awesome-repositories.com
博客
awesome-repositories.com

通过 AI 驱动的搜索,发现最优秀的开源仓库。

探索精选搜索开源替代品自托管软件博客网站地图
项目关于排名机制媒体报道MCP 服务器
法律隐私政策服务条款
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

41 个仓库

Awesome GitHub RepositoriesAuthentication Flows

Standardized protocols for verifying user identity and authorizing secure access.

Distinguishing note: Focuses on the implementation of secure authorization flows rather than general authentication.

Explore 41 awesome GitHub repositories matching security & cryptography · Authentication Flows. Refine with filters or upvote what's useful.

Awesome Authentication Flows GitHub Repositories

用 AI 发现最棒的仓库。我们将通过 AI 为您搜索最匹配的仓库。
  • heyputer/puterHeyPuter 的头像

    HeyPuter/puter

    42,318在 GitHub 上查看↗

    Puter is a browser-based desktop environment and cloud-native development platform that provides a virtualized graphical workspace. It enables developers to build and deploy full-stack web applications by integrating cloud storage, authentication, and serverless backend logic directly into the browser, eliminating the need for traditional server infrastructure. The platform distinguishes itself through a unified cloud storage layer and a distributed network runtime that facilitates peer-to-peer communication and cross-origin resource fetching. It features a sophisticated cross-window orchestr

    Authenticates users automatically when cloud services are accessed, prompting for sign-in only when necessary.

    TypeScriptcloudcloud-oscloud-storage
    在 GitHub 上查看↗42,318
  • googleworkspace/cligoogleworkspace 的头像

    googleworkspace/cli

    27,096在 GitHub 上查看↗

    The Google Workspace CLI is a command-line interface and Google API client designed to automate tasks across Google Workspace services. It functions as a cloud productivity automator that uses the Google Discovery Service to dynamically generate command structures and parameter requirements at runtime. The project distinguishes itself by providing a specialized AI agent toolset, exposing a server over standard input and output to provide structured tool definitions and skills for AI clients. It includes security layers for AI content sanitization to protect against prompt injection and utiliz

    Provides interactive browser login flows and manual secret configuration to authorize API access.

    Rustagent-skillsai-agentautomation
    在 GitHub 上查看↗27,096
  • prefecthq/fastmcpPrefectHQ 的头像

    PrefectHQ/fastmcp

    22,994在 GitHub 上查看↗

    FastMCP is a Python framework designed for building servers that expose functions, resources, and prompts to AI models using the Model Context Protocol. It simplifies the development process by automatically deriving tool metadata, input schemas, and documentation directly from Python function signatures and type hints. The framework provides a unified container for managing these components, allowing developers to build modular applications that integrate seamlessly with AI assistants. The project distinguishes itself through its support for interactive, server-defined user interface compone

    Bypasses browser-based authentication by programmatically performing handshakes for automated testing.

    Pythonagentsfastmcpllms
    在 GitHub 上查看↗22,994
  • xiaojieonly/ehviewer_cn_sxjxiaojieonly 的头像

    xiaojieonly/Ehviewer_CN_SXJ

    22,475在 GitHub 上查看↗

    EhviewerCNSXJ is a specialized Android client designed for browsing, searching, and downloading image galleries from remote content platforms. It functions as a third-party interface that enables users to access external media collections through a native mobile experience, complete with persistent session management and offline viewing capabilities. The application distinguishes itself through integrated network configuration tools that allow users to bypass regional restrictions by customizing DNS and security protocols directly within the client. It also provides advanced content discove

    Verifies user identity through a browser-based login flow to grant access to protected account features and personalized content.

    Candroidapkc
    在 GitHub 上查看↗22,475
  • goauthentik/authentikgoauthentik 的头像

    goauthentik/authentik

    22,035在 GitHub 上查看↗

    Authentik is a centralized identity and access management platform designed to serve as a unified authentication authority. It enables enterprise single sign-on across diverse applications and services, providing a cloud-native identity provider that manages user sessions and security protocols from a single location. The platform distinguishes itself through a policy-driven flow engine and a visual orchestration interface. This allows administrators to design complex, custom authentication workflows by chaining modular verification stages and conditional logic. These workflows can be further

    Creates custom login processes by chaining verification stages into visual workflows that control user interaction.

