20 مستودعات
Techniques for maintaining authentication state across distributed services without server-side session storage.
Distinguishing note: Focuses on stateless token-based session handling rather than traditional stateful session stores.
Explore 20 awesome GitHub repositories matching security & cryptography · Stateless Session Management. Refine with filters or upvote what's useful.
Next-auth is an authentication and identity management library for web frameworks. It provides a unified system for handling user sign-in and session state across server and client environments, functioning as a session management framework and an OIDC authentication library. The project distinguishes itself through a provider-based identity abstraction that supports multiple authentication methods, including OAuth, email magic links, traditional credentials, and passwordless passkeys. It allows for the registration of custom OAuth or OIDC compliant providers and offers tools to define branda
Maintains user identity state using signed JWTs stored in encrypted cookies for stateless session operation.
Authelia is a centralized identity and access management server designed to secure web applications through unified authentication and authorization. It functions as an identity authority that enables single sign-on across diverse platforms, allowing users to access multiple services with a single set of credentials. By acting as a standards-compliant provider, it facilitates secure identity propagation and token issuance for client applications. The platform distinguishes itself through its ability to integrate directly with web gateways as a reverse proxy authentication middleware, intercep
Maintains user authentication state across distributed services using encrypted cookies to ensure consistent access control without requiring sticky sessions.
This project is a Node.js library for implementing and managing JSON Web Tokens. It functions as a cryptographic token manager and authentication tool used to sign, verify, and decode tokens to securely transmit claims between parties. The library supports both symmetric and asymmetric signing algorithms, including HMAC and RSA. It enables the creation of digitally signed tokens using secrets or private keys, and provides mechanisms to validate token signatures and verify embedded claims such as expiration and issuer. The tool covers a range of identity and access capabilities, including sta
Manages user sessions across distributed systems by encoding identity data into client-side signed tokens.
SuperTokens Core is an open-source, self-hosted authentication and identity management platform designed for deployment within private infrastructure. It provides a comprehensive suite for managing user accounts, roles, and secure authentication flows, utilizing a modular, recipe-based architecture that allows developers to enable specific security features without modifying the core codebase. The platform distinguishes itself through its robust multi-tenancy capabilities, which allow for the logical or physical isolation of user records and configuration settings across different organizatio
Implements stateless, claims-based session management using cryptographically signed tokens for distributed authorization.
This project is a memory-safe implementation of the QUIC transport protocol and HTTP/3, designed for high-throughput and efficient network communication. It provides a comprehensive toolkit for building secure, low-latency network applications by managing the full lifecycle of transport connections, including protocol negotiation, stream data exchange, and connection state management. The library distinguishes itself through a focus on performance and protocol integrity. It utilizes a formal state machine to enforce strict adherence to transport rules and employs zero-copy buffer management t
Enables stateless session resumption using ticket keys to maintain connection state across server instances.
jwt-auth is a PHP package providing JSON Web Token authentication for Laravel and Lumen applications. It serves as a token provider and stateless session manager, allowing applications to issue and validate signed tokens to manage user identity across network requests. The library implements stateless API security by verifying identity tokens sent in request headers, removing the requirement to store session data on the server. It uses signed tokens to verify user credentials and restrict access to protected resources. The project provides capabilities for user access control, authentication
Implements stateless session management to maintain authentication state across requests without server-side storage.
Dex is an OpenID Connect identity provider that functions as an identity federation gateway. It authenticates users and issues signed tokens for applications by using a variety of pluggable connectors to interface with external identity sources. The project focuses on federating multiple external identity providers into a single authentication portal. It maps diverse external authentication sources to a uniform internal user representation and manages the orchestration of authorization handshakes between clients and identity sources. Capability areas include centralized user authentication,
Tracks authentication progress across redirects using short-lived tokens and signed cookies without server-side session storage.
This project is a Spring Cloud microservices boilerplate and distributed system infrastructure designed to accelerate the development of enterprise Java applications. It provides a reference architecture that combines a Java backend with a decoupled Vue.js frontend framework. The system includes a complete e-commerce reference implementation, featuring a digital storefront with a full shopping workflow and a backend operations platform for business management. It also integrates OAuth 2.0 for identity management, supporting stateless authentication and third-party login services. The infrast
Implements stateless authentication using OAuth 2.0 tokens to maintain session state across distributed services.
WebGoat is a deliberately insecure web application designed as an interactive security lab for learning how to identify and exploit common web vulnerabilities. It serves as a containerized sandbox that allows for the simulation and experimentation of web-based attacks and penetration testing techniques without risking production systems. The project functions as a learning lab that maps specific insecure coding patterns to structured lessons. It implements simulated server-side flaws to provide a hands-on environment for studying common security vulnerabilities and defensive coding practices.
