awesome-repositories.com
博客
awesome-repositories.com

通过 AI 驱动的搜索,发现最优秀的开源仓库。

探索精选搜索开源替代品自托管软件博客网站地图
项目关于排名机制媒体报道MCP 服务器
法律隐私政策服务条款
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

39 个仓库

Awesome GitHub RepositoriesToken-based Authorization

Methods for authorizing requests using bearer tokens in HTTP headers.

Distinguishing note: Focuses on the extraction and validation of tokens from authorization headers.

Explore 39 awesome GitHub repositories matching security & cryptography · Token-based Authorization. Refine with filters or upvote what's useful.

Awesome Token-based Authorization GitHub Repositories

用 AI 发现最棒的仓库。我们将通过 AI 为您搜索最匹配的仓库。
  • payloadcms/payloadpayloadcms 的头像

    payloadcms/payload

    43,053在 GitHub 上查看↗

    Payload is a headless content management system and application framework that uses a code-first approach to define data schemas and administrative interfaces. By utilizing a centralized, type-safe configuration object, it automatically generates database schemas, API endpoints, and a fully customizable admin panel. The system is built on a database-agnostic architecture, allowing it to interface with various storage engines while providing a unified, type-safe API for server-side operations, REST, and GraphQL. What distinguishes Payload is its deep extensibility and developer-centric design.

    Identifies users by extracting and validating JSON Web Tokens from the Authorization header.

    TypeScriptcmscontent-managementcontent-management-system
    在 GitHub 上查看↗43,053
  • alishahryar1/free-claude-codeAlishahryar1 的头像

    Alishahryar1/free-claude-code

    34,843在 GitHub 上查看↗

    This project is a multi-provider AI gateway and proxy server that intercepts and routes requests between AI clients and various large language model providers. It functions as an API protocol translator and model router, mapping incoming requests to specific upstream providers or local runners to provide a unified interface for multiple models. The system distinguishes itself by bridging chat platforms and command line interfaces, converting messages from chat services into managed command line sessions. It further optimizes traffic by executing certain web search and fetch requests locally a

    Secures the API entry point using constant-time matching of authorization tokens in request headers.

    Python
    在 GitHub 上查看↗34,843
  • bigint/heybigint 的头像

    bigint/hey

    29,384在 GitHub 上查看↗

    Hey is a command-line utility designed for HTTP load testing and API performance benchmarking. It functions as a concurrent request generator that simulates high volumes of traffic against target endpoints to evaluate service responsiveness, throughput, and stability under load. The tool distinguishes itself by integrating specialized modules for cryptographic request signing and internal service authorization. It supports the generation of digital signatures for decentralized social protocols and validates backend requests using shared secret tokens, allowing for secure interaction with prot

    Verifies incoming traffic using shared secret tokens to enforce secure access control for internal services.

    TypeScriptblockchaincryptodapp
    在 GitHub 上查看↗29,384
  • openzeppelin/openzeppelin-contractsOpenZeppelin 的头像

    OpenZeppelin/openzeppelin-contracts

    27,157在 GitHub 上查看↗

    OpenZeppelin Contracts is a library of modular, secure, and reusable smart contract components designed for the development of decentralized applications. It provides a foundational framework for building standard-compliant contracts, offering battle-tested implementations for token standards, access control, and common utility patterns. The project distinguishes itself through its comprehensive support for complex architectural patterns, including proxy-based upgradeability, role-based access control, and account abstraction. It enables developers to implement modular logic injection via hoo

    Enables users to approve token allowances via off-chain cryptographic signatures, eliminating the need for on-chain transactions.

    Solidityethereumevmsecurity
    在 GitHub 上查看↗27,157
  • mastra-ai/mastramastra-ai 的头像

    mastra-ai/mastra

    21,221在 GitHub 上查看↗

    Mastra is an orchestration framework designed for building, deploying, and managing autonomous AI agents and multi-agent systems. It provides a comprehensive suite of primitives for creating resilient AI applications, including durable workflow orchestration, event-driven agent loops, and semantic memory management. By integrating these core components, the platform enables developers to build complex, multi-step processes that can reason about goals and execute tasks without manual intervention. The framework distinguishes itself through its focus on observability and secure, isolated execut

    Enables authenticated sessions by extracting and validating authorization tokens from URL query parameters.

