auth-implementation-patterns
Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing A...
Install with Tessl CLI
npx tessl i github:sickn33/antigravity-awesome-skills --skill auth-implementation-patterns71
Does it follow best practices?
If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:
npx tessl skill review --optimize ./path/to/skillAgent success when using this skill
Validation for skill structure
Evaluation results
100%
Stateless Auth API with Session Revocation
JWT token lifecycle management
jsonwebtoken import
100%
100%
Access token 15m expiry
100%
100%
Refresh token 7d expiry
100%
100%
Separate refresh secret
100%
100%
Refresh token hashed in DB
100%
100%
Refresh token DB lookup
100%
100%
Revoke single token
100%
100%
Revoke all tokens
100%
100%
Bearer header extraction
100%
100%
TokenExpiredError handling
100%
100%
JsonWebTokenError handling
100%
100%
No secrets in logs
100%
100%
Without context: $0.3548 · 1m 33s · 13 turns · 62 in / 6,056 out tokens
With context: $0.5203 · 2m 4s · 16 turns · 17 in / 7,220 out tokens
100%
18%Secure User Registration and Login Service
Password security and rate limiting
bcrypt library
0%
100%
12 salt rounds
0%
100%
Zod validation
100%
100%
Min 12 chars
100%
100%
Uppercase requirement
100%
100%
Lowercase requirement
100%
100%
Number requirement
100%
100%
Special char requirement
100%
100%
express-rate-limit
100%
100%
RedisStore for rate limit
100%
100%
Login: 5 attempts / 15 min
100%
100%
API: 100 req / 1 min
100%
100%
No plain passwords
100%
100%
Without context: $0.3620 · 1m 42s · 15 turns · 15 in / 5,896 out tokens
With context: $0.9283 · 3m 1s · 39 turns · 85 in / 9,315 out tokens
100%
12%Content Platform: Session Auth with Role-Based Access Control
Session management and RBAC
connect-redis import
100%
100%
Redis session store
100%
100%
resave and saveUninitialized false
100%
100%
Cookie httpOnly
100%
100%
Cookie secure production
100%
100%
Cookie sameSite strict
100%
100%
Cookie maxAge 24h
0%
100%
RBAC role hierarchy
100%
100%
Admin bypasses ownership
100%
100%
Security event logging
50%
100%
Logout clears cookie
100%
100%
Server-side auth check
100%
100%
Without context: $0.2483 · 1m 2s · 11 turns · 60 in / 3,687 out tokens
With context: $0.4641 · 1m 43s · 20 turns · 302 in / 5,625 out tokens
- Evaluated
- Agent
- Claude Code
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.