JSPM

@authtagon/authtagon

1.0.0
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 19
  • Score
    100M100P100Q76746F
  • License MIT

Authentication that doesn't suck. Built for SvelteKit with adapters for every framework you actually use.

Package Exports

  • @authtagon/authtagon
  • @authtagon/authtagon/components
  • @authtagon/authtagon/express
  • @authtagon/authtagon/nextjs
  • @authtagon/authtagon/react
  • @authtagon/authtagon/sveltekit

Readme

Authtagon

TypeScript Build Status Type Safety Development

A comprehensive, security-first authentication package built for SvelteKit with framework-agnostic adapters. The octagon of authentication security - eight sides of protection for your applications.

๐ŸŽ‰ Latest Achievement: Complete TypeScript cleanup finished! Zero type errors across the entire codebase with 100% type safety for all enterprise features including audit logging, GDPR compliance, and regulatory frameworks.

๐Ÿ›ก๏ธ Features

  • ๐Ÿ” Security First: OWASP-compliant with advanced threat detection
  • ๐ŸŽฏ SvelteKit Native: Built specifically for SvelteKit with perfect integration
  • ๐Ÿ”„ Framework Agnostic: Adapters for Next.js, Express, and more
  • ๐Ÿ›ก๏ธ Enterprise Grade: MFA, audit logging, breach detection, risk assessment
  • โšก Performance Optimized: Minimal overhead with intelligent caching
  • ๐ŸŽจ Developer Experience: TypeScript-first with excellent DX

๐Ÿ“Š Development Status

Current Version: 1.0.0 (Pre-release)
Type Safety: 100% โœ…
Build Status: All modules compile successfully โœ…

๐Ÿ“‹ View detailed progress tracking
๐Ÿงน TypeScript cleanup achievements

๐Ÿ“ฆ Installation

```bash npm install authtagon ```

๐Ÿƒ Quick Start

SvelteKit Setup

  1. Configure your database adapter:

```ts // src/lib/auth.ts import { createAuthtagon } from 'authtagon/sveltekit'; import { DrizzleAdapter } from 'authtagon/adapters/database';

export const auth = createAuthtagon({ adapter: new DrizzleAdapter(db), secret: process.env.AUTH_SECRET, session: { strategy: 'jwt', maxAge: 30 _ 24 _ 60 * 60, // 30 days }, security: { rateLimit: true, mfa: true, breachDetection: true, } }); ```

  1. Add server hooks:

```ts // src/hooks.server.ts import { auth } from '$lib/auth';

export const handle = auth.handle; ```

  1. Use in your routes:

```svelte

{#if user}

Welcome, {user.email}!

{:else} Sign In {/if} \`\`\`

๐Ÿ”ง Framework Adapters

Next.js

```ts // middleware.ts import { NextAuth } from 'authtagon/nextjs';

export const auth = new NextAuth({ // ... configuration });

export default auth.middleware; ```

Express

```ts // server.js import express from 'express'; import { ExpressAuthAdapter } from 'authtagon/express';

const app = express(); const auth = new ExpressAuthAdapter({ // ... configuration });

app.use('/auth', auth.createRouter()); ```

๐Ÿ›ก๏ธ Security Features

Multi-Factor Authentication

```ts // Enable MFA for a user await auth.mfa.enable(userId, { method: 'totp', // 'totp' | 'sms' | 'email' | 'webauthn' phoneNumber: '+1234567890' // for SMS });

// Verify MFA token const isValid = await auth.mfa.verify(userId, token); ```

Risk Assessment

```ts // Automatic risk scoring const riskScore = await auth.risk.assess({ userId, ip: request.ip, userAgent: request.headers['user-agent'], action: 'login' });

if (riskScore > 0.8) { // Require additional verification await auth.mfa.challenge(userId); } ```

Breach Detection

```ts // Check password against known breaches const isBreached = await auth.security.checkPasswordBreach(password); if (isBreached) { throw new Error('Password found in known data breaches'); } ```

๐Ÿ“š API Reference

Core Methods

auth.signIn(credentials)

Authenticate a user with email/password.

