Recent and related:

Show HN: Comprehensive authentication library for TypeScript - https://news.ycombinator.com/item?id=41678652 - Sept 2024 (44 comments)

How are people able to just spin up Google login using these libs? When I tried it doing it directly my site had to be reviewed multiple times by some Google rep and I had to change the privacy policy, not have any beta features etc etc. What am I missing? I find it really strange that I must fully launch my product before I can enable the most common login mechanic. It feels like a catch 22.

Looks interesting. I like that you can plug your own identity provider quiet easily. One nit: They should really rename their Node integration to Express integration because that’s what it is looking from examples (and that’s what people might commonly look for).

I've been hoping on some library to better simplify passkey auth, especially in "serverless" situations with KV DB like Deno Deploy/Netlify/et al. I'm sick of passwords and passkey should be all I need, but the high level libraries just don't seem to exist in good enough forms yet and everyone keeps instead relying on overkill vendors like Auth0/Okta.

Does anyone have experience with https://lucia-auth.com ? OP says that it's deprecated, but it seems like it just changed from a library to a short guide on how to implement auth yourself.

I'm planning to migrate our authentication and session management from auth0 to this to save costs and make things simpler.

There are so many auth libraries on the roll nowadays. I am using firebase js and it is very simple and straightforward to use.

I'm not a security expert, so please advise any pitfalls that the new libraries address which cannot be done with firebase

I am currently self hosting former gotrue, now supabase auth and am having a hard time implementing oath and will probably try to switch to better auth. The docs look super comprehensive.

It says it's better auth, but it's actually the best auth library.

As someone developing with both Nuxt and Next, I find these "full-stack" JavaScript libraries and frameworks really confusing and difficult to grok. I understand the benefit of only having one ecosystem to worry about (JS/TS in Node and browser) but I'm not convinced that having backend and frontend in the same codebase is actually a good idea. It might be due to being a more "old school" full stack developer, but this new wave of of SSR-led full-stack frameworks is tricky.

[flagged]