Skip to Content
Introduction

@exortek/auth

A framework-agnostic, zero-dependency authentication toolkit for Node.js — built as 23 small packages under one scope. Pick the one you need, or install the umbrella.

Every package is built directly on node:crypto. Pure JavaScript with JSDoc → .d.ts. Runs under Express, Fastify, Hono, Elysia.

Shipping

PackageVersionReference
@exortek/crypto1.0.0/crypto

The stack

Numbers reflect dependency order — a lower number never imports from a higher one, so you can adopt one package at a time.

#PackageWhat it does
01@exortek/cryptocrypto primitives — the foundation the rest builds on
02@exortek/passwordArgon2id / bcrypt, strength scoring, HIBP breach check
03@exortek/otpTOTP / HOTP, backup codes, QR provisioning URI
04@exortek/challengee-mail / SMS one-time code storage + verification
05@exortek/jwkJWK ↔ PEM ↔ DER converters, key rotation
06@exortek/jwsJOSE signed payloads (compact + JSON)
07@exortek/jwtJWT sign / verify with algorithm allowlists, clock skew
08@exortek/jweJWE encrypted payloads (RSA-OAEP, A256KW, dir)
09@exortek/jwksJWKS URI fetching, caching, kid rotation
10@exortek/sessionsigned cookies, rotation, revocation, store adapter
11@exortek/csrfdouble-submit + signed origin-bound tokens
12@exortek/rate-limittoken bucket, sliding window, per-IP / per-user
13@exortek/devicedevice fingerprinting, trusted-device tokens
14@exortek/apikeyprefixed API keys (sk_live_...), rate-limited by default
15@exortek/magic-linkpasswordless email / SMS link tokens
16@exortek/passkeyWebAuthn / FIDO2 (server + browser client)
17@exortek/opaqueOPAQUE (aPAKE) — zero-knowledge password auth
18@exortek/pasetoPASETO v4 (local / public)
19@exortek/oauth2OAuth 2.1 client (PKCE) + provider presets
20@exortek/oidcOpenID Connect on top of oauth2
21@exortek/web3-evmSIWE — Sign-In With Ethereum
22@exortek/web3-solanaSIWS — Sign-In With Solana
23@exortek/authumbrella — re-exports every package above

Install

npm install @exortek/crypto

Node.js 22 or newer. No runtime dependencies.

Where to next

Last updated on