logto VS slonik

feature request: add suspend user event for webhook #4297

We'd like also invite you to take a look at our new website and explore the features of Logto Cloud.

Want to give it a try? Go to Logto Cloud and pick a connector.

Thanks for the great feedback :)! We're pleased to confirm that we do offer support for our Hobby plan. However, if you're looking for premium support with a response time of 48 hours, that's part of our Pro Plan. Additionally, Logto has a vibrant community that is always ready to assist with any issues you may encounter. When it comes to pricing, ours is based on Monthly Active Users (MAU) and user engagement. For an app with around 10k MAUs, you can expect an approximate cost of $100 per month, based on our prediction and industry benchmarks. We make a point of being transparent about our pricing on our website, so our customers can make informed decisions with confidence. In terms of cost, we believe our prices are competitive within the industry. As a SaaS company, we specialize in providing comprehensive identity management services. Our solutions adhere to open standards and cover essential aspects like user sign-in/sign-up and user management features such as role-based access control. If our Freemium or Hobby plans don't meet your needs, we also offer a fully open-source version. This option is highly regarded within the open-source community and might be a suitable choice for you. https://github.com/logto-io/logto

Security is a complex topic, and it is impossible to cover everything in a single article. We hope that this article has helped you build a stronger sense of security for yourself or your team. If you are building a new app, you may also want to check out Logto, a platform that helps you develop, manage, and secure your product's user identities with minimal effort.

Learn more details in the blog: 👉 Tackle social login experience: Unlocking the power of convenience. From the perspective of Increase Conversion, Get Quality Data, and Retain Users, I explored the benefits of Social Login and offer some tips with comparative case studies. Additionally, you can experience the seamless sign-in experience configuration firsthand within Logto Cloud Console. Value your insights if you have any better suggestions.

Logto is an effortless identity solution with all the features you need. It supports various sign-in methods, including username, email, phone number, and popular social sign-ins like Google and GitHub.

And sometimes invest instead in learning a technology rather than hide it: for example slonik encourages you to write normal SQL queries by making SQL templating easier and safer. In turn, your IDE would be able to understand those queries and give you support based on the database schemas you actually have.

I'd push you to consider using postgres, slonik or similar for database queries. With these libraries, you just write SQL, but they perform input sanitization for you. So you can safely write:

You can already use postgres with Slonik.

https://github.com/gajus/slonik#user-content-slonik-how-are-...

It is not going to be the default because it is way slower.

https://github.com/gajus/slonik/actions/runs/6616647651

Test node_version:18 test_only:postgres-integration is taking 3 minutes.

Test node_version:18 test_only:pg-integration is taking 38 seconds.

For those uninitiated, Slonik is a battle-tested SQL query building and execution library for Node.js. Its primary goal is to allow you to write and compose SQL queries in a safe and convenient way. Now, let's see how it pairs with Express.js.

I am the maintainer of Slonik and I am trying to understand what portion of this sub-users are using Slonik vs other libraries, and if they are using anything else – what are their reasons for it.

It's nice that they implemented string templates essentially exactly the same way Javascript template literals and tag functions work. They even give an example of using it to create a prepared statement (e.g. DB."SELECT * FROM foo WHERE bar = \{inputParam}") which is exactly what many NodeJS libraries due, e.g. Slonik https://github.com/gajus/slonik, like sql`SELECT * FROM foo WHERE bar = ${inputParam}`;

I've found libraries like Zod useful when interacting with external data sources like a database. Slonik[1] uses Zod to define the types expected from a SQL query and then performs runtime validation on the data to ensure that the query is yielding the expected type.

I don't think it's necessary to use Zod/runtime validation everywhere, but it's a nice tool to have on hand.

[1]https://github.com/gajus/slonik

Demonstrate how easily and accidentally one can make an SQL injection with these:

https://github.com/porsager/postgres

https://github.com/gajus/slonik

Have you tried Slonik (https://github.com/gajus/slonik)? It won't generate types from queries automatically, but it encourages writing SQL vs. a query builder and allows type annotations of queries with Zod. Query results are validated at runtime to ensure the queries are typed correctly.