Friday, 30 December 2022

New top story on Hacker News: Ask HN: Lightweight Authentication

Ask HN: Lightweight Authentication
24 by scoresmoke | 15 comments on Hacker News.
I want to let users log in to my proof-of-concept Web app. However, I don't want to maintain a fully-fledged authentication solution, managing logins, passwords, OAuth tokens, and their recovery. Ideally, I'd like to receive a unique user token and allow one to log in back if they decide to return. I don't need any user metadata. OpenID requires quite an effort and a provider like Google or Okta. The most-matching concept was Mozilla Persona, but it was shut down in 2016. What is the better way to implement this? Should I stick to the plain old login-password combination?

No comments:

Post a Comment