Does it include security best practices for token management?

Absolutely. It provides patterns for short-lived access tokens, long-lived refresh tokens with database revocation, and secure cookie configurations.

What authentication methods are covered in this skill?

The skill covers stateless JWT tokens, stateful session-based authentication with Redis, and delegated authentication via OAuth2 and OpenID Connect.

Can I implement complex user permissions with this skill?

Yes, it includes patterns for Role-Based Access Control (RBAC) with role hierarchies, permission-based access control, and resource ownership checks.

Is this skill specific to a particular framework?

While the code patterns focus on Express.js and Node.js, the architectural concepts and security logic are applicable across any backend stack.

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: Microck

byMicrock

•

安全与测试

Implements secure authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

This skill provides a comprehensive framework for building secure, scalable access control systems within modern applications. It offers expert guidance and ready-to-use implementation patterns for JWT stateless authentication, stateful session management with Redis, and social login integration via OAuth2 and OpenID Connect. Beyond identity verification, the skill masters complex authorization models including Role-Based Access Control (RBAC), permission-based systems, and resource ownership validation. Designed for developers securing REST or GraphQL APIs, it ensures that security best practices are baked into the architecture from the start, helping to prevent common vulnerabilities and simplify the management of user permissions.

主要功能

01Stateless JWT authentication with secure refresh token rotation

022 GitHub stars

03OAuth2 and social login integration via Passport.js

04Stateful session management patterns using Express and Redis

05Granular permission-based access and resource ownership validation

06Hierarchical Role-Based Access Control (RBAC) implementation

使用场景

01Implementing social login and SSO for web and mobile applications

02Migrating from legacy session-based auth to modern stateless JWT systems

03Securing enterprise-grade REST or GraphQL APIs with multi-layered access control

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add microck/opendots-microck auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill