Does this skill support TypeScript?

Yes, all implementation patterns are provided with full TypeScript support, including interface definitions for payloads and session objects.

Can it help with session management?

Yes, it includes patterns for stateful session management using Redis to ensure horizontal scalability.

Can I use this for social logins like Google or GitHub?

Absolutely. The skill includes specific patterns for integrating OAuth2 and social providers using Passport.js.

How does it handle authorization?

It provides logic for both Role-Based Access Control (RBAC) with hierarchical roles and more granular Permission-Based Access Control systems.

Are these patterns secure for production?

The patterns follow industry standards such as short-lived access tokens, hashed refresh tokens, and secure HTTP-only cookie configurations.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: Microck

byMicrock

•

Security & Testing

Implements secure authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

This skill equips Claude with the expertise to design and implement robust security architectures for modern web applications and APIs. It provides detailed implementation patterns for token-based authentication (JWT) with refresh token flows, stateful session management using Redis, and social logins via OAuth2/Passport.js. Beyond simple login logic, it guides the creation of sophisticated authorization models, including Role-Based Access Control (RBAC) and permission-based systems, ensuring that your application's security is both scalable and compliant with modern best practices.

Key Features

01Scalable Role-Based Access Control (RBAC) and permission-based authorization middleware.

02Social login integration patterns for Google and GitHub using Passport.js.

03Secure session-based authentication patterns using Express and Redis storage.

0481 GitHub stars

05Comprehensive JWT implementation with access and refresh token rotation logic.

06Best practices for secure cookie management, password hashing, and token revocation.

Use Cases

01Migrating legacy session-based systems to modern OAuth2/OIDC flows.

02Implementing enterprise-grade multi-tenant authorization and user roles.

03Securing REST or GraphQL APIs with stateless JWT authentication.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add microck/ordinary-claude-skills auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill