0

Auth.js

Web 身份验证。Auth.js 是一套开源软件包,建立在标准 Web API 的基础上,用于在任何 JS 运行时、任何平台上的任何框架的现代应用程序中进行身份验证。「Authentication for the Web. Auth.js is a set of open-source packages that are built on standard Web APIs for authentication in modern applications with any framework on any platform in any JS runtime.」

Official Site
Github repo
Main metrics

Github stars Tracking Chart

Features

Flexible and easy to use

  • Designed to work with any OAuth service, it supports 2.0+, OIDC
  • Built-in support for many popular sign-in services
  • Email/Passwordless authentication
  • Bring Your Database - or none! - stateless authentication with any backend (Active Directory, LDAP, etc.)
  • Runtime-agnostic, runs anywhere! (Vercel Edge Functions, Node.js, Serverless, etc.)

Own your data

Auth.js can be used with or without a database.

Secure by default

  • Promotes the use of passwordless sign-in mechanisms
  • Designed to be secure by default and encourage best practices for safeguarding user data
  • Uses Cross-Site Request Forgery (CSRF) Tokens on POST routes (sign in, sign out)
  • Default cookie policy aims for the most restrictive policy appropriate for each cookie
  • When JSON Web Tokens are used, they are encrypted by default (JWE) with A256CBC-HS512
  • Features tab/window syncing and session polling to support short-lived sessions
  • Attempts to implement the latest guidance published by Open Web Application Security Project

Advanced configuration allows you to define your routines to handle controlling what accounts are allowed to sign in, for encoding and decoding JSON Web Tokens and to set custom cookie security policies and session properties, so you can control who can sign in and how often sessions have to be re-validated.

TypeScript

Auth.js libraries are written with type safety in mind. Check out the docs for more information.

Security

If you think you have found a vulnerability (or are not sure) in Auth.js or any of the related packages (i.e. Adapters), we ask you to read our Security Policy to reach out responsibly. Please do not open Pull Requests/Issues/Discussions before consulting with us.

Acknowledgments

Auth.js is made possible thanks to all of its contributors.

Sponsors

We have an OpenCollective for companies and individuals looking to contribute financially to the project!

  • 💵 Financial Sponsor
  • ☁️ Infrastructure Support

Contributing

We're open to all community contributions! If you'd like to contribute in any way, please first read
our Contributing Guide.

License

ISC

Overview

Name With Ownernextauthjs/next-auth
Primary LanguageTypeScript
Program languageJavaScript (Language Count: 10)
Platform
License:ISC License
Release Count1191
Last Release Namenext-auth@5.0.0-beta.17 (Posted on 2024-04-25 23:11:43)
First Release Namev1.13.0 (Posted on )
Created At2018-01-27 12:28:16
Pushed At2024-05-06 12:58:20
Last Commit At
Stargazers Count22.4k
Watchers Count104
Fork Count2.9k
Commits Count3.3k
Has Issues Enabled
Issues Count4221
Issue Open Count247
Pull Requests Count1744
Pull Requests Open Count104
Pull Requests Close Count687
Has Wiki Enabled
Is Archived
Is Fork
Is Locked
Is Mirror
Is Private
To the top