Does this skill support stateless authentication?

Yes, it provides detailed patterns for implementing stateless JWT (JSON Web Token) authentication, including secure refresh token rotations and storage.

How does it handle session security?

It includes best practices for session-based auth using Redis storage, secure cookie configurations, and same-site attribute strategies for CSRF protection.

Can I use this for social logins?

Absolutely. The skill includes implementation guides for OAuth2 and OpenID Connect using popular libraries like Passport.js for Google and GitHub integration.

Is it suitable for role-based access control?

Yes, it features comprehensive patterns for Role-Based Access Control (RBAC) and granular permission-based systems to manage different user access levels.

Secure Authentication Patterns

Name: Secure Authentication Patterns
Author: carloscroc

bycarloscroc

0•

安全与测试

Implements industry-standard authentication and authorization patterns including JWT, OAuth2, and RBAC to secure web applications and APIs.

This skill empowers developers to build production-grade security layers by providing standardized implementation patterns for modern authentication and authorization. It covers everything from stateless JWT management and refresh token flows to stateful session-based systems and third-party OAuth2 integrations. By utilizing established best practices for Role-Based Access Control (RBAC) and permission management, it helps eliminate common security vulnerabilities while ensuring scalable and maintainable access control for REST and GraphQL APIs.

主要功能

01JWT and Refresh Token lifecycle management

02OAuth2 and Social Login integration patterns

03Permission-based middleware for granular security

04Stateful session management with Redis storage

05Role-Based Access Control (RBAC) frameworks

060 GitHub stars

使用场景

01Adding Google or GitHub social login via Passport.js

02Securing a Node.js REST API with stateless JWT authentication

03Implementing hierarchical user permissions for admin dashboards

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add carloscroc/fitness auth-implementation-patterns

For use in Claude.ai and ChatGPT

主要功能

01JWT and Refresh Token lifecycle management

02OAuth2 and Social Login integration patterns

03Permission-based middleware for granular security

04Stateful session management with Redis storage

05Role-Based Access Control (RBAC) frameworks

060 GitHub stars

使用场景

01Adding Google or GitHub social login via Passport.js

02Securing a Node.js REST API with stateless JWT authentication

03Implementing hierarchical user permissions for admin dashboards

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add carloscroc/fitness auth-implementation-patterns

For use in Claude.ai and ChatGPT