|
|
|
|
|
|
by tedyoung
1365 days ago
|
|
|
I have a different question: why do folks create a username+password based AuthN system on their own, instead of leveraging OAuth and letting someone else deal with the hard part of managing passwords, resets, etc. Or use a service like FusionAuth or Auth0, or Keycloak, et al? With Spring Boot + Spring Security's OAuth, all the AuthN work is done by the framework and I only need specify some configuration parameters (client IDs, secret, etc.) and I don't deal with anything else. Now User Profiles as a first-class thing would be nice (I really do not want to reimplement managing profiles), but there's a lot more variation there. Though some out-of-the-box basics would be nice: name, nickname, time zone, preferred contact info, etc. |
|
|