Remix clone Hacker News

pocketbase, lucia auth, there are so many options that won't meter you for MAU for a user table in your database.

authentication is critical, you shouldn't be outsourcing this stuff anyhow. learn how to harden your box, use cloudflare tunnel and dont store passwords in plaintext.

its really not hard to do and constantly being gaslighted into paying someone to do it for you because everybody else is doing it is just irresponsible.

▲

portaouflop 4 hours ago | parent | next [-]

Please don’t roll your own Auth - there are too many examples where this went wrong.

Go with a proven, vetted, and trusted open source solution.

▲

jonahx 12 hours ago | parent | prev [-]

Very much agree with your attitude here. What happens is that nice to have features like email reset/email magic login/social logins/etc accumulate and you don't want to be on the hook for implementing them all yourself, especially with other priorities. Ofc there are open solutions for most of these in most popular languages, but I've found even those take non-trivial amounts of time to setup right and test, and often aren't exactly what you want, or have unnecessary complexity.

	▲	pajeetz 7 hours ago \| parent [-]
		I respect your view. I'm not involved with Lucia btw but i do feel v2 covers a lot of those edge case you described and for almost all sub 100k concurrent sessions I find pocketbase deliver here (if anybody is interested). I guess one clear difference is the lack of a marketing department from something well funded. I recall another HN comment here that said the best business model is to take something people can do already and mark it up by selling the pain points, that could be whats also helping all these auth as a service vendors.