I'm finally moving away from Next-Auth

แชร์
ฝัง
  • เผยแพร่เมื่อ 2 พ.ย. 2024

ความคิดเห็น • 182

  • @tinrab
    @tinrab 5 หลายเดือนก่อน +21

    Lucia is great, and the accompanying "Copenhagen book" is a good reference for implementing auth. I actually removed Lucia itself and implemented my own flows based on it, for more flexibility. Also, my opinion on SSO, Soc-2 etc. is that that's only relevant when working with enterprise customers. That's when you should consider a 3rd party service.

    • @FunkyToe369
      @FunkyToe369 5 หลายเดือนก่อน +1

      Pilcrow is a legend! Crazy that they're only like 20 years old or something, the stuff they've been putting out is so good. Definitely learning a lot about auth

  • @siya.abc123
    @siya.abc123 5 หลายเดือนก่อน +177

    If you want to finish your projects, do not watch TH-cam influencers 😅, you'll never finish

    • @randomforest_dev
      @randomforest_dev 5 หลายเดือนก่อน +16

      You got offended by the title because you are Next-Auth fan boy? You do not even watch the whole video. There are a lot of good alternatives to Next-Auth just so you know 😅.

    • @rakibulbhuiyan1137
      @rakibulbhuiyan1137 5 หลายเดือนก่อน

      So true

    • @puckwang6850
      @puckwang6850 5 หลายเดือนก่อน +4

      IMHO, you can do versioning to projects if you want to try new stuff without starting all over. MVP > dangling projects

    • @siya.abc123
      @siya.abc123 5 หลายเดือนก่อน

      ​@@randomforest_dev Not even! Actually I'm grateful for this video because I needed something like this since I want to use GO for my backends, this seems to give me more control to achieve this than next auth.

    • @o_glethorpe
      @o_glethorpe 5 หลายเดือนก่อน

      ​@@WebDevCody Thats a bold assumption :(

  • @buzz1ebee
    @buzz1ebee 5 หลายเดือนก่อน +12

    NextAuth was pretty horrible when I tried setting it up. Had it running for a couple of weeks before ripping it out because it just didn't work correctly. It couldn't handle refresh tokens correctly, and it was really messy catching expired sessions across client components, server components, server actions, and an external rest API. Wayyyy too abstracted and the docs were pretty awful for anything but the most trivial of set ups.
    I ended up moving auth completely to the restapi backend, which used zitadel of identity management via oauth and express session to set cookies. Next just needs to redirect to login if the backend sends 401 or there's no cookie set. Easy.

  • @vimalsonara2819
    @vimalsonara2819 5 หลายเดือนก่อน +85

    Next-auth's credentials setup is pain in the a**.

    • @o_glethorpe
      @o_glethorpe 5 หลายเดือนก่อน +9

      @jacwida dont bother, next week he will think its good again

    • @NewTypeStarling
      @NewTypeStarling 5 หลายเดือนก่อน

      @@o_glethorpe actually nah

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +6

      @@o_glethorpe wow how dare you. Sometimes I stick to something like deploying to VPs

    • @UwU-dx5hu
      @UwU-dx5hu 5 หลายเดือนก่อน +1

      Thank you

    • @mohammedanas8637
      @mohammedanas8637 3 หลายเดือนก่อน

      tbh , it isn't that hard , i've been using next auth with credentail based login with rbac , seems to work just fine , you just have to set it up in the proper way . But they could work on the docs though.

  • @nasko235679
    @nasko235679 5 หลายเดือนก่อน +29

    Today I had a chat with the creator of authjs in their discord and he told me that if I wanted real-time authorization management I should go with a "db session" strategy for my credentials provider. When I asked him where the documentation is on that he told me "no, we don't recommend it. if you need it, we think you should implement it with care and consideration, having the right knowledge to do so. People often don't realize that it's more than just the code. bot protection, pw management/rotation, etc. That said, it's fully possible to do it, in like 20 lines of code, if you know what you are doing " . And then he proceeded to gloat about how flexible authjs is. So tldr: "authjs can do it but he won't write any documentation because he's against certain ways of authentication". So weird.

