Is the code provided compatible with TypeScript?

Yes, all patterns and examples are written in TypeScript to ensure type safety and better developer experience.

What is the difference between the RBAC and PBAC patterns provided?

RBAC focuses on broad user roles like Admin or User, while PBAC provides more granular control over specific actions like 'read:posts' or 'delete:users'.

Does this skill support both stateful and stateless authentication?

Yes, it provides implementation patterns for both stateless JWT-based authentication and stateful session-based authentication using Redis.

Can I use this for social logins like Google or GitHub?

Absolutely. It includes patterns for OAuth2 and social login integration, specifically using the Passport.js ecosystem.

Authentication Patterns

Name: Authentication Patterns
Author: HermeticOrmus

byHermeticOrmus

0•

安全与测试

Implements secure authentication and authorization systems using patterns like JWT, OAuth2, and RBAC.

The Auth Implementation Patterns skill provides developers with standardized architectures for securing modern web applications and APIs. It covers essential security workflows including stateless JWT authentication with refresh token logic, stateful session management via Redis, and delegated identity through OAuth2 providers. Beyond authentication, it offers robust patterns for authorization, including Role-Based Access Control (RBAC) and Permission-Based Access Control (PBAC), ensuring that identity verification and resource access are handled with industry-standard security and scalability in mind.

主要功能

01Granular Permission-Based Access Control (PBAC) systems

02OAuth2 and Social Login integration using Passport.js

03Stateless JWT implementation with secure refresh token rotation

04Hierarchical Role-Based Access Control (RBAC) middleware

05Stateful session management patterns using Express and Redis

060 GitHub stars

使用场景

01Adding Google or GitHub social login to an existing application

02Building a secure authentication layer for REST or GraphQL APIs

03Implementing multi-tenant authorization and user permission levels

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add hermeticormus/alqvimia-contador auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill