It's silly to write the same functionality over and over again. Auth is the most often implemented functionality at web projects. Let's check how can we speed up development by using one of auth provider: Amazon Cognito, Google Firebase or Auth0. On code level we will use custom React Hooks.
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
"Auth for React.js APP", Nikita Galkin
1.
2. Nikita
Galkin
Love and Know:
▰ How to make developers and business happy
▰ Technical and process debt elimination
Believe that:
▰ Any problem must be solved at the right level
▰ Software is easy. People are hard
▰ A problem should be highlighted, an idea should
be "sold", a solution should be demonstrated
Links:
Site GitHub Twitter Facebook
2
13. 1. Registration flow
2. Password reset flow
3. Credentials Validation
4. Error Handling
5. Error Messages
Before user can authenticate
you need to implement:
6. Localization
7. Brute-force attacks
protection
8. Email templates
14. 1. “Remember me”
feature
2. Deleting or
blocking/suspending
users
After user authenticates,
you need to think about
3. Event log
4. Anomaly Detection
5. MFA
6. Global logout
7. Scaling
24. ● Firebase – free (without Phone Auth)
● Cognito – free 50,000 MAU,
$0.0055 per user after
● Auth0 – free Up to 7,000 MAU,
$23/mo Up to 50,000 MAU,
x.000$/mo after
● Okta – 🔥💵
Pricing