30 open-source projects similar to expressjs/session, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Session alternative.
CodeIgniter is a PHP web framework built on the Model-View-Controller pattern, designed for building full-stack web applications. It provides a lightweight toolkit with minimal configuration, organizing application logic into controllers, models, and views for clean separation of concerns. The framework includes a fluent query builder for constructing SQL statements programmatically, PSR-4 autoloading with namespace mapping, and a service-based dependency injection container for managing shared class instances. The framework distinguishes itself through its comprehensive set of built-in tools
This project is a feature-rich Go client library designed for interacting with Redis. It serves as a comprehensive interface for managing remote data stores, enabling developers to execute standard database commands, handle complex data structures, and perform asynchronous operations within Go applications. The library distinguishes itself through its support for advanced Redis capabilities, including connection pooling, pipelining, and transactional integrity. It provides specialized primitives for managing distributed clusters, including automated topology updates and request routing to sha
Stack Auth is an open-source authentication and authorization platform that provides pre-built UI components, OAuth integration, team management, and session handling for web applications. It offers a complete authentication lifecycle covering sign-in, sign-up, session management, password recovery, and multi-factor security, with support for passkey authentication and OAuth providers including Google, GitHub, and Apple. The platform includes a team-based permission system with role-based access control, allowing users to be organized into teams with granular permissions for membership manage
web.py is a minimal Python web framework that provides the core components needed to build web applications: URL routing, template rendering, database access, form handling, and session management. The framework uses a convention-based approach where URL patterns are automatically mapped to handler classes based on their names, eliminating the need for manual route configuration. It exposes applications as WSGI callables, making them deployable with any WSGI-compliant server. The framework distinguishes itself through its metaclass-driven auto-discovery system, which automatically registers h
Tinyauth is an authentication middleware service and identity provider that verifies user identities to grant system access. It operates as a standalone server or as an authentication gateway, utilizing a reverse proxy model to intercept requests and validate credentials before traffic reaches protected backend services. The project functions as an OpenID Connect provider for single sign-on experiences and an OAuth 2.0 gateway that delegates verification to external providers such as Google and GitHub. It also acts as an LDAP authentication server, allowing for centralized user management and
This project is a reverse proxy server that secures internal web services by enforcing authentication against external identity providers. It acts as a gatekeeper for incoming HTTP traffic, validating user identity before forwarding requests to protected backend applications. By integrating with OAuth2 and OIDC providers, the proxy ensures that only authorized users can access internal resources. The proxy distinguishes itself through its flexible session management and granular access control. It maintains authenticated user state across requests using either encrypted client-side cookies or
ModSecurity is an open-source web application firewall and security engine. It functions as an HTTP traffic inspector and intrusion detection system that filters incoming web requests and responses against a set of security rules to block threats and prevent attacks on web servers. The project provides a modular framework for implementing restrictive security policies and custom filtering logic. It identifies and blocks common injection attacks, such as cross-site scripting and SQL injection, while hardening web applications to reduce their overall attack surface. Its broader capabilities in
This project is a learning guide and collection of study notes designed to teach Node.js backend development. It provides a comprehensive core API reference and practical demonstrations for implementing server-side logic, network programming, and system APIs. The guide specifically covers advanced technical domains including process management for scaling applications via clusters and child processes, as well as network programming for building TCP, UDP, and HTTP services. It also includes detailed instructional material on security implementation, focusing on cryptographic hashing and encryp
This project is a reference implementation and a collection of code samples for deploying the Apache Shiro security framework within Java-based web applications. It serves as a demonstration for implementing authentication, authorization, and user identity management. The implementation features distributed session management to coordinate user states across multiple server instances for high availability. It also includes samples for third-party OAuth2 integration, enabling external account authentication, and single sign-on support to grant access to multiple related applications. The proj
Vendure is a Node.js e-commerce engine and headless commerce framework built with NestJS and TypeScript. It serves as a multi-channel commerce platform that manages product catalogs, orders, and customers via a strongly typed GraphQL API. The platform is distinguished by its highly extensible architecture, featuring a customizable administrative dashboard where developers can inject custom React components and entity views. It supports multi-channel commerce, allowing the isolation of products, currencies, and regional catalogs from a single unified backend. The engine covers a broad range o
Zend Framework is a comprehensive set of decoupled components for building modular, event-driven web applications. It implements an MVC architecture to separate business logic from the user interface and provides a structured request-handling system through a sequential middleware pipeline. The project features a factory-driven dependency injection container to automate object instantiation and manage class lifecycles. It also includes a comprehensive security suite for verifying user identities and restricting resource access using access control lists and role-based access control adapters.
