npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@owlmeans/auth-common

v0.1.8

Published

Predefined authentication modules, guards, and constants shared between server and client packages.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

vashigorvashigor

Keywords

Readme

@owlmeans/auth-common

Predefined authentication modules, guards, and constants shared between server and client packages.

Overview

  • Exports standard auth module definitions (login, init, rely, dispatcher) ready to register in any app
  • Provides DEFAULT_GUARD and GUARD_ED25519 constants for protecting routes
  • Implements the Basic ED25519 signature guard service for cryptographic request authentication
  • Headers: BED255_NONCE_HEADER, BED255_TIME_HEADER for auth challenge/response

Installation

bun add @owlmeans/auth-common

Usage

Register the built-in auth modules and protect a route:

import { modules } from '@owlmeans/auth-common'
import { GUARD_ED25519, DEFAULT_GUARD } from '@owlmeans/auth-common'

// Add auth modules to your app (includes /authentication, /login, /dispatcher routes)
await main(context, [...modules, ...appModules])

Protect a route with the ED25519 signature guard (re-exported via @owlmeans/server-app):

import { GUARD_ED25519 } from '@owlmeans/auth-common'
import { module, guard } from '@owlmeans/server-app'

const adminModule = module(route('admin', '/api/admin'), guard(GUARD_ED25519))

API

modules

Array of pre-built CommonModule instances covering the standard auth flow:

  • AUTHEN — backend /authentication base route
  • AUTHEN_INIT — POST /authentication/init (allowance request)
  • AUTHEN_AUTHEN — POST /authentication/authenticate (credential submission)
  • AUTHEN_RELY — WebSocket /authentication/rely
  • CAUTHEN, CAUTHEN_AUTHEN — frontend auth routes
  • DISPATCHER — frontend dispatcher route (sticky, handles redirect auth tokens)

Guard Constants

DEFAULT_GUARD   // alias for the default auth service ('auth')
GUARD_ED25519   // guard name for Basic ED25519 signature authentication

Header Constants (for WebSocket/HTTP auth challenges)

BED255_NONCE_HEADER  // 'X-Auth-Nonce'
BED255_TIME_HEADER   // 'X-Auth-Time'
BED255_CASHE_RESOURCE // resource alias for nonce cache

Product-Viable Integration Notes

  • DEFAULT_GUARD protects manager routes after bearer authentication is installed by @owlmeans/server-auth.
  • Product authorization composes a custom gate inside guard(DEFAULT_GUARD, gate(VIABLE_AUTH_GATE, [...])) rather than using OIDC_GATE for Google login flows.
  • GUARD_ED25519 remains the service-to-service guard for internal/publisher/payment/auth-service calls.
  • The browser-side alias from @owlmeans/client-auth must match the default guard name so shared module declarations elevate consistently.

Related Packages

Agent guidance

This package ships embedded Claude Code skills and GitHub Copilot instructions under agent-meta/. After installing your @owlmeans/* packages, run the OwlMeans agent-skills installer to place them into your project's native locations (.claude/skills/ and .github/instructions/):

npx @owlmeans/agent-skills

The embedded files are version-matched to this package release. Do not edit them directly — they are regenerated on each publish. To contribute guidance edits, open a PR against the source monorepo.