Welcome

Authora is an open source auth library that abstracts away the complexity of handling sessions and jwt. It works alongside your database to provide an API that's easy to use, understand, and extend.

No more endless configuration and callbacks
Fully typed
Works in any runtime - Node.js, Bun, Deno, Cloudflare Workers
Extensive database support out of the box

import { Authora } from "Authora";


const authora = new Authora(new Adapter(db));

const session = await authora.createSession(userId, {});
await authora.validateSession(session.id);


const authora = new Authora({
useJWT: true,
jwtSecret: "",
jwtOptions:  {}
});

const {token, expiresAt, status, error } = authora.createJWTToken()
const { decoded, status, error } = authora.verifyJWTToken()

The Motivation Behind Authora

In the ever-evolving landscape of web development, robust and flexible authentication solutions are essential. However, as developers, we often find ourselves navigating trade-offs between the available tools. This was particularly evident in my experience with Auth.js and Lucia.js—two popular authentication libraries that, while powerful in their own right, each presented unique challenges that I sought to overcome.

Lucia.js: A Partial Solution with Room for Improvement

Lucia.js takes a different approach by focusing exclusively on session-based authentication. While this simplification resolves the specific issue found in Auth.js—enabling it to be used effectively as an API authentication provider—Lucia.js lacks the flexibility that comes with offering multiple authentication methods. In particular, its reliance solely on session-based authentication can be limiting in scenarios where JWTs might be more appropriate.

Introducing Authora: An Extended and Balanced Solution

Authora was created as an extended version of Lucia.js to bridge these gaps, offering the best of both worlds. It combines the strengths of Auth.js and Lucia.js while addressing their respective limitations. With Authora, developers can enjoy:

Dual Authentication Support: Like Auth.js, Authora supports both JWT and session-based authentication, providing flexibility to choose the most suitable method for any given scenario.
API-First Design: Authora is designed with an API-first approach, making it easy to integrate with external applications, whether you're connecting a React Native app to a Next.js backend or any other front-end/back-end combination.
Simplicity and Flexibility: By drawing on the simplicity of Lucia.js, Authora ensures that developers can implement secure authentication without unnecessary complexity, while still benefiting from advanced features when needed.

In essence, Authora extends the core principles of Lucia.js by incorporating JWT support and enhancing API compatibility, making it a more balanced and comprehensive solution for modern authentication needs. It empowers developers to build secure, flexible, and scalable applications across multiple platforms, without compromising on simplicity or functionality. Authora is the result of understanding the limitations of existing tools and striving to create something better, designed for the diverse and dynamic requirements of today’s web and mobile applications.

Jump right in

NextQuickstart

Last updated 8 months ago

import { Authora } from "Authora"; const authora = new Authora(new Adapter(db)); const session = await authora.createSession(userId, {}); await authora.validateSession(session.id); const authora = new Authora({ useJWT: true, jwtSecret: "", jwtOptions: {} }); const {token, expiresAt, status, error } = authora.createJWTToken() const { decoded, status, error } = authora.verifyJWTToken()