bknd-setup-auth_skill

This skill helps you initialize and configure Bknd authentication, including JWT, cookies, and roles for secure production-ready apps.

2

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill cameronapak/bknd-skills --skill bknd-setup-auth

  • SKILL.md13.1 KB

Overview

This skill helps initialize and configure the Bknd authentication system. It covers enabling auth, password strategy, JWT and cookie options, role definitions, registration controls, and production security hardening. Use it to produce a safe, testable auth setup ready for deployment.

How this skill works

The skill inspects and produces a code-first auth configuration for Bknd projects. It generates sensible defaults (password strategy, users entity, JWT sessions, auth endpoints) and exposes customizable settings for JWT, cookies, password hashing, roles, and registration. It also provides dev vs production toggles and a seed hook to create an initial admin user.

When to use it

  • Initial project setup when you need authentication enabled
  • Configuring JWT secret, algorithm, expiry, and token payload fields
  • Setting cookie behavior for browser sessions and CSRF protections
  • Defining roles, permissions, and default registration role
  • Hardening auth settings before production deployment
  • Creating an admin user automatically on first run

Best practices

  • Store secrets in environment variables and never hardcode JWT_SECRET
  • Use bcrypt hashing with moderate rounds in production; sha256 or dev shortcuts only for local development
  • Require a strong JWT secret (256-bit minimum) and set jwt.expires
  • Set cookie.secure true in production and httpOnly true to prevent JS access
  • Define roles before referencing them and seed an admin user via startup seed
  • Test the full auth flow (register, login, /me) after configuration changes

Example use cases

  • Enable basic password auth and auto-create users entity for a new Bknd app
  • Switch to bcrypt hashing and set jwt.secret when preparing to deploy
  • Configure cookies with sameSite and secure flags for browser apps
  • Define admin, editor, and user roles with scoped permissions
  • Disable public registration in closed systems while keeping admin seed

FAQ

The server cannot sign tokens and auth endpoints will fail; always set JWT_SECRET in environment variables for production.

How do I test cookies locally when secure is required?

Set cookie.secure to false for local development or use a local HTTPS proxy; ensure secure is true in production.

Which hashing should I pick for production?

Use bcrypt for production to balance security and performance; choose rounds that suit your server capacity (e.g., 4–10).

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational