30 open-source projects similar to binarylogic/authlogic, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Authlogic alternative.
Clearance is a Ruby on Rails authentication framework designed to manage user accounts, encrypted password storage, and session-based identity verification. It serves as an email and password authenticator that validates user identities and controls access to protected application features. The framework utilizes a request-processing middleware to expose user identity to the application environment and employs a chain of guards to enforce customizable sign-in requirements. It includes a secure password recovery system that uses email-based reset tokens to allow users to update credentials. T
Authboss is a modular HTTP authentication framework for managing user identity, session lifecycles, and password security. It provides a system of identity access middleware to control route access and synchronize user identity across requests via standard web protocols. The framework is distinguished by a pluggable architecture that allows for the registration of independent modules to extend identity logic. It utilizes a hook-based event system to execute custom business logic during authentication state changes and employs a selector-verifier token pattern to protect against timing attacks
Octelium is a zero-trust network access platform and identity-aware proxy designed to secure private HTTP, SSH, and SQL resources. It functions as a secure gateway that validates human and workload identities using OIDC, SAML, and FIDO2 passkeys before granting access to internal applications and SaaS APIs. The system is distinguished by its secretless access broker, which injects credentials—such as API keys, passwords, and AWS Sigv4 signatures—at the gateway level so users can access databases and cloud resources without managing secrets. It further specializes in AI gateway administration,
Grist is a relational spreadsheet platform that combines the flexibility of a spreadsheet with the power of a relational database. At its core, it manages structured data across multiple linked tables, using a relational database engine to organize information while providing a familiar grid interface. The platform supports Python-based formulas for complex calculations and data transformations, with automatic recalculation when referenced cells change. The system is designed for self-hosted deployment, storing data in either portable SQLite files or enterprise-grade PostgreSQL databases. It
Pomerium is an identity-aware reverse proxy designed to provide zero-trust access control for internal infrastructure. It functions as a centralized gateway that verifies user identity, device context, and group membership for every request before granting access to protected applications, services, or API servers. By integrating directly with external identity providers, it replaces traditional VPNs with granular, policy-based access enforcement. The platform distinguishes itself by extending zero-trust principles beyond standard web traffic to include non-HTTP protocols, such as TCP and UDP
This project is a reference implementation and boilerplate for managing user authentication and session state within the Next.js framework. It serves as a practical example of how to integrate NextAuth.js to protect routes and handle identity verification. The repository demonstrates several authentication workflows, including OAuth identity integration with third-party providers, passwordless authentication using email magic links, and traditional credentials-based sign-in. It specifically showcases how to replace default authentication screens with custom branded sign-in pages. The impleme
Authboss is a modular authentication framework designed to manage user identity and account orchestration. It provides a comprehensive system for handling user registration, email verification, and the full lifecycle of user profiles. The framework distinguishes itself through a focused suite of security and identity tools, including multi-factor authentication via time-based passwords and SMS, and identity integration with external providers using OAuth1 and OAuth2 protocols. It also includes a dedicated account security manager that implements brute-force protection through credential-based
This project provides a comprehensive security framework for PHP applications, designed to manage the entire lifecycle of user authentication and authorization. It functions as a middleware layer that intercepts incoming HTTP requests to enforce security policies, resolve user identities, and maintain persistent sessions across web interactions. The framework distinguishes itself through a modular, event-driven architecture that integrates directly into the application lifecycle. It supports diverse authentication methods, including standard form-based logins, API bearer tokens, and federated
Login-with is a centralized authentication gateway designed to decouple identity verification from individual application services. It functions as a stateless microservice that orchestrates user login and logout flows by integrating with external identity providers. The project distinguishes itself through its ability to manage user sessions across multiple subdomains. By issuing encrypted, domain-wide cookies, it maintains consistent user state and profile information as users navigate between different parts of a distributed web architecture. The service handles the full lifecycle of user
ihp is a type-safe web framework and full-stack application orchestrator designed for PostgreSQL. It functions as a server-side rendering framework and a type-safe ORM that automatically generates record types from SQL schemas to ensure compile-time query validation. The platform distinguishes itself by verifying routing, database queries, and templates at compile time to prevent runtime crashes. It implements real-time web interfaces using WebSockets for instant data synchronization and employs server-driven hypermedia for partial DOM patching. The framework covers a broad range of integrat
This is a Node.js library for securely hashing and verifying passwords using the bcrypt adaptive hashing algorithm. It functions as a password security module that transforms plain-text credentials into protected hashes and generates cryptographically secure salts. The implementation allows for the adjustment of computational cost to resist brute-force attacks. It provides utilities for password hash verification and the extraction of hash metadata to determine the number of encryption rounds used. The project covers a range of security and access control capabilities, including credential s
iron-session is a stateless session management library for JavaScript that stores encrypted and signed session data directly in browser cookies. It functions as authentication middleware to verify user identity without requiring a server-side database or network lookups for session retrieval. The project provides a symmetric key encryption tool that supports versioned password rotation. This allows encryption keys to be updated across a system without invalidating active user sessions. Beyond session management, the library includes utilities to seal arbitrary data objects into secure signed
This project is an OAuth 2.0 client library and OpenID Connect SDK designed for integrating Microsoft identity platforms into JavaScript applications. It serves as a cross-platform authentication client for managing user identities and daemon services across browser-based and server-side environments. The library provides tools for acquiring and managing JSON Web Tokens to secure access to protected web APIs. It supports various authentication flows, including single-page application authentication, server-side identity management in Node.js, and non-interactive authentication for background
This project is a comprehensive security framework for PHP applications, providing a modular system for verifying user identities and enforcing access control policies. It functions as a security middleware that decouples authentication and authorization logic from core application code, allowing for centralized management of user sessions, credentials, and resource access. The framework distinguishes itself through a highly decoupled architecture that separates identity verification from storage mechanisms. It utilizes a strategy-based approach to authentication, enabling developers to imple
This project is a blockchain education platform that integrates a React frontend with Solidity smart contracts to create a decentralized application. It functions as a learning system that generates personalized educational roadmaps and tracks user progress using decentralized technology. The platform employs a hybrid identity integration system, verifying users through both traditional email providers and blockchain wallet connections. This allows for user identity management and account verification to control access to protected areas of the application. The codebase covers the deployment
Skateshop is a Next.js e-commerce storefront and subscription-based commerce platform. It provides a retail website featuring product catalogs, shopping carts, and checkout flows, paired with a retail store management dashboard for tracking inventory, orders, and payments. The project includes a subscription system to process recurring payments and manage tiered access to premium services. It also integrates a markdown blog engine for publishing technical content and an email marketing system to collect subscribers and distribute newsletters. The platform covers identity management through u
Commento is a self-hosted, privacy-focused commenting system used to embed lightweight discussion sections into websites. It provides a way for visitors to read and post comments while avoiding third-party tracking. The platform includes specialized utilities for migrating existing discussion history and user data from external commenting platforms. It also integrates identity provider support and single sign-on to verify the identity of users participating in discussions. Administrative capabilities cover community discussion moderation through spam filters and manual review tools. The syst
FastHTML is a full-stack Python web framework designed for building interactive web applications using pure Python. It functions as an HTMX integration framework and a Python HTML domain-specific language, allowing developers to generate HTML structures using native objects and functions instead of external templating files. The framework is distinguished by its native support for real-time bidirectional communication via WebSockets and Server-Sent Events, enabling server-side updates to be pushed to the browser without full page reloads. It further integrates identity management through OAut
This project is a .NET identity stack and server framework used to build certified OpenID Connect and OAuth 2.0 identity providers. It provides the core logic required to issue and validate security tokens and manage user authentication across various grant types and protocol flows. The framework includes a protocol translation layer that bridges OpenID Connect and SAML to enable interoperability between different identity providers. It also supports a stateless mode of operation, which removes built-in validation and storage to allow for manual control over token and client verification. Th