Casdoor is a centralized identity and access management platform that functions as an OAuth 2.0 authorization server. It provides a comprehensive suite of services for managing user identities, authentication sessions, and access policies across both web and machine-to-machine applications. Built with a decoupled frontend-backend architecture in Go, the platform supports high-concurrency environments and offers a web-based management interface for administrative tasks. The platform distinguishes itself through its extensive support for federated identity management, allowing integration with
open62541 is an open-source implementation of the OPC Unified Architecture standard, providing a complete stack for industrial automation and data exchange. It functions as both an OPC UA server and client, enabling the creation of an object-oriented address space to model physical industrial assets and their relationships. The project is designed for versatility across diverse hardware, offering a C99 library that can be deployed to both cloud servers and resource-constrained embedded environments. It distinguishes itself through a pluggable network layer and interface-based security backend
This project is a cross-platform managed execution environment and general-purpose application framework designed for building high-performance software. It provides a unified runtime that handles memory management, type safety, and code execution across diverse operating systems. By integrating a native code compilation toolchain, the platform enables developers to convert managed code into optimized machine instructions, significantly improving startup performance and reducing runtime dependencies for production environments. The framework distinguishes itself through a comprehensive toolch
AWS Powertools for Python is a utility framework designed for building production-ready Python functions on AWS Lambda. It provides a comprehensive suite of tools for observability, event parsing, routing, and idempotency management to streamline the development of serverless applications. The project distinguishes itself through specialized capabilities for event-driven architectures and AI agent orchestration. It enables the implementation of AI agents by exposing functions as tools via OpenAPI schemas and managing conversation states. Additionally, it features an idempotency library that p
Quarkus is a Kubernetes-native Java framework designed for building high-performance, memory-efficient applications. It utilizes ahead-of-time native compilation to transform Java code into standalone, optimized binaries that eliminate the need for a virtual machine, enabling rapid startup and reduced memory consumption. By performing code augmentation during the build phase, it shifts heavy processing tasks away from runtime, ensuring that applications are optimized for cloud-native environments. The framework distinguishes itself through a unified approach to reactive and imperative program
Vercel is a cloud platform for building, deploying, and scaling web applications. It provides a unified infrastructure that automates the build process by detecting project frameworks and distributing static and dynamic content through a global content delivery network. The platform executes application logic using serverless functions that scale automatically based on real-time traffic demand. The platform distinguishes itself through a centralized AI gateway that proxies requests to multiple model providers, enabling standardized authentication, observability, and cost tracking. It supports
This project is a cloud-native identity and access management platform designed to centralize authentication, authorization, and identity lifecycle management. It functions as a standards-compliant OpenID Connect authorization server, providing secure session management and token issuance for web, mobile, and device-based applications. The platform is built to handle complex identity requirements through stateless token authentication and support for modern passwordless methods, including biometrics and hardware keys. What distinguishes this platform is its native support for multi-tenant env
PartyKit is a serverless WebSocket backend platform for building real-time multiplayer applications. It provides a globally distributed edge computing runtime that runs stateful server code close to users, with automatic scaling and hibernation for idle rooms. The platform handles WebSocket connections, HTTP requests, and durable storage without requiring infrastructure management, and includes a client and server SDK with hooks, storage, and Yjs integration for building collaborative features. The platform distinguishes itself through per-room isolation using Durable Objects, where each uniq
N-blog is a full-stack JavaScript blogging platform and content management system built with Node.js. It functions as a server-side rendered web application that renders markdown source text into HTML for publishing and displaying articles. The system includes a markdown blogging engine that enables the creation and management of posts and user comments. It features a integrated user authentication system that handles account registration, secure sign-in, and session management to protect private routes. The project covers broad capability areas including request routing and middleware pipel
