auth Implementation Patterns

Name: Secure Auth Implementation Patterns
Author: drgaciw

bydrgaciw

セキュリティとテスト

Implement industry-standard authentication and authorization systems including JWT, OAuth2, and RBAC for secure application access.

概要

This skill provides a comprehensive toolkit for building secure and scalable access control systems using modern best practices. It covers a wide range of implementation patterns, from stateful session management with Redis to stateless JWT authentication and social logins via OAuth2. Developers can leverage detailed patterns for Role-Based Access Control (RBAC), permission-based authorization, and secure token refresh cycles to harden their APIs and protect user data across REST or GraphQL architectures.

主な機能

Robust JWT management with secure token refresh and revocation flows
Stateful and stateless authentication patterns (Sessions and JWT)
Granular Role-Based Access Control (RBAC) and permission hierarchies
0 GitHub stars
OAuth2 and Social Login integration using industry-standard libraries
Production-ready middleware for API security and identity verification

ユースケース

Migrating from session-based auth to a stateless JWT architecture for scalability
Implementing Google or GitHub social login for rapid user onboarding
Building a secure backend for a SaaS application with multi-role access

概要

主な機能

Robust JWT management with secure token refresh and revocation flows
Stateful and stateless authentication patterns (Sessions and JWT)
Granular Role-Based Access Control (RBAC) and permission hierarchies
0 GitHub stars
OAuth2 and Social Login integration using industry-standard libraries
Production-ready middleware for API security and identity verification

ユースケース

Migrating from session-based auth to a stateless JWT architecture for scalability
Implementing Google or GitHub social login for rapid user onboarding
Building a secure backend for a SaaS application with multi-role access