Manages user progress and lesson completion states across application components using stateless session techniques.
This project is a comprehensive knowledge base and study resource designed for mastering technical interviews. It provides structured guides, roadmaps, and curricula focused on data structures, algorithms, system design, and frontend engineering to help candidates prepare for software engineering screenings. The repository distinguishes itself by offering a holistic approach to professional advancement. Beyond technical drills, it includes a career development handbook covering resume optimization, salary benchmarking, and strategic negotiation coaching. It also provides detailed methodologie
Explains techniques for maintaining session state across distributed services using external stores.
The inspector is a diagnostic and validation tool for the Model Context Protocol. It provides an interactive interface and a transport proxy to discover, inspect, and execute the tools, prompts, and resources provided by an MCP server. The project serves as a debugger and compliance tester to verify that server implementations adhere to the protocol specification and JSON-RPC standards. It allows for real-time monitoring of message exchanges and logs between clients and servers across various transport layers, such as standard input/output and Server-Sent Events. The tool covers a broad rang
Passes opaque state blobs to clients, allowing servers to resume processing without maintaining server-side session data.
Model Context Protocol is a standardized framework for connecting large language models to external data sources and executable tools. It enables the creation of a universal interface where servers expose tools, resources, and prompts that can be discovered and utilized by various AI clients. The protocol utilizes a JSON-RPC message system that is transport-agnostic, supporting both standard input/output for local processes and HTTP with server-sent events for remote connections. It emphasizes security and control by delegating model sampling to the client to keep API keys secure from servers
Maintains context without persistent server-side sessions by using explicit state handles.
This project is a self-hosted note-taking platform and collaborative markdown wiki. It functions as a real-time markdown collaborative editor, allowing multiple users to create, organize, and share documents simultaneously. The platform is designed for self-hosted knowledge management and collaborative markdown documentation, providing a private environment for teams to maintain shared technical notes.
Implements stateless session management using tokens to enable server scaling across multiple instances.
Siege is an HTTP benchmarking utility and load testing tool used to analyze transaction rates and response times. It functions as a stress testing tool that pushes web servers to their limits to determine maximum sustainable load and failure points, while also serving as a performance analyzer for encrypted HTTPS connections. The tool distinguishes itself by simulating human browsing behavior through the use of random delays between requests and local management of cookies and authentication headers. This allows for more realistic user simulation and the assessment of server stability under c
Manages cookies and authentication headers locally to maintain individual user contexts.
Mirotalk هو منصة مؤتمرات فيديو ذاتية الاستضافة وخادم اتصالات من نظير إلى نظير. يستخدم WebRTC لمكالمات الفيديو عالية الدقة، ومشاركة الشاشة، وبث الصوت في الوقت الفعلي، ويعمل كنظام لامركزي يوجه تدفقات الوسائط مباشرة بين المشاركين لضمان الخصوصية وزمن انتقال منخفض. تدمج المنصة نماذج لغوية محادثية وتقنية التعرف على الكلام لتوفير نسخ نصي في الوقت الفعلي ومهام اجتماعات آلية. كما تعمل كجناح تعاوني ذو علامة بيضاء، مما يسمح للمستخدمين بتطبيق هويات بصرية مؤسسية عبر الواجهة والكود المصدري. يتضمن النظام مساحة عمل مشتركة تتميز بسبورات بيضاء رقمية، ومراسلة نصية، وتبادل ملفات مشفر. يتم توفير التحكم البرمجي من خلال REST API لإدارة الجلسات وإحصائيات المشاركين، بينما يتم تأمين الوصول عبر كلمات المرور، وبيانات الاعتماد الرقمية، وأذونات المضيف.
Implements a stateless API for user authentication, token exchange, and room configuration.
GoTrue هو مزود هوية JWT وواجهة برمجة تطبيقات (API) لإدارة المستخدمين. يعمل كخادم متوافق مع OAuth 2.0 يتعامل مع تسجيل المستخدمين والمصادقة مع إصدار رموز JSON Web Tokens موقعة للتحكم في الوصول إلى موارد API المحمية. تدمج الخدمة مزودي هوية خارجيين للسماح للمستخدمين بتسجيل الدخول باستخدام حسابات طرف ثالث. كما تتضمن خدمة إشعارات SMTP لتسليم رسائل إعادة تعيين كلمة المرور، وتأكيدات التسجيل، ورسائل استعادة الحساب. يغطي النظام قدرات أوسع لإدارة حسابات المستخدمين، بما في ذلك القدرة على تحديث ملفات تعريف المستخدمين وإدارة البيانات الوصفية المخصصة. ويوفر التحكم في الوصول إلى API عبر توليد الرموز والتحقق منها، ويدعم تتبع تنفيذ الطلبات لمراقبة الأداء.
