Loading...
Loading...
Found 8 Skills
Server-side authentication primitives for TanStack Start: session cookies (HttpOnly, Secure, SameSite, __Host- prefix), session read/issue/destroy via createServerFn and middleware, OAuth authorization-code flow with state and PKCE, password-reset enumeration defense, CSRF for non-GET RPCs, rate limiting auth endpoints, session rotation on privilege change. Pairs with router-core/auth-and-guards for the routing side.
Add email verification, password reset, and account management emails to Better Auth using Resend.
This skill provides guidance and enforcement rules for implementing secure email and password authentication using Better Auth.
Test web applications for HTTP Host header injection vulnerabilities to identify password reset poisoning, web cache poisoning, SSRF, and virtual host routing manipulation risks.
Implement secure JWT (JSON Web Token) authentication in Node.js applications with access/refresh tokens and role-based access control
Manage authentication and user operations in Supabase. Use for sign up, sign in, sign out, password resets, and user management.
HTTP Host header injection and routing abuse playbook. Use when the application trusts the Host header for generating URLs, routing requests, or access control — enabling password reset poisoning, web cache poisoning, SSRF via routing, and virtual host bypass.
Use when implementing password reset or change functionality in a Bknd application. Covers server-side password changes, building forgot-password flows with email tokens, and security considerations.