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +36

      they don't recommend it because they want you to use JWT so that their auth works on EDGE so that you use VERCEL

    • @nasko235679
      @nasko235679 5 หลายเดือนก่อน

      @@WebDevCody Oh RIIIGHT I forgot about that, session based auth doesn't work properly on EDGE right?

    • @flexdash
      @flexdash 5 หลายเดือนก่อน +11

      The maintainer of authjs/next-auth is a very self righteous, cocky and overconfident guy. We need to stop putting library authors on a pedestal just because they created a library. The guy talks down on people and feels like he's the person that should guide the industry on "bad practices".

    • @ayukalvieri3154
      @ayukalvieri3154 5 หลายเดือนก่อน

      ​@@nasko235679 it doesn't?. How so

    • @mormantu8561
      @mormantu8561 5 หลายเดือนก่อน

      @@nasko235679 I am not familiar with the libraries, but why would session not work on the edge?

  • @SilverLionApps
    @SilverLionApps 5 หลายเดือนก่อน +1

    This was extremely helpful for my use case. My application required Credentials based login, and then a feature where a user could sync multiple Google accounts to their profile. This made auth strategies with NextAuth a mess, or at least non-intuitive since I'm not an expert on auth implementations. Lucia seems to be exactly what I needed.
    Your video could not have been timed better, I was literally assigned this the day before you published this video lol. Thank you for your straight forward content!

  • @crofoh
    @crofoh 5 หลายเดือนก่อน +20

    I've been using lucia for almost 3 months now and I really like it, it helped me understand how auth really works. But now that I understand, I don't see too much value on lucia: it's just creating and managing sessions on your db which isn't hard at all. At this point it might be better to just own the whole flow and be fully flexible. I see value in Arctic/Oslo though.

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +4

      yeah, I did start to wonder that as I was using it. It seems mainly useful for just creating the cookie, creating the session, deleting the session, etc, but yes that wouldn't be much extra work to just do it myself

    • @crofoh
      @crofoh 5 หลายเดือนก่อน +1

      The only thing I don't like about Lucia is they have implemented a custom algorithm for generating IDs (based on the native crypto module, but custom nonetheless), and while you can choose your ID for your business tables (users, groups, etc) you can't for the sessions table. Either you have to use their method for all your database IDs or you will have two different kinds of IDs on your db. Not a big deal I know, but it would be nice if they used a standard like UUID or let us bring our own one

    • @crofoh
      @crofoh 5 หลายเดือนก่อน +1

      @@WebDevCody also that way you don't have to worry about adapters and db schema being a certain way

    • @dave-7117
      @dave-7117 5 หลายเดือนก่อน

      Just go for oslo without Lucia, its a breeze. Session management is not that hard and all this adapter hell all new libraries come with is just nonsense

    • @NewTypeStarling
      @NewTypeStarling 5 หลายเดือนก่อน

      what about refresh tokens?

  • @RussellDrumss
    @RussellDrumss 5 หลายเดือนก่อน +5

    I love this channel. Just a guy showing you how hes doing interesting things and why. Easy to watch and useful.
    Keep it up

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      Glad you enjoy it!

  • @bnssoftware3292
    @bnssoftware3292 5 หลายเดือนก่อน +1

    I totally agree with you. It's interesting that a lot of these libraries are trying to steer people away from using passwords and yet, pretty much every single online service I use (TH-cam, Google, Azure, AWS, etc...) still uses passwords!

    • @Jussoparkours
      @Jussoparkours 5 หลายเดือนก่อน +1

      Yes because most people don’t do it correctly or make a mistake that leads to their app being compromised. These multi billion or trillion dollar companies funny enough are generally better at doing it correctly

  • @miro0o92
    @miro0o92 5 หลายเดือนก่อน

    I've been using both next auth and Lucia at my job and for my personal projects for the past 1.5-2 years. Both of them can do the job of credentials sign in. The main difference is that next auth has a total mess of docs. Next auth requires a bit more work if you need multiple providers + credentials, a custom adapter if your db isn't supported out of the box(in case ya need a db session management). On the other hand Lucia provides clean docs and great support over discord. Depending on the requirements, time, money I swap between the two. My personal opinion on which is better hands down is Lucia. Keep in mind if I remember correctly Lucia needs a db to work where next auth can work with jwt strategy.

