awesome-repositories.com
ब्लॉग
awesome-repositories.com

AI-संचालित खोज के साथ बेहतरीन ओपन-सोर्स रिपॉजिटरी खोजें।

एक्सप्लोर करेंक्यूरेटेड खोजेंओपन-सोर्स विकल्पसेल्फ-होस्टेड सॉफ्टवेयरब्लॉगसाइटमैप
प्रोजेक्टहमारे बारे मेंहम रैंकिंग कैसे करते हैंप्रेसMCP सर्वर
कानूनीगोपनीयताशर्तें
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

12 रिपॉजिटरी

Awesome GitHub RepositoriesSession Token Validation

Verification of session tokens against an identity provider to ensure active authentication.

Distinct from Session Authentication: Focuses on the act of validating the token's current validity rather than the overall authentication flow

Explore 12 awesome GitHub repositories matching security & cryptography · Session Token Validation. Refine with filters or upvote what's useful.

Awesome Session Token Validation GitHub Repositories

AI के साथ बेहतरीन रिपॉजिटरी खोजें।हम AI का उपयोग करके सबसे सटीक रिपॉजिटरी खोजेंगे।
  • withspectrum/spectrumwithspectrum का अवतार

    withspectrum/spectrum

    10,838GitHub पर देखें↗

    Spectrum is an open-source community platform designed for developer teams to host real-time threaded discussions, share code, and collaborate around GitHub projects. It provides a complete environment for creating and managing online communities with organized channels, member roles, and content moderation tools that keep conversations civil and on-topic. The platform integrates directly with GitHub, enabling users to authenticate through GitHub OAuth, search across code repositories and projects, and connect discussions to repository activity. Spectrum offers role-based team permission mana

    Issues and validates secure tokens to maintain authenticated user sessions across the platform.

    JavaScriptexpoflowtypegraphql
    GitHub पर देखें↗10,838
  • lucia-auth/lucialucia-auth का अवतार

    lucia-auth/lucia

    10,461GitHub पर देखें↗

    Lucia is an authentication library that provides session management, OAuth integration, and password-based login for web applications. It creates and validates server-side sessions using cryptographically random tokens stored in HttpOnly, Secure, SameSite=Lax cookies, with constant-time token comparison to prevent timing side-channel attacks. The library supports authentication through email and password, GitHub OAuth, Google OAuth, and passkey-based sign-in. It enforces two-factor authentication using time-based one-time passwords (TOTP) from authenticator apps, generates recovery codes for

    Manages the full lifecycle of server-side sessions including creation, validation, extension, and idle timeout.

    authoauthtypescript
    GitHub पर देखें↗10,461
  • teamhanko/hankoteamhanko का अवतार

    teamhanko/hanko

    8,801GitHub पर देखें↗

    Hanko is an open-source identity provider and customer identity and access management system. It serves as a passkey authentication service and an OAuth and SAML SSO gateway, allowing applications to authenticate users and issue tokens via standard identity protocols. The project distinguishes itself through a strong focus on passwordless access using WebAuthn-based passkeys and email-based passcodes. It provides framework-agnostic authentication interfaces as customizable web components that can be embedded directly into web applications to handle login, registration, and profile management.

    Verifies session tokens against an API to ensure the user remains authenticated.

    Go2faauthenticationciam
    GitHub पर देखें↗8,801
  • daffainfo/allaboutbugbountydaffainfo का अवतार

    daffainfo/AllAboutBugBounty

    6,644GitHub पर देखें↗

    AllAboutBugBounty is a curated collection of bug bounty techniques and payloads for web application security testing. It serves as a reference resource covering common web vulnerabilities and exploitation methods for security researchers, providing a structured approach to identifying and exploiting web application security flaws in bug bounty programs. The repository covers a wide range of attack categories including authentication bypass, cross-site scripting injection, server-side request forgery, web cache poisoning, and business logic abuse. It includes techniques for bypassing access co

    Covers techniques for bypassing CSRF token validation through value alteration and method switching.

