From aj-geddes-useful-ai-prompts-4
Implements secure API authentication with JWT, OAuth 2.0, API keys, and session management. Use for securing APIs, managing tokens, or implementing user authentication flows.
How this skill is triggered — by the user, by Claude, or both
Slash command
/aj-geddes-useful-ai-prompts-4:api-authenticationThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- [Overview](#overview)
Implement comprehensive authentication strategies for APIs including JWT tokens, OAuth 2.0, API keys, and session management with proper security practices.
Minimal working example:
// Node.js JWT Implementation
const express = require('express');
const jwt = require('jsonwebtoken');
const bcrypt = require('bcrypt');
const app = express();
const SECRET_KEY = process.env.JWT_SECRET || 'your-secret-key';
const REFRESH_SECRET = process.env.REFRESH_SECRET || 'your-refresh-secret';
// User login endpoint
app.post('/api/auth/login', async (req, res) => {
try {
const { email, password } = req.body;
// Find user in database
const user = await User.findOne({ email });
if (!user) {
return res.status(401).json({ error: 'Invalid credentials' });
}
// Verify password
const isValid = await bcrypt.compare(password, user.password);
if (!isValid) {
return res.status(401).json({ error: 'Invalid credentials' });
}
// ... (see reference guides for full implementation)
Detailed implementations in the references/ directory:
| Guide | Contents |
|---|---|
| JWT Authentication | JWT Authentication |
| OAuth 2.0 Implementation | OAuth 2.0 Implementation |
| API Key Authentication | API Key Authentication |
| Python Authentication Implementation | Python Authentication Implementation |
npx claudepluginhub aj-geddes/useful-ai-promptsBuilds secure API authentication with JWT tokens, OAuth2 flows, API keys, and sessions. Implements validation, refresh rotation, RBAC, and brute-force protection for API endpoints.
Implements secure API authentication with JWT middleware in Node.js, OAuth 2.0, API keys; includes Flask refs, security headers, and pitfalls. For auth systems and token issues.
Guides implementation of OAuth 2.0/OIDC, JWT tokens, session management, password handling, and auth providers like Auth0, Clerk, NextAuth, Passport.js.