  • @kubre
    @kubre 5 หลายเดือนก่อน +3

    I had spend 2 days to implement email pass in next auth, At that point I just realised why I’m wasting my time

    • @UwU-dx5hu
      @UwU-dx5hu 5 หลายเดือนก่อน

      Same man.same.

  • @mosescosme8629
    @mosescosme8629 5 หลายเดือนก่อน

    I entirely agree about Next-auth. From the moment I found it I decided I wouldn't be using it. The consumers I'm targeting with my apps distrust google and are very familiar with the email/password setup, just like you said.

  • @owszystkim5415
    @owszystkim5415 5 หลายเดือนก่อน +5

    Idk, for me lucia seems much more intuitive than next-auth even though I'm seeing this code for the first time. You don't have weird callbacks that you don't know what they do.

  • @feeco8148
    @feeco8148 3 หลายเดือนก่อน +1

    after 1 month next-auth setup, i give up, planning to move to lucia as well.
    next-auth is the most painful js lib i have ever use.

  • @kgrileyfyi
    @kgrileyfyi 5 หลายเดือนก่อน

    Dude Cory, I love your videos. You taught me how to generate PDFs with puppeteer and SST.
    But the Credentials provider in next-auth is extremely powerful. I use it for email password but I also use it for phone OTP verifications. Once you understand how it works, and yes that's a big hurdle, the Credentials provider is basically a back door to a very awesome auth system.

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      It doesn’t work for database strategy

  • @realbigsquid
    @realbigsquid 5 หลายเดือนก่อน

    Omg Cody. I just spent hours implementing auth with edgedb because of some hackathon, before which I spent a week on a custom implementation of next auth with drizzle, after figuring out a prisma client and auth solution. I may as well roll out with this too... I'm starting to agree with prime that it's probably just better to learn to roll your own auth lol😂

  • @SaifurRahmanAkash
    @SaifurRahmanAkash 5 หลายเดือนก่อน +4

    have you thought about rate limiting? would love to see a tutorial on that

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      on a real larger app I'd use redis or upstash. There are a lot of libraries that already exist that allow you to hook into redis and track request counts per user / IP then deny them access if they go over a limit.

  • @WebDevCodeCrush
    @WebDevCodeCrush 5 หลายเดือนก่อน

    I like the idea of owning my own auth flow, but have never been able to implement it to my satisfaction and with the level of security that I want. Of course, the password reset flows are always fun to build too. Great learning experience, but like I was told a long time ago, you can do it, but by the time you’re done you’ll realize why you should have just offloaded it to a 3rd party…, and then you’ll be spending all your time supporting it and not the app you were building.

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +1

      I agree, but so many people are so anti third party service.

  • @SeibertSwirl
    @SeibertSwirl 5 หลายเดือนก่อน +11

    Good job babe!!!! I’m first!!! Finally again haha

  • @snivels
    @snivels 5 หลายเดือนก่อน +2

    For NextAuth you need to do the db lookup of your user in the authorize callback then the object you return will be passed to the jwt callback and inside there you return the token param of the jwt callback, after that the session callback is run with the session and token able to be destructured from the param, you need to then return the session from this callback.
    Perhaps it's not clear in the docs but once you know, it's pretty trivial

    • @PraiseYeezus
      @PraiseYeezus 5 หลายเดือนก่อน

      where in the docs is this explained?

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      I'm not using JWT strategy. This approach will not work for database strategy. It is indeed trivial if you use next-auth the exact way they indent you to do it. Also I'm not sure why the docs are so bad.

    • @Yusuf-ok5rk
      @Yusuf-ok5rk 5 หลายเดือนก่อน

      @@WebDevCody btw can we have a short video / short content on why you chose database strategy instead of jwt?

