How to implement session-based auth in NextJS13 without services like Nextauth/clerk/supabase etc
I want to have session based authentication for my small SaaS prototype side projects, and I want to just make it without having to worry about inescapable tradeoffs or breaking updates of auth services.
The thing is, I don't know enough about security/networking practices to understand exactly all the bases I need to cover. Like cross-site-request-forgery etc I have no idea about how to take precaution against. I also don't know the go-to libraries for creating cookies and storing cookies on the client or how any of that works. Does anyone have any resources or experience making auth from scratch in next13 that they could share on how to do something like this? Or is this path even recommended if my goal is to just quickly build, iterate, and market SaaS applications as a solo developer? Thanks.
The thing is, I don't know enough about security/networking practices to understand exactly all the bases I need to cover. Like cross-site-request-forgery etc I have no idea about how to take precaution against. I also don't know the go-to libraries for creating cookies and storing cookies on the client or how any of that works. Does anyone have any resources or experience making auth from scratch in next13 that they could share on how to do something like this? Or is this path even recommended if my goal is to just quickly build, iterate, and market SaaS applications as a solo developer? Thanks.
0 Replies