Our great sponsors
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
OWasp cheat sheet on how to do ACL in Web App.
The authorization Gem for Ruby on Rails.
https://github.com/CanCanCommunity/cancancan (Ruby on Rails ABAC) Same like casl.js, but for Ruby on Rails! Casl.js was actually inspired and modeled by cancancan.
Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
Minimal authorization through OO design and pure Ruby classes
https://github.com/varvet/pundit Popular open-source Ruby library focused around the notion of policies, giving you the freedom to implement your own approach based on that.
Awesome Django authorization, without the database
https://github.com/dfunckt/django-rules A generic, approachable open source framework for building rule-based systems in Django (Python).
The fastest way to develop full-stack web apps with React & Node.js.
You can check out our discussion about this in our “Support for Permissions” RFC.
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang
https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.
React Native toolkit for Auth0 API
Auth0 (provider) Auth0 has been around for some time and is probably the most popular authN provider out there. While authN is their main offering (they give you SDKs for authentication + they store user profiles and let you manage them through their SaaS), they also allow you to define authZ to some degree, via RBAC and policies.
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
I made a complete Team support in React for my App: a Multi-tenancy SaaS. Live demo in the comments
2 projects | reddit.com/r/reactjs | 24 Apr 2022
Sanic Security: An effective, simple, and async security library for the Sanic framework. (Python)
1 project | reddit.com/r/coolgithubprojects | 3 Feb 2023
Show HN: Permit Elements- UIs to let your customers manage their own damn RBAC
1 project | news.ycombinator.com | 26 Jan 2023
OWASP Juice Shop
3 projects | news.ycombinator.com | 22 Jan 2023
1 project | reddit.com/r/devops | 19 Jan 2023