    Pythonauthenticationauthentikauthorization
    在 GitHub 上查看↗22,035
  • skyvern-ai/skyvernSkyvern-AI 的头像

    Skyvern-AI/skyvern

    21,918在 GitHub 上查看↗

    Skyvern is an autonomous web navigation agent and browser-based workflow orchestrator that uses large language models to execute multi-step tasks on websites. By translating natural language instructions into actionable browser commands, the framework enables the automation of complex user workflows, including data extraction and interface interaction, without manual intervention. The platform distinguishes itself through a focus on secure, self-hosted infrastructure and stealth-oriented execution. It utilizes containerized browser isolation to maintain consistent environments and employs pro

    Handles complex login flows and multi-factor authentication requirements during automated web interactions.

    Pythonaiapiautomation
    在 GitHub 上查看↗21,918
  • gentilkiwi/mimikatzgentilkiwi 的头像

    gentilkiwi/mimikatz

    21,630在 GitHub 上查看↗

    Mimikatz is a security research suite designed for auditing Windows authentication and managing system security configurations. It provides a comprehensive framework for extracting sensitive credentials, manipulating process privileges, and managing digital identity assets directly from system memory or offline memory dumps. The project distinguishes itself through advanced system-level exploitation techniques, including runtime process injection, API hooking, and the ability to bypass cryptographic export restrictions. It features a specialized toolkit for Kerberos protocol operations, allow

    Hooks into authentication processes to capture credentials or bypass security checks by modifying memory structures.

    C
    在 GitHub 上查看↗21,630
  • decaporg/decap-cmsdecaporg 的头像

    decaporg/decap-cms

    18,943在 GitHub 上查看↗

    Decap CMS is a headless, Git-based content management system designed to provide a visual editing interface for static site workflows. By decoupling the administrative dashboard from the frontend, it allows users to manage content stored directly in version control repositories as structured data. The system maps visual form inputs to repository files, enabling non-technical contributors to update content without requiring direct code changes. The platform distinguishes itself through its Git-centric automation, which handles content lifecycles by creating commits, branches, and pull requests

    Enforces proof keys during the authentication handshake to secure identity provider interactions.

    JavaScriptcmscontent-management-systemdecap-cms
    在 GitHub 上查看↗18,943
  • elysiajs/elysiaelysiajs 的头像

    elysiajs/elysia

    18,531在 GitHub 上查看↗

    Elysia is a high-performance TypeScript web framework designed for building type-safe backend services. It provides a modular, plugin-based architecture that allows developers to compose server logic, middleware, and validation schemas into scalable application instances. By leveraging native web standards, the framework ensures portability across diverse JavaScript runtimes, including Node.js, Deno, and various edge computing environments. The framework distinguishes itself through its focus on end-to-end type safety, automatically synchronizing request and response definitions between the s

    Implements secure authentication flows using standard protocols like JWT and OAuth for endpoint protection.

    TypeScriptbunframeworkhttp
    在 GitHub 上查看↗18,531
  • wasp-lang/waspwasp-lang 的头像

    wasp-lang/wasp

    18,146在 GitHub 上查看↗

    Wasp is a declarative full-stack web framework that enables developers to build and deploy applications by defining their architecture in a centralized configuration. By using a high-level specification, the framework automates the orchestration of frontend, backend, and database components, ensuring that infrastructure concerns like routing, authentication, and data modeling are handled consistently across the entire stack. The framework distinguishes itself through its compiler-driven approach, which translates declarative configurations into cohesive, production-ready codebases. It provide

    Supports user authentication across the entire application stack using social providers and email-password combinations.

    TypeScripthaskelljavascriptnode
    在 GitHub 上查看↗18,146
  • langchain-ai/langchainjslangchain-ai 的头像

    langchain-ai/langchainjs

    17,818在 GitHub 上查看↗

    LangChain.js is a framework for building, executing, and monitoring stateful agentic applications. It provides an orchestration engine that models workflows as directed graphs, allowing developers to connect language models, data sources, and external tools into modular, multi-step processes. The platform distinguishes itself through its focus on stateful execution and human-in-the-loop control. It manages agent lifecycles by persisting execution state across threads, enabling fault tolerance and the ability to pause workflows at designated breakpoints for manual review or modification. This

    Synchronizes authentication state by pausing execution until OAuth flows complete.

