Your auth server shouldn't cost more RAM than your entire app. So I wrote my own in Rust.
A developer frustrated with the high resource demands and complexity of existing authentication servers like Keycloak and Auth0 built a lightweight alternative called OVTL in Rust, designed to run in under 20MB of RAM and target small projects that can't afford expensive infrastructure. The new auth server supports OAuth2 and OIDC, enforces security practices like PKCE and zero-knowledge encryption, and uses PostgreSQL Row Level Security for multi-tenancy. It includes a terminal-based user interface for configuration, eliminating the need for a web UI, and is intended to run alongside small apps on low-cost VPS instances. While still in early development and not production-ready, the project aims to fill a gap for affordable, secure, and self-hosted authentication.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 3902888) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } Luis Posted on Apr 28 Your auth server shouldn't cost more RAM than your entire app. So I wrote my own in Rust. #security #opensource #productivity #rust I've been using Keycloak for almost 1 year across freelance projects — large-scale enterprise apps and small side projects alike. The appeal was always the same: it's free, battle-tested, and it works. Until it doesn't. The documentation is a labyrinth.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).
Discussion
0 commentsMore from DEV.to (Top)