    • @snivels
      @snivels 5 หลายเดือนก่อน

      @@WebDevCody Isn't JWT required for CredentialsProvider though? I agree that the docs are pretty obscure, given the claim that they wantsto be the biggest and best auth solution for js/typescript projects

    • @snivels
      @snivels 5 หลายเดือนก่อน

      @@PraiseYeezus I don't think it is, had to figure the order out myself 🤣

  • @NuRRRL96
    @NuRRRL96 5 หลายเดือนก่อน

    I somehow got it to work. I am using page router if that matters, but you need to add thr session to the callbacks and set up jwt. You also can add role.or whatever to the user, just add it with a default.value then change it later

  • @abdirahmann
    @abdirahmann 5 หลายเดือนก่อน +4

    OMG, this is just painful and it sucks , everything with next-js just makes me cringe!!, am not really a hater but my GOD WHY?? WHY THE PAIN?!, btw, how is the dev hot reload now, it used to suck with the app router, i never tried the pages router!!

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +1

      the app router hot reload is doing good now

  • @UNDEREFFCT
    @UNDEREFFCT 4 หลายเดือนก่อน

    What you think about Kinde? it looks nice and easy to setup

  • @zabialy2919
    @zabialy2919 4 หลายเดือนก่อน +1

    What are you doing when a user regsiters but has not verified his account? I mean, do you allow the account to be re-registered when not verified? Any thoughts?

  • @tom.watkins
    @tom.watkins 5 หลายเดือนก่อน

    Had lucia on my list to try for a while, I like the extra control compared to next Auth

  • @M1a2n3o43
    @M1a2n3o43 5 หลายเดือนก่อน

    Is the project you are working on github? Would you mind creating a template with your implementation of lucia? Ive read the docs but somehow couldnt get it to work properly especially oauth

  • @adspacheco
    @adspacheco 5 หลายเดือนก่อน +3

    Why don't you implement your own authentication/authorization instead of jumping from one library to another?

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +11

      that's also an option if I want to waste my time doing that

    • @adspacheco
      @adspacheco 5 หลายเดือนก่อน +4

      @@WebDevCody Isn't switching libraries already a waste of time?
      👀

    • @neociber24
      @neociber24 5 หลายเดือนก่อน +3

      ​@@adspacheco we can't compare that to writing something from scratch

    • @HorizonHuntxr
      @HorizonHuntxr 5 หลายเดือนก่อน +1

      Rolling your own auth is not recommended as there is a ton of security implementations that goes into things like these that's why there are libraries for things like it

    • @SogMosee
      @SogMosee 5 หลายเดือนก่อน

      ​@HorizonHuntxr there's libraries for countless things you can do yourself

  • @ayukalvieri3154
    @ayukalvieri3154 5 หลายเดือนก่อน

    Please Help me out here. In my case, i don't have access to the database. I only have access to the API endpoints (built in another framework ,by another set of devs, on a separate server), that provides tokens for login, all user info and stuff. So my nextJs app consumes data provided by the endpoints. Can i still use Lucia to handle authentication or should i just do the authentication my self. I tried next auth, didn't work out fine because it's very opinionated.

  • @szerkan778
    @szerkan778 5 หลายเดือนก่อน

    if I am using strapi, what is the best way to actually do authentication? I am also using next.14 >

  • @rand0mtv660
    @rand0mtv660 5 หลายเดือนก่อน

    Yeah I don't mind next-auth's stance on credentials login, but would appreciate if they didn't actively prevent you from doing it if you want/need to have it in your app.
    Have a big red banner saying you think it's not the optimal/secure way, but at least give a good (secure by default) way to do it. I think them avoiding it will lead to mistakes and people storing plain text passwords in their db just because they don't know better.

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +1

      exactly, if they don't provide a way, people will hack a way, and in 1 year we'll just have a bunch of insecure next.js applications and both next.js and next-auth will get a very bad reputation. There is nothing wrong just providing an expected authentication experience out of the box that is done correct. The maintainer is on a power trip.

    • @Dom-zy1qy
      @Dom-zy1qy 5 หลายเดือนก่อน

      ​@@WebDevCodyI got the same impression from reading their stance on credential logins in the documentation a few months back lol. (The power trip thing)

  • @wezter96
    @wezter96 5 หลายเดือนก่อน

    Do you have an example on how to fix the JWT callback to get access to data from authorize in NextAuth? It does not get the data that is passed from my authorize function...

