Preset request - Simple authentication workflow (Auth0/Firebase Auth/AWS Cognito)

[samuelcastro]

I think it'd be really helpful to show up some simple authentication workflow, maybe using Auth0 or Firebase Auth or even AWS Cognito. Just to illustrate how one would handle cookies coming from the server, specially with the server/bowser reconciliation in the context of a SSR/SSG.

What do you think.

[Vadorequest]

I think it's too specific to be part of the current default preset, but if the community want to build a different preset that showcase such workflow, that could be interesting.

I don't have any need for this, so I won't work on it myself.

Regardless, it's a good consideration.

I recommend to wait until things have calmed down (lots of stuff going on right now), before working on this. I believe it could be done once the main presets are out and ready (see https://unlyed.github.io/next-right-now/concepts/presets.html#which-presets-are-being-considered)

[samuelcastro]

Ok sounds like a plan, I don't think it's too specific though, almost all web app needs to handle authentication at some point.

[Vadorequest]

The concept is indeed very common, but the implementation is very specific (and complexifies things quite a bit).

I try as much as possible to provide generic features, with generic vendors. Most newcomers are lost with the existing vendors set, too much already. Hence why I prefer to keep working on the planned presets, which will eventually lead to a much simpler one. And from there we can add more complex ones.

[fortydegrees]

Hey, love the work done already on this. Just want to add my strong +1 for user authentication flow bundled in!

[Vadorequest]

I just discovered https://next-auth.js.org/ which looks awesome for any kind of authentication.

[samuelcastro]

Yeah, Next Auth would be a perfect fit for this, it supports many providers including AWS Cognito. https://next-auth.js.org/configuration/providers

[Vadorequest]

I might start working on this within the next 2 weeks.

I'm not sure about using next-auth, it seems complicated to setup oAuth and such. I'm thinking about using https://magic.link/. (much simpler)

[samuelcastro]

Magic.link looks very expensive, but it's a cool idea.

Next Auth supports a lot more providers though.

[Vadorequest]

Free up to 100 users, it's fine for many POCs/MVPs. But I hadn't considered it might incur actual costs for me 🤔 I'll see.

Yeah Next Auth supports a lot of stuff, it's great. I'm just concerned about how hard it is to configure those oAuth providers, I had a look at the doc and I was like 🤯 so complicated.

[tmpg]

any suggestions on how to implement auth0 into the starter? I am having a bit of trouble understanding how to lock down pages.

any insight would be appreciated thanks!

[Vadorequest]

I haven't played much with auth so far, and never used OAuth.

But, I've recently been working on RWA using FaunaDB which use Magic Link for authentication, and I believe Magic handles OAuth, this might help maybe?

https://github.com/Vadorequest/rwa-faunadb-reaflow-nextjs-magic

The authentication/security around auth is affected by your rendering strategy and business needs, there is no one-size-fit-all way to go, unfortunately.

[tmpg]

I haven't played much with auth so far, and never used OAuth.

But, I've recently been working on RWA using FaunaDB which use Magic Link for authentication, and I believe Magic handles OAuth, this might help maybe?

https://github.com/Vadorequest/rwa-faunadb-reaflow-nextjs-magic

The authentication/security around auth is affected by your rendering strategy and business needs, there is no one-size-fit-all way to go, unfortunately.

I will take a look. Thank you~!