Can this skill help with user permissions?

Yes, it includes detailed implementation patterns for both Role-Based Access Control (RBAC) and granular Permission-Based Access Control.

Does it provide code for social login integration?

Yes, it includes patterns for integrating social providers like Google and GitHub using Passport.js.

Is the code provided in a specific programming language?

The implementation patterns are primarily demonstrated using TypeScript and Express.js, but the concepts can be adapted to any backend framework.

Does it handle token expiration and refresh logic?

Yes, it covers secure refresh token flows, including token storage, rotation, and revocation strategies.

What authentication methods does this skill support?

This skill provides patterns for JWT (JSON Web Tokens), session-based authentication using Redis, and OAuth2/OpenID Connect for social logins.

Secure Authentication Patterns

Name: Secure Authentication Patterns
Author: amurata

byamurata

•

セキュリティとテスト

Implements industry-standard authentication and authorization patterns including JWT, OAuth2, and role-based access control for secure application development.

概要

The Secure Authentication Patterns skill equips Claude with the expertise needed to design and build robust access control systems. It provides production-ready implementation patterns for token-based authentication (JWT), stateful session management with Redis, and external identity providers via OAuth2 and OpenID Connect. Beyond identity verification, the skill covers complex authorization architectures, including Role-Based Access Control (RBAC) and permission-based logic, ensuring that applications remain secure, scalable, and compliant with modern security best practices.

主な機能

JWT implementation with secure refresh token flows
3 GitHub stars
Granular permission-based middleware for API protection
Hierarchical Role-Based Access Control (RBAC)
Session-based authentication with Redis storage patterns
OAuth2 and social login integration using Passport.js

ユースケース

Implementing complex permission structures for enterprise dashboards
Integrating third-party social logins like Google or GitHub
Building a secure authentication layer for a new REST or GraphQL API

概要

主な機能

JWT implementation with secure refresh token flows
3 GitHub stars
Granular permission-based middleware for API protection
Hierarchical Role-Based Access Control (RBAC)
Session-based authentication with Redis storage patterns
OAuth2 and social login integration using Passport.js

ユースケース

Implementing complex permission structures for enterprise dashboards
Integrating third-party social logins like Google or GitHub
Building a secure authentication layer for a new REST or GraphQL API