Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
I would recommend going with Auth0 or Firebase Auth if you have a real world use case. I've rolled my own authentication several times early in my career and it can turn from week to months of works and still not be as secure. Security is hard. Unless you're approaching this from a purely educational perspective to learn about cryptography etc, I would suggest using a security service. There are many articles and blog posts written by the companies themselves about the various aspects of authentication, depending on your use case. In my experience, Auth0 has been a neccesary pain in the arse for many of the companies I've worked for. For my personal projects, I've found Firebase Auth simpler
Sorry if that doesn't answer your question. If you just want to roll one anyways, just find articles describing auth implementations in the language you already know. The concepts will be similar. The best way to learn is to try to implement one. Good luck
neeno3593325d@parliament718 I actually found a few articles and got a rust crate to deal with JWTs. Setting everything up was easy and it works, but now I realize there's tons of stuff I still need (e.g. refresh tokens) and I've decided to go with an already built solution (more secure, less work for me). I'm staying away from auth0 because they're pretty expensive, so I might go with firebase.
Thanks for the insight!
xonya31** The most hilarious authentication implementation I've ever seen ** They stored password in cleartext, but ...
linuxxx39I get that fingerprint authentication is very convenient but I'd never use it (not even for privacy reasons th...
gosubinit10Protecting credentials from eavesdropping using HTTP Basic Authorization header: