每天推薦一個 GitHub 優質開源項目和一篇精選英文科技或編程文章原文,歡迎關注開源日報。交流QQ群:202790710;微博:https://weibo.com/openingsource;電報群 https://t.me/OpeningSourceOrg



今日推薦開源項目:《無限圖標制 eva-icons》傳送門:GitHub鏈接

推薦理由:顧名思義,這個項目是一個開源圖標大合集。無論是在網站上還是在各種移動端應用上都會用到很多的圖標,如果你正在為了尋找合適的圖標而煩惱的話,這個項目能夠為你排憂解難。


今日推薦英文原文:《6 JavaScript User Authentication Libraries for 2019》作者:Jonathan Saring

原文鏈接:https://blog.bitsrc.io/6-javascript-user-authentication-libraries-for-2019-6c7c45fbe458?source=topic_page---------5------------------1&gi=66c7ffe24b3f

推薦理由:用戶認證是很多時候都需要實現的功能,這些 JS 庫興許可以幫助你更輕鬆的實現它

6 JavaScript User Authentication Libraries for 2019

「Build me a user-authentication in two weeks!」- Useful ways to get the job done, quick and simple.

Don』t let users wait. Not even the suspicious one on the right who is secretly drinking.

「Build me a user-authentication system in two weeks」 is a common phrase among R&D teams these days. For various reasons, this task has always been one of those things left for a single developer in the team to sort out.

On one hand, you really don』t want to waste a lot of time doing it. On the other, you』re concerned that this kind of information might be better off handled by your own internally-written service, for better scaling later on.

As new tutorials appear around the web (a good place to start), and more teams are trying to understand the cost-benefit equation for implementing their own solution vs using a library or a service, I』ve gathered a short review of what』s out there. Hope this can help save some time, and make a better informed decision. Feel free to comment and share your own insights.

Suggestion: Instead of duplicating such common code between projects and services, we use Bit to turn such code into shared components and organize them where we can easily discover, use and sync our changes. Give it a try!Bit - Share and build with code components
Bit helps you share, discover and use code components between projects and applications to build new features and…bitsrc.io

1. Passport JS

Passport is not only a 15k stars user-auth library, it is probably the most common way for JS developers to use an external library for user authentication. This library basically provides relatively flexible and modularmiddleware for Node.js which can be integrated to any Express-based web application. It』s also a community platform which supports various kinds of common authentications such as username and passwordFacebookTwitter, and more. If you don』t want to implement your own solution, it』s probably your first go-to option. Note these common mistakes to be avoided though.jaredhanson/passport
Simple, unobtrusive authentication for Node.js. Contribute to jaredhanson/passport development by creating an account…github.com

2. Auth0

While this isn』t a library but rather a service, it』s a robust yet quick way to get the job done. Auth0 is a (quite big) start-up company which provides a wide universal authentication & authorization platform for web, mobile and legacy applications. Some say it』s the closest solution to Plataformatec』s Devise for Ruby on Rails, except you can connect any app or API in any language. There are over 100 pre-built integrations, and here』s a quick-start with Node.js.Never Compromise on Identity. — Auth0
Auth0 is the solution you need for web, mobile, IoT, and internal applications. Loved by developers and trusted by…auth0.com

3. Permit

Permit is a 1K stars project which aims to provide an 「unopinionated」 authentication library for building Node.js APIs. Permit lets you add an authentication layer to any Node.js API and can be used with frameworks like Express, Koa, Hapi and Fastify. It can be used with multiple types of API from REST to GraphQL, hence the 「unopinionated」 design. Permit aims to focus on APIs (stateless requests) and supporting frameworks other than Express. It』s also being active developed, which makes Permit an interesting choice to consider. definitely worth keeping an eye on this one.ianstormtaylor/permit
An unopinionated authentication library for building Node.js APIs. — ianstormtaylor/permitgithub.com

See examples. Here』s one with Express:


import { Bearer } from 'permit'
import express from 'express'

const permit = new Bearer({
  basic: 'username', // Also allow a Basic Auth username as a token.
  query: 'access_token', // Also allow an `?access_token=` query parameter.
})

function authenticate(req, res, next) {
  // Try to find the bearer token in the request.
  const token = permit.check(req)

  // No token found, so ask for authentication.
  if (!token) {
    permit.fail(res)
    return next(new Error(`Authentication required!`))
  }

  // Perform your authentication logic however you'd like...
  db.users.findByToken(token, (err, user) => {
    if (err) return next(err)

