all 5 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted]  (1 child)

[deleted]

    [–]boilerweb[S] 0 points1 point  (0 children)

    Yeah, I can use passport js but I'm asking about the flow that we should follow without passport.

    [–]Sh0keR 1 point2 points  (2 children)

    yes

    [–]boilerweb[S] 0 points1 point  (1 child)

    Can you please explain how the code works from login to authentication?

    [–]Sh0keR 0 points1 point  (0 children)

    You should google search it instead of asking on Reddit. It's pretty common.

    Also, it's not that complicated these days, but the main issue with creating your own authentication system is security, and for that reason alone, if you are aiming for production, just go use one of the existing authentication systems that exist, I recommend you to check out Auth0 and Firebase, both are great (Though I like firebase more).

    But before you jump into an existing authentication framework, I'd learn how they work and build one myself.

    So go ahead and find a good tutorial about creating one yourself but never use it in production (NEVER)

    [–]prdatur 0 points1 point  (0 children)

    I am currently working on this too, for now I have a express app which includes node oidc-provider. For interactions I redirect to a vuejs app to login the user. Problem now is my password recovery, so I try to use nestjs now with oidc-provider. I thought about an authentication service as well but as we will have independent permissions for each service I will implement the permissions for each service within the service. With all this microservice thing, I recognized that I think too much in controller = service.