Our great sponsors
-
Sandstorm
Sandstorm is a self-hostable web productivity suite. It's implemented as a security-hardened web app package manager.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
django-allauth
Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
I build my apps on Sandstorm[1]_. Sandstorm provides authentication as a part of the platform. For Django applications, I wrote Django Loves Sandstorm[2]_.
If your application fits into Sandstorm's model of grains[3], then the security benefits of Sandstorm are many.
.. [1] https://sandstorm.io/
I'm exploring a signature-based authentication scheme here: https://github.com/jshawl/proof.im
At a high level:
1. Claim and prove ownership of a public key
I'm currently working on a project with the same stack: NextJS + Prisma + Postgresql and I started to implement this open source auth library:
https://supertokens.com/
Here is the documentation for implementing the library with NextJS:
https://supertokens.com/docs/thirdpartyemailpassword/nextjs/...
I built a Next.js library for this purpose using Hellō and iron-session. This lets me roll a new application with social login without needing to register with Google/Apple/other providers.
https://github.com/irrelevelephant/nextjs-hello
Its interface is essentially just a login button component, and functions to retrieve the user session state on both the client/server.
If you're not using Next.js, you may want to use Hellō directly - it's a simple OIDC provider with some convenient benefits.
https://www.hello.dev/
Disclaimer I work at ZITADEL and am one of the co-founders.
We always recommend not building auth by yourself. In the first place it may look simple like its only two input fields and a button (username, password), but to get a really secure solution its a lot more to do. You might need some more authentication methods like passwordless, mfa or identity brokering with google, microsoft, etc.
With ZITADEL we built a solution that combines best of Auth0 (great SaaS solution) and Keycloak (opensource). We believe that a cloud SaaS solution is great to go if its possible to use a cloud solution, but there are always lots of on-prem use cases, thats why we are opensource. https://github.com/zitadel/zitadel
ZITADEL is also focused on B2B usecases, so you can have multi tenancy really easy.
If you have any questions just let me know.
Related posts
-
SuperTokens Community VS zitadel - a user suggested alternative
2 projects | 3 May 2022
- Maintainers of Zitadel and Ory discuss their tradeoffs as identity platforms
- Show HN: Auth0 OSS alternative Ory Kratos now with passwordless and SMS support
- Ask HN: Technical Challenges in Building Multi-Tenant SaaS Products
- B2B identity infrastructure written in Go