freeskillv2.0.0✓ verified

secure-auth

Implement authentication securely — authentication vs authorization, password hashing (argon2id/bcrypt), sessions vs JWT (storage, expiry, refresh, revocation), MFA, OAuth2/OIDC flows, and defenses against credential stuffing, session fixation, and CSRF. Worked examples + a runnable password-policy check.

$npx vanara install secure-auth

Free & open source (Apache-2.0) — view the source on GitHub.

Overview

Authentication is the front door to your system, and it is the single control attackers probe hardest. The goal of this skill is not to teach you to invent a clever scheme — it is to help you assemble well-understood primitives correctly, because almost every real-world breach in this area comes from a broken assembly of good parts, not from cracked cryptography. Heavy detail lives in references/;

What it covers

Details

Tier
Free
Version
2.0.0
Depth
4 references · 2 examples · 1 runnable scripts
Verification
1/1 runnable checks passing
Runs on
Your own Claude Code — no API keys
← All skills