Implements secure authentication and authorization systems using JWT, OAuth2, session management, and RBAC.
This skill equips Claude with the expertise to design and implement robust security architectures for modern applications. It provides detailed implementation patterns for stateless token-based authentication (JWT), stateful session management with Redis, and external identity providers via OAuth2. Beyond simple identity verification, the skill covers granular access control through Role-Based Access Control (RBAC) and permission-based logic, ensuring that your APIs and data remain secure, scalable, and compliant with industry-standard security practices.
Key Features
01JWT implementation with secure refresh token rotation flows
02Social login and OAuth2 integration via Passport.js
03Granular Role-Based Access Control (RBAC) and permission hierarchies
04Secure middleware templates for protecting REST and GraphQL endpoints
050 GitHub stars
06Session-based authentication patterns using Express and Redis
Use Cases
01Securing production REST or GraphQL APIs with stateless JWT tokens
02Adding social login providers like Google or GitHub to modern web applications
03Implementing enterprise-grade multi-level authorization and user roles