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +1

      I think in the session callback you’ll be sent a user object that you need to use to attach info to the jwt. You also much use a jwt strategy, you can’t use a database strategy

  • @coolepizza
    @coolepizza 5 หลายเดือนก่อน

    Lucia is pretty great compared to NextAuth, because the logic is not that hidden and it shows you that auth is actually not that hard. I now switched to implementing everything by myself and i recommend everybody to do this at least once.

  • @mohamedsobhi777
    @mohamedsobhi777 5 หลายเดือนก่อน

    Did you run into issues with next.js middleware with lucia. My issue with lucia which i ran into few weeks ago (not sure if there is a solution for it) was trying to set up protected pages in the middleware, where i wanted to redirect the user to the auth page if they are not logged in, obviously i didn't want to do it manually in every page/API route, but I had problems running lucia in edge runtime, so I had to go with next-auth. Wondering if you have any experience with that.

  • @utkarshrai101cartoonwala
    @utkarshrai101cartoonwala 4 หลายเดือนก่อน

    when you click on sign in with google then why it will display "See the 3 services ". It looks bad, when some TH-camrs make their video on next auth then on consent screen page it will be user friendly, not like your consent screen page.

  • @ac130kz
    @ac130kz 5 หลายเดือนก่อน

    oh, it's so messy, when you try to add multiple of these. Especially hostile ones like Twitter...

  • @TechWithCaleb
    @TechWithCaleb 5 หลายเดือนก่อน +1

    Have you a session invalidation exemple with lucia-auth ?

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +1

      I think you can just delete all the sessions by userId from your database.

  • @albinopepegas8391
    @albinopepegas8391 5 หลายเดือนก่อน

    remix with remix-auth is also nice

  • @adammilner4512
    @adammilner4512 3 หลายเดือนก่อน

    i am also want to use lucia in my next.js app, but i cant figure out how to get the session in client component other than getting it in the page/server component level and passing it as a props. You will help me a lot if you share with me the solution to this problem.

    • @jawyor-k3t
      @jawyor-k3t หลายเดือนก่อน

      just make a wrapper server component

  • @SmartSleeper
    @SmartSleeper 5 หลายเดือนก่อน

    Hey Cody, can we maybeee expect some Remix content? 👉👈

  • @HorizonHuntxr
    @HorizonHuntxr 5 หลายเดือนก่อน

    Thank God for clerk js

  • @gilney.mathias
    @gilney.mathias 5 หลายเดือนก่อน

    This is also why i never used next-auth...

  • @henil0604
    @henil0604 5 หลายเดือนก่อน

    I have used both of them. As you said, lucia has lot of duplication of code. You said you can abstract out those parts, but that is the exact thing authjs is doing 😂. So you will end up at authjs somehow. But yeah as you said "Sometimes Duplicate code is okay" agree 💯💯💯

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      True but at least I’d own the abstraction and be able to customize it as needed

    • @henil0604
      @henil0604 5 หลายเดือนก่อน

      @@WebDevCody agree 💯

  • @0b3ryn29
    @0b3ryn29 5 หลายเดือนก่อน

    Will the wdc starter kit also move to lucia? In the landing page it still says next-auth

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      Yeah I need to update the landing page

  • @qualifyernst4576
    @qualifyernst4576 5 หลายเดือนก่อน

    Can you please do a lucia auth in a mern stack

  • @flexdash
    @flexdash 5 หลายเดือนก่อน

    I dont like Laravel for a lot of things but at least it has the auth figured out. Its *so* streamlined that it puts js frameworks to shame...

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +1

      very much a next.js problem. Other frameworks, like Adonisjs already have auth provided out of the box.

  • @Syntarex
    @Syntarex 5 หลายเดือนก่อน

    I love the control over the authentication flow and the "lessons learned" trying it.. but I would never use this at my company.
    There is a reason why companies like auth0 exist. The developer experience of next-auth kinda sucks, but at least there is a big community with a lot of plugins. Adding authorization is also easier.. As much I would love to do it on my own, I think the topic is too critical. xD

  • @UbergonMX
    @UbergonMX 5 หลายเดือนก่อน +1

    wouldnt bcrypt be better than crypto for passwords?

