Is the provided code suitable for production?

The skill follows industry best practices like password hashing and secure cookie settings, though you should always perform a final security audit before deployment.

Does it handle role-based access control?

Yes, it covers both Role-Based Access Control (RBAC) with role hierarchies and more granular Permission-Based Access Control (PBAC).

Does this skill support both session and token-based auth?

Yes, it provides comprehensive implementation patterns for both stateful Redis-backed sessions and stateless JWT-based authentication flows.

Can I use this for social logins like Google or GitHub?

Absolutely, the skill includes specific patterns for integrating OAuth2 and OpenID Connect social logins using the Passport.js ecosystem.

Authentication & Authorization Patterns

Name: Authentication & Authorization Patterns
Author: Microck

byMicrock

•

API Development

Implements industry-standard security protocols including JWT, OAuth2, and role-based access control for secure application development.

This skill provides Claude with specialized knowledge to architect and implement robust authentication and authorization systems. It covers modern patterns such as stateless JWT authentication, stateful session management with Redis, third-party social login through OAuth2/Passport.js, and sophisticated access control models like RBAC and permission-based logic. It is an essential resource for developers building secure APIs, migrating legacy auth systems, or implementing multi-tenant security architectures with production-ready code patterns.

Key Features

01Stateful session management patterns using Express and Redis

02Secure middleware patterns for API protection and identity verification

0381 GitHub stars

04JWT implementation with refresh token rotation and revocation strategies

05Granular Role-Based Access Control (RBAC) and Permission-based authorization

06OAuth2 and social login integration using Passport.js

Use Cases

01Refactoring a monolithic session-based app to a scalable JWT architecture

02Designing a secure backend for a web or mobile application from scratch

03Implementing complex permission hierarchies for enterprise-grade SaaS platforms

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add microck/ordinary-claude-skills auth-implementation-patterns

For use in Claude.ai and ChatGPT

Download Skill