Woop Auth Provider

A robust, secure, and modular authentication system built with TypeScript, Bun, and Prisma. Designed for scalability and security best practices.

🌟 Features

• Secure Authentication:

  • JWT-based stateless authentication.
  • Bcrypt password hashing.
  • Zod input validation for all endpoints.
  • Helmet integration for secure HTTP headers.

• Flexible Verification System:

  • Modes: Toggle between Magic Link and OTP (One-Time Password).
  • Transport: SMTP Email integration (Nodemailer).
  • Customizable: Edit email templates and subjects directly in config.toml.

• Advanced Security Controls:

  • Rate Limiting: Protect against brute-force attacks.
  • Single Session Mode: Option to revoke all other sessions upon login.
  • Account Locking: Unverified users are restricted from logging in.
  • Password Policies: Configurable minimum length.

• Architecture:

  • File-Per-Function: Modular structure for easy maintenance and testing.
  • Optimized Database: Multi-table schema (User, Password, Token, Session) for separation of concerns.

🛠 Tech Stack

• Runtime: Bun (Fast JavaScript runtime)
• Language: TypeScript
• Framework: Express
• ORM: Prisma
• Database: PostgreSQL

🚀 Quick Start

1. Install Dependencies

bun install

2. Configure Environment

Create a .env file and set your DATABASE_URL.

3. Initialize Database

bunx prisma migrate dev

4. Start Server

bun run dev

📚 Full Documentation: For detailed installation steps, configuration guide, and API reference, please see USAGE.md.

🧪 Testing

The project includes a comprehensive test suite covering security scenarios (SQLi, XSS) and integration flows.

bun test