Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuckBuy Now
Search - "auth0"
If the time comes when the traditional signing in with email dies out, I don't know how long I'm gonna last to the Internet anymore. I never liked the idea of having my accounts associated with these giants especially with Facebook.14
Yet another Hacktoberfest tshirt
Received by improving documentation and the product itself
(The tshirt is darker than the image)3
Am currently developing an app which uses an IaaS named Auth0. Great experience so far, reasonable docs, unlimited users, social login, sso and support for about $29/m.
After an inquiry from a customer to provide MFA, I contacted Auth0 to see what it would take to use this feature.
"We only offer this in our Enterprise plan which starts at $18k/yr."
Well, fuck me with a pitchfork and call me Bridget the midget. I'll code it my goddamn self.1
Do you think Auth0 is a good solution for smaller projects? Is it easy to replace in the future? Know any good (and preferably cheap) alternatives?7
i have a question for you. You work for an industry, a factory, in house. You have only one developer to help you.
They ask you for an app to store production and get reports. Ok
Then before a year passed, they want you to start making apps for: project managment, hr 360 evaluation, implementation of SSO without paying a third party service (like auth0 or okta)
Would you feel comfortable, even if the proper time was given, to get involved with so many different domains without anyone above you having any idea about software lifecycle and development?4
I hate the company (agency) I moved to...I've negotiated good pay and the project for cutting edge medical product which will change the world (cancer diagnose and it actually works).
Now the dark side I've got shit tier laptop which I don't want, overtime is payed 30% less, all the people in the agency from development team don't know shit and are mostly I would call them juniors (of course who would with enough seniority work with shit hardware and almost not payed overtime), only tap water and since this is the old part of town you instantly get sick, they treat people like shit.
The product dark side. We are actually working on crm for doctors to input patient data, we cannot have any real data because we are the agency people, product is being led by the guy who has 0 production experience (they choose the database basically with coin toss and emulated the mongodb in postgress with jsnob, they don't know how to build their own auth system hence my previous rant about b2c, they are using cognito and now moving to auth0 which probably won't fit their need because a lot of stuff needs to be custom), they are choosing every hipe tech out there without any prior experience. It's chaos...
I'm trying to guide them but i think this will be a huge expensive failure and that i need to leave asap.
There I feel better now, moral of the story, choose startups wisely.1
Fuck you "hackers"! You make my life miserable...
No longer can anyone simply enter their user name and password to enter an online app...
Now we as programmers have to leap from one fiery hoop on the precipice of a death defying cliff to another acidic hoop in some mystical forgotten cavern of the underworld just so our users can log in securely to our app... sigh... I'm looking at you Auth0 and Microsoft SSO / AAD !!!111oneeleven
I mean wtf even is a nonce?!
Guys I need to deploy a very simple authentication API service.
You register with a username (actually an ID with a determined format), a password and uuid. You login with your username and password and if credentials are correct you get back the uuid as a response (JSON or whatever the fuck).
If you forget your password, you can use your uuid (which is confidential, very long string) in some POST request to set a new password. If you forget your username, you use the uuid again in a GET request to get back your username.
I've been looking at a bunch of solutions online and I don't think they suit my purpose exactly and all require emails (Like Firebase, AUth0, etc.) So, let me get this straight: NO FUCKING EMAILS INVOLVED PLEASE.
The above are the EXACT requirements I need for my work (for a good cause too). I fucking hate 0-requirement exploratory research tasks and I'm plagued with those. Those requirements are the only way it should work. So again, NO EMAILS INVOLVED PLEASE.
Also, please note that I have never developed an API in my life. I feel like StackOverflow will be assholes about this so I am asking this here.
I know it is very easy to do and there are probably dozens of ways to do this. I just do not know how, documentations are vague and overwhelming (or I'm just a little stupid lately). Another thing is that I am not sure of how can I do this in the most secure way. Bonus if this can be dockerized.
I know I sound a little rude,so I am sorry. It is just my frustration and depressing times I am going through that's preventing from thinking straight.6
So, need to secure some requests.
I decided on going passwordless on the website but I want to have an API too.
I am reviewing auth0.
I am also not sure if I can secure the same endpoints as private and public differently, so the private is used by the backend with no auth and the public with auth.
Wold you guys help me with some reading material?2
What are your personal goto identity management providers?
I am currently looking at Firebase and Auth07