Are the session management patterns secure for production?

Yes, the patterns follow industry security best practices such as using Redis for state, secure cookie configurations (HttpOnly, SameSite), and CSRF protection.

How does it handle complex authorization requirements?

It covers multiple authorization models, including hierarchical Role-Based Access Control (RBAC), fine-grained permission-based access, and resource ownership validation.

Does this skill support stateless authentication?

Yes, it provides detailed patterns for stateless JWT authentication, including secure token generation, verification, and refresh token flows.

Can I use this for social login implementation?

Absolutely. The skill includes implementation patterns for OAuth2 and social login providers like Google and GitHub using Passport.js.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: sla-te

bysla-te

0•

Security & Testing

Implements secure, scalable authentication and authorization systems using modern patterns like JWT, OAuth2, and Role-Based Access Control (RBAC).

This skill provides a comprehensive toolkit for developers building robust access control systems. It offers production-ready implementation patterns for JWT authentication, refresh token rotations, session management with Redis, and complex authorization logic including Role-Based Access Control (RBAC) and resource ownership validation. Whether you are securing a REST API, migrating an existing auth system, or integrating social logins via Passport.js, this skill provides the architectural guidance and code patterns necessary to follow industry-standard security best practices and prevent common vulnerabilities.

Key Features

01Stateful session-based authentication with Redis and Express

02Stateless JWT implementation and secure refresh token rotation patterns

030 GitHub stars

04Middleware patterns for resource ownership and security enforcement

05Granular Role-Based (RBAC) and Permission-Based Access Control models

06OAuth2 and Social Login integration using Passport.js strategies

Use Cases

01Securing REST or GraphQL APIs with stateless token-based authentication

02Implementing multi-tenant RBAC systems for enterprise SaaS applications

03Adding social login providers like Google or GitHub to modern web services

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add sla-te/copilot-converter auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill