← Back to all products
$9
Magic Link Auth
Passwordless authentication via magic links with token generation, email templates, and rate limiting.
JSONMarkdownPython
📄 Product Preview
Try the interactive reader and demo tools below, or get the full product with all content unlocked.
📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample📁 File Structure 9 files
magic-link-auth/
├── LICENSE
├── README.md
├── examples/
│ └── config.example.json
├── free-sample.zip
├── guide/
│ ├── 01_magic-link-auth.md
│ ├── 02_features.md
│ └── 03_quick-start.md
├── index.html
└── src/
└── main.py
📖 Documentation Preview README excerpt
Magic Link Auth
Passwordless authentication via magic links with token generation, email templates, rate limiting, and HTTP server. Zero dependencies.
Part of the Auth Vault toolkit by [CodeVault](https://codevault.dev).
Features
- Cryptographically secure tokens (URL-safe, single-use)
- Configurable expiration (default: 15 minutes)
- Rate limiting: max N requests per email per time window
- HTML email templates with customizable branding
- Plain text fallback for email clients that strip HTML
- Token verification with automatic cleanup of expired tokens
- Complete HTTP login flow with redirect after verification
- CLI tool for token management and demo server
- Zero dependencies — Python stdlib only
Quick Start
# Generate a magic link for an email
python3 src/main.py generate --email user@example.com
# Verify a magic link token
python3 src/main.py verify --token TOKEN_STRING
# Send a magic link email (requires SMTP config)
python3 src/main.py send --email user@example.com
# Start the demo HTTP server
python3 src/main.py serve --port 8000
Using as a Library
from main import MagicLinkAuth
auth = MagicLinkAuth(
base_url="https://auth.example.com",
token_ttl_seconds=900,
max_requests_per_hour=5,
)
# Generate a magic link
token, link = auth.create_link("user@example.com")
print(f"Magic link: {link}")
# Generate email HTML
html = auth.render_email(
link=link,
company_name="Acme Corp",
brand_color="#E91E63",
)
# Verify a token (returns email or None)
email = auth.verify(token)
if email:
print(f"Authenticated: {email}")
*... continues with setup instructions, usage examples, and more.*
📄 Code Sample .py preview
src/main.py
#!/usr/bin/env python3
"""
Magic Link Auth — Passwordless Authentication via Email Tokens
===============================================================
A complete magic link authentication system with secure token
generation, email templates, expiry management, rate limiting,
and a demo HTTP server.
Why magic links? They eliminate password-related support tickets,
remove credential stuffing risk, and provide a frictionless login
experience. This implementation shows you how to build it right.
Zero dependencies. Import or run as CLI.
Part of the Auth Vault toolkit by DataNest.
License: MIT
"""
from __future__ import annotations
import hashlib
import hmac
import html
import json
import logging
import os
import secrets
import smtplib
import threading
import time
from dataclasses import dataclass, field, asdict
from datetime import datetime, timezone
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
from http.server import HTTPServer, BaseHTTPRequestHandler
from pathlib import Path
from typing import Any
from urllib.parse import urlencode, urlparse, parse_qs
# ---------------------------------------------------------------------------
# Configuration
# ---------------------------------------------------------------------------
STORAGE_FILE = Path("./magic_links.json")
DEFAULT_HOST = "0.0.0.0"
DEFAULT_PORT = 8083
TOKEN_TTL = 600 # 10 minutes — short-lived for security
TOKEN_LENGTH = 32 # 256-bit token
RATE_LIMIT_WINDOW = 300 # 5 minutes
# ... 503 more lines ...