30 open-source projects similar to plataformatec/devise, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Devise alternative.
Devise is a flexible authentication framework for Ruby on Rails applications. It serves as a user identity management system that handles registration, sign-in, password recovery, and account confirmation. The system integrates with the Warden middleware to manage user sessions and security across various request types. The framework functions as a multi-model authentication engine, allowing for the configuration of multiple distinct user models with independent routes and access controls. It also provides a standardized interface to connect with external identity providers and third-party lo
Hanko is an open-source identity provider and customer identity and access management system. It serves as a passkey authentication service and an OAuth and SAML SSO gateway, allowing applications to authenticate users and issue tokens via standard identity protocols. The project distinguishes itself through a strong focus on passwordless access using WebAuthn-based passkeys and email-based passcodes. It provides framework-agnostic authentication interfaces as customizable web components that can be embedded directly into web applications to handle login, registration, and profile management.
Authboss is a modular HTTP authentication framework for managing user identity, session lifecycles, and password security. It provides a system of identity access middleware to control route access and synchronize user identity across requests via standard web protocols. The framework is distinguished by a pluggable architecture that allows for the registration of independent modules to extend identity logic. It utilizes a hook-based event system to execute custom business logic during authentication state changes and employs a selector-verifier token pattern to protect against timing attacks
Tinyauth is an authentication middleware service and identity provider that verifies user identities to grant system access. It operates as a standalone server or as an authentication gateway, utilizing a reverse proxy model to intercept requests and validate credentials before traffic reaches protected backend services. The project functions as an OpenID Connect provider for single sign-on experiences and an OAuth 2.0 gateway that delegates verification to external providers such as Google and GitHub. It also acts as an LDAP authentication server, allowing for centralized user management and
Authboss is a modular authentication framework designed to manage user identity and account orchestration. It provides a comprehensive system for handling user registration, email verification, and the full lifecycle of user profiles. The framework distinguishes itself through a focused suite of security and identity tools, including multi-factor authentication via time-based passwords and SMS, and identity integration with external providers using OAuth1 and OAuth2 protocols. It also includes a dedicated account security manager that implements brute-force protection through credential-based
This project is a Django library that enables web applications to authenticate users through third-party identity providers using standard protocols like OAuth and OpenID Connect. It functions as an integration layer that delegates authentication to external services, allowing users to sign in with existing accounts while maintaining a persistent link to their local application profile. The library distinguishes itself through a modular pipeline that executes a sequence of functions to validate and manage user records during the login process. It employs a strategy-based approach to encapsula
Ombi is a media request management system that coordinates content discovery between users, media servers, and download managers. It acts as a middleware layer to automate the process of requesting, approving, and acquiring movies, music, and TV shows. The project differentiates itself by acting as an integration layer that synchronizes libraries and user accounts across multiple media server instances. It features a content request orchestrator that supports voting-based automatic approval and the ability to import active requests directly from external watchlists. The platform covers a bro
Grav is a flat-file content management system that eliminates the need for a traditional database by storing site content and configuration in human-readable Markdown and YAML files. Built as a modular PHP web framework, it uses a hierarchical page routing system where the physical directory structure directly determines the site's URL paths. The platform is distinguished by its event-driven plugin architecture and a command-line interface that prioritizes system administration, deployment, and maintenance tasks. It utilizes a blueprint-driven system to generate administrative forms from stru
React-admin is a framework for building data-driven administrative interfaces that connect to REST or GraphQL backends. It provides a comprehensive suite of tools for managing the full lifecycle of administrative applications, including resource-oriented routing, declarative form scaffolding, and context-driven state management. By utilizing a modular adapter-based architecture, the framework abstracts backend communication, allowing developers to build consistent CRUD interfaces that handle data fetching, authentication, and synchronization automatically. The project distinguishes itself thr
DataEase is an open-source, self-hosted business intelligence platform designed for building interactive data visualizations and managing analytical reporting. It provides a centralized environment where users can construct dashboards through a drag-and-drop interface, connecting to diverse data sources including relational databases, data warehouses, and external APIs. The platform distinguishes itself through its focus on embedded analytics and enterprise-grade governance. It allows for the seamless integration of charts, dashboards, and management modules into third-party web applications
django-allauth is a comprehensive authentication framework for Django applications that manages user registration, account ownership verification, and secure login processes. It provides a system for handling the entire user account lifecycle, including the ability to define custom signup fields and implement identity verification. The project distinguishes itself by providing a suite of OAuth and SAML integrations for social account authentication and the capability to act as an OpenID Connect identity provider. It further supports decoupled architectures through a token-based headless authe
