fsebugoutzone.org:9999

       Post AaSP5sQ0g4DdT5jp2m by aeveltstra@mastodon.social
 (DIR) More posts by aeveltstra@mastodon.social
 (DIR) Post #AaSOcd40ggMtRqV9Xs by duponin@udongein.xyz
       2023-10-05T10:25:55.639183Z
       
       0 likes, 0 repeats
       
       should my backend manage users on itself or use an OIDC provider?latter seems better and more secure but adds lot of complexity
       
 (DIR) Post #AaSP5sQ0g4DdT5jp2m by aeveltstra@mastodon.social
       2023-10-05T10:30:03Z
       
       0 likes, 0 repeats
       
       @duponin Hybrid. Keep a record of the users but outsource authentication.
       
 (DIR) Post #AaSP5tQ2xPqIZUlMjw by duponin@udongein.xyz
       2023-10-05T10:31:12.239292Z
       
       0 likes, 0 repeats
       
       @aeveltstra that&#39;s big and heavy tasks and pitfalls to fall in for a single dev, not really used to webdev
       
 (DIR) Post #AaSPWWU2L71tFyKMfw by solidsanek@outerheaven.club
       2023-10-05T10:36:16.659719Z
       
       0 likes, 0 repeats
       
       @duponin It depends on the size of your project, really. If it&#39;s something just for yourself, it&#39;s overkill to me
       
 (DIR) Post #AaSQ39E1plFug9Oe5Q by duponin@udongein.xyz
       2023-10-05T10:41:52.371614Z
       
       0 likes, 0 repeats
       
       @solidsanek it would be for an SNS, not a single user projectbut it also mean finding a good OIDC provider, which is impossible :gyate_reisen_pain:
       
 (DIR) Post #AaSQdiCfGQAzaPC4CO by solidsanek@outerheaven.club
       2023-10-05T10:48:47.057745Z
       
       0 likes, 0 repeats
       
       @duponin Depending on your infra, if you don&#39;t know a good one, you could just run your own
       
 (DIR) Post #AaSQj5OYSsYAxiJlSq by duponin@udongein.xyz
       2023-10-05T10:49:30.043168Z
       
       0 likes, 0 repeats
       
       @solidsanek i’m alone
       
 (DIR) Post #AaSR86DAZC1IjXv4YC by solidsanek@outerheaven.club
       2023-10-05T10:54:15.327910Z
       
       0 likes, 0 repeats
       
       @duponin You can just set up Keycloak really, it doesn&#39;t take that long. I talked about the infra because for cloud platforms, if you were to use one that is, they have their own OIDC providers. Otherwise, just spin up a server with Keycloak or something.Still, for a smol project, I&#39;d say just implement the auth yourself, unless you really really do not want to, and if it grows large enough, add OIDC support later on. Nothing really stops you from doing so later
       
 (DIR) Post #AaSRbkBd1EtX71KnKK by duponin@udongein.xyz
       2023-10-05T10:59:26.095959Z
       
       1 likes, 0 repeats
       
       @solidsanek I had a keycloak and it decided to stop working, on its own, welpyeah, prob gonna start locally and move to a provider if needed later
       
 (DIR) Post #AaSRfbiATHvtz9OejA by solidsanek@outerheaven.club
       2023-10-05T11:00:18.447200Z
       
       0 likes, 0 repeats
       
       @duponin Debugging Keycloak can be a pain, yeah
       
 (DIR) Post #AaSRxW1MMopLY6uekS by duponin@udongein.xyz
       2023-10-05T11:03:18.197013Z
       
       1 likes, 0 repeats
       
       @solidsanek you don’t say :neocat_pensive:
       
 (DIR) Post #AaSSIuyOn3wH1CjWro by aeveltstra@mastodon.social
       2023-10-05T11:05:16Z
       
       0 likes, 0 repeats
       
       @duponin Correct. Unfortunately. But spinning your own comes with risk down the road.
       
 (DIR) Post #AaSSIvuBKE9xuPlfvs by duponin@udongein.xyz
       2023-10-05T11:07:18.643083Z
       
       0 likes, 0 repeats
       
       @aeveltstra not doing everything myself, using libraries made by smart people doing all the important heavy lifting and security