https://github.com/valuemelody/melody-auth
A turnkey OAuth & authentication system, designed for both Cloudflare Workers and Node.js
https://github.com/valuemelody/melody-auth
authentication-system cloudflare cloudflare-workers honojs identity-provider mfa-authenticator oauth2 passkey-authentication passwordless-authentication self-hosting social-login
Last synced: 10 days ago
JSON representation
A turnkey OAuth & authentication system, designed for both Cloudflare Workers and Node.js
- Host: GitHub
- URL: https://github.com/valuemelody/melody-auth
- Owner: ValueMelody
- License: mit
- Created: 2024-07-09T19:38:12.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2025-04-12T02:52:17.000Z (11 days ago)
- Last Synced: 2025-04-12T02:52:25.083Z (11 days ago)
- Topics: authentication-system, cloudflare, cloudflare-workers, honojs, identity-provider, mfa-authenticator, oauth2, passkey-authentication, passwordless-authentication, self-hosting, social-login
- Language: TypeScript
- Homepage: https://auth.valuemelody.com/
- Size: 6.48 MB
- Stars: 179
- Watchers: 0
- Forks: 15
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Contributing: .github/CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
README
# Melody Auth
**Melody Auth** is a user-friendly, robust solution for implementing and hosting your own OAuth and authentication system.
- Deploy to **Cloudflare** using **Workers, D1, and KV** in just minutes — minimizing infrastructure and DevOps overhead.
- **Self-Host** with **Node.js, Redis, and PostgreSQL** — giving you full control over your data and infrastructure.
[](https://codecov.io/gh/ValueMelody/melody-auth)
**Disclaimer** All French translations provided in this project have been generated by AI. Please review them carefully for accuracy before use.
## What's included?
- Complete **OAuth & Authentication Server**
- [Auth Server Setup Doc](https://auth.valuemelody.com/auth-server-setup.html)
- [Auth Server Configuration Doc](https://auth.valuemelody.com/auth-server-configuration.html)
- **Server-to-Server REST API** for backend integrations
- [Swagger API Doc](https://auth-server.valuemelody.com/api/v1/swagger)
- [S2S API Doc](https://auth.valuemelody.com/s2s-api.html)
- **React/Vue SDK** to seamlessly integrate authentication into your frontend
- [React NPM Package](https://www.npmjs.com/package/@melody-auth/react)
- [React SDK Doc](https://auth.valuemelody.com/react-sdk.html)
- [Vue NPM Package](https://www.npmjs.com/package/@melody-auth/vue)
- [Vue SDK Doc](https://auth.valuemelody.com/vue-sdk.html)
- **Admin Panel** for managing resources (also serves as a full-stack implementation example)
- [Admin Panel Setup Doc](https://auth.valuemelody.com/admin-panel-setup.html)
## Auth Server Features Supported
- OAuth 2.0:
- Authorize
- Token Exchange
- Refresh Token Revoke
- App Consent
- App Scopes
- User Info Retrieval
- OpenID Configuration
- Authorization:
- Sign-In
- Passwordless Sign-In
- Sign-Up
- Sign-Out
- Email Verification
- Password Reset
- Role-Based Access Control
- Account Linking
- Localization [How to support a new locale](https://auth.valuemelody.com/q_a.html#how-to-support-a-new-locale)
- Social Sign-In:
- Google Sign-In
- Facebook Sign-In
- GitHub Sign-In
- Discord Sign-In
- Apple Sign-In
- OIDC Auth Provider Sign-In
- Multi-Factor Authentication [How to setup MFA](https://auth.valuemelody.com/q_a.html#how-to-setup-mfa)
- Email MFA
- OTP MFA
- SMS MFA
- MFA Self Enrollment
- Passkey Enrollment
- Policy [How to trigger a different policy](https://auth.valuemelody.com/q_a.html#how-to-trigger-a-different-policy)
- sign_in_or_sign_up
- update_info
- change_password
- change_email
- reset_mfa
- manage_passkey
- Organization:
- Branding config override
- Mailer Option [Email Provider Setup Doc](https://auth.valuemelody.com/email-provider-setup.html)
- SendGrid
- Mailgun
- Brevo
- Resend
- SMTP (Node.js environment only)
- SMS Option [SMS Provider Setup Doc](https://auth.valuemelody.com/sms-provider-setup.html)
- Twilio
- JWT Authentication
- RSA256 based JWT Authentication [How to verify a SPA access token](https://auth.valuemelody.com/q_a.html#how-to-verify-a-spa-access-token)
- JWT Secret Rotate [How to rotate JWT secret](https://auth.valuemelody.com/q_a.html#how-to-rotate-jwt-secret)
- Brute-force Protection:
- Log in attempts
- Password reset attempts
- OTP MFA attempts
- SMS MFA attempts
- Email MFA attempts
- Change Email attempts
- Logging:
- Logger Level
- Email Logs
- SMS Logs
- Sign-in Logs
## Admin Panel & S2S REST API Features Supported
- View Configurations
- Manage Users
- Manage Apps
- Manage Scopes
- Manage Roles
- Manage Organizations
- View Logs
- Access Control [Custom Role Access for the Admin Panel](https://auth.valuemelody.com/admin-panel-setup.html#custom-role-access-for-the-admin-panel)
## Demo & Examples
- [Vite React Example](https://github.com/ValueMelody/melody-auth/tree/main/examples/vite-react-demo)
- [Demo Site: Password Sign-in/Sign-up with OTP MFA and Passkey enrollment](https://auth-demo.valuemelody.com)
- [Vite Vue Example](https://github.com/ValueMelody/melody-auth/tree/main/examples/vite-vue-example)
- [Next.js Full stack implementation Example](https://github.com/ValueMelody/melody-auth/tree/main/admin-panel)
- [Next.js Auth.js Example](https://github.com/ValueMelody/melody-auth/tree/main/examples/next-auth-js-example)
- [React Native Example](https://github.com/ValueMelody/melody-auth/tree/main/examples/react-native-example)
## Screenshots
[Authorization Screenshots](https://auth.valuemelody.com/screenshots.html#identity-pages-and-emails)
[Admin Panel Screenshots](https://auth.valuemelody.com/screenshots.html#admin-panel-pages)
## License
This project is licensed under the MIT License. See the LICENSE file for details.