rodauth
Rodauth is Ruby's most advanced authentication framework, designed
to work in all rack applications. It's built using Roda and Sequel,
but it can be used as middleware in front of web applications that use
other web frameworks and database libraries.
Rodauth aims to provide strong security for password storage by
utilizing separate database accounts if possible on PostgreSQL,
MySQL, and Microsoft SQL Server. Configuration is done via
a DSL that makes it easy to override any part of the authentication
process.
Rodauth supports typical authentication features: such as login and
logout, changing logins and passwords, and creating, verifying,
unlocking, and resetting passwords for accounts. Rodauth also
supports many advanced authentication features:
* Secure password storage using security definer database functions
* Multiple primary multifactor authentication methods (WebAuthn and
TOTP), as well as backup multifactor authentication methods (SMS
and recovery codes).
* Passwordless authentication using email links and WebAuthn
authenticators.
* Both standard HTML form and JSON API support for all features.