{"id":20901563,"url":"https://github.com/willfarrell/1auth","last_synced_at":"2026-02-08T19:19:59.538Z","repository":{"id":93542398,"uuid":"597439928","full_name":"willfarrell/1auth","owner":"willfarrell","description":"Collection of modules for user authentication","archived":false,"fork":false,"pushed_at":"2025-11-15T14:07:32.000Z","size":2407,"stargazers_count":5,"open_issues_count":11,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-12-21T23:49:03.244Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/willfarrell.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"docs/CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"docs/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":"docs/GOVERNANCE.md","roadmap":"docs/ROADMAP.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["willfarrell"],"patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":null}},"created_at":"2023-02-04T15:03:10.000Z","updated_at":"2025-09-10T13:38:12.000Z","dependencies_parsed_at":"2024-02-10T03:26:11.928Z","dependency_job_id":"9372be6d-6d9f-4c09-950a-d0e455809ca2","html_url":"https://github.com/willfarrell/1auth","commit_stats":{"total_commits":75,"total_committers":1,"mean_commits":75.0,"dds":0.0,"last_synced_commit":"4345d9f0d3e934a44913b4de0dc247f715302cc2"},"previous_names":[],"tags_count":72,"template":false,"template_full_name":null,"purl":"pkg:github/willfarrell/1auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2F1auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2F1auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2F1auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2F1auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/willfarrell","download_url":"https://codeload.github.com/willfarrell/1auth/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2F1auth/sbom","scorecard":{"id":925976,"data":{"date":"2025-08-25T12:41:49Z","repo":{"name":"github.com/willfarrell/1auth","commit":"44f79f1fcfd4aea57b5cb2e01443ceff0220f561"},"scorecard":{"version":"v5.2.1","commit":"ab2f6e92482462fe66246d9e32f642855a691dc1"},"score":9.7,"checks":[{"name":"Maintained","score":10,"reason":"25 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#code-review"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#security-policy"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:80","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:112","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:21","Info: jobLevel 'actions' permission set to 'read': .github/workflows/test-sast.yml:46","Info: jobLevel 'contents' permission set to 'read': .github/workflows/test-sast.yml:47","Info: topLevel permissions set to 'read-all': .github/workflows/ossf-scorecard.yml:19","Info: topLevel 'contents' permission set to 'read': .github/workflows/release.yml:12","Info: topLevel 'contents' permission set to 'read': .github/workflows/test-dast.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/test-dco.yml:7","Info: topLevel 'contents' permission set to 'read': .github/workflows/test-lint.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/test-pref.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/test-sast.yml:13","Info: topLevel 'contents' permission set to 'read': .github/workflows/test-unit.yml:10"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":9,"reason":"dependency not pinned by hash detected -- score normalized to 9","details":["Warn: npmCommand not pinned by hash: .github/workflows/test-sast.yml:38","Info:  28 out of  28 GitHub-owned GitHubAction dependencies pinned","Info:   3 out of   3 third-party GitHubAction dependencies pinned","Info:   5 out of   6 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#pinned-dependencies"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dependency-update-tool"}},{"name":"CII-Best-Practices","score":7,"reason":"badge detected: Silver","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: JavaScriptPropertyBasedTesting integration found: packages/account-username/index.fuzz.js:2","Info: JavaScriptPropertyBasedTesting integration found: packages/account/index.fuzz.js:2","Info: JavaScriptPropertyBasedTesting integration found: packages/authn-access-token/index.fuzz.js:2","Info: JavaScriptPropertyBasedTesting integration found: packages/authn-recovery-codes/index.fuzz.js:2","Info: JavaScriptPropertyBasedTesting integration found: packages/authn-webauthn/index.fuzz.js:2","Info: JavaScriptPropertyBasedTesting integration found: packages/messenger-email-address/index.fuzz.js:2","Info: JavaScriptPropertyBasedTesting integration found: packages/session/index.fuzz.js:2"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#signed-releases"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:106"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#packaging"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#license"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#sast"}},{"name":"Branch-Protection","score":10,"reason":"branch protection is fully enabled on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'main'","Info: 'stale review dismissal' is required to merge on branch 'main'","Info: required approving review count is 2 on branch 'main'","Info: codeowner review is required on branch 'main'","Info: 'last push approval' is required to merge on branch 'main'","Info: 'up-to-date branches' is required to merge on branch 'main'","Info: status check found to merge onto on branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#branch-protection"}},{"name":"Contributors","score":3,"reason":"project has 1 contributing companies or organizations -- score normalized to 3","details":["Info: found contributions from: middyjs"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#contributors"}},{"name":"CI-Tests","score":10,"reason":"7 out of 7 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#ci-tests"}}]},"last_synced_at":"2025-08-25T13:30:18.240Z","repository_id":93542398,"created_at":"2025-08-25T13:30:18.242Z","updated_at":"2025-08-25T13:30:18.242Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29240515,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-08T18:06:38.086Z","status":"ssl_error","status_checked_at":"2026-02-08T18:06:09.124Z","response_time":57,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-18T11:36:00.876Z","updated_at":"2026-02-08T19:19:59.531Z","avatar_url":"https://github.com/willfarrell.png","language":"JavaScript","readme":"\u003cdiv align=\"center\"\u003e\n  \u003c!--\u003cimg alt=\"1auth logo\" src=\"https://raw.githubusercontent.com/willfarrell/1auth/main/docs/img/logo.svg\"/\u003e--\u003e\n  \u003ch1\u003e1auth\u003c/h1\u003e\n  \u003cp\u003e\u003cstrong\u003eCollection of modules to assist in user authentication and session management.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\n  \u003ca href=\"https://github.com/willfarrell/1auth/actions/workflows/test-unit.yml\"\u003e\u003cimg src=\"https://github.com/willfarrell/1auth/actions/workflows/test-unit.yml/badge.svg\" alt=\"GitHub Actions unit test status\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/willfarrell/1auth/actions/workflows/test-dast.yml\"\u003e\u003cimg src=\"https://github.com/willfarrell/1auth/actions/workflows/test-dast.yml/badge.svg\" alt=\"GitHub Actions dast test status\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/willfarrell/1auth/actions/workflows/test-perf.yml\"\u003e\u003cimg src=\"https://github.com/willfarrell/1auth/actions/workflows/test-pref.yml/badge.svg\" alt=\"GitHub Actions perf test status\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/willfarrell/1auth/actions/workflows/test-sast.yml\"\u003e\u003cimg src=\"https://github.com/willfarrell/1auth/actions/workflows/test-sast.yml/badge.svg\" alt=\"GitHub Actions SAST test status\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/willfarrell/1auth/actions/workflows/test-lint.yml\"\u003e\u003cimg src=\"https://github.com/willfarrell/1auth/actions/workflows/test-lint.yml/badge.svg\" alt=\"GitHub Actions lint test status\"\u003e\u003c/a\u003e\n  \u003cbr/\u003e\n  \u003ca href=\"https://www.npmjs.com/package/@1auth/authn\"\u003e\u003cimg alt=\"npm version\" src=\"https://img.shields.io/npm/v/@1auth/authn.svg\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://packagephobia.com/result?p=@1auth/authn\"\u003e\u003cimg src=\"https://packagephobia.com/badge?p=@1auth/authn\" alt=\"npm install size\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://www.npmjs.com/package/@1auth/authn\"\u003e\n  \u003cimg alt=\"npm weekly downloads\" src=\"https://img.shields.io/npm/dw/@1auth/authn.svg\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://www.npmjs.com/package/@1auth/authn#provenance\"\u003e\n  \u003cimg alt=\"npm provenance\" src=\"https://img.shields.io/badge/provenance-Yes-brightgreen\"\u003e\u003c/a\u003e\n  \u003cbr/\u003e\n  \u003ca href=\"https://scorecard.dev/viewer/?uri=github.com/willfarrell/1auth\"\u003e\u003cimg src=\"https://api.scorecard.dev/projects/github.com/willfarrell/1auth/badge\" alt=\"Open Source Security Foundation (OpenSSF) Scorecard\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://slsa.dev\"\u003e\u003cimg src=\"https://slsa.dev/images/gh-badge-level3.svg\" alt=\"SLSA 3\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/willfarrell/1auth/blob/main/docs/CODE_OF_CONDUCT.md\"\u003e\u003cimg