udemy-dl is a Python command-line tool and web content scraper designed to download Udemy course videos, subtitles, and supplementary materials for offline personal use. It functions as a course media archiver that authenticates via user credentials or cookies to retrieve restricted media and metadata. The utility distinguishes itself through batch media retrieval, allowing the sequential download of multiple courses from a list of URLs. It provides granular control over the archive process, including the ability to filter specific chapters or lectures and export direct download links to a fi
Twikit is a Python library and API wrapper designed for interacting with X (Twitter). It simulates browser requests and mimics private network traffic to enable programmatic access to the platform without requiring an official API key. The project focuses on social media automation and data extraction, featuring tools for scraping user profiles, trending topics, and chronological tweet histories. It includes a session manager that handles user authentication, two-factor authentication, and cookie persistence to maintain active account access. The library's capabilities cover a broad range of
This project is a social blogging application built with Flask. It provides a platform for user account management, following relationships, and chronological post streams, supported by a PostgreSQL relational database. The application features a multilingual web interface with localized content and date formatting. It is designed as a dockerized web application, utilizing containerization for consistent deployment across different environments. The system integrates a variety of core capabilities, including full-text search with provider abstraction, an asynchronous task worker for backgrou
Pyrogram is an asynchronous Python framework for interacting with the Telegram MTProto API. It serves as both a bot framework and a user client library, providing a concrete implementation of the MTProto protocol for secure communication with Telegram servers. The library distinguishes itself by providing a high-level wrapper layer that abstracts complex protocol methods into Python functions, while still allowing for the execution of raw API functions and low-level peer resolution. It supports multi-client concurrency, enabling the management of several user or bot identities within a single
This project is a full stack web application template built with Flask. It provides a foundation for developing complete web applications, covering the entire pipeline from user interfaces and server-side logic to relational data management. The project implements a modular architecture using blueprints to organize views and templates into independent components. It features a session-based authentication system for managing user registration, password hashing, and secure login sessions to protect private application areas. Data persistence is handled through an object relational mapper for
Piknik is an encrypted clipboard relay and multiplexer that coordinates the sharing of text, binary data, and shell content across multiple network hosts. It utilizes a centralized relay architecture to manage secure client connections, providing an end-to-end encrypted system for synchronizing session state and data streams. The project distinguishes itself through the use of multi-stage key derivation and API key access control to secure remote shell access. It employs end-to-end encryption and digital signatures to protect relayed content, ensuring that data is encrypted at the source befo
Passport is a Node.js authentication middleware designed to manage user identities and session states within web applications. It functions as a request identity verifier that secures application routes by validating user credentials before granting access. The system utilizes a modular authentication strategy, allowing identity verification through interchangeable plugins. This architecture supports the creation of custom authentication strategies for local credentials and the integration of federated identity providers using external protocols. The framework provides capabilities for sessi
Prism Launcher is a Minecraft game launcher and instance manager designed to authenticate game accounts and start installations via a graphical interface or command line. It functions as a modpack installer that automates the setup of preconfigured modification sets from various third-party platforms. The project focuses on maintaining multiple independent game installations on a single machine, using isolated environments to ensure that different versions, mods, and save files do not conflict. It includes a Java runtime configurator to detect and assign specific system environments for compa
This project is a self-hosted web application designed to serve as a centralized platform for managing personal fitness data. It functions as a comprehensive activity logger and fitness data aggregator, allowing users to consolidate workout histories, health metrics, and training logs into a single private dashboard. The application distinguishes itself by automating the synchronization of workout records from third-party fitness services through secure authorization flows. It supports the ingestion of standardized fitness files, enabling the extraction of performance metrics and the visualiz
Inertia is a server-driven frontend framework designed to create monolithic single page applications. It acts as a state synchronization protocol and client-side routing bridge, allowing developers to build interactive experiences using modern JavaScript component libraries while keeping routing and controllers on the server. This approach eliminates the need for a separate REST or GraphQL API layer by passing data from server controllers to frontend components as props via JSON payloads. The framework distinguishes itself by utilizing adapter-based integration to link various backend environ