SShortSingh.
Back to feed

Logto: Open-Source Auth Platform Reviewed for SaaS and AI App Developers

0
·7 views

Logto is an open-source identity authentication and authorization platform built on OIDC and OAuth 2.1 standards, featuring built-in multi-tenancy, SSO, and RBAC capabilities. A developer review on DEV Community found it to be the closest open-source alternative to "out-of-the-box" solutions like Auth0 or Firebase for small-to-medium teams and independent developers. The platform can be self-hosted via Docker Compose and offers SDKs that reportedly reduce authentication code volume by around 60% compared to using raw OIDC libraries. Performance benchmarks on a 4-core, 8GB cloud server showed user login latency at 45ms (P50) and 120ms (P99), which trails managed services but remains acceptable for most use cases. The reviewer noted current limitations including no LDAP or Active Directory support, making it less suitable for large enterprises with complex directory integration needs.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

Trelix grows from v1.0 to v2.7 in 13 days with knowledge graphs and agentic search

Developer tool Trelix evolved rapidly from its initial release to v2.7.0 over just thirteen days, shipping seven minor versions that transformed it from a basic code-search tool into a broader platform. Key additions included a knowledge graph built on NetworkX with Louvain community detection, which groups codebase files into architectural modules and labels them using an LLM. Retrieval expanded from three legs to seven, incorporating research-backed techniques such as RAPTOR-style file summarization and HyDE hypothetical document embeddings. A notable silent bug was also fixed in v2.7.0, where AdaptiveRouter accepted a configuration parameter but ignored it entirely, defaulting to environment variables instead. Other features added during this period include federated multi-repo search, an agentic query loop, and a GitHub Actions bot for automated PR review.

0
ProgrammingDEV Community ·

Puppetlabs Releases 24 Forge Modules in June 2026, Including New Windows Security Tool

Puppetlabs shipped 24 module updates to the Puppet Forge in June 2026, highlighted by a brand-new security_policy module for managing Windows local security policies via the Puppet Resource API. The new module replaces manual tools like secedit and covers all 45 Windows Privilege Rights along with System Access settings. A broad maintenance pass updated 15 modules — including apache, mysql, and postgresql — to loosen their stdlib dependency constraints, enabling compatibility with the newly released stdlib 10.x. Several modules, such as accounts, java, and postgresql, also dropped Puppet 7 support as part of a Puppet 8 alignment effort ahead of Puppet 7 reaching end-of-life. Additionally, Security Compliance Management 3.8.0 patched approximately 40 CVEs across bundled third-party components and updated its CIS-CAT Pro Assessor to add new STIG benchmarks for platforms including RHEL 10 and Amazon Linux 2023.

0
ProgrammingDEV Community ·

Non-Jailbreak iOS GPS Spoofing App Gains Traction Among Developers

A JavaScript-based iOS app called iOS Location Spoofer allows users to manipulate GPS data on non-jailbroken devices, attracting over 1,800 stars on GitHub. The app integrates modules such as Shadowrocket and Surge, enabling proxy capabilities alongside location spoofing without requiring users to compromise device security through jailbreaking. While its non-jailbroken approach preserves iOS sandboxing and device integrity, the use of JavaScript introduces performance overhead compared to native alternatives. Security experts and developers raise concerns about potential misuse, particularly for location-dependent services like ride-hailing apps that rely on accurate GPS data. Broader ethical and legal questions also loom, including whether Apple will move to block such tools as location data grows increasingly critical across industries.