Comment by sreekanth850
9 hours ago
I don’t know when we became this lazy. Auth is hard, sure, but putting your users table and sessions behind a vendor API is not something cool. Tell me one feature that is not supported by libraries like OpenIddict (You can build around) or Keycloak?
I think the main argument usually is time savings. Personally I just always do E-Mail and password auth, yea its old and not the shiny new thing, but it doesn't require me to integrate 200 different ways of doing auth.
We should be able to demand users remembering their passwords, I dont like to cater towards users who simply dont want to put in the work to use my product.
Will I lose potential users over this? Yes. Does it feel bad knowing I am in control and wont have to offload to 3rd party vendors? Hell no.
Same here, Just email + password, no google dependency initially. If more users ask we will think of it. but again you don't need a cloud vendor for all this.
That's great for B2C, but B2B demands SSO.
Not really, we do B2B. E-mail & password is good enough for our customers. They really really dont care about what kinda auth we use.
1 reply →
Well the disadvantage is that you're responsible for your companies keycloak.
Exactly. Do you want to become ops? Because that's how you become an ops team.