Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

authflowy

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

authflowy

A type-safe, minimal, opinionated OAuth library with plugin-based providers for JavaScript and TypeScript.

latest
Source
npmnpm
Version
0.0.1
Version published
Maintainers
1
Created
Source

🔐 AuthFlowy

A type-safe, minimal, opinionated OAuth library with plugin-based providers for JavaScript and TypeScript.

npm

What Does It Do?

AuthFlowy (pronounced "auth flow-y") simplifies OAuth 2.0 authentication with a clean, type-safe API. It supports multiple providers out of the box.

import { defineAuthFlowyConfig, google, github } from 'authflowy';

const auth = defineAuthFlowyConfig({
  secret: process.env.AUTH_SECRET,
  providers: [
    google({
      clientId: process.env.GOOGLE_CLIENT_ID,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET,
      redirectUri: 'https://myapp.com/auth/callback/google',
    }),
    github({
      clientId: process.env.GITHUB_CLIENT_ID,
      clientSecret: process.env.GITHUB_CLIENT_SECRET,
      redirectUri: 'https://myapp.com/auth/callback/github',
    }),
  ],
});

// redirect the user to the authorization url
const { url, state, codeVerifier } = await auth.authorize('google');

// one eternity later, the user lands back on the
// callback url, we can now handle the callback
const { user, token } = await auth.callback('google', {
  url: new URL(req.url),
  state,
  codeVerifier,
});

console.log(user);
// {
//   email: 'user@example.com',
//   name: 'John Doe',
//   picture: 'https://...',
//   ...
// }

[!NOTE] This library is designed for my personal projects. If you need more flexibility, you can use the underlying oauth4webapi library directly.

Installation

# npm
npm install authflowy

# pnpm
pnpm add authflowy

# bun
bun add authflowy

Acknowledgements

This project was inspired by and builds upon:

  • oauth4webapi - The underlying OAuth 2.0 / OpenID Connect implementation that powers this library

Special thanks to the maintainers and contributors of this project for their excellent work in the OAuth ecosystem.

Contributing

Feel free to submit pull requests, create issues, or spread the word.

License

MIT © Arik Chakma

Keywords

auth
oauth
google
github
typescript

FAQs

Package last updated on 13 Dec 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Unauthorized AI Agent Execution Code Published to OpenVSX in Aqua Trivy VS Code Extension

Research

/

Security News

Unauthorized AI Agent Execution Code Published to OpenVSX in Aqua Trivy VS Code Extension

OpenVSX releases of Aqua Trivy 1.8.12 and 1.8.13 contained injected natural-language prompts that abuse local AI coding agents for system inspection and potential data exfiltration.

By Peter van der Zee, Philipp Burckhardt  -  Mar 02, 2026