Open Skills Logo
Open Skills

auth-implementation-patterns

掌握JWT、OAuth2、会话管理和RBAC等认证与授权模式,构建安全、可扩展的访问控制系统。适用于实现身份验证系统、保护API接口或调试安全问题时使用。

查看详情
name:auth-implementation-patternsdescription:Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing APIs, or debugging security issues.

Authentication & Authorization Implementation Patterns

Build secure, scalable authentication and authorization systems using industry-standard patterns and modern best practices.

Use this skill when

  • Implementing user authentication systems

  • Securing REST or GraphQL APIs

  • Adding OAuth2/social login or SSO

  • Designing session management or RBAC

  • Debugging authentication or authorization issues

    • Do not use this skill when

  • You only need UI copy or login page styling

  • The task is infrastructure-only without identity concerns

  • You cannot change auth policies or credential storage

    • Instructions

  • Define users, tenants, flows, and threat model constraints.

  • Choose auth strategy (session, JWT, OIDC) and token lifecycle.

  • Design authorization model and policy enforcement points.

  • Plan secrets storage, rotation, logging, and audit requirements.

  • If detailed examples are required, open resources/implementation-playbook.md.

    • Safety

  • Never log secrets, tokens, or credentials.

  • Enforce least privilege and secure storage for keys.

    • Resources

  • resources/implementation-playbook.md for detailed patterns and examples.