By himself65
Scaffold signin and signup authentication endpoints for Next.js, Express, FastAPI, and Go projects using Prisma, Drizzle, PostgreSQL, or SQLAlchemy with JWT or database sessions. Audit and harden existing auth code against security best practices including credential storage, sessions, OAuth, MFA, rate limiting, CSRF, and add conformance tests.
npx claudepluginhub himself65/auth-specScaffold signin and signup authentication endpoints for a project. Use when the user wants to add authentication, create login/register flows, or set up auth from scratch.
Audit and harden authentication code for security best practices. Use when the user wants to check their auth implementation for vulnerabilities, harden session handling, fix credential storage, validate OAuth/OIDC flows, add MFA/passkeys, or apply OWASP-recommended security patterns.
A toolkit that helps you build authentication from scratch, following the Agent Skills open standard.
npx plugins add himself65/auth-spec
npx skills add himself65/auth-spec
npx skills add himself65/auth-spec -a <agent-name>
When you build a web app, users need to sign up, sign in, and sign out. This project provides Claude Code skills that can generate auth code for you as a starting point. It works with any language or framework — TypeScript, Python, Go, Rust, Kotlin, and more.
This project follows a simple rule: write your own auth code. No plug-and-play auth libraries like NextAuth, Passport, or Lucia. You only need three things:
Writing auth yourself helps you understand how it actually works — password hashing, sessions, cookies, and security best practices.
| Skill | Description | Platform |
|---|---|---|
| create-auth | Scaffold sign-up, sign-in, session, and sign-out endpoints with security best practices | All |
| security-best-practice | Audit and harden your auth code against OWASP top 10 and common security pitfalls | All |
MIT
Share bugs, ideas, or general feedback.
Skill for integrating Better Auth - comprehensive TypeScript authentication framework for Cloudflare D1, Next.js, Nuxt, and 15+ frameworks. Use when adding auth, encountering D1 adapter errors, or implementing OAuth/2FA/RBAC features.
Authentication and security specialist for JWT implementation, OAuth2 flows, refresh tokens, session management, password hashing (bcrypt, argon2), 2FA, SSO, and security best practices. Use when implementing authentication, authorization, or security features.
Essential Auth0 skills including quickstarts, migration from other providers, and Multi-Factor Authentication (MFA).
Backend development with security-first approach. Master REST/GraphQL APIs, OWASP security, LLM integration, authentication systems, and secure coding practices.
Editorial "Security Developer" bundle for Claude Code from Antigravity Awesome Skills.