```ts const auth = createAuthtagon({ database: "..." }); const result = await auth.signIn({ email: 'user@example.com', password: 'securePassword123', mfaToken?: '123456' // if MFA enabled }); ```

auth.signUp(userData)

Register a new user account.

```ts const user = await auth.signUp({ email: 'user@example.com', password: 'securePassword123', name: 'John Doe' }); ```

auth.signOut(sessionId?)

Sign out user and invalidate session.

```ts await auth.signOut(); // Current session await auth.signOut('session_id'); // Specific session ```

Session Management

auth.session.get(sessionId)

Retrieve session information.

```ts const session = await auth.session.get(sessionId); ```

auth.session.refresh(sessionId)

Refresh session and rotate tokens.

```ts const newSession = await auth.session.refresh(sessionId); ```

๐Ÿ”’ Security Configuration

```ts export const auth = createAuthtagon({ security: { // Rate limiting rateLimit: { enabled: true, maxAttempts: 5, windowMs: 15 _ 60 _ 1000, // 15 minutes blockDuration: 60 _ 60 _ 1000 // 1 hour },

// Password requirements
password: {
  minLength: 12,
  requireUppercase: false, // OWASP recommends against composition rules
  requireNumbers: false,
  requireSpecialChars: false,
  checkBreaches: true
},

// Session security
session: {
  rotateOnAuth: true,
  sameSite: 'strict',
  secure: true,
  httpOnly: true
},

// CSRF protection
csrf: {
  enabled: true,
  secret: process.env.CSRF_SECRET
}

} }); ```

๐Ÿ—„๏ธ Database Adapters

Drizzle ORM

```ts import { DrizzleAdapter } from 'authtagon/adapters/drizzle'; import { db } from './db';

const adapter = new DrizzleAdapter(db); ```

Prisma

```ts import { PrismaAdapter } from 'authtagon/adapters/prisma'; import { prisma } from './prisma';

const adapter = new PrismaAdapter(prisma); ```

Custom Adapter

```ts import { DatabaseAdapter } from 'authtagon/types';

class CustomAdapter implements DatabaseAdapter { async createUser(userData) { // Implementation }

async getUserByEmail(email) { // Implementation }

// ... other required methods } ```

๐Ÿš€ Deployment

Environment Variables

```env

Required

AUTH_SECRET=your-super-secret-key-here DATABASE_URL=your-database-connection-string

Optional

CSRF_SECRET=your-csrf-secret SMTP_HOST=smtp.example.com SMTP_USER=your-smtp-user SMTP_PASS=your-smtp-password HIBP_API_KEY=your-haveibeenpwned-api-key ```

Vercel

```json // vercel.json { "env": { "AUTH_SECRET": "@auth-secret", "DATABASE_URL": "@database-url" } } ```

๐Ÿ”„ Migration Guides

From Lucia Auth

```ts // Before (Lucia) import { lucia } from 'lucia';

// After (Authtagon) import { createAuthtagon } from 'authtagon/sveltekit'; ```

From Better Auth

```ts // Migration helper import { migrateBetterAuth } from 'authtagon/migrate';

await migrateBetterAuth({ from: betterAuthConfig, to: authtagronConfig }); ```

๐Ÿค Contributing

We welcome contributions! Please see our Contributing Guide for details.

๐Ÿ“„ License

MIT License - see LICENSE file for details.

๐Ÿ†š Comparison

Feature Authtagon Supabase Auth0 Lucia Better Auth
SvelteKit Native โœ… โŒ โŒ โœ… โŒ
Framework Agnostic โœ… โœ… โœ… โŒ โœ…
Self-Hosted โœ… โŒ โŒ โœ… โœ…
MFA Built-in โœ… โœ… โœ… โŒ โŒ
Breach Detection โœ… โŒ โŒ โŒ โŒ
Risk Assessment โœ… โŒ โœ… โŒ โŒ
Audit Logging โœ… โœ… โœ… โŒ โŒ
TypeScript First โœ… โœ… โœ… โœ… โœ…

๐Ÿ“ž Support

Authtagon - Authentication that doesn't suck.