Does it follow security best practices?

Yes, the skill emphasizes best practices like password hashing with bcrypt, token rotation, and strict F5 quality gates to ensure 90%+ test coverage and documented controls.

What authorization models are supported?

The skill provides patterns for Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and Relationship-Based Access Control (ReBAC).

Can I use this for both SPAs and traditional web apps?

Absolutely. It covers JWT patterns for modern SPAs/mobile apps as well as session-based cookie authentication for traditional web applications.

Can it help with OAuth2 integration?

Yes, it provides boilerplate and strategy configurations for common OAuth2 and OpenID Connect (OIDC) providers using industry-standard libraries like Passport.

Does this skill support multi-factor authentication?

Yes, it includes patterns and implementation guidance for integrating MFA (2FA) into high-security applications to prevent unauthorized access.

Security Authentication & Authorization

Name: Security Authentication & Authorization
Author: Fujigo-Software

byFujigo-Software

•

安全与测试

Implements secure access control patterns including JWT, OAuth2, and multi-factor authentication for modern applications.

The security-auth skill provides a robust set of implementation patterns for managing application security, focusing on user authentication and fine-grained authorization. It enables Claude to assist developers in building secure token-based systems (JWT), integrating third-party identity providers via OAuth2/OIDC, and establishing access control models like RBAC or ABAC. By providing standardized code for password hashing, session management, and role guards, this skill ensures that security best practices are integrated into the development lifecycle while adhering to F5 quality gates and avoiding common anti-patterns like long-lived tokens or missing rate limits.

主要功能

01Multi-factor authentication (MFA) implementation patterns for high-security environments

02OAuth2/OIDC integration for social login and SSO providers

03Fine-grained authorization models including RBAC, ABAC, and ReBAC

04Secure password hashing and verification using bcrypt with optimal cost factors

05JWT and Refresh Token lifecycle management with rotation

0617 GitHub stars

使用场景

01Integrating third-party authentication providers like Google or GitHub via OAuth2

02Implementing Role-Based Access Control (RBAC) guards in a NestJS or Node.js backend

03Setting up a secure login system with JWT for SPAs or mobile applications

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add fujigo-software/f5-framework-claude security-auth

For use in Claude.ai and ChatGPT

Download Skill