I disagree with your "Dont do authentication yourself" for reasons like these micky.com.au/firebase-database-cra... today its firebase, tomorrow it could be auth0 or okta or cognito, user data is the most primary thing that belongs to your application, giving control of that to a third party is a strict no no especially knowing that all over the world hackers are busy finding a way to break firebase or auth0 because they have a massive incentive. No dedicated team of hackers s gonna bother fiddling around long enough to see how your application can be breached. Make no mistake, I am not saying that dont add security whatsoever in your app but you can build a decent authentication system with existing libraries, owasp cheatsheets and some hours spent on security.stackexchange.com I am planning to write a full blown post with 1000s of references on how to build your own production grade authentication system (with feedback from the community to continuously improve it) as I am tired of hearing about these third party auth guys all day. And its not like people at auth0 are aliens from Mars right, there are also a bunch of humans similar to you and me, so what magic are they doing that you and I cant do? I am sure with enough research and feedback from a huge community we could create a auth system just as robust as theirs
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I disagree with your "Dont do authentication yourself" for reasons like these micky.com.au/firebase-database-cra... today its firebase, tomorrow it could be auth0 or okta or cognito, user data is the most primary thing that belongs to your application, giving control of that to a third party is a strict no no especially knowing that all over the world hackers are busy finding a way to break firebase or auth0 because they have a massive incentive. No dedicated team of hackers s gonna bother fiddling around long enough to see how your application can be breached. Make no mistake, I am not saying that dont add security whatsoever in your app but you can build a decent authentication system with existing libraries, owasp cheatsheets and some hours spent on security.stackexchange.com I am planning to write a full blown post with 1000s of references on how to build your own production grade authentication system (with feedback from the community to continuously improve it) as I am tired of hearing about these third party auth guys all day. And its not like people at auth0 are aliens from Mars right, there are also a bunch of humans similar to you and me, so what magic are they doing that you and I cant do? I am sure with enough research and feedback from a huge community we could create a auth system just as robust as theirs