auth0-spa-js
developers
auth0-spa-js | developers | |
---|---|---|
5 | 19 | |
878 | - | |
0.7% | - | |
8.5 | - | |
5 days ago | - | |
TypeScript | ||
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
auth0-spa-js
-
Tell HN: Stytch Login SaaS Unicorn has common auth vulnerabilities
Your message feels disingenuous and not in good-faith.
Auth0 clearly advises against the localStorage option which is most similar to Stytch's:
> _Important:_ This feature will allow the caching of data _such as ID and access tokens_ to be stored in local storage. Exercising this option changes the security characteristics of your application and _should not be used lightly._ Extra care should be taken to mitigate against XSS attacks and minimize the risk of tokens being stolen from local storage.
This is from the readme of the github you linked:
https://github.com/auth0/auth0-spa-js/tree/0de9c6bf61d37fc21...
And since their other client-only solutions have major UX challenges (as you highlight), I expect most Auth0 users have landed on the secure option.
This is very different from Stytch - which as far as I can tell - doesn't disclose or acknowledge the risk, and instead willingly puts developers at increased risk. Throughout this thread, you've been dismissive of the risk despite security organizations clearly indicating that HttpOnly is best-practice.
You've found a legitimate comparison in Firebase, but for me, you've taken several steps too far trying to compare to Auth0.
-
Fastify DX and SolidJS in the Real World
Auth0 provides the auth0-spa-js package which offers two ways to authenticate users:
-
Persistent login in React using refresh token rotation
Therefore, I have transformed the library [@auth0/auth0-spa-js](https://github.com/auth0/auth0-spa-js), which is another official Auth0 client library, to have an authentication hook and methods that can be accessible outside the components.
-
React Testing Library with Auth0 and conditional rendering
auth0-spa-js must run on a secure origin. See https://github.com/auth0/auth0-spa-js/blob/master/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin for more information. 32 | it("renders a login button", () => { 33 | > 34 | const { getByText } = render( | ^ 35 | 36 | 37 |
developers
-
Authenticate your React App with Supabase
So for that, we need a few details that we'll get from the GitHub OAuth Page. There we have to Register a new App to get the required details. To register our app we'll need our callback URL, It looks like this: https://.supabase.co/auth/v1/callback . After that, we'll enable our GitHub Auth.
-
Azure ChatGPT
🟡 Development app setup Navigate to GitHub OAuth Apps setup https://github.com/settings/developers Create a New OAuth App https://github.com/settings/applications/new Fill in the following details Application name: Azure ChatGPT DEV Environment Homepage URL: http://localhost:3000 Authorization callback URL: http://localhost:3000/api/auth/callback/github 🟢 Production app setup Navigate to GitHub OAuth Apps setup https://github.com/settings/developers Create a New OAuth App https://github.com/settings/applications/new Fill in the following details Application name: Azure ChatGPT Production Homepage URL: https://YOUR-WEBSITE-NAME.azurewebsites.net Authorization callback URL: https://YOUR-WEBSITE-NAME.azurewebsites.net/api/auth/callback/github ⚠️ After completing app setup, ensure your environment variables locally and on Azure App Service are up to date.
-
FastAPI Production Setup Guide 🏁⚡️🚀
Navigate to the GitHub Oauth Apps developer settings at https://github.com/settings/developers and create a new oauth app.
-
An Opinionated Guide to DRF OAuth
We'll go through a similar process for setting up GitHub credentials. For GitHub, go to Settings and then to Developer Settings (bottom left of the page), and then select OAuth Apps. Configure your OAuth app similarly to what's shown below. You can put whatever you'd like in the Homepage URL field.
- Guia de autenticação do Next.Js com Github e Typescript
-
Implementing user authorization in Next.js
To do this, we need to first create a new GitHub OAuth App. Click on “New OAuth app” and fill out the form accordingly with your website information. Here are some important things to note about the information requested by the form:
-
How to Install Drone CI Server in Kubernetes
Go to https://github.com/settings/developers and create a new OAuth application and choose New OAuth App.
-
Sign in with GitHub
Head over to GitHub Developer Settings, click OAuth Apps on the left and then click the "New OAuth app" button. It's gonna ask you a few questions. Enter http://localhost:5173 for the homepage URL and http://localhost:5173/login for the callback URL, and fill the rest as you like. We're giving localhost addresses because we have to test our app before deploying to its final URL. You can just update the URLs when you deploy or create a new app and keep this one for testing and development.
-
Fastify DX and SolidJS in the Real World
Go into your Developer Settings and create a new OAuth App. Name, homepage etc. are not important, but the Authorization callback URL needs to point to your Auth0 Tenant. You can get the domain in your Auth0 application settings: https://.auth0.com.
-
Complete Guide to Multi-Provider OAuth 2 Authorization in Node.js
For Github, head over to your Settings > Developer Settings > OAuth apps and create a new app.
What are some alternatives?
nextjs-auth0 - Next.js SDK for signing in with Auth0
fastify-dx - Archived
auth0-angular - Auth0 SDK for Angular Single Page Applications
Koala - A lightweight Facebook library supporting the Graph, Marketing, and Atlas APIs, realtime updates, test users, and OAuth.
auth0-python - Auth0 SDK for Python
fastify-dx-solidjs-example - Real world app using Fastify-DX, Solid.js, Auth0 and GraphQL
AppAuth-JS - JavaScript client SDK for communicating with OAuth 2.0 and OpenID Connect providers.
fastify-vite - Fastify plugin for Vite integration.
auth0-react - Auth0 SDK for React Single Page Applications (SPA)
OmniAuth - OmniAuth is a flexible authentication system utilizing Rack middleware.
feedback - Feedback, Ideas and Suggestions for our articles
Niek - My GitHub profile