paseto
Ory Hydra
Our great sponsors
paseto | Ory Hydra | |
---|---|---|
26 | 37 | |
3,188 | 15,068 | |
0.1% | 1.1% | |
4.7 | 9.1 | |
1 day ago | 7 days ago | |
PHP | Go | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
paseto
-
JSON Web Proofs
Might I suggest Paseto (https://paseto.io/) - it solves a lot of the headaches of JWT. Signing and encryption are two different things that require two different sets of keys, so you can't mess it up.
(Full disclosure, I've written one implementation: https://github.com/auth70/paseto-ts)
-
Full-stack authentication system using rust (actix-web) and sveltekit
Though we'll be building a session-based authentication system, it's noteworthy that with the introduction of some concepts which will be discussed in due time, you can turn it into JWT- or, more securely and appropriately, PASETO-based authentication system.
- Biscuit 3.0
-
Securing Your Golang Application: Unleashing the Power of Authentication and Authorization
Time we ditch it and use paseto
- Paseto is everything you love about JWT without any of the design deficits
- Why JWTs Suck as Session Tokens (2017)
-
Looking for advice for Go Backend REST API for a Front End React/NodeJS
The PASETO web site goes over it. Mostly it's designed to make you do things the right way and avoid all the security holes you can fall into with JWT.
- Initial impact report about this week's EdDSA Double-PubKey Oracle attack in 40 affected crypto libs
-
Stop Storing Authentication Tokens in JS-accessible Storage
If this is too much to handle, you shouldn't have to! There's already solutions that handle it for you
Ory Hydra
- Show HN: Open-source OAuth2 server Ory Hydra now 6x faster
-
🚀 Top 12 Open Source Auth Projects Every Developer Should Know 🔑
OAuth Server - Hydra
-
Ask HN: Freelancer? Seeking freelancer? (July 2023)
For examples of my work see my contributions to Ory Hydra https://github.com/ory/hydra.
I'd be more than happy to talk about how I can bring value to your project. Let's have a conversation!
- Show HN: Open-Source OAuth2/OIDC Server Ory Hydra 2.1.2 Release
- Open Source OAuth2/OIDC Server Ory Hydra v2.1.2 Released
-
Ory Hydra VS boruta-server - a user suggested alternative
2 projects | 22 May 2023
-
Are there any OIDC Provider libraries for Golang?
Another package you might want to consider is ORY Hydra. https://github.com/ory/hydra
-
Advice me user and oauth2
Check this project: https://github.com/ory/hydra
-
Show HN: Kinde – auth, feature flags and billing (Q3) in one integration
> 10k M2M tokens for $250/month sounds like a really bad deal if I can just spin up https://github.com/ory/hydra that can easily handle 10k requests per second.
Spinning one up is easy, sure. Making sure it's production ready, is not so much.
-
Tailscale – Introducing Custom OIDC
Have not tried Dex so can't speak to that.
https://github.com/ory/hydra
What are some alternatives?
branca - :key: Secure alternative to JWT. Authenticated Encrypted API Tokens for Go.
casdoor - An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA and RADIUS [Moved to: https://github.com/casdoor/casdoor]
Symfony Panther - A browser testing and web crawling library for PHP and Symfony
IdentityServer - The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core
wp-graphql-jwt-authentication - Authentication for WPGraphQL using JWT (JSON Web Tokens)
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
php-jwt - PHP package for JWT
dex - OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
bubble - bubble 旨在为项目快速开发提供一系列的基础能力,方便使用者根据项目需求快速进行功能拓展。已将所有 JAR 包都推送至中央仓库,也会为每个版本的升级改动列出详细的更新日志
Ory Kratos - Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!
Packagist - Package Repository Website - try https://packagist.com if you need your own -
node-oidc-provider - OpenID Certified™ OAuth 2.0 Authorization Server implementation for Node.js