GitHub

494

ValueMelody/melody-auth

Created a year ago, last commit 3 days ago

5 contributors

395 commits

Stars added on GitHub, month by month

Click on the bars to view the numbers

N/A

+32

+145

Aug

8

Sep

9

Oct

10

Nov

11

Dec

12

Jan

1

Feb

2

Mar

3

Apr

4

May

5

Jun

6

Jul

7

2024

2025

Stars added on GitHub, per day, on average

Yesterday

+1

Last week

+1.1

/day

Last month

+0.9

/day

Package on NPM

@melody-auth/shared

1.0.11

Monthly downloads on NPM

Click on the bars to view the numbers

0

732

477

230

485

Aug

8

Sep

9

Oct

10

Nov

11

Dec

12

Jan

1

Feb

2

Mar

3

Apr

4

May

5

Jun

6

Jul

7

2024

2025

No dependencies

README

Melody Auth

Melody Auth is a user-friendly, robust solution for implementing and hosting your own OAuth and authentication system.

Deploy to Cloudflare using Workers, D1, and KV in just minutes — minimizing infrastructure and DevOps overhead.
Self-Host with Node.js, Redis, and PostgreSQL — giving you full control over your data and infrastructure.

Disclaimer All French translations provided in this project have been generated by AI. Please review them carefully for accuracy before use.

What's included?

OAuth & Authentication Server [Setup] [Config]
Server-to-Server REST API for backend integrations [Setup] [Swagger]
Admin Panel for managing resources (also serves as a full-stack implementation example) [Setup]
React/Angular/Vue/Web SDK to seamlessly integrate PKCE-based authentication into your frontend application.
- react-sdk [Package] [Doc]
- angular-sdk [Package] [Doc]
- vue-sdk [Package] [Doc]
- web-sdk [Package] [Doc]
Embedded Auth API for embedding authentication flows directly within your application. [Setup] [Swagger]

Auth Server Features Supported

OAuth 2.0:
- Authorize
- Token Exchange
- Refresh Token Revoke
- App Consent
- App Scopes
- User Info Retrieval
- OpenID Configuration
Authorization:
- Sign-In
- Passwordless Sign-In
- Sign-Up
- Sign-Out
- Email Verification
- Password Reset
- Role-Based Access Control
- User Attribute
- Account Linking
- Localization
External Identity Providers:
- Social Sign-In
  - Google Sign-In
  - Facebook Sign-In
  - GitHub Sign-In
  - Discord Sign-In
  - Apple Sign-In
- OIDC Auth Provider Sign-In
- SAML SSO Sign-In (Node.js environment only)
Multi-Factor Authentication
- Email MFA
- OTP MFA
- SMS MFA
- MFA Self Enrollment
- Passkey Enrollment
- Recovery Code
- Remember Device for 30 days
Policy
- sign_in_or_sign_up
- update_info
- change_password
- change_email
- reset_mfa
- manage_passkey
- manage_recovery_code
- saml_sso_[idp_name]
- oidc_sso_[provider_name]
Organization:
Mailer Option
- SendGrid
- Mailgun
- Brevo
- Resend
- Postmark
- SMTP (Node.js environment only)
SMS Option
- Twilio
JWT Authentication
- RSA256 based JWT Authentication
- JWT Secret Rotate
Brute-force Protection:
- Log in attempts
- Password reset attempts
- OTP MFA attempts
- SMS MFA attempts
- Email MFA attempts
- Change Email attempts
Logging:
- Logger Level
- Email Logs
- SMS Logs
- Sign-in Logs

Admin Panel & S2S REST API Features Supported

View Configurations
Manage Users
- Impersonation
Manage User Attributes
Manage Apps
- App Level MFA Config
- App Banner Config
Manage Scopes
Manage Roles
Manage Organizations
Manage SAML SSO IDPs
Manage Logs
Admin Panel Access Control

Demo & Examples

Screenshots

Authorization Screenshots
Admin Panel Screenshots

License

This project is licensed under the MIT License. See the LICENSE file for details.