How does this skill handle security best practices?

It implements industry standards such as token rotation, secure cookie attributes (HttpOnly, SameSite), password hashing, and token revocation strategies.

Does it provide implementation examples for specific frameworks?

The patterns are primarily demonstrated using TypeScript and Express, though the underlying security logic is applicable to most backend frameworks.

What authentication methods does this skill support?

The skill covers JWT (stateless tokens), session-based (stateful) authentication, and OAuth2/OpenID Connect for social logins.

Can it help with complex user permissions?

Yes, it includes specialized patterns for both Role-Based Access Control (RBAC) and granular Permission-Based Access Control (PBAC).

Secure Authentication & Authorization Patterns

Name: Secure Authentication & Authorization Patterns
Author: Activer007

byActiver007

0•

セキュリティとテスト

Implements secure, industry-standard authentication and authorization patterns including JWT, OAuth2, and RBAC for robust access control.

This skill provides comprehensive guidance and implementation patterns for building secure user access systems within modern applications. It covers a wide spectrum of essential security protocols, including stateless JWT management with refresh token flows, traditional session-based authentication using Redis storage, and third-party social login via OAuth2. Beyond identity verification, it offers sophisticated authorization strategies like Role-Based Access Control (RBAC) and Permission-Based Access Control (PBAC), enabling developers to design granular, scalable, and audit-ready security architectures for any API or web service.

主な機能

01Session-based authentication with secure cookie handling and Redis storage

020 GitHub stars

03Social login integration using OAuth2 and OpenID Connect patterns

04Granular Permission-Based Access Control (PBAC) for resource-level security

05JWT and Refresh Token implementation with stateless scaling patterns

06Hierarchical Role-Based Access Control (RBAC) middleware

ユースケース

01Securing REST or GraphQL APIs with token-based authentication

02Implementing enterprise-grade user permission and role hierarchies

03Migrating from stateful sessions to stateless JWT authentication

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add activer007/ordinary-claude-skills auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill