Indeed @vanschelven, django-hidp (Hello, ID Please) is our newly open-sourced full-featured authentication system for Django projects that we’ve just soft-launched. We were getting ready to post this on HN, but since this is here now, I thought we might just chime in on the discussion.

Current status of django-hidp is we’re still refining the documentation and building the website, but the core functionality is solid, and already in use for quite a lot of our clients. As such, we would say it's ready for evaluation by interested Django developers.

So, if you’re interested in a comprehensive authentication system for Django projects, django-hidp offers:

- comprehensive authentication: user registration with email verification, login, password reset, and more

- OpenID Connect (OIDC) support: built-in support for integrating with providers like Google and Microsoft

- One-Time Passwords (OTP): based on django-otp, with flexible flows and policies

- rate limiting: protects against brute-force attacks

- Content Security Policy (CSP): helps prevent cross-site scripting and other code injection attacks

- standalone OIDC Provider: can be configured to act as its own OIDC provider

- and a lot more...

Designed with OWASP best practices in mind, django-hidp aims to provide a secure and flexible solution for user authentication in Django projects. Without having to reinvent any wheels (no pun intended) and combining slews of dependencies together into a coherent whole. We've already done that quite a lot of times in the past, and now we finally sat down to that work for you, and build an opinionated, batteries-included application that can be used in all Django projects.

If you have any questions, or would like to know more, please reach out to me.