    TypeScriptagentsaichatbots
    在 GitHub 上查看↗21,221
  • sanic-org/sanicsanic-org 的头像

    sanic-org/sanic

    18,624在 GitHub 上查看↗

    Sanic is an asynchronous Python web framework designed for building high-performance APIs and services. It operates as a production-ready ASGI web server, utilizing a non-blocking event loop to handle concurrent requests and maximize throughput. The framework is built to support scalable architectures, offering built-in worker process management to distribute traffic across available CPU cores. What distinguishes Sanic is its focus on modularity and developer-centric tooling. It features a blueprint-based system for organizing complex applications into pluggable components, alongside a robust

    Parses standard authentication headers from incoming requests to extract tokens for use in route handlers.

    Pythonapi-serverasgiasyncio
    在 GitHub 上查看↗18,624
  • gyoogle/tech-interview-for-developergyoogle 的头像

    gyoogle/tech-interview-for-developer

    17,417在 GitHub 上查看↗

    This project is a comprehensive technical interview preparation resource and computer science interview guide. It serves as an educational reference for developers to study core software engineering fundamentals and common coding patterns required for employment screenings. The repository provides detailed guides and references covering data structures and algorithms, networking and security, operating systems, and web development. It specifically focuses on the implementation and complexity analysis of sorting, searching, and graph algorithms. The material encompasses a wide breadth of comp

    Describes the process of transforming HTML tags into a hierarchical tree-like object model.

    Javaalgorithmcomputer-sciencecs
    在 GitHub 上查看↗17,417
  • vasanthk/how-web-worksvasanthk 的头像

    vasanthk/how-web-works

    16,731在 GitHub 上查看↗

    This project is a technical educational guide focused on browser architecture and the internal processes used to render web pages. It provides a detailed breakdown of the web request lifecycle, from the initial networking phase to the final visual output on a screen. The guide covers specific technical sequences including the DNS resolution process across browser, operating system, and ISP caches, and the establishment of secure connections through the TLS handshake. It also details the communication flow between clients and servers using the HTTP protocol and server-side request handling. T

    Describes the transformation of raw bytes into tokens and nodes to build the Document Object Model.

    在 GitHub 上查看↗16,731
  • quarkusio/quarkusquarkusio 的头像

    quarkusio/quarkus

    15,479在 GitHub 上查看↗

    Quarkus is a Kubernetes-native Java framework designed for building high-performance, memory-efficient applications. It utilizes ahead-of-time native compilation to transform Java code into standalone, optimized binaries that eliminate the need for a virtual machine, enabling rapid startup and reduced memory consumption. By performing code augmentation during the build phase, it shifts heavy processing tasks away from runtime, ensuring that applications are optimized for cloud-native environments. The framework distinguishes itself through a unified approach to reactive and imperative program

    Maintains user sessions by storing authorization tokens in secure backends or encrypted cookies.

    Javacloud-nativehacktoberfestjava
    在 GitHub 上查看↗15,479
  • midday-ai/middaymidday-ai 的头像

    midday-ai/midday

    14,026在 GitHub 上查看↗

    Midday is an open-source, self-hosted financial dashboard designed for business expense management and automated bookkeeping. It functions as a centralized platform that aggregates transaction history and account balances from multiple external banking providers, allowing users to maintain full control over their sensitive financial data on private infrastructure. The platform distinguishes itself through its automated reconciliation workflows, which categorize business expenditures and generate structured financial reports to reduce manual data entry. By integrating with financial data aggre

    Manages persistent access to sensitive financial data by exchanging temporary security tokens for long-lived, scoped API credentials.

    TypeScriptfinancenextjssupabase
    在 GitHub 上查看↗14,026
  • macrozheng/mall-swarmmacrozheng 的头像

    macrozheng/mall-swarm

    13,001在 GitHub 上查看↗

    Mall-swarm is a microservices-based e-commerce system built with Spring Cloud Alibaba and Spring Boot. It functions as a scalable online retail platform designed to manage complex business logic through a distributed architecture of independent services. The system utilizes Kubernetes and Docker for service orchestration, incorporating a unified API gateway for traffic routing and service discovery. Security is handled via a unified identity and access management framework for verifying user tokens across all connected microservices. The platform includes a dedicated search engine for high-p

    Implements token-based authorization to validate user identities across all microservices.

