Permissions (access control) in web apps

This page summarizes the projects mentioned and recommended in the original post on dev.to
Authorization Permissions Authentication and OAuth Owasp Boilerplates

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • CheatSheetSeries

    The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

    • OWasp cheat sheet on how to do ACL in Web App.

  • CanCanCan

    The authorization Gem for Ruby on Rails.

    • https://github.com/CanCanCommunity/cancancan (Ruby on Rails ABAC) Same like casl.js, but for Ruby on Rails! Casl.js was actually inspired and modeled by cancancan.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • Pundit

    Minimal authorization through OO design and pure Ruby classes

    • https://github.com/varvet/pundit Popular open-source Ruby library focused around the notion of policies, giving you the freedom to implement your own approach based on that.

  • django-rules

    Awesome Django authorization, without the database

    • https://github.com/dfunckt/django-rules A generic, approachable open source framework for building rule-based systems in Django (Python).

  • wasp

    The fastest way to develop full-stack web apps with React & Node.js.

    • You can check out our discussion about this in our “Support for Permissions” RFC.

  • casbin

    An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN

    • https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.

  • react-native-auth0

    React Native toolkit for Auth0 API

    • Auth0 (provider) Auth0 has been around for some time and is probably the most popular authN provider out there. While authN is their main offering (they give you SDKs for authentication + they store user profiles and let you manage them through their SaaS), they also allow you to define authZ to some degree, via RBAC and policies.

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • I made a complete Team support in React for my App: a Multi-tenancy SaaS. Live demo in the comments

    2 projects | /r/reactjs | 24 Apr 2022

  • How to Model Cloud-Native Authorization

    1 project | dev.to | 13 May 2024

  • 45 Questions to Ask Yourself Before Modeling Authorization

    1 project | dev.to | 9 May 2024

  • OPA, Cedar, OpenFGA: Why are Policy Languages Trending Right Now?

    1 project | dev.to | 2 May 2024

  • Authorization is still a nightmare for engineers

    6 projects | news.ycombinator.com | 16 Apr 2024