    bugbugbountybugbountytips
    GitHub पर देखें↗6,644
  • firebase/firebase-js-sdkfirebase का अवतार

    firebase/firebase-js-sdk

    5,125GitHub पर देखें↗

    यह एक बैकएंड-एज़-ए-सर्विस SDK है जो वेब और मोबाइल एप्लिकेशन को क्लाउड सेवाओं के एक सूट से जोड़ता है। यह उपयोगकर्ता पहचान प्रबंधित करने, सर्वरलेस लॉजिक निष्पादित करने और क्लाउड ऑब्जेक्ट स्टोरेज को संभालने के लिए एक एकीकृत इंटरफ़ेस प्रदान करती है। यह टूलकिट अपनी रीयल-टाइम डेटा सिंक्रोनाइज़ेशन द्वारा विशेषता है, जो NoSQL डॉक्यूमेंट डेटा को इन-बिल्ट ऑफ़लाइन पर्सिस्टेंस के साथ कई क्लाइंट्स में सुसंगत रहने की अनुमति देता है। यह विभिन्न पहचान प्रदाताओं के माध्यम से सुरक्षित उपयोगकर्ता पहुंच की सुविधा प्रदान करती है और HTTPS अनुरोधों या डेटाबेस इवेंट्स के जवाब में बैकएंड लॉजिक को निष्पादित करने के लिए सर्वरलेस फ़ंक्शन इनवोकेशन का प्रबंधन करती है। यह SDK NoSQL और रिलेशनल डेटाबेस प्रबंधन, क्रैश मॉनिटरिंग और उपयोगकर्ता व्यवहार विश्लेषण सहित परिचालन क्षमताओं की एक विस्तृत श्रृंखला को कवर करती है। यह रिमोट एप्लिकेशन कॉन्फ़िगरेशन, लक्षित पुश नोटिफिकेशन और AI-संचालित सुविधाओं के लिए बड़े भाषा मॉडल के एकीकरण के लिए टूल्स भी प्रदान करती है। यह प्रोजेक्ट TypeScript में कार्यान्वित है और भाषा-विशिष्ट लाइब्रेरी प्रदान करती है जो REST और WebSocket API को उच्च-स्तरीय विधियों में एब्स्ट्रैक्ट करती है।

    Generates and verifies authentication tokens to manage privileged sessions and secure access to cloud resources.

    TypeScriptfirebasefirebase-authfirebase-authentication
    GitHub पर देखें↗5,125
  • supabase/supabase-jssupabase का अवतार

    supabase/supabase-js

    4,483GitHub पर देखें↗

    supabase-js is a comprehensive client library designed to integrate frontend applications with a hosted backend-as-a-service. It provides a unified interface for interacting with a PostgreSQL database, identity management systems, cloud object storage, and real-time data synchronization. The library features an isomorphic client design that operates across both browser and server environments. It distinguishes itself through a type-safe approach, utilizing TypeScript to map database schemas directly to client-side definitions, and employs a PostgREST-based API to translate JavaScript calls in

    Validates one-time passwords used for account sign-ups, magic links, and password recovery flows.

    TypeScriptclient-librarydatabaseisomorphic
    GitHub पर देखें↗4,483
  • jazzband/djangorestframework-simplejwtjazzband का अवतार

    jazzband/djangorestframework-simplejwt

    4,321GitHub पर देखें↗

    This is a JSON Web Token authentication package for the Django REST Framework that manages stateless user identities. It serves as an authentication provider and token manager used to issue and validate signed tokens to maintain user sessions across multiple requests. The project implements a dual-token lifecycle, issuing short-lived access tokens and long-lived refresh tokens to balance security with session persistence. It features token rotation to prevent replay attacks and a blacklisting system to invalidate compromised credentials. Additionally, it supports sliding-window expiration to

    Tracks invalidated or rotated tokens in a database to prevent the reuse of compromised credentials.

    Python
    GitHub पर देखें↗4,321
  • dwyl/learn-json-web-tokensdwyl का अवतार

    dwyl/learn-json-web-tokens

    4,176GitHub पर देखें↗

    This project is a technical tutorial and guide for implementing user identity and session management using JSON Web Tokens. It focuses on building a secure login system that verifies user identities in web and mobile applications. The material covers the full lifecycle of token-based security, including the issuance and validation of authentication tokens and the management of stateless sessions. It provides instructions on maintaining persistent user sessions through client-side storage and implementing session revocation to invalidate specific or all active tokens. The implementation detai

    Verifies the signature and expiration of tokens found in request headers to authorize users.

