Glimr Auth ✨

The official authentication layer for the Glimr web framework, providing session-based auth and secure password hashing. This package is meant to be used alongside the glimr-org/framework package.

If you’d like to stay updated on Glimr’s development, Follow @migueljarias on X (that’s me) for updates.

About

Note: This repository contains the auth layer for Glimr. If you want to build an application using Glimr, visit the main Glimr repository.

Features

• Session-Based Auth - Login, logout, and identity checks backed by Glimr’s session layer
• Password Hashing - Argon2id hashing with OWASP-recommended defaults
• Timing-Safe - Built-in dummy verify to prevent user enumeration via timing attacks
• Session Fixation Protection - Automatic session ID regeneration on login

Installation

Add the auth layer to your Gleam project:

gleam add glimr_auth

Learn More

• Glimr - Main Glimr repository
• Glimr Framework - Core framework

Built With

• argus - Argon2 password hashing library for Gleam
• glimr - Core Glimr framework (sessions, config)

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

The Glimr Auth layer is open-sourced software licensed under the MIT license.