Hacker News new | ask | show | jobs
by davedx 403 days ago
Sounds great! I'm interested to hear, how does this solution compare with open source, self-hosted authn components like Keycloak and Ory Kratos? While it's a bit more leg work integrating those, I've found that it's useful that they're self-contained and run in their own environment/container; but I have also sometimes wished that the data was more tightly integrated with my own application, which I guess is what you're aiming for.
2 comments
bekacru 403 days ago
Yes, that’s exactly what we’re aiming for. I think there are many reasons to tightly couple auth with your app. As you said, self-hosting auth servers and integrating them often isn’t a fun experience and that’s one of the reasons 3rd party auth providers became so popular.

In the JavaScript/TypeScript ecosystem, libraries like NextAuth still have a huge number of users for the same reason: ease of use. And with the rise of full-stack TypeScript apps where both the frontend and backend live together and share a strong type system, it makes even more sense to keep all your context in one place.

That said, if you ever decide to self-host Better Auth in a dedicated container, you still can.

link
gardnr 403 days ago
Most people will reach for BetterAuth when they would reach for NextAuth. Basically, when you want to integrate OIDC or SSO of some kind.

Back when I was looking at it a couple of months ago, the big thing that popped out was that BetterAuth supports email and password out of the box, where NextAuth seems to have a preachy disclaimer about how email and password is inherently insecure, so they leave you to your own devices to implement password hashing and the like.

That did give a sense that NextAuth was the first to dominate the space and feels as though they can dictate morals.

BetterAuth seems to be a bit more developer-focused.

link
koakuma-chan 403 days ago
> where NextAuth seems to have a preachy disclaimer about how email and password is inherently insecure

Yeah I needed a login & password auth last friday and I was so frustrated with NextAuth I ended up using nginx to set up http basic auth.

link