AgentSkillsCN

auth-implementation-patterns

掌握包括 JWT、OAuth2、会话管理与 RBAC 在内的身份验证与授权模式,构建安全、可扩展的访问控制系统。适用于实施认证系统、保障 A...

SKILL.md
--- frontmatter
name: auth-implementation-patterns
description: "Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing A..."
risk: unknown
source: rootcastle-rei

Authentication & Authorization Implementation Patterns

Build secure, scalable authentication and authorization systems using industry-standard patterns and modern best practices.

Use this skill when

  • Implementing user authentication systems
  • Securing REST or GraphQL APIs
  • Adding OAuth2/social login or SSO
  • Designing session management or RBAC
  • Debugging authentication or authorization issues

Do not use this skill when

  • You only need UI copy or login page styling
  • The task is infrastructure-only without identity concerns
  • You cannot change auth policies or credential storage

Instructions

  • Define users, tenants, flows, and threat model constraints.
  • Choose auth strategy (session, JWT, OIDC) and token lifecycle.
  • Design authorization model and policy enforcement points.
  • Plan secrets storage, rotation, logging, and audit requirements.
  • If detailed examples are required, open resources/implementation-playbook.md.

Safety

  • Never log secrets, tokens, or credentials.
  • Enforce least privilege and secure storage for keys.

Resources

  • resources/implementation-playbook.md for detailed patterns and examples.

🏰 Rei Skills — Curated by Rootcastle Engineering & Innovation | Batuhan Ayrıbaş
Engineering Beyond Boundaries | admin@rootcastle.com