Does this skill support both stateful and stateless authentication?

Yes, it includes patterns for stateless JWT tokens as well as stateful session-based authentication typically used in traditional web applications.

Can I use this for social login implementation?

Absolutely. The skill provides implementation patterns for OAuth2 and OpenID Connect, including examples for providers like Google and GitHub.

How does it handle complex user permissions?

The skill covers multiple authorization strategies, ranging from simple Role-Based Access Control (RBAC) to highly granular Permission-Based Access Control (PBAC).

Are the security patterns language-agnostic?

While the reference implementations use TypeScript and Express, the core security concepts and architectural patterns are applicable to any backend framework.

Authentication & Authorization Patterns

Name: Authentication & Authorization Patterns
Author: Activer007

byActiver007

보안 및 테스팅

Implements secure access control systems using JWT, OAuth2, RBAC, and session management patterns.

소개

This skill provides comprehensive guidance for building robust authentication and authorization architectures in modern web applications. It offers standardized implementation patterns for stateless JWT flows, stateful session management with Redis, third-party social logins via OAuth2/OpenID Connect, and granular access control models like RBAC and PBAC. It is an essential resource for developers securing REST or GraphQL APIs, migrating legacy auth systems, or debugging complex security middleware to ensure industry-standard security compliance.

주요 기능

0 GitHub stars
Standardized JWT implementation with secure access and refresh token flows
Secure session-based authentication patterns using Redis storage
Social login integration patterns via OAuth2 and Passport.js
Granular Role-Based Access Control (RBAC) and Permission-based models
Production-ready security middleware for protecting API endpoints

사용 사례

Implementing a secure user login system for a Node.js API
Adding Google or GitHub social authentication to an existing application
Designing a scalable multi-tier permission system for enterprise software

소개

주요 기능

0 GitHub stars
Standardized JWT implementation with secure access and refresh token flows
Secure session-based authentication patterns using Redis storage
Social login integration patterns via OAuth2 and Passport.js
Granular Role-Based Access Control (RBAC) and Permission-based models
Production-ready security middleware for protecting API endpoints

사용 사례

Implementing a secure user login system for a Node.js API
Adding Google or GitHub social authentication to an existing application
Designing a scalable multi-tier permission system for enterprise software