🐟AuthTuna

Batteries Included

AuthTuna comes with a comprehensive set of features out of the box, allowing you to focus on building your application rather than reinventing authentication.

Core Authentication

  • User Registration & Login: Secure endpoints for user signup, login, and logout with password hashing and JWT tokens.
  • Password Reset: Built-in password reset flow with email verification.
  • Email Verification: Automatic email verification for new users.
  • Session Management: Automatic session handling with secure cookies and token refresh.

API Endpoints:

POST /auth/signup - User registration
POST /auth/login - User login
POST/GET /auth/logout - User logout
POST /auth/forgot-password - Password reset request
POST /auth/reset-password - Password reset
POST /auth/change-password - Change password
GET/POST /auth/user-info - Get user information
GET /auth/verify - Email verification

UI Pages:

GET /auth/signup - Registration page
GET /auth/login - Login page
GET /auth/forgot-password - Forgot password page
GET /auth/reset-password - Reset password page
→ Get Started with AuthTuna

Multi-Factor Authentication (MFA)

  • TOTP (Time-based One-Time Password): Support for authenticator apps like Google Authenticator.
  • Backup Codes: One-time use codes for account recovery.
  • MFA Enforcement: Configurable MFA requirements for users.

API Endpoints:

POST /mfa/setup - Setup MFA for user
POST /mfa/verify - Verify MFA code
GET /mfa/qr-code - Get QR code for TOTP setup
POST /mfa/validate-login - Validate MFA during login
POST /mfa/disable - Disable MFA
GET /mfa/challenge - Get MFA challenge

UI Pages:

GET /mfa/setup - MFA setup page

Social Authentication

  • OAuth Providers: Integration with popular providers like Google, GitHub, Facebook, etc.
  • Custom Providers: Easy to add support for additional OAuth providers.
  • Social Account Linking: Link multiple social accounts to a single user.

API Endpoints:

GET /social/{provider_name}/login - Initiate OAuth login
GET /social/{provider_name}/callback - OAuth callback handler

Passkey Authentication

  • WebAuthn Support: Passwordless authentication using biometrics or hardware keys.
  • Cross-Platform Compatibility: Works on desktop and mobile devices.
  • Secure & User-Friendly: Eliminates password-related vulnerabilities.

API Endpoints:

POST /passkey/register-options - Generate registration options
POST /passkey/register - Register new passkey
POST /passkey/login-options - Generate login options
POST /passkey/login - Passwordless login
GET /passkey/ - List user passkeys
DELETE /passkey/{credential_id_b64} - Delete passkey
POST /passkey/mfa-login - Passkey as MFA

User Management & Admin

  • Admin Dashboard: Web-based admin interface for managing users and permissions.
  • Role-Based Access Control (RBAC): Flexible permission system with roles and permissions.
  • User Profiles: Built-in user profile management.
  • Organization Support: Multi-tenant organization management.

API Endpoints:

GET /admin/users/search - Search and filter users
GET /admin/users/{user_id}/details-data - Get user details
GET /admin/users/{user_id}/audit-log - Get user audit log
POST /admin/users/{user_id}/suspend - Suspend user
POST /admin/users/{user_id}/unsuspend - Unsuspend user
GET /admin/roles - List all roles
POST /admin/roles - Create role
DELETE /admin/roles/{role_name} - Delete role
POST /admin/roles/{role_name}/permissions - Add permission to role
POST /admin/users/roles/assign - Assign role to user
POST /admin/users/roles/revoke - Revoke role from user
POST /admin/permissions - Create permission
GET /admin/roles/{role_name}/details-data - Get role details
GET /admin/assignable-roles - Get assignable roles
GET /admin/users/{user_id}/assignable-roles - Get assignable roles for user

UI Pages:

GET /admin/dashboard - Admin dashboard
GET /admin/users/{user_id} - User detail page
GET /admin/roles/{role_name} - Role detail page

API & Integrations

  • FastAPI Integration: Seamless integration with FastAPI applications.
  • RESTful API: Complete REST API for all authentication operations.
  • Middleware: Authentication middleware for protecting routes.
  • Dependency Injection: FastAPI dependencies for user authentication in endpoints.

Security & Monitoring

  • Rate Limiting: Built-in rate limiting for login attempts and API calls.
  • Audit Logging: Comprehensive logging of authentication events.
  • Encryption: Secure encryption for sensitive data.
  • Brute Force Protection: Automatic protection against brute force attacks.

UI & Templates

  • Responsive UI: Modern, responsive user interface components.
  • Email Templates: Customizable HTML email templates.
  • Theming: Easy theming and customization options.
  • Dashboard: User dashboard for account management.

UI Pages:

GET /ui/dashboard - User dashboard
GET /ui/profile - User profile page