Utilizes signed JWTs to maintain stateless user sessions without server-side session storage.
هذا المشروع عبارة عن دليل تعليمي تقني لتنفيذ إدارة هوية المستخدم والجلسات باستخدام JSON Web Tokens. يركز على بناء نظام تسجيل دخول آمن يتحقق من هويات المستخدمين في تطبيقات الويب والجوال. تغطي المادة دورة الحياة الكاملة للأمن القائم على الرموز (tokens)، بما في ذلك إصدار والتحقق من رموز المصادقة وإدارة الجلسات عديمة الحالة (stateless). يوفر تعليمات حول الحفاظ على جلسات مستخدم مستمرة من خلال التخزين على جانب العميل وتنفيذ إلغاء الجلسة لإبطال رموز معينة أو جميع الرموز النشطة. تتضمن تفاصيل التنفيذ استخدام رموز تشفير موقعة مع مطالبات هوية مضمنة وطوابع زمنية لانتهاء الصلاحية. كما يعالج صحة الرموز من خلال التحقق من التوقيع واستخدام القوائم السوداء المدعومة بقاعدة بيانات لتجاوز حالة عدم الحالة للجلسات الملغاة.
Implements a session management architecture that avoids server-side state using signed tokens.
iron-session هي مكتبة إدارة جلسات عديمة الحالة (stateless) لـ JavaScript تخزن بيانات الجلسة المشفرة والموقعة مباشرة في ملفات تعريف ارتباط المتصفح (cookies). تعمل كبرمجية وسيطة للمصادقة للتحقق من هوية المستخدم دون الحاجة إلى قاعدة بيانات من جانب الخادم أو عمليات بحث في الشبكة لاسترجاع الجلسة. يوفر المشروع أداة تشفير بمفتاح متماثل تدعم تدوير كلمات المرور ذات الإصدارات. وهذا يسمح بتحديث مفاتيح التشفير عبر النظام دون إبطال جلسات المستخدم النشطة. بعيداً عن إدارة الجلسة، تتضمن المكتبة أدوات لختم كائنات البيانات التعسفية في سلاسل موقعة آمنة وفك ختمها لضمان عدم العبث بالمحتوى. تدعم هذه الإمكانيات توليد رموز آمنة وروابط تسجيل دخول سحرية.
Implements a stateless session system that stores encrypted data in cookies to eliminate server-side database lookups.
next-iron-session هي مكتبة لإدارة الجلسات لتطبيقات Next.js تقوم بتخزين حالة المستخدم المشفرة في ملفات تعريف ارتباط (cookies) آمنة في المتصفح. يتيح هذا النظام إدارة الجلسات بدون حالة (stateless)، مما يسمح للتطبيقات بالحفاظ على هوية المستخدم دون الحاجة إلى قاعدة بيانات من جانب الخادم لتتبع الجلسة. يوفر المشروع أدوات لتأمين حمولات البيانات من خلال التشفير بالمفتاح المتماثل والتوقيع، بما في ذلك دعم تدوير مفاتيح التشفير ذات الإصدارات. يتضمن أدوات لتنفيذ المصادقة بدون كلمة مرور عبر روابط سحرية آمنة لمرة واحدة، ودمج موفري الهوية الخارجيين من خلال سير عمل OAuth. تغطي المكتبة مجالات قدرات واسعة بما في ذلك حماية الوصول إلى المسارات عبر البرمجيات الوسيطة (middleware)، وإدارة دورة حياة الجلسة لتدفقات تسجيل الدخول والخروج، وإنشاء رموز مميزة مختومة (sealed tokens) لإعادة التوجيه الآمن.
Implements stateless session management using signed and encrypted cookies to avoid server-side database storage.
Finamp is a mobile music client designed for streaming and managing music libraries hosted on a Jellyfin media server. It serves as a handheld interface for browsing and playing audio files from a remote server. The application functions as a remote music streamer, connecting to a central media repository to stream audio via network transcoding. It enables the browsing and playback of private audio collections from a home server on a mobile device. The project covers media playback and remote audio management, supporting various audio formats through native server support or transcoding. It
Tracks user authentication and library preferences using tokens passed in request headers.