Lucia-Auth

A simple and flexible user and session management library that provides an abstraction layer between your app and your database.
GitHub
9.78k
Created 2 years ago, last commit 12 days ago
229 contributors
1.78k commits
Stars added on GitHub, month by month
12
1
2
3
4
5
6
7
8
9
10
11
2023
2024
Stars added on GitHub, per day, on average
Yesterday
+1
Last week
+3.3
/day
Last month
+4.4
/day
Last 12 months
+14.4
/day
npmPackage on NPM
Monthly downloads on NPM
12
1
2
3
4
5
6
7
8
9
10
11
2023
2024
No dependencies
README

Lucia

Link: lucia-auth.com

Important

Lucia v3 will be deprecated by March 2025. Lucia is now a learning resource on implementing auth from scratch. See the announcement for details and migration path. The source code for v3 is available in the v3 branch.

Lucia is an open source project to provide resources on implementing authentication with JavaScript and TypeScript.

The main section is on implementing sessions with your database, library, and framework of choice. Using the API you just created, you can continue learning by going through the tutorials or by referencing one of the fully-fledged examples.

If you have any questions on auth, feel free to ask them in our Discord server or on GitHub Discussions!

Why not a library?

We've found it extremely hard to develop a library that:

  1. Supports the many database libraries, ORMs, frameworks, runtimes, and deployment options available in the ecosystem.
  2. Provides enough flexibility for the majority of use cases.
  3. Does not add significant complexity to projects.

We came to the conclusion that at least for the core of auth - sessions - it's better to teach the code and concepts rather than to try cramming it into a library. The code is very straightforward and shouldn't take more than 10 minutes to write it once you understand it. As an added bonus, it's fully customizable.

Related projects

  • The Copenhagen Book: A free online resource covering the various auth concepts in web applications.
  • Oslo: Simple, runtime agnostic, and fully-typed packages with minimal dependency for auth and cryptography.
  • Arctic: OAuth 2.0 client library with support for 50+ providers.

Disclaimer

All example code in the site is licensed under the Zero-Clause BSD license. You're free to use, copy, modify, and distribute it without any attribution. The license is approved by the Open Source Initiative (OSI) and Google.

Everything else this repository is licensed under the MIT license.

Copyright © 2024 pilcrow and contributors