    TypeScript
    在 GitHub 上查看↗17,818
  • tinygo-org/tinygotinygo-org 的头像

    tinygo-org/tinygo

    17,529在 GitHub 上查看↗

    TinyGo is a specialized compiler and development toolkit designed to bring the Go programming language to resource-constrained microcontrollers and WebAssembly environments. It provides a bare-metal runtime environment that enables high-level code execution without the need for a traditional operating system, utilizing an LLVM-based backend to generate efficient machine instructions. The project distinguishes itself through aggressive optimization techniques tailored for small hardware, including a static memory allocation strategy and whole-program dead code elimination that significantly re

    Controls custom hardware state machines using dedicated programmable blocks for specialized timing and communication.

    Goadafruitarduinoarm
    在 GitHub 上查看↗17,529
  • quarkusio/quarkusquarkusio 的头像

    quarkusio/quarkus

    15,479在 GitHub 上查看↗

    Quarkus is a Kubernetes-native Java framework designed for building high-performance, memory-efficient applications. It utilizes ahead-of-time native compilation to transform Java code into standalone, optimized binaries that eliminate the need for a virtual machine, enabling rapid startup and reduced memory consumption. By performing code augmentation during the build phase, it shifts heavy processing tasks away from runtime, ensuring that applications are optimized for cloud-native environments. The framework distinguishes itself through a unified approach to reactive and imperative program

    Protects web applications by delegating authentication to OIDC providers using the authorization code flow.

    Javacloud-nativehacktoberfestjava
    在 GitHub 上查看↗15,479
  • ionic-team/capacitorionic-team 的头像

    ionic-team/capacitor

    15,054在 GitHub 上查看↗

    Capacitor is a cross-platform mobile framework that enables developers to build native applications using web technologies. It functions as a hybrid app container, wrapping web assets within a native runtime that provides a standardized bridge to device hardware and system-level services. By exposing native functionality through a plugin-based architecture, it allows web applications to access platform-specific features while maintaining a consistent interface across mobile and desktop environments. The project distinguishes itself by maintaining native project files as source assets, allowin

    Requires proof keys during authentication flows to prevent token interception via custom URL schemes.

    TypeScriptandroidcapacitorcordova
    在 GitHub 上查看↗15,054
  • supertokens/supertokens-coresupertokens 的头像

    supertokens/supertokens-core

    14,922在 GitHub 上查看↗

    SuperTokens Core is an open-source, self-hosted authentication and identity management platform designed for deployment within private infrastructure. It provides a comprehensive suite for managing user accounts, roles, and secure authentication flows, utilizing a modular, recipe-based architecture that allows developers to enable specific security features without modifying the core codebase. The platform distinguishes itself through its robust multi-tenancy capabilities, which allow for the logical or physical isolation of user records and configuration settings across different organizatio

    Executes core sign-up and sign-in flows by managing user credential submission and validation.

    Javaauth0authenticationaws-cognito
    在 GitHub 上查看↗14,922
  • ory/kratosory 的头像

    ory/kratos

    13,455在 GitHub 上查看↗

    Kratos is a centralized identity and access management server designed to handle user registration, authentication, and profile management. It functions as an identity flow orchestrator, managing the state and security of authentication processes across web, mobile, and command-line interfaces. The system provides a standards-compliant authorization server that issues tokens and manages delegated access for third-party applications and internal services, supporting multi-factor authentication and custom identity schemas to secure user accounts. The project distinguishes itself through a headl

    Supports headless authentication workflows via JSON APIs for flexible integration across web, mobile, and desktop platforms.

    Gohacktoberfestidentityidentity-management
    在 GitHub 上查看↗13,455
  • zitadel/zitadelzitadel 的头像

    zitadel/zitadel

    13,029在 GitHub 上查看↗

    This project is a cloud-native identity and access management platform designed to centralize authentication, authorization, and identity lifecycle management. It functions as a standards-compliant OpenID Connect authorization server, providing secure session management and token issuance for web, mobile, and device-based applications. The platform is built to handle complex identity requirements through stateless token authentication and support for modern passwordless methods, including biometrics and hardware keys. What distinguishes this platform is its native support for multi-tenant env

    Allows developers to inject custom logic and external data into login flows using event-driven scripts.

    Go2faauthenticationauthorization
    在 GitHub 上查看↗13,029
  • graphile/crystalgraphile 的头像

    graphile/crystal

    12,931在 GitHub 上查看↗

    🔮 Graphile's Crystal Monorepo; home to Grafast, PostGraphile, pg-introspection, pg-sql2 and much more!

    Add custom resolvers, types, and business logic while keeping the schema structure intact.

