Are the security patterns language-specific?

While the code examples primarily use TypeScript and Express, the underlying architectural patterns and security principles are applicable to any modern backend framework.

Does this skill support social login implementation?

Yes, it includes patterns for implementing OAuth2 and social logins like Google and GitHub using industry-standard libraries like Passport.js.

How does it handle complex user permissions?

It includes robust logic for Role-Based Access Control (RBAC) with hierarchies and granular Permission-Based Access Control to manage what specific users can do.

Can I use this for both stateful and stateless applications?

Absolutely. The skill provides detailed patterns for both JWT (stateless/token-based) and Redis-backed session management (stateful/cookie-based) architectures.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: Microck

byMicrock

•

安全与测试

Implements secure authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

This skill equips Claude with specialized knowledge to design, implement, and debug robust security architectures. It covers essential patterns including stateless JWT authentication with refresh token flows, secure session management with Redis, and third-party social login via OAuth2/OpenID Connect. It also provides granular access control logic through Role-Based Access Control (RBAC) and permission-based strategies. Whether you are building a new API from scratch, migrating legacy systems, or securing sensitive endpoints, this skill provides production-ready code patterns and security best practices to ensure your applications remain protected and scalable.

主要功能

01Setup of secure, Redis-backed session management for stateful applications

0289 GitHub stars

03Security debugging and vulnerability remediation for authentication workflows

04Hierarchical Role-Based (RBAC) and granular Permission-Based Access Control

05Implementation of stateless JWT authentication with secure refresh token flows

06Integration of OAuth2 and social logins using Passport.js and OpenID Connect

使用场景

01Adding Google, GitHub, or enterprise SSO social login to a web application

02Securing REST or GraphQL APIs with stateless token-based authentication

03Implementing hierarchical user permissions and admin dashboard restrictions

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add microck/ordinary-claude-skills auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill