| ▲ | jonahx 13 hours ago |
| which do you recommend? |
|
| ▲ | bekacru 16 minutes ago | parent | next [-] |
| https://better-auth.com :) |
|
| ▲ | bootstrpppin 2 hours ago | parent | prev | next [-] |
| I've used a few: - Cognito: bad - Clerk: ok for small scale applications but they're a small company 'moving fast and breaking things'. It's not stable enough for a enterprise grade product that needs robustness. - Auth0: Good but can get expensive - WorkOS: Good for B2B, especially if 'directory syncing' is important for your usecase |
|
| ▲ | n2d4 12 hours ago | parent | prev | next [-] |
| I'm biased but Stack Auth [0] is fully open-source, self-hostable, and we offer reasonably priced managed hosting, if that floats your boat. [0] https://github.com/stack-auth/stack |
| |
| ▲ | stevepotter 11 hours ago | parent | next [-] | | Wow I just got done integrating NextAuth. I will totally switch to this if you can support my mobile API. My nextjs app has some API routes used by my native iOS app. It was a bit of a hassle with NextAuth and I was surprised at the lack of support and demand for it (am I crazy for using next for a mobile API? I don't think so). If you support that use case (I didn't see anything in the docs), that would be great. I'm already done with the iOS portion, which basically stores the | |
| ▲ | bhouston 12 hours ago | parent | prev [-] | | Looks really nice! Really need Remix and Tan-Stack support though - these are taking a lot of market share from Next.js because they have less confused models. I think it shouldn't be too hard. I could even add Remix support for you if you wanted to do a contract (I am not able to do major open source work for free right now.) |
|
|
| ▲ | pajeetz 12 hours ago | parent | prev [-] |
| pocketbase, lucia auth, there are so many options that won't meter you for MAU for a user table in your database. authentication is critical, you shouldn't be outsourcing this stuff anyhow. learn how to harden your box, use cloudflare tunnel and dont store passwords in plaintext. its really not hard to do and constantly being gaslighted into paying someone to do it for you because everybody else is doing it is just irresponsible. |
| |
| ▲ | portaouflop 4 hours ago | parent | next [-] | | Please don’t roll your own Auth - there are too many examples where this went wrong. Go with a proven, vetted, and trusted open source solution. | |
| ▲ | jonahx 12 hours ago | parent | prev [-] | | Very much agree with your attitude here. What happens is that nice to have features like email reset/email magic login/social logins/etc accumulate and you don't want to be on the hook for implementing them all yourself, especially with other priorities. Ofc there are open solutions for most of these in most popular languages, but I've found even those take non-trivial amounts of time to setup right and test, and often aren't exactly what you want, or have unnecessary complexity. | | |
| ▲ | pajeetz 7 hours ago | parent [-] | | I respect your view. I'm not involved with Lucia btw but i do feel v2 covers a lot of those edge case you described and for almost all sub 100k concurrent sessions I find pocketbase deliver here (if anybody is interested). I guess one clear difference is the lack of a marketing department from something well funded. I recall another HN comment here that said the best business model is to take something people can do already and mark it up by selling the pain points, that could be whats also helping all these auth as a service vendors. |
|
|
