God, Love, News, Event, Entertainment, Amebo,..... All about Bringing out the best in you...
Show HN: Minimal NIST/OWASP-compliant auth implementation for Cloudflare Workers https://ift.tt/QivNqKU
Show HN: Minimal NIST/OWASP-compliant auth implementation for Cloudflare Workers This is an educational reference implementation showing how to build reasonably secure, standards-compliant authentication from first principles on Cloudflare Workers. Stack: Hono, Turso (libSQL), PBKDF2-SHA384 + normalization + common-password checks, JWT access + refresh tokens with revocation support, HTTP-only SameSite cookies, device tracking. It's deliberately minimal — no OAuth, no passkeys, no magic links, no rate limiting — because the goal is clarity and auditability. I wrote it mainly to deeply understand edge-runtime auth constraints and to have a clean Apache-2.0 example that follows NIST SP 800-63B / SP 800-132 and OWASP guidance. For production I'd almost always reach for Better Auth instead ( https://ift.tt/502fJPb ) — this repo is not trying to compete with it. Live demo: https://private-landing.vhsdev.workers.dev/ Repo: https://ift.tt/I1WN7en Happy to answer questions about the crypto choices, the refresh token revocation pattern, Turso schema, constant-time comparison, unicode pitfalls, etc. https://ift.tt/I1WN7en February 9, 2026 at 01:30AM
Subscribe to:
Post Comments (Atom)
Show HN: Frond – a frontend runtime for your app's dependency graph https://ift.tt/TxgrGCZ
Show HN: Frond – a frontend runtime for your app's dependency graph https://ift.tt/GTE98QU July 1, 2026 at 02:10AM
-
submitted by /u/Dull_Tonight [link] [comments] source https://www.reddit.com/r/worldnews/comments/pehy48/housing_secretary_robert_je...
-
Show HN: Lindra – generate browser agents to automate any website Hi HN, We’re one month into building Lindra, a platform that turns any web...
-
Show HN: High-precision date/time in SQLite https://ift.tt/hEvedVC August 12, 2024 at 03:47AM
No comments:
Post a Comment