How does it handle token expiration in the frontend?

The skill sets up Axios interceptors that detect 401 Unauthorized errors and attempt to perform an automatic token refresh before retrying the original request.

What security best practices are included?

It includes a security checklist covering token validation, secure storage (httpOnly cookies), CORS configuration, and HTTPS requirements.

Does this skill support role-based access control (RBAC)?

Yes, it includes pre-configured authorization policies for various roles like Owner, Admin, Manager, and Staff, which can be applied directly to .NET controllers.

Is multi-tenancy supported?

Yes, the skill focuses on business isolation by extracting a 'business_id' claim from the JWT to ensure users only access data relevant to their organization.

Can I use this with .NET 8 and modern React versions?

Absolutely. The skill uses modern C# Program.cs patterns and React functional component hooks (like jwt-decode) that are compatible with the latest frameworks.

Full-Stack JWT Authentication

Name: Full-Stack JWT Authentication
Author: usmanali4073

byusmanali4073

•

보안 및 테스팅

Implements secure JWT authentication and authorization flows across .NET APIs and React microfrontends.

This skill provides a standardized approach to implementing identity management and security across StyleMate microservices. It automates the configuration of JWT validation in .NET Program.cs, defines granular authorization policies, and sets up robust React integration including Axios interceptors for token handling and automatic refresh. By utilizing domain-specific patterns for claims-based authorization and business-level isolation, this skill ensures that both your backend services and frontend applications maintain a consistent and high-security posture.

주요 기능

011 GitHub stars

02Pre-configured role-based authorization policies (Owner, Admin, Manager, Staff)

03Automated .NET API JWT validation and middleware configuration

04Secure React route guards and JWT context hooks

05React Axios interceptors for automatic token injection and 401 refresh logic

06Claims extraction logic for enforcing business-level data isolation

사용 사례

01Enforcing multi-tenant isolation using business_id claims across the full stack

02Implementing automatic token refresh and unauthorized request handling in React apps

03Securing a new .NET microservice with standardized JWT validation and identity middleware

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add usmanali4073/stylemate-plugins jwt-integration

For use in Claude.ai and ChatGPT

Download Skill