11 Repos
Non-password authentication options such as device approval, passkeys, and SSO to access secure vaults.
Distinct from Passkey Authentication: Broader than just passkeys; covers a suite of alternatives including SSO and device-based approvals.
Explore 11 awesome GitHub repositories matching security & cryptography · Alternative Authentication Methods. Refine with filters or upvote what's useful.
Snapshot is a decentralized governance platform that enables DAOs and organizations to create and manage onchain voting systems. It supports both offchain signing and onchain execution, allowing votes to be submitted as signed messages to reduce gas costs while maintaining verifiability through onchain proposal execution on Ethereum and Starknet. The platform provides a modular strategy plugin system for voting power calculation and proposal validation, along with hierarchical space and role management for multi-tier governance structures. Snapshot distinguishes itself through several advance
Snapshot chooses how users prove their identity when creating proposals or casting votes, such as via signed messages or on-chain transactions.
This project is an Android password manager application that provides an end-to-end encrypted vault for storing and synchronizing login credentials, secure notes, and identities. It functions as a secure storage system using zero-knowledge encryption to ensure that only the user can decrypt their stored data. The application integrates directly with the Android system to provide an autofill service that populates usernames and passwords into mobile apps and browser login fields. It also serves as a passkey management wallet for FIDO2 cryptographic passkeys and a time-based one-time password a
Enables flexible login options via device approval, passkeys, or SSO to reduce reliance on master passwords.
FastAPI Users is a ready-to-use authentication library for FastAPI applications that handles user registration, login, password reset, email verification, and profile retrieval with minimal configuration. It provides a complete authentication system built around pluggable backends and transports, supporting JWT tokens, database sessions, and Redis-based token storage that can be combined in a single route. The library distinguishes itself through its modular architecture, offering router-based module composition that organizes authentication flows as independent FastAPI routers for registrati
Accepts credentials from an Authorization header or a cookie, supporting multiple transport methods.
attrs is a Python library that automatically generates initialization, representation, equality, hashing, and ordering methods from declarative class attribute definitions. At its core, it provides a class decorator metaprogramming framework that intercepts class creation to rewrite the class body, producing dunder methods without manual boilerplate. The library includes a comprehensive attribute validation toolkit with built-in validators for type checks, range constraints, regex matching, length limits, and logical composition of validation rules. The library distinguishes itself through it
Provides automatic detection of user-defined dunder methods to prevent redundant generation.
Webmin is a web-based administration interface for Unix systems. It provides a centralized console for managing the full range of server administration tasks — users and groups, software packages, storage, network configuration, system services, and security — all through a browser. Its modular architecture allows separate modules to handle databases (MySQL, MariaDB, PostgreSQL), web servers (Apache), DNS (BIND), email (Sendmail, Dovecot), file sharing (Samba, NFS), and more, with a unified access control system that restricts what each administrator can see and do. What sets Webmin apart is
Switches between cookie and HTTP authentication, sets login attempt timeouts, and enables auto-logout for inactive sessions.
Altair ist ein grafischer GraphQL-API-Client, eine integrierte Entwicklungsumgebung (IDE) und ein Schema-Explorer. Es fungiert als Debugging-Tool und Kollaborationsplattform für die Ausführung von Queries, Mutations und Subscriptions gegen GraphQL-Server. Das Projekt zeichnet sich durch cloud-synchronisierte Workspaces aus, um Query-Sammlungen innerhalb von Teams zu organisieren und zu teilen. Es bietet ein flexibles Erweiterungs-Framework, das die Installation und Ausführung von Drittanbieter-Plugins in isolierten Sandboxes ermöglicht. Die Plattform deckt eine Vielzahl von Funktionen ab, darunter KI-gestützte Query-Erstellung, visuelle Schema-Erkundung und Echtzeit-Daten-Subscriptions über mehrere Transportprotokolle. Zudem enthält sie Tools für Request-Automatisierung durch Pre- und Post-Request-Scripting sowie Dienstprogramme zur Verwaltung von Umgebungsvariablen und zur Analyse von Response-Metadaten. Altair ist als Desktop-Anwendung, Browser-Erweiterung und webbasierte Anwendung verfügbar und kann auf privaten Servern gehostet werden.
