Prompt Library ⚙️ Technical Implement Authentication and Authorisation
Any ⚙️ Technical Advanced

Implement Authentication and Authorisation

Build a complete, secure authentication and role-based authorisation system.
🏷 Developers 🏷 Step-by-step 🏷 Code
👁 4 views ⎘ 0 copies ♥ 0 likes

The Prompt

Implement a complete authentication and authorisation system for the following:

Application type: [web app / API / mobile backend]
Language/framework: [Node.js/Express / Python/FastAPI / PHP/Laravel / other]
Database: [PostgreSQL / MySQL / MongoDB / other]
Auth methods to support: [email+password / Google OAuth / GitHub OAuth / magic link / other]
Session management: [JWT / session cookies / refresh tokens]
Roles needed: [list roles — e.g. admin / moderator / user / guest]
Permissions model: [role-based (RBAC) / attribute-based (ABAC) / simple flag-based]
Special requirements: [2FA / API keys / multi-tenancy / SSO]

Provide a complete implementation:

USER REGISTRATION:
- Registration endpoint with validation
- Password hashing (bcrypt/argon2)
- Email verification flow
- Duplicate detection

LOGIN:
- Login endpoint
- Credential verification
- Token/session generation
- Failed attempt handling and lockout

TOKEN MANAGEMENT:
- Access token generation and validation
- Refresh token rotation
- Token revocation
- Secure storage recommendations

OAUTH FLOW (if applicable):
- OAuth provider setup
- Callback handling
- Account linking (if user exists with same email)

ROLE AND PERMISSION SYSTEM:
- Database schema for roles and permissions
- Middleware for route-level protection
- Helper functions for permission checks
- Admin role management endpoints

PASSWORD MANAGEMENT:
- Forgot password flow
- Reset password with secure token
- Password change (authenticated)
- Password strength requirements

SECURITY HARDENING:
- Rate limiting on auth endpoints
- CSRF protection
- Secure cookie settings
- Security headers

FULL CODE:
- All routes and controllers
- Middleware implementations
- Database migrations/schema
- Helper utilities

📝 Fill in the blanks

Replace these placeholders with your own content:

[web app / API / mobile backend]
[Node.js/Express / Python/FastAPI / PHP/Laravel / other]
[PostgreSQL / MySQL / MongoDB / other]
[email+password / Google OAuth / GitHub OAuth / magic link / other]
[JWT / session cookies / refresh tokens]
[list roles — e.g. admin / moderator / user / guest]
[role-based (RBAC) / attribute-based (ABAC) / simple flag-based]
[2FA / API keys / multi-tenancy / SSO]

How to use this prompt

1
Copy the prompt

Click "Copy Prompt" above to copy the full prompt text to your clipboard.

2
Replace the placeholders

Swap out anything in [BRACKETS] with your specific details.

3
Paste into Any

Open your preferred AI assistant and paste the prompt to get started.

Related Prompts

You might also like

GPT-4o ⚙️ Technical Intermediate

Code Reviewer & Refactor

Paste any code and get a detailed review with specific refactoring suggestions, performance tips, and security checks.

ChatGPT ⚙️ Technical Intermediate

Weekly Performance & Goal-Setting Plan for Tech Support Agents

Generates a structured, actionable weekly goals plan for tech support agents focused on performance metrics, skill development, customer satisfaction, and team collaboration.

Claude Sonnet 4.6 💻 Coding & Dev Intermediate

AI chatbot as a senior engineer

This claude.md template is the difference between using AI as a chatbot vs using it as a team of senior engineers.

Any ✍️ Writing & Content Basic

Summarise Any Article in 5 Bullet Points

Paste any article and get a crisp 5-point summary instantly.