Guardian is a robust, open-source authentication and authorization solution designed for modern applications. It provides a comprehensive suite of authentication methods while giving you complete control over your user data.
- 🔐 Enterprise-Grade Security: Built with security best practices and regular security audits
- 🎯 Flexible Integration: Works seamlessly with your existing user service
- 🚀 Quick Implementation: Get up and running in minutes
- 📱 Multi-Platform Support: Native support for web, mobile, and API authentication
- 📱 Passwordless Authentication
- SMS/Email OTP
- 🔑 Traditional Authentication
- Username/Password
- 🌐 Social Authentication
- Custom Providers
- 📊 Multi-device session tracking
- 🔒 Secure session management
- ⚡ Real-time session invalidation
- 🔄 Token refresh mechanisms
- 🎯 RESTful APIs
- 📚 Comprehensive SDK support
- Docker
- Maven
- Clone the repository:
git clone https://github.com/dream-sports-labs/guardian.git
cd guardian- Start Guardian:
./quick-start.sh- Test the setup with a passwordless flow:
# Initialize passwordless authentication
curl --location 'localhost:8080/v1/passwordless/init' \
--header 'Content-Type: application/json' \
--header 'tenant-id: tenant1' \
--data '{
"flow": "signinup",
"responseType": "token",
"contacts": [{
"channel": "sms",
"identifier": "9999999999"
}],
"metaInfo": {
"ip": "127.0.0.1",
"location": "localhost",
"deviceName": "localhost",
"source": "app"
}
}'
# Complete authentication (using mock OTP for development)
curl --location 'localhost:8080/v1/passwordless/complete' \
--header 'Content-Type: application/json' \
--header 'tenant-id: tenant1' \
--data '{
"state": "<state-from-init-response>",
"otp": "999999"
}'We welcome contributions! Please see our Contributing Guide for details on:
- Code of Conduct
- Development Process
- Pull Request Process
- Coding Standards
Guardian is licensed under the MIT License.
Built with ❤️ by the Guardian team and contributors