kandi-login
Multi-platform Authentication Framework
One authentication protocol, every platform. Write your auth server once with kandi-login/server, then connect from any client SDK.
5 Client SDKs
1 Server SDK
Built-in Test Personas
Every kandi-login server ships with a test persona system for automated testing. Test clients authenticate using an API key and secret to get real JWTs — no browser-based OAuth flow needed.
This is essential for end-to-end testing with Playwright, Cypress, XCTest, and Espresso test harnesses. Personas use the same auth infrastructure as production — real JWT signing, real token refresh, real user records.
| Persona ID | Role | Use Case | |
|---|---|---|---|
| admin-alex | alex@test.kandiforge.com | admin | System Administrator — full access, can manage users and settings |
| designer-dana | dana@test.kandiforge.com | editor | Designer — can create and edit content |
| viewer-val | val@test.kandiforge.com | viewer | Viewer — read-only access across the app |
| new-user-naya | naya@test.kandiforge.com | user | New User — freshly registered, minimal permissions |
// Seed test personas (run once)
POST /api/auth/test/seed
// → { success: true, seeded: ["admin-alex", "designer-dana", ...] }
// Login as a test persona — returns real JWTs
POST /api/auth/test/login-as
Content-Type: application/json
{ "personaId": "admin-alex" }
// → { access_token: "eyJ...", refresh_token: "...", expires_in: 3600 }
// Use the access_token exactly like a production tokenClient SDKs
Web (React)
Next.js and Vite apps with React components. Drop-in LoginButton, AuthProvider, and route guards.
Electron
Desktop apps with system-tray auth and secure token storage via Electron safeStorage.
Tauri
Lightweight Rust-backed desktop apps. OAuth via system browser with deep-link callback.
iOS (Swift)
Native iOS/macOS apps with ASWebAuthenticationSession and Keychain token storage.
Android (Compose)
Jetpack Compose apps with Custom Tabs OAuth and EncryptedSharedPreferences.
Conformance Validator
Point at your server to run the full test suite — validates endpoints, JWTs, personas, and UserAdapter.
Reference Server
api.packages.kandiforge.com is a working reference server. Use it to verify your client works before building your own server.
Download the example client for your platform
Each platform has a ready-to-run example app pre-configured to connect to the reference server.
Run it against the reference server
Verify that OAuth login, token refresh, and test personas all work correctly with the example.
Build your own server using kandi-login/server
Implement the UserAdapter interface, configure your OAuth providers, and deploy your server.
Switch the URL to your own server
Change authServerUrl in the client config. Run the conformance validator to confirm compatibility.