Are the security patterns language-specific?

While the code examples primarily use TypeScript and Express, the underlying architectural patterns and security principles are applicable to any modern backend framework.

Does this skill support social login implementation?

Yes, it includes patterns for implementing OAuth2 and social logins like Google and GitHub using industry-standard libraries like Passport.js.

How does it handle complex user permissions?

It includes robust logic for Role-Based Access Control (RBAC) with hierarchies and granular Permission-Based Access Control to manage what specific users can do.

Can I use this for both stateful and stateless applications?

Absolutely. The skill provides detailed patterns for both JWT (stateless/token-based) and Redis-backed session management (stateful/cookie-based) architectures.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: Microck

byMicrock

•

Security & Testing

Implements secure authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

About

This skill equips Claude with specialized knowledge to design, implement, and debug robust security architectures. It covers essential patterns including stateless JWT authentication with refresh token flows, secure session management with Redis, and third-party social login via OAuth2/OpenID Connect. It also provides granular access control logic through Role-Based Access Control (RBAC) and permission-based strategies. Whether you are building a new API from scratch, migrating legacy systems, or securing sensitive endpoints, this skill provides production-ready code patterns and security best practices to ensure your applications remain protected and scalable.

Key Features

Setup of secure, Redis-backed session management for stateful applications
89 GitHub stars
Security debugging and vulnerability remediation for authentication workflows
Hierarchical Role-Based (RBAC) and granular Permission-Based Access Control
Implementation of stateless JWT authentication with secure refresh token flows
Integration of OAuth2 and social logins using Passport.js and OpenID Connect

Use Cases

Adding Google, GitHub, or enterprise SSO social login to a web application
Securing REST or GraphQL APIs with stateless token-based authentication
Implementing hierarchical user permissions and admin dashboard restrictions

About

Key Features

Setup of secure, Redis-backed session management for stateful applications
89 GitHub stars
Security debugging and vulnerability remediation for authentication workflows
Hierarchical Role-Based (RBAC) and granular Permission-Based Access Control
Implementation of stateless JWT authentication with secure refresh token flows
Integration of OAuth2 and social logins using Passport.js and OpenID Connect

Use Cases

Adding Google, GitHub, or enterprise SSO social login to a web application
Securing REST or GraphQL APIs with stateless token-based authentication
Implementing hierarchical user permissions and admin dashboard restrictions