    TypeScriptapiautomatic-apiexpress
    在 GitHub 上查看↗12,931
  • googleapis/google-api-php-clientgoogleapis 的头像

    googleapis/google-api-php-client

    9,795在 GitHub 上查看↗

    The Google API PHP Client Library is a development kit for interacting with Google Cloud services and APIs. It provides standardized service interfaces to retrieve and manipulate data, serving as a comprehensive SDK for executing network requests across Google cloud platforms. The library features a specialized authentication handler for OAuth 2.0, managing authorization flows, access tokens, and offline access via refresh tokens. It includes a service account authenticator that uses JSON key files or application default credentials for server-to-server communication, as well as mechanisms fo

    Implements Proof Key for Code Exchange (PKCE) to secure authorization code flows when client secrets are unavailable.

    PHP
    在 GitHub 上查看↗9,795
  • o3de/o3deo3de 的头像

    o3de/o3de

    8,954在 GitHub 上查看↗

    This project is an open-source 3D game engine designed for building high-fidelity games, simulations, and cinematic environments. It functions as a robotics simulation platform with native integration for ROS 2 to model robot controllers and sensors. The engine features a multi-threaded Forward+ physically based renderer that supports hardware-accelerated ray tracing and global illumination. The system is built on a modular extension architecture using Gems to add or replace features without modifying core binaries. It includes a native SDK for AWS cloud integration, enabling IAM authenticati

    Implements secure cloud authentication and resource sharing via AWS SDK and OpenID token flows.

    C++3d-graphics3d-graphics-engineanimation
    在 GitHub 上查看↗8,954
上一个123下一个
  1. Home
  2. Security & Cryptography
  3. Authentication Flows

探索子标签

  • Authentication Flow AnalysisAnalyzing the structural paths of authentication and authorization logic within a codebase. **Distinct from Authentication Flows:** Focuses on the analysis/tracing of existing flows via a graph rather than the implementation of the protocols themselves.
  • Authentication Hooking UtilitiesTools that intercept authentication processes at runtime to capture credentials. **Distinct from Authentication Flows:** Focuses on runtime memory hooking for credential capture, distinct from general authentication flow implementation.
  • Browser Compatibility ChecksUtilities for detecting WebAuthn support and platform-level authenticator availability in the client browser. **Distinct from Authentication Flows:** Focuses on feature detection for WebAuthn, distinct from general authentication flow protocols.
  • Logic Customizers1 个子标签Programmable extensions to authentication sequences. **Distinct from Authentication Flows:** Focuses on the injection of custom function logic during the auth process rather than the protocol flow itself.
  • Magic Link1 个子标签Authenticates users via secure, time-limited links sent to email or phone. **Distinct from Authentication Flows:** Focuses on the specific magic link mechanism rather than general authentication protocols.
  • OAuth Flow SimulatorsTools for programmatically simulating OAuth handshakes for automated testing. **Distinct from Authentication Flows:** Focuses on the simulation of the handshake, distinct from the implementation of the flow itself.
  • Profile Management FlowsWorkflows specifically designed for updating user profile details and managing security credentials. **Distinct from Authentication Flows:** Distinct from general Authentication Flows by focusing on post-login account and security updates rather than access granting.
  • Programmable Engines1 个子标签Frameworks for injecting custom logic into authentication flows. **Distinct from Authentication Flows:** Focuses on the programmable engine aspect, distinct from standard protocol implementation.
  • Proof Key EnforcementMechanisms requiring proof keys during authentication flows to prevent token interception. **Distinct from Authentication Flows:** Focuses on specific proof-key-for-code-exchange (PKCE) patterns, distinct from general authorization flow implementations.
  • Proof Key for Code ExchangeSecurity extensions for authentication flows that use proof keys to prevent authorization code interception attacks. **Distinct from Authentication Flows:** Distinct from general Authentication Flows: specifically covers the PKCE extension for securing OAuth/OIDC handshakes.
  • Registration Flows1 个子标签Standardized sequences for the creation of new user accounts and identity enrollment. **Distinct from Authentication Flows:** Specializes Authentication Flows by focusing exclusively on the onboarding and account creation process.
  • Serverless FlowsAuthentication protocols specifically designed to execute within stateless, event-driven cloud function environments. **Distinct from Authentication Flows:** Distinct from Authentication Flows: specifically addresses the architectural constraints of serverless execution environments.