Ask HN: How do I handle authentication (CLI and Web)

1 points by ifeedmartians ↗ HN
Authentication has always been a daunting part of my SaaS because getting it right is necessary and there's very limited guidance around it.

Currently my SaaS has a web based authentication (which i'm very happy with). Sign Up: - gmail/github flow, create an account and store user details but no password - username/pass flow, hash the password using bcrypt and store it in my DB

Sign In: - Sign In using gmail/github/user-pass flow - Generate a session cookie for the user, store it on the client, which is sent with every request - When session cookie is invalid, user needs to sign up again

A very important component of my SaaS is a CLI.

> How do I integrate authentication using the CLI application?

Auth0/Okta are excluded as options because I used Auth0 in the past when building the web flow and I found it crazy hard to integrate, along with the crappy sign in page which comes up on the free tier, doing it myself was so much easier.

Thank You!

0 comments

[ 6.1 ms ] story [ 16.4 ms ] thread

No comments yet.