Simplebank is a financial services backend application built with Go that manages bank accounts and transfers. It utilizes a dual-protocol interface, providing both gRPC and REST APIs via Protocol Buffers to support different client communication requirements. The system implements a PostgreSQL data layer with versioned schema migrations and type-safe query generation. It handles financial operations through atomic fund transfers and balance change tracking to maintain consistent audit trails. The architecture includes an asynchronous task worker system using a message queue to offload long-
JupyterHub is a multi-user platform for hosting and managing isolated Jupyter notebook server instances on a single system or cluster. It serves as a notebook server orchestrator that spawns and monitors individual computing environments on demand. The system uses a plugin-based spawner interface to launch these environments across diverse infrastructure, including local processes, containers, or cloud clusters. It integrates with external identity providers and supports pluggable authentication to verify user identities and secure access. The framework includes centralized administration to
Morphic is an AI model aggregator and search engine designed to synthesize grounded answers with citations by coordinating large language models and external web search providers. It functions as a self-hosted AI gateway that connects to multiple model providers and local endpoints, utilizing a dynamic selector to route requests between different backends based on API key availability. The project features a generative UI framework that renders rich, interactive components by streaming JSON specifications instead of standard markdown. It also incorporates retrieval augmented generation capabi
This project is a public key infrastructure management system designed to automate the issuance, renewal, and revocation of X.509, TLS, and SSH certificates. It functions as a machine identity provider and certificate authority, enabling the establishment of private PKI to secure inter-service communication and remote access. The system distinguishes itself through hardware-bound identity attestation, which ties cryptographic keys to physical device silicon or TPMs to prevent credential exfiltration. It supports a wide array of identity verification mechanisms, including OIDC, cloud-provider
oauth2_proxy is an OAuth2 reverse proxy and authentication gateway that protects upstream services by requiring users to authenticate through external identity providers. It acts as a secure login layer for backend applications that lack built-in user authentication. The project provides centralized access control by restricting entry based on email domains, organization membership, or approved user lists. It integrates with identity providers via issuer URLs and client secrets, and supports additional authentication methods such as htpasswd files. The gateway manages secure identity forward
bcrypt.js is a portable JavaScript implementation of the bcrypt algorithm used for securely hashing and verifying user passwords. It functions as a credential security utility that protects stored passwords against brute-force attacks through the use of salts and configurable work factors. The library is designed as a pure JavaScript cryptographic module, allowing it to run in any JavaScript environment, including both server-side Node.js and client-side web browsers, without requiring native system binaries or C++ bindings. It is a zero-dependency standalone module to minimize security risks
deployd is a realtime API framework and MongoDB backend as a service that allows for the creation of networked interfaces synchronizing data and events between clients and servers. It functions as a JavaScript API middleware that can be integrated with HTTP servers to provide authentication, request interceptors, and realtime capabilities. The project features a self-hosted API management dashboard for configuring resource settings, managing data collections, and monitoring server status through a web-based interface. It includes a realtime data synchronization engine that pushes live databas
This project is a full stack web application template built with Flask. It provides a foundation for developing complete web applications, covering the entire pipeline from user interfaces and server-side logic to relational data management. The project implements a modular architecture using blueprints to organize views and templates into independent components. It features a session-based authentication system for managing user registration, password hashing, and secure login sessions to protect private application areas. Data persistence is handled through an object relational mapper for
Dex is an OpenID Connect identity provider that functions as an identity federation gateway. It authenticates users and issues signed tokens for applications by using a variety of pluggable connectors to interface with external identity sources. The project focuses on federating multiple external identity providers into a single authentication portal. It maps diverse external authentication sources to a uniform internal user representation and manages the orchestration of authorization handshakes between clients and identity sources. Capability areas include centralized user authentication,
Dex is an OpenID Connect provider and identity federation proxy that translates authentication signals from various upstream sources into a unified OpenID Connect interface. It functions as a multi-protocol identity broker, enabling client applications to implement a single standard while delegating user verification to external identity providers. The project distinguishes itself through a pluggable connector architecture that bridges disparate protocols including LDAP, SAML, and OAuth2. It provides specific integrations for services such as GitHub, Google, GitLab, and Microsoft, while offer
Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do