Introduction

guardo

A complete authentication engine for Node.js and Next.js. OTP login, JWT tokens, multi-device sessions, and middleware - wired together so you don’t have to.

Production-Ready · TypeScript · v1.4.0

npm install guardo

A full OTP login flow in three steps - no config needed to try it:

auth.ts
import { createAuth } from "guardo";
 
const auth = createAuth({
  jwt: { secret: process.env.JWT_SECRET! },
});
 
// 1. Send a one-time code
await auth.otp.send({ identifier: "user@example.com" });
 
// 2. Verify it and log in
const { user, accessToken, refreshToken, sessionId } =
  await auth.auth.loginWithOtp({
    identifier: "user@example.com",
    otp: "123456",
  });
 
// 3. Protect routes
app.get("/me", auth.middleware.express(), (req, res) => {
  // req.user is the decoded JWT payload unless `resolveUser` is configured
  res.json(req.user);
});

Features

Only jwt.secret is required. Everything else has a sensible default, so you can be running in seconds and harden later.

Where to next