Skip to content

A turnkey OAuth & authentication system, designed for both Cloudflare Workers and Node.js

License

Notifications You must be signed in to change notification settings

ValueMelody/melody-auth

Repository files navigation

Melody Auth

Melody Auth is turnkey OAuth & authentication system that can be seamlessly deployed on Cloudflare’s infrastructure, utilizing Workers, D1, and KV, or self-hosted with Node.js, Redis, and PostgreSQL. It provides a robust and user-friendly solution for implementing and hosting your own oauth and authentication system with minimal configuration required.

Why Melody Auth?

1. Self-Controlled

Server Setup (Cloudflare)
Server Setup (Node)
Mailer Setup
SMS Setup
Configurations

  • Deploy the entire system within minutes, either using Cloudflare’s infrastructure or self-hosted with Node.js, Redis, and PostgreSQL.
  • Minimize DevOps overhead by leveraging Cloudflare, or maintain full control with a self-hosted solution.
  • Full access to the source code for customization and scalability.

2. Admin Panel

Admin Panel Setup

  • Web interface for managing apps, users, scopes, and roles
  • Serves as a simple implementation example using the React SDK and Server-to-Server REST API

3. Server-to-Server REST API

REST API Swagger

  • Secure communication channel for backend services using client credentials token exchange flow
  • Provides functionalities for managing apps, users, scopes, and roles with scope protection

4. React SDK

React SDK Guidance

  • Enables smooth integration between React applications and the authentication server
  • Implements Proof Key for Code Exchange (PKCE) for enhanced security

Features Supported

  • OAuth 2.0:
    • Authorize
    • Token Exchange
    • Refresh Token Revoke
    • App Consent
    • App Scopes
    • User Info Retrieval
    • openid-configuration
  • Authorization:
    • Sign-In
    • Sign-Up
    • Sign-Out
    • Email Verification
    • Password Reset
    • Role-Based Access Control (RBAC)
    • Account Linking
    • Localization How to support a new locale
  • Social Sign-In:
    • Google Sign-In
    • Facebook Sign-In
    • GitHub Sign-In
  • Multi-Factor Authentication How to setup MFA:
    • Email MFA
    • OTP MFA
    • SMS MFA
    • MFA Enrollment
  • Policy How to trigger a different policy
    • sign_in_or_sign_up
    • change_password
    • change_email
    • reset_mfa
  • Mailer Option:
    • SendGrid
    • Mailgun
    • Brevo
    • STMP (Node.js environment only)
  • SMS Option:
    • Twilio
  • JWT Authentication:
  • Brute-force Protection:
    • Log in attempts
    • Password reset attempts
    • OTP MFA attempts
    • SMS MFA attempts
    • Email MFA attempts
    • Change Email attempts
  • Logging:
    • Email Logs
    • SMS Logs
    • Sign-in Logs
  • S2S REST API & Admin Panel:
    • Manage Users
    • Manage Apps
    • Manage Scopes
    • Manage Roles
    • View Logs
    • Localization

Screenshots

Authorization Screenshots
Admin Panel Screenshots

License

This project is licensed under the MIT License. See the LICENSE file for details.