4 dépôts
Complete systems for managing user identity, sessions, and secure sign-in within web applications.
Distinct from Ruby on Rails Frameworks: The candidates are either too broad (Ruby on Rails Frameworks) or too specific (generators).
Explore 4 awesome GitHub repositories matching web development · Authentication Frameworks. Refine with filters or upvote what's useful.
Devise is a flexible authentication framework for Ruby on Rails applications. It serves as a user identity management system that handles registration, sign-in, password recovery, and account confirmation. The system integrates with the Warden middleware to manage user sessions and security across various request types. The framework functions as a multi-model authentication engine, allowing for the configuration of multiple distinct user models with independent routes and access controls. It also provides a standardized interface to connect with external identity providers and third-party lo
Functions as a complete authentication framework for managing user identity and sessions in web applications.
Devise is a comprehensive identity management system and authentication framework for Ruby on Rails applications. It provides a complete set of tools for managing user registration, secure sign-in, and session handling using a modular strategy pattern. The framework distinguishes itself by offering a suite of security hardening features, including brute force protection through account locking and secure password recovery workflows. It also functions as an integrator for external identity providers and third-party authentication via standardized protocols. Broad capabilities cover the full u
Implements secure sign-in and session management for Ruby on Rails applications to protect private routes.
Lucia is an authentication library that provides session management, OAuth integration, and password-based login for web applications. It creates and validates server-side sessions using cryptographically random tokens stored in HttpOnly, Secure, SameSite=Lax cookies, with constant-time token comparison to prevent timing side-channel attacks. The library supports authentication through email and password, GitHub OAuth, Google OAuth, and passkey-based sign-in. It enforces two-factor authentication using time-based one-time passwords (TOTP) from authenticator apps, generates recovery codes for
Provides a complete authentication framework for web apps with session management and multiple login methods.
Authboss est un framework d'authentification modulaire conçu pour gérer l'identité des utilisateurs et l'orchestration des comptes. Il fournit un système complet pour gérer l'enregistrement des utilisateurs, la vérification des e-mails et l'intégralité du cycle de vie des profils utilisateurs. Le framework se distingue par une suite ciblée d'outils de sécurité et d'identité, incluant l'authentification multi-facteurs via des mots de passe basés sur le temps et SMS, ainsi que l'intégration d'identité avec des fournisseurs externes utilisant les protocoles OAuth1 et OAuth2. Il inclut également un gestionnaire de sécurité de compte dédié qui implémente une protection contre la force brute via le verrouillage de compte basé sur les identifiants et le hachage adaptatif des mots de passe. Globalement, le projet couvre la gestion du cycle de vie des sessions, incluant les cookies de connexion persistants et les délais d'inactivité, ainsi que les flux de récupération de compte pour les mots de passe oubliés. Il fournit également un middleware de requête pour le contrôle d'accès aux routes et prend en charge le rendu des vues d'authentification en HTML ou JSON.
Provides a modular PHP-based framework for handling user registration, password resets, and session management.