Here are some of the options that I know if to handle user authentication for apps:
- hand rolled user authentication system
- hand-rolled using a plugin (e.g. passport.js)
- using an outside service (e.g. Auth0 or AWS Cognito)
I currently use passport.js, but I don't like it, and adding in social logins is complicated and annoying.
I'm currently shopping for a better solve for this problem.
Thoughts?
Top comments (24)
Keycloak is a decent open source option that you can self host. Gives you all the benefits of a full blown auth system without a price tag. We use it at $dayJob.
For hosted solutions, Auth0 or Okta. While okta appeals to enterprises, they have an auth product for your consumer apps similar to Auth0.
Have been leaning towards Auth0 for awhile. Any thoughts on one over the other?
Use Auth0 if you want to pay someone else to run it and be on call for it. Use Keycloak if you want to run it and be on call for it.
Otherwise, they all have a similar feature set.
Best summary 👍🏼
Advantages of keycloak is you and also federate logins with AD/LDAP, social media login, Kerberos,OAUTH, etc. There's also a Docker container for it.
Awesome. Thanks for the info!
I use three levels depending on the user / customer.
Consumer
Enterprise
Another 3rd party that you may be interested in is Okta
Thanks for the feedback! Its not an enterprise app, so Okta is a bit of overkill, but it is a nice solution. Just expensive.
Have a look at fusionauth, its a free fullblown auth solution.
im running a instance on a 2gb VM, with a couple of hundred users.
Oauth, openid, saml - everything you need.
did i mention its free?
awesome, thanks!
Is that just a .net thing?
I've tried Google firebase and Amazon Amplify. Amazon has a default UI it comes with but firebase doesn't. 🙂
Sweet,may give Amplify a go 👍🏼
Firebase has some UI libraries you get on npm. Or check out on GitHub. They have plain JS versions and some framework specific ones. But I don't think they are officially supported by Firebase or anything they're just community libraries.
Cool cool. Thank you!
I like rolling my own JWT service. Of course, it's more work - but, like all things, you'll find a better product this way.
If you're greenfield and GQL is on the table, I had an AMAZING experience with Prisma. I went from vacant project dir to production-ready JWT auth in... 5-ish minutes.
Cool! Been messing around with Prisma lately. May choose that for the next project for sure 👍🏼
AWS cognito
got any resources?
Accounts js is a cool, very modular library based on the meteor accounts module.
It's a pretty good balance of home grown vs Saas and has plugins for oauth, auth0 (I think?) And many more coming.
Sweet! I'll check it out
I played with both and cognito has a major security issue.
medium.com/javascript-in-plain-eng...
That's a fantastic article. Thanks for sharing! Not having a backup is a pretty big deal.