Our great sponsors
|13 days ago||1 day ago|
|MIT License||GNU General Public License v3.0 or later|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Add Mastodon replies to your blog
4 projects | dev.to | 27 Dec 2022
One thing to watch out for is that the content of each reply is HTML. To be safe (paranoid), I'm running the HTML through sanitize-html to make sure nobody can inject sketchy HTML into my site.
Made an IMDB application using the TMDB API. The design is a bit similar to what you find on a streaming website. I made this with HTML, SCSS & Vanilla JS. Tips, feedback & suggestions would be greatly appreciated.
3 projects | /r/webdev | 26 Jun 2022
Don't forget to sanitize your HTML using https://github.com/apostrophecms/sanitize-html or upcoming feature: https://developer.mozilla.org/en-US/docs/Web/API/HTML_Sanitizer_API because https://nimb.ws/leTXDt
How To Parse and Render Markdown In Vuejs
6 projects | dev.to | 26 Aug 2021
Vue does not have as much support for Vue as there is for React. Examples are markdown-it, Remark.js, marked.js. But hopefully in the future, there should be more support, and after much research, I picked marked.js because it has the most stars and has zero vulnerability. Marked does not sanitize (meaning it does not secure HTML documents from attacks like cross-site scripting (XSS) ) marked output HTML as that feature is deprecated and has vulnerability but however, it supports the use of other libraries to secure output HTML such as DOMPurify (recommended), sanitize-html or insane.
Introducing Pezzo: Open-source AI Development Toolkit 🚀
4 projects | /r/OpenAI | 15 May 2023
Signing up - You're not actually signing up to anything. Supertokens (open source auth provider) is running locally on your machine. It's just a means for you to be able to have an account (and soon invite others to your project to collaborate together). The data doesn't leave your computer.
Supertokens: Open-Source Alternative to Auth0 / Firebase Auth / AWS Cognito
I see a feature flag and a license check class.
"[...] it is forbidden to copy, merge, publish, distribute, sublicense, and/or sell the Software." 
"Open source is source code that is made freely available for possible modification and redistribution." 
FastAPI as a authentication provider
5 projects | /r/FastAPI | 24 Apr 2023
Take a look at supertokens which integrates with fastapi https://supertokens.com
Show HN: Open-source Auth0 alternative Ory Kratos v0.13 released – nearing v1.0
4 projects | news.ycombinator.com | 19 Apr 2023
Why are people still using Ory Kratos? It's still incredibly confusing documentation. Large fan of projects like: https://supertokens.com/ that focus on making authentication workflow implementation really easy.
10+ Open-Source Projects For Web Developers In 2023
14 projects | dev.to | 10 Apr 2023
GitHub Stars: 8.5 K GitHub Link: https://github.com/supertokens/supertokens-core
Using SuperTokens for authentication in Next.js
11 projects | dev.to | 28 Mar 2023
However, the process of implementing a secure authentication system can be very complex and time consuming, particularly when working with complex frameworks like Next.js. This is where SuperTokens comes in. SuperTokens is a highly secure and customizable authentication solution that integrates seamlessly with Next.js.
Flutter + Azure B2C Auth
3 projects | /r/FlutterDev | 12 Mar 2023
Yeah I understand what you’re saying. There is SuperTokens but I haven’t tried it, yet.
What library or tool is causing you the most pain right now?
7 projects | /r/reactjs | 8 Mar 2023
Maybe you can consider using something like SuperTokens which has a ready made implementation of social sign in. Haven't used it myself yet so can't tell you about how well it works but I plan to use it soon to handle login on my soon to be released web app.
What are some alternatives?
DOMPurify - DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Ory Kratos - Next-gen identity server (think Auth0, Okta, Firebase) with Ory-hardened authentication, MFA, FIDO2, TOTP, WebAuthn, profile management, identity schemas, social sign in, registration, account recovery, passwordless. Golang, headless, API-only - without templating or theming headaches. Available as a cloud service.
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
authelia - The Single Sign-On Multi-Factor portal for web apps
authentik - The authentication glue you need.
js-xss - Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
springboot-keycloak-openldap - The goal of this project is to create a simple Spring Boot REST API, called simple-service, and secure it with Keycloak. Furthermore, the API users will be loaded into Keycloak from OpenLDAP server.
capacitor-oauth2 - Generic Capacitor OAuth 2 client plugin! Stop the war in Ukraine!
keycloak-operator - ARCHIVED Kubernetes Operator for the no longer supported WildFly distribution of Keycloak
graylog-plugin-oauth2 - Oauth2 plugin for graylog project