14 repository-uri
Comprehensive frameworks for managing user identity, registration, and secure access control.
Distinguishing note: Covers the full-stack authentication system rather than specific sub-components like social login or session tracking.
Explore 14 awesome GitHub repositories matching security & cryptography · Authentication Systems. Refine with filters or upvote what's useful.
This project is a Node.js web application boilerplate designed to accelerate development by providing a pre-configured foundation with integrated routing, templating, and developer tooling. It serves as a comprehensive starter kit that includes a full-stack authentication system, a payment integration starter, and an LLM agent framework. The framework distinguishes itself with specialized tools for AI development, including a retrieval-augmented generation implementation kit with vector search and semantic caching. It enables the creation of reasoning agents featuring tool-calling loops and r
Ships a comprehensive security layer for identity management, social logins, and token revocation.
This project is a modular authentication framework designed to manage user identity, session tracking, and access control across web applications. It provides a unified solution for handling email-based credentials and social identity federation, allowing developers to implement secure login and registration flows that maintain consistent user states across client and server environments. The system utilizes a plugin-based architecture and middleware-driven request interception to allow for the extension of core authentication logic. It features type-safe schema generation, which derives data
Implementing secure user login and registration flows that handle credentials, session management, and account state across your entire application.
NetBird is a zero-trust networking platform that builds secure, encrypted peer-to-peer overlay networks using the WireGuard protocol. It functions as a software-defined perimeter, connecting distributed infrastructure across cloud environments and physical locations while hiding network resources from the public internet. By integrating with external identity providers, the platform enforces granular access control and identity-based segmentation for every user and device. The platform distinguishes itself through extensive automation and programmatic management capabilities. It provides a ce
Allows multiple concurrent authentication options for a single service to support diverse user groups.
Devise is a comprehensive identity management system and authentication framework for Ruby on Rails applications. It provides a complete set of tools for managing user registration, secure sign-in, and session handling using a modular strategy pattern. The framework distinguishes itself by offering a suite of security hardening features, including brute force protection through account locking and secure password recovery workflows. It also functions as an integrator for external identity providers and third-party authentication via standardized protocols. Broad capabilities cover the full u
Tracks authentication states for different user roles or models simultaneously.
Mastra is an orchestration framework designed for building, deploying, and managing autonomous AI agents and multi-agent systems. It provides a comprehensive suite of primitives for creating resilient AI applications, including durable workflow orchestration, event-driven agent loops, and semantic memory management. By integrating these core components, the platform enables developers to build complex, multi-step processes that can reason about goals and execute tasks without manual intervention. The framework distinguishes itself through its focus on observability and secure, isolated execut
Supports enabling multiple authentication options simultaneously to facilitate secure migration between models.
NATS Server is a high-performance, lightweight messaging system designed for cloud-native applications, edge computing, and distributed microservices. It functions as a distributed publish-subscribe broker that routes messages using hierarchical, dot-separated subject strings, enabling decoupled communication between services without requiring centralized broker lookups. The system supports core messaging patterns including asynchronous publish-subscribe, request-reply, and load-balanced queue processing. The platform distinguishes itself through a decentralized architecture that eliminates t
Supports simultaneous use of static key-based credentials and decentralized token-based identity systems.
This project is a high-performance, distributed API gateway designed to manage, secure, and observe traffic for microservices, serverless functions, and artificial intelligence model providers. It functions as a dynamic service proxy and cloud-native ingress controller, centralizing policy enforcement and traffic routing through a unified configuration interface that synchronizes state across multiple nodes in real time. The platform distinguishes itself through a highly extensible architecture that utilizes a high-performance scripting engine to execute modular logic directly within the requ
Applies multiple authentication strategies to a single route to support complex migration paths or diverse client requirements.
The Google API Node.js client is a development kit designed for integrating Google Cloud services into server-side JavaScript applications. It provides generated interfaces that map application calls to remote service endpoints, enabling developers to execute requests and interact with cloud resources through a unified library. The library distinguishes itself through a modular architecture that allows developers to install specific service submodules individually, which optimizes application bundle sizes and improves startup performance. It also features automated OAuth2 token lifecycle mana
Supports multiple security protocols to ensure consistent access control across diverse runtime environments.
Kotatsu is an open-source manga reader for Android that functions as a content aggregator, offline reader, and progress tracker. It allows users to search for and stream manga from various online catalogues and external web sources, while also providing a local file viewer for reading downloaded content or archives without an internet connection. The application synchronizes reading history and bookmarks across multiple devices via shared accounts and integrates with external tracking services to maintain progress. It uses an extension-based system to scrape metadata and chapters from externa
Integrates with native operating system authentication APIs to provide biometric and password-based application locking.
Meet Genius
Implements user authentication with NextAuth.js, managing sessions and OAuth logins via middleware.
Kanidm is a centralized identity management server designed to handle authentication, authorization, and directory services across distributed infrastructure. It provides a comprehensive framework for managing human and service accounts, utilizing a schema-driven database to store identity records, group memberships, and system attributes. The platform supports a wide range of authentication methods, including passkeys, passwords, and standard protocols like OAuth2, OIDC, LDAP, and RADIUS. The system distinguishes itself through a granular access control engine that enforces security policies
Connects with host operating systems to verify user credentials and resolve identities through standard system-level authentication stacks.
This project is a reference implementation and boilerplate for managing user authentication and session state within the Next.js framework. It serves as a practical example of how to integrate NextAuth.js to protect routes and handle identity verification. The repository demonstrates several authentication workflows, including OAuth identity integration with third-party providers, passwordless authentication using email magic links, and traditional credentials-based sign-in. It specifically showcases how to replace default authentication screens with custom branded sign-in pages. The impleme
Provides a practical reference project for integrating NextAuth.js for session management and OAuth logins.
Big Capital is a cloud accounting management system designed to track assets, liabilities, and equity through a digital ledger. It provides a multi-tenant organizational framework that supports multi-branch tracking and regional currency settings. The system distinguishes itself through integrated bank feed management, utilizing secure token exchanges and webhook processing for automated transaction synchronization and rule-based categorization. It also features a multi-currency ledger that handles base currency conversions and specific currency codes. The platform covers comprehensive finan
Fetches current system settings required for the login and signup process.
Nifty Generators is a development productivity tool designed to standardize project architecture and accelerate the creation of common application features within Ruby on Rails environments. It functions as a library of command-line scripts that automate the bootstrapping of boilerplate code, configuration files, and standard controller logic for new web projects. The tool distinguishes itself by providing automated scaffolding for core application components, including secure user authentication flows, base visual layouts, and application configuration settings. By adhering to convention-ove
Automates the setup of secure user registration, login, and password reset flows for web applications.