How does it handle token security?

The patterns follow security best practices, including short-lived access tokens, refresh token rotation, and hashing tokens before storage to minimize security risks.

What session strategies are covered?

It covers both stateless token-based authentication (JWT) and stateful session management using Express-session and Redis for robust user state handling.

Can I implement complex user permissions?

Absolutely. The skill provides logic for both hierarchical Role-Based Access Control (RBAC) and granular Permission-Based Access Control for precise security management.

Does this skill support social logins?

Yes, it includes detailed implementation patterns for OAuth2 and social login providers like Google and GitHub using industry-standard libraries like Passport.js.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: Activer007

byActiver007

•

보안 및 테스팅

Implements secure authentication and authorization systems including JWT, OAuth2, and RBAC using industry-standard security patterns.

소개

The Auth Implementation Patterns skill provides developers with production-grade guidance for building secure access control systems. It encompasses a wide range of essential security strategies, from stateless JWT authentication with refresh token rotation to stateful session management using Redis storage. Whether you are integrating social logins via OAuth2, architecting complex Role-Based Access Control (RBAC) hierarchies, or implementing granular permission-based middleware, this skill ensures your application's identity and access management is scalable, robust, and follows modern security best practices.

주요 기능

Granular permission-based access control systems
1 GitHub stars
Stateless JWT authentication with secure refresh token flows
OAuth2 and social login integration patterns using Passport.js
Stateful session-based management using Redis and HTTP-only cookies
Hierarchical Role-Based Access Control (RBAC) middleware

사용 사례

Adding social login providers like Google or GitHub to modern web applications
Securing REST or GraphQL APIs with scalable token-based authentication
Implementing enterprise-grade multi-tenant access control systems

소개

주요 기능

Granular permission-based access control systems
1 GitHub stars
Stateless JWT authentication with secure refresh token flows
OAuth2 and social login integration patterns using Passport.js
Stateful session-based management using Redis and HTTP-only cookies
Hierarchical Role-Based Access Control (RBAC) middleware

사용 사례

Adding social login providers like Google or GitHub to modern web applications
Securing REST or GraphQL APIs with scalable token-based authentication
Implementing enterprise-grade multi-tenant access control systems