Rodauth VS fusionauth-jwt

There is no Hanami specific authentication library. Rails has a plethora of solutions, but nothing was created for Hanami (at least for the current version). There are framework agnostic tools though. OAuth solutions are like that, JWT, libraries like Rodauth. The last one is particularly interesting for Hanami since it is very much in the same "spirit" in terms of design and it is also the most advanced solution on the ruby market.

Rodauth provides first class support for passkeys, implemented on top of the excellent webauthn-ruby gem. It enables using passkeys as a multifactor authentication method, or for passwordless login and registration. In addition to routes, views and database storage, it also provides the complete JavaScript part that interacts with Web Authentication API for zero configuration.

I can recommend rodauth: https://github.com/jeremyevans/rodauth It ships with a ton of things. Check out the features section.

In general, even though the Hanami ecosystem lacks any "plug-and-play" solutions such as Devise, you can use many existing libraries not tightly coupled to Ruby on Rails. For authentication, you can use Warden, OmniAuth or Rodauth. For uploads there is Shrine. The pagination is built into ROM. Integration with exception catchers such as Rollbar is easy.

While Devise provides a convenience layer around OmniAuth, it does nothing to actually sign the user into your app. When I started writing the OmniAuth integration for Rodauth, I wanted to go one step further and actually handle things like persistence of external identities, account creation and login, while still allowing the developer to customize the behaviour. That's how rodauth-omniauth was created. ✨

You can find the list of possible error identifiers here.

You probably meant the webauthn_login, which already supports passwordless.

When Rodauth came out, I was excited to finally have a full-featured authentication framework that wasn't tied to Rails, given that existing solutions required either Rails (Devise, Sorcery), or at least Active Record (Authlogic). Even though I mainly develop in Rails, I want other Ruby web frameworks to be viable alternatives, so I'm naturally drawn to generic solutions that everyone can use.

FusionAuth is one of the most decorated and successful open-source IAM solutions. It has been downloaded by more than 10 million customers and hosts over 1 million digital identities.

Ideally, I would recommend not handling and storing passwords yourself. It is preferable to use an identity provider (IdP), such as Azure AD B2C, Auth0, or FusionAuth. These systems are designed to manage your users' identity (including their passwords) so you don't have to. You could also use Single Sign-On with cloud providers.

Check out https://fusionauth.io/

Concur.

Another data point. Our open source JWT library[0] and Java client library[1] both target Java 8 because that is widely used.

0: https://github.com/FusionAuth/fusionauth-jwt

1: https://github.com/FusionAuth/fusionauth-java-client

FusionAuth | Senior Java Engineer, Senior TechOps Engineer, Senior Support Engineer | Full-time | Denver CO, USA | https://fusionauth.io

FusionAuth is the authentication and authorization platform built for devs, by devs. Our software solves the problem of integrating essential user security without adding risk or distracting from the primary application.

Ya know, the one with the features your users want to pay you for.

FusionAuth comes without the risk and complexity that typical identity systems have. With self-hosted or cloud installation, extensive documentation, free options, fast deployment and a no-hassle process, we eliminates hurdles that make it hard for developers to meet their authentication and authorization requirements.

We aren't VC funded, but we are profitable, growing fast, and need your help. We are currently hiring for the following roles:

Senior Java Engineer

Senior TechOps Engineer

Senior Support Engineer

Learn more, including salary info, what makes us tick, and role expectations, here: https://fusionauth.io/jobs

But I rarely see a comprehensive comparison that is current for any of them. And then there are others out there like Teleport and FusionAuth.

JWT processing for java. Fast: https://github.com/skjolber/java-jwt-benchmark

This article is based upon a presentation from Dan Moore of FusionAuth.

FusionAuth is a powerful identity and access management platform that makes it easy to add authentication and authorization to your applications. In this blog post, we'll explore how to integrate FusionAuth with a Python Flask application using OAuth 2.0, covering features such as login, displaying user profile information, and logout functionality.