flexible sender plugins (email, SMS providers, Telegram, or custom senders)
JWT helper with optional memory/Redis storage and cookie auto-set/verify helpers
session manager (memory or Redis) and small dev-mode features (register custom senders, test bots)
It’s aimed at devs who want a pragmatic, pluggable auth building block (not a full auth service). Key design goals:
minimal API: auth.otp.generate().set().message() and auth.jwt.sign(payload, '1h', { res })
allow devs to plug in their own senders (auth.register.sender() / auth.use(name).send(...)) or use built-in email/telegram/sms helpers
non-opinionated about frameworks — works with Express or custom servers
If you’ve built authentication plumbing before you know how much boilerplate this removes. I’d love feedback on API ergonomics, security concerns I missed, or integrations you’d like (e.g., WebAuthn, passwordless magic links, TOTP).
jahongirsobirov•2h ago
secure OTP generation + resend/cooldown/attempt limits
flexible sender plugins (email, SMS providers, Telegram, or custom senders)
JWT helper with optional memory/Redis storage and cookie auto-set/verify helpers
session manager (memory or Redis) and small dev-mode features (register custom senders, test bots)
It’s aimed at devs who want a pragmatic, pluggable auth building block (not a full auth service). Key design goals:
minimal API: auth.otp.generate().set().message() and auth.jwt.sign(payload, '1h', { res })
allow devs to plug in their own senders (auth.register.sender() / auth.use(name).send(...)) or use built-in email/telegram/sms helpers
non-opinionated about frameworks — works with Express or custom servers
If you’ve built authentication plumbing before you know how much boilerplate this removes. I’d love feedback on API ergonomics, security concerns I missed, or integrations you’d like (e.g., WebAuthn, passwordless magic links, TOTP).
Repo: https://github.com/jahongir2007/auth-verify
NPM: https://www.npmjs.com/package/auth-verify