Does it handle token refresh logic?

Yes, it includes complete architectural flows for managing long-lived refresh tokens and short-lived access tokens securely, including database storage patterns.

Is it compatible with Express.js?

While the concepts are universal, the skill provides specific code patterns and middleware optimized for Express and Node.js environments.

What authentication methods are supported?

The skill provides patterns for JWT (JSON Web Tokens), session-based auth using Redis, and OAuth2/OpenID Connect.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: ovachiever

byovachiever

•

Security & Testing

Implements secure authentication and authorization systems including JWT, OAuth2, and role-based access control.

About

This skill empowers developers to architect robust security layers for web applications and APIs by providing battle-tested implementation patterns for modern access control. It covers a wide spectrum of security needs, from stateless JWT token management and traditional session-based authentication to complex social login integrations using OAuth2 and Passport.js. By utilizing industry-standard practices like Role-Based Access Control (RBAC) and granular permission systems, it helps prevent common security vulnerabilities and ensures scalable user management.

Key Features

JWT token generation and automated refresh flow logic
Pre-configured middleware for route protection and identity verification
OAuth2 and social login integration via Passport.js
8 GitHub stars
Stateless and session-based authentication strategies
Role-Based Access Control (RBAC) and permission hierarchies

Use Cases

Implementing multi-provider social login (Google, GitHub) for web apps
Securing REST and GraphQL APIs with stateless JWT tokens
Building enterprise-grade administrative dashboards with complex role permissions

About

Key Features

JWT token generation and automated refresh flow logic
Pre-configured middleware for route protection and identity verification
OAuth2 and social login integration via Passport.js
8 GitHub stars
Stateless and session-based authentication strategies
Role-Based Access Control (RBAC) and permission hierarchies

Use Cases

Implementing multi-provider social login (Google, GitHub) for web apps
Securing REST and GraphQL APIs with stateless JWT tokens
Building enterprise-grade administrative dashboards with complex role permissions