passport-http-bearer - HTTP Bearer authentication strategy for Passport and Node.js.

•    Javascript

---

HTTP Bearer authentication strategy for Passport.

passport auth authn authentication authz authorization http bearer token oauth

passport-facebook-token - Passport strategy for authenticating with Facebook access tokens using the OAuth 2

•    Javascript

---

Passport strategy for authenticating with Facebook access tokens using the OAuth 2.0 API. This module lets you authenticate using Facebook in your Node.js applications. By plugging into Passport, Facebook authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

passport facebook auth authn authentication identity

passport-oauth2 - OAuth 2.0 authentication strategy for Passport and Node.js.

•    Javascript

---

OAuth 2.0 authentication strategy for Passport.

passport auth authn authentication authz authorization oauth oauth2

jwt - Koa middleware for validating JSON Web Tokens

•    Javascript

---

This module lets you authenticate HTTP requests using JSON Web Tokens in your Koa (node.js) applications. See this article for a good introduction.

auth authn authentication authz authorization http jwt json middleware token oauth koa

express-jwt - connect/express middleware that validates a JsonWebToken (JWT) and set the req

•    Javascript

---

JWT authentication middleware.

auth authn authentication authz authorization http jwt token oauth express

oauth2orize - OAuth 2.0 authorization server toolkit for Node.js.

•    Javascript

---

OAuth 2.0 authorization server toolkit for Node.js.

oauth oauth2 auth authz authorization connect express passport middleware oauth2-server oauth2-provider security authentication

passport-azure-ad - Azure Active Directory Authentication Strategies using Node and Passportjs

•    Javascript

---

passport-azure-ad is a collection of Passport Strategies to help you integrate with Azure Active Directory. It includes OpenID Connect, WS-Federation, and SAML-P authentication and authorization. These providers let you integrate your Node app with Microsoft Azure AD so you can use its many features, including web single sign-on (WebSSO), Endpoint Protection with OAuth, and JWT token issuance and validation. passport-azure-ad has been tested to work with both Microsoft Azure Active Directory and with Microsoft Active Directory Federation Services.

azure-active-directory aad adfs sso oidc bearer shibboleth

grant - OAuth Middleware for Express, Koa and Hapi

•    Javascript

---

OAuth Middleware for Express, Koa and Hapi

oauth oauth2 authentication middleware express koa hapi oauth2-client

passport-google-oauth - Google (OAuth) authentication strategies for Passport and Node.js.

•    Javascript

---

Google (OAuth) authentication strategies for Passport.

passport google auth authn authentication identity

apollo-server - :earth_africa: GraphQL server for Express, Connect, Hapi and Koa

•    TypeScript

---

Apollo Server is a community-maintained open-source GraphQL server. It works with pretty much all Node.js HTTP server frameworks, and we're happy to take PRs for more! It works with any GraphQL schema built with the graphql-js reference implementation.Apollo Server is super easy to set up. Just npm install apollo-server-<variant>, write a GraphQL schema, and then use one of the following snippets to get started. For more info, read the Apollo Server docs.

graphql graphql-server express-graphql express koa hapi node restify apollographql

slim-jwt-auth - PSR-7 and PSR-15 JWT Authentication Middleware

•    PHP

---

This middleware implements JSON Web Token Authentication. It was originally developed for Slim but can be used with any framework using PSR-7 style middlewares. It has been tested with Slim Framework and Zend Expressive. Middleware does not implement OAuth 2.0 authorization server nor does it provide ways to generate, issue or store authentication tokens. It only parses and authenticates a token when passed via header or cookie. This is useful for example when you want to use JSON Web Tokens as API keys.

middleware jwt psr-7 token-authentication psr-15

Passport - Express-compatible authentication middleware for Node.js

•    Javascript

---

Passport is Express-compatible authentication middleware for Node.js. Passport's sole purpose is to authenticate requests, which it does through an extensible set of plugins known as strategies. Passport does not mount routes or assume any particular database schema, which maximizes flexibility and allows application-level decisions to be made by the developer. The API is simple: you provide Passport a request to authenticate, and Passport provides hooks for controlling what occurs when authentication succeeds or fails.

