Light-Auth Documentation
Light-Auth is a lightweight, secure authentication framework designed for modern web applications.
Overview
Light-Auth provides a simple, yet powerful authentication solution that can be integrated into any web application. It offers features like JWT-based authentication, multi-factor authentication, and social login integration.
Key Features
- HTTP-only cookies for session storage
- Server-side credential handling
- CSRF protection built-in
- Proactive refresh before token expiration
- Transparent background refreshing
- No additional code required
- Google, Microsoft, GitHub, and more
- Consistent API across providers
- Easy to add custom providers
- Next.js App Router and Pages Router
- Astro, Nuxt.js, SvelteKit
- Framework-specific adapters
- Small bundle size
- Customizable user adapters
- Extensible architecture
- TypeScript-first design
- Intuitive API design
- Comprehensive documentation
SSR Requirements
Light-Auth is designed exclusively for server-side rendering frameworks to ensure secure authentication flows and proper credential handling.
Important Notice
For security reasons, Light-Auth requires a server-side environment to:
- Securely store OAuth client secrets
- Handle HTTP-only cookies for session management
- Process OAuth callbacks and token exchanges
- Perform secure token refresh operations
Next.js
Full support for both App Router and Pages Router
Astro
Compatible when SSR mode is enabled
Nuxt.js
Vue-based SSR framework support
Sveltekit
Svelte-based SSR framework support
Express
Node.js web application framework
React with Vite
Client-side only React applications
Create React App
CRA-based applications without a server
Vue with Vite
Client-side only Vue applications
Static Site Generators
Pre-rendered static sites without SSR
Getting Started
To get started with Light-Auth, check out the Getting Started guide.