| Indeed @vanschelven, django-hidp (Hello, ID Please) is our newly open-sourced full-featured authentication system for Django projects that we’ve just soft-launched. We were getting ready to post this on HN, but since this is here now, I thought we might just chime in on the discussion. Current status of django-hidp is we’re still refining the documentation and building the website, but the core functionality is solid, and already in use for quite a lot of our clients. As such, we would say it's ready for evaluation by interested Django developers. So, if you’re interested in a comprehensive authentication system for Django projects, django-hidp offers: - comprehensive authentication: user registration with email verification, login, password reset, and more - OpenID Connect (OIDC) support: built-in support for integrating with providers like Google and Microsoft - One-Time Passwords (OTP): based on django-otp, with flexible flows and policies - rate limiting: protects against brute-force attacks - Content Security Policy (CSP): helps prevent cross-site scripting and other code injection attacks - standalone OIDC Provider: can be configured to act as its own OIDC provider - and a lot more... Designed with OWASP best practices in mind, django-hidp aims to provide a secure and flexible solution for user authentication in Django projects. Without having to reinvent any wheels (no pun intended) and combining slews of dependencies together into a coherent whole. We've already done that quite a lot of times in the past, and now we finally sat down to that work for you, and build an opinionated, batteries-included application that can be used in all Django projects. If you have any questions, or would like to know more, please reach out to me. |