How are you handling User Authentication?

twitter logo github logo ・1 min read

Here are some of the options that I know if to handle user authentication for apps:

  • hand rolled user authentication system
  • hand-rolled using a plugin (e.g. passport.js)
  • using an outside service (e.g. Auth0 or AWS Cognito)

I currently use passport.js, but I don't like it, and adding in social logins is complicated and annoying.

I'm currently shopping for a better solve for this problem.

Thoughts?

twitter logo DISCUSS (23)
markdown guide
 

Keycloak is a decent open source option that you can self host. Gives you all the benefits of a full blown auth system without a price tag. We use it at $dayJob.

For hosted solutions, Auth0 or Okta. While okta appeals to enterprises, they have an auth product for your consumer apps similar to Auth0.

 

Have been leaning towards Auth0 for awhile. Any thoughts on one over the other?

 

Use Auth0 if you want to pay someone else to run it and be on call for it. Use Keycloak if you want to run it and be on call for it.

Otherwise, they all have a similar feature set.

 

Advantages of keycloak is you and also federate logins with AD/LDAP, social media login, Kerberos,OAUTH, etc. There's also a Docker container for it.

 
 

I use three levels depending on the user / customer.

Consumer

  • Direct account - rolled my own using sessions as the primary method and JWT as an alternative. Used argon2 as the hashing algorithm. You'll need account creation, e-mail validation using some kind of temporary token/url, integration with trusted e-mail service like SES.
  • Social login - have only implemented Google at this time. They are not too complicated, but does take some time to figure out at first.

Enterprise

  • Federated login using SAML - If you're building for enterprise, this is a must so that you can integrate with their internal directory service.

Another 3rd party that you may be interested in is Okta

 

Thanks for the feedback! Its not an enterprise app, so Okta is a bit of overkill, but it is a nice solution. Just expensive.

 

Have a look at fusionauth, its a free fullblown auth solution.
im running a instance on a 2gb VM, with a couple of hundred users.
Oauth, openid, saml - everything you need.

did i mention its free?

 

I like rolling my own JWT service. Of course, it's more work - but, like all things, you'll find a better product this way.

If you're greenfield and GQL is on the table, I had an AMAZING experience with Prisma. I went from vacant project dir to production-ready JWT auth in... 5-ish minutes.

 

Cool! Been messing around with Prisma lately. May choose that for the next project for sure 👍🏼

 

I've tried Google firebase and Amazon Amplify. Amazon has a default UI it comes with but firebase doesn't. 🙂

 

Sweet,may give Amplify a go 👍🏼

 

Firebase has some UI libraries you get on npm. Or check out on GitHub. They have plain JS versions and some framework specific ones. But I don't think they are officially supported by Firebase or anything they're just community libraries.

 
 
 

Accounts js is a cool, very modular library based on the meteor accounts module.
It's a pretty good balance of home grown vs Saas and has plugins for oauth, auth0 (I think?) And many more coming.

 
Classic DEV Post from Feb 23

5 Specific Actions to Achieve Success

Success is an entity that all human beings want and wish to achieve. It could be attaining success in the workplace, in business, in a relationship, in family matters, etc.

Jared profile image
L.A. based web developer slowly parsing through Stack Overflow.

dev.to now has dark mode.

Go to the "misc" section of your settings and select night theme ❤️