Oh, Auth Doesn't Have to Suck?
ฝัง
- เผยแพร่เมื่อ 1 ต.ค. 2024
- This auth library and all the utilities that come with it are seriously impressive work. It's cool to see a very different, less abstract approach to going about auth.
-- sources
primeagen interview: • ThePrimeagen: VIM (btw...
lucia article: github.com/luc...
-- my links
saas: www.animate-co...
newletter: www.joshtriedc...
discord: / discord
github: github.com/jos...
Auth without 3rd party! Need one full tutorial 😮
th-cam.com/video/1MTyCvS05V4/w-d-xo.htmlsi=iuYngjZsbCy7zwH4
I found this very explanatory tutorial it might help
i second this.
yaap
✋
Yeah i hate 3rd party auth except firebase auth
Yesterday I was studying NextAuth V5 and was a headache to implement a simple credentials sign-in feature. The documentation is horrible. It's just me or anyone else think that doc is horrible? I felt dumb.
It is. But is a really good tool if you know what are you doing
Yeah, the doc is pretty bad
The worst doc in human history
agree next auth docs is hell to read
@@marvinkr Yeah. Cant remember any worse than that.
I hope this library gets much more attention because Nextauth’s decision to not support email password auth has been sooooo frustrating.
what about this fact ? you can actually use credentials with nextauth
what's the usecase of email password auth?
It's so condescending. Even if you just want to enable in dev/staging or internal use, all of which are very valid use cases
@@oleh1to not depend on a third party idp
Auth companies hire (buy) these auth lib maintainers and then the auth libs go to 💩. Auth0 did it with Passport.js. Clerk is doing it with NextAuth.
Basically, if you want a job in tech in 2024, just write a good OSS auth library and they are forced to hire you.
I've implemented Lucia auth today and I much prefer it over Next-auth. It doesn't force you into ugly design patterns (both backend & UI).
The war between Prisma and Drizzle is even in the authorization video
Like Goku vs One Punch Man
I'm not sure we can discuss the concept of "abstraction" as either good or bad unless you have the context of the consumers of the abstraction. I appreciate your use of the phrase "right level of abstraction" as I think that starts to indicate that the appropriateness of the abstraction is very much a sliding scale.
This is what makes me feel that next auth gets wrong,its implementation is too high level,I'm at least happy that this library strikes a balance
Thanks Josh💯
next-auth is crap
next-auth is crap
next-auth is crap
next-auth is crap
next-auth is crap
next-auth is crap
Great video Josh!
I have to admit that Auth.js is cancer, especially their docs are a huge chaotic contradictory mess
Regardless of whether v4 or their latest v5
I was waiting for Lucia 3 to come out because this version doesn't force the usage of an adapter, and I'm glad they brought this change
For now I can safely say I'm happy with switching to Lucia, especially because their abstraction still gives me full control of how, why, when, and where I want something
Impressive, very nice. let's see Paul Allen's auth.
lucia is my love, really glad to see you made a video on it! im a big fan of the library
Am I wrong in thinking that abstraction is good for features like Auth? I understand that it depends on the project/scenario but wondering if I am missing something. I use third-party Auth providers that provide abstraction because I don't necessarily want to know or handle everything under the hood. Thoughts?
I agree, but there are so many times where you need to do things where the best solution would be to modify the authentication flow. When these situations happen, I think it gets to a point where abstractions feel like a barrier to your solution rather than a helper. Things like syncing a database from an external Api on login gets really hard when you don't have access to your own login function.
try implementing auth with normal error handling when errors are on the credentials page, not on complete separate one. What kind of ux is that?
Been also using lucia v3, love it!
There's more to say about "Abstraction". Abstractions that don't give you granular controls can also be good if the things they're abstracting are **not intended to work with** for the most cases. Thus it sets up a recommended design pattern. Customization along with sane defaults doesn't work all the time. If you think about it, React is such an example of the abstraction. Monads can be regarded in the same category.
He is 19yrs old
How to react?
@@shakapaker Badum tss!
Can’t wait to use this!
Dude, heard of Aceternity UI - it amazing
Please for the love of God make a full deep dive turorial
what auth do u use josh? Clerk, Lucia, Nextauth ?
Hi! Thanks for The valuable tips. Do you continue using Lucia or found a general Best auth solution, like a modular solution built by you?
"In the beginning you want results, in the end you want control" by someone on the internet. Works here too :)
Good library need to try it to learn. I used next-auth and don't understand exactly how it works.
And I kinda getting why non abstracts good. I recently learning prisma It is very easy.
Can you do a comparison or explain how drizzle works from prisma users point of view.
Thanks😊
I have tried Kindle, NextAuth and Clerk but haven't felt home in any of them. I like abstractions that Lucia seems to deliver. I will give a spin. Thanks for video.
I really like this take! Good job explaining this!
Is Lucia better than Clerk? Someone answer
You shouldn't implement authentication. You should buy it.
why
@@nikhil8279 because identity is very complex and difficult to get right. And the consequences of getting it wrong can expose your company to catastrophic damage. Plus, building it is time consuming and doesn't provide value to your business. You should put your devs to work on your business' core competencies instead.
