Next.js 15 security patterns for veterinary platforms including Server Action hardening, CSRF protection, rate limiting, RLS policy generation, and auth middleware. Use when building or auditing security features.
Expert in Better Auth setup for Next.js 16 with JWT token flow. Covers frontend authentication (hooks, signIn/signOut), backend JWT verification in FastAPI, token structure, and secure configuration. Use for all authentication implementations.
Implement comprehensive validation using Zod schemas for type-safe validation on both client and server, with server-side validation as the security boundary (never trust client input). Use this skill when validating user inputs, creating API endpoints that accept data, implementing forms, defining data schemas, validating file uploads, creating validation middleware, implementing Firestore security rules or Supabase RLS, or writing validation rules for any user-provided data. Apply when working on API route handlers, form components with React Hook Form, validation middleware, Zod schema definitions (schemas/*.ts, validation/*.ts), Firestore security rules (firestore.rules), Supabase RLS policies, or any code that accepts external input. This skill ensures server-side validation always (client-side is for UX only), Zod for schema validation with TypeScript type inference (z.infer<typeof schema>), validation middleware factory for Express/Bun APIs, React Hook Form + zodResolver for forms, user-friendly error
Provides a complete solution for JWT-based authentication in FastAPI applications. Use this skill when a user wants to add secure token-based authentication to their FastAPI project. This skill handles JWT creation, decoding, signature and expiration verification, password hashing, and custom claims. It includes patterns for login endpoints, protected routes using dependencies, role-based access control decorators, token refresh mechanisms, and middleware-based validation.
Comprehensive JWT authentication expert for senior developers (10+ years experience). Intelligently detects project language/framework and implements production-ready JWT auth systems with refresh tokens, secure HTTP-only cookies, token rotation, blacklisting, RBAC, MFA, and complete security. Covers Express, FastAPI, Next.js, React, Django, Flask, NestJS, and more. Automatically audits JWT implementations, generates complete auth systems (registration, login, logout, refresh, password reset), implements middleware, prevents XSS/CSRF attacks, uses bcrypt/argon2 hashing, and follows OWASP best practices. Use for implementing JWT authentication, token refresh flows, secure cookie storage, protected routes, role-based access control, security audits, and complete auth system generation.
Implement authentication, authorization, input validation, and security best practices. Use when securing API endpoints and data.
Comprehensive API endpoint validation including schema validation, authentication testing, and error handling
Expert skill for connecting frontend and backend with Better Auth, implementing user-isolated secure authentication using JWT tokens on every API call with rate limiting in Next.js 16 frontend and FastAPI backend.
Route protection and authorization patterns for Clerk middleware. Use when implementing route guards, protecting API routes, configuring middleware matchers, setting up role-based access control, creating auth boundaries, or when user mentions middleware, route protection, auth guards, protected routes, public routes, matcher patterns, or authorization middleware.
Implement and optimize rate limiting for APIs and routes. Use when protecting endpoints, preventing abuse, or managing resource usage across different user tiers.
Better Auth JWT verification for Python/FastAPI backends. Use when integrating Python APIs with a Better Auth TypeScript server via JWT tokens. Covers JWKS verification, FastAPI dependencies, SQLModel/SQLAlchemy integration, and protected routes.
Expert in JSON Web Token (JWT) implementation, security best practices, and token-based authentication. Masters token generation, validation, refresh mechanisms, and securing RESTful APIs with OAuth 2.0.
This skill provides guidance for implementing secure authentication using Better Auth for Next.js frontend and JWT verification for FastAPI backend.
JWT authentication, OAuth 2.0, session management, password hashing, refresh tokens, multi-factor authentication, API keys. Use when implementing user authentication, token management, authorization, password reset flows, or securing APIs.
ASP.NET Core utilities for JWT authentication and SPA hosting with domain-based routing. Use when building web apps needing JWT tokens, multi-SPA hosting, or development-mode controller filtering.
Comprehensive standards for implementing secure authentication using Google OAuth 2.0 and NextAuth.js.
Expert skill for implementing Better Auth with JWT tokens and JWKS (JSON Web Key Set) for secure authentication between Next.js frontend and FastAPI backend. Handles JWT token generation, verification, JWKS endpoint setup, and secure API communication. Includes setup for database integration, session management, and user isolation. Use when implementing authentication between frontend (Next.js) and backend (FastAPI) services with JWT tokens and JWKS.
Build RESTful APIs with Laravel using API Resources, Sanctum authentication, rate limiting, and versioning. Use when creating API endpoints, transforming responses, or handling API authentication.
REST API best practices, OpenAPI/Swagger patterns, authentication, and error response formats
Implement authentication, authorization, input validation, and security best practices. Use when securing API endpoints and data.
Implement JWT custom claims authentication for Supabase to reduce API database queries. Use when building Next.js API routes that need user authentication and authorization (role, company_id, facility_id). Embeds user metadata into JWT tokens to eliminate 40% of database queries per API request. Triggers when implementing authentication in API routes, optimizing Supabase queries, or setting up user session management.
Expert implementation of user authentication and authorization using Better Auth library for Next.js 15+/React 18+ frontends and Node.js/FastAPI backends with SQL and NoSQL databases. Use when implementing authentication systems, user login/signup, session management, protected routes, role-based access control (RBAC), OAuth integration, or any auth-related tasks including email/password authentication, JWT tokens, permissions, and user management.
Implement secure API authentication following industry best practices including token-based auth, OAuth2/OIDC, JWT handling, and password security. Use this skill when implementing or modifying authentication mechanisms, login endpoints, token generation or validation logic, user session management, password hashing or verification, API security middleware, authentication guards or decorators, OAuth2 flows, API key management, or any backend code that handles user credentials, access tokens, refresh tokens, or API authentication. Use when creating new auth endpoints, updating existing authentication logic, reviewing security vulnerabilities in auth code, implementing rate limiting for login endpoints, or working with authentication-related database models and queries.
Integrate Better Auth for JWT-based authentication in Next.js frontend and FastAPI backend. Handles signup, login, logout, token management, and protected routes. Use when implementing authentication for Phase 2.
