npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

orange-auth

v1.3.1

Published

Simple modular auth library

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

unimat95unimat95

Keywords

Readme

🍊 Orange Auth

npm version License GitHub Actions Workflow Status

⚠️ Early WIP: This project is experimental and not ready for production use.
Use at your own risk.

OrangeAuth is a framework-agnostic, modular authentication middleware for Node.js & TypeScript.
It provides a clean workflow for session handling, provider-based login/logout, cookie storage, and customizable strategies.

🔍 Features

  • 🧩 Provider-based Auth: Plug in local credentials, OAuth providers, etc.
  • 🔑 Strategies: Swap how sessions are created, verified, and serialized (e.g., JWT).
  • 🍪 Secure Cookies: Built-in cookie handling with sensible defaults.
  • 🛠️ Framework-agnostic: Works with many routing layers via adapters (e.g., Express).
  • 📦 Modular API: Add or customize providers and strategies easily.

🚀 Installation

npm install orange-auth

🧠 Quick Usage

Setup

import { CreateAuth } from "orange-auth";
import { JWT } from "orange-auth/strategies";
import { Credentials } from "orange-auth/providers";

const { handler, getSession } = CreateAuth({
  providers: [new Credentials({ /* options */ })],
  strategy: new JWT({ /* jwt options */ }),
  secret: "your-secret",
  basePath: "/api/auth",
});

Using with Express

import express from "express";
import { handler } from "./auth";
import { createHandler } from "@universal-middleware/express";

const app = express();

// Attach auth handler on `/api/auth/*`
app.all("/api/auth/*", createHandler(handler)());

📡 Available Endpoints

Once configured, your handlers expose:

| Method | Path | Action | | ------ | ---------------------------- | --------------------- | | POST | /api/auth/login/:provider | Login via provider | | POST | /api/auth/logout/:provider | Log out from provider |

🧩 Session Access

You can retrieve session data programmatically:

const session = await getSession(req);

if (session) {
  console.log("Logged in user:", session.user);
}

⚙️ Configuration

CreateAuth Options

| Option | Type | Description | | ----------------- | ------------- | ------------------------------------------------- | | providers | IProvider[] | List of auth providers (e.g., Credentials, OAuth) | | strategy | IStrategy | Strategy for token/session (JWT, etc.) | | secret | string | Secret key for signing/validation | | basePath | string | API route prefix for auth | | cookieName? | string | Custom cookie key (defaults to orange.auth) | | cookieSettings? | object | Cookie serialization options |

⚠️ Providers and strategies are designed to be modular — you can write your own by implementing the relevant interfaces.

📌 When to Use

OrangeAuth fits well when you want:

  • A flexible auth layer for APIs (REST or serverless)
  • A strategy-agnostic session store (e.g., JWT, encrypted tokens)
  • A provider pattern instead of monolithic auth

📚 Roadmap

Future improvements might include:

  • 👤 Additional built-in provider support (OAuth2, OpenID)
  • 🧪 Built-in test helpers and mocks
  • 🌐 Better TypeScript typings for providers
  • 🔌 Framework adapters (Fastify, Next.js, etc.)

🤝 Contributing

  1. Fork the repository.

  2. Create a feature branch:

    git checkout -b feature/my-awesome-change

  3. Make your changes, add tests, update docs.

  4. Submit a pull request.

We welcome enhancements, bug fixes, and docs improvements!

📄 License

This project is licensed under the GNU General Public License v3.0 or later (GPL-3.0+).

You are free to use, modify, and redistribute this software under the terms of the GPL, provided that any derivative work is also distributed under the same license.

See the COPYING file for full details.

© Unimat45