permit - An unopinionated authentication library for building Node.js APIs.

  •        75

An unopinionated authentication library for building Node.js APIs. Permit makes it easy to add an authentication layer to any Node.js API. It can be used with any of the popular server frameworks (eg. Express, Koa, Hapi, Fastify) and it can be used for any type of API (eg. REST, GraphQL, etc.) due to its simple, unopinionated design.

https://github.com/ianstormtaylor/permit

Tags
Implementation
License
Platform

   




Related Projects

passport-facebook-token - Passport strategy for authenticating with Facebook access tokens using the OAuth 2

  •    Javascript

Passport strategy for authenticating with Facebook access tokens using the OAuth 2.0 API. This module lets you authenticate using Facebook in your Node.js applications. By plugging into Passport, Facebook authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

jwt - Koa middleware for validating JSON Web Tokens

  •    Javascript

This module lets you authenticate HTTP requests using JSON Web Tokens in your Koa (node.js) applications. See this article for a good introduction.


passport-azure-ad - Azure Active Directory Authentication Strategies using Node and Passportjs

  •    Javascript

passport-azure-ad is a collection of Passport Strategies to help you integrate with Azure Active Directory. It includes OpenID Connect, WS-Federation, and SAML-P authentication and authorization. These providers let you integrate your Node app with Microsoft Azure AD so you can use its many features, including web single sign-on (WebSSO), Endpoint Protection with OAuth, and JWT token issuance and validation. passport-azure-ad has been tested to work with both Microsoft Azure Active Directory and with Microsoft Active Directory Federation Services.

apollo-server - :earth_africa: GraphQL server for Express, Connect, Hapi and Koa

  •    TypeScript

Apollo Server is a community-maintained open-source GraphQL server. It works with pretty much all Node.js HTTP server frameworks, and we're happy to take PRs for more! It works with any GraphQL schema built with the graphql-js reference implementation.Apollo Server is super easy to set up. Just npm install apollo-server-<variant>, write a GraphQL schema, and then use one of the following snippets to get started. For more info, read the Apollo Server docs.

slim-jwt-auth - PSR-7 and PSR-15 JWT Authentication Middleware

  •    PHP

This middleware implements JSON Web Token Authentication. It was originally developed for Slim but can be used with any framework using PSR-7 style middlewares. It has been tested with Slim Framework and Zend Expressive. Middleware does not implement OAuth 2.0 authorization server nor does it provide ways to generate, issue or store authentication tokens. It only parses and authenticates a token when passed via header or cookie. This is useful for example when you want to use JSON Web Tokens as API keys.

mod_auth_openidc - OpenID Connect Relying Party and OAuth 2

  •    C

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. It can also function as an OAuth 2.0 Resource Server, validating OAuth 2.0 bearer access tokens presented by OAuth 2.0 Clients. This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party (RP) to an OpenID Connect Provider (OP). It authenticates users against an OpenID Connect Provider, receives user identity information from the OP in a so called ID Token and passes on the identity information (a.k.a. claims) in the ID Token to applications hosted and protected by the Apache web server.

lua-resty-openidc - Lua implementation to make NGINX operate as an OpenID Connect RP or OAuth 2

  •    Lua

lua-resty-openidc is a library for NGINX implementing the OpenID Connect Relying Party (RP) and/or the OAuth 2.0 Resource Server (RS) functionality. When used as an OpenID Connect Relying Party it authenticates users against an OpenID Connect Provider using OpenID Connect Discovery and the Basic Client Profile (i.e. the Authorization Code flow). When used as an OAuth 2.0 Resource Server it can validate OAuth 2.0 Bearer Access Tokens against an Authorization Server or, in case a JSON Web Token is used for an Access Token, verification can happen against a pre-configured secret/key .

graffiti - ⚠️ DEVELOPMENT DISCONTINUED - Node.js GraphQL ORM

  •    Javascript

Currently the consumption of HTTP REST APIs dominate the client-side world, GraphQL aims to change this. This transition can be time-consuming - this is where graffiti comes into the picture. We don't want to rewrite our application - no one wants that. graffiti provides an Express middleware, a Hapi plugin and a Koa middleware to convert your existing models into a GraphQL schema and exposes it over HTTP.

apollo-resolvers - Expressive and composable resolvers for Apollostack's GraphQL server

  •    Javascript

When standing up a GraphQL backend, one of the first design decisions you will undoubtedly need to make is how you will handle authentication, authorization, and errors. GraphQL resolvers present an entirely new paradigm that existing patterns for RESTful APIs fail to adequately address. Many developers end up writing duplicitous authorization checks in a vast majority of their resolver functions, as well as error handling logic to shield the client from encountering exposed internal errors. The goal of apollo-resolvers is to simplify the developer experience in working with GraphQL by abstracting away many of these decisions into a nice, expressive design pattern. apollo-resolvers provides a pattern for creating resolvers that work, essentially, like reactive middleware. By creating a chain of resolvers to satisfy individual parts of the overall problem, you are able to compose elegant streams that take a GraphQL request and bind it to a model method or some other form of business logic with authorization checks and error handling baked right in.

nginx-jwt - Lua script for Nginx that performs reverse proxy auth using JWT's

  •    Javascript

nginx-jwt is a Lua script for the Nginx server (running the HttpLuaModule) that will allow you to use Nginx as a reverse proxy in front of your existing set of HTTP services and secure them (authentication/authorization) using a trusted JSON Web Token (JWT) in the Authorization request header, having to make little or no changes to the backing services themselves.IMPORTANT: nginx-jwt is a Lua script that is designed to run on Nginx servers that have the HttpLuaModule installed. But ultimately its dependencies require components available in the OpenResty distribution of Nginx. Therefore, it is recommended that you use OpenResty as your Nginx server, and these instructions make that assumption.

koa-graphql - Create a GraphQL HTTP server with Koa.

  •    Javascript

Create a GraphQL HTTP server with Koa. NOTE: Below is a copy from express-graphql's README. In this time I implemented almost same api, but it may be changed as time goes on.

instagram-node - NodeJS driver for the instagram API

  •    Javascript

Instagram uses the standard oauth authentication flow in order to allow apps to act on a user's behalf. Therefore, the API provides two convenience methods to help you authenticate your users. The first, get_authorization_url, can be used to redirect an unauthenticated user to the instagram login screen based on a redirect_uri string and an optional options object containing an optional scope array and an optional state string. The second method, authorize_user, can be used to retrieve and set an access token for a user, allowing your app to act fully on his/her behalf. This method takes three parameters: a response_code which is sent as a GET parameter once a user has authorized your app and instagram has redirected them back to your authorization redirect URI, a redirect_uri which is the same one supplied to get_authorization_url, and a callback that takes two parameters err and result. err will be populated if and only if the request to authenticate the user has failed for some reason. Otherwise, it will be null and response will be populated with a JSON object representing Instagram's confirmation reponse that the user is indeed authorized. See instagram's authentication documentation for more information. Below is an example of how one might authenticate a user within an ExpressJS app.