This covers the core authentication patterns you'll actually use: JWT tokens, OAuth 2.0, API keys, and session management. The references include working implementations in both Node.js and Python, with examples for login flows, token refresh, and middleware protection. It's opinionated about security basics like HttpOnly cookies, bcrypt for passwords, and HTTPS everywhere. The best practices section is genuinely helpful, calling out common mistakes like storing tokens in URLs or logging credentials. If you're building an API and need to lock it down properly, this gives you the patterns and code to start from rather than piecing together blog posts.
npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill api-authentication