DEV Community

Mario Flores
Mario Flores

Posted on

Problems building Authorization System

Hey everyone. I’ve been researching for the past few months about authorization. I’ve read articles about how difficult it can be to build your own. I was wondering if that is true? If any of you are facing the same problem, I would love to know your thoughts and experience in building one. Thanks.

Discussion (3)

Collapse
nombrekeff profile image
Keff

It depends on what you mean by Authorization System. Are you talking about backend auth, front end auth or both? It also depends on the platform and system you're going to use it with.

In general, I'd say it's not as easy as it might seem. Making a basic auth system can be quite straight forwards, making it robust and secure is another thing. It also depends on the features you want to have, the type of auth, using tokens or cookies, can the session be shared across subdomains, do you want 2fa, etc...

So yeah, it's kinda non-trivial to do it well, and quite easy to built it wrong.

Collapse
polterguy profile image
Thomas Hansen

You could just use Magic - It comes with integrated registrations, double optin of emails, configurable extra fields, authentication and authorisation - The whole shebang basically ^^

Collapse
yvesmac profile image
yvesmac

if your objective is one system to use for authentication and authorization in your app, I recommend using Keycloak as an enterprise solution for this final.

keycloak.org/