    Javadockerelasticsearchjava
    在 GitHub 上查看↗13,001
  • talkgo/nighttalkgo 的头像

    talkgo/night

    12,298在 GitHub 上查看↗

    Night is a developer community platform designed to facilitate peer-to-peer learning and technical knowledge management. It functions as a collaborative space where users can organize study groups, curate engineering resources, and host technical discussions to support ongoing professional development. The system operates as a relational database application that manages complex interactions between users, learning materials, and collaborative session metadata. It incorporates a role-based access control framework to enforce permissions and restrict administrative actions through token valida

    Validates user identity tokens to authorize access and restrict administrative operations within the platform.

    Gobilibilibilibili-livedaily
    在 GitHub 上查看↗12,298
  • jlcodes99/cockpit-toolsjlcodes99 的头像

    jlcodes99/cockpit-tools

    11,557在 GitHub 上查看↗

    Cockpit-tools is a toolkit for managing multiple AI service credentials and account identities. It provides utilities for importing account credentials via authorization tokens or data files to enable rapid switching between user identities without manual login procedures. The project includes an automation utility for scheduling model wake-ups and quota reset cycles, as well as a monitoring dashboard to track API credits and usage limits across various platforms. Additionally, it functions as a launcher for running multiple independent AI editor instances, mapping each to a unique user direc

    Enables instant swapping of active AI user identities by replacing authorization tokens in the local state.

    Rustaccount-manageraiantigravity
    在 GitHub 上查看↗11,557
  • r-spacex/spacex-apir-spacex 的头像

    r-spacex/SpaceX-API

    10,822在 GitHub 上查看↗

    This project provides a standardized RESTful API for accessing comprehensive aerospace mission records and space exploration data. It serves as a structured interface for retrieving historical and upcoming launch details, hardware specifications, and media assets, while also providing real-time tracking for satellite orbital paths. The service distinguishes itself through a robust architecture designed for high-performance data retrieval. It utilizes in-memory response caching to reduce latency and server load, alongside query-parameter-based filtering that allows users to precisely control t

    Validates security credentials via request header tokens to enforce access control for sensitive operations.

    JavaScriptapicapsuledocker
    在 GitHub 上查看↗10,822
  • electric-sql/electricelectric-sql 的头像

    electric-sql/electric

    9,909在 GitHub 上查看↗

    Electric is a Postgres data synchronization engine and replication proxy designed to enable local-first software. It replicates data from Postgres databases to client-side stores in real time using logical replication, allowing applications to maintain a local embedded database for offline access and low-latency updates. The system distinguishes itself by using shapes to filter and authorize specific subsets of database rows and columns before streaming them to clients or edge workers. It further supports multi-user collaboration by integrating a conflict-free replicated data type framework t

    Issues shape-scoped tokens that are validated by a proxy to ensure only authorized data subsets are requested.

    Elixircrdtcrdtselixir
    在 GitHub 上查看↗9,909
  • cooderl/wewe-rsscooderl 的头像

    cooderl/wewe-rss

    8,828在 GitHub 上查看↗

    wewe-rss is an RSS feed generator and scheduled aggregator that converts social media accounts and web content into standardized RSS, Atom, or JSON feeds. It functions as a full-text content extractor, retrieving the complete body of articles rather than short summaries. The system operates as an API-protected feed gateway, utilizing token-based authorization and request rate limiting to restrict access and maintain stability. It supports subscription portability by exporting tracked sources into standardized OPML files. The project manages content aggregation through automated polling via c

    Secures API access by validating requests using secret authorization tokens.

    TypeScriptmysqlnestjsrss
    在 GitHub 上查看↗8,828
  • modelcontextprotocol/inspectormodelcontextprotocol 的头像

    modelcontextprotocol/inspector

    8,721在 GitHub 上查看↗

    The inspector is a diagnostic and validation tool for the Model Context Protocol. It provides an interactive interface and a transport proxy to discover, inspect, and execute the tools, prompts, and resources provided by an MCP server. The project serves as a debugger and compliance tester to verify that server implementations adhere to the protocol specification and JSON-RPC standards. It allows for real-time monitoring of message exchanges and logs between clients and servers across various transport layers, such as standard input/output and Server-Sent Events. The tool covers a broad rang

    Uses OAuth 2.1 resource indicators to obtain specific access tokens for restricted resources.