Full tutorial please
This is great. Do they have the example / resources on how to use with fastify server. Need this to build it in my application.
Dude I saw this on Twitter and I’m so annoyed bc I just implemented nextAuth but if this is good I’ll switch- I saw a boilerplate that includes stripe pre built which is amazing.
Seems like no one got the joke in the title? 😄
single guys rocks 🤣
am I too old or this is the modern rewrite of passportjs?😂
Possible to use Lucia with React Front-End + Python FastAPI Backend?
We need a full tutorial on this!!! Great video, Josh!
Vue Composition API flashbacks
Interesting. NextJS was smoking crack while creating NextAuth. From a quick glimpse, I can tell it's better
I would love to see a tutorial on Authentication that works in both Next js and public clients like SPAs and mobile apps like React Native kr Flutter without using a paid service like Clerk
Josh, love your videos. I have a doubt. Is there still caching issue in NEXT JS 14 ? Does server actions resolve all these caching issues ?
Bro you make so much sense ❤ youre the messiah we needed after being fed the enterprise bullshit for 20 years since the invention of Java.
Lucia made by a teenager, legendary!
imo nextauth is shit to deal with, they turn things much more complicated then they should be
Every Josh Thumbnail: 😏
That introduction part is so true and sad
.NET has such an annoying part. I am so mad at it. It has abstracted out everything so it cannot be modified for our special use cases. Instead build it from the ground 0
There goes my auth stack; you sold it really well
I think this is generally a good idea. However, in the OAuth case, you really have to know how the OAuth flow works...and to be honest, I think this is actually the biggest hurdle to implementing OAuth.
Yea, and on the other side is framework-dependent poorly documented opinionated library(micro-framework). Learn flow once, implement everywhere, don't be a frameworker
I'm sure the folks at Radix are stoked you said Shadcn is just a collection of primitives. :-D
Great content. Lucia is awesome
Better than nextauth? I dont really like clerk
It's a bit more work than NextAuth but overall I think it's better. NextAuth is easy because it's heavily abstracted, which can be a bad thing. Also NextAuth is in kind of a weird place wrt development lifecycle and documentation.
You should make one auth tutorial without any third party library.
0:38 Why is he single 😢
Just heard about this last week, glad to see you on top of this recent stuff!
Now we need an abstraction over Lucia to support all: Password, Social, Passwordless, etc...
It doesn't have to be black or white, we could have both levels of abstractions in one library ¯\_(ツ)_/¯
I have seen this guy, before v1, when it used to be for sveltekit.
I need full example with this, using different auth providers and linking user if they happen to have more than one provider 😊
NextAuth was like "we cba to add credentials authentication" and they called it a feature 🤣
There is no "right level of abstraction", it never will: there always should be multiple levels of abstractions if possible.
“I have reading comprehension and the attention span of a second grader”
Relate 100
full tutorial pls
The benefit of higher level of abstractions in terms of UI library is if you need to enforce strong design constraints and consistency
Banger video
The title got me cracking up! OhAuth -> OAuth lmao
Wondered how many actually got that
Authentication is always a pain when I have to recode it every single time 😂
Unless you have a team to maintain the quality, it is a dead effort to try to implement authentication on your own. Especially if you are in the EU, a data breach might put you in such a shit place. I don't get this efforts to implement auth on your own.
Spidey Senses says don’t put all your eggs in this basket…
less abstraction, huh... I like it
Very interesting, and your comments really make me feel more comfortable with going with Lucia 3.0 vs AuthJS or rolling my own.
exactly, the right abstraction!
He is god i just love his work a lottt
Is it also possible to use Lucia Auth without Typescript?
It is basically a Shadcn for Auth.
ps.: I wrote this comment before shadcn appeared on the video lol
Lets give some love to Lucia
one thing issue with lucia and others like auth js is lack of proper resources and documentation. Would love a tutorial on lucia
Amazing! I will give it a try
How do you learn so much stuff, and when do you learn it?
Please, do a full tutorial with credentials and OAuth login. It would be amazing!
Cool
I just use django ❤
This tool sucks, i prefer auth0 or eartho
You're shilling for eartho? Isn't that vaporware? It looks ultra scammy. Like fake profiles on their linked in scammy. Like no real developer docs scammy.
Supertokens
Second. ❤
first
Wake up babe, new auth library just dropped
I just love lucia. It works. It also supports Astro.
Been using next-auth for 2 years now and I'm tired of wasting days everytime I need to add a basic feature it doesn't support. Going to try and migrate to lucia today
AuthJS's creator is an incredibly arrogant person. I had a chat with him in the authJS discord asking why it's so difficult to implement db session credentials auth and why there's zero documentation on the subject and he responded by saying "they don't like db session based auth and that's why there will never be documentation on it but authJS is the GREATEST MOST FLEXIBLE library ever made so if you were smart enough you can easily implement db session auth on your own". So in short he just "skill-issued" me and bragged about how good authJS is.
he is 19 yo
We call this a headless library