Does this skill support stateless authentication?

Yes, it includes detailed patterns for JWT implementation, including short-lived access tokens and secure, database-backed refresh token flows.

Can I implement social login with this skill?

Absolutely, the skill provides implementation patterns for OAuth2 and OpenID Connect using popular frameworks like Passport.js.

Is RBAC covered in this skill?

Yes, it includes implementation patterns for both Role-Based Access Control (RBAC) and more granular Permission-Based Access Control (PBAC).

How does it handle session security?

It provides best practices for stateful session management, including secure cookie configuration, HttpOnly flags, and Redis-backed session stores.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: HermeticOrmus

byHermeticOrmus

0•

Security & Testing

Implement secure authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

This skill provides comprehensive guidance for designing and implementing robust access control systems in modern applications. It covers essential authentication strategies including stateless JWTs with refresh token flows, stateful session-based management using Redis, and third-party social login via OAuth2. Beyond identity verification, it offers structured patterns for authorization through Role-Based Access Control (RBAC) and granular permission systems, ensuring developers can build secure, scalable, and production-ready security architectures while avoiding common security pitfalls.

Key Features

01JWT implementation with secure refresh token flows

02Session-based authentication using Redis storage

03OAuth2 and social login integration patterns

04Role-Based Access Control (RBAC) hierarchies

05Granular permission-based authorization systems

060 GitHub stars

Use Cases

01Implementing social login (Google/GitHub) for web applications

02Securing REST or GraphQL APIs against unauthorized access

03Designing multi-tenant authorization logic for SaaS platforms

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add hermeticormus/hermetic-line auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill