Are the patterns compatible with TypeScript?

Yes, all provided patterns and examples are written in TypeScript, ensuring type safety and modern development standards.

How does it handle complex permissions?

The skill covers both Role-Based Access Control (RBAC) and Permission-Based Access Control (PBAC) to manage granular user rights.

Can this skill help with social login?

Yes, it includes implementation patterns for OAuth2 and social login integration for providers like Google and GitHub using Passport.js.

Does it support stateless authentication?

Absolutely. It provides detailed patterns for JWT-based stateless authentication, including secure refresh token handling and storage.

Authentication & Authorization Patterns

Name: Authentication & Authorization Patterns
Author: Microck

byMicrock

•

Security & Testing

Implements secure, scalable access control systems including JWT, OAuth2, and RBAC following industry-standard patterns.

This skill equips Claude with specialized knowledge for architecting and implementing robust security layers in modern applications. It covers essential authentication strategies like stateless JWT flows with refresh tokens, stateful session management via Redis, and third-party social logins via OAuth2/Passport.js. Additionally, it offers comprehensive patterns for authorization, including Role-Based Access Control (RBAC) and granular Permission-Based Access Control, ensuring your APIs and services remain secure, scalable, and manageable while adhering to best security practices.

Key Features

01Stateful session management using Redis and express-session

02Secure middleware development for API endpoint protection

03JWT and refresh token implementation with rotation patterns

04Role-Based and Permission-Based Access Control (RBAC/PBAC)

05OAuth2 and social login integration via Passport.js

0689 GitHub stars

Use Cases

01Migrating legacy session-based systems to modern stateless JWT tokens

02Designing complex permission structures for multi-tenant SaaS platforms

03Securing REST and GraphQL APIs against unauthorized access

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add microck/ordinary-claude-skills auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill