Top 23 Authentication and OAuth Open-Source Projects
Flexible authentication solution for Rails with Warden.Project mention: Ruby through the lens of Go | dev.to | 2021-04-16
One of the things I love the most about Ruby is that it tends to coalesce around one or two really popular libraries. Rails is the big one obviously, but over time you see libraries designed for a particular purpose "winning" over other things. This includes things like linting/code analysis (Rubocop), authentication (Devise), testing (RSpec and Minitest) and more. The emphasis is on making something good great rather than making a lot of different good things.
Golang implementation of JSON Web Tokens (JWT)Project mention: JWT and Go. How to integrate them with security requirements | dev.to | 2021-04-13
The boilerplate application uses the dgrijalva / jwt-go library to work with JWTs. Besides the standard set of claims fields, this library allows you to describe additional fields. In the application, this makes it possible to write to the token the ID of the user to whom it was issued. The library supports the NewWithClaims () and Parse () functions used in the AuthHandler application to create and validate tokens. Also, the Echo framework has a JWT middleware that uses the specified library to validate tokens. This middleware is hooked up in the ConfigureRoutes () function of the template application that declares the routing.
Scout APM - Leading-edge performance monitoring starting at $39/month. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.
An authorization library that supports access control models like ACL, RBAC, ABAC in GolangProject mention: Casbin: An authorization library that supports access control models like ACL, RBAC, ABAC in Golang | reddit.com/r/golang | 2021-04-08
OmniAuth is a flexible authentication system utilizing Rack middleware.Project mention: Unsolicited Advice After My First Rails Project | dev.to | 2021-03-25
For example, I wanted my users to be able to log in through Google, but I was having trouble getting Omniauth to work properly. Maybe it was interacting weirdly with some other part of my code and having a more simplified set up that looks the same would make it easier to spot the bad interaction, or maybe I just needed to start fresh because I missed something in the setup. Either way, perfect candidate for the sandbox! But even when I got it figured out there, I still couldn't get it to transfer over to my real project...
The Single Sign-On Multi-Factor portal for web appsProject mention: Single Sign-On Solutions? | reddit.com/r/selfhosted | 2021-04-19
Surprised no one has suggested Authelia, it’s pretty successful at balancing simple to use vs powerful. And supports LDAP. I’m pretty happy with it
Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape.Project mention: Authelia is an open-source authentication/authorization server with 2FA/SSO | news.ycombinator.com | 2021-03-10
One thing that is missing from this list is open source language specific libraries. Projects such as https://oauthlib.readthedocs.io/en/latest/oauth2/server.html and https://github.com/doorkeeper-gem/doorkeeper
Depending on your use case, for example if you only have one application, you might be better off running something embedded in your app, or independent but using the same runtime/deployment environment. Then, when you are ready to add another app or integration, you should be able to introduce a standalone auth system more easily if appropriate (because all your auth interactions should be relatively standardized). I'm a big fan of standalone auth systems as a way to simplify access control and give a single view of a user/customer, but you can also succeed using open source embedded libraries.
When the moment comes to introduce a standalone system, you should consider a few dimensions (this list pulled from a previous comment of mine: https://news.ycombinator.com/item?id=26360048 ):
* open source or not
A simple ruby authentication solution.
Welcome to the AWS Code Examples Repository. This repo contains code examples used in the AWS documentation, AWS SDK Developer Guides, and more. For more information, see the Readme.rst file below.Project mention: AWS SDK for .NET now supports Blazor WebAssembly!!! | reddit.com/r/dotnet | 2021-01-21
/u/andyhoppatamazon any chance we can see some examples? There is nothing here https://github.com/awsdocs/aws-doc-sdk-examples
Go OAuth2Project mention: Handling authentication in Transport - is it good or bad? | reddit.com/r/golang | 2021-02-03
Handling auth in a Transport is a common pattern, that's what x/oauth2 does for example: https://github.com/golang/oauth2/blob/master/transport.go#L20
Rails authentication with email & password.Project mention: Why am I having such a bad time with Rails? | reddit.com/r/rails | 2021-02-18
...because some folks prefer clearance to devise! :-D
Package goth provides a simple, clean, and idiomatic way to write authentication packages for Go web applications.
Token based authentication for Rails JSON APIs. Designed to work with jToker and ng-token-auth.Project mention: Devise, The Swiss Army Knife of Rails User Authentication. | dev.to | 2021-02-04
As a side note, also check out devise_token_auth here
A ruby implementation of the RFC 7519 OAuth JSON Web Token (JWT) standard.Project mention: Ruby Gem JWT Version 2.2.3 Released | news.ycombinator.com | 2021-04-20
The boss of http auth.
General Rack Authentication FrameworkProject mention: Devise only allow one session per user at the same time | reddit.com/r/ruby | 2021-01-19
Despite this approach works, it's polluting the controller with authentication logic. Given that Devise uses Warden under the hood, the same can be achieved by taking advantage of warden callbacks that will always get executed when a meaningful event is triggered.
A Ruby wrapper for the OAuth 2.0 protocol. (by oauth-xx)
JWT login microservice with plugable backends such as OAuth2, Google, Github, htpasswd, osiam, ..
An implementation of JOSE standards (JWE, JWS, JWT) in Go
A standalone, specification-compliant, OAuth2 server written in Golang.
Go login handlers for authentication providers (OAuth1, OAuth2)
goRBAC provides a lightweight role-based access control (RBAC) implementation in Golang.
Magical Authentication (by Sorcery)Project mention: Easy has_secure_password API authentication | dev.to | 2021-01-21
Ruby's Most Advanced Authentication FrameworkProject mention: Behind The Scenes: Devise | reddit.com/r/ruby | 2021-02-04
Another user who replied to you mentioned Rodauth, and I haven't tried it in my own applications yet but I would absolutely be willing to sink the time/energy into learning it over configuring Devise again.
What are some of the best open-source Authentication and OAuth projects? This list will help you:
|12||Devise Token Auth||3,135|