awesome-repositories.com
Blog
awesome-repositories.com

Descoperă cele mai bune repository-uri open source cu căutare AI.

ExploreazăCăutări recomandateAlternative open-sourceSoftware self-hostedBlogHartă site
ProiectDespreCum realizăm clasamentulPresăServer MCP
LegalConfidențialitateTermeni
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
volatiletech avatar

volatiletech/authboss

0
View on GitHub↗
4,189 stele·222 fork-uri·Go·MIT·2 vizualizări

Authboss

Authboss este un framework de autentificare modular conceput pentru a gestiona identitatea utilizatorului și orchestrarea conturilor. Oferă un sistem cuprinzător pentru gestionarea înregistrării utilizatorilor, verificarea prin e-mail și întregul ciclu de viață al profilurilor de utilizator.

Framework-ul se distinge printr-o suită focalizată de instrumente de securitate și identitate, inclusiv autentificarea multi-factor prin parole bazate pe timp și SMS, și integrarea identității cu furnizori externi folosind protocoalele OAuth1 și OAuth2. Include, de asemenea, un manager dedicat de securitate a contului care implementează protecția împotriva atacurilor de tip brute-force prin blocarea contului bazată pe credențiale și hashing-ul adaptiv al parolelor.

În linii mari, proiectul acoperă gestionarea ciclului de viață al sesiunii, inclusiv cookie-uri de autentificare persistente și timeout-uri de inactivitate, precum și fluxuri de recuperare a contului pentru parole uitate. De asemenea, oferă middleware de cerere pentru controlul accesului la rute și suportă randarea vizualizărilor de autentificare în HTML sau JSON.

Features

  • User Account Management - Manages the full lifecycle of user profiles, from registration and email verification to password resets.
  • Server-Side Session Storages - Stores and retrieves user identity state across requests using server-side storage and secure cookies.
  • Account Brute-Force Protection - Implements brute-force protection by tracking failed attempts and locking accounts in the database.
  • Account Recovery - Provides a secure flow for users to reset forgotten passwords via email verification tokens.
  • Email Verification Flows - Generates secure, short-lived hashes sent via email to verify account ownership during registration and resets.
  • OAuth and Identity Providers - Delegates user authentication to external identity services using OAuth1 and OAuth2 protocols.
  • Email Verifications - Prevents login attempts until users confirm their email addresses to prove account ownership.
  • Identity Authentication - Provides a modular framework for configuring session-based authentication and identity management tailored to project needs.
  • User Identity Verification - Verifies user identities through external providers using standard token-based authentication protocols.
  • Account Registrations - Handles the full account creation process, including the setup of user identities and optional email verification.
  • OAuth1 Implementations - Verifies user identities through external providers using the OAuth1 token protocol.
  • OAuth2 Implementations - Verifies user identities through external providers using the OAuth2 token protocol.
  • Multi-Factor Authentication - Provides a complete multi-factor authentication suite including SMS and TOTP verification.
  • OAuth Provider Integrations - Provides seamless integration with external identity providers like Google and GitHub via OAuth protocols.
  • OAuth Flow Implementations - Implements a standardized sequence of redirects and callback handlers for external identity provider authentication.
  • OAuth2 Integration - Implements secure user authorization and single sign-on via OAuth2 provider integration.
  • One-Time Passwords - Provides a second security layer by validating time-based numeric codes against a shared secret.
  • Middleware Route Filters - Uses request middleware to verify session states and block unauthenticated users from protected routes.
  • Session-Cookie Persistences - Uses persistent cookies and tokens to maintain authenticated sessions across different browser restarts.
  • Session Lifecycle Management - Manages the full session lifecycle, including persistent cookies and inactivity timeouts.
  • Inactivity Session Termination - Automatically terminates user sessions after a configured period of inactivity by monitoring activity timestamps.
  • User Session Termination - Implements mechanisms to explicitly destroy active user sessions for both standard and OAuth2 authentication flows.
  • Session Persistence - Maintains user identity across requests using unique identifiers stored in cookies and server-side storage.
  • Two-Factor Authentication - Adds a second security layer using time-based passwords, SMS codes, or recovery codes.
  • TOTP Enforcers - Enforces a second security layer during login using TOTP authenticator apps or SMS verification.
  • Brute Force Protection - Locks user accounts after repeated failed authentication attempts to stop brute-force attacks.
  • Password Resets - Provides a secure password recovery flow driven by email-based verification tokens.
  • Credential Authentications - Verifies user identities by checking provided passwords against stored records to grant session access.
  • User Registrations - Create new user accounts while preserving input data during validation failures.
  • Session Expiration Policies - Invalidates active login sessions after a set period to force user re-authentication.
  • Authentication Frameworks - Provides a modular PHP-based framework for handling user registration, password resets, and session management.
  • Account Locking - Block account access after repeated failed authentication attempts to prevent unauthorized entry.
  • Adaptive Hashing Costs - Automatically updates password hashes during login to increase computational complexity as hardware improves.
  • Logic Customizers - Offers programmable extensions to customize authentication routing, error handling, and response rendering.
  • Route-Based Access Restrictions - Provides request middleware to block unauthenticated or locked users from accessing specific routes.
  • Session State Persistence - Maintains authenticated user identities across browser restarts using secure long-term tokens.
  • Remember-Me Persistence - Uses persistent cookies to maintain authentication across different browser sessions.
  • Backup Code Management - Generates and validates one-time backup recovery codes for account access when second-factor methods are unavailable.
  • Account Security Policies - Enforces security policies including account locking and adaptive password hashing.
  • Password Changes - Enables updating user passwords while simultaneously adjusting cryptographic hashing costs and invalidating remember-me tokens.
  • Authentication and Authorization - Modular web authentication system.
  • Security & Privacy - Modular authentication system for web applications.