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +2

      Crypto is standard to node. I’d personally use standard libraries over third party ones

    • @UbergonMX
      @UbergonMX 5 หลายเดือนก่อน

      @@WebDevCody understandable

  • @Baraka0369
    @Baraka0369 8 วันที่ผ่านมา

    And now Lucia is deprecated and not covered anymore 🤣

  • @tableharmony
    @tableharmony 5 หลายเดือนก่อน

    Hello, you have multiple websites with drizzle how do you have multiple databases is it for free ?

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      supabase supports 2 free projects, the other is hosted in railway which costs money

    • @WebDevCodeCrush
      @WebDevCodeCrush 5 หลายเดือนก่อน

      @@WebDevCodyI’ve seen something about using multiple projects in one account with table prefixes in the drizzle config. Kinda what we used to do back in the day, but would be ok for dev. I would love to see a video on how to do this in Drizzle though.

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      @@WebDevCodeCrush oh yeah I prefix my table even without trying to get multiple projects on the same database. There is a mapper you can pass to the drizzle adapter if you’re using next auth, otherwise I’m not too sure if you can change the session table name with Lucia auth or not.

  • @TheSocialDeveloper
    @TheSocialDeveloper 5 หลายเดือนก่อน

    I have to disagree with you on the Next Auth Credentials take. Nextauth has a callbacks section in the documentation explaining what each method does and how to set them up. If you look under the hood of other providers you’ll see they have the same setup. Next Auth doesn’t provide an implementation step directly for the Credentials flow cause they don’t recommend it but they don’t make it any more difficult than setting up third party Oauth either.

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      Without using jwt strategy, walk me through how I can use their credentials provider? Like provide me a link to a working example, because I’ve tried and it doesn’t work. I guess I’m just reaching the point where email pass login has benefits, and I’d rather not waste my effort using a tool that is so strongly opinionated to use JWT and not have first class support for email pass login

    • @TheSocialDeveloper
      @TheSocialDeveloper 5 หลายเดือนก่อน

      With the info I provided above though I’m sure ChatGPT could get you the rest of the way so you don’t have to wait on me, but again I have no problem implementing it.

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +1

      @@TheSocialDeveloper I mean for real try to implement it with the database strategy: github.com/nextauthjs/next-auth/issues/10966. it just doesn't work

    • @TheSocialDeveloper
      @TheSocialDeveloper 5 หลายเดือนก่อน

      @@WebDevCody Read the docs and I see where you’re coming from now. You could probably take a hybrid approach between the JWT and sessions but just depends on the amount of effort you want to invest. Is there a reason why you prefer stateful to stateless authentication or are you just trying to ensure that the SSO and credentials flow are in sync in terms of state approaches?

  • @denilsoncosta9837
    @denilsoncosta9837 5 หลายเดือนก่อน

    how do you deal with forget password ?

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      I’ll implement that soon, usually you just send an email to the user with a url containing a short lived token. User clicks link, it opens a page where they type in a new password, send that password and token to your api, change their password if the token was valid and not expired

  • @theintjengineer
    @theintjengineer 5 หลายเดือนก่อน

    Kinde✨️

  • @Retro80smusic
    @Retro80smusic 5 หลายเดือนก่อน

    How about Clerk?

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +1

      I like clerk a lot, but this is for a starter kit where I want to limit third party services

  • @virtual5754
    @virtual5754 5 หลายเดือนก่อน

    Table gf_session should be called date

  • @naughtiousmaximus7853
    @naughtiousmaximus7853 5 หลายเดือนก่อน +1

    Switch to Nuxt

  • @hugo-abdou
    @hugo-abdou 5 หลายเดือนก่อน

    can you please try it with convex please 🙏

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      try what with convex, next-auth?

  • @ashish_prajapati_tr
    @ashish_prajapati_tr 5 หลายเดือนก่อน

    How about Kinde auth?

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      I haven’t tried it

  • @Dougleon16
    @Dougleon16 5 หลายเดือนก่อน

    name of your vscode theme?

    • @MarkMendoza-v6h
      @MarkMendoza-v6h 5 หลายเดือนก่อน

      bearded theme - stained blue

    • @sameneko8979
      @sameneko8979 4 หลายเดือนก่อน

      @@MarkMendoza-v6h Thank you! I have been searching for this theme name for a while.