src=\"https://img.shields.io/badge/Contributor%20Covenant-2.1-4baaaa.svg\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://biomejs.dev\"\u003e\u003cimg alt=\"Checked with Biome\" src=\"https://img.shields.io/badge/Checked_with-Biome-60a5fa?style=flat\u0026logo=biome\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://conventionalcommits.org\"\u003e\u003cimg alt=\"Conventional Commits\" src=\"https://img.shields.io/badge/Conventional%20Commits-1.0.0-%23FE5196?logo=conventionalcommits\u0026logoColor=white\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/willfarrell/1auth/blob/main/package.json#L32\"\u003e\n  \u003cimg alt=\"code coverage\" src=\"https://img.shields.io/badge/code%20coverage-96%25-brightgreen\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003e\u003c!--You can read the documentation at: \u003ca href=\"https://github.com/willfarrell/1auth\"\u003ehttps://github.com/willfarrell/1auth\u003c/a\u003e--\u003e 1Auth is like an ORM for `accounts`, `authentications`, `messengers`, `sessions` with extensibility to ensure they have a consistent API and ensure that encoding/decoding/encryption/decryption are applied in a consistent way. All while enforcing industry defaults for cryptographic algorithms with an easy method to keep them up to date.\u003c/p\u003e\n\u003c/div\u003e\n\n## Default algorithms\n\n- Symmetric encryption: chacha20-poly1305 (AES-256 GCM also supported)\n- Symmetric signature: HMAC\n- Asymmetric encryption: ECDSA\n- Asymmetric encryption key: ECC P-384 (ECC P-512 also supported)\n- Asymmetric signature: Ed25521 (future)\n- Digest: SHA3-384 (SHA2-512, SHA3-512 also supported)\n- Secret hash: [Argon2id](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#argon2id) (timeCost:3, memoryCost: 2^15, slatLength: 16, outputLen: 64)\n- Encoding: base64\n\nFIPS 140-3 Level 4 can be achieved using `aes-256-gcm`.\n\n## Quick start\n\n### Install\n\n```bash\nnpm i @1auth/store-dynamodb @1auth/notify-sqs @1auth/crypto @1auth/account-username @1auth/account @1auth/messenger @1auth/messenger-email-address @1auth/authn @1auth/authn-webauthn @1auth/authn-recovery-codes @1auth/authn-access-token @1auth/session\n```\n\n### Example\n\n```javascript\nimport * as store from '@1auth/store-dynamodb'\nimport * as notify from '@1auth/notify-sqs'\nimport crypto from '@1auth/crypto'\n\nimport account from '@1auth/account'\nimport accountUsername, {\n  exists as usernameExists\n} from '@1auth/account-username'\n\nimport messenger from '@1auth/messenger'\nimport messengerEmailAddress from '@1auth/messenger-email-address'\n\nimport authn from '@1auth/authn'\nimport webauthn from '@1auth/authn-webauthn'\nimport recoveryCodes from '@1auth/authn-recovery-codes'\nimport recoveryCode from './authn/authn-recovery-code/index.js'\nimport accessToken from '@1auth/authn-access-token'\n\nimport session from '@1auth/session'\n\n// 12h chosen based on OWASP ASVS\nconst sessionExpire = 12 * 60 * 60\n// 10d chosen based on EFF DNT Policy\nconst ttlExpire = 10 * 24 * 60 * 60\n\nstore.default({\n  timeToLiveExpireOffset: ttlExpire - sessionExpire\n})\nnotify.default({\n  queueName: process.env.QUEUE_NAME ?? 'notify-queue'\n})\n\n// Passed in via ENV for example only\ncrypto({\n  symmetricEncryptionKey: process.env.SYMMETRIC_ENCRYPTION_KEY ?? '',\n  symmetricSignatureSecret: process.env.SYMMETRIC_SIGNATURE_SECRET ?? '',\n  digestChecksumSalt: process.env.DIGEST_CHECKSUM_SALT ?? '',\n  digestChecksumPepper: process.env.DIGEST_CHECKSUM_PEPPER ?? ''\n})\n\naccount({\n  store,\n  notify,\n  encryptedFields: ['value','name', 'locale']\n})\naccountUsername({\n  usernameBlacklist: ['root', 'admin', 'sa']\n})\n\nmessenger({\n  store,\n  notify,\n  encryptedFields: ['value']\n})\nmessengerEmailAddress()\n\nauthn({\n  store,\n  notify,\n  usernameExists: [usernameExists],\n  encryptedFields: ['value', 'name']\n})\nwebauthn({\n  origin: process.env.ORIGIN,\n  name: 'Organization Name',\n  userVerification: 'preferred'\n})\nrecoveryCodes()\naccessToken()\n\nsession({\n  store,\n  notify,\n  expire: sessionExpire\n})\n```\n\n## Architecture\n\n![architecture diagram](docs/architecture.png)\n\n## License\n\nLicensed under [MIT License](LICENSE). Copyright (c) 1985-2025 [will Farrell](https://github.com/willfarrell) and all [contributors](https://github.com/willfarrell/1auth/graphs/contributors).\n","funding_links":["https://github.com/sponsors/willfarrell"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwillfarrell%2F1auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwillfarrell%2F1auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwillfarrell%2F1auth/lists"}