Skip to content Enterprise-grade
Start building with
Enterprise-grade
auth utilities
for modern apps
Production-ready authentication utilities for TypeScript. Handle sessions, cookies, CSRF protection, rate limiting, authorizations and much more with zero dependencies and complete type safety.
GET STARTED
$ npm i @amtarc/auth-utilsconfig.ts
1 import { createSession, requireAuth } from "@amtarc/auth-utils";
2 import { signCookie } from "@amtarc/auth-utils/cookies";
3
4 // Create secure session
5 const session = createSession("user-123", {
6 expiresIn: 1000 * 60 * 60 * 24 * 7
7 });
8
9 // Protect routes with middleware
10 export const GET = requireAuth(async (ctx) => {});Session Management
Multi-device sessions with automatic rotation, fingerprinting, and idle timeout. Supports Redis, Postgres, or in-memory storage with type-safe adapters.
Learn more →CSRF & Rate Limiting
Built-in CSRF protection with synchronizer tokens and double-submit cookies. Advanced rate limiting with token bucket, sliding window, and brute-force protection.
Learn more →Cookie Security
RFC 6265 compliant cookie handling with HMAC signing and AES-256-GCM encryption. Automatic rotation and secure deletion patterns built-in.
Learn more →557+
Test Cases
100% passing with comprehensive coverage
42KB
Bundle Size
Tree-shakeable ESM with zero dependencies
95%+
Code Coverage
Across all modules and edge cases
Framework agnostic - works with Next.js, SvelteKit, Astro, Hono, and more
Complete TypeScript support with full type inference
Edge runtime compatible - Cloudflare Workers, Vercel Edge, Deno Deploy
Zero dependencies - only Node.js built-ins for maximum security
Start building with
enterprise-grade security
Install in seconds. Integrate in minutes. Scale to millions.
NEXT.JSSVELTEKITASTROREMIXHONOFASTIFY