casdoor
DFeed
Our great sponsors
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
casdoor
-
Keycloak open redirect: wildcard redirect URIs can be exploited to steal tokens
I'm using Casdoor: https://github.com/casbin/casdoor and glad to see it only has ~77,000 LOC according to the shared link.
Keycloak was good but has too much legacy for 10+ years. Casdoor is pretty new and has become a good replacement for Keycloak for me with more functionalities.
-
Help needed - is there a product that provides the auth functionality we need?
Access keys & secrets are supported: https://github.com/casdoor/casdoor/pull/1971
-
Keycloak – Open-Source Identity and Access Management Interview
Looking at your username, it would be nice to mention that you are one of the main developers behind the tool instead of making it sound like you are unrelated: https://github.com/casbin/casbin/graphs/contributors https://github.com/casdoor/casdoor/graphs/contributors
-
Casdoor: a new open source SSO/IAM written in Go, with beautiful web UI, OIDC, OAuth 2.0, SAML, CAS, LDAP, WebAuthn and 2FA
Apparently they even removed the Chinese Tracker to Baidu now.
Not sure why this is being advertised as "new"? It has been posted here by OP for at least 10 months. The releases on GitHub go back to 2021. This was also posted here just 7 days ago.
-
Keycloak vs. Authentik vs. Authelia, help choose SSO
Wow, that's really good! And they even finally removed the tracking script of the chinese provider Baidu!
-
Supertokens: Open-Source Alternative to Auth0 / Firebase Auth / AWS Cognito
Another open-source IAM solution called Casdoor looks better than supertokens, it's fully open-source https://github.com/casdoor/casdoor
-
Casdoor: an open-source Identity and Access Management (IAM) platform with beautiful web UI supporting OAuth 2.0, OIDC, SAML and CAS
Looks like they finally removed the baidu tracking script from the base template which was raised when posted in the sub here 6 months ago, here 4 months ago, and here 2 months ago
DFeed
-
Don't Use Discord as a Forum
I'm not familiar with the codebase, but from my understanding it saves messages in a database [1], then periodically send out a formatted email to people who subscribed to the thread/group [2]
Anyone can post on the forum, you just have to provide an email address (you don't have to register, but you can enforce it)
[1] - https://github.com/CyberShadow/DFeed/blob/master/src/dfeed/w...
[2] - https://github.com/CyberShadow/DFeed/blob/master/src/dfeed/s...
- I've skimmed 66520 newsgroups trying to find some life on the Usenet (2020)
- Towards a new lisper space(?)
- Google Groups has been left to die
-
Casnode: An open-source forum software developed using BeeGo, React and MySQL
https://github.com/CyberShadow/DFeed is also interesting
- First release of LemmyBB, a federated bulletin board written in Rust
- Show HN: Minimal, no-JS web forum software
-
[META] Like Rationalists Leaving A . . .
What I would really, really like in any forum software is an NNTP bridge. Ideally bidirectional, but at least readable via NNTP. So far, the only one I've seen is https://forum.dlang.org/ with actual code at https://github.com/CyberShadow/DFeed .
- Don't Contribute Anything Relevant in Web Forums Like Reddit
- "Social friendly" mailing list manager
What are some alternatives?
casbin - An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
Ory Hydra - OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
zitadel - ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.
authelia - The Single Sign-On Multi-Factor portal for web apps
Grant - OAuth Proxy
pam-keycloak-oidc - PAM module connecting to Keycloak for user authentication using OpenID Connect/OAuth2, with MFA/2FA/TOTP support
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
external-auth-server - easy auth for reverse proxies
IdentityServer - The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core
Ory Kratos - Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!
angular-auth-oidc-client - npm package for OpenID Connect, OAuth Code Flow with PKCE, Refresh tokens, Implicit Flow
keycloak-clojure - A Clojure library helping the integration of Keycloak with a Clojure Application + a sample SPA Client and API Server demonstrating the Keycloak integration