    // No user found, so their token was invalid.
    if (!user) {
      permit.fail(res)
      return next(new Error(`Authentication invalid!`))
    }

    // Authentication succeeded, save the context and proceed...
    req.user = user
    next()
  })
}

const app = express()

app.get('/', (req, res) => {
  res.send('Some unrestricted content.')
})

app.get('/restricted', authenticate, (req, res) => {
  res.send('Restricted content!')
})

app.listen(3000)

4. Grant

A rather new and promising library providing OAuth Middleware for Express, Koa and Hapi- with over 180 supported providers and a live playground. In case you want to use it with your own private OAuth provider, you can specify the required key yourself. Although this library is already getting traction (+ 1K stars), resources are relatively scarce so try it out with care.simov/grant
OAuth Middleware for Express, Koa and Hapi. Contribute to simov/grant development by creating an account on GitHub.github.com

5. Feathers authentication management

Feathers is an open source (11K stars) real-time, micro-service web framework for NodeJS that gives you control over your data via RESTful resources, sockets and flexible plug-ins.

Feathers also provides authentication and authentication management modules which let you add sign up verification, forgotten password reset, and other capabilities to local feathers-authentication. The idea is to combine different authentication methods under one roof, in a flexible infrastructure. Here』s a step-by-step guide to help you get started.feathersjs/authentication
Feathers local, token, and OAuth authentication over REST and Websockets using JSON Web Tokens (JWT) with PassportJS. …github.com
feathers-plus/feathers-authentication-management
Adds sign up verification, forgotten password reset, and other capabilities to local feathers-authentication …github.com

6. Just use Firebase Authentication (for small apps)

This might not necessarily be the long-term solution to manage user auth in your scaling platform (or is it?). But, it』s a very useful way to get the job done, fast and simple, for your applications deployed with Firebase.

Firebase Authentication provides backend services, easy-to-use SDKs, and ready-made UI libraries to authenticate users to your app. It supports authentication using passwords, phone numbers, popular federated identity providers like Google, Facebook, and Twitter. Learn more here.

Here』s a very nice tutorial for building a React app that leverages Firebase for User Auth with Facebook, Twitter and GitHub:React OAuth Authentication with Firebase
We build an awesome React app with Firebase to consume OAuth Authentication with GitHub, Twitter and Facebookblog.bitsrc.io

And here』s a similar tutorial for building a Vue.js application with Firebase authentication:Build a Vue App with Firebase Authentication and Database
A short yet detailed guide to building a simple Vue app with Firebase for Authentication and Firestore for Database.blog.bitsrc.io

And with the MERN stack (3-part series):Build a Login/Auth App with MERN Stack- Part 1
Create a (minimal) full-stack app with user authentication via passport and JWTs.blog.bitsrc.io

Honorable mentions

Most of these are unmaintained, so try with care!

bnoguchi/everyauth
node.js auth package (password, facebook, & more) for Connect and Express apps — bnoguchi/everyauthgithub.com

iaincollins/next-auth
An authentication library for Next.js projects. Contribute to iaincollins/next-auth development by creating an account…github.com

sffc/easy-no-password
Passwordless and 2FA auth without a database. Contribute to sffc/easy-no-password development by creating an account on…github.com

nmaro/ooth
User identity/authentication/accounts management microservice for node.js - nmaro/oothgithub.com

jaredhanson/oauth2orize
OAuth 2.0 authorization server toolkit for Node.js. — jaredhanson/oauth2orizegithub.com

stormpath/stormpath-sdk-react
User Management and Authentication for React. Contribute to stormpath/stormpath-sdk-react development by creating an…github.com

t1msh/node-oauth20-provider
OAuth 2.0 provider toolkit for nodeJS, standalone server and express middleware support - t1msh/node-oauth20-providergithub.com

zemirco/lockit
Authentication solution for Express. Contribute to zemirco/lockit development by creating an account on GitHub.github.com


Learn more

11 Javascript Utility Libraries you Should Know in 2018
11 Useful Javascript utility libraries to speed your development.blog.bitsrc.io
5 Tools for Faster Development in React
5 tools to speed the development of your React application, focusing on components.blog.bitsrc.io
Monorepos Made Easier with Bit and NPM
How to leverage Bit + NPM to go monorepo without the overhead.blog.bitsrc.io


每天推薦一個 GitHub 優質開源項目和一篇精選英文科技或編程文章原文,歡迎關注開源日報。交流QQ群:202790710;微博:https://weibo.com/openingsource;電報群 https://t.me/OpeningSourceOrg