[rohan404]

It's true that there isn't an official way to use Devise over REST, but then again Devise isn't even the official way to manage auth in Rails apps - it just happens to be the de facto one due to community support. That being said, by using something like devise_token_auth/simple_token_authentication and devise-two-factor you can have a token based auth system with MFA ready in a matter of minutes. Personally, I don't think there are really any back-end frameworks that have an official way to handle auth as it's always based more on community consensus.

[james_s_tayler]

ASPNET Identity and Spring Security to name a few.

[chasd00]

I'd just like to say Spring Security has come a LONG way. It use to be a maze of madness and frustration but now is fairly straightforward.

Also, Spring Boot saved that whole organization from irrelevance. It took a huge amount of effort to just get hello world on the screen prior to Spring Boot.