4 个仓库
Complete systems for managing user identity, sessions, and secure sign-in within web applications.
Distinct from Ruby on Rails Frameworks: The candidates are either too broad (Ruby on Rails Frameworks) or too specific (generators).
Explore 4 awesome GitHub repositories matching web development · Authentication Frameworks. Refine with filters or upvote what's useful.
Devise is a flexible authentication framework for Ruby on Rails applications. It serves as a user identity management system that handles registration, sign-in, password recovery, and account confirmation. The system integrates with the Warden middleware to manage user sessions and security across various request types. The framework functions as a multi-model authentication engine, allowing for the configuration of multiple distinct user models with independent routes and access controls. It also provides a standardized interface to connect with external identity providers and third-party lo
Functions as a complete authentication framework for managing user identity and sessions in web applications.
Devise is a comprehensive identity management system and authentication framework for Ruby on Rails applications. It provides a complete set of tools for managing user registration, secure sign-in, and session handling using a modular strategy pattern. The framework distinguishes itself by offering a suite of security hardening features, including brute force protection through account locking and secure password recovery workflows. It also functions as an integrator for external identity providers and third-party authentication via standardized protocols. Broad capabilities cover the full u
Implements secure sign-in and session management for Ruby on Rails applications to protect private routes.
Lucia is an authentication library that provides session management, OAuth integration, and password-based login for web applications. It creates and validates server-side sessions using cryptographically random tokens stored in HttpOnly, Secure, SameSite=Lax cookies, with constant-time token comparison to prevent timing side-channel attacks. The library supports authentication through email and password, GitHub OAuth, Google OAuth, and passkey-based sign-in. It enforces two-factor authentication using time-based one-time passwords (TOTP) from authenticator apps, generates recovery codes for
Provides a complete authentication framework for web apps with session management and multiple login methods.
Authboss 是一个模块化身份验证框架,旨在管理用户身份和账户编排。它提供了一个全面的系统,用于处理用户注册、电子邮件验证和用户配置文件的完整生命周期。 该框架以一套专注的安全和身份工具为特色,包括通过基于时间的密码和短信进行的多因素身份验证,以及使用 OAuth1 和 OAuth2 协议与外部提供商的身份集成。它还包含一个专用的账户安全管理器,通过基于凭据的账户锁定和自适应密码哈希来实现暴力破解保护。 广泛地,该项目涵盖了会话生命周期管理,包括持久登录 Cookie 和不活动超时,以及针对忘记密码的账户恢复流程。它还提供用于路由访问控制的请求中间件,并支持以 HTML 或 JSON 格式渲染身份验证视图。
Provides a modular PHP-based framework for handling user registration, password resets, and session management.