  • @erikslorenz
    @erikslorenz 5 หลายเดือนก่อน

    Classic case of devs making stuff for themselves not for customers lol

  • @hamidfarmani
    @hamidfarmani 5 หลายเดือนก่อน

    Why not supabase?

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      don't want to depend on a service for auth on a starter kit

  • @Jussoparkours
    @Jussoparkours 5 หลายเดือนก่อน

    Don’t forgot to remove those console.logs 😂

  • @Lexaire
    @Lexaire 5 หลายเดือนก่อน +2

    But you've spent years telling us to use it, and now we aren't supposed to??

    • @gerkim62
      @gerkim62 5 หลายเดือนก่อน +3

      it is your choice to make, isn't it?

    • @Brian-el2it
      @Brian-el2it 5 หลายเดือนก่อน +4

      Develop some critical thinking and the ability to form your own opinions. It's great for setting up Oauth with other providers, but a pain for credentials

  • @johnpaulpineda2476
    @johnpaulpineda2476 5 หลายเดือนก่อน

    Clerk > All Auth library

    • @imfaon
      @imfaon 5 หลายเดือนก่อน

      Have you ever tried AuthKit by WorkOS?

  • @weirddev
    @weirddev 6 วันที่ผ่านมา

    move back to next-auth because lucia is getting deprecated 😂😂😂😂

  • @Mirislomovmirjalol
    @Mirislomovmirjalol 5 หลายเดือนก่อน

    Your starterkit seems like too complex. Definitely you should call it finisherkit

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน +1

      I see we have a twitter fan

  • @SogMosee
    @SogMosee 5 หลายเดือนก่อน

    Nextjs is useless without websockets

  • @shinebayar
    @shinebayar 26 วันที่ผ่านมา

    aaand it's deprecated hahah :(

    • @WebDevCody
      @WebDevCody  26 วันที่ผ่านมา

      Bruh

    • @shinebayar
      @shinebayar 26 วันที่ผ่านมา

      @@WebDevCody yeah man :(

    • @furkankaracan2076
      @furkankaracan2076 25 วันที่ผ่านมา

      @@WebDevCodywhat will you use next?

    • @himyjan
      @himyjan 13 วันที่ผ่านมา

      Better-Auth

  • @brenol2177
    @brenol2177 4 หลายเดือนก่อน

    Nextauth have a good amount of features, but I have to agree that their documentation is terrible, it is one of the worse documentations that I have seen. I think only java manages to be worse than them.

  • @dave-7117
    @dave-7117 5 หลายเดือนก่อน

    NextAuth is just overly complicated. Like most libraries are! Even lucia is too much for my taste. Lucia uses oslo under the hood which comes from the same author. With oslo alone you can easily create your own auth and if you dont understand how you should just dont do auth on your own.

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      agreed, I mean the main thing lucia provides is saving me 30 minutes storing / deleting the sessions from the database, and creating cookies.

    • @dave-7117
      @dave-7117 5 หลายเดือนก่อน

      @@WebDevCody yes, but while it saves some time at the start you will Most likely end up spending more time maintaining It, thats what i felt like atleast. But still, Lucia is pretty nice for prototyping, optimization can be done later, as always.
      Btw, i enjoy your Videos, even though i dont use nor like nextjs. Your content is pretty nice to watch as it feels Like beeing part of the projects you are working on, kinda like a daily vlog. Keep it going :)

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      @@dave-7117 thanks man, glad you enjoy it

  • @magnuserikkeenrobot1117
    @magnuserikkeenrobot1117 5 หลายเดือนก่อน

    ive used lucia-auth for a few months now. love it. whats that maintenance.tsx file? :D

  • @hxdcml83
    @hxdcml83 5 หลายเดือนก่อน

    I noticed on SignIn that you’re grabbing the user.salt and user.password back from the getUserAccountByEmail SS script when running the verifyPassword function, but I don’t see you using iterations anywhere. Why is that?

    • @WebDevCody
      @WebDevCody  5 หลายเดือนก่อน

      I think I hard coded it to 10,000.