Check this out https://supertokens.io/docs/emailpassword/nextjs/about

This would give you email password login + sessions with SSR + all the UI

I will give it a try 🙂

Thank you @User for quick TAT 😀

👍happy to help. 🙂

For authorization https://authzed.com/blog/spicedb-is-open-source/ This is based off the Google Zanzibar paper

Thanks @luckywolf

@User where can I find the discussion around the passwordless design. Is there a text channel for such things?

Here are the links: - API spec from backend to core: https://github.com/supertokens/core-driver-interface/pull/27 - API Spec from frontend to core: https://github.com/supertokens/frontend-driver-interface/pull/27 - Core API logic: https://github.com/supertokens/supertokens-core/issues/322 - Db schemas: https://github.com/supertokens/supertokens-core/issues/321

thanks a lot 🙂

any plans to bring supertokens to vuejs?

@Deleted User we do plan on providing helper functions for vanillaJS (hence for vuejs). There functions will take care of a lot of logic like calling the backend APIs, handling browser state during social login etc. They should be used with your UI.

However, we don’t have plans anytime soon to provide UI for vuejs.

We did fiddle around with making UI for vanilla JS. And we might do it. Just need to figure out how to do it in a way that makes sense. But this will only happen after we do what I said above. So at least 2-3 months down the line..

Hey! Awesome People. I’m Ankur Tyagi An enthusiastic software engineer. I develop/test web applications, mentor budding developers, and create content for the web. Looking forward to connecting with you all & discussing more about Super Tokens.

Hi 🙂

Hi! 👋

Hi folks, I'm Dean. I am a software engineering student and also have secured funding for a startup as of recently. We are building a web marketplace. Within our project, we are generally looking for solutions that have both managed solutions and open source self host equivalents for almost all dependencies. Supertokens seemed like a good choice to implement authentication without a lot of vendor lockin. I'm excited to start working with SuperTokens for authentication.

Welcome @User ! Congrats on securing investment. We are excited to have you here. Let me know how I can help.

I have a question for anyone who might know, as I am impelmenting, I am simply replacing the very basic JWT auth from the NestJS docs. I followed the NestJS implementation guide, and I see that there is a 'GetSession' decorator. From the session, you can do a DB call on the User ID and get the rest I suppose, but you would be doing that over and over again. I am wondering if it is possible to implement the GetUser decorator like from the Passpost strategy. Specifically, a decorator that makes a DB call using Mikro-ORM. This is the passport strategy I was using: https://pastebin.com/QfFXfAHz . I guess the question becomes, how do I set the user on the request chain using this implementation like I did with the Passport Strategy? This might be something I should ask in the NestJS discord, was just wondering if someone already had a solution for this.

@porcellus can possible help with this

Also, session verification doesn’t require a call to the db. It’s stateless with us too 🙂

I'll test this in a minute, but I'd try doing this in the guard. You should be able to modify the request object there which is also easy to access through a param decorator.

Yeah, this seems to work: just add the DB calls into the guard after checking for the error and modify the request object. I'll add a codesnippet in a sec

Thank u @porcellus

So something like this: https://pastebin.com/nVge7CM1

Also, this would be done for all requests passing through that guard, which might not be necessary. If you just want to get the data inside your controller you could just move your code into a parameter decorator, that's a bit cleaner than modifying the request obj.

@User I am looking over the solution you provided now, thank you so much for your help! I will let you know what I discover. Are you able to inject into the decorator code? For some reason I thought that wasn't possible, although now that I am thinking about it, I'm not sure why it wouldn't be possible.

Well injecting into decorators doesn't work out-of-the-box AFAIK, but you could do something like this: https://stackoverflow.com/a/67455016 (the accepted answer recommends the guard + param decorator approach).