How does it handle authorization?

It covers both Role-Based Access Control (RBAC) and granular Permission-Based Access Control via custom middleware and role hierarchies.

Does this skill support session-based auth?

Yes, it includes patterns for Express sessions using Redis for secure, stateful user management and CSRF protection.

Is JWT token refreshing included?

Yes, it provides a complete flow for short-lived access tokens and secure, database-backed refresh tokens for continuous sessions.

Can I use this for social logins?

Absolutely, it provides templates for OAuth2 integration using Passport.js for popular providers like Google and GitHub.

Secure Auth & Access Control Patterns

Name: Secure Auth & Access Control Patterns
Author: Microck

byMicrock

•

安全与测试

Implements robust authentication and authorization systems using JWT, OAuth2, sessions, and Role-Based Access Control (RBAC) for modern applications.

The Auth Implementation Patterns skill provides a comprehensive library of security-focused coding patterns for developers building scalable access control systems. It covers critical implementation strategies including stateless JWT tokens with refresh token cycles, traditional session-based management with Redis, and delegated authentication via OAuth2 and Passport.js. Beyond simple login flows, the skill provides architectural guidance for sophisticated authorization models like Role-Based Access Control (RBAC) and granular permission-based systems, making it an essential tool for securing REST/GraphQL APIs and managing user identities in production environments.

主要功能

01JWT and Refresh Token implementation with stateless verification

02Hierarchical Role-Based Access Control (RBAC) middleware

03Session-based authentication patterns using Redis and Express

04Granular Permission-Based Access Control (PBAC) logic

05OAuth2 and social login integration via Passport.js

0689 GitHub stars

使用场景

01Implementing complex multi-level user permissions for enterprise software

02Adding social login providers like Google or GitHub to web applications

03Securing REST or GraphQL APIs with industry-standard token strategies

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add microck/ordinary-claude-skills auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill