Our great sponsors
-
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
As for full auth service, I'd closely follow iron-sessions docs, I also recommend referring to otka's developer resources, and web.dev as they all have quite in-depth articles for reading :) - as mentioned the above flow is enough to get you started, and if you're not too worried about a 5 / 10 minute potential attack vector then it will easily be sufficient :) (MiM generally requires far longer to actually exploit so the security of password less sign-in is more based on probabilities etc...) - you can always reduce the expiry time also which reduces your attack vector directly. Iron session is good, and it takes an orangutan to fuck it up :D