Istoric stele

Graficul istoricului de stele pentru volatiletech/authbossGraficul istoricului de stele pentru volatiletech/authboss

Căutare AI

Explorează mai multe repository-uri excelente

Descrie ce ai nevoie în limbaj simplu — AI-ul sortează mii de proiecte open source selectate în funcție de relevanță.

Start searching with AI

Întrebări frecvente

Ce face volatiletech/authboss?

Authboss este un framework de autentificare modular conceput pentru a gestiona identitatea utilizatorului și orchestrarea conturilor. Oferă un sistem cuprinzător pentru gestionarea înregistrării utilizatorilor, verificarea prin e-mail și întregul ciclu de viață al profilurilor de utilizator.

Care sunt principalele funcționalități ale volatiletech/authboss?

Principalele funcționalități ale volatiletech/authboss sunt: User Account Management, Server-Side Session Storages, Account Brute-Force Protection, Account Recovery, Email Verification Flows, OAuth and Identity Providers, Email Verifications, Identity Authentication.

Care sunt câteva alternative open-source pentru volatiletech/authboss?

Alternativele open-source pentru volatiletech/authboss includ: aarondl/authboss — Authboss is a modular HTTP authentication framework for managing user identity, session lifecycles, and password… teamhanko/hanko — Hanko is an open-source identity provider and customer identity and access management system. It serves as a passkey… laravel/jetstream — Jetstream is an application scaffold for Laravel that provides a pre-built identity system and team collaboration… quantumnous/new-api — This project is an AI model API gateway and proxy server designed to provide a unified interface for interacting with… nextauthjs/next-auth-example — This project is a reference implementation and boilerplate for managing user authentication and session state within… lucia-auth/lucia — Lucia is an authentication library that provides session management, OAuth integration, and password-based login for…

Alternative open-source pentru Authboss

Proiecte open-source similare, clasificate după numărul de funcționalități comune cu Authboss.
  • aarondl/authbossAvatar aarondl

    aarondl/authboss

    4,189Vezi pe GitHub↗

    Authboss is a modular HTTP authentication framework for managing user identity, session lifecycles, and password security. It provides a system of identity access middleware to control route access and synchronize user identity across requests via standard web protocols. The framework is distinguished by a pluggable architecture that allows for the registration of independent modules to extend identity logic. It utilizes a hook-based event system to execute custom business logic during authentication state changes and employs a selector-verifier token pattern to protect against timing attacks

    Go
    Vezi pe GitHub↗4,189
  • teamhanko/hankoAvatar teamhanko

    teamhanko/hanko

    8,801Vezi pe GitHub↗

    Hanko is an open-source identity provider and customer identity and access management system. It serves as a passkey authentication service and an OAuth and SAML SSO gateway, allowing applications to authenticate users and issue tokens via standard identity protocols. The project distinguishes itself through a strong focus on passwordless access using WebAuthn-based passkeys and email-based passcodes. It provides framework-agnostic authentication interfaces as customizable web components that can be embedded directly into web applications to handle login, registration, and profile management.

    Go2faauthenticationciam
    Vezi pe GitHub↗8,801
  • laravel/jetstreamAvatar laravel

    laravel/jetstream

    4,060Vezi pe GitHub↗

    Jetstream is an application scaffold for Laravel that provides a pre-built identity system and team collaboration framework. It serves as a starter kit that integrates user authentication, profile management, and organizational tools into a unified project structure. The project is distinguished by its comprehensive team management capabilities, which include shared workspace organization, member invitation workflows, and role-based access control. It also features an integrated API token manager for issuing and controlling secure access tokens for external clients. The platform covers a bro

    PHPauthlaraveltailwind
    Vezi pe GitHub↗4,060
  • quantumnous/new-apiAvatar QuantumNous

    QuantumNous/new-api

    39,722Vezi pe GitHub↗

    This project is an AI model API gateway and proxy server designed to provide a unified interface for interacting with diverse artificial intelligence service providers. It functions as a centralized middleware platform that routes, load balances, and translates API requests across multiple models, enabling developers to access text, image, audio, and video generation capabilities through a single, standardized integration. The gateway distinguishes itself through comprehensive administrative and financial controls, including event-driven usage accounting, real-time token consumption tracking,

    Goai-gatewayclaudedeepseek
    Vezi pe GitHub↗39,722
Vezi toate cele 30 alternative pentru Authboss→