⚙️ Engineering Awaiting Security Review

OAuth & Authentication

Implement authentication and authorization — OAuth 2.0/OIDC flows, JWT handling, session management, RBAC, and integration with providers like Auth0, Clerk, and NextAuth. Generates secure auth code with proper token handling.

This skill helps you build secure authentication systems. It implements OAuth 2.0 authorization code flow with PKCE, sets up social login providers, creates JWT verification middleware, designs RBAC systems, and handles session management securely. Covers common pitfalls like token storage and CSRF protection.

authentication oauth jwt security authorization

When to use

Use when adding authentication to your app, integrating social login, implementing role-based access control, migrating auth providers, or auditing existing auth for security issues.

Examples

Social login setup

Add Google and GitHub OAuth to a Next.js app

Implement Google and GitHub OAuth login using NextAuth.js with proper session handling and database user creation

RBAC implementation

Build role-based access control

Design and implement a role-based access control system with admin, editor, and viewer roles with middleware-based route protection