authentication authentication-library social-authentication oauth openid oauth2 login social-login

koa-passport - Passport middleware for Koa

•    Javascript

---

Passport middleware for Koa

authentication passport koa koa2 auth authorization

mod_auth_openidc - OpenID Connect Relying Party and OAuth 2

•    C

---

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. It can also function as an OAuth 2.0 Resource Server, validating OAuth 2.0 bearer access tokens presented by OAuth 2.0 Clients. This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party (RP) to an OpenID Connect Provider (OP). It authenticates users against an OpenID Connect Provider, receives user identity information from the OP in a so called ID Token and passes on the identity information (a.k.a. claims) in the ID Token to applications hosted and protected by the Apache web server.

apache-httpd openid-connect openidconnect-client oauth2 oauth2-resource-server oauth openidc

lua-resty-openidc - Lua implementation to make NGINX operate as an OpenID Connect RP or OAuth 2

•    Lua

---

lua-resty-openidc is a library for NGINX implementing the OpenID Connect Relying Party (RP) and/or the OAuth 2.0 Resource Server (RS) functionality. When used as an OpenID Connect Relying Party it authenticates users against an OpenID Connect Provider using OpenID Connect Discovery and the Basic Client Profile (i.e. the Authorization Code flow). When used as an OAuth 2.0 Resource Server it can validate OAuth 2.0 Bearer Access Tokens against an Authorization Server or, in case a JSON Web Token is used for an Access Token, verification can happen against a pre-configured secret/key .

nginx openidconnect openidc oauth2 jwt-bearer-tokens lua-resty-openidc

graffiti - ⚠️ DEVELOPMENT DISCONTINUED - Node.js GraphQL ORM

•    Javascript

---

Currently the consumption of HTTP REST APIs dominate the client-side world, GraphQL aims to change this. This transition can be time-consuming - this is where graffiti comes into the picture. We don't want to rewrite our application - no one wants that. graffiti provides an Express middleware, a Hapi plugin and a Koa middleware to convert your existing models into a GraphQL schema and exposes it over HTTP.

graphql graffiti express hapi koa orm

apollo-resolvers - Expressive and composable resolvers for Apollostack's GraphQL server

•    Javascript

---

When standing up a GraphQL backend, one of the first design decisions you will undoubtedly need to make is how you will handle authentication, authorization, and errors. GraphQL resolvers present an entirely new paradigm that existing patterns for RESTful APIs fail to adequately address. Many developers end up writing duplicitous authorization checks in a vast majority of their resolver functions, as well as error handling logic to shield the client from encountering exposed internal errors. The goal of apollo-resolvers is to simplify the developer experience in working with GraphQL by abstracting away many of these decisions into a nice, expressive design pattern. apollo-resolvers provides a pattern for creating resolvers that work, essentially, like reactive middleware. By creating a chain of resolvers to satisfy individual parts of the overall problem, you are able to compose elegant streams that take a GraphQL request and bind it to a model method or some other form of business logic with authorization checks and error handling baked right in.

nodejs graphql apollo-client apollo-server resolver child-resolver parent-resolver apollostack-graphql-server composible-resolvers resolvers apollo api

Lad - Best Node.js framework. Made by a former Express TC and Koa team member

•    Javascript

---

Lad is the best Node.js framework. Made by a former Express TC and Koa team member. Lad boasts dozens of features and is extremely configurable. Lad framework includes Webapp server, API server, Proxy server, Job scheduler, Font end, Back end, Email Engine, Translation, Error Handling, Security, Performance.

api bootstrap redis aws boilerplate koa framework react-native mvc mongodb mongoose s3 prettier passport ava xo cloudfront async-await nodejs-framework web-server api-server

nginx-jwt - Lua script for Nginx that performs reverse proxy auth using JWT's

•    Javascript

---

nginx-jwt is a Lua script for the Nginx server (running the HttpLuaModule) that will allow you to use Nginx as a reverse proxy in front of your existing set of HTTP services and secure them (authentication/authorization) using a trusted JSON Web Token (JWT) in the Authorization request header, having to make little or no changes to the backing services themselves.IMPORTANT: nginx-jwt is a Lua script that is designed to run on Nginx servers that have the HttpLuaModule installed. But ultimately its dependencies require components available in the OpenResty distribution of Nginx. Therefore, it is recommended that you use OpenResty as your Nginx server, and these instructions make that assumption.

passport-twitter - Twitter authentication strategy for Passport and Node.js.

•    Javascript

---

Twitter authentication strategy for Passport.

passport twitter auth authn authentication identity