    JavaScript
    GitHub पर देखें↗4,176
  • godotsteam/godotsteamGodotSteam का अवतार

    GodotSteam/GodotSteam

    3,617GitHub पर देखें↗

    GodotSteam is a game engine plugin and API wrapper that integrates the Steamworks SDK into the Godot engine. It serves as a bridge between the engine's scripting layer and platform services, allowing applications to access social features and platform-specific connectivity. The project utilizes a C++ wrapper and a C-compatible foreign function interface to bind the Steamworks SDK. It includes a session manager that handles application ID initialization and enforces that the application is launched through the Steam client to validate ownership and session integrity. The integration covers se

    Checks for an active Steam client process to establish a valid authenticated session.

    game-developmentgamedevgodot
    GitHub पर देखें↗3,617
  • usekaneo/kaneousekaneo का अवतार

    usekaneo/kaneo

    3,218GitHub पर देखें↗

    Kaneo is an open-source project management platform built around a kanban board interface for organizing tasks into columns with drag-and-drop status management. It functions as a self-hosted task manager that supports multiple workspaces, organizations, and role-based access control, with all persistent data stored in a PostgreSQL relational database and exposed through a RESTful JSON API. The platform distinguishes itself through deep external integration capabilities, connecting project workflows to GitHub, Gitea, Slack, Discord, and Telegram with automated event-driven actions. A webhook

    Validates the current request's authentication token to ensure a secure and active user session.

    TypeScripthacktoberfesthonoissue-management
    GitHub पर देखें↗3,218
  • mitreid-connect/openid-connect-java-spring-servermitreid-connect का अवतार

    mitreid-connect/OpenID-Connect-Java-Spring-Server

    1,506GitHub पर देखें↗

    This project is an authentication and authorization platform built on the Spring framework that functions as a centralized identity provider and authorization server. It manages user identities and protects resources by implementing standardized protocols to verify credentials and issue secure tokens for web applications. The platform distinguishes itself by providing a comprehensive framework for managing complex authorization flows and identity verification. It supports dynamic client registration to automate the onboarding of third-party applications and utilizes relational database persis

    Maintains state consistency for tokens and authorization grants by persisting session data in relational database tables.

    Java
    GitHub पर देखें↗1,506
  • screwdriver-cd/screwdriverscrewdriver-cd का अवतार

    screwdriver-cd/screwdriver

    1,042GitHub पर देखें↗

    Screwdriver is a continuous delivery platform designed to orchestrate automated build, test, and deployment workflows. It functions as a containerized build orchestrator that manages the entire delivery lifecycle, from event-driven pipeline triggering to the execution of tasks within isolated, pluggable container environments. The platform distinguishes itself through a modular architecture that decouples build logic from underlying compute resources, allowing for consistent execution across diverse infrastructures. It provides robust pipeline configuration management, enabling teams to defin

    Fetches current authentication tokens associated with active sessions to facilitate secure communication.

    JavaScriptapici-cdcontinuous-delivery
    GitHub पर देखें↗1,042
  1. Home
  2. Security & Cryptography
  3. Session Authentication
  4. Session Token Validation

सब-टैग एक्सप्लोर करें

  • CSRF Token BypassesCircumvents CSRF token validation by altering, removing, or reusing tokens across requests. **Distinct from Session Token Validation:** Distinct from Session Token Validation: focuses on bypassing CSRF-specific tokens rather than general session token validation.
  • Database-Backed Session Validations1 सब-टैगValidates session tokens by comparing their hashes against values stored in a database using constant-time comparison. **Distinct from Session Token Validation:** Distinct from Session Token Validation: specifies database-backed storage and constant-time hash comparison, not just generic token verification.
  • One-Time Password ValidationThe process of verifying short-lived single-use tokens for security flows. **Distinct from Session Token Validation:** Focuses on the validation of OTPs for sign-ups and recovery, rather than long-term session token validation.
  • Platform Session ValidationVerification that a required platform client is active to authorize the current session. **Distinct from Session Token Validation:** Validates the presence of a running external client process rather than just a session token.