JustAuth is an OAuth 2.0 authentication library designed to integrate multiple third-party login providers into a single interface. It abstracts various social login APIs and identity services, allowing applications to manage authentication using the OAuth 2.0 and OIDC protocols. The project provides a multi-provider identity integrator that replaces the need for individual vendor software development kits. It includes a toolkit for defining custom authentication platforms and proprietary identity services by specifying custom OAuth protocols and endpoints. The library manages the full authe
This project is a reference implementation and boilerplate for managing user authentication and session state within the Next.js framework. It serves as a practical example of how to integrate NextAuth.js to protect routes and handle identity verification. The repository demonstrates several authentication workflows, including OAuth identity integration with third-party providers, passwordless authentication using email magic links, and traditional credentials-based sign-in. It specifically showcases how to replace default authentication screens with custom branded sign-in pages. The impleme
This project is an open-source identity provider and single sign-on platform that centralizes user authentication for multiple web applications and services. It functions as a multi-protocol authentication gateway, verifying user identities and issuing tokens through the CAS protocol as well as industry standards including SAML, OAuth2, and OpenID Connect. The system acts as a federated identity server, allowing authentication to be delegated to external third-party or corporate identity providers. It distinguishes itself through identity attribute governance, which manages which specific use
This project is a production-ready boilerplate designed for building subscription-based web applications. It provides a foundational framework for managing user identity, persistent relational data, and recurring billing cycles within a unified development environment. The platform distinguishes itself by integrating secure authentication workflows with automated subscription management. It utilizes a schema-first approach to database interactions, ensuring data consistency through type-safe queries and versioned migrations. By incorporating native support for payment provider APIs, the syste
SuperTokens Core is an open-source, self-hosted authentication and identity management platform designed for deployment within private infrastructure. It provides a comprehensive suite for managing user accounts, roles, and secure authentication flows, utilizing a modular, recipe-based architecture that allows developers to enable specific security features without modifying the core codebase. The platform distinguishes itself through its robust multi-tenancy capabilities, which allow for the logical or physical isolation of user records and configuration settings across different organizatio
Higress is an AI API gateway and cloud-native traffic manager that functions as a Kubernetes ingress controller. It provides a centralized system for routing, securing, and optimizing traffic directed toward large language models, AI agents, and microservice architectures. The project distinguishes itself through deep AI orchestration, including the ability to host and manage Model Context Protocol servers that transform REST APIs into tools for AI agents. It features specialized AI infrastructure for model request proxying, protocol translation across multiple providers, and semantic-based c
Kanboard is a self-hosted Kanban project management tool and productivity suite designed for tracking software tasks and team collaboration. It provides a visual system for managing workflows through the use of boards, columns, and cards. The project features an extensible plugin framework and a comprehensive API for programmatic task and project administration. It includes specialized identity management through LDAP integration, allowing for the synchronization of user accounts and group permissions from directory servers. The system covers a wide range of capabilities, including event-dri
Revel is a full-stack web framework and toolkit for building applications with the Go language. It implements a model-view-controller architecture to separate business logic from user interface rendering, providing a comprehensive system for routing, parameter binding, and session management. The project distinguishes itself with a high-productivity development environment featuring automatic code compilation and hot-reloading, which refreshes the application state and templates upon file changes without requiring manual restarts. It also employs reflection-based parameter binding to automati
PeerTube is a decentralized, open-source video hosting platform that enables users to operate independent, interoperable servers. By utilizing the ActivityPub protocol, it connects these servers into a global, federated network where users can follow channels, discover content, and interact across different instances. The platform is designed to function as a self-hosted video content management system, providing a community-driven alternative to centralized media services. What distinguishes PeerTube is its hybrid approach to content delivery and infrastructure management. It integrates peer
TastyIgniter is a comprehensive restaurant management system and digital ordering engine. Built as a modular application framework, it provides the tools necessary to operate online food ordering, table reservation systems, and multi-vendor e-commerce platforms. The platform is designed to handle complex restaurant operations, including multi-location networking and multi-vendor marketplace management. It distinguishes itself through specialized restaurant automation, such as coordinating guest limits and time slots for bookings, managing ingredient and allergen catalogs, and implementing mul
Payload is a headless content management system and application framework that uses a code-first approach to define data schemas and administrative interfaces. By utilizing a centralized, type-safe configuration object, it automatically generates database schemas, API endpoints, and a fully customizable admin panel. The system is built on a database-agnostic architecture, allowing it to interface with various storage engines while providing a unified, type-safe API for server-side operations, REST, and GraphQL. What distinguishes Payload is its deep extensibility and developer-centric design.