    TypeScript
    在 GitHub 上查看↗8,721
  • neutralinojs/neutralinojsneutralinojs 的头像

    neutralinojs/neutralinojs

    8,543在 GitHub 上查看↗

    Neutralinojs is a lightweight cross-platform desktop application framework that allows developers to build native applications using web technologies and a C++ backend. It serves as a native system API bridge, enabling JavaScript frontend code to execute system commands and manage files across Windows, macOS, and Linux. The project distinguishes itself as a portable runtime that renders interfaces via the system's built-in webview instead of bundling a full browser engine. This approach enables the packaging of web assets into small, standalone executable binaries. The framework provides com

    Secures the native API by validating unique connection tokens and origin headers for every request.

    C++
    在 GitHub 上查看↗8,543
  • jiangrui1994/cloudsaverjiangrui1994 的头像

    jiangrui1994/CloudSaver

    8,542在 GitHub 上查看↗

    CloudSaver is a multi-cloud file transfer manager and storage aggregator designed to discover remote resources and save them directly to cloud drives. It functions as a cloud file downloader and management platform that enables the movement of data between different cloud storage providers without requiring files to be downloaded to a local device first. The system uses OAuth authentication to manage secure connections to third-party cloud drives, facilitating direct server-to-server data transfers. It incorporates asynchronous streaming to move data between remote sources and destinations, p

    Tracks user identity and authorization state using secure bearer tokens for session persistence.

    Vue
    在 GitHub 上查看↗8,542
  • lightningnetwork/lndlightningnetwork 的头像

    lightningnetwork/lnd

    8,154在 GitHub 上查看↗

    Lnd is a full implementation of the Lightning Network protocol, functioning as a Bitcoin Layer 2 daemon that manages payment channels and settles transactions on the Bitcoin blockchain. It serves as an off-chain payment processor and a cryptographic wallet manager, enabling the execution of instant, scalable transactions through a network node. The project distinguishes itself through a focus on secure node networking and programmatic control. It provides gRPC and REST API servers for automating payment workflows and utilizes macaroon-based authorization to delegate granular permissions via c

    Implements macaroon-based authorization to delegate granular API permissions via signed tokens.

    Gobitcoinblockchaincryptocurrency
    在 GitHub 上查看↗8,154
上一个12下一个
  1. Home
  2. Security & Cryptography
  3. Token-based Authorization

探索子标签

  • Authorization Code ManagementHandling the creation, validation, and revocation of short-lived authorization codes. **Distinct from Token-based Authorization:** Specifically manages the temporary authorization codes used in the code exchange flow, distinct from the final bearer tokens.
  • Identity SwappingUtilities for rapidly switching between different authenticated sessions by updating authorization tokens. **Distinct from Token-based Authorization:** Focuses on the act of swapping active identities rather than just the mechanism of token authorization.
  • JWT Grant ValidationValidation of signed JWTs used as authorization grants to issue access tokens. **Distinct from Token-based Authorization:** Focuses on the use of JWTs as grants specifically, rather than general bearer token validation.
  • MacaroonsAuthorization tokens using nested caveats to delegate granular permissions cryptographically. **Distinct from Token-based Authorization:** Specifically uses the Macaroon construct for nested, delegated caveats rather than simple bearer tokens.
  • Signature-Based Token Authorizations2 个子标签Approving token spending via cryptographic signatures instead of on-chain transactions. **Distinct from Token-based Authorization:** Distinct from Token-based Authorization: focuses on off-chain signature approval for token transfers rather than HTTP bearer tokens.
  • Token Extraction1 个子标签Capturing authentication tokens and cookies from active network traffic. **Distinct from Token-based Authorization:** Focuses on the extraction of existing tokens from traffic rather than the authorization of requests using them.
  • Token Operator Authorizations1 个子标签Delegation of token management and transfer rights to authorized operators. **Distinct from Token-based Authorization:** Distinct from Token-based Authorization: focuses on operator delegation for asset management rather than HTTP bearer tokens.