Skip to content


Authentication is the process of verifying the identity of a user, typically through credentials like a username and password. For example, logging into a GitHub account requires authentication.

The Boring JavaScript Stack manages its own authentication.

By default, the Boring JavaScript Stack offers you two mechanisms for authentication:

  1. Email and Password authentication
  2. Provider authentication

Email and password authentication

When a user wishes to sign up for an account, they are asked for their email address. The Boring Stack will send them an email with a link to verify their email. The user can click the link to verify their email address.

The password is stored using the bcrypt algorithm and handled by the password helper from Sails organics.

Provider authentication

Using Sails Wish, The Boring Stack supports third-party authentication allowing you to easily add SSO(Single Sign On) to your application. Out of the box The Boring Stack supports OAuth with Google. You can easily setup OAuth with GitHub as well.

All open source projects are released under the MIT License.