Is it suitable for debugging existing security issues?

Absolutely. The skill includes logic for token verification, error handling for expired credentials, and best practices for revoking refresh tokens.

Can I use this for role-based permissions?

Yes, it provides implementation patterns for both Role-Based Access Control (RBAC) with hierarchies and more granular Permission-Based Access Control.

Does it include social login examples?

Yes, it features patterns for integrating social logins using Passport.js for providers such as Google and GitHub.

What authentication strategies does this skill cover?

The skill includes patterns for stateless JWT (JSON Web Tokens), stateful session-based authentication, and delegated authentication via OAuth2 and OpenID Connect.

Authentication & Access Control Patterns

Name: Authentication & Access Control Patterns
Author: 3commas-io

by3commas-io

0•

安全与测试

Implements secure authentication and authorization systems including JWT, OAuth2, and role-based access control (RBAC).

This skill provides specialized knowledge to design, implement, and debug robust security architectures within your applications. It covers a comprehensive range of modern security strategies, from stateless JWT flows and refresh token management to stateful session handling with Redis. By utilizing these patterns, developers can ensure their REST or GraphQL APIs are protected using industry-standard protocols while implementing sophisticated permission models like RBAC and fine-grained access control to manage user rights effectively.

主要功能

01Security-focused middleware for API route protection

02JWT implementation with secure refresh token rotations

030 GitHub stars

04OAuth2 and Social Login integration using Passport.js

05Stateful session management using Redis and cookie security

06Role-Based Access Control (RBAC) and hierarchical permissions

使用场景

01Building secure REST or GraphQL APIs from scratch

02Implementing complex multi-tenant authorization systems

03Adding social login providers like Google or GitHub to existing apps

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add 3commas-io/commas-claude auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill