rolling your own auth
Does hashing passwords with argon2 and authenticating users with a token thats generated when their account is created count as "rolling your own auth"?
When should i stop " rolling my own auth"? Do i need a service like that if i dont plan on intergrating "login with google" or whatever?
3 Replies
Depends on the type of user you're targeting. With all the great open-source tools, it's still a headache when you start having paying customers. Consider:
1. Managing and monitoring users. (You'll need to build a dashboard or use something like Retool)
2. Onboarding (invitations, ...).
3. Teams and roles.
4. Compliance (for business/gov users)
5. SSO (beyond just login with Google)
If any of these concern you, it's probably better to just use Clerk or Supabase
Thanks
I've read that some people are rolling their own with lucia, I'm fiddling around with it as well, but the hassle is kinda like, yeah maybe i should really just use clerk^^