https://github.com/obeim/fastify-auth-template

A secure authentication & authorization starter template built with Fastify, TypeScript, and Prisma, following OWASP security best practices.
https://github.com/obeim/fastify-auth-template

authentication authorization fastify nodejs owasp-top-10 postgres prisma rest-api typescript

Last synced: 23 days ago
JSON representation

A secure authentication & authorization starter template built with Fastify, TypeScript, and Prisma, following OWASP security best practices.

• Host: GitHub
• URL: https://github.com/obeim/fastify-auth-template
• Owner: obeim
• Created: 2025-09-11T21:05:44.000Z (about 1 month ago)
• Default Branch: main
• Last Pushed: 2025-09-12T19:02:58.000Z (30 days ago)
• Last Synced: 2025-09-12T21:11:23.458Z (30 days ago)
• Topics: authentication, authorization, fastify, nodejs, owasp-top-10, postgres, prisma, rest-api, typescript
• Language: TypeScript
• Homepage:
• Size: 24.4 KB
• Stars: 0
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Fastify Auth Template (TypeScript + Prisma)

A secure authentication & authorization starter template built with **Fastify**, **TypeScript**, and **Prisma**, following **OWASP security best practices**.

## Features

- **JWT Authentication**

  - Access token stored in memory

  - Refresh token stored in **HTTP-only secure cookies**

- **Role-based authorization**

  - Example roles: `admin`, `user`

- **OWASP Security Standards**

  - Secure cookie flags (`HttpOnly`, `Secure`, `SameSite`)

  - Token rotation on refresh

  - CORS with strict origin & credentials

  - Input validation with [TypeBox](https://github.com/sinclairzx81/typebox)

- **Tech stack**

  - [Fastify](https://fastify.io/) for blazing-fast backend

  - [TypeScript](https://www.typescriptlang.org/) for type safety

  - [Prisma](https://www.prisma.io/) for database ORM

  - [PostgreSQL](https://www.postgresql.org/) database