The official authentication module for Stellar
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


Identify is an authentication solution for Stellar made to cur repetitive work involving management of users. A DRY approach on features like account creation, login, logout, confirmation by e-mail, password reset, etc.


  • actions:
  • auth.register - create a new user account;
  • auth.login - login with an existent user account;
  • auth.disableUser - disable the user account. Disabled users can not make login;
  • auth.checkSession - check the state of a token and if it's valid return the expire time (expireAt) and the user info (user);
  • models:
  • user - model to represent a user on the database;
  • events:
  • auth.checkSessionResponse - this event allows edit the response for the auth.checkSession action.
  • middleware:
  • auth.needAuth - only authenticated users can access the protected action.

Quick start

To start using Identify on your Stellar application you can follow the commands below.

If you use git to manage the changes in your application you can add Identify as a Git submodule.

# add Identify as a Git submodule
git submodule add modules/identify

If you don't use Git in your app you can use Git only to clone the repo or make the download of repository Zip.

git clone modules/identify

Activate the Module

Now to activate the module you just need add "identify" to the manifest.json file on your app root folder. Like this:

  "name": "my-awesome-app",
  "version": "1.0.0",

  "modules": [ "identify" ]


The code below show the usage of the middleware:

exports.example = {
  name: 'example',
  description: 'This is a protected action',

  middleware: ['auth.needAuth'],

  run: (api, action, next) => {
    // only authenticated users reach this point
    // do something...


Note: it's recommended load this module before all the others.


  • Add a mechanism to reset the user password
  • Add a way to validate users at account creation
  • Add a way to invalidate tokens