Mealie is a self-hosted recipe management platform designed for personal data ownership and household meal planning. It functions as a digital kitchen assistant that allows users to import, organize, and digitize culinary content from websites, images, and videos into a structured, searchable database. The application supports multi-user collaboration through household management, enabling shared access to recipes and meal plans while maintaining distinct permissions. The platform distinguishes itself through extensive automation and integration capabilities. It features a programmatic interf
Rails Admin is a web-based management dashboard and Active Record model manager for Ruby on Rails applications. It provides a graphical user interface for creating, reading, updating, and deleting database records, serving as a secure back office for database content management and administrative data auditing. The project distinguishes itself through a reflection-based schema mapping system that automatically generates CRUD interfaces from database metadata. It includes specialized tools for data versioning and change auditing to track administrative activity, as well as utilities for import
Diaspora is a federated social networking platform that allows users to run and manage self-hosted community servers, known as pods. It operates as a distributed network where independent server nodes exchange content and users using open protocols and standardized communication schemas. The platform is distinguished by its focus on decentralized identity management and privacy-preserving communication. It includes a privacy-focused media proxy that routes external assets through a local server to protect user identity and supports cross-instance account migration, allowing users to move thei
Vapor is a comprehensive server-side web framework designed for building scalable, high-performance applications and APIs in Swift. It provides a non-blocking, event-loop-based runtime that manages concurrent task processing, background job queues, and asynchronous request handling. The framework is built around a dependency injection container that manages the lifecycle and resolution of services, configurations, and database connections throughout the request pipeline. The framework distinguishes itself through a protocol-oriented design that emphasizes type safety across all layers of the
Komga is a self-hosted digital comics and eBook server that organizes, serves, and streams CBZ, CBR, PDF, and EPUB files through a web interface. Built as a Java Spring Boot application with SQLite-based metadata storage, it provides multi-user access controls with individual reading progress tracking and supports the OPDS protocol for compatibility with third-party reader applications. The server distinguishes itself through comprehensive authentication options, including OAuth2 and OpenID Connect support with automatic account creation and email verification, alongside traditional cookie an
Satellizer is an authentication library for AngularJS applications designed to manage user sign-in and session persistence using security tokens. It functions as a client-side implementation for exchanging credentials for tokens and attaching authorization headers to network requests. The library handles identity integration through a token manager that supports both email-based authentication and external OAuth providers. It enables the authorization of users via third-party services using secure popup windows and allows for linking or unlinking external accounts to a user profile. The proj
all-in-one is a containerized deployment system designed to install and manage a complete suite of productivity and collaboration services. It functions as a cloud suite deployer that orchestrates the installation of a self-hosted content platform, incorporating necessary dependencies via Docker or Kubernetes. The project distinguishes itself by providing a web-based dashboard for orchestrating, updating, and monitoring the lifecycle of service containers. It also serves as a local AI inference server, enabling the execution of generative text models, image diffusion, and speech processing on
GoTrue is a JWT identity provider and user management API. It functions as an OAuth 2.0 compliant server that handles user registration and authentication while issuing signed JSON Web Tokens to control access to protected API resources. The service integrates external identity providers to allow users to sign in using third-party accounts. It also includes an SMTP notification service for delivering password resets, signup confirmations, and account recovery emails. The system covers broader capabilities for user account management, including the ability to update user profiles and manage c