Configures API authorization methods including tokens and basic auth via static values or environment variables.
Ory Keto is an open-source authorization server that implements Google Zanzibar’s relationship-based access control model. It stores every access relationship as a tuple in a SQL database and exposes a declarative TypeScript-like namespace language for defining object types, relations, and permissions. The service provides bidirectional permission resolution, configurable consistency levels for checks, and dual gRPC and REST APIs for broad integration. Keto extends the Zanzibar model with edge enforcement of access policies, structured compliance auditing of permission decisions, and infrastr
Infers authentication methods automatically from flow types, eliminating manual configuration.
express-jwt ist eine Middleware für Express-Anwendungen, die JSON Web Tokens validiert, um Routen zu sichern und Anfragen zu authentifizieren. Sie fungiert als Sicherheitswächter, der Token-Signaturen und Ablaufdaten überprüft, bevor der Zugriff auf Backend-Endpunkte gewährt wird. Das Projekt bietet einen Request-Credential-Extractor, um Tokens aus Headern, Cookies oder Query-Parametern abzurufen. Es unterstützt dynamisches Key-Retrieval, um die erforderlichen Secrets oder öffentlichen Schlüssel zur Laufzeit basierend auf Anfrageattributen oder Token-Headern abzurufen. Die Middleware handhabt die JSON-Web-Token-Validierung, einschließlich der Behandlung von Token-Ablaufdaten und der Möglichkeit, Token-Identifikatoren gegen Sperrlisten zu prüfen, um kryptografisch gültige Tokens zu entwerten. Zudem mappt sie dekodierte Payload-Attribute aus validierten Tokens direkt auf das Request-Objekt.
Includes a utility to retrieve authentication tokens from various request sources for validation.
Converse.js is an embeddable, self-hosted XMPP chat client that runs entirely in the browser. It communicates with XMPP servers using standard XML stanzas over WebSocket or BOSH transports, and provides end-to-end encryption through the OMEMO protocol with double ratchet algorithm and X3DH key exchange. The client is built on a plugin-based architecture that allows extending core functionality at runtime without modifying the client itself, and uses a DOM-based rendering approach with an event-driven message bus for internal coordination. The client manages message history through XEP-0313 Me
Sets the method used to log in, supporting login, anonymous, external, or prebind authentication.
This library provides a backend framework for implementing FIDO2-compliant authentication and passwordless login flows in Go applications. It serves as a server-side toolkit for managing hardware-backed identity verification, enabling developers to integrate secure, browser-based authentication protocols that utilize security keys and biometric sensors. The project distinguishes itself by offering comprehensive tools for credential lifecycle management and hardware attestation. It handles the registration and storage of public key metadata while enforcing strict security requirements, such as
Allows adjustment of login and registration settings, including security requirements, transport preferences, and cryptographic algorithms.
Diese Bibliothek bietet eine serverseitige Implementierung für den WebAuthn-Standard, die es Entwicklern ermöglicht, FIDO2-konforme Authentifizierung in Anwendungen zu integrieren. Sie fungiert als Toolkit für die Verwaltung von Public-Key-Infrastrukturen und erlaubt es Systemen, die Benutzeridentität durch hardwaregestützte kryptografische Signaturen anstelle traditioneller Passwörter zu verifizieren. Das Framework erleichtert den gesamten Credential-Lebenszyklus, von der anfänglichen Registrierung von Sicherheitsschlüsseln und biometrischen Geräten bis zur laufenden Validierung von Authentifizierungsversuchen. Es handhabt die Generierung und Verifizierung von Challenge-Response-Handshakes und stellt sicher, dass jedes Login-Ereignis gegen Replay-Angriffe und unbefugten Zugriff geschützt ist. Über die Kern-Identitätsverifizierung hinaus unterstützt die Bibliothek die Implementierung von Multi-Faktor-Authentifizierungs-Flows und bietet konfigurierbare Einstellungen zur Anpassung von Sicherheitsanforderungen. Sie verarbeitet Authentifizierungsdaten unter Verwendung standardisierter binärer Serialisierung und Payload-Formate, um die Interoperabilität mit bestehender Websicherheitsinfrastruktur zu wahren.
Provides configurable settings to adjust security requirements and registration or login behaviors.