Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/valuemelody/melody-auth
A turnkey OAuth & authentication system, designed for both Cloudflare Workers and Node.js
https://github.com/valuemelody/melody-auth
authentication cloudflare cloudflare-d1 cloudflare-kv cloudflare-workers facebook-login github-login google-login hono identity-provider mfa-authenticator oauth2 oauth2-client oauth2-server
Last synced: 2 days ago
JSON representation
A turnkey OAuth & authentication system, designed for both Cloudflare Workers and Node.js
- Host: GitHub
- URL: https://github.com/valuemelody/melody-auth
- Owner: ValueMelody
- License: mit
- Created: 2024-07-09T19:38:12.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2024-12-17T03:33:45.000Z (10 days ago)
- Last Synced: 2024-12-24T21:06:51.557Z (2 days ago)
- Topics: authentication, cloudflare, cloudflare-d1, cloudflare-kv, cloudflare-workers, facebook-login, github-login, google-login, hono, identity-provider, mfa-authenticator, oauth2, oauth2-client, oauth2-server
- Language: TypeScript
- Homepage: https://auth.valuemelody.com/
- Size: 3.32 MB
- Stars: 68
- Watchers: 0
- Forks: 3
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Contributing: .github/CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
README
# Melody Auth
**Melody Auth** is turnkey OAuth & authentication system that can be seamlessly deployed on Cloudflare’s infrastructure, utilizing Workers, D1, and KV, or self-hosted with Node.js, Redis, and PostgreSQL. It provides a robust and user-friendly solution for implementing and hosting your own oauth and authentication system with minimal configuration required.
## Why Melody Auth?
### 1. Self-Controlled
[Server Setup (Cloudflare)](https://auth.valuemelody.com/auth-server.html#environment-setup-cloudflare)
[Server Setup (Node)](https://auth.valuemelody.com/auth-server.html#environment-setup-node)
[Mailer Setup](https://auth.valuemelody.com/auth-server.html#mailer-setup)
[SMS Setup](https://auth.valuemelody.com/auth-server.html#sms-setup)
[Configurations](https://auth.valuemelody.com/auth-server.html#additional-configs)
- Deploy the entire system within minutes, either using Cloudflare’s infrastructure or self-hosted with Node.js, Redis, and PostgreSQL.
- Minimize DevOps overhead by leveraging Cloudflare, or maintain full control with a self-hosted solution.
- Full access to the source code for customization and scalability.### 2. Admin Panel
[Admin Panel Setup](https://auth.valuemelody.com/admin-panel.html)
- Web interface for managing apps, users, scopes, and roles
- Serves as a simple implementation example using the React SDK and Server-to-Server REST API### 3. Server-to-Server REST API
[REST API Swagger](https://auth-server.valuemelody.com/api/v1/swagger)
- Secure communication channel for backend services using client credentials token exchange flow
- Provides functionalities for managing apps, users, scopes, and roles with scope protection### 4. React SDK
[React SDK Guidance](https://auth.valuemelody.com/react-sdk.html)
- Enables smooth integration between React applications and the authentication server
- Implements Proof Key for Code Exchange (PKCE) for enhanced security## Features Supported
- OAuth 2.0:
- Authorize
- Token Exchange
- Refresh Token Revoke
- App Consent
- App Scopes
- User Info Retrieval
- openid-configuration
- Authorization:
- Sign-In
- Sign-Up
- Sign-Out
- Email Verification
- Password Reset
- Role-Based Access Control (RBAC)
- Account Linking
- Localization [How to support a new locale](https://auth.valuemelody.com/q_a.html#how-to-support-a-new-locale)
- Social Sign-In:
- Google Sign-In
- Facebook Sign-In
- GitHub Sign-In
- Multi-Factor Authentication [How to setup MFA](https://auth.valuemelody.com/q_a.html#how-to-setup-mfa):
- Email MFA
- OTP MFA
- SMS MFA
- MFA Enrollment
- Policy [How to trigger a different policy](https://auth.valuemelody.com/q_a.html#how-to-trigger-a-different-policy)
- sign_in_or_sign_up
- change_password
- change_email
- reset_mfa
- Mailer Option:
- SendGrid
- Mailgun
- Brevo
- STMP (Node.js environment only)
- SMS Option:
- Twilio
- JWT Authentication:
- RSA256 based JWT Authentication [How to verify a SPA access token](https://auth.valuemelody.com/q_a.html#how-to-verify-a-spa-access-token)
- JWT Secret Rotate [How to rotate JWT secret](https://auth.valuemelody.com/q_a.html#how-to-rotate-jwt-secret)
- Brute-force Protection:
- Log in attempts
- Password reset attempts
- OTP MFA attempts
- SMS MFA attempts
- Email MFA attempts
- Change Email attempts
- Logging:
- Email Logs
- SMS Logs
- Sign-in Logs
- S2S REST API & Admin Panel:
- Manage Users
- Manage Apps
- Manage Scopes
- Manage Roles
- View Logs
- Localization### Screenshots
[Authorization Screenshots](https://auth.valuemelody.com/screenshots.html#identity-pages-and-emails)
[Admin Panel Screenshots](https://auth.valuemelody.com/screenshots.html#admin-panel-pages)## License
This project is licensed under the MIT License. See the LICENSE file for details.