Can I use these patterns for stateless microservices?

Absolutely. The skill provides robust patterns for JWT (JSON Web Tokens) which are specifically designed for stateless, horizontally scalable architectures.

Does this skill support social logins like Google or GitHub?

Yes, it includes implementation patterns for OAuth2 and OpenID Connect integration, specifically showcasing Passport.js strategies for social authentication.

How does it handle user roles and permissions?

It provides code structures for both Role-Based Access Control (RBAC) with hierarchies and fine-grained Permission-Based Access Control (PBAC) middleware.

Is session-based authentication covered?

Yes, the skill includes detailed patterns for stateful session management using Express-session and Redis storage for production environments.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: Activer007

byActiver007

0•

安全与测试

Implements industry-standard authentication and authorization patterns including JWT, OAuth2, and Role-Based Access Control to secure modern applications.

This skill provides specialized guidance and production-grade code patterns for building secure, scalable access control systems within the Claude Code environment. It covers a comprehensive range of security architectures, from stateless JWT implementations with refresh token rotation to stateful session management using Redis. Developers can leverage this skill to integrate social logins via OAuth2, establish granular authorization through Role-Based Access Control (RBAC), and implement permission-based logic, ensuring all backend services and APIs adhere to modern security best practices and mitigate common vulnerabilities.

主要功能

01Comprehensive JWT implementation with short-lived access tokens and secure refresh flows

02OAuth2 and social login integration strategies using Passport.js and OpenID Connect

03Permission-based access control (PBAC) for fine-grained resource security and multi-tenancy

04Stateful session management patterns using Express and Redis for high-performance apps

05Granular authorization logic via Role-Based Access Control (RBAC) hierarchies

060 GitHub stars

使用场景

01Securing REST or GraphQL APIs with stateless token-based authentication and claim validation

02Designing complex organizational permissions for enterprise SaaS platforms

03Implementing secure logout and session revocation across all user devices simultaneously

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add activer007/ordinary-claude-skills auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill