Does it work with specific frameworks?

While the provided examples use TypeScript and Express, the logic and architectural patterns are applicable to most modern web frameworks and API architectures.

Is this suitable for securing production APIs?

Absolutely; the patterns follow security best practices such as token hashing, secure cookies, same-site policies, and proper middleware layering.

What authentication methods does this skill support?

It supports JWT (stateless), Session-based (stateful/Redis), and OAuth2/OpenID Connect for social logins.

Can this help with RBAC and permissions?

Yes, it provides comprehensive patterns for Role-Based Access Control, permission-based systems, and resource ownership validation.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: duanbiao2000

byduanbiao2000

0•

Security & Testing

Implements secure authentication and authorization systems using JWT, OAuth2, and advanced access control patterns.

This skill provides Claude with expert knowledge for architecting and implementing robust security layers in web applications. It covers essential authentication strategies like stateless JWT flows and stateful session management, alongside sophisticated authorization models including Role-Based Access Control (RBAC) and granular permission systems. Whether you are building a new API, integrating social logins with Passport.js, or debugging complex session issues, this skill offers production-grade code patterns and security best practices to ensure scalable and secure access control across your entire stack.

Key Features

01JWT and Refresh Token implementation with stateless scaling

02Resource ownership validation and secure middleware patterns

030 GitHub stars

04Session-based authentication using Redis for stateful security

05Advanced Role-Based (RBAC) and Permission-Based Access Control

06OAuth2 and Social Login integration using Passport.js patterns

Use Cases

01Implementing multi-tenant or hierarchical permission structures

02Securing REST and GraphQL APIs with production-grade middleware

03Migrating from legacy session-based auth to modern JWT or OAuth2 systems

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add duanbiao2000/obsidiandoc26 auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill