How does the session state machine improve security?

The state machine ensures type-safe transitions between 'Connected' and 'Disconnected' states, preventing the application from attempting unauthorized actions when a session is invalid or expired.

What is a realm-based authorization pattern?

It is a 3-tier hierarchy (ADMIN, EDIT, READ) scoped to specific resources rather than global roles, preventing role explosion in complex systems while allowing fine-grained control.

Does this skill handle token refresh logic?

Yes, it includes patterns for auth interceptors that automatically detect 401 errors, queue pending requests, and perform silent token refreshes before retrying.

Can I use this with React, Angular, or Vue?

Absolutely. While the core patterns are framework-agnostic TypeScript, the skill provides specific implementation notes for all major frontend frameworks including route guards and interceptors.

Enterprise Auth Patterns

Name: Enterprise Auth Patterns
Author: teslasoft-de

byteslasoft-de

0•

安全与测试

Scaffolds production-ready authentication and authorization systems using JWT, realm-based permissions, and session state machines.

The auth-pattern skill provides a comprehensive toolkit for implementing robust security architectures in modern web applications. It moves beyond simple login flows to provide enterprise-grade patterns such as hierarchical realm-based access control (RBAC), type-safe session state machines, and automated HTTP interceptors with integrated token refresh logic. By leveraging these production-tested patterns, developers can ensure their applications handle identity management, permission inheritance, and session lifecycle events with consistent, secure, and maintainable code.

主要功能

01Hierarchical realm-based authorization (ADMIN, EDIT, READ)

02Automated JWT token injection and 401 refresh interceptors

03Secure client-side JWT parsing and validation logic

04Type-safe session state management using state machines

05Declarative route guards for framework-agnostic page protection

060 GitHub stars

使用场景

01Implementing automated token refresh handling for REST API clients

02Creating secure dashboards with role inheritance and route protection

03Building multi-tenant SaaS platforms with granular resource-level permissions

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add teslasoft-de/claude-skills-marketplace auth-pattern

For use in Claude.ai and ChatGPT

Download Skill