Skip to content

Latest commit

 

History

History
136 lines (94 loc) · 3.89 KB

README.md

File metadata and controls

136 lines (94 loc) · 3.89 KB

Anvil Connect

We're building a modern authorization server to
authenticate your users and protect your APIs.

Join the chat at https://gitter.im/christiansmith/anvil-connect

Simplified Security

  • Share user accounts between multiple apps and services
  • Single Sign-On (shared sessions)
  • Issue signed JSON Web Tokens to protect your APIs
  • Be a federated identity provider with OpenID Connect
  • Enable third-party developers using two- and three-legged OAuth 2.0
  • Manage access with RBAC

Flexible User Authentication

  • Use local passwords, OAuth 1.0, OAuth 2.0, OpenID, and more
  • Works out of the box with Google, Facebook, Twitter, GitHub, and a growing list of providers
  • Custom schemes using virtually any existing Passport.js strategy or your own code

Make it yours

  • Brand the interface with your own design
  • Use middleware hooks for domain specific auth logic
  • Keep your changes under version control without forking

Standard, Interoperable, and Open Source

  • Language and platform agnostic
  • Implements widely accepted, well-understood protocols
  • Growing number of client libraries available
  • MIT license

Get Started

Requirements

  • Node.js
  • npm
  • Redis

Setup

# Install the CLI
$ npm install -g anvil-connect

# Make a place for your deployment repository to live
$ mkdir path/to/project
$ cd path/to/project

# Generate a deployment repository
$ nv init

# Install dependencies
$ npm install

# Initialize the local database
$ nv migrate

# Create the first user account
$ nv signup

# Assign a role
$ nv assign <email> authority

# Start the server in development mode
$ nv serve

You should now have an OpenID Connect Provider running in development mode.

Documentation

The docs are in need of attention. Please submit a issues if you encounter any difficulties.


Status

  • Deprecates OAuth2Server project started in mid 2013
  • Used in production since July 2014
  • Active development as of March 2015

Roadmap

  • Invite-based registration
  • Email Verification/Multi-factor authentication
  • Improved CLI, REST API
  • Shared sessions (Single Sign-On)
  • More middleware hooks for programmatically customizing auth flows
  • Attribute-based Access Control
  • Built-in support for more requested OAuth providers and protocols (LDAP, SAML, etc)
  • Client libraries for a variety of languages, frameworks and platforms
  • Groups
  • Brokering API access and marshaling third-party tokens
  • Containerized deployment support
  • Improved logging
  • Embedded, horizontally scalable datastore (eliminate Redis dependency)
  • Multi-tenancy
  • Web and mobile administration
  • Complete, tested OIDC interoperability
  • Tutorials, examples, blog posts, website, and API documentation
  • ...

Development

There are many ways to get help and contribute.

Pair program with me!

MIT License

Copyright (c) 2014 Christian Smith http://anvil.io