[billpg]

Since you're (probably going to be) proxying my website anyway, what if you intercepted /login and handled registration, email address validation, login-with-X, passwords, MFA, etc. Once you've authenticated that user, pass on further HTTP requests to my server but with a token indicating that the user is valid and some means for looking up information on them.

I don't want to be storing user data on a machine I keep in my lounge next to my TV if I don't have to.

[nielsole]

Requirements for users data: - user data must be stored within Russia(Russia) -users may request a copy of all personal data(EU) - users may delete all their data (EU) - similar laws e.g. in California, turkey

Good Compliance with these would be achievable by cloudflare if they stored